diff --git a/services/include/updater/updater_const.h b/services/include/updater/updater_const.h index 0d327718ac114e364a45fc693aa674345de65411..38cb92de17553a5f99e9df783305f01c24182bec 100644 --- a/services/include/updater/updater_const.h +++ b/services/include/updater/updater_const.h @@ -32,7 +32,6 @@ constexpr const char *UPDATER_STAGE_LOG = "/data/updater/log/updater_stage_log"; constexpr const char *UPDATER_LOG_FILE = "updater_log"; constexpr const char *UPDATER_STAGE_FILE = "updater_stage_log"; constexpr const char *UPDATER_PATH = "/data/updater"; -constexpr const char *SYS_INSTALLER_PATH = "/mnt/sys_installer"; constexpr const char *UPDATER_LOCALE_FILE = "locale"; constexpr const char *UPDATER_RESULT_FILE = "updater_result"; constexpr const char *MODULE_UPDATE_RESULT_FILE = "module_update_result"; diff --git a/services/updater.cpp b/services/updater.cpp index 85ccc6ba8dbe15247c78e958d468c1e2c06eb43d..fc32733c9918a213e33ec110954b002da737a884 100644 --- a/services/updater.cpp +++ b/services/updater.cpp @@ -279,6 +279,12 @@ __attribute__((weak)) bool PreStartBinaryEntry([[maybe_unused]] const std::strin return true; } +__attribute__((weak)) bool EnableCodeSignForBinary([[maybe_unused]] const std::string &fullPath) +{ + LOG(INFO) << "no need to enable code sign for binary"; + return true; +} + float g_progressRatio = 1.0; void SetTotalProgressRatio(float ratio) @@ -716,15 +722,17 @@ UpdaterStatus StartUpdaterProc(PkgManager::PkgManagerPtr pkgManager, UpdaterPara UPDATER_LAST_WORD(UPDATE_ERROR, "Create pipe failed"); return UPDATE_ERROR; } - int pipeRead = pfd[0]; int pipeWrite = pfd[1]; std::string fullPath = GetFullPath(pkgManager, upParams); - #ifdef WITH_SELINUX Restorecon(fullPath.c_str()); #endif // WITH_SELINUX - + if (!EnableCodeSignForBinary(fullPath)) { + LOG(ERROR) << "Failed to sign for binary"; + UPDATER_LAST_WORD(UPDATE_ERROR, "Failed to sign for binary"); + return UPDATE_ERROR; + } pid_t pid = fork(); if (pid < 0) { ERROR_CODE(CODE_FORK_FAIL); @@ -734,7 +742,6 @@ UpdaterStatus StartUpdaterProc(PkgManager::PkgManagerPtr pkgManager, UpdaterPara close(pipeWrite); return UPDATE_ERROR; } - if (pid == 0) { // child #ifdef WITH_SELINUX setcon("u:r:updater_binary:s0"); @@ -742,7 +749,6 @@ UpdaterStatus StartUpdaterProc(PkgManager::PkgManagerPtr pkgManager, UpdaterPara close(pipeRead); // close read endpoint ExcuteSubProc(upParams, fullPath, pipeWrite); } - upParams.binaryPid = pid; close(pipeWrite); // close write endpoint bool retryUpdate = false; @@ -750,7 +756,6 @@ UpdaterStatus StartUpdaterProc(PkgManager::PkgManagerPtr pkgManager, UpdaterPara UPDATER_LAST_WORD(UPDATE_ERROR, "HandlePipeMsg failed"); return UPDATE_ERROR; } - return CheckProcStatus(upParams, retryUpdate); } @@ -760,6 +765,6 @@ std::string GetWorkPath() return G_WORK_PATH; } - return std::string(SYS_INSTALLER_PATH) + "/"; + return std::string(UPDATER_PATH) + "/"; } } // namespace Updater diff --git a/services/updater_main.h b/services/updater_main.h index bd1cc22f48641b0a9651af6706ae72215292bc60..c8a430c944f91a586c0227655c5ecdc39b80bd0f 100644 --- a/services/updater_main.h +++ b/services/updater_main.h @@ -94,6 +94,7 @@ UpdaterStatus NotifyActionResult(UpdaterParams &upParams, UpdaterStatus &status, const std::vector ¬ifyActionVec); UpdaterStatus UpdateSubPkg(UpdaterParams &upParams); void NotifyPreCheck(UpdaterStatus &status, UpdaterParams &upParams); +bool EnableCodeSignForBinary([[maybe_unused]] const std::string &fullPath); #ifdef __cplusplus #if __cplusplus }