53b62278d049a50c20e6693aeaefe9675ccb8407 |
|
17-Jul-2015 |
Gilad Arnold <garnold@chromium.org> |
paycheck: Small improvements to the block tracer utility. This prepends the current block number to the output, simplifies some logic, and tightens argument validation in the command-line parser. BUG=None TEST=paycheck -B/-b works. Change-Id: I90d5cdf721612cdd12e49f4e4181849fc699807f Reviewed-on: https://chromium-review.googlesource.com/286547 Tested-by: Gilad Arnold <garnold@chromium.org> Commit-Queue: Gilad Arnold <garnold@chromium.org> Reviewed-by: Don Garrett <dgarrett@chromium.org>
/system/update_engine/scripts/paycheck.py
|
06eea33088be4418264d12820f94c700977e3fa6 |
|
14-Jul-2015 |
Gilad Arnold <garnold@chromium.org> |
paycheck: Properly infer usable target partition size. The payload checker used to restrict read/write block indexes to the reported target filesystem size, unless explicitly given a partition size value to use instead. So far this value was easy for clients (like paygen) to come up with, because it was constant at 2GB for all known boards. However this is no longer the case, and there is no an easy way for clients to know the actual target partition size after the payload has been generated (nor is it encoded in the payload). This adds logic for inferring the usable target partition size into PayloadChecker() itself, as follows: 1) If a partition size was given, use that. 2) Else, if this is an old delta (minor version < 2), use the aforementioned default. This is necessary because older deltas may actually read/write data beyond the filesystem size. It is also sufficient because any old delta payload we generate should write to a 2GB target partition. 3) In all other cases, just use the new filesystem size, as encoded in the payload. This is a safe choice for full updates and newer deltas. The command-line tool is updated accordingly. Note that the usable kernel partition size inference remains unaffected. BUG=chromium:508566 TEST=Unit tests (revised) Change-Id: I987f28fdfe1d82d0f6f565ae9852b7b11bce13e8 Reviewed-on: https://chromium-review.googlesource.com/285447 Reviewed-by: Gilad Arnold <garnold@chromium.org> Tested-by: Gilad Arnold <garnold@chromium.org> Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/scripts/paycheck.py
|
b92167f787b4d9ea4db453b2464509489e1e606b |
|
16-Jul-2015 |
Gilad Arnold <garnold@chromium.org> |
paycheck: Fix linter errors. BUG=None TEST=None Change-Id: Ife881c35ee090c494307e7f55e3ce0a1a22eb1b1 Reviewed-on: https://chromium-review.googlesource.com/285999 Tested-by: Gilad Arnold <garnold@chromium.org> Reviewed-by: Don Garrett <dgarrett@chromium.org> Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/scripts/paycheck.py
|
21a0250e767dd6fc787252b9cc05657405332774 |
|
23-Aug-2013 |
Gilad Arnold <garnold@chromium.org> |
paycheck: allow to pass an explicit path to bspatch The bspatch binary is used when applying update payloads. By default, we were using whatever bspatch that was found via path expansion in os.execvp, however there are cases where we want to be specific about where the bspatch binary is that we need to be using (such as during paygen runs). BUG=chromium:277072 TEST=Non-default bspatch binary used Change-Id: I85ffd28aeb26938cbf5ea428fa97d29af0353a7d Reviewed-on: https://gerrit.chromium.org/gerrit/66736 Tested-by: Gilad Arnold <garnold@chromium.org> Reviewed-by: Don Garrett <dgarrett@chromium.org> Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/scripts/paycheck.py
|
0990f51671e3e392a3e19027b9a4ac4f69f36ba1 |
|
31-May-2013 |
Gilad Arnold <garnold@chromium.org> |
update_payload library: TODO + bug references BUG=chromium:243559 TEST=None Change-Id: I6837b87ff6f0b845ebbca97fdfa4190dc2d1282a Reviewed-on: https://gerrit.chromium.org/gerrit/57179 Commit-Queue: Gilad Arnold <garnold@chromium.org> Tested-by: Gilad Arnold <garnold@chromium.org> Reviewed-by: Chris Sosa <sosa@chromium.org>
/system/update_engine/scripts/paycheck.py
|
7a7edfd034e37663337049ccb0aa59467f3b8fd1 |
|
23-May-2013 |
Gilad Arnold <garnold@chromium.org> |
paycheck: close metadata signature file Paycheck used to open it but not closing it. Cleaned up now. BUG=None TEST=Integration tests Change-Id: I101f2acd394bcbe5e5d683b5eecc6170ab1bcf2d Reviewed-on: https://gerrit.chromium.org/gerrit/56336 Tested-by: Gilad Arnold <garnold@chromium.org> Reviewed-by: Chris Sosa <sosa@chromium.org> Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/scripts/paycheck.py
|
9b90c93edcaa16f6c734f421ccf00201a474d9ea |
|
23-May-2013 |
Gilad Arnold <garnold@chromium.org> |
paycheck: move default pubkey handling inside the library This is a more sensible choice given that the pubkey ships within the library directory and hence should not be specified explicitly by an outside entity (like paycheck). From the practical standpoint, it makes this useful feature available to clients who use the library directly. BUG=chromium:241283 TEST=Unit + integration tests Change-Id: I059302326af1e0e394829466ee97ad2f60de4986 Reviewed-on: https://gerrit.chromium.org/gerrit/56335 Tested-by: Gilad Arnold <garnold@chromium.org> Reviewed-by: Don Garrett <dgarrett@chromium.org> Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/scripts/paycheck.py
|
432d601e236bf8b9110fdb497e5f5c87899346e2 |
|
11-May-2013 |
Don Garrett <dgarrett@google.com> |
Update paycheck to understand the updated update_metadata fields. When checking a payload, always start by printing a description of the payload being checked. Recompiled (with protoc) the updated update_metadata.proto from the update_engine. BUG=chromium:226310 TEST=Manual Run CQ-DEPEND=CL:47347 Change-Id: Ib60c6e6978d30444db7b65ef6d09540c9ffacdb8 Reviewed-on: https://gerrit.chromium.org/gerrit/50899 Commit-Queue: Don Garrett <dgarrett@chromium.org> Reviewed-by: Don Garrett <dgarrett@chromium.org> Tested-by: Don Garrett <dgarrett@chromium.org>
/system/update_engine/scripts/paycheck.py
|
272a499e2db9d72a64490ca5ccbebe8155fc2966 |
|
08-May-2013 |
Gilad Arnold <garnold@chromium.org> |
paycheck: support for in-place BSDIFF operations When applying BSDIFF operations in payloads, we used to extract the block sequences from the old partition and serialize it into a temporary file, and vice versa for the new partition. This worked but did not allow us to test bspatch as it is actually being used by the update engine. This CLs allows paycheck to invoke bspatch so that it reads/writes block extents directly from/to the partition file, in the same way it's being used by the update engine. Since performance is the same, this is the new default behavior; users can opt for the aforementioned old behavior using a command-line flag (-x or --extract-bsdiff). BUG=chromium:229705 TEST=bspatch invoked differently depending on the -x flag TEST=Passes unit/integration tests Change-Id: I8821754e1163b357617ece6befa42d1c2e575930 Reviewed-on: https://gerrit.chromium.org/gerrit/50486 Tested-by: Gilad Arnold <garnold@chromium.org> Reviewed-by: Darin Petkov <petkov@chromium.org> Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/scripts/paycheck.py
|
16416600a92a60294cd57aceec170a13ed72ed19 |
|
05-May-2013 |
Gilad Arnold <garnold@chromium.org> |
paycheck: src/dst -> old/new in applier code The old/new terminology is consistent with that used in update payload manifest, as well as other parts of the update_payload library (e.g. checker). BUG=None TEST=Unit/integration test passes Change-Id: I91244ae8adf073b958e8cd7e7670341f056c848e Reviewed-on: https://gerrit.chromium.org/gerrit/50130 Tested-by: Gilad Arnold <garnold@chromium.org> Reviewed-by: Don Garrett <dgarrett@chromium.org> Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/scripts/paycheck.py
|
d013028f4c07bec6db9563a04b14d465c3c06b05 |
|
13-May-2013 |
Gilad Arnold <garnold@chromium.org> |
paycheck: fix integration test script Now that paycheck comes equipped with the Chrome OS standard public key and infers metadata signature filenames automatically, we don't need these extra arguments handed to the test script. Also, fixes a small bug in option inference during paycheck invocation. BUG=None TEST=integration test script works as intended Change-Id: If2c0d512c2e9476c3788e9c7179e954ba2502657 Reviewed-on: https://gerrit.chromium.org/gerrit/50985 Tested-by: Gilad Arnold <garnold@chromium.org> Reviewed-by: Don Garrett <dgarrett@chromium.org> Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/scripts/paycheck.py
|
43116436524744f065ff29cfbe31e045339a1204 |
|
08-May-2013 |
Gilad Arnold <garnold@chromium.org> |
paycheck: make gpyling happy Small conformance issues, now fixed. BUG=None TEST=Still running Change-Id: I96a085d4fdc22edff65629b8b01d6d595f1f7b2d Reviewed-on: https://gerrit.chromium.org/gerrit/50393 Commit-Queue: Gilad Arnold <garnold@chromium.org> Reviewed-by: Gilad Arnold <garnold@chromium.org> Tested-by: Gilad Arnold <garnold@chromium.org>
/system/update_engine/scripts/paycheck.py
|
03959b7eaeb9f14cc86a5e053b5e569590c8a44b |
|
08-May-2013 |
Gilad Arnold <garnold@chromium.org> |
paycheck: fixed an undefined variable bug BUG=None TEST=It is running now Change-Id: I7ed7c17811700f34e7556bac89182db6b8e29992 Reviewed-on: https://gerrit.chromium.org/gerrit/50392 Reviewed-by: Chris Sosa <sosa@chromium.org> Commit-Queue: Gilad Arnold <garnold@chromium.org> Reviewed-by: Gilad Arnold <garnold@chromium.org> Tested-by: Gilad Arnold <garnold@chromium.org>
/system/update_engine/scripts/paycheck.py
|
4f8c17cdb113fe1d3743cbd2827b5d38a1f1e51d |
|
05-May-2013 |
Gilad Arnold <garnold@chromium.org> |
paycheck: refined default metadata signature logic We now only discover and use a default metadata signature when check is actually triggered and a public key provided; otherwise, we could be forcing the check to fail. This also avoids unnecessary output and directs informational output to stderr. BUG=chromium:238507 TEST=Unit/integration tests pass Change-Id: I39df4060afd12a5d54869a6803141bc3e0d2f89b Reviewed-on: https://gerrit.chromium.org/gerrit/50138 Reviewed-by: Gilad Arnold <garnold@chromium.org> Tested-by: Gilad Arnold <garnold@chromium.org> Commit-Queue: David James <davidjames@chromium.org>
/system/update_engine/scripts/paycheck.py
|
382df5ce2f4b67bf0998b01c6fedcdb5c35ebef9 |
|
03-May-2013 |
Gilad Arnold <garnold@chromium.org> |
paycheck: enforce physical partition size correctly During payload checking, payload has wrongly interpreted the size reported in the update payload to be the physical partition size, whereas this is in fact the size of the filesystem portion only (a misnomer). This sometimes caused it to emit errors on out-of-bounds operations, which are otherwise harmless in real-world scenarios. This CL makes a clear distinction between the two, with the following semantics: - The payload's embedded filesystem size must by <= the physical partition sizes. - Reading/writing from/to the new partition must be within the physical partition size boundaries, and not the filesystem ones. - Reading from the old partition is only allowed from filesystem boundaries; this is unchanged from current behavior and appears to be consistent with how we perform delta updates. - Old/new SHA256 verification during payload application is now limited to the allotted filesystem portion only (and not the full partition size). This is consistent with the update engine's semantics. - Other than that, this change currently has no further effect on payload application, which remains more permissive wrt to partition sizes. This also means that the sizes of partitions resulting from a payload application will not necessarily abide by the predetermined physical partition sizes. This is in line with the prevailing division of responsibilities between payload checking (strict) and application (relaxed). BUG=chromium:221847 TEST=Payload checking respects partition size override TEST=Unit tests pass TEST=Integration tests pass Change-Id: I0dbc88d538c0cc53b7551f4dfa8f543bcf480cd5 Reviewed-on: https://gerrit.chromium.org/gerrit/50103 Reviewed-by: Gilad Arnold <garnold@chromium.org> Tested-by: Gilad Arnold <garnold@chromium.org> Commit-Queue: David James <davidjames@chromium.org>
/system/update_engine/scripts/paycheck.py
|
e73dad9a9ea7121c9e80448dbda154c2510a860f |
|
03-May-2013 |
Gilad Arnold <garnold@chromium.org> |
paycheck: --disalbed_tests implies --check This is in line with other check-related options whose use implies --check. BUG=None TEST=Integrity check is implied as expected Change-Id: I5c2d964d9b6462c76747358129900acbba411d04 Reviewed-on: https://gerrit.chromium.org/gerrit/50102 Tested-by: Gilad Arnold <garnold@chromium.org> Reviewed-by: Don Garrett <dgarrett@chromium.org> Commit-Queue: David James <davidjames@chromium.org>
/system/update_engine/scripts/paycheck.py
|
be8ceab2a94fc68a4e4521e1f3e818a671c44414 |
|
01-May-2013 |
Don Garrett <dgarrett@google.com> |
Add public update key as default. This adds the key, and makes it default. BUG=chromium:237064 TEST=Ran tool manually. Change-Id: I0c47515980dd0349e6d427524b933ff812b61318 Reviewed-on: https://gerrit.chromium.org/gerrit/49704 Tested-by: Don Garrett <dgarrett@chromium.org> Reviewed-by: Don Garrett <dgarrett@chromium.org> Commit-Queue: Don Garrett <dgarrett@chromium.org>
/system/update_engine/scripts/paycheck.py
|
30027fdb6dec1418ad92270cf4932c3635bd2b3d |
|
02-May-2013 |
Don Garrett <dgarrett@google.com> |
Add default name for the metadata signature file. If the metadata signature file isn't specified, and a file exists with the name <payload_file>.metadata-signature, use it for the metadata signature. BUG=None TEST=Manual Change-Id: I193dcbeece659e6fa9da8a7a22b871aa53622ceb Reviewed-on: https://gerrit.chromium.org/gerrit/49832 Commit-Queue: Don Garrett <dgarrett@chromium.org> Tested-by: Don Garrett <dgarrett@chromium.org> Reviewed-by: Don Garrett <dgarrett@chromium.org>
/system/update_engine/scripts/paycheck.py
|
eaed0d1371d781d3f5effa1475f5202dea9467e7 |
|
01-May-2013 |
Gilad Arnold <garnold@chromium.org> |
paycheck: allow to disable specific checks This became necessary as the delta generator appears to generate payloads that fail certain checks (e.g. during update_engine unit testing). BUG=None TEST=Disabled checks not being triggered Change-Id: I4491e0cb32ef44f85e11ffb0402b40d1371525ae Reviewed-on: https://gerrit.chromium.org/gerrit/49676 Tested-by: Gilad Arnold <garnold@chromium.org> Reviewed-by: Chris Sosa <sosa@chromium.org> Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/scripts/paycheck.py
|
4fbe409cb84e9ae89f22c6f3e80580ee49dbc0a2 |
|
17-Apr-2013 |
Gilad Arnold <garnold@chromium.org> |
paycheck: perform payload integrity check by default Currently, paycheck requires that --check, or one of its sub-options (e.g. --type), is specified explicitly on the command-line in order to trigger full payload checking. This means that invoking paycheck without *any* optional arguments will amount to loading the payload manifest and quitting. This is not a useful behavior. Instead, we want payload integrity check to be the default behavior when nothing else is requested. This also edits the help text to clarify the distinction between verifying/applying a payload, and what guarantees are provided wrt the actual CrOS update engine. BUG=None TEST=Payload checking triggered when no other argument is given; passes unit/integrity testing. Change-Id: I8199813d4654f5598fcf152a3cdc62efbfc533da Reviewed-on: https://gerrit.chromium.org/gerrit/48373 Tested-by: Gilad Arnold <garnold@chromium.org> Reviewed-by: Darin Petkov <petkov@chromium.org> Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/scripts/paycheck.py
|
553b0ec49bc64fc4b7df4358cd31396a87276d2b |
|
26-Jan-2013 |
Gilad Arnold <garnold@chromium.org> |
Update payload library + command-line tool An initial implementation of a Python module for parsing, checking and applying a Chrome OS update payload. Comes with a command-line tool (paycheck.py) for applying such operations on payload files, and a test script (test_paycheck.sh) for ensuring that the library and tool are working correctly. Since update_payload is introduced as a package, we're moving some previously merged utilities into the package's directory. (Unit testing for this code will be uploaded on a separate CL; see chromium-os:39663) BUG=chromium-os:34911,chromium-os:33607,chromium-os:7597 TEST=test_paycheck.sh successful on MP-signed payloads CQ-DEPEND=I5746a1d80e822a575f0d96f94d0b4e765fc64507 Change-Id: I77123a1fffbb2059c239b7145c6922968fdffb6a Reviewed-on: https://gerrit.chromium.org/gerrit/43041 Reviewed-by: Gilad Arnold <garnold@chromium.org> Tested-by: Gilad Arnold <garnold@chromium.org> Reviewed-by: Chris Sosa <sosa@chromium.org> Reviewed-by: Jay Srinivasan <jaysri@chromium.org> Reviewed-by: Don Garrett <dgarrett@chromium.org> Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/scripts/paycheck.py
|