Zero out blocks that may be touched by dm-verity.
dm-verity may touch some blocks that are not in the care_map due to
block device read-ahead. It will fail if such blocks contain
non-zeroes. As a workaround, we mark them as extended blocks and
zero out explicitly to avoid dm-verity failures.
Bug: 20881595
Change-Id: Id097138bfd065c84eac088b3ad49758010b2927b
(cherry picked from commit 2fd2c9bfd6c9beeaeccb4632b785227fe56c6006)
diff --git a/tools/releasetools/common.py b/tools/releasetools/common.py
index 4bae9ca..701bb7c 100644
--- a/tools/releasetools/common.py
+++ b/tools/releasetools/common.py
@@ -1240,7 +1240,23 @@
script.AppendExtra('if range_sha1("%s", "%s") == "%s" then' % (
self.device, ranges_str,
self.tgt.TotalSha1(include_clobbered_blocks=True)))
- script.Print('Verified the updated %s image.' % (partition,))
+
+ # Bug: 20881595
+ # Verify that extended blocks are really zeroed out.
+ if self.tgt.extended:
+ ranges_str = self.tgt.extended.to_string_raw()
+ script.AppendExtra('if range_sha1("%s", "%s") == "%s" then' % (
+ self.device, ranges_str,
+ self._HashZeroBlocks(self.tgt.extended.size())))
+ script.Print('Verified the updated %s image.' % (partition,))
+ script.AppendExtra(
+ 'else\n'
+ ' abort("%s partition has unexpected non-zero contents after OTA '
+ 'update");\n'
+ 'endif;' % (partition,))
+ else:
+ script.Print('Verified the updated %s image.' % (partition,))
+
script.AppendExtra(
'else\n'
' abort("%s partition has unexpected contents after OTA update");\n'
@@ -1273,6 +1289,15 @@
return ctx.hexdigest()
+ def _HashZeroBlocks(self, num_blocks): # pylint: disable=no-self-use
+ """Return the hash value for all zero blocks."""
+ zero_block = '\x00' * 4096
+ ctx = sha1()
+ for _ in range(num_blocks):
+ ctx.update(zero_block)
+
+ return ctx.hexdigest()
+
# TODO(tbao): Due to http://b/20939131, block 0 may be changed without
# remounting R/W. Will change the checking to a finer-grained way to
# mask off those bits.