recovery 升级'@/cache/recovery/block.map' failed错误问题
随着android版本升级,升级包越来越大,当升级包无法存储在cache分区的时候,会把升级包下载到data分区,然后从data分区升级,最近从data分区加载升级包升级的时候,遇到了如下错误:
[ 1.945982] Supported API: 3
[ 1.957270] charge_status 1, charged 1, status -2, capacity -9223372036854775808
[ 1.973917] E:Failed to find CPU thermal info in /sys/class/thermal/
[ 1.990514] I:current maximum temperature: -1
[ 2.007184] Finding update package...
[ 2.057199] I:Update location: @/cache/recovery/block.map
[ 2.057251] Opening update package...
[ 2.092148] E:Failed to read /cache/recovery/block.map: No such file or directory
[ 2.107257] E:Map of '@/cache/recovery/block.map' failed
[ 2.140532] E:failed to map file
[ 2.158867] I:current maximum temperature: -1
[ 2.159049] I:@/cache/recovery/block.map
[ 2.159060] I:0
[ 2.159072] I:time_total: 0
[ 2.159079] I:retry: 0
[ 2.159085] I:uncrypt_time: 0
[ 2.159092] I:uncrypt_error: 1
[ 2.159099] I:
[ 2.159108] Installation aborted.
[ 2.223841] I:Saving locale "en-US"
最直接的错误信息就是:E:Failed to read /cache/recovery/block.map: No such file or directory
我们根据提示信息,去查询下cache分区,这个block.map文件是否存在。
busybox mount -t ext4 /dev/block/cache /cache (如果无法挂载,设置selinux权限为 permissive)
# busybox ls -l /cache/recovery/
total 104
__bionic_open_tzdata: couldn't find any tzdata when looking for localtime!
__bionic_open_tzdata: couldn't find any tzdata when looking for GMT!
__bionic_open_tzdata: couldn't find any tzdata when looking for posixrules!
-rw-r--r-- 1 root root 85 Jan 1 00:01 last_install
-rw------- 1 system system 61634 Jan 1 00:01 last_kmsg
-rw------- 1 root root 5 Jan 1 00:00 last_locale
-rw-r----- 1 root root 12160 Jan 1 00:01 last_log
-rw------- 1 system system 12160 Jan 1 00:01 log
-rw------- 1 system system 24 Jan 1 1970 uncrypt_file
-rw------- 1 root root 33 Jan 1 1970 uncrypt_status
我们发现,我们需要的/cache/recovery/block.map文件竟然没有,那么肯定是生成block.map的时候出了问题,我们追寻重启进入recovery之前的log信息:
[ 1212.869820@3] type=1400 audit(1209.144:3355): avc: denied { setattr } for pid=4433 comm="Thread-3" name="uncrypt_file" dev="mmcblk0p3" ino=13 scontext=u:r:system_app:s0 tcontext=u:object_r:cache_recovery_file:s0 tclass=file permissive=0
[ 1212.885402@3] type=1400 audit(1212.820:3356): avc: denied { getattr } for pid=4501 comm="uncrypt" path="/data/cache" dev="mmcblk0p17" ino=19 scontext=u:r:uncrypt:s0 tcontext=u:object_r:cache_file:s0 tclass=dir permissive=0
[ 1212.906032@2] watchdogd: watchdogd started (interval 10, margin 20)!
[ 1212.906143@2] watchdogd: Failed to open /dev/watchdog: No such file or directory
好像是处理/data与/cache分区时候遇到了selinux权限问题。(mmcblk0p3mmcblk0p17对应的分别是cache与data分区)
我们可能需要为升级的应用赋予相应的selinux权限,但是上面遇到selinux权限就没有继续了,我们需要知道所有需要的selinux权限,那么我们把selinux设置为 permissive 状态,然后再升级一次,我们观察log状态:
[ 98.295965@1] type=1400 audit(84.812:43): avc: denied { open } for pid=2890 comm="HwBinder:2890_1" path="/sys/module/tvin_hdmirx/parameters/en_4k_2_2k" dev="sysfs" ino=6874 scontext=u:r:system_control:s0 tcontext=u:object_r:sysfs_cec:s0 tclass=file permissive=1
[ 98.313718@1] type=1400 audit(98.244:44): avc: denied { remove_name } for pid=4076 comm="Thread-4" name="update.zip" dev="mmcblk0p17" ino=316 scontext=u:r:system_app:s0 tcontext=u:object_r:cache_file:s0 tclass=dir permissive=1
[ 98.333696@1] type=1400 audit(98.244:44): avc: denied { remove_name } for pid=4076 comm="Thread-4" name="update.zip" dev="mmcblk0p17" ino=316 scontext=u:r:system_app:s0 tcontext=u:object_r:cache_file:s0 tclass=dir permissive=1
[ 98.353378@1] type=1400 audit(98.244:45): avc: denied { unlink } for pid=4076 comm="Thread-4" name="update.zip" dev="mmcblk0p17" ino=316 scontext=u:r:system_app:s0 tcontext=u:object_r:cache_file:s0 tclass=file permissive=1
[ 98.373096@1] type=1400 audit(98.244:45): avc: denied { unlink } for pid=4076 comm="Thread-4" name="update.zip" dev="mmcblk0p17" ino=316 scontext=u:r:system_app:s0 tcontext=u:object_r:cache_file:s0 tclass=file permissive=1
[ 98.392458@1] type=1400 audit(98.304:46): avc: denied { read } for pid=4076 comm="Thread-4" path="/data/cache/update.zip" dev="mmcblk0p17" ino=316 scontext=u:r:system_app:s0 tcontext=u:object_r:cache_file:s0 tclass=file permissive=1
[ 98.618368@2] success set parent gpu_p1_composite rate to 500000000
[ 99.302385@1] success set parent gpu_p0_composite rate to 400000000
[ 100.074360@1] success set parent gpu_p1_composite rate to 285714285
[ 101.234329@3] success set parent gpu_p0_composite rate to 125000000
[ 101.344037@0] aml_snd_card_tv aml_snd_tv: I2S playback disable
[ 101.344244@0] aml_snd_card_tv aml_snd_tv: IEC958 playback disable
[ 120.075238@1] type=1400 audit(98.304:46): avc: denied { read } for pid=4076 comm="Thread-4" path="/data/cache/update.zip" dev="mmcblk0p17" ino=316 scontext=u:r:system_app:s0 tcontext=u:object_r:cache_file:s0 tclass=file permissive=1
[ 120.090346@1] type=1400 audit(120.024:47): avc: denied { setattr } for pid=4076 comm="Thread-4" name="uncrypt_file" dev="mmcblk0p3" ino=13 scontext=u:r:system_app:s0 tcontext=u:object_r:cache_recovery_file:s0 tclass=file permissive=1
[ 121.326417@0] success set parent gpu_p1_composite rate to 666666666
[ 121.734307@0] success set parent gpu_p0_composite rate to 500000000
[ 121.897440@1] BT_RADIO going: off
[ 121.897470@1] BCM_BT: going OFF
[ 122.342361@2] success set parent gpu_p1_composite rate to 400000000
[ 123.438484@0] success set parent gpu_p0_composite rate to 285714285
[ 123.556904@1] type=1400 audit(120.024:47): avc: denied { setattr } for pid=4076 comm="Thread-4" name="uncrypt_file" dev="mmcblk0p3" ino=13 scontext=u:r:system_app:s0 tcontext=u:object_r:cache_recovery_file:s0 tclass=file permissive=1
[ 123.572107@1] type=1400 audit(123.508:48): avc: denied { getattr } for pid=4211 comm="uncrypt" path="/data/cache" dev="mmcblk0p17" ino=19 scontext=u:r:uncrypt:s0 tcontext=u:object_r:cache_file:s0 tclass=dir permissive=1
[ 123.591568@1] type=1400 audit(123.508:48): avc: denied { getattr } for pid=4211 comm="uncrypt" path="/data/cache" dev="mmcblk0p17" ino=19 scontext=u:r:uncrypt:s0 tcontext=u:object_r:cache_file:s0 tclass=dir permissive=1
[ 123.610598@1] type=1400 audit(123.508:49): avc: denied { getattr } for pid=4211 comm="uncrypt" path="/data/cache/update.zip" dev="mmcblk0p17" ino=316 scontext=u:r:uncrypt:s0 tcontext=u:object_r:cache_file:s0 tclass=file permissive=1
[ 123.631453@1] type=1400 audit(123.508:49): avc: denied { getattr } for pid=4211 comm="uncrypt" path="/data/cache/update.zip" dev="mmcblk0p17" ino=316 scontext=u:r:uncrypt:s0 tcontext=u:object_r:cache_file:s0 tclass=file permissive=1
[ 123.652217@1] type=1400 audit(123.512:50): avc: denied { read } for pid=4211 comm="uncrypt" name="update.zip" dev="mmcblk0p17" ino=316 scontext=u:r:uncrypt:s0 tcontext=u:object_r:cache_file:s0 tclass=file permissive=1
[ 123.672583@1] type=1400 audit(123.512:50): avc: denied { read } for pid=4211 comm="uncrypt" name="update.zip" dev="mmcblk0p17" ino=316 scontext=u:r:uncrypt:s0 tcontext=u:object_r:cache_file:s0 tclass=file permissive=1
[ 123.689809@1] type=1400 audit(123.512:51): avc: denied { open } for pid=4211 comm="uncrypt" path="/data/cache/update.zip" dev="mmcblk0p17" ino=316 scontext=u:r:uncrypt:s0 tcontext=u:object_r:cache_file:s0 tclass=file permissive=1
[ 124.950389@3] success set parent gpu_p1_composite rate to 125000000
我们根据提示信息,增加相应的selinux权限:
diff --git a/common/sepolicy/system_app.te b/common/sepolicy/system_app.te
index 17e7f4e..3c77d47 100644
--- a/common/sepolicy/system_app.te
+++ b/common/sepolicy/system_app.te
@@ -23,8 +23,8 @@
#allow system_app unlabeled:file { lock open read write getattr };
#
## /cache_file for dvb app creat update.zip file at /cache dir
-allow system_app cache_file:dir { search add_name write };
-allow system_app cache_file:file { create getattr open write };
+allow system_app cache_file:dir { search add_name remove_name write };
+allow system_app cache_file:file { create getattr open write unlink read };
#
#allow system_app log_file:dir { search read open getattr };
#allow system_app log_file:file { read open getattr };
diff --git a/common/sepolicy/uncrypt.te b/common/sepolicy/uncrypt.te
new file mode 100644
index 0000000..578a6d7
--- /dev/null
+++ b/common/sepolicy/uncrypt.te
@@ -0,0 +1,2 @@
+allow uncrypt cache_file:dir getattr;
+allow uncrypt cache_file:file { open read getattr };
然后就可以正常升级了。至于如何通过提示的avc: denied信息增加selinux权限,可以自行学习。
recovery 升级'@/cache/recovery/block.map' failed错误问题的更多相关文章
- recovery 根据@/cache/recovery/block.map描述从data分区升级
随着android版本的更新,系统固件的大小也越来越大,升级包也越来越大,cache分区已经不够存储update.zip了,所以应用把update.zip下载到data分区,默认情况下data分区是可 ...
- Android Recovery升级原理
摘要 Recovery模式指的是一种可以对安卓机内部的数据或系统进行修改的模式(类似于windows PE或DOS).也可以称之为安卓的恢复模式,在这个所谓的恢复模式下,我们可以刷入新的安卓系统,或者 ...
- recovery 升级过程LED灯闪烁
Android设备在进入recovery升级的过程,我们在屏幕上面可以看到升级的机器人动画,以及升级的进度显示.这仅限于有屏幕的设备,比如平板PAD,电视TV等,对与没有屏幕的盒子BOX,那么在不接入 ...
- android recovery 升级之USB设备挂载
Recovery升级过程,通常会从两个地方获取升级包update.zip升级,一般在线升级,会把升级包下载到cache分区,本地升级会从usb或者tf卡中升级.本文讨论下,本地USB升级时,无法挂载U ...
- Android Partitions Explained: boot, system, recovery, data, cache & misc
from: http://www.addictivetips.com/mobile/android-partitions-explained-boot-system-recovery-data-cac ...
- recovery 升级过程执行自定义shell命令
有时候我们需要,在升级的过程中,执行一些shell命令,来完成我们的一些需求,利用升级过程,进行一些特殊化的操作,思路如下: 第一: 把我们需要执行的命令,写成一个test.sh脚本,然后在recov ...
- 华为 进入和退出Fastboot、eRecovery和Recovery升级模式
手机关机状态下,可以进入Fastboot/eRecovery / Recovery/升级这几种模式: 需要连接电脑:Fastboot模式:长按音量下键+电源键.eRecovery 模式:长按音量上键+ ...
- Recovery启动流程--recovery.cpp分析
这篇文章主要通过分析高通recovery目录下的recovery.cpp源码,对recovery启动流程有一个宏观的了解. 当开机以后,在lk阶段,如果是recovery,会设置boot_into_r ...
- Eclipse打开Android项目报Parsing Data for android-21 failed错误的解决办法(转载)
转载:http://segmentfault.com/blog/hongliang/1190000000739285 今天手贱,用android命令打开SDK Manager下载了最新的Android ...
随机推荐
- 夜神模拟已开启,adb命令检测不了设备解决方法
日常APP测试中,很难拥有多种机型和各种安卓版本的手机,此时可以借助模拟器. 命令返回结果只有 “List of devices attached”,即代表检测不了模拟器 最近在使用夜神模拟器的时候, ...
- 课程四(Convolutional Neural Networks),第四 周(Special applications: Face recognition & Neural style transfer) —— 2.Programming assignments:Art generation with Neural Style Transfer
Deep Learning & Art: Neural Style Transfer Welcome to the second assignment of this week. In thi ...
- 服务端如何安全获取客户端请求IP地址
服务端如何获取客户端请求IP地址,网上代码一搜一大把.其中比较常见有x-forwarded-for.client-ip等请求头,及remote_addr参数,那么为什么会存在这么多获取方式,以及到底怎 ...
- 树莓派2B+安装Debain操作系统
写在前面 本篇文章基于当前树莓派官方最新提供的Debain操作系统进行操作,Linux内核版本 4.14.71.本篇文章内容涵盖SD卡写入官方Debain操作系统,开启SSH连接,修改语言环境,改变当 ...
- swagger 常用注解说明
本内容引用自:https://blog.csdn.net/u014231523/article/details/76522486 常用注解: - @Api()用于类: 表示标识这个类是swagger的 ...
- elk + filebeat,6.3.2版本简单搭建,实现我们自己的集中式日志系统
前言 刚从事开发那段时间不习惯输出日志,认为那是无用功,徒增代码量,总认为自己的代码无懈可击:老大的叮嘱.强调也都视为耳旁风,最终导致的结果是我加班排查问题,花的时间还挺长的,要复现问题.排查问题等, ...
- WebService与RMI(远程调用方式实现系统间通信)
前言 本文是<分布式java应用基础与实践>读书笔记:另外参考了此博客,感觉讲的挺好的,尤其是其中如下内容: 另外,消息方式实现系统间通信本文不涉及.RMI则只采用spring RMI框架 ...
- Struts2学习(六)———— 文件上传和下载
一.单文件上传 在没学struts2之前,我们要写文件上传,非常麻烦,需要手动一步步去获取表单中的各种属性,然后在进行相应的处理,而在struts2中就不需要了,因为有一个fileUpload拦截器帮 ...
- 为 Html 5 和 CSS 3.0 而生——Modernizr的介绍和使用
传统浏览器目前不会被完全取代,令你难以将最新的 CSS3 或 HTML5 功能嵌入你的网站. Modernizr 正是为解决这一难题应运而生,作为一个开源的 JavaScript 库,Moderniz ...
- 菜鸟入门【ASP.NET Core】12:JWT 设计解析及定制
前言 上一节我们讲述的书如何使用jwt token,而且上一节的token是要加Authorization:bearer XXXXXXXXXXXX才能访问. 这一节我们来研究如何自定义类似jwt的to ...