Android5.0 Recovery源代码分析与定制(一)【转】

本文转载自：http://blog.csdn.net/morixinguan/article/details/72858346

在Tiny4412的Android5.0源代码中:

bootable/recovery/recovery.cpp是recovery程序的主文件。

仔细一看，对比了其它平台的recovery源代码，除了MTK对Recovery做了相应的定制外，其它的平台几乎没有看到，关于MTK平台，后续再分析。

关于Android5.0的recovery，有什么功能，在recovery.cpp中开头就已经做了详细的说明，我们来看看:

/*
* The recovery tool communicates with the main system through /cache files.
* /cache/recovery/command - INPUT - command line for tool, one arg per line
* /cache/recovery/log - OUTPUT - combined log file from recovery run(s)
* /cache/recovery/intent - OUTPUT - intent that was passed in
*
* The arguments which may be supplied in the recovery.command file:
* --send_intent=anystring - write the text out to recovery.intent
* --update_package=path - verify install an OTA package file
* --wipe_data - erase user data (and cache), then reboot
* --wipe_cache - wipe cache (but not user data), then reboot
* --set_encrypted_filesystem=on|off - enables / diasables encrypted fs
* --just_exit - do nothing; exit and reboot
*
* After completing, we remove /cache/recovery/command and reboot.
* Arguments may also be supplied in the bootloader control block (BCB).
* These important scenarios must be safely restartable at any point:
*
* FACTORY RESET
* 1. user selects "factory reset"
* 2. main system writes "--wipe_data" to /cache/recovery/command
* 3. main system reboots into recovery
* 4. get_args() writes BCB with "boot-recovery" and "--wipe_data"
* -- after this, rebooting will restart the erase --
* 5. erase_volume() reformats /data
* 6. erase_volume() reformats /cache
* 7. finish_recovery() erases BCB
* -- after this, rebooting will restart the main system --
* 8. main() calls reboot() to boot main system
*
* OTA INSTALL
* 1. main system downloads OTA package to /cache/some-filename.zip
* 2. main system writes "--update_package=/cache/some-filename.zip"
* 3. main system reboots into recovery
* 4. get_args() writes BCB with "boot-recovery" and "--update_package=..."
* -- after this, rebooting will attempt to reinstall the update --
* 5. install_package() attempts to install the update
* NOTE: the package install must itself be restartable from any point
* 6. finish_recovery() erases BCB
* -- after this, rebooting will (try to) restart the main system --
* 7. ** if install failed **
* 7a. prompt_and_wait() shows an error icon and waits for the user
* 7b; the user reboots (pulling the battery, etc) into the main system
* 8. main() calls maybe_install_firmware_update()
* ** if the update contained radio/hboot firmware **:
* 8a. m_i_f_u() writes BCB with "boot-recovery" and "--wipe_cache"
* -- after this, rebooting will reformat cache & restart main system --
* 8b. m_i_f_u() writes firmware image into raw cache partition
* 8c. m_i_f_u() writes BCB with "update-radio/hboot" and "--wipe_cache"
* -- after this, rebooting will attempt to reinstall firmware --
* 8d. bootloader tries to flash firmware
* 8e. bootloader writes BCB with "boot-recovery" (keeping "--wipe_cache")
* -- after this, rebooting will reformat cache & restart main system --
* 8f. erase_volume() reformats /cache
* 8g. finish_recovery() erases BCB
* -- after this, rebooting will (try to) restart the main system --
* 9. main() calls reboot() to boot main system
*/

在这段英文注释里，详细的说明了factory_reset(Android的恢复出厂设置功能)的流程以及OTA系统更新的流程。

在这段注释得最前面说得很明白，我们只要往/cache/recovery/command中写入相应的命令：

* The arguments which may be supplied in the recovery.command file:
* --send_intent=anystring - write the text out to recovery.intent
* --update_package=path - verify install an OTA package file
* --wipe_data - erase user data (and cache), then reboot
* --wipe_cache - wipe cache (but not user data), then reboot
* --set_encrypted_filesystem=on|off - enables / diasables encrypted fs
* --just_exit - do nothing; exit and reboot

比如写入:

--update_package=path(对应的OTA更新的路径)

例如:

--update_package=/mnt/external_sd/xxx.zip

将这条命令写入后，再重启Android系统，recovery检测到有这个命令存在，就会去搜索这个路径，然后将这个路径做路径转换，接下来获取转换后的路径后，就挂载这个路径，然后挂载这个路径，获取OTA包，解包，校验，然后最后实现真正的更新。

如果我们往这个文件写入: --wipe_data

那么就会做出厂设置，格式化/data分区的内容。

接下来，我们来看看代码，从main函数开始分析:

进入main函数后，会将recovery产生的log信息重定向到/tmp/recovery.log这个文件里，具体代码实现如下：

//重定向标准输出和标准出错到/tmp/recovery.log 这个文件里
//static const char *TEMPORARY_LOG_FILE = "/tmp/recovery.log";
redirect_stdio(TEMPORARY_LOG_FILE);

redirect_stdio函数源代码:

static void redirect_stdio(const char* filename) {
// If these fail, there's not really anywhere to complain...
freopen(filename, "a", stdout); setbuf(stdout, NULL);
freopen(filename, "a", stderr); setbuf(stderr, NULL);
}

我们看到，所有产生来自stdout和stderr的信息会使用freopen这个函数重定向到/tmp/recovery.log这个文件里。

stdout就是标准输出，stdout就是标准出错。标准输出就是我们平时使用的printf输出的信息。

当然也可以使用fprintf(stdout,"hello world\n");也是一样的

标准出错就是fprintf(stderr,"hello world!\n");类似的代码。

接下下来，将会判断是否使用adb的sideload来传入，通过参数--adbd来判断：

// If this binary is started with the single argument "--adbd",
// instead of being the normal recovery binary, it turns into kind
// of a stripped-down version of adbd that only supports the
// 'sideload' command. Note this must be a real argument, not
// anything in the command file or bootloader control block; the
// only way recovery should be run with this argument is when it
// starts a copy of itself from the apply_from_adb() function.
if (argc == 2 && strcmp(argv[1], "--adbd") == 0) {
adb_main();
return 0;
}

做完这些步骤以后，会初始化并装载recovery的分区表recovery.fstab，然后挂载/cache/recovery/last_log这个文件，用来输出log。

printf("Starting recovery (pid %d) on %s", getpid(), ctime(&start));
//装载recovery的分区表recovery.fstab
load_volume_table();
//在recovery中挂载/cache/recovery/last_log这个文件
//#define LAST_LOG_FILE "/cache/recovery/last_log"
ensure_path_mounted(LAST_LOG_FILE);
rotate_last_logs(KEEP_LOG_COUNT);

这里主要看如何装载分区表的流程,先来看看recovery.fstab

/dev/block/by-name/boot /boot emmc defaults defaults
/dev/block/by-name/recovery /recovery emmc defaults defaults
/dev/block/by-name/splashscreen /splashscreen emmc defaults defaults
/dev/block/by-name/fastboot /fastboot emmc defaults defaults
/dev/block/by-name/misc /misc emmc defaults defaults
/dev/block/by-name/system /system ext4 ro,noatime wait
/dev/block/by-name/cache /cache ext4 nosuid,nodev,noatime,barrier=1,data=ordered wait,check
/dev/block/by-name/userdata /data ext4 nosuid,nodev,noatime,discard,barrier=1,data=ordered,noauto_da_alloc wait,check
/dev/block/by-name/factory /factory ext4 nosuid,nodev,noatime,barrier=1,data=ordered wait

接下来看是如果挂载的：

void load_volume_table()
{
int i;
int ret;
//读recovery.fstab 这个分区表
fstab = fs_mgr_read_fstab("/etc/recovery.fstab");
if (!fstab) {
LOGE("failed to read /etc/recovery.fstab\n");
return;
}
//将对应的信息加入到一条链表中
ret = fs_mgr_add_entry(fstab, "/tmp", "ramdisk", "ramdisk");
//如果load到的分区表为空，后面做释放操作
if (ret < 0 ) {
LOGE("failed to add /tmp entry to fstab\n");
fs_mgr_free_fstab(fstab);
fstab = NULL;
return;
}
printf("recovery filesystem table\n");
printf("=========================\n");
//到这一步，打印分区表信息，这类信息在
//recovery启动的时候的log可以看到
//分别是以下
//编号| 挂载节点| 文件系统类型| 块设备| 长度
for (i = 0; i < fstab->num_entries; ++i) {
Volume* v = &fstab->recs[i];
printf(" %d %s %s %s %lld\n", i, v->mount_point, v->fs_type,
v->blk_device, v->length);
}
printf("\n");
}

挂载完相应的分区以后，就需要获取命令参数，因为只有挂载了对应的分区，才能访问到前面要写入command的这个文件，这样我们才能正确的打开文件，如果分区都没找到，那么当然就找不到分区上的文件，上面这个步骤是至关重要的。

//获取参数
//这个参数也可能是从/cache/recovery/command文件中得到相应的命令
//也就是可以往command这个文件写入对应的格式的命令即可
get_args(&argc, &argv);
const char *send_intent = NULL;
const char *update_package = NULL;
int wipe_data = 0, wipe_cache = 0, show_text = 0;
bool just_exit = false;
bool shutdown_after = false;
int arg;
//参数有擦除分区，OTA更新等
while ((arg = getopt_long(argc, argv, "", OPTIONS, NULL)) != -1) {
switch (arg) {
case 's': send_intent = optarg; break;
case 'u': update_package = optarg; break;
case 'w': wipe_data = wipe_cache = 1; break;
case 'c': wipe_cache = 1; break;
case 't': show_text = 1; break;
case 'x': just_exit = true; break;
case 'l': locale = optarg; break;
case 'g': {
if (stage == NULL || *stage == '\0') {
char buffer[20] = "1/";
strncat(buffer, optarg, sizeof(buffer)-3);
stage = strdup(buffer);
}
break;
}
case 'p': shutdown_after = true; break;
case 'r': reason = optarg; break;
case '?':
LOGE("Invalid command argument\n");
continue;
}
}

获取到对应的命令，就会执行对应的标志，后面会根据标志来执行对应的操作。

做完以上的流程后，下面就是创建设备，设置语言信息，初始化recovery的UI界面，设置Selinux权限，代码如下：

//设置语言
if (locale == NULL) {
load_locale_from_cache();
}
printf("locale is [%s]\n", locale);
printf("stage is [%s]\n", stage);
printf("reason is [%s]\n", reason);
//创建设备
Device* device = make_device();
//获取UI
ui = device->GetUI();
//设置当前的UI
gCurrentUI = ui;
//设置UI的语言信息
ui->SetLocale(locale);
//UI初始化
ui->Init();
int st_cur, st_max;
if (stage != NULL && sscanf(stage, "%d/%d", &st_cur, &st_max) == 2) {
ui->SetStage(st_cur, st_max);
}
//设置recovery的背景图
ui->SetBackground(RecoveryUI::NONE);
//设置界面上是否能够显示字符，使能ui->print函数开关
if (show_text) ui->ShowText(true);
//设置selinux权限，一般我会把selinux 给disabled
struct selinux_opt seopts[] = {
{ SELABEL_OPT_PATH, "/file_contexts" }
};
sehandle = selabel_open(SELABEL_CTX_FILE, seopts, 1);
if (!sehandle) {
ui->Print("Warning: No file_contexts\n");
}
//虚函数，没有做什么流程
device->StartRecovery();
printf("Command:");
for (arg = 0; arg < argc; arg++) {
printf(" \"%s\"", argv[arg]);
}
printf("\n");

接下来是重要的环节，这个环节将会根据上面命令参数来做真正的事情了，比如恢复出厂设置，OTA更新等。

//如果update_package(也就是要升级的OTA包)不为空的情况下
//这里要对升级包的路径做一下路径转换，这里可以自由定制自己升级包的路径
if (update_package) {
// For backwards compatibility on the cache partition only, if
// we're given an old 'root' path "CACHE:foo", change it to
// "/cache/foo".
//这里就是做转换的方法
//先比较传进来的recovery参数的前6个byte是否是CACHE
//如果是将其路径转化为/cache/CACHE: ......
if (strncmp(update_package, "CACHE:", 6) == 0) {
int len = strlen(update_package) + 10;
char* modified_path = (char*)malloc(len);
strlcpy(modified_path, "/cache/", len);
strlcat(modified_path, update_package+6, len);
printf("(replacing path \"%s\" with \"%s\")\n",
update_package, modified_path);
//这个update_package就是转换后的路径
update_package = modified_path;
}
}
printf("\n");
property_list(print_property, NULL);
//获取属性，这里应该是从一个文件中找到ro.build.display.id
//获取recovery的版本信息
property_get("ro.build.display.id", recovery_version, "");
printf("\n");
//定义一个安装成功的标志位INSTALL_SUCCESS ----> 其实是个枚举，值为0
int status = INSTALL_SUCCESS;
//判断转换后的OTA升级包的路径是否不为空，如果不为空
//执行install_package 函数进行升级
if (update_package != NULL) {
status = install_package(update_package, &wipe_cache, TEMPORARY_INSTALL_FILE, true);
//判断是否升级成功
if (status == INSTALL_SUCCESS && wipe_cache) {
//擦除这个路径，相当于删除了这个路径下的OTA升级包
if (erase_volume("/cache")) {
LOGE("Cache wipe (requested by package) failed.");
}
}
//如果安装不成功
if (status != INSTALL_SUCCESS) {
ui->Print("Installation aborted.\n");
// If this is an eng or userdebug build, then automatically
// turn the text display on if the script fails so the error
// message is visible.
char buffer[PROPERTY_VALUE_MAX+1];
property_get("ro.build.fingerprint", buffer, "");
if (strstr(buffer, ":userdebug/") || strstr(buffer, ":eng/")) {
ui->ShowText(true);
}
}
}
//如果跑的是格式化数据区，那么就走这个流程
else if (wipe_data) {
if (device->WipeData()) status = INSTALL_ERROR;
//格式化/data分区
if (erase_volume("/data")) status = INSTALL_ERROR;
if (wipe_cache && erase_volume("/cache")) status = INSTALL_ERROR;
if (erase_persistent_partition() == -1 ) status = INSTALL_ERROR;
if (status != INSTALL_SUCCESS) ui->Print("Data wipe failed.\n");
}
//格式化cache分区
else if (wipe_cache) {
if (wipe_cache && erase_volume("/cache")) status = INSTALL_ERROR;
if (status != INSTALL_SUCCESS) ui->Print("Cache wipe failed.\n");
}
else if (!just_exit) {
status = INSTALL_NONE; // No command specified
ui->SetBackground(RecoveryUI::NO_COMMAND);
}
//如果安装失败或者。。。
if (status == INSTALL_ERROR || status == INSTALL_CORRUPT) {
copy_logs();
//显示错误的LOGO
ui->SetBackground(RecoveryUI::ERROR);
}
Device::BuiltinAction after = shutdown_after ? Device::SHUTDOWN : Device::REBOOT;
if (status != INSTALL_SUCCESS || ui->IsTextVisible()) {
Device::BuiltinAction temp = prompt_and_wait(device, status);
if (temp != Device::NO_ACTION) after = temp;
}
// Save logs and clean up before rebooting or shutting down.
//完成recovery升级
finish_recovery(send_intent);
switch (after) {
case Device::SHUTDOWN:
ui->Print("Shutting down...\n");
property_set(ANDROID_RB_PROPERTY, "shutdown,");
break;
case Device::REBOOT_BOOTLOADER:
ui->Print("Rebooting to bootloader...\n");
property_set(ANDROID_RB_PROPERTY, "reboot,bootloader");
break;
default:
ui->Print("Rebooting...\n");
property_set(ANDROID_RB_PROPERTY, "reboot,");
break;
}
sleep(5); // should reboot before this finishes
return EXIT_SUCCESS;

在这里面，我们最常用的即是OTA更新和恢复出厂设置，先来说说恢复出厂设置，这个功能就是所谓的手机双清，众所周知，Android手机在使用很久后，由于垃圾数据，以及其它的因素会导致手机的反应越来越慢，这让人烦恼不已，所以就需要双清，双清一般就是清除

/data分区和/cache分区，代码流程很详细，有兴趣可以自己去分析。

接下来看看OTA是如何实现更新的，我们看到install_ota_package这个函数，执行到这个函数，看到源码：

//安装更新包
int
install_package(const char* path, int* wipe_cache, const char* install_file,
bool needs_mount)
{
FILE* install_log = fopen_path(install_file, "w");
if (install_log) {
fputs(path, install_log);
fputc('\n', install_log);
} else {
LOGE("failed to open last_install: %s\n", strerror(errno));
}
int result;
//设置安装挂载对应的节点
//这一步是关键
if (setup_install_mounts() != 0) {
LOGE("failed to set up expected mounts for install; aborting\n");
result = INSTALL_ERROR;
} else {
//到这里才是真正的去安装OTA包
result = really_install_package(path, wipe_cache, needs_mount);
}
//如果返回结果为0，那么安装就成功了
if (install_log) {
fputc(result == INSTALL_SUCCESS ? '1' : '0', install_log);
fputc('\n', install_log);
fclose(install_log);
}
return result;
}

其实到了really_install_package这一步，才是真正做到OTA更新，但是在OTA更新之前至关重要的一步就是设置安装挂载对应的节点了，我曾经掉入此坑，现在拿出来分析一下，我们来看看setup_install_mounts这个函数:

//设置安装挂载的节点
int setup_install_mounts() {
if (fstab == NULL) {
LOGE("can't set up install mounts: no fstab loaded\n");
return -1;
}
for (int i = 0; i < fstab->num_entries; ++i) {
Volume* v = fstab->recs + i;
//如果判断挂载的路径是/tmp 或者/cache
//那么就挂载对应的节点，而其它的节点都不会去挂载
if (strcmp(v->mount_point, "/tmp") == 0 ||
strcmp(v->mount_point, "/cache") == 0) {
if (ensure_path_mounted(v->mount_point) != 0) {
LOGE("failed to mount %s\n", v->mount_point);
return -1;
}
}
//如果不是/tmp或者/cache这两个节点，则默认就会卸载所有的挂载节点
else {
//卸载所有的挂载节点
if (ensure_path_unmounted(v->mount_point) != 0) {
LOGE("failed to unmount %s\n", v->mount_point);
return -1;
}
}
}
return 0;
}

如果在安装更新的时候，OTA包经过路径转换后不是放在/tmp和/cache这个路径下的时候，那么就会走else分支，从而卸载所有的挂载节点，这样就会导致，传的路径正确，却OTA更新不成功，如果是做自己定制的路径，这一步一定要小心，我们可以在这里继续添加定制的挂载点。

那么，执行完设置挂载节点的函数后，接下来就是执行真正的OTA更新了，我们来看看：

static int
really_install_package(const char *path, int* wipe_cache, bool needs_mount)
{
//设置更新时的背景
ui->SetBackground(RecoveryUI::INSTALLING_UPDATE);
ui->Print("Finding update package...\n");
// Give verification half the progress bar...
//设置进度条的类型
ui->SetProgressType(RecoveryUI::DETERMINATE);
//显示进度条
ui->ShowProgress(VERIFICATION_PROGRESS_FRACTION, VERIFICATION_PROGRESS_TIME);
LOGI("Update location: %s\n", path);
//在屏幕上打印 Opening update package..
// Map the update package into memory.
ui->Print("Opening update package...\n");
//patch是OTA的路径,need_mount参数表示是否需要挂载，1挂载，0，不挂载
if (path && needs_mount) {
if (path[0] == '@') {
ensure_path_mounted(path+1);
} else {
//挂载OTA升级包的路径------> 一般是执行这个流程
ensure_path_mounted(path);
}
}
MemMapping map;
if (sysMapFile(path, &map) != 0) {
LOGE("failed to map file\n");
return INSTALL_CORRUPT;
}
int numKeys;
//获取校验公钥文件
Certificate* loadedKeys = load_keys(PUBLIC_KEYS_FILE, &numKeys);
if (loadedKeys == NULL) {
LOGE("Failed to load keys\n");
return INSTALL_CORRUPT;
}
LOGI("%d key(s) loaded from %s\n", numKeys, PUBLIC_KEYS_FILE);
ui->Print("Verifying update package...\n");
int err;
//校验文件
err = verify_file(map.addr, map.length, loadedKeys, numKeys);
free(loadedKeys);
LOGI("verify_file returned %d\n", err);
//如果校验不成功
if (err != VERIFY_SUCCESS) {
//打印签名失败
LOGE("signature verification failed\n");
sysReleaseMap(&map);
return INSTALL_CORRUPT;
}
/* Try to open the package.
*/
//尝试去打开ota压缩包
ZipArchive zip;
err = mzOpenZipArchive(map.addr, map.length, &zip);
if (err != 0) {
LOGE("Can't open %s\n(%s)\n", path, err != -1 ? strerror(err) : "bad");
sysReleaseMap(&map);
return INSTALL_CORRUPT;
}
/* Verify and install the contents of the package.
*/
//开始安装升级包
ui->Print("Installing update...\n");
ui->SetEnableReboot(false);
int result = try_update_binary(path, &zip, wipe_cache);
//安装成功后自动重启
ui->SetEnableReboot(true);
ui->Print("\n");
sysReleaseMap(&map);
//返回结果
return result;
}

关于recovery的大致流程，我们分析至此，关于如何像MTK平台一样，定制recovery，这就需要读者能够读懂recovery的流程，然后加入自己的代码进行定制，当然我们也会看到，一些recovery花样百出，很多UI做了自己的，而不是用安卓系统原生态的，安卓系统recovery原生态的UI如下：

如何定制相应的UI，后续我们会对recovery源代码中的UI显示做进一步的分析。。。。

接下来，贴出Android5.0的recovery.cpp代码和注释：

/*
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include <ctype.h>
#include <dirent.h>
#include <errno.h>
#include <fcntl.h>
#include <getopt.h>
#include <limits.h>
#include <linux/input.h>
#include <stdarg.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <time.h>
#include <unistd.h>
#include "bootloader.h"
#include "common.h"
#include "cutils/properties.h"
#include "cutils/android_reboot.h"
#include "install.h"
#include "minui/minui.h"
#include "minzip/DirUtil.h"
#include "roots.h"
#include "ui.h"
#include "screen_ui.h"
#include "device.h"
#include "adb_install.h"
extern "C" {
#include "minadbd/adb.h"
#include "fuse_sideload.h"
#include "fuse_sdcard_provider.h"
}
struct selabel_handle *sehandle;
static const struct option OPTIONS[] = {
{ "send_intent", required_argument, NULL, 's' },
{ "update_package", required_argument, NULL, 'u' },
{ "wipe_data", no_argument, NULL, 'w' },
{ "wipe_cache", no_argument, NULL, 'c' },
{ "show_text", no_argument, NULL, 't' },
{ "just_exit", no_argument, NULL, 'x' },
{ "locale", required_argument, NULL, 'l' },
{ "stages", required_argument, NULL, 'g' },
{ "shutdown_after", no_argument, NULL, 'p' },
{ "reason", required_argument, NULL, 'r' },
{ NULL, 0, NULL, 0 },
};
#define LAST_LOG_FILE "/cache/recovery/last_log"
static const char *CACHE_LOG_DIR = "/cache/recovery";
static const char *COMMAND_FILE = "/cache/recovery/command";
static const char *INTENT_FILE = "/cache/recovery/intent";
static const char *LOG_FILE = "/cache/recovery/log";
static const char *LAST_INSTALL_FILE = "/cache/recovery/last_install";
static const char *LOCALE_FILE = "/cache/recovery/last_locale";
static const char *CACHE_ROOT = "/cache";
static const char *SDCARD_ROOT = "/sdcard";
static const char *TEMPORARY_LOG_FILE = "/tmp/recovery.log";
static const char *TEMPORARY_INSTALL_FILE = "/tmp/last_install";
#define KEEP_LOG_COUNT 10
RecoveryUI* ui = NULL;
char* locale = NULL;
char recovery_version[PROPERTY_VALUE_MAX+1];
char* stage = NULL;
char* reason = NULL;
/*
* The recovery tool communicates with the main system through /cache files.
* /cache/recovery/command - INPUT - command line for tool, one arg per line
* /cache/recovery/log - OUTPUT - combined log file from recovery run(s)
* /cache/recovery/intent - OUTPUT - intent that was passed in
*
* The arguments which may be supplied in the recovery.command file:
* --send_intent=anystring - write the text out to recovery.intent
* --update_package=path - verify install an OTA package file
* --wipe_data - erase user data (and cache), then reboot
* --wipe_cache - wipe cache (but not user data), then reboot
* --set_encrypted_filesystem=on|off - enables / diasables encrypted fs
* --just_exit - do nothing; exit and reboot
*
* After completing, we remove /cache/recovery/command and reboot.
* Arguments may also be supplied in the bootloader control block (BCB).
* These important scenarios must be safely restartable at any point:
*
* FACTORY RESET
* 1. user selects "factory reset"
* 2. main system writes "--wipe_data" to /cache/recovery/command
* 3. main system reboots into recovery
* 4. get_args() writes BCB with "boot-recovery" and "--wipe_data"
* -- after this, rebooting will restart the erase --
* 5. erase_volume() reformats /data
* 6. erase_volume() reformats /cache
* 7. finish_recovery() erases BCB
* -- after this, rebooting will restart the main system --
* 8. main() calls reboot() to boot main system
*
* OTA INSTALL
* 1. main system downloads OTA package to /cache/some-filename.zip
* 2. main system writes "--update_package=/cache/some-filename.zip"
* 3. main system reboots into recovery
* 4. get_args() writes BCB with "boot-recovery" and "--update_package=..."
* -- after this, rebooting will attempt to reinstall the update --
* 5. install_package() attempts to install the update
* NOTE: the package install must itself be restartable from any point
* 6. finish_recovery() erases BCB
* -- after this, rebooting will (try to) restart the main system --
* 7. ** if install failed **
* 7a. prompt_and_wait() shows an error icon and waits for the user
* 7b; the user reboots (pulling the battery, etc) into the main system
* 8. main() calls maybe_install_firmware_update()
* ** if the update contained radio/hboot firmware **:
* 8a. m_i_f_u() writes BCB with "boot-recovery" and "--wipe_cache"
* -- after this, rebooting will reformat cache & restart main system --
* 8b. m_i_f_u() writes firmware image into raw cache partition
* 8c. m_i_f_u() writes BCB with "update-radio/hboot" and "--wipe_cache"
* -- after this, rebooting will attempt to reinstall firmware --
* 8d. bootloader tries to flash firmware
* 8e. bootloader writes BCB with "boot-recovery" (keeping "--wipe_cache")
* -- after this, rebooting will reformat cache & restart main system --
* 8f. erase_volume() reformats /cache
* 8g. finish_recovery() erases BCB
* -- after this, rebooting will (try to) restart the main system --
* 9. main() calls reboot() to boot main system
*/
static const int MAX_ARG_LENGTH = 4096;
static const int MAX_ARGS = 100;
// open a given path, mounting partitions as necessary
FILE*
fopen_path(const char *path, const char *mode) {
if (ensure_path_mounted(path) != 0) {
LOGE("Can't mount %s\n", path);
return NULL;
}
// When writing, try to create the containing directory, if necessary.
// Use generous permissions, the system (init.rc) will reset them.
if (strchr("wa", mode[0])) dirCreateHierarchy(path, 0777, NULL, 1, sehandle);
FILE *fp = fopen(path, mode);
return fp;
}
static void redirect_stdio(const char* filename) {
// If these fail, there's not really anywhere to complain...
freopen(filename, "a", stdout); setbuf(stdout, NULL);
freopen(filename, "a", stderr); setbuf(stderr, NULL);
}
// close a file, log an error if the error indicator is set
static void
check_and_fclose(FILE *fp, const char *name) {
fflush(fp);
if (ferror(fp)) LOGE("Error in %s\n(%s)\n", name, strerror(errno));
fclose(fp);
}
// command line args come from, in decreasing precedence:
// - the actual command line
// - the bootloader control block (one per line, after "recovery")
// - the contents of COMMAND_FILE (one per line)
static void
get_args(int *argc, char ***argv) {
struct bootloader_message boot;
memset(&boot, 0, sizeof(boot));
get_bootloader_message(&boot); // this may fail, leaving a zeroed structure
stage = strndup(boot.stage, sizeof(boot.stage));
if (boot.command[0] != 0 && boot.command[0] != 255) {
LOGI("Boot command: %.*s\n", (int)sizeof(boot.command), boot.command);
}
if (boot.status[0] != 0 && boot.status[0] != 255) {
LOGI("Boot status: %.*s\n", (int)sizeof(boot.status), boot.status);
}
// --- if arguments weren't supplied, look in the bootloader control block
if (*argc <= 1) {
boot.recovery[sizeof(boot.recovery) - 1] = '\0'; // Ensure termination
const char *arg = strtok(boot.recovery, "\n");
if (arg != NULL && !strcmp(arg, "recovery")) {
*argv = (char **) malloc(sizeof(char *) * MAX_ARGS);
(*argv)[0] = strdup(arg);
for (*argc = 1; *argc < MAX_ARGS; ++*argc) {
if ((arg = strtok(NULL, "\n")) == NULL) break;
(*argv)[*argc] = strdup(arg);
}
LOGI("Got arguments from boot message\n");
} else if (boot.recovery[0] != 0 && boot.recovery[0] != 255) {
LOGE("Bad boot message\n\"%.20s\"\n", boot.recovery);
}
}
// --- if that doesn't work, try the command file
if (*argc <= 1) {
FILE *fp = fopen_path(COMMAND_FILE, "r");
if (fp != NULL) {
char *token;
char *argv0 = (*argv)[0];
*argv = (char **) malloc(sizeof(char *) * MAX_ARGS);
(*argv)[0] = argv0; // use the same program name
char buf[MAX_ARG_LENGTH];
for (*argc = 1; *argc < MAX_ARGS; ++*argc) {
if (!fgets(buf, sizeof(buf), fp)) break;
token = strtok(buf, "\r\n");
if (token != NULL) {
(*argv)[*argc] = strdup(token); // Strip newline.
} else {
--*argc;
}
}
check_and_fclose(fp, COMMAND_FILE);
LOGI("Got arguments from %s\n", COMMAND_FILE);
}
}
// --> write the arguments we have back into the bootloader control block
// always boot into recovery after this (until finish_recovery() is called)
strlcpy(boot.command, "boot-recovery", sizeof(boot.command));
strlcpy(boot.recovery, "recovery\n", sizeof(boot.recovery));
int i;
for (i = 1; i < *argc; ++i) {
strlcat(boot.recovery, (*argv)[i], sizeof(boot.recovery));
strlcat(boot.recovery, "\n", sizeof(boot.recovery));
}
set_bootloader_message(&boot);
}
static void
set_sdcard_update_bootloader_message() {
struct bootloader_message boot;
memset(&boot, 0, sizeof(boot));
strlcpy(boot.command, "boot-recovery", sizeof(boot.command));
strlcpy(boot.recovery, "recovery\n", sizeof(boot.recovery));
set_bootloader_message(&boot);
}
// How much of the temp log we have copied to the copy in cache.
static long tmplog_offset = 0;
static void
copy_log_file(const char* source, const char* destination, int append) {
FILE *log = fopen_path(destination, append ? "a" : "w");
if (log == NULL) {
LOGE("Can't open %s\n", destination);
} else {
FILE *tmplog = fopen(source, "r");
if (tmplog != NULL) {
if (append) {
fseek(tmplog, tmplog_offset, SEEK_SET); // Since last write
}
char buf[4096];
while (fgets(buf, sizeof(buf), tmplog)) fputs(buf, log);
if (append) {
tmplog_offset = ftell(tmplog);
}
check_and_fclose(tmplog, source);
}
check_and_fclose(log, destination);
}
}
// Rename last_log -> last_log.1 -> last_log.2 -> ... -> last_log.$max
// Overwrites any existing last_log.$max.
static void
rotate_last_logs(int max) {
char oldfn[256];
char newfn[256];
int i;
for (i = max-1; i >= 0; --i) {
snprintf(oldfn, sizeof(oldfn), (i==0) ? LAST_LOG_FILE : (LAST_LOG_FILE ".%d"), i);
snprintf(newfn, sizeof(newfn), LAST_LOG_FILE ".%d", i+1);
// ignore errors
rename(oldfn, newfn);
}
}
static void
copy_logs() {
// Copy logs to cache so the system can find out what happened.
copy_log_file(TEMPORARY_LOG_FILE, LOG_FILE, true);
copy_log_file(TEMPORARY_LOG_FILE, LAST_LOG_FILE, false);
copy_log_file(TEMPORARY_INSTALL_FILE, LAST_INSTALL_FILE, false);
chmod(LOG_FILE, 0600);
chown(LOG_FILE, 1000, 1000); // system user
chmod(LAST_LOG_FILE, 0640);
chmod(LAST_INSTALL_FILE, 0644);
sync();
}
// clear the recovery command and prepare to boot a (hopefully working) system,
// copy our log file to cache as well (for the system to read), and
// record any intent we were asked to communicate back to the system.
// this function is idempotent: call it as many times as you like.
static void
finish_recovery(const char *send_intent) {
// By this point, we're ready to return to the main system...
if (send_intent != NULL) {
FILE *fp = fopen_path(INTENT_FILE, "w");
if (fp == NULL) {
LOGE("Can't open %s\n", INTENT_FILE);
} else {
fputs(send_intent, fp);
check_and_fclose(fp, INTENT_FILE);
}
}
// Save the locale to cache, so if recovery is next started up
// without a --locale argument (eg, directly from the bootloader)
// it will use the last-known locale.
if (locale != NULL) {
LOGI("Saving locale \"%s\"\n", locale);
FILE* fp = fopen_path(LOCALE_FILE, "w");
fwrite(locale, 1, strlen(locale), fp);
fflush(fp);
fsync(fileno(fp));
check_and_fclose(fp, LOCALE_FILE);
}
copy_logs();
// Reset to normal system boot so recovery won't cycle indefinitely.
struct bootloader_message boot;
memset(&boot, 0, sizeof(boot));
set_bootloader_message(&boot);
// Remove the command file, so recovery won't repeat indefinitely.
if (ensure_path_mounted(COMMAND_FILE) != 0 ||
(unlink(COMMAND_FILE) && errno != ENOENT)) {
LOGW("Can't unlink %s\n", COMMAND_FILE);
}
ensure_path_unmounted(CACHE_ROOT);
sync(); // For good measure.
}
typedef struct _saved_log_file {
char* name;
struct stat st;
unsigned char* data;
struct _saved_log_file* next;
} saved_log_file;
static int
erase_volume(const char *volume) {
bool is_cache = (strcmp(volume, CACHE_ROOT) == 0);
ui->SetBackground(RecoveryUI::ERASING);
ui->SetProgressType(RecoveryUI::INDETERMINATE);
saved_log_file* head = NULL;
if (is_cache) {
// If we're reformatting /cache, we load any
// "/cache/recovery/last*" files into memory, so we can restore
// them after the reformat.
ensure_path_mounted(volume);
DIR* d;
struct dirent* de;
d = opendir(CACHE_LOG_DIR);
if (d) {
char path[PATH_MAX];
strcpy(path, CACHE_LOG_DIR);
strcat(path, "/");
int path_len = strlen(path);
while ((de = readdir(d)) != NULL) {
if (strncmp(de->d_name, "last", 4) == 0) {
saved_log_file* p = (saved_log_file*) malloc(sizeof(saved_log_file));
strcpy(path+path_len, de->d_name);
p->name = strdup(path);
if (stat(path, &(p->st)) == 0) {
// truncate files to 512kb
if (p->st.st_size > (1 << 19)) {
p->st.st_size = 1 << 19;
}
p->data = (unsigned char*) malloc(p->st.st_size);
FILE* f = fopen(path, "rb");
fread(p->data, 1, p->st.st_size, f);
fclose(f);
p->next = head;
head = p;
} else {
free(p);
}
}
}
closedir(d);
} else {
if (errno != ENOENT) {
printf("opendir failed: %s\n", strerror(errno));
}
}
}
ui->Print("Formatting %s...\n", volume);
ensure_path_unmounted(volume);
int result = format_volume(volume);
if (is_cache) {
while (head) {
FILE* f = fopen_path(head->name, "wb");
if (f) {
fwrite(head->data, 1, head->st.st_size, f);
fclose(f);
chmod(head->name, head->st.st_mode);
chown(head->name, head->st.st_uid, head->st.st_gid);
}
free(head->name);
free(head->data);
saved_log_file* temp = head->next;
free(head);
head = temp;
}
// Any part of the log we'd copied to cache is now gone.
// Reset the pointer so we copy from the beginning of the temp
// log.
tmplog_offset = 0;
copy_logs();
}
return result;
}
static const char**
prepend_title(const char* const* headers) {
// count the number of lines in our title, plus the
// caller-provided headers.
int count = 3; // our title has 3 lines
const char* const* p;
for (p = headers; *p; ++p, ++count);
const char** new_headers = (const char**)malloc((count+1) * sizeof(char*));
const char** h = new_headers;
*(h++) = "Android system recovery <" EXPAND(RECOVERY_API_VERSION) "e>";
*(h++) = recovery_version;
*(h++) = "";
for (p = headers; *p; ++p, ++h) *h = *p;
*h = NULL;
return new_headers;
}
static int
get_menu_selection(const char* const * headers, const char* const * items,
int menu_only, int initial_selection, Device* device) {
// throw away keys pressed previously, so user doesn't
// accidentally trigger menu items.
ui->FlushKeys();
ui->StartMenu(headers, items, initial_selection);
int selected = initial_selection;
int chosen_item = -1;
while (chosen_item < 0) {
int key = ui->WaitKey();
int visible = ui->IsTextVisible();
if (key == -1) { // ui_wait_key() timed out
if (ui->WasTextEverVisible()) {
continue;
} else {
LOGI("timed out waiting for key input; rebooting.\n");
ui->EndMenu();
return 0; // XXX fixme
}
}
int action = device->HandleMenuKey(key, visible);
if (action < 0) {
switch (action) {
case Device::kHighlightUp:
--selected;
selected = ui->SelectMenu(selected);
break;
case Device::kHighlightDown:
++selected;
selected = ui->SelectMenu(selected);
break;
case Device::kInvokeItem:
chosen_item = selected;
break;
case Device::kNoAction:
break;
}
} else if (!menu_only) {
chosen_item = action;
}
}
ui->EndMenu();
return chosen_item;
}
static int compare_string(const void* a, const void* b) {
return strcmp(*(const char**)a, *(const char**)b);
}
// Returns a malloc'd path, or NULL.
static char*
browse_directory(const char* path, Device* device) {
ensure_path_mounted(path);
const char* MENU_HEADERS[] = { "Choose a package to install:",
path,
"",
NULL };
DIR* d;
struct dirent* de;
d = opendir(path);
if (d == NULL) {
LOGE("error opening %s: %s\n", path, strerror(errno));
return NULL;
}
const char** headers = prepend_title(MENU_HEADERS);
int d_size = 0;
int d_alloc = 10;
char** dirs = (char**)malloc(d_alloc * sizeof(char*));
int z_size = 1;
int z_alloc = 10;
char** zips = (char**)malloc(z_alloc * sizeof(char*));
zips[0] = strdup("../");
while ((de = readdir(d)) != NULL) {
int name_len = strlen(de->d_name);
if (de->d_type == DT_DIR) {
// skip "." and ".." entries
if (name_len == 1 && de->d_name[0] == '.') continue;
if (name_len == 2 && de->d_name[0] == '.' &&
de->d_name[1] == '.') continue;
if (d_size >= d_alloc) {
d_alloc *= 2;
dirs = (char**)realloc(dirs, d_alloc * sizeof(char*));
}
dirs[d_size] = (char*)malloc(name_len + 2);
strcpy(dirs[d_size], de->d_name);
dirs[d_size][name_len] = '/';
dirs[d_size][name_len+1] = '\0';
++d_size;
} else if (de->d_type == DT_REG &&
name_len >= 4 &&
strncasecmp(de->d_name + (name_len-4), ".zip", 4) == 0) {
if (z_size >= z_alloc) {
z_alloc *= 2;
zips = (char**)realloc(zips, z_alloc * sizeof(char*));
}
zips[z_size++] = strdup(de->d_name);
}
}
closedir(d);
qsort(dirs, d_size, sizeof(char*), compare_string);
qsort(zips, z_size, sizeof(char*), compare_string);
// append dirs to the zips list
if (d_size + z_size + 1 > z_alloc) {
z_alloc = d_size + z_size + 1;
zips = (char**)realloc(zips, z_alloc * sizeof(char*));
}
memcpy(zips + z_size, dirs, d_size * sizeof(char*));
free(dirs);
z_size += d_size;
zips[z_size] = NULL;
char* result;
int chosen_item = 0;
while (true) {
chosen_item = get_menu_selection(headers, zips, 1, chosen_item, device);
char* item = zips[chosen_item];
int item_len = strlen(item);
if (chosen_item == 0) { // item 0 is always "../"
// go up but continue browsing (if the caller is update_directory)
result = NULL;
break;
}
char new_path[PATH_MAX];
strlcpy(new_path, path, PATH_MAX);
strlcat(new_path, "/", PATH_MAX);
strlcat(new_path, item, PATH_MAX);
if (item[item_len-1] == '/') {
// recurse down into a subdirectory
new_path[strlen(new_path)-1] = '\0'; // truncate the trailing '/'
result = browse_directory(new_path, device);
if (result) break;
} else {
// selected a zip file: return the malloc'd path to the caller.
result = strdup(new_path);
break;
}
}
int i;
for (i = 0; i < z_size; ++i) free(zips[i]);
free(zips);
free(headers);
return result;
}
static void
wipe_data(int confirm, Device* device) {
if (confirm) {
static const char** title_headers = NULL;
if (title_headers == NULL) {
const char* headers[] = { "Confirm wipe of all user data?",
" THIS CAN NOT BE UNDONE.",
"",
NULL };
title_headers = prepend_title((const char**)headers);
}
const char* items[] = { " No",
" No",
" No",
" No",
" No",
" No",
" No",
" Yes -- delete all user data", // [7]
" No",
" No",
" No",
NULL };
int chosen_item = get_menu_selection(title_headers, items, 1, 0, device);
if (chosen_item != 7) {
return;
}
}
ui->Print("\n-- Wiping data...\n");
device->WipeData();
erase_volume("/data");
erase_volume("/cache");
erase_persistent_partition();
ui->Print("Data wipe complete.\n");
}
static void file_to_ui(const char* fn) {
FILE *fp = fopen_path(fn, "re");
if (fp == NULL) {
ui->Print(" Unable to open %s: %s\n", fn, strerror(errno));
return;
}
char line[1024];
int ct = 0;
redirect_stdio("/dev/null");
while(fgets(line, sizeof(line), fp) != NULL) {
ui->Print("%s", line);
ct++;
if (ct % 30 == 0) {
// give the user time to glance at the entries
ui->WaitKey();
}
}
redirect_stdio(TEMPORARY_LOG_FILE);
fclose(fp);
}
static void choose_recovery_file(Device* device) {
int i;
static const char** title_headers = NULL;
char *filename;
const char* headers[] = { "Select file to view",
"",
NULL };
char* entries[KEEP_LOG_COUNT + 2];
memset(entries, 0, sizeof(entries));
for (i = 0; i < KEEP_LOG_COUNT; i++) {
char *filename;
if (asprintf(&filename, (i==0) ? LAST_LOG_FILE : (LAST_LOG_FILE ".%d"), i) == -1) {
// memory allocation failure - return early. Should never happen.
return;
}
if ((ensure_path_mounted(filename) != 0) || (access(filename, R_OK) == -1)) {
free(filename);
entries[i+1] = NULL;
break;
}
entries[i+1] = filename;
}
entries[0] = strdup("Go back");
title_headers = prepend_title((const char**)headers);
while(1) {
int chosen_item = get_menu_selection(title_headers, entries, 1, 0, device);
if (chosen_item == 0) break;
file_to_ui(entries[chosen_item]);
}
for (i = 0; i < KEEP_LOG_COUNT + 1; i++) {
free(entries[i]);
}
}
// Return REBOOT, SHUTDOWN, or REBOOT_BOOTLOADER. Returning NO_ACTION
// means to take the default, which is to reboot or shutdown depending
// on if the --shutdown_after flag was passed to recovery.
static Device::BuiltinAction
prompt_and_wait(Device* device, int status) {
const char* const* headers = prepend_title(device->GetMenuHeaders());
for (;;) {
finish_recovery(NULL);
switch (status) {
case INSTALL_SUCCESS:
case INSTALL_NONE:
ui->SetBackground(RecoveryUI::NO_COMMAND);
break;
case INSTALL_ERROR:
case INSTALL_CORRUPT:
ui->SetBackground(RecoveryUI::ERROR);
break;
}
ui->SetProgressType(RecoveryUI::EMPTY);
int chosen_item = get_menu_selection(headers, device->GetMenuItems(), 0, 0, device);
// device-specific code may take some action here. It may
// return one of the core actions handled in the switch
// statement below.
Device::BuiltinAction chosen_action = device->InvokeMenuItem(chosen_item);
int wipe_cache = 0;
switch (chosen_action) {
case Device::NO_ACTION:
break;
case Device::REBOOT:
case Device::SHUTDOWN:
case Device::REBOOT_BOOTLOADER:
return chosen_action;
case Device::WIPE_DATA:
wipe_data(ui->IsTextVisible(), device);
if (!ui->IsTextVisible()) return Device::NO_ACTION;
break;
case Device::WIPE_CACHE:
ui->Print("\n-- Wiping cache...\n");
erase_volume("/cache");
ui->Print("Cache wipe complete.\n");
if (!ui->IsTextVisible()) return Device::NO_ACTION;
break;
case Device::APPLY_EXT: {
ensure_path_mounted(SDCARD_ROOT);
char* path = browse_directory(SDCARD_ROOT, device);
if (path == NULL) {
ui->Print("\n-- No package file selected.\n", path);
break;
}
ui->Print("\n-- Install %s ...\n", path);
set_sdcard_update_bootloader_message();
void* token = start_sdcard_fuse(path);
int status = install_package(FUSE_SIDELOAD_HOST_PATHNAME, &wipe_cache,
TEMPORARY_INSTALL_FILE, false);
finish_sdcard_fuse(token);
ensure_path_unmounted(SDCARD_ROOT);
if (status == INSTALL_SUCCESS && wipe_cache) {
ui->Print("\n-- Wiping cache (at package request)...\n");
if (erase_volume("/cache")) {
ui->Print("Cache wipe failed.\n");
} else {
ui->Print("Cache wipe complete.\n");
}
}
if (status >= 0) {
if (status != INSTALL_SUCCESS) {
ui->SetBackground(RecoveryUI::ERROR);
ui->Print("Installation aborted.\n");
} else if (!ui->IsTextVisible()) {
return Device::NO_ACTION; // reboot if logs aren't visible
} else {
ui->Print("\nInstall from sdcard complete.\n");
}
}
break;
}
case Device::APPLY_CACHE:
ui->Print("\nAPPLY_CACHE is deprecated.\n");
break;
case Device::READ_RECOVERY_LASTLOG:
choose_recovery_file(device);
break;
case Device::APPLY_ADB_SIDELOAD:
status = apply_from_adb(ui, &wipe_cache, TEMPORARY_INSTALL_FILE);
if (status >= 0) {
if (status != INSTALL_SUCCESS) {
ui->SetBackground(RecoveryUI::ERROR);
ui->Print("Installation aborted.\n");
copy_logs();
} else if (!ui->IsTextVisible()) {
return Device::NO_ACTION; // reboot if logs aren't visible
} else {
ui->Print("\nInstall from ADB complete.\n");
}
}
break;
}
}
}
static void
print_property(const char *key, const char *name, void *cookie) {
printf("%s=%s\n", key, name);
}
static void
load_locale_from_cache() {
FILE* fp = fopen_path(LOCALE_FILE, "r");
char buffer[80];
if (fp != NULL) {
fgets(buffer, sizeof(buffer), fp);
int j = 0;
unsigned int i;
for (i = 0; i < sizeof(buffer) && buffer[i]; ++i) {
if (!isspace(buffer[i])) {
buffer[j++] = buffer[i];
}
}
buffer[j] = 0;
locale = strdup(buffer);
check_and_fclose(fp, LOCALE_FILE);
}
}
static RecoveryUI* gCurrentUI = NULL;
void
ui_print(const char* format, ...) {
char buffer[256];
va_list ap;
va_start(ap, format);
vsnprintf(buffer, sizeof(buffer), format, ap);
va_end(ap);
if (gCurrentUI != NULL) {
gCurrentUI->Print("%s", buffer);
} else {
fputs(buffer, stdout);
}
}
int
main(int argc, char **argv) {
time_t start = time(NULL);
//重定向标准输出和标准出错到/tmp/recovery.log 这个文件里
//static const char *TEMPORARY_LOG_FILE = "/tmp/recovery.log";
redirect_stdio(TEMPORARY_LOG_FILE);
// If this binary is started with the single argument "--adbd",
// instead of being the normal recovery binary, it turns into kind
// of a stripped-down version of adbd that only supports the
// 'sideload' command. Note this must be a real argument, not
// anything in the command file or bootloader control block; the
// only way recovery should be run with this argument is when it
// starts a copy of itself from the apply_from_adb() function.
if (argc == 2 && strcmp(argv[1], "--adbd") == 0) {
adb_main();
return 0;
}
printf("Starting recovery (pid %d) on %s", getpid(), ctime(&start));
//装载recovery的分区表recovery.fstab
load_volume_table();
//在recovery中挂载/cache/recovery/last_log这个文件
//#define LAST_LOG_FILE "/cache/recovery/last_log"
ensure_path_mounted(LAST_LOG_FILE);
rotate_last_logs(KEEP_LOG_COUNT);
//获取参数
//这个参数也可能是从/cache/recovery/command文件中得到相应的命令
//也就是可以往command这个文件写入对应的格式的命令即可
get_args(&argc, &argv);
const char *send_intent = NULL;
const char *update_package = NULL;
int wipe_data = 0, wipe_cache = 0, show_text = 0;
bool just_exit = false;
bool shutdown_after = false;
int arg;
//参数有擦除分区，OTA更新等
while ((arg = getopt_long(argc, argv, "", OPTIONS, NULL)) != -1) {
switch (arg) {
case 's': send_intent = optarg; break;
case 'u': update_package = optarg; break;
case 'w': wipe_data = wipe_cache = 1; break;
case 'c': wipe_cache = 1; break;
case 't': show_text = 1; break;
case 'x': just_exit = true; break;
case 'l': locale = optarg; break;
case 'g': {
if (stage == NULL || *stage == '\0') {
char buffer[20] = "1/";
strncat(buffer, optarg, sizeof(buffer)-3);
stage = strdup(buffer);
}
break;
}
case 'p': shutdown_after = true; break;
case 'r': reason = optarg; break;
case '?':
LOGE("Invalid command argument\n");
continue;
}
}
//设置语言
if (locale == NULL) {
load_locale_from_cache();
}
printf("locale is [%s]\n", locale);
printf("stage is [%s]\n", stage);
printf("reason is [%s]\n", reason);
//创建设备
Device* device = make_device();
//获取UI
ui = device->GetUI();
//设置当前的UI
gCurrentUI = ui;
//设置UI的语言信息
ui->SetLocale(locale);
//UI初始化
ui->Init();
int st_cur, st_max;
if (stage != NULL && sscanf(stage, "%d/%d", &st_cur, &st_max) == 2) {
ui->SetStage(st_cur, st_max);
}
//设置recovery的背景图
ui->SetBackground(RecoveryUI::NONE);
//设置界面上是否能够显示字符，使能ui->print函数开关
if (show_text) ui->ShowText(true);
//设置selinux权限，一般我会把selinux 给disabled
struct selinux_opt seopts[] = {
{ SELABEL_OPT_PATH, "/file_contexts" }
};
sehandle = selabel_open(SELABEL_CTX_FILE, seopts, 1);
if (!sehandle) {
ui->Print("Warning: No file_contexts\n");
}
//虚函数，没有做什么流程
device->StartRecovery();
printf("Command:");
for (arg = 0; arg < argc; arg++) {
printf(" \"%s\"", argv[arg]);
}
printf("\n");
//如果update_package(也就是要升级的OTA包)不为空的情况下
//这里要对升级包的路径做一下路径转换，这里可以自由定制自己升级包的路径
if (update_package) {
// For backwards compatibility on the cache partition only, if
// we're given an old 'root' path "CACHE:foo", change it to
// "/cache/foo".
//这里就是做转换的方法
//先比较传进来的recovery参数的前6个byte是否是CACHE
//如果是将其路径转化为/cache/CACHE: ......
if (strncmp(update_package, "CACHE:", 6) == 0) {
int len = strlen(update_package) + 10;
char* modified_path = (char*)malloc(len);
strlcpy(modified_path, "/cache/", len);
strlcat(modified_path, update_package+6, len);
printf("(replacing path \"%s\" with \"%s\")\n",
update_package, modified_path);
//这个update_package就是转换后的路径
update_package = modified_path;
}
}
printf("\n");
property_list(print_property, NULL);
//获取属性，这里应该是从一个文件中找到ro.build.display.id
//获取recovery的版本信息
property_get("ro.build.display.id", recovery_version, "");
printf("\n");
//定义一个安装成功的标志位INSTALL_SUCCESS ----> 其实是个枚举，值为0
int status = INSTALL_SUCCESS;
//判断转换后的OTA升级包的路径是否不为空，如果不为空
//执行install_package 函数进行升级
if (update_package != NULL) {
status = install_package(update_package, &wipe_cache, TEMPORARY_INSTALL_FILE, true);
//判断是否升级成功
if (status == INSTALL_SUCCESS && wipe_cache) {
//擦除这个路径，相当于删除了这个路径下的OTA升级包
if (erase_volume("/cache")) {
LOGE("Cache wipe (requested by package) failed.");
}
}
//如果安装不成功
if (status != INSTALL_SUCCESS) {
ui->Print("Installation aborted.\n");
// If this is an eng or userdebug build, then automatically
// turn the text display on if the script fails so the error
// message is visible.
char buffer[PROPERTY_VALUE_MAX+1];
property_get("ro.build.fingerprint", buffer, "");
if (strstr(buffer, ":userdebug/") || strstr(buffer, ":eng/")) {
ui->ShowText(true);
}
}
}
//如果跑的是格式化数据区，那么就走这个流程
else if (wipe_data) {
if (device->WipeData()) status = INSTALL_ERROR;
//格式化/data分区
if (erase_volume("/data")) status = INSTALL_ERROR;
if (wipe_cache && erase_volume("/cache")) status = INSTALL_ERROR;
if (erase_persistent_partition() == -1 ) status = INSTALL_ERROR;
if (status != INSTALL_SUCCESS) ui->Print("Data wipe failed.\n");
}
//格式化cache分区
else if (wipe_cache) {
if (wipe_cache && erase_volume("/cache")) status = INSTALL_ERROR;
if (status != INSTALL_SUCCESS) ui->Print("Cache wipe failed.\n");
}
else if (!just_exit) {
status = INSTALL_NONE; // No command specified
ui->SetBackground(RecoveryUI::NO_COMMAND);
}
//如果安装失败或者。。。
if (status == INSTALL_ERROR || status == INSTALL_CORRUPT) {
copy_logs();
//显示错误的LOGO
ui->SetBackground(RecoveryUI::ERROR);
}
Device::BuiltinAction after = shutdown_after ? Device::SHUTDOWN : Device::REBOOT;
if (status != INSTALL_SUCCESS || ui->IsTextVisible()) {
Device::BuiltinAction temp = prompt_and_wait(device, status);
if (temp != Device::NO_ACTION) after = temp;
}
// Save logs and clean up before rebooting or shutting down.
//完成recovery升级
finish_recovery(send_intent);
switch (after) {
case Device::SHUTDOWN:
ui->Print("Shutting down...\n");
property_set(ANDROID_RB_PROPERTY, "shutdown,");
break;
case Device::REBOOT_BOOTLOADER:
ui->Print("Rebooting to bootloader...\n");
property_set(ANDROID_RB_PROPERTY, "reboot,bootloader");
break;
default:
ui->Print("Rebooting...\n");
property_set(ANDROID_RB_PROPERTY, "reboot,");
break;
}
sleep(5); // should reboot before this finishes
return EXIT_SUCCESS;
}

Android5.0 Recovery源代码分析与定制(一)【转】的更多相关文章

《LINUX3.0内核源代码分析》第二章：中断和异常【转】
转自:http://blog.chinaunix.net/uid-25845340-id-2982887.html 摘要:第二章主要讲述linux如何处理ARM cortex A9多核处理器的中断.异 ...
0. chromium源代码分析 - 序
本打算在CSDN写完这系列文字,却因为在CSDN中误删了一篇blog,该篇blog被移到了回收站.然而CSDN居然没有从回收站撤销删除的操作方法.联想到之前CSDN泄密的问题,其可靠性值得怀疑.随转向 ...
Android HandlerThread 源代码分析
HandlerThread 简单介绍: 我们知道Thread线程是一次性消费品,当Thread线程运行完一个耗时的任务之后.线程就会被自己主动销毁了.假设此时我又有一个耗时任务须要运行,我们不得不又 ...
获取android-5.0.2_r1代码6.7G
获取 android-5.0.2_r1 源代码的坎坷路: 服务器相关 ====== * 国外服务器直接拉取,我一共有多个国外服务器,在获取android代码时下载速度都能到10MB/s的下载速度甚至更 ...
Spark SQL Catalyst源代码分析之UDF
/** Spark SQL源代码分析系列文章*/ 在SQL的世界里,除了官方提供的经常使用的处理函数之外.一般都会提供可扩展的对外自己定义函数接口,这已经成为一种事实的标准. 在前面Spark SQL ...
Solr4.8.0源码分析(24)之SolrCloud的Recovery策略(五)
Solr4.8.0源码分析(24)之SolrCloud的Recovery策略(五) 题记:关于SolrCloud的Recovery策略已经写了四篇了,这篇应该是系统介绍Recovery策略的最后一篇了 ...
Solr4.8.0源码分析(23)之SolrCloud的Recovery策略(四)
Solr4.8.0源码分析(23)之SolrCloud的Recovery策略(四) 题记:本来计划的SolrCloud的Recovery策略的文章是3篇的,但是没想到Recovery的内容蛮多的,前面 ...
Solr4.8.0源码分析(22)之SolrCloud的Recovery策略(三)
Solr4.8.0源码分析(22)之SolrCloud的Recovery策略(三) 本文是SolrCloud的Recovery策略系列的第三篇文章,前面两篇主要介绍了Recovery的总体流程,以及P ...
Solr4.8.0源码分析(21)之SolrCloud的Recovery策略(二)
Solr4.8.0源码分析(21)之SolrCloud的Recovery策略(二) 题记: 前文<Solr4.8.0源码分析(20)之SolrCloud的Recovery策略(一)>中提 ...

随机推荐

前端-Node.js思维导图笔记
看不清的朋友右键保存或者新窗口打开哦!喜欢我可以关注我,还有更多前端思维导图笔记
JavaScript中的函数splice() 的使用。
大二接触JavaScript初期,学习函数中有一道题: 定义一个2个参数的函数.第1个参数是一个数组,第2个参数是需要删除的元素.函数功能,在第1个实参数组中查找第2个实参提供的值,找到则删除该元素( ...
数据结构应用实例#栈&单链表#简易计算器
修改BUG的时候一不小心BUG越修越多,鉴于维护程序并不是学习数据结构的初衷,我已经果断的弃坑了!! 以下内容再不更新,Github上的代码直接无法正常编译运行.... 参考参考就好,学习到栈的作用就 ...
Hibernate自动事务揪出的编码不规范
最近重构的项目(Java初学中),Service层一个获取通知记录报错: org.springframework.dao.InvalidDataAccessResourceUsageException ...
vue编辑回显问题
真是疯了,vue怪毛病真多就下面这玩意儿,多选组合框,新增的时候好用的不行不行的,到了编辑的时候,要回显数据,怪毛病一堆一堆的首先,回显的时候要传一个数组,但是这个数组里的元素得是字符串类型的,如 ...
AcDbTable 类
Table 例子学习笔记在这个例子中,ARX向我们展示了ACDBTABLE类的一些基本操作方法,ACDBTABLE类是ACAD2005及其以后的产品,应该是说ACDBDATATABLE的升级产品,Ac ...
golang bytes 包
类型 []byte 的切片十分常见,Go 语言有一个 bytes 包专门用来解决这种类型的操作方法. bytes 包和字符串包十分类似.而且它还包含一个十分有用的类型 Buffer: import & ...
最新 Xilinx vivado IP许可申请
xilinx的fpga使用vivado开发,zynq系列fpga的SOC开发成为主流,加快fpga开发,也进一步提高了fpga开发的灵活性. xilinx提供很多ip核供开发者直接使用,开发快捷方便, ...
mysql在windows上安装
一.在window上安装mysql MySQL是一个小巧玲珑但功能强大的数据库,目前十分流行.但是官网给出的安装包有两种格式,一个是msi格式,一个是zip格式的.很多人下了zip格式的解压发现没有s ...
1、DataGridView
DataGridView赋值后通过RowPostPaint事件绘制行号 private void AddXh() { DataGridViewTextBoxColumn col = new Data ...

Android5.0 Recovery源代码分析与定制(一)【转】

Android5.0 Recovery源代码分析与定制(一)【转】的更多相关文章

随机推荐

热门专题