1*33f37583SAndroid Build Coastguard Worker#!/bin/bash 2*33f37583SAndroid Build Coastguard Worker 3*33f37583SAndroid Build Coastguard Worker# Copyright (C) 2018 The Android Open Source Project 4*33f37583SAndroid Build Coastguard Worker# 5*33f37583SAndroid Build Coastguard Worker# Licensed under the Apache License, Version 2.0 (the "License"); 6*33f37583SAndroid Build Coastguard Worker# you may not use this file except in compliance with the License. 7*33f37583SAndroid Build Coastguard Worker# You may obtain a copy of the License at 8*33f37583SAndroid Build Coastguard Worker# 9*33f37583SAndroid Build Coastguard Worker# http://www.apache.org/licenses/LICENSE-2.0 10*33f37583SAndroid Build Coastguard Worker# 11*33f37583SAndroid Build Coastguard Worker# Unless required by applicable law or agreed to in writing, software 12*33f37583SAndroid Build Coastguard Worker# distributed under the License is distributed on an "AS IS" BASIS, 13*33f37583SAndroid Build Coastguard Worker# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14*33f37583SAndroid Build Coastguard Worker# See the License for the specific language governing permissions and 15*33f37583SAndroid Build Coastguard Worker# limitations under the License. 16*33f37583SAndroid Build Coastguard Worker# 17*33f37583SAndroid Build Coastguard Worker 18*33f37583SAndroid Build Coastguard Workerif [[ -z ${ANDROID_BUILD_TOP} ]]; then 19*33f37583SAndroid Build Coastguard Worker echo "You need to source and lunch before you can use this script" 20*33f37583SAndroid Build Coastguard Worker exit 1 21*33f37583SAndroid Build Coastguard Workerfi 22*33f37583SAndroid Build Coastguard Worker 23*33f37583SAndroid Build Coastguard Workerecho "Running test" 24*33f37583SAndroid Build Coastguard Workerset -e # fail early 25*33f37583SAndroid Build Coastguard Worker 26*33f37583SAndroid Build Coastguard Workersource ${ANDROID_BUILD_TOP}/build/envsetup.sh 27*33f37583SAndroid Build Coastguard Workerm -j apexer 28*33f37583SAndroid Build Coastguard Workerexport APEXER_TOOL_PATH="${ANDROID_BUILD_TOP}/out/host/linux-x86/bin:${ANDROID_BUILD_TOP}/prebuilts/sdk/tools/linux/bin" 29*33f37583SAndroid Build Coastguard WorkerPATH+=":${ANDROID_BUILD_TOP}/prebuilts/sdk/tools/linux/bin" 30*33f37583SAndroid Build Coastguard Worker 31*33f37583SAndroid Build Coastguard Workerfor fs_type in ext4 f2fs erofs 32*33f37583SAndroid Build Coastguard Workerdo 33*33f37583SAndroid Build Coastguard Workerinput_dir=$(mktemp -d) 34*33f37583SAndroid Build Coastguard Workeroutput_dir=$(mktemp -d) 35*33f37583SAndroid Build Coastguard Worker 36*33f37583SAndroid Build Coastguard Workerfunction cleanup { 37*33f37583SAndroid Build Coastguard Worker sudo umount /dev/loop10 38*33f37583SAndroid Build Coastguard Worker sudo losetup --detach /dev/loop10 39*33f37583SAndroid Build Coastguard Worker 40*33f37583SAndroid Build Coastguard Worker rm -rf ${input_dir} 41*33f37583SAndroid Build Coastguard Worker rm -rf ${output_dir} 42*33f37583SAndroid Build Coastguard Worker} 43*33f37583SAndroid Build Coastguard Worker 44*33f37583SAndroid Build Coastguard Workertrap cleanup ERR 45*33f37583SAndroid Build Coastguard Worker############################################# 46*33f37583SAndroid Build Coastguard Worker# prepare the inputs 47*33f37583SAndroid Build Coastguard Worker############################################# 48*33f37583SAndroid Build Coastguard Worker# Create the input directory having 3 files with random bits and a symlink from 49*33f37583SAndroid Build Coastguard Worker# ${input_dir}/sym1 -> ${input_dir}/file1 50*33f37583SAndroid Build Coastguard Workerhead -c 1M </dev/urandom > ${input_dir}/file1 51*33f37583SAndroid Build Coastguard Workerhead -c 1M </dev/urandom > ${input_dir}/file2 52*33f37583SAndroid Build Coastguard Workermkdir ${input_dir}/sub 53*33f37583SAndroid Build Coastguard Workerhead -c 1M </dev/urandom > ${input_dir}/sub/file3 54*33f37583SAndroid Build Coastguard Workerln -s file1 ${input_dir}/sym1 55*33f37583SAndroid Build Coastguard Worker 56*33f37583SAndroid Build Coastguard Worker# Create the APEX manifest file 57*33f37583SAndroid Build Coastguard Workermanifest_dir=$(mktemp -d) 58*33f37583SAndroid Build Coastguard Workermanifest_file=${manifest_dir}/apex_manifest.pb 59*33f37583SAndroid Build Coastguard Workerecho '{"name": "com.android.example.apex", "version": 1}' > ${manifest_dir}/apex_manifest.json 60*33f37583SAndroid Build Coastguard Worker${ANDROID_BUILD_TOP}/out/host/linux-x86/bin/conv_apex_manifest proto ${manifest_dir}/apex_manifest.json -o ${manifest_file} 61*33f37583SAndroid Build Coastguard Worker 62*33f37583SAndroid Build Coastguard Worker# Create the file_contexts file 63*33f37583SAndroid Build Coastguard Workerfile_contexts_file=$(mktemp) 64*33f37583SAndroid Build Coastguard Workerecho ' 65*33f37583SAndroid Build Coastguard Worker(/.*)? u:object_r:root_file:s0 66*33f37583SAndroid Build Coastguard Worker/sub(/.*)? u:object_r:sub_file:s0 67*33f37583SAndroid Build Coastguard Worker/sub/file3 u:object_r:file3_file:s0 68*33f37583SAndroid Build Coastguard Worker' > ${file_contexts_file} 69*33f37583SAndroid Build Coastguard Worker 70*33f37583SAndroid Build Coastguard Workercanned_fs_config_file=$(mktemp) 71*33f37583SAndroid Build Coastguard Workerecho '/ 1000 1000 0644 72*33f37583SAndroid Build Coastguard Worker/apex_manifest.pb 1000 1000 0644 73*33f37583SAndroid Build Coastguard Worker/file1 1001 1001 0644 74*33f37583SAndroid Build Coastguard Worker/file2 1001 1001 0644 75*33f37583SAndroid Build Coastguard Worker/sub 1002 1002 0644 76*33f37583SAndroid Build Coastguard Worker/sub/file3 1003 1003 0644 77*33f37583SAndroid Build Coastguard Worker/sym1 1001 1001 0644' > ${canned_fs_config_file} 78*33f37583SAndroid Build Coastguard Worker 79*33f37583SAndroid Build Coastguard Workeroutput_file=${output_dir}/test.apex 80*33f37583SAndroid Build Coastguard Worker 81*33f37583SAndroid Build Coastguard Worker############################################# 82*33f37583SAndroid Build Coastguard Worker# run the tool 83*33f37583SAndroid Build Coastguard Worker############################################# 84*33f37583SAndroid Build Coastguard Worker${ANDROID_HOST_OUT}/bin/apexer --verbose --manifest ${manifest_file} \ 85*33f37583SAndroid Build Coastguard Worker --file_contexts ${file_contexts_file} \ 86*33f37583SAndroid Build Coastguard Worker --canned_fs_config ${canned_fs_config_file} \ 87*33f37583SAndroid Build Coastguard Worker --payload_fs_type ${fs_type} \ 88*33f37583SAndroid Build Coastguard Worker --key ${ANDROID_BUILD_TOP}/system/apex/apexer/testdata/com.android.example.apex.pem \ 89*33f37583SAndroid Build Coastguard Worker --android_jar_path ${ANDROID_BUILD_TOP}/prebuilts/sdk/current/public/android.jar \ 90*33f37583SAndroid Build Coastguard Worker ${input_dir} ${output_file} 91*33f37583SAndroid Build Coastguard Worker 92*33f37583SAndroid Build Coastguard Worker############################################# 93*33f37583SAndroid Build Coastguard Worker# check the result 94*33f37583SAndroid Build Coastguard Worker############################################# 95*33f37583SAndroid Build Coastguard Workeroffset=$(zipalign -v -c 4096 ${output_file} | grep apex_payload.img | tr -s ' ' | cut -d ' ' -f 2) 96*33f37583SAndroid Build Coastguard Worker 97*33f37583SAndroid Build Coastguard Workerunzip ${output_file} apex_payload.img -d ${output_dir} 98*33f37583SAndroid Build Coastguard Workersize=$(avbtool info_image --image ${output_dir}/apex_payload.img | awk '/Image size:/{print $3}') 99*33f37583SAndroid Build Coastguard Worker 100*33f37583SAndroid Build Coastguard Worker 101*33f37583SAndroid Build Coastguard Worker# test if it is mountable 102*33f37583SAndroid Build Coastguard Workermkdir ${output_dir}/mnt 103*33f37583SAndroid Build Coastguard Workersudo losetup -o ${offset} --sizelimit ${size} /dev/loop10 ${output_file} 104*33f37583SAndroid Build Coastguard Workersudo mount -o ro /dev/loop10 ${output_dir}/mnt 105*33f37583SAndroid Build Coastguard Workerunzip ${output_file} apex_manifest.pb -d ${output_dir} 106*33f37583SAndroid Build Coastguard Worker 107*33f37583SAndroid Build Coastguard Worker# verify vbmeta 108*33f37583SAndroid Build Coastguard Workeravbtool verify_image --image ${output_dir}/apex_payload.img \ 109*33f37583SAndroid Build Coastguard Worker--key ${ANDROID_BUILD_TOP}/system/apex/apexer/testdata/com.android.example.apex.pem 110*33f37583SAndroid Build Coastguard Worker 111*33f37583SAndroid Build Coastguard Worker# check the contents 112*33f37583SAndroid Build Coastguard Workersudo diff ${manifest_file} ${output_dir}/mnt/apex_manifest.pb 113*33f37583SAndroid Build Coastguard Workersudo diff ${manifest_file} ${output_dir}/apex_manifest.pb 114*33f37583SAndroid Build Coastguard Workersudo diff ${input_dir}/file1 ${output_dir}/mnt/file1 115*33f37583SAndroid Build Coastguard Workersudo diff ${input_dir}/file2 ${output_dir}/mnt/file2 116*33f37583SAndroid Build Coastguard Workersudo diff ${input_dir}/sub/file3 ${output_dir}/mnt/sub/file3 117*33f37583SAndroid Build Coastguard Worker[ `sudo readlink ${output_dir}/mnt/sym1` = "file1" ] 118*33f37583SAndroid Build Coastguard Worker 119*33f37583SAndroid Build Coastguard Worker# check the uid/gid/type/mod 120*33f37583SAndroid Build Coastguard Worker[ `sudo stat -c '%u,%g,%A' ${output_dir}/mnt/file1` = "1001,1001,-rw-r--r--" ] 121*33f37583SAndroid Build Coastguard Worker[ `sudo stat -c '%u,%g,%A' ${output_dir}/mnt/file2` = "1001,1001,-rw-r--r--" ] 122*33f37583SAndroid Build Coastguard Worker[ `sudo stat -c '%u,%g,%A' ${output_dir}/mnt/sub` = "1002,1002,drw-r--r--" ] 123*33f37583SAndroid Build Coastguard Worker[ `sudo stat -c '%u,%g,%A' ${output_dir}/mnt/sub/file3` = "1003,1003,-rw-r--r--" ] 124*33f37583SAndroid Build Coastguard Worker[ `sudo stat -c '%u,%g,%A' ${output_dir}/mnt/sym1` = "1001,1001,lrw-r--r--" ] 125*33f37583SAndroid Build Coastguard Worker[ `sudo stat -c '%u,%g,%A' ${output_dir}/mnt/apex_manifest.pb` = "1000,1000,-rw-r--r--" ] 126*33f37583SAndroid Build Coastguard Worker 127*33f37583SAndroid Build Coastguard Worker# check the selinux labels 128*33f37583SAndroid Build Coastguard Worker[ `sudo ls -Z ${output_dir}/mnt/file1 | cut -d ' ' -f 1` = "u:object_r:root_file:s0" ] 129*33f37583SAndroid Build Coastguard Worker[ `sudo ls -Z ${output_dir}/mnt/file2 | cut -d ' ' -f 1` = "u:object_r:root_file:s0" ] 130*33f37583SAndroid Build Coastguard Worker[ `sudo ls -d -Z ${output_dir}/mnt/sub/ | cut -d ' ' -f 1` = "u:object_r:sub_file:s0" ] 131*33f37583SAndroid Build Coastguard Worker[ `sudo ls -Z ${output_dir}/mnt/sub/file3 | cut -d ' ' -f 1` = "u:object_r:file3_file:s0" ] 132*33f37583SAndroid Build Coastguard Worker[ `sudo ls -Z ${output_dir}/mnt/apex_manifest.pb | cut -d ' ' -f 1` = "u:object_r:root_file:s0" ] 133*33f37583SAndroid Build Coastguard Worker[ `sudo ls -Z ${output_dir}/mnt/sym1 | cut -d ' ' -f 1` = "u:object_r:root_file:s0" ] 134*33f37583SAndroid Build Coastguard Worker 135*33f37583SAndroid Build Coastguard Worker# check the android manifest 136*33f37583SAndroid Build Coastguard Workeraapt dump xmltree ${output_file} AndroidManifest.xml 137*33f37583SAndroid Build Coastguard Worker 138*33f37583SAndroid Build Coastguard Workerecho "Passed for ${fs_type}" 139*33f37583SAndroid Build Coastguard Workercleanup 140*33f37583SAndroid Build Coastguard Workerdone 141*33f37583SAndroid Build Coastguard Worker 142*33f37583SAndroid Build Coastguard Workerecho "Passed for all fs types" 143