recovery: Provide sideload cancellation

Change-Id: I13f0c9ae5444652a2141442ef24258679a78d320

adb_install.cpp

@@ -36,6 +36,8 @@
 #include "install.h"
 #include "ui.h"
 
+static pthread_t sideload_thread;
+
 static void set_usb_driver(bool enabled) {
   // USB configfs doesn't use /s/c/a/a/enable.
   if (android::base::GetBoolProperty("sys.usb.configfs", false)) {
@@ -70,64 +72,75 @@ static void maybe_restart_adbd() {
   }
 }
 
-int apply_from_adb(bool* wipe_cache, const char* install_file) {
-  modified_flash = true;
-
-  stop_adbd();
-  set_usb_driver(true);
+struct sideload_data {
+    bool*       wipe_cache;
+    const char* install_file;
+    bool        cancel;
+    int         result;
+};
 
-  ui->Print(
-      "\n\nNow send the package you want to apply\n"
-      "to the device with \"adb sideload <filename>\"...\n");
+static struct sideload_data sideload_data;
 
+static void *adb_sideload_thread(void*) {
   pid_t child;
   if ((child = fork()) == 0) {
     execl("/sbin/recovery", "recovery", "--adbd", nullptr);
     _exit(EXIT_FAILURE);
   }
 
+  time_t start_time = time(nullptr);
+  time_t now = start_time;
+
   // How long (in seconds) we wait for the host to start sending us a package, before timing out.
   static constexpr int ADB_INSTALL_TIMEOUT = 300;
 
   // FUSE_SIDELOAD_HOST_PATHNAME will start to exist once the host connects and starts serving a
   // package. Poll for its appearance. (Note that inotify doesn't work with FUSE.)
-  int result = INSTALL_ERROR;
-  int status;
-  bool waited = false;
-  for (int i = 0; i < ADB_INSTALL_TIMEOUT; ++i) {
-    if (waitpid(child, &status, WNOHANG) != 0) {
+  int result = INSTALL_NONE;
+  int status = -1;
+  while (now - start_time < ADB_INSTALL_TIMEOUT) {
+    // Exit if either:
+    //  - The adb child process dies, or
+    //  - The ui tells us to cancel
+    if (kill(child, 0) != 0) {
       result = INSTALL_ERROR;
-      waited = true;
+      break;
+    }
+    if (sideload_data.cancel) {
       break;
     }
 
     struct stat st;
-    if (stat(FUSE_SIDELOAD_HOST_PATHNAME, &st) != 0) {
-      if (errno == ENOENT && i < ADB_INSTALL_TIMEOUT - 1) {
-        sleep(1);
-        continue;
-      } else {
-        ui->Print("\nTimed out waiting for package.\n\n");
-        result = INSTALL_ERROR;
-        kill(child, SIGKILL);
-        break;
-      }
+    status = stat(FUSE_SIDELOAD_HOST_PATHNAME, &st);
+    if (status == 0) {
+      break;
+    }
+    if (errno != ENOENT && errno != ENOTCONN) {
+      ui->Print("\nError %s waiting for package\n\n", strerror(errno));
+      result = INSTALL_ERROR;
+      break;
     }
-    result = install_package(FUSE_SIDELOAD_HOST_PATHNAME, wipe_cache, install_file, false, 0);
-    break;
+
+    sleep(1);
+    now = time(nullptr);
   }
 
-  if (!waited) {
-    // Calling stat() on this magic filename signals the minadbd subprocess to shut down.
-    struct stat st;
-    stat(FUSE_SIDELOAD_HOST_EXIT_PATHNAME, &st);
+  if (status == 0) {
+    // Signal UI thread that we can no longer cancel
+    ui->CancelWaitKey();
 
-    // TODO: there should be a way to cancel waiting for a package (by pushing some button combo on
-    // the device). For now you just have to 'adb sideload' a file that's not a valid package, like
-    // "/dev/null".
-    waitpid(child, &status, 0);
+    result = install_package(FUSE_SIDELOAD_HOST_PATHNAME,
+                             sideload_data.wipe_cache,
+                             sideload_data.install_file,
+                             false, 0);
+
+    sideload_data.result = result;
   }
 
+  // Ensure adb exits
+  kill(child, SIGTERM);
+  waitpid(child, &status, 0);
+
   if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) {
     if (WEXITSTATUS(status) == 3) {
       ui->Print("\nYou need adb 1.0.32 or newer to sideload\nto this device.\n\n");
@@ -136,8 +149,37 @@ int apply_from_adb(bool* wipe_cache, const char* install_file) {
     }
   }
 
-  set_usb_driver(false);
+  return nullptr;
+}
+
+void
+start_sideload(bool* wipe_cache, const char* install_file) {
+  modified_flash = true;
+
+  stop_adbd();
+  set_usb_driver(true);
+
+  ui->Print("\n\nNow send the package you want to apply\n"
+            "to the device with \"adb sideload <filename>\"...\n");
+
+  sideload_data.wipe_cache = wipe_cache;
+  sideload_data.install_file = install_file;
+  sideload_data.cancel = false;
+  sideload_data.result = INSTALL_NONE;
+
+  pthread_create(&sideload_thread, nullptr, &adb_sideload_thread, nullptr);
+}
+
+void stop_sideload() {
+  sideload_data.cancel = true;
+}
+
+int wait_sideload() {
+  pthread_join(sideload_thread, nullptr);
+
+  ui->FlushKeys();
+
   maybe_restart_adbd();
 
-  return result;
+  return sideload_data.result;
 }

adb_install.h

@@ -17,6 +17,8 @@
 #ifndef _ADB_INSTALL_H
 #define _ADB_INSTALL_H
 
-int apply_from_adb(bool* wipe_cache, const char* install_file);
+void start_sideload(bool* wipe_cache, const char* install_file);
+void stop_sideload();
+int  wait_sideload();
 
 #endif

fuse_sdcard_provider.cpp

@@ -24,6 +24,7 @@
 #include <pthread.h>
 #include <sys/mount.h>
 #include <sys/stat.h>
+#include <sys/wait.h>
 #include <unistd.h>
 
 #include <functional>
@@ -56,7 +57,7 @@ static int read_block_file(const file_data& fd, uint32_t block, uint8_t* buffer,
 }
 
 struct token {
-    pthread_t th;
+    pid_t pid;
     const char* path;
     int result;
 };
@@ -99,19 +100,30 @@ void* start_sdcard_fuse(const char* path) {
   token* t = new token;
 
   t->path = path;
-  pthread_create(&(t->th), NULL, run_sdcard_fuse, t);
-
-  struct stat st;
-  int i;
-  for (i = 0; i < SDCARD_INSTALL_TIMEOUT; ++i) {
-    if (stat(FUSE_SIDELOAD_HOST_PATHNAME, &st) != 0) {
-      if (errno == ENOENT && i < SDCARD_INSTALL_TIMEOUT-1) {
-        sleep(1);
-        continue;
-      } else {
-        return nullptr;
-      }
+  if ((t->pid = fork()) < 0) {
+    free(t);
+    return nullptr;
+  }
+  if (t->pid == 0) {
+    run_sdcard_fuse(t);
+    _exit(0);
+  }
+
+  time_t start_time = time(nullptr);
+  time_t now = start_time;
+
+  while (now - start_time < SDCARD_INSTALL_TIMEOUT) {
+    struct stat st;
+    if (stat(FUSE_SIDELOAD_HOST_PATHNAME, &st) == 0) {
+      break;
+    }
+    if (errno != ENOENT && errno != ENOTCONN) {
+      free(t);
+      t = nullptr;
+      break;
     }
+    sleep(1);
+    now = time(nullptr);
   }
 
   return t;
@@ -121,11 +133,9 @@ void finish_sdcard_fuse(void* cookie) {
   if (cookie == NULL) return;
   token* t = reinterpret_cast<token*>(cookie);
 
-  // Calling stat() on this magic filename signals the fuse
-  // filesystem to shut down.
-  struct stat st;
-  stat(FUSE_SIDELOAD_HOST_EXIT_PATHNAME, &st);
+  kill(t->pid, SIGTERM);
+  int status;
+  waitpid(t->pid, &status, 0);
 
-  pthread_join(t->th, nullptr);
   delete t;
 }

fuse_sideload.cpp

@@ -66,10 +66,8 @@
 #include <openssl/sha.h>
 
 static constexpr uint64_t PACKAGE_FILE_ID = FUSE_ROOT_ID + 1;
-static constexpr uint64_t EXIT_FLAG_ID = FUSE_ROOT_ID + 2;
 
 static constexpr int NO_STATUS = 1;
-static constexpr int NO_STATUS_EXIT = 2;
 
 using SHA256Digest = std::array<uint8_t, SHA256_DIGEST_LENGTH>;
 
@@ -171,14 +169,12 @@ static int handle_getattr(void* /* data */, const fuse_data* fd, const fuse_in_h
     fill_attr(&(out.attr), fd, hdr->nodeid, 4096, S_IFDIR | 0555);
   } else if (hdr->nodeid == PACKAGE_FILE_ID) {
     fill_attr(&(out.attr), fd, PACKAGE_FILE_ID, fd->file_size, S_IFREG | 0444);
-  } else if (hdr->nodeid == EXIT_FLAG_ID) {
-    fill_attr(&(out.attr), fd, EXIT_FLAG_ID, 0, S_IFREG | 0);
   } else {
     return -ENOENT;
   }
 
   fuse_reply(fd, hdr->unique, &out, sizeof(out));
-  return (hdr->nodeid == EXIT_FLAG_ID) ? NO_STATUS_EXIT : NO_STATUS;
+  return NO_STATUS;
 }
 
 static int handle_lookup(void* data, const fuse_data* fd, const fuse_in_header* hdr) {
@@ -193,20 +189,15 @@ static int handle_lookup(void* data, const fuse_data* fd, const fuse_in_header*
     out.nodeid = PACKAGE_FILE_ID;
     out.generation = PACKAGE_FILE_ID;
     fill_attr(&(out.attr), fd, PACKAGE_FILE_ID, fd->file_size, S_IFREG | 0444);
-  } else if (filename == FUSE_SIDELOAD_HOST_EXIT_FLAG) {
-    out.nodeid = EXIT_FLAG_ID;
-    out.generation = EXIT_FLAG_ID;
-    fill_attr(&(out.attr), fd, EXIT_FLAG_ID, 0, S_IFREG | 0);
   } else {
     return -ENOENT;
   }
 
   fuse_reply(fd, hdr->unique, &out, sizeof(out));
-  return (out.nodeid == EXIT_FLAG_ID) ? NO_STATUS_EXIT : NO_STATUS;
+  return NO_STATUS;
 }
 
 static int handle_open(void* /* data */, const fuse_data* fd, const fuse_in_header* hdr) {
-  if (hdr->nodeid == EXIT_FLAG_ID) return -EPERM;
   if (hdr->nodeid != PACKAGE_FILE_ID) return -ENOENT;
 
   fuse_open_out out = {};
@@ -340,6 +331,12 @@ static int handle_read(void* data, fuse_data* fd, const fuse_in_header* hdr) {
   return NO_STATUS;
 }
 
+static volatile int terminated = 0;
+static void sig_term(int)
+{
+  terminated = 1;
+}
+
 int run_fuse_sideload(const provider_vtab& vtab, uint64_t file_size, uint32_t block_size,
                       const char* mount_point) {
   // If something's already mounted on our mountpoint, try to remove it. (Mostly in case of a
@@ -388,6 +385,8 @@ int run_fuse_sideload(const provider_vtab& vtab, uint64_t file_size, uint32_t bl
     goto done;
   }
 
+  signal(SIGTERM, sig_term);
+
   fd.ffd.reset(open("/dev/fuse", O_RDWR));
   if (!fd.ffd) {
     perror("open /dev/fuse");
@@ -409,7 +408,17 @@ int run_fuse_sideload(const provider_vtab& vtab, uint64_t file_size, uint32_t bl
   }
 
   uint8_t request_buffer[sizeof(fuse_in_header) + PATH_MAX * 8];
-  for (;;) {
+  while (!terminated) {
+    fd_set fds;
+    struct timeval tv;
+    FD_ZERO(&fds);
+    FD_SET(fd.ffd, &fds);
+    tv.tv_sec = 1;
+    tv.tv_usec = 0;
+    int rc = select(fd.ffd+1, &fds, nullptr, nullptr, &tv);
+    if (rc <= 0) {
+      continue;
+    }
     ssize_t len = TEMP_FAILURE_RETRY(read(fd.ffd, request_buffer, sizeof(request_buffer)));
     if (len == -1) {
       perror("read request");
@@ -464,11 +473,6 @@ int run_fuse_sideload(const provider_vtab& vtab, uint64_t file_size, uint32_t bl
         break;
     }
 
-    if (result == NO_STATUS_EXIT) {
-      result = 0;
-      break;
-    }
-
     if (result != NO_STATUS) {
       fuse_out_header outhdr;
       outhdr.len = sizeof(outhdr);

fuse_sideload.h

@@ -23,8 +23,6 @@
 static constexpr const char* FUSE_SIDELOAD_HOST_MOUNTPOINT = "/sideload";
 static constexpr const char* FUSE_SIDELOAD_HOST_FILENAME = "package.zip";
 static constexpr const char* FUSE_SIDELOAD_HOST_PATHNAME = "/sideload/package.zip";
-static constexpr const char* FUSE_SIDELOAD_HOST_EXIT_FLAG = "exit";
-static constexpr const char* FUSE_SIDELOAD_HOST_EXIT_PATHNAME = "/sideload/exit";
 
 struct provider_vtab {
   // read a block

install.cpp

@@ -25,6 +25,7 @@
 #include <sys/stat.h>
 #include <sys/wait.h>
 #include <unistd.h>
+#include <setjmp.h>
 
 #include <algorithm>
 #include <atomic>
@@ -311,6 +312,12 @@ static void log_max_temperature(int* max_temperature, const std::atomic<bool>& l
   }
 }
 
+static jmp_buf jb;
+static void sig_bus(int)
+{
+    longjmp(jb, 1);
+}
+
 // If the package contains an update binary, extract it and run it.
 static int try_update_binary(const std::string& package, ZipArchiveHandle zip, bool* wipe_cache,
                              std::vector<std::string>* log_buffer, int retry_count,
@@ -732,10 +739,21 @@ bool verify_package(const unsigned char* package_data, size_t package_size) {
   // Verify package.
   ui->Print("Verifying update package...\n");
   auto t0 = std::chrono::system_clock::now();
-  int err = verify_file(package_data, package_size, loadedKeys,
-                        std::bind(&RecoveryUI::SetProgress, ui, std::placeholders::_1));
-  std::chrono::duration<double> duration = std::chrono::system_clock::now() - t0;
-  ui->Print("Update package verification took %.1f s (result %d).\n", duration.count(), err);
+  int err;
+  // Because we mmap() the update file which is backed by FUSE, we get
+  // SIGBUS when the host aborts the transfer.  We handle this by using
+  // setjmp/longjmp.
+  signal(SIGBUS, sig_bus);
+  if (setjmp(jb) == 0) {
+    err = verify_file(package_data, package_size, loadedKeys,
+                      std::bind(&RecoveryUI::SetProgress, ui, std::placeholders::_1));
+    std::chrono::duration<double> duration = std::chrono::system_clock::now() - t0;
+    ui->Print("Update package verification took %.1f s (result %d).\n", duration.count(), err);
+  } else {
+    err = VERIFY_FAILURE;
+  }
+  signal(SIGBUS, SIG_DFL);
+
   if (err != VERIFY_SUCCESS) {
     LOG(ERROR) << "Signature verification failed";
     LOG(ERROR) << "error: " << kZipVerificationFailure;

recovery.cpp

@@ -1,4 +1,4 @@
-/*
+ /*
  * Copyright (C) 2007 The Android Open Source Project
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
@@ -1239,7 +1239,15 @@ refresh:
             break;
         }
         if (chosen == item_sideload) {
-            status = apply_from_adb(wipe_cache, TEMPORARY_INSTALL_FILE);
+            static const char* headers[] = { "ADB Sideload", nullptr };
+            static const char* list[] = { "Cancel sideload", nullptr };
+
+            start_sideload(wipe_cache, TEMPORARY_INSTALL_FILE);
+            int item = get_menu_selection(headers, list, 0, 0, device);
+            if (item != Device::kNoAction) {
+                stop_sideload();
+            }
+            status = wait_sideload();
         }
         else {
             status = apply_from_storage(device, volumes[chosen - 1], wipe_cache);
@@ -1316,14 +1324,16 @@ static Device::BuiltinAction prompt_and_wait(Device* device, int status) {
             }
           }
 
-          if (status != INSTALL_SUCCESS) {
-            ui->SetBackground(RecoveryUI::ERROR);
-            ui->Print("Installation aborted.\n");
-            copy_logs();
-          } else if (!ui->IsTextVisible()) {
-            return Device::NO_ACTION;  // reboot if logs aren't visible
-          } else {
-            ui->Print("\nInstall complete.\n");
+          if (status > 0 && status != INSTALL_NONE) {
+            if (status != INSTALL_SUCCESS) {
+              ui->SetBackground(RecoveryUI::ERROR);
+              ui->Print("Installation aborted.\n");
+              copy_logs();
+            } else if (!ui->IsTextVisible()) {
+              return Device::NO_ACTION;  // reboot if logs aren't visible
+            } else {
+              ui->Print("\nInstall complete.\n");
+            }
           }
         }
         break;
@@ -1871,7 +1881,8 @@ int main(int argc, char **argv) {
     if (!sideload_auto_reboot) {
       ui->ShowText(true);
     }
-    status = apply_from_adb(&should_wipe_cache, TEMPORARY_INSTALL_FILE);
+    start_sideload(&should_wipe_cache, TEMPORARY_INSTALL_FILE);
+    status = wait_sideload();
     if (status == INSTALL_SUCCESS && should_wipe_cache) {
       if (!wipe_cache(false, device)) {
         status = INSTALL_ERROR;

ui.cpp

@@ -560,6 +560,14 @@ int RecoveryUI::WaitKey() {
   return key;
 }
 
+void RecoveryUI::CancelWaitKey()
+{
+    pthread_mutex_lock(&key_queue_mutex);
+    key_queue[key_queue_len++] = KEY_REFRESH;
+    pthread_cond_signal(&key_queue_cond);
+    pthread_mutex_unlock(&key_queue_mutex);
+}
+
 bool RecoveryUI::IsUsbConnected() {
   int fd = open("/sys/class/android_usb/android0/state", O_RDONLY);
   if (fd < 0) {

ui.h

@@ -134,6 +134,9 @@ class RecoveryUI {
   // Waits for a key and return it. May return -1 after timeout.
   virtual int WaitKey();
 
+    // Cancel a WaitKey()
+    virtual void CancelWaitKey();
+
   virtual bool IsKeyPressed(int key);
   virtual bool IsLongPress();