这篇文章主要通过分析高通recovery目录下的recovery.cpp源码,对recovery启动流程有一个宏观的了解。
当开机以后,在lk阶段,如果是recovery,会设置boot_into_recovery=1,然后读取recovery.img镜像,把recovery.img的地址和ramdisk等信息作为参数启动kernel,从而进入recovery模式,下面进行简单的分析。
为什么要分析recovery.cpp这个文件?
下面的代码位于bootable/recovery/etc/init.rc,由此可知,进入recovery模式后会执行sbin /recovery,此文件是bootable/recovery/recovery.cpp生成(可查看对应目录的Android.mk查看),所以recovery.cpp是recovery模式的入口。
service recovery /sbin/recovery
seclabel u:r:recovery:s0
1. 前期准备:
首先列出recovery流程的几个重要点,接着会详细分析
- 加载recovery.fstab分区表
- 解析传入的参数
- recovery界面相关的设置
- 执行命令
- 如果没有命令,等待用户输入
- 结束recovery
bootable/recovery/recovery.cpp
int main(int argc, char **argv) {
// Take last pmsg contents and rewrite it to the current pmsg session.
static const char filter[] = "recovery/";
// Do we need to rotate?
bool doRotate = false;
__android_log_pmsg_file_read(
LOG_ID_SYSTEM, ANDROID_LOG_INFO, filter,
logbasename, &doRotate);
//这里的意思暂时不理解
// Take action to refresh pmsg contents
__android_log_pmsg_file_read(
LOG_ID_SYSTEM, ANDROID_LOG_INFO, filter,
logrotate, &doRotate);
// If this binary is started with the single argument "--adbd",
// instead of being the normal recovery binary, it turns into kind
// of a stripped-down version of adbd that only supports the
// 'sideload' command. Note this must be a real argument, not
// anything in the command file or bootloader control block; the
// only way recovery should be run with this argument is when it
// starts a copy of itself from the apply_from_adb() function.
//如果二进制文件使用单个参数"--adbd"启动
//而不是正常的recovery启动(不带参数即为正常启动)
//它变成精简版命令时只支持sideload命令。它必须是一个正确可用的参数
//不在/cache/recovery/command中,也不受B2B控制
//是apply_from_adb()的副本
if (argc == 2 && strcmp(argv[1], "--adbd") == 0) {
adb_server_main(0, DEFAULT_ADB_PORT, -1);
return 0;
}
time_t start = time(NULL);
// redirect_stdio should be called only in non-sideload mode. Otherwise
// we may have two logger instances with different timestamps.
redirect_stdio(TEMPORARY_LOG_FILE);
printf("Starting recovery (pid %d) on %s", getpid(), ctime(&start));
load_volume_table();
//从上面建立的分区表信息中读取是否有cache分区,因为log等重要信息都存在cache分区里
has_cache = volume_for_path(CACHE_ROOT) != nullptr;
//从传入的参数或/cache/recovery/command文件中得到相应的命令
get_args(&argc, &argv);
const char *send_intent = NULL;
const char *update_package = NULL;
bool should_wipe_data = false;
bool should_wipe_cache = false;
bool should_wipe_ab = false;
size_t wipe_package_size = 0;
bool show_text = false;
bool sideload = false;
bool sideload_auto_reboot = false;
bool just_exit = false;
bool shutdown_after = false;
int retry_count = 0;
bool security_update = false;
int status = INSTALL_SUCCESS;
bool mount_required = true;
int arg;
int option_index;
//while循环解析command或者传入的参数,并把对应的功能设置为true或给相应的变量赋值
while ((arg = getopt_long(argc, argv, "", OPTIONS, &option_index)) != -1) {
switch (arg) {
case 'i': send_intent = optarg; break;
case 'n': android::base::ParseInt(optarg, &retry_count, 0); break;
case 'u': update_package = optarg; break;
case 'w': should_wipe_data = true; break;
case 'c': should_wipe_cache = true; break;
case 't': show_text = true; break;
case 's': sideload = true; break;
case 'a': sideload = true; sideload_auto_reboot = true; break;
case 'x': just_exit = true; break;
case 'l': locale = optarg; break;
case 'g': {
if (stage == NULL || *stage == '\0') {
char buffer[20] = "1/";
strncat(buffer, optarg, sizeof(buffer)-3);
stage = strdup(buffer);
}
break;
}
case 'p': shutdown_after = true; break;
case 'r': reason = optarg; break;
case 'e': security_update = true; break;
case 'y':
security_mode = atoi(optarg);
printf("security_mode is [%d]*****\n", security_mode);
break;
case 0: {
if (strcmp(OPTIONS[option_index].name, "wipe_ab") == 0) {
should_wipe_ab = true;
break;
} else if (strcmp(OPTIONS[option_index].name, "wipe_package_size") == 0) {
android::base::ParseUint(optarg, &wipe_package_size);
break;
}
break;
}
case '?':
LOGE("Invalid command argument\n");
continue;
}
}
if (locale == nullptr && has_cache) {
load_locale_from_cache();
}
printf("locale is [%s]\n", locale);
printf("stage is [%s]\n", stage);
printf("reason is [%s]\n", reason);
Device* device = make_device();
ui = device->GetUI();
gCurrentUI = ui;
ui->SetLocale(locale);
ui->Init();
// Set background string to "installing security update" for security update,
// otherwise set it to "installing system update".
ui->SetSystemUpdateText(security_update);
int st_cur, st_max;
if (stage != NULL && sscanf(stage, "%d/%d", &st_cur, &st_max) == 2) {
ui->SetStage(st_cur, st_max);
}
ui->SetBackground(RecoveryUI::NONE);
if (show_text) ui->ShowText(true);
struct selinux_opt seopts[] = {
{ SELABEL_OPT_PATH, "/file_contexts" }
};
sehandle = selabel_open(SELABEL_CTX_FILE, seopts, 1);
if (!sehandle) {
ui->Print("Warning: No file_contexts\n");
}
device->StartRecovery();
printf("Command:");
for (arg = 0; arg < argc; arg++) {
printf(" \"%s\"", argv[arg]);
}
printf("\n");
if (update_package) {
// For backwards compatibility on the cache partition only, if
// we're given an old 'root' path "CACHE:foo", change it to
// "/cache/foo".
if (strncmp(update_package, "CACHE:", 6) == 0) {
int len = strlen(update_package) + 10;
char* modified_path = (char*)malloc(len);
if (modified_path) {
strlcpy(modified_path, "/cache/", len);
strlcat(modified_path, update_package+6, len);
printf("(replacing path \"%s\" with \"%s\")\n",
update_package, modified_path);
update_package = modified_path;
}
else
printf("modified_path allocation failed\n");
}
if (!strncmp("/sdcard", update_package, 7)) {
//If this is a UFS device lets mount the sdcard ourselves.Depending
//on if the device is UFS or EMMC based the path to the sdcard
//device changes so we cannot rely on the block dev path from
//recovery.fstab
if (is_ufs_dev()) {
if(do_sdcard_mount_for_ufs() != 0) {
status = INSTALL_ERROR;
goto error;
}
if (ensure_path_mounted("/cache") != 0 || ensure_path_mounted("/tmp") != 0) {
ui->Print("\nFailed to mount tmp/cache partition\n");
status = INSTALL_ERROR;
goto error;
}
mount_required = false;
} else {
ui->Print("Update via sdcard on EMMC dev. Using path from fstab\n");
}
}
}
printf("\n");
property_list(print_property, NULL);
property_get("ro.build.display.id", recovery_version, "");
printf("\n");
/*if(check_identification_code() < 0){
identification_code = -1;
ui->Print("check_identification_code failed.\n");
}*/
if (update_package != NULL) {
// It's not entirely true that we will modify the flash. But we want
// to log the update attempt since update_package is non-NULL.
modified_flash = true;
if (!is_battery_ok()) {
ui->Print("battery capacity is not enough for installing package, needed is %d%%\n",
BATTERY_OK_PERCENTAGE);
// Log the error code to last_install when installation skips due to
// low battery.
log_failure_code(kLowBattery, update_package);
status = INSTALL_SKIPPED;
} else if (bootreason_in_blacklist()) {
// Skip update-on-reboot when bootreason is kernel_panic or similar
ui->Print("bootreason is in the blacklist; skip OTA installation\n");
log_failure_code(kBootreasonInBlacklist, update_package);
status = INSTALL_SKIPPED;
} else {
status = install_package(update_package, &should_wipe_cache,
TEMPORARY_INSTALL_FILE, mount_required, retry_count);
if (status == INSTALL_SUCCESS) {
ota_completed = true;
}
if (status == INSTALL_SUCCESS && should_wipe_cache) {
wipe_cache(false, device);
}
if (status != INSTALL_SUCCESS) {
ui->Print("Installation aborted.\n");
// When I/O error happens, reboot and retry installation EIO_RETRY_COUNT
// times before we abandon this OTA update.
if (status == INSTALL_RETRY && retry_count < EIO_RETRY_COUNT) {
copy_logs();
set_retry_bootloader_message(retry_count, argc, argv);
// Print retry count on screen.
ui->Print("Retry attempt %d\n", retry_count);
// Reboot and retry the update
int ret = property_set(ANDROID_RB_PROPERTY, "reboot,recovery");
if (ret < 0) {
ui->Print("Reboot failed\n");
} else {
while (true) {
pause();
}
}
}
// If this is an eng or userdebug build, then automatically
// turn the text display on if the script fails so the error
// message is visible.
if (is_ro_debuggable()) {
ui->ShowText(true);
}
}
}
} else if (should_wipe_data) {
if (!wipe_data(false, device)) {
status = INSTALL_ERROR;
}
} else if (should_wipe_cache) {
if (!wipe_cache(false, device)) {
status = INSTALL_ERROR;
}
} else if (should_wipe_ab) {
if (!wipe_ab_device(wipe_package_size)) {
status = INSTALL_ERROR;
}
} else if (sideload) {
// 'adb reboot sideload' acts the same as user presses key combinations
// to enter the sideload mode. When 'sideload-auto-reboot' is used, text
// display will NOT be turned on by default. And it will reboot after
// sideload finishes even if there are errors. Unless one turns on the
// text display during the installation. This is to enable automated
// testing.
if (!sideload_auto_reboot) {
ui->ShowText(true);
}
status = apply_from_adb(ui, &should_wipe_cache, TEMPORARY_INSTALL_FILE);
if (status == INSTALL_SUCCESS) {
ota_completed = true;
}
if (status == INSTALL_SUCCESS && should_wipe_cache) {
if (!wipe_cache(false, device)) {
status = INSTALL_ERROR;
}
}
ui->Print("\nInstall from ADB complete (status: %d).\n", status);
if (sideload_auto_reboot) {
ui->Print("Rebooting automatically.\n");
}
} else if (!just_exit) {
status = INSTALL_NONE; // No command specified
ui->SetBackground(RecoveryUI::NO_COMMAND);
// http://b/17489952
// If this is an eng or userdebug build, automatically turn on the
// text display if no command is specified.
if (is_ro_debuggable()) {
ui->ShowText(true);
}
}
error:
if (!sideload_auto_reboot && (status == INSTALL_ERROR || status == INSTALL_CORRUPT)) {
copy_logs();
ui->SetBackground(RecoveryUI::ERROR);
}
Device::BuiltinAction after = shutdown_after ? Device::SHUTDOWN : Device::REBOOT;
if ((status != INSTALL_SUCCESS && status != INSTALL_SKIPPED && !sideload_auto_reboot) ||
ui->IsTextVisible()) {
Device::BuiltinAction temp = prompt_and_wait(device, status);
if (temp != Device::NO_ACTION) {
after = temp;
}
}
// Save logs and clean up before rebooting or shutting down.
finish_recovery(send_intent);
switch (after) {
case Device::SHUTDOWN:
ui->Print("Shutting down...\n");
property_set(ANDROID_RB_PROPERTY, "shutdown,");
break;
case Device::REBOOT_BOOTLOADER:
ui->Print("Rebooting to bootloader...\n");
property_set(ANDROID_RB_PROPERTY, "reboot,bootloader");
break;
default:
ui->Print("Rebooting...\n");
property_set(ANDROID_RB_PROPERTY, "reboot,");
break;
}
while (true) {
pause();
}
// Should be unreachable.
return EXIT_SUCCESS;
}
首先:
1.1 启动adb进程
启动adbd进程,为了使用adb sideload命令
if (argc == 2 && strcmp(argv[1], "--adbd") == 0)
{
adb_server_main(0, DEFAULT_ADB_PORT, -1);
return 0;
}
1.2 重定向到recovery.log
重定向标准输出和标准出错到/tmp/recovery.log 这个文件里
redirect_stdio(TEMPORARY_LOG_FILE);
1.3 装载分区表
做完这些步骤以后,会初始化并装载recovery的分区表recovery.fstab
void load_volume_table()
{
int i;
int ret;
fstab = fs_mgr_read_fstab("/etc/recovery.fstab");
if (!fstab) {
LOGE("failed to read /etc/recovery.fstab\n");
return;
}
//将对应的信息加入到一条链表中
ret = fs_mgr_add_entry(fstab, "/tmp", "ramdisk", "ramdisk");
//如果load到的分区表为空,后面做释放操作
if (ret < 0 ) {
LOGE("failed to add /tmp entry to fstab\n");
fs_mgr_free_fstab(fstab);
fstab = NULL;
return;
}
printf("recovery filesystem table\n");
printf("=========================\n");
//到这一步,打印分区表信息,这类信息在
//recovery启动的时候的log可以看到
//分别是以下
//编号| 挂载节点| 文件系统类型| 块设备| 长度
for (i = 0; i < fstab->num_entries; ++i) {
Volume* v = &fstab->recs[i];
printf(" %d %s %s %s %lld\n", i, v->mount_point, v->fs_type,
v->blk_device, v->length);
}
printf("\n");
}
这里主要看如何装载分区表的流程,先来看看recovery.fstab
/dev/block/bootdevice/by-name/system /system ext4 ro,barrier=1 wait
/dev/block/bootdevice/by-name/cache /cache ext4 noatime,nosuid,nodev,barrier=1,data=ordered wait,check
/dev/block/bootdevice/by-name/userdata /data ext4 noatime,nosuid,nodev,barrier=1,data=ordered,noauto_da_alloc wait,check,length=-16384
/dev/block/mmcblk1p1 /sdcard vfat nosuid,nodev wait
/dev/block/sda1 /usbotg vfat nosuid,nodev wait
/dev/block/bootdevice/by-name/boot /boot emmc defaults defaults
/dev/block/bootdevice/by-name/recovery /recovery emmc defaults defaults
/dev/block/bootdevice/by-name/misc /misc emmc defaults defaults
挂载完相应的分区以后,就需要获取命令参数,因为只有挂载了对应的分区,才能访问到前面要写入command的这个文件,这样我们才能正确的打开文件,如果分区都没找到,那么当然就找不到分区上的文件,上面这个步骤是至关重要的。
//从上面建立的分区表信息中读取是否有cache分区,因为log等重要信息都存在cache分区里
has_cache = volume_for_path(CACHE_ROOT) != nullptr;
1.4 获取相应参数:
从传入的参数或/cache/recovery/command文件中得到相应的命令
get_args(&argc, &argv); //从传入的参数或/cache/recovery/command文件中得到相应的命令
while循环解析command或者传入的参数,并把对应的功能设置为true或给相应的变量赋值
获取到对应的命令,就会执行对应的标志,后面会根据标志来执行对应的操作。
while ((arg = getopt_long(argc, argv, "", OPTIONS, NULL)) != -1) { //while循环解析command或者传入的参数,并把对应的功能设置为true或给相应的变量赋值
switch (arg) {
case 'i': send_intent = optarg; break;
case 'u': update_package = optarg; break;
case 'w': should_wipe_data = true; break;
case 'c': should_wipe_cache = true; break;
case 't': show_text = true; break;
case 's': sideload = true; break;
case 'a': sideload = true; sideload_auto_reboot = true; break;
case 'x': just_exit = true; break;
case 'l': locale = optarg; break;
case 'g': {
if (stage == NULL || *stage == '\0') {
char buffer[20] = "1/";
strncat(buffer, optarg, sizeof(buffer)-3);
stage = strdup(buffer);
}
break;
}
case 'p': shutdown_after = true; break;
case 'r': reason = optarg; break;
case '?':
LOGE("Invalid command argument\n");
continue;
}
}
get_args()函数的主要作用是建立recovery的启动参数,如果系统启动recovery时已经传递了启动参数,那么这个函数只是把启动参数的内容复制到函数的参数boot对象中,否则函数会首先从/misc分区中获取命令字符串来构建启动参数。如果/misc分区下没有内容,则尝试打开/cache/recovery/command文件并读取文件的内容来建立启动参数。从这个函数我们可以看到,更新系统最简单的方式是把更新命令写到/cache/recovery/command文件中。get_args()函数是通过get_bootloader_message()函数来读取/misc分区的数据的
get_args()函数是通过read_bootloader_message()函数来读取/misc分区的数据的,read_bootloader_message()函数的代码如下所示:
read_bootloader_message -->
read_misc_partition -->
get_misc_blk_device
static std::string get_misc_blk_device(std::string* err) {
struct fstab* fstab = read_fstab(err);
if (fstab == nullptr) {
return "";
}
fstab_rec* record = fs_mgr_get_entry_for_mount_point(fstab, "/misc");
if (record == nullptr) {
*err = "failed to find /misc partition";
return "";
}
return record->blk_device;
}
从read_bootloader_message()函数的代码可以看到,它打开/misc分区来读取数据;
get_args()函数的结尾调用了set_bootloader_message()函数,函数的作用是把启动参数的信息又保存到了/misc分区中。这样做的目的是防止升级过程中发生崩溃,这样重启后仍然可以从/misc分区中读取更新的命令,继续进行更新操作。这也是为什么get_args()函数要从几个地方读取启动参数的原因。
1.5 load_locale_from_cache()函数
load_locale_from_cache不展开说了,大致过程就是从之前解析分区表得到的fstab中查询/cache/recovery/last_locale文件是否存在,如果存在就读取里面的值
/cache/recovery/last_locale关系到中文显示或者英文显示
1.6 设置UI模型
UI模型详情参考这篇文章:
Android Recovery 源码UI 定制
//创建设备
Device* device = make_device();
//获取UI
ui = device->GetUI();
//设置当前的UI
gCurrentUI = ui;
//设置UI的语言信息
ui->SetLocale(locale);
//UI初始化
ui->Init();
//这里会调用SetSystemUpdateText 方法把显示哪种文字的选择存在installing_text中,后面解析具体命令的时候会调用GetCurrentText来显示
ui->SetSystemUpdateText(security_update);
//设置界面上是否能够显示字符,使能ui->print函数开关
if (show_text) ui->ShowText(true);
//设置selinux权限,一般我会把selinux 给disabled
struct selinux_opt seopts[] = {
{ SELABEL_OPT_PATH, "/file_contexts" }
};
sehandle = selabel_open(SELABEL_CTX_FILE, seopts, 1);
if (!sehandle) {
ui->Print("Warning: No file_contexts\n");
}
if (!sehandle) {
ui->Print("Warning: No file_contexts\n");
}
//虚函数,没有做什么流程
device->StartRecovery();
printf("Command:");
for (arg = 0; arg < argc; arg++) {
printf(" \"%s\"", argv[arg]);
}
printf("\n");
2. 重要环节-升级
2.1 Recovery界面升级
//如果update_package(也就是要升级的OTA包)不为空的情况下
//这里要对升级包的路径做一下路径转换,这里可以自由定制自己升级包的路径
if (update_package) {
// For backwards compatibility on the cache partition only, if
// we're given an old 'root' path "CACHE:foo", change it to
// "/cache/foo".
//这里就是做转换的方法
//先比较传进来的recovery参数的前6个byte是否是CACHE
//如果是将其路径转化为/cache/CACHE: ......
if (strncmp(update_package, "CACHE:", 6) == 0) {
int len = strlen(update_package) + 10;
char* modified_path = (char*)malloc(len);
if (modified_path) {
strlcpy(modified_path, "/cache/", len);
strlcat(modified_path, update_package+6, len);
printf("(replacing path \"%s\" with \"%s\")\n",
update_package, modified_path);
//这个update_package就是转换后的路径
update_package = modified_path;
}
else
printf("modified_path allocation failed\n");
}
//这里修改为我们自己的/sdcard路径
if (!strncmp("/sdcard", update_package, 7)) {
//If this is a UFS device lets mount the sdcard ourselves.Depending
//on if the device is UFS or EMMC based the path to the sdcard
//device changes so we cannot rely on the block dev path from
//recovery.fstab
if (is_ufs_dev()) {
if(do_sdcard_mount_for_ufs() != 0) {
status = INSTALL_ERROR;
goto error;
}
if (ensure_path_mounted("/cache") != 0 || ensure_path_mounted("/tmp") != 0) {
ui->Print("\nFailed to mount tmp/cache partition\n");
status = INSTALL_ERROR;
goto error;
}
mount_required = false;
} else {
ui->Print("Update via sdcard on EMMC dev. Using path from fstab\n");
}
}
}
printf("\n");
property_list(print_property, NULL);
//获取属性,这里应该是从一个文件中找到ro.build.display.id
//获取recovery的版本信息
property_get("ro.build.display.id", recovery_version, "");
printf("\n");
if (update_package != NULL) {
// It's not entirely true that we will modify the flash. But we want
// to log the update attempt since update_package is non-NULL.
modified_flash = true;
if (!is_battery_ok()) {
ui->Print("battery capacity is not enough for installing package, needed is %d%%\n",
BATTERY_OK_PERCENTAGE);
// Log the error code to last_install when installation skips due to
// low battery.
log_failure_code(kLowBattery, update_package);
status = INSTALL_SKIPPED;
} else if (bootreason_in_blacklist()) {//这里是判断重启的原因,看看是否是非法的
// Skip update-on-reboot when bootreason is kernel_panic or similar
ui->Print("bootreason is in the blacklist; skip OTA installation\n");
log_failure_code(kBootreasonInBlacklist, update_package);
status = INSTALL_SKIPPED;
} else {
status = install_package(update_package, &should_wipe_cache,
TEMPORARY_INSTALL_FILE, mount_required, retry_count);
if (status == INSTALL_SUCCESS) {
ota_completed = true;
}
if (status == INSTALL_SUCCESS && should_wipe_cache) {
wipe_cache(false, device);
}
if (status != INSTALL_SUCCESS) {
ui->Print("Installation aborted.\n");
// When I/O error happens, reboot and retry installation EIO_RETRY_COUNT
// times before we abandon this OTA update.
if (status == INSTALL_RETRY && retry_count < EIO_RETRY_COUNT) {
copy_logs();
set_retry_bootloader_message(retry_count, argc, argv);
// Print retry count on screen.
ui->Print("Retry attempt %d\n", retry_count);
// Reboot and retry the update
int ret = property_set(ANDROID_RB_PROPERTY, "reboot,recovery");
if (ret < 0) {
ui->Print("Reboot failed\n");
} else {
while (true) {
pause();
}
}
}
// If this is an eng or userdebug build, then automatically
// turn the text display on if the script fails so the error
// message is visible.
if (is_ro_debuggable()) {
ui->ShowText(true);
}
}
}
}
2.2 install_package函数
我们来分析一波这个install_package函数:
int
install_package(const char* path, bool* wipe_cache, const char* install_file,
bool needs_mount, int retry_count)
{
modified_flash = true;
auto start = std::chrono::system_clock::now();
int result = 0;
std::vector log_buffer;
timeout_exit_stop();
if (needs_mount == true)
result = setup_install_mounts();//确保/tmp和/cache分区已经mount
if (result != 0) {
LOGE("failed to set up expected mounts for install; aborting\n");
result = INSTALL_ERROR;
} else {
//一般来到这里
result = really_install_package(path, wipe_cache, needs_mount, log_buffer, retry_count);
}
// Measure the time spent to apply OTA update in seconds.
std::chrono::duration duration = std::chrono::system_clock::now() - start;
int time_total = static_cast(duration.count());
if (ensure_path_mounted(UNCRYPT_STATUS) != 0) {
LOGW("Can't mount %s\n", UNCRYPT_STATUS);
} else {
std::string uncrypt_status;
if (!android::base::ReadFileToString(UNCRYPT_STATUS, &uncrypt_status)) {
LOGW("failed to read uncrypt status: %s\n", strerror(errno));
} else if (!android::base::StartsWith(uncrypt_status, "uncrypt_")) {
LOGW("corrupted uncrypt_status: %s: %s\n", uncrypt_status.c_str(), strerror(errno));
} else {
log_buffer.push_back(android::base::Trim(uncrypt_status));
}
}
// The first two lines need to be the package name and install result.
std::vector log_header = {
path,
result == INSTALL_SUCCESS ? "1" : "0",
"time_total: " + std::to_string(time_total),
"retry: " + std::to_string(retry_count),
};
std::string log_content = android::base::Join(log_header, "\n") + "\n" +
android::base::Join(log_buffer, "\n");
if (!android::base::WriteStringToFile(log_content, install_file)) {
LOGE("failed to write %s: %s\n", install_file, strerror(errno));
}
// Write a copy into last_log.
LOGI("%s\n", log_content.c_str());
timeout_exit_start();
return result;
}
我们来到really_install_package
函数中:
static int
really_install_package(const char *path, bool* wipe_cache, bool needs_mount,
std::vector& log_buffer, int retry_count)
{
ui->SetBackground(RecoveryUI::INSTALLING_UPDATE);
ui->Print("Finding update package...\n");
// Give verification half the progress bar...
ui->SetProgressType(RecoveryUI::DETERMINATE);
ui->ShowProgress(VERIFICATION_PROGRESS_FRACTION, VERIFICATION_PROGRESS_TIME);
LOGI("Update location: %s\n", path);
// Map the update package into memory.
ui->Print("Opening update package...\n");
if (path && needs_mount) { //确保更新包所在的路径已经moun
if (path[0] == '@') {
ensure_path_mounted(path+1);
} else {
ensure_path_mounted(path);
}
}
MemMapping map;
if (sysMapFile(path, &map) != 0) {
LOGE("failed to map file\n");
return INSTALL_CORRUPT;
}
// Verify package.
if (!verify_package(map.addr, map.length)) {
log_buffer.push_back(android::base::StringPrintf("error: %d", kZipVerificationFailure));
sysReleaseMap(&map);
return INSTALL_CORRUPT;
}
// Try to open the package.
ZipArchive zip;
int err = mzOpenZipArchive(map.addr, map.length, &zip);
if (err != 0) {
LOGE("Can't open %s\n(%s)\n", path, err != -1 ? strerror(err) : "bad");
log_buffer.push_back(android::base::StringPrintf("error: %d", kZipOpenFailure));
sysReleaseMap(&map);
return INSTALL_CORRUPT;
}
// Verify and install the contents of the package.
ui->Print("Installing update...\n");
if (retry_count > 0) {
ui->Print("Retry attempt: %d\n", retry_count);
}
ui->SetEnableReboot(false);
int result = try_update_binary(path, &zip, wipe_cache, log_buffer, retry_count); //开始安装
ui->SetEnableReboot(true);
ui->Print("\n");
sysReleaseMap(&map);
#ifdef USE_MDTP
/* If MDTP update failed, return an error such that recovery will not finish. */
if (result == INSTALL_SUCCESS) {
if (!mdtp_update()) {
ui->Print("Unable to verify integrity of /system for MDTP, update aborted.\n");
return INSTALL_ERROR;
}
ui->Print("Successfully verified integrity of /system for MDTP.\n");
}
#endif /* USE_MDTP */
return result;
}
注释如上;
函数really_install_package会对升级包进行一系列的校验,通过校验后,调用try_update_binary函数完成升级。因此,try_update_binary()才是真正升级的地方。如下:
2.3 真正升级的try_update_binary()函数
try_update_binary(const char* path, ZipArchive* zip, bool* wipe_cache) {
const ZipEntry* binary_entry = //在升级包中查找是否存在META-INF/com/google/android/update-binary文件
mzFindZipEntry(zip, ASSUMED_UPDATE_BINARY_NAME);
if (binary_entry == NULL) {
mzCloseZipArchive(zip);
return INSTALL_CORRUPT;
}
const char* binary = "/tmp/update_binary"; //在tmp中创建临时文件夹,权限755
unlink(binary);
int fd = creat(binary, 0755);
if (fd < 0) {
mzCloseZipArchive(zip);
LOGE("Can't make %s\n", binary);
return INSTALL_ERROR;
}
bool ok = mzExtractZipEntryToFile(zip, binary_entry, fd); //把update.zip升级包解压到/tmp/update_binary文件夹中
sync();
close(fd);
mzCloseZipArchive(zip);
if (!ok) {
LOGE("Can't copy %s\n", ASSUMED_UPDATE_BINARY_NAME);
return INSTALL_ERROR;
}
int pipefd[2];
pipe(pipefd);
// When executing the update binary contained in the package, the
// arguments passed are:
//
// - the version number for this interface
//
// - an fd to which the program can write in order to update the
// progress bar. The program can write single-line commands:
//
// progress
// fill up the next part of of the progress bar
// over seconds. If is zero, use
// set_progress commands to manually control the
// progress of this segment of the bar.
//
// set_progress
// should be between 0.0 and 1.0; sets the
// progress bar within the segment defined by the most
// recent progress command.
//
// firmware <"hboot"|"radio">
// arrange to install the contents of in the
// given partition on reboot.
//
// (API v2: may start with "PACKAGE:" to
// indicate taking a file from the OTA package.)
//
// (API v3: this command no longer exists.)
//
// ui_print
// display on the screen.
//
// wipe_cache
// a wipe of cache will be performed following a successful
// installation.
//
// clear_display
// turn off the text display.
//
// enable_reboot
// packages can explicitly request that they want the user
// to be able to reboot during installation (useful for
// debugging packages that don't exit).
//
// - the name of the package zip file.
//
const char** args = (const char**)malloc(sizeof(char*) * 5); //创建指针数组,并分配内存
args[0] = binary; //[0]存放字符串 "/tmp/update_binary" ,也就是升级包解压的目的地址
args[1] = EXPAND(RECOVERY_API_VERSION); // defined in Android.mk //[1]存放RECOVERY_API_VERSION,在Android.mk中定义,我的值为3 RECOVERY_API_VERSION := 3
char* temp = (char*)malloc(10);
sprintf(temp, "%d", pipefd[1]);
args[2] = temp;
args[3] = (char*)path; //[3]存放update.zip路径
args[4] = NULL;
pid_t pid = fork(); //创建一个新进程,为子进程
if (pid == 0) { //进程创建成功,执行META-INF/com/google/android/update-binary脚本,给脚本传入参数args
umask(022);
close(pipefd[0]);
execv(binary, (char* const*)args);
fprintf(stdout, "E:Can't run %s (%s)\n", binary, strerror(errno));
_exit(-1);
}
close(pipefd[1]);
*wipe_cache = false;
char buffer[1024];
FILE* from_child = fdopen(pipefd[0], "r");
while (fgets(buffer, sizeof(buffer), from_child) != NULL) { //父进程通过管道pipe读取子进程的值,使用strtok分割函数把子进程传过来的参数进行解析,执行相应的ui修改
char* command = strtok(buffer, " \n");
if (command == NULL) {
continue;
} else if (strcmp(command, "progress") == 0) {
char* fraction_s = strtok(NULL, " \n");
char* seconds_s = strtok(NULL, " \n");
float fraction = strtof(fraction_s, NULL);
int seconds = strtol(seconds_s, NULL, 10);
ui->ShowProgress(fraction * (1-VERIFICATION_PROGRESS_FRACTION), seconds);
} else if (strcmp(command, "set_progress") == 0) {
char* fraction_s = strtok(NULL, " \n");
float fraction = strtof(fraction_s, NULL);
ui->SetProgress(fraction);
} else if (strcmp(command, "ui_print") == 0) {
char* str = strtok(NULL, "\n");
if (str) {
ui->Print("%s", str);
} else {
ui->Print("\n");
}
fflush(stdout);
} else if (strcmp(command, "wipe_cache") == 0) {
*wipe_cache = true;
} else if (strcmp(command, "clear_display") == 0) {
ui->SetBackground(RecoveryUI::NONE);
} else if (strcmp(command, "enable_reboot") == 0) {
// packages can explicitly request that they want the user
// to be able to reboot during installation (useful for
// debugging packages that don't exit).
ui->SetEnableReboot(true);
} else {
LOGE("unknown command [%s]\n", command);
}
}
fclose(from_child);
int status;
waitpid(pid, &status, 0);
if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) {
LOGE("Error in %s\n(Status %d)\n", path, WEXITSTATUS(status));
return INSTALL_ERROR;
}
return INSTALL_SUCCESS;
}
try_update_binary流程:
查找META-INF/com/google/android/update-binary二进制脚本
解压update.zip包到/tmp/update_binary
创建子进程,执行update-binary二进制安装脚本,并通过管道与父进程通信,父进程更新ui界面。
再看看之后的操作:
if (status == INSTALL_RETRY && retry_count < EIO_RETRY_COUNT) {
copy_logs();
set_retry_bootloader_message(retry_count, argc, argv);
// Print retry count on screen.
ui->Print("Retry attempt %d\n", retry_count);
// Reboot and retry the update
int ret = property_set(ANDROID_RB_PROPERTY, "reboot,recovery");
if (ret < 0) {
ui->Print("Reboot failed\n");
} else {
while (true) {
pause();
}
}
}
// If this is an eng or userdebug build, then automatically
// turn the text display on if the script fails so the error
// message is visible.
if (is_ro_debuggable()) {
ui->ShowText(true);
}
再看看之后的操作:
else if (should_wipe_data) { //只清除用户数据
if (!wipe_data(false, device)) {
status = INSTALL_ERROR;
}
} else if (should_wipe_cache) { //只清除缓存
if (!wipe_cache(false, device)) {
status = INSTALL_ERROR;
}
}
else if (sideload) {//执行adb reboot sideload命令后会跑到这个代码段
// 'adb reboot sideload' acts the same as user presses key combinations
// to enter the sideload mode. When 'sideload-auto-reboot' is used, text
// display will NOT be turned on by default. And it will reboot after
// sideload finishes even if there are errors. Unless one turns on the
// text display during the installation. This is to enable automated
// testing.
if (!sideload_auto_reboot) {
ui->ShowText(true);
}
status = apply_from_adb(ui, &should_wipe_cache, TEMPORARY_INSTALL_FILE);
if (status == INSTALL_SUCCESS) {
ota_completed = true;
}
if (status == INSTALL_SUCCESS && should_wipe_cache) {
if (!wipe_cache(false, device)) {
status = INSTALL_ERROR;
}
}
ui->Print("\nInstall from ADB complete (status: %d).\n", status);
if (sideload_auto_reboot) {
ui->Print("Rebooting automatically.\n");
}
} else if (!just_exit) {
status = INSTALL_NONE; // No command specified
ui->SetBackground(RecoveryUI::NO_COMMAND);
// http://b/17489952
// If this is an eng or userdebug build, automatically turn on the
// text display if no command is specified.
if (is_ro_debuggable()) {
ui->ShowText(true);
}
2.4 死循环prompt_and_wait
if (!sideload_auto_reboot && (status == INSTALL_ERROR || status == INSTALL_CORRUPT)) { //安装失败,复制log信息到/cache/recovery/。如果进行了wipe_data/wipe_cache/apply_from_sdcard(也就是修改了flash),
//直接return结束recovery,否则现实error背景图片
copy_logs();
ui->SetBackground(RecoveryUI::ERROR);
}
Device::BuiltinAction after = shutdown_after ? Device::SHUTDOWN : Device::REBOOT;
if ((status != INSTALL_SUCCESS && !sideload_auto_reboot) || ui->IsTextVisible()) { //status在just_exit中已经变为none,会执行此if语句
#ifdef SUPPORT_UTF8_MULTILINGUAL
ml_select(device);
#endif
Device::BuiltinAction temp = prompt_and_wait(device, status); //prompt_and_wait()函数是个死循环 开始显示recovery选项 并处理用户通过按键或者触摸屏的选项,如Reboot system等
if (temp != Device::NO_ACTION) {
after = temp;
}
}
这里是根据你的按键去选择判断进入哪一个函数里面,进入那一段的升级里面;
。。。。
case Device::NO_ACTION:
break;
case Device::REBOOT:
case Device::SHUTDOWN:
case Device::REBOOT_BOOTLOADER:
return chosen_action;
case Device::WIPE_DATA:
timeout_exit_stop();
//wipe_data(ui->IsTextVisible(), device);
nexgo_wipe_data(ui->IsTextVisible(), device);
timeout_exit_start();
if (!ui->IsTextVisible()) return Device::NO_ACTION;
break;
case Device::WIPE_CACHE:
timeout_exit_stop();
ui->Print("\n-- Wiping cache...\n");
wipe_cache(ui->IsTextVisible(), device);
ui->Print("Cache wipe complete.\n");
timeout_exit_start();
if (!ui->IsTextVisible()) return Device::NO_ACTION;
break;
case Device::APPLY_ADB_SIDELOAD:
case Device::APPLY_SDCARD:
case Device::APPLY_USB:
{
#if 0
bool adb = (chosen_action == Device::APPLY_ADB_SIDELOAD);
if (adb) {
status = apply_from_adb(ui, &should_wipe_cache, TEMPORARY_INSTALL_FILE);
} else {
status = apply_from_sdcard(device, &should_wipe_cache);
}
#else
char *apply_names;
if (chosen_action == Device::APPLY_ADB_SIDELOAD) {
apply_names = "ADB";
status = apply_from_adb(ui, &should_wipe_cache, TEMPORARY_INSTALL_FILE);
}
else if(chosen_action == Device::APPLY_SDCARD){
apply_names = "SD card";
status = apply_from_sdcard(device, &should_wipe_cache);
}
else if(chosen_action == Device::APPLY_USB){
apply_names = "USB OTG";
status = apply_from_usbotg(device, &should_wipe_cache);
}
#endif
if (status == INSTALL_SUCCESS) {
ota_completed = true;
}
if (status == INSTALL_SUCCESS && should_wipe_cache) {
if (!wipe_cache(false, device)) {
status = INSTALL_ERROR;
}
}
if (status != INSTALL_SUCCESS) {
ui->SetBackground(RecoveryUI::ERROR);
ui->Print("Installation aborted.\n");
copy_logs();
} else if (!ui->IsTextVisible()) {
return Device::NO_ACTION; // reboot if logs aren't visible
} else {
ui->Print("\nInstall from %s complete.\n",apply_names);
}
}
break;
/*case Device::APPLY_U_DISK:
{
status = apply_from_u_disk(device, &should_wipe_cache);
if (status == INSTALL_SUCCESS) {
ota_completed = true;
}
if (status == INSTALL_SUCCESS && should_wipe_cache) {
if (!wipe_cache(false, device)) {
status = INSTALL_ERROR;
}
}
if (status != INSTALL_SUCCESS) {
ui->SetBackground(RecoveryUI::ERROR);
ui->Print("Installation aborted.\n");
copy_logs();
} else if (!ui->IsTextVisible()) {
return Device::NO_ACTION; // reboot if logs aren't visible
} else {
ui->Print("\nInstall from U Disk complete.\n");
}
}
break*/
case Device::VIEW_RECOVERY_LOGS:
timeout_exit_stop();
choose_recovery_file(device);
timeout_exit_start();
break;
#if 0
case Device::RUN_GRAPHICS_TEST:
run_graphics_test(device);
break;
//#endif
case Device::MOUNT_SYSTEM:
{
#ifdef USE_MDTP
if (is_mdtp_activated()) {
ui->Print("Mounting /system forbidden by MDTP.\n");
}
else
#endif
{
char system_root_image[PROPERTY_VALUE_MAX];
property_get("ro.build.system_root_image", system_root_image, "");
// For a system image built with the root directory (i.e.
// system_root_image == "true"), we mount it to /system_root, and symlink /system
// to /system_root/system to make adb shell work (the symlink is created through
// the build system).
// Bug: 22855115
if (strcmp(system_root_image, "true") == 0) {
if (ensure_path_mounted_at("/", "/system_root") != -1) {
ui->Print("Mounted /system.\n");
}
} else {
if (ensure_path_mounted("/system") != -1) {
ui->Print("Mounted /system.\n");
}
}
}
break;
}
#endif
case Device::SECURE_UNLOCK:
{
unlock_device();
if (!ui->IsTextVisible()) return Device::NO_ACTION;
security_mode = 0;
error_code = 0;
break;
}
case Device::DOWNLOAD_SECURE_INFO:
{
printf("security_info_download=====\n");
int ret = security_info_download();
if(ret == 0)
{
ui->Print("\n-- Wiping data...\n");
device->PreWipeData();
erase_volume("/data");
erase_volume("/cache");
ui->Print("Data wipe complete.\n");
need_wipe = 0;
return Device::REBOOT;
}
if (!ui->IsTextVisible()) return Device::NO_ACTION;
security_mode = 0;
error_code = 0;
break;
}
case Device::DOWNLOAD_HWC_INFO:
{
printf("hwc ---download\n");
int ret = security_hwc_download();
if(ret == 0)
{
return Device::REBOOT;
break;
}
if (!ui->IsTextVisible())
return Device::NO_ACTION;
security_mode = 0;
error_code = 0;
break;
}
case Device::APPLY_OTACONFIG_EXT:
apply_from_config(device,SDCARD_ROOT);
break;
case Device::APPLY_OTACONFIG_USB_PATH:
/*int chonsen = factory_jump_usbpath(factory_jump_usbpath_flag,device);
factory_jump_usbpath_flag = 0;
if(chonsen == 0)
{
apply_from_path(device,USBOTG_ROOT);
}
else if(chonsen == 2)//进入download hwc
{
factory_chosen_item = 1;
}
break; */
{
int ret = apply_from_path(device,USBOTG_ROOT);
if((ret != 0) && (factory_jump_usbpath_flag == 1)){
factory_chosen_item = 1;
}
factory_jump_usbpath_flag = 0;
break;
}
case Device::APPLY_OTACONFIG_USB:
{
dictionary * ini ;
const char * otafilename;
char otapathname[128];
int ret = 0,i;
char inipathname[256] = {0};
char section[20] = {0};
char *prefixPath;
int status = 0;
APPLY_OTACONFIG_FLAG = 1;
ui->Print("\n-- Install from %s ...\n", USBOTG_ROOT);
ensure_path_mounted(USBOTG_ROOT);
char* path = browse_directory(USBOTG_ROOT, device);
if (path == NULL) {
ui->Print("\n-- No package file selected.\n", path);
ensure_path_unmounted(USBOTG_ROOT);
break;
}
ui->Print("\n-- Install %s ...\n", path);
set_sdcard_update_bootloader_message();
if(strncasecmp(&path[strlen(path)-4], ".ini", 4) == 0)
{
snprintf(inipathname,256,"%s",path);
ini = iniparser_load(inipathname);
if (ini==NULL) {
fprintf(stderr, "cannot parse file: %s\n", inipathname);
break;
}
prefixPath = strrchr(path, '/'); //?ini???path
*prefixPath = '\0';
ensure_path_unmounted(USBOTG_ROOT);
for(i=1; i<10; i++)
{
ensure_path_mounted(USBOTG_ROOT);
snprintf(section,20,"Path:OTApackage%d", i);
otafilename = iniparser_getstring(ini, section, NULL); //?ini?
if (otafilename)
printf("Path: [%s]\n",otafilename );
else
printf("Path%d: [UNDEF]\n", i);
if (!otafilename)
continue;
strcpy(otapathname, path);
strcat(otapathname, "/");
strcat(otapathname, otafilename);
ui->Print("\n-- otapathname = %s\n", otapathname);
//void* token = start_usbotg_fuse(otapathname);
//status = install_package(FUSE_SIDELOAD_HOST_PATHNAME, &wipe_cache,
//finish_sdcard_fuse(token);ensure_path_unmounted(USBOTG_ROOT);
status = install_package_usb(otapathname, &should_wipe_cache);
if (status != INSTALL_SUCCESS)
break;
}
iniparser_freedict(ini);
}
else
{
status = install_package_usb(path, &should_wipe_cache);
}
ensure_path_unmounted(USBOTG_ROOT);
if (status == INSTALL_SUCCESS && should_wipe_cache) {
ui->Print("\n-- Wiping cache (at package request)...\n");
if (erase_volume("/cache")) {
ui->Print("Cache wipe failed.\n");
} else {
ui->Print("Cache wipe complete.\n");
}
}
if (status >= 0) {
if (status != INSTALL_SUCCESS) {
ui->SetBackground(RecoveryUI::ERROR);
ui->Print("Installation aborted.\n");
} else if (!ui->IsTextVisible()) {
return Device::NO_ACTION; // reboot if logs aren't visible
} else {
ui->Print("\nInstall from sdcard complete.\n");
}
}
break;
}
break;
}