| 53b62278d049a50c20e6693aeaefe9675ccb8407 |
|
17-Jul-2015 |
Gilad Arnold <garnold@chromium.org> |
paycheck: Small improvements to the block tracer utility.
This prepends the current block number to the output, simplifies some
logic, and tightens argument validation in the command-line parser.
BUG=None
TEST=paycheck -B/-b works.
Change-Id: I90d5cdf721612cdd12e49f4e4181849fc699807f
Reviewed-on: https://chromium-review.googlesource.com/286547
Tested-by: Gilad Arnold <garnold@chromium.org>
Commit-Queue: Gilad Arnold <garnold@chromium.org>
Reviewed-by: Don Garrett <dgarrett@chromium.org>
/system/update_engine/scripts/paycheck.py
|
| 06eea33088be4418264d12820f94c700977e3fa6 |
|
14-Jul-2015 |
Gilad Arnold <garnold@chromium.org> |
paycheck: Properly infer usable target partition size.
The payload checker used to restrict read/write block indexes to the
reported target filesystem size, unless explicitly given a partition
size value to use instead. So far this value was easy for clients (like
paygen) to come up with, because it was constant at 2GB for all known
boards. However this is no longer the case, and there is no an easy way
for clients to know the actual target partition size after the payload
has been generated (nor is it encoded in the payload). This adds logic
for inferring the usable target partition size into PayloadChecker()
itself, as follows:
1) If a partition size was given, use that.
2) Else, if this is an old delta (minor version < 2), use the
aforementioned default. This is necessary because older deltas may
actually read/write data beyond the filesystem size. It is also
sufficient because any old delta payload we generate should write to
a 2GB target partition.
3) In all other cases, just use the new filesystem size, as encoded in
the payload. This is a safe choice for full updates and newer deltas.
The command-line tool is updated accordingly. Note that the usable
kernel partition size inference remains unaffected.
BUG=chromium:508566
TEST=Unit tests (revised)
Change-Id: I987f28fdfe1d82d0f6f565ae9852b7b11bce13e8
Reviewed-on: https://chromium-review.googlesource.com/285447
Reviewed-by: Gilad Arnold <garnold@chromium.org>
Tested-by: Gilad Arnold <garnold@chromium.org>
Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/scripts/paycheck.py
|
| b92167f787b4d9ea4db453b2464509489e1e606b |
|
16-Jul-2015 |
Gilad Arnold <garnold@chromium.org> |
paycheck: Fix linter errors.
BUG=None
TEST=None
Change-Id: Ife881c35ee090c494307e7f55e3ce0a1a22eb1b1
Reviewed-on: https://chromium-review.googlesource.com/285999
Tested-by: Gilad Arnold <garnold@chromium.org>
Reviewed-by: Don Garrett <dgarrett@chromium.org>
Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/scripts/paycheck.py
|
| 21a0250e767dd6fc787252b9cc05657405332774 |
|
23-Aug-2013 |
Gilad Arnold <garnold@chromium.org> |
paycheck: allow to pass an explicit path to bspatch
The bspatch binary is used when applying update payloads. By default, we
were using whatever bspatch that was found via path expansion in
os.execvp, however there are cases where we want to be specific about
where the bspatch binary is that we need to be using (such as during
paygen runs).
BUG=chromium:277072
TEST=Non-default bspatch binary used
Change-Id: I85ffd28aeb26938cbf5ea428fa97d29af0353a7d
Reviewed-on: https://gerrit.chromium.org/gerrit/66736
Tested-by: Gilad Arnold <garnold@chromium.org>
Reviewed-by: Don Garrett <dgarrett@chromium.org>
Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/scripts/paycheck.py
|
| 0990f51671e3e392a3e19027b9a4ac4f69f36ba1 |
|
31-May-2013 |
Gilad Arnold <garnold@chromium.org> |
update_payload library: TODO + bug references
BUG=chromium:243559
TEST=None
Change-Id: I6837b87ff6f0b845ebbca97fdfa4190dc2d1282a
Reviewed-on: https://gerrit.chromium.org/gerrit/57179
Commit-Queue: Gilad Arnold <garnold@chromium.org>
Tested-by: Gilad Arnold <garnold@chromium.org>
Reviewed-by: Chris Sosa <sosa@chromium.org>
/system/update_engine/scripts/paycheck.py
|
| 7a7edfd034e37663337049ccb0aa59467f3b8fd1 |
|
23-May-2013 |
Gilad Arnold <garnold@chromium.org> |
paycheck: close metadata signature file
Paycheck used to open it but not closing it. Cleaned up now.
BUG=None
TEST=Integration tests
Change-Id: I101f2acd394bcbe5e5d683b5eecc6170ab1bcf2d
Reviewed-on: https://gerrit.chromium.org/gerrit/56336
Tested-by: Gilad Arnold <garnold@chromium.org>
Reviewed-by: Chris Sosa <sosa@chromium.org>
Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/scripts/paycheck.py
|
| 9b90c93edcaa16f6c734f421ccf00201a474d9ea |
|
23-May-2013 |
Gilad Arnold <garnold@chromium.org> |
paycheck: move default pubkey handling inside the library
This is a more sensible choice given that the pubkey ships within the
library directory and hence should not be specified explicitly by an
outside entity (like paycheck). From the practical standpoint, it makes
this useful feature available to clients who use the library directly.
BUG=chromium:241283
TEST=Unit + integration tests
Change-Id: I059302326af1e0e394829466ee97ad2f60de4986
Reviewed-on: https://gerrit.chromium.org/gerrit/56335
Tested-by: Gilad Arnold <garnold@chromium.org>
Reviewed-by: Don Garrett <dgarrett@chromium.org>
Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/scripts/paycheck.py
|
| 432d601e236bf8b9110fdb497e5f5c87899346e2 |
|
11-May-2013 |
Don Garrett <dgarrett@google.com> |
Update paycheck to understand the updated update_metadata fields.
When checking a payload, always start by printing a description of the
payload being checked.
Recompiled (with protoc) the updated update_metadata.proto from the
update_engine.
BUG=chromium:226310
TEST=Manual Run
CQ-DEPEND=CL:47347
Change-Id: Ib60c6e6978d30444db7b65ef6d09540c9ffacdb8
Reviewed-on: https://gerrit.chromium.org/gerrit/50899
Commit-Queue: Don Garrett <dgarrett@chromium.org>
Reviewed-by: Don Garrett <dgarrett@chromium.org>
Tested-by: Don Garrett <dgarrett@chromium.org>
/system/update_engine/scripts/paycheck.py
|
| 272a499e2db9d72a64490ca5ccbebe8155fc2966 |
|
08-May-2013 |
Gilad Arnold <garnold@chromium.org> |
paycheck: support for in-place BSDIFF operations
When applying BSDIFF operations in payloads, we used to extract the
block sequences from the old partition and serialize it into a temporary
file, and vice versa for the new partition. This worked but did not
allow us to test bspatch as it is actually being used by the update
engine.
This CLs allows paycheck to invoke bspatch so that it reads/writes block
extents directly from/to the partition file, in the same way it's being
used by the update engine. Since performance is the same, this is the
new default behavior; users can opt for the aforementioned old behavior
using a command-line flag (-x or --extract-bsdiff).
BUG=chromium:229705
TEST=bspatch invoked differently depending on the -x flag
TEST=Passes unit/integration tests
Change-Id: I8821754e1163b357617ece6befa42d1c2e575930
Reviewed-on: https://gerrit.chromium.org/gerrit/50486
Tested-by: Gilad Arnold <garnold@chromium.org>
Reviewed-by: Darin Petkov <petkov@chromium.org>
Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/scripts/paycheck.py
|
| 16416600a92a60294cd57aceec170a13ed72ed19 |
|
05-May-2013 |
Gilad Arnold <garnold@chromium.org> |
paycheck: src/dst -> old/new in applier code
The old/new terminology is consistent with that used in update payload
manifest, as well as other parts of the update_payload library (e.g.
checker).
BUG=None
TEST=Unit/integration test passes
Change-Id: I91244ae8adf073b958e8cd7e7670341f056c848e
Reviewed-on: https://gerrit.chromium.org/gerrit/50130
Tested-by: Gilad Arnold <garnold@chromium.org>
Reviewed-by: Don Garrett <dgarrett@chromium.org>
Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/scripts/paycheck.py
|
| d013028f4c07bec6db9563a04b14d465c3c06b05 |
|
13-May-2013 |
Gilad Arnold <garnold@chromium.org> |
paycheck: fix integration test script
Now that paycheck comes equipped with the Chrome OS standard public key
and infers metadata signature filenames automatically, we don't need
these extra arguments handed to the test script. Also, fixes a small bug
in option inference during paycheck invocation.
BUG=None
TEST=integration test script works as intended
Change-Id: If2c0d512c2e9476c3788e9c7179e954ba2502657
Reviewed-on: https://gerrit.chromium.org/gerrit/50985
Tested-by: Gilad Arnold <garnold@chromium.org>
Reviewed-by: Don Garrett <dgarrett@chromium.org>
Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/scripts/paycheck.py
|
| 43116436524744f065ff29cfbe31e045339a1204 |
|
08-May-2013 |
Gilad Arnold <garnold@chromium.org> |
paycheck: make gpyling happy
Small conformance issues, now fixed.
BUG=None
TEST=Still running
Change-Id: I96a085d4fdc22edff65629b8b01d6d595f1f7b2d
Reviewed-on: https://gerrit.chromium.org/gerrit/50393
Commit-Queue: Gilad Arnold <garnold@chromium.org>
Reviewed-by: Gilad Arnold <garnold@chromium.org>
Tested-by: Gilad Arnold <garnold@chromium.org>
/system/update_engine/scripts/paycheck.py
|
| 03959b7eaeb9f14cc86a5e053b5e569590c8a44b |
|
08-May-2013 |
Gilad Arnold <garnold@chromium.org> |
paycheck: fixed an undefined variable bug
BUG=None
TEST=It is running now
Change-Id: I7ed7c17811700f34e7556bac89182db6b8e29992
Reviewed-on: https://gerrit.chromium.org/gerrit/50392
Reviewed-by: Chris Sosa <sosa@chromium.org>
Commit-Queue: Gilad Arnold <garnold@chromium.org>
Reviewed-by: Gilad Arnold <garnold@chromium.org>
Tested-by: Gilad Arnold <garnold@chromium.org>
/system/update_engine/scripts/paycheck.py
|
| 4f8c17cdb113fe1d3743cbd2827b5d38a1f1e51d |
|
05-May-2013 |
Gilad Arnold <garnold@chromium.org> |
paycheck: refined default metadata signature logic
We now only discover and use a default metadata signature when check is
actually triggered and a public key provided; otherwise, we could be
forcing the check to fail. This also avoids unnecessary output and
directs informational output to stderr.
BUG=chromium:238507
TEST=Unit/integration tests pass
Change-Id: I39df4060afd12a5d54869a6803141bc3e0d2f89b
Reviewed-on: https://gerrit.chromium.org/gerrit/50138
Reviewed-by: Gilad Arnold <garnold@chromium.org>
Tested-by: Gilad Arnold <garnold@chromium.org>
Commit-Queue: David James <davidjames@chromium.org>
/system/update_engine/scripts/paycheck.py
|
| 382df5ce2f4b67bf0998b01c6fedcdb5c35ebef9 |
|
03-May-2013 |
Gilad Arnold <garnold@chromium.org> |
paycheck: enforce physical partition size correctly
During payload checking, payload has wrongly interpreted the size
reported in the update payload to be the physical partition size,
whereas this is in fact the size of the filesystem portion only (a
misnomer). This sometimes caused it to emit errors on out-of-bounds
operations, which are otherwise harmless in real-world scenarios.
This CL makes a clear distinction between the two, with the following
semantics:
- The payload's embedded filesystem size must by <= the physical
partition sizes.
- Reading/writing from/to the new partition must be within the physical
partition size boundaries, and not the filesystem ones.
- Reading from the old partition is only allowed from filesystem
boundaries; this is unchanged from current behavior and appears to be
consistent with how we perform delta updates.
- Old/new SHA256 verification during payload application is now limited
to the allotted filesystem portion only (and not the full partition
size). This is consistent with the update engine's semantics.
- Other than that, this change currently has no further effect on
payload application, which remains more permissive wrt to partition
sizes. This also means that the sizes of partitions resulting from
a payload application will not necessarily abide by the predetermined
physical partition sizes. This is in line with the prevailing
division of responsibilities between payload checking (strict) and
application (relaxed).
BUG=chromium:221847
TEST=Payload checking respects partition size override
TEST=Unit tests pass
TEST=Integration tests pass
Change-Id: I0dbc88d538c0cc53b7551f4dfa8f543bcf480cd5
Reviewed-on: https://gerrit.chromium.org/gerrit/50103
Reviewed-by: Gilad Arnold <garnold@chromium.org>
Tested-by: Gilad Arnold <garnold@chromium.org>
Commit-Queue: David James <davidjames@chromium.org>
/system/update_engine/scripts/paycheck.py
|
| e73dad9a9ea7121c9e80448dbda154c2510a860f |
|
03-May-2013 |
Gilad Arnold <garnold@chromium.org> |
paycheck: --disalbed_tests implies --check
This is in line with other check-related options whose use implies
--check.
BUG=None
TEST=Integrity check is implied as expected
Change-Id: I5c2d964d9b6462c76747358129900acbba411d04
Reviewed-on: https://gerrit.chromium.org/gerrit/50102
Tested-by: Gilad Arnold <garnold@chromium.org>
Reviewed-by: Don Garrett <dgarrett@chromium.org>
Commit-Queue: David James <davidjames@chromium.org>
/system/update_engine/scripts/paycheck.py
|
| be8ceab2a94fc68a4e4521e1f3e818a671c44414 |
|
01-May-2013 |
Don Garrett <dgarrett@google.com> |
Add public update key as default.
This adds the key, and makes it default.
BUG=chromium:237064
TEST=Ran tool manually.
Change-Id: I0c47515980dd0349e6d427524b933ff812b61318
Reviewed-on: https://gerrit.chromium.org/gerrit/49704
Tested-by: Don Garrett <dgarrett@chromium.org>
Reviewed-by: Don Garrett <dgarrett@chromium.org>
Commit-Queue: Don Garrett <dgarrett@chromium.org>
/system/update_engine/scripts/paycheck.py
|
| 30027fdb6dec1418ad92270cf4932c3635bd2b3d |
|
02-May-2013 |
Don Garrett <dgarrett@google.com> |
Add default name for the metadata signature file.
If the metadata signature file isn't specified, and a file exists with the
name <payload_file>.metadata-signature, use it for the metadata signature.
BUG=None
TEST=Manual
Change-Id: I193dcbeece659e6fa9da8a7a22b871aa53622ceb
Reviewed-on: https://gerrit.chromium.org/gerrit/49832
Commit-Queue: Don Garrett <dgarrett@chromium.org>
Tested-by: Don Garrett <dgarrett@chromium.org>
Reviewed-by: Don Garrett <dgarrett@chromium.org>
/system/update_engine/scripts/paycheck.py
|
| eaed0d1371d781d3f5effa1475f5202dea9467e7 |
|
01-May-2013 |
Gilad Arnold <garnold@chromium.org> |
paycheck: allow to disable specific checks
This became necessary as the delta generator appears to generate
payloads that fail certain checks (e.g. during update_engine unit
testing).
BUG=None
TEST=Disabled checks not being triggered
Change-Id: I4491e0cb32ef44f85e11ffb0402b40d1371525ae
Reviewed-on: https://gerrit.chromium.org/gerrit/49676
Tested-by: Gilad Arnold <garnold@chromium.org>
Reviewed-by: Chris Sosa <sosa@chromium.org>
Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/scripts/paycheck.py
|
| 4fbe409cb84e9ae89f22c6f3e80580ee49dbc0a2 |
|
17-Apr-2013 |
Gilad Arnold <garnold@chromium.org> |
paycheck: perform payload integrity check by default
Currently, paycheck requires that --check, or one of its sub-options
(e.g. --type), is specified explicitly on the command-line in order to
trigger full payload checking. This means that invoking paycheck without
*any* optional arguments will amount to loading the payload manifest and
quitting. This is not a useful behavior.
Instead, we want payload integrity check to be the default behavior when
nothing else is requested. This also edits the help text to clarify the
distinction between verifying/applying a payload, and what guarantees
are provided wrt the actual CrOS update engine.
BUG=None
TEST=Payload checking triggered when no other argument is given; passes
unit/integrity testing.
Change-Id: I8199813d4654f5598fcf152a3cdc62efbfc533da
Reviewed-on: https://gerrit.chromium.org/gerrit/48373
Tested-by: Gilad Arnold <garnold@chromium.org>
Reviewed-by: Darin Petkov <petkov@chromium.org>
Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/scripts/paycheck.py
|
| 553b0ec49bc64fc4b7df4358cd31396a87276d2b |
|
26-Jan-2013 |
Gilad Arnold <garnold@chromium.org> |
Update payload library + command-line tool
An initial implementation of a Python module for parsing, checking and
applying a Chrome OS update payload. Comes with a command-line tool
(paycheck.py) for applying such operations on payload files, and a test
script (test_paycheck.sh) for ensuring that the library and tool are
working correctly.
Since update_payload is introduced as a package, we're moving some
previously merged utilities into the package's directory.
(Unit testing for this code will be uploaded on a separate CL; see
chromium-os:39663)
BUG=chromium-os:34911,chromium-os:33607,chromium-os:7597
TEST=test_paycheck.sh successful on MP-signed payloads
CQ-DEPEND=I5746a1d80e822a575f0d96f94d0b4e765fc64507
Change-Id: I77123a1fffbb2059c239b7145c6922968fdffb6a
Reviewed-on: https://gerrit.chromium.org/gerrit/43041
Reviewed-by: Gilad Arnold <garnold@chromium.org>
Tested-by: Gilad Arnold <garnold@chromium.org>
Reviewed-by: Chris Sosa <sosa@chromium.org>
Reviewed-by: Jay Srinivasan <jaysri@chromium.org>
Reviewed-by: Don Garrett <dgarrett@chromium.org>
Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/scripts/paycheck.py
|