OLD | NEW |
1 // Copyright (c) 2009 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2009 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // Update file format: A delta update file contains all the deltas needed | 5 // Update file format: A delta update file contains all the deltas needed |
6 // to update a system from one specific version to another specific | 6 // to update a system from one specific version to another specific |
7 // version. The update format is represented by this struct pseudocode: | 7 // version. The update format is represented by this struct pseudocode: |
8 // struct delta_update_file { | 8 // struct delta_update_file { |
9 // char magic[4] = "CrAU"; | 9 // char magic[4] = "CrAU"; |
10 // uint32 file_format_version = 1; | 10 // uint32 file_format_version = 1; |
11 // uint64 manifest_size; // Size of protobuf DeltaArchiveManifest | 11 // uint64 manifest_size; // Size of protobuf DeltaArchiveManifest |
12 // // The Bzip2 compressed DeltaArchiveManifest | 12 // // The Bzip2 compressed DeltaArchiveManifest |
13 // char manifest[]; | 13 // char manifest[]; |
14 // | 14 // |
15 // // Data blobs for files, no specific format. The specific offset | 15 // // Data blobs for files, no specific format. The specific offset |
16 // // and length of each data blob is recorded in the DeltaArchiveManifest. | 16 // // and length of each data blob is recorded in the DeltaArchiveManifest. |
17 // struct { | 17 // struct { |
18 // char data[]; | 18 // char data[]; |
19 // } blobs[]; | 19 // } blobs[]; |
20 // | 20 // |
| 21 // // These two are not signed: |
| 22 // uint64 signatures_message_size; |
| 23 // char signatures_message[]; |
| 24 // |
21 // }; | 25 // }; |
22 | 26 |
23 // The DeltaArchiveManifest protobuf is an ordered list of InstallOperation | 27 // The DeltaArchiveManifest protobuf is an ordered list of InstallOperation |
24 // objects. These objects are stored in a linear array in the | 28 // objects. These objects are stored in a linear array in the |
25 // DeltaArchiveManifest. Each operation is applied in order by the client. | 29 // DeltaArchiveManifest. Each operation is applied in order by the client. |
26 | 30 |
27 // The DeltaArchiveManifest also contains the initial and final | 31 // The DeltaArchiveManifest also contains the initial and final |
28 // checksums for the device. | 32 // checksums for the device. |
29 | 33 |
30 // The client will perform each InstallOperation in order, beginning even | 34 // The client will perform each InstallOperation in order, beginning even |
(...skipping 18 matching lines...) Expand all Loading... |
49 // physical partition. An ordered list of extents is another | 53 // physical partition. An ordered list of extents is another |
50 // representation of an ordered list of blocks. For example, a file stored | 54 // representation of an ordered list of blocks. For example, a file stored |
51 // in blocks 9, 10, 11, 2, 18, 12 (in that order) would be stored in | 55 // in blocks 9, 10, 11, 2, 18, 12 (in that order) would be stored in |
52 // extents { {9, 3}, {2, 1}, {18, 1}, {12, 1} } (in that order). | 56 // extents { {9, 3}, {2, 1}, {18, 1}, {12, 1} } (in that order). |
53 // In general, files are stored sequentially on disk, so it's more efficient | 57 // In general, files are stored sequentially on disk, so it's more efficient |
54 // to use extents to encode the block lists (this is effectively | 58 // to use extents to encode the block lists (this is effectively |
55 // run-length encoding). | 59 // run-length encoding). |
56 // A sentinel value (kuint64max) as the start block denotes a sparse-hole | 60 // A sentinel value (kuint64max) as the start block denotes a sparse-hole |
57 // in a file whose block-length is specified by num_blocks. | 61 // in a file whose block-length is specified by num_blocks. |
58 | 62 |
| 63 // Signatures: Updates may be signed by the OS vendor. The client verifies |
| 64 // an update's signature by hashing the entire download. The section of the |
| 65 // download the contains the signature is at the end of the file, so when |
| 66 // signing a file, only the part up to the signature part is signed. |
| 67 // Then, the client looks inside the download's Signatures message for a |
| 68 // Signature message that it knows how to handle. Generally, a client will |
| 69 // only know how to handle one type of signature, but an update may contain |
| 70 // many signatures to support many different types of client. Then client |
| 71 // selects a Signature message and uses that, along with a known public key, |
| 72 // to verify the download. The public key is expected to be part of the |
| 73 // client. |
| 74 |
59 message Extent { | 75 message Extent { |
60 optional uint64 start_block = 1; | 76 optional uint64 start_block = 1; |
61 optional uint64 num_blocks = 2; | 77 optional uint64 num_blocks = 2; |
62 } | 78 } |
63 | 79 |
| 80 message Signatures { |
| 81 message Signature { |
| 82 optional uint32 version = 1; |
| 83 optional string data = 2; |
| 84 } |
| 85 repeated Signature signatures = 1; |
| 86 } |
| 87 |
64 message DeltaArchiveManifest { | 88 message DeltaArchiveManifest { |
65 message InstallOperation { | 89 message InstallOperation { |
66 enum Type { | 90 enum Type { |
67 REPLACE = 0; // Replace destination extents w/ attached data | 91 REPLACE = 0; // Replace destination extents w/ attached data |
68 REPLACE_BZ = 1; // Replace destination extents w/ attached bzipped data | 92 REPLACE_BZ = 1; // Replace destination extents w/ attached bzipped data |
69 MOVE = 2; // Move source extents to destination extents | 93 MOVE = 2; // Move source extents to destination extents |
70 BSDIFF = 3; // The data is a bsdiff binary diff | 94 BSDIFF = 3; // The data is a bsdiff binary diff |
71 } | 95 } |
72 required Type type = 1; | 96 required Type type = 1; |
73 // The offset into the delta file (after the protobuf) | 97 // The offset into the delta file (after the protobuf) |
(...skipping 13 matching lines...) Expand all Loading... |
87 // byte length of dst, not necessarily block aligned. It's only used for | 111 // byte length of dst, not necessarily block aligned. It's only used for |
88 // BSDIFF, because we need to fill in the rest of the last block | 112 // BSDIFF, because we need to fill in the rest of the last block |
89 // that bsdiff writes with '\0' bytes. | 113 // that bsdiff writes with '\0' bytes. |
90 optional uint64 dst_length = 7; | 114 optional uint64 dst_length = 7; |
91 } | 115 } |
92 repeated InstallOperation install_operations = 1; | 116 repeated InstallOperation install_operations = 1; |
93 repeated InstallOperation kernel_install_operations = 2; | 117 repeated InstallOperation kernel_install_operations = 2; |
94 | 118 |
95 // (At time of writing) usually 4096 | 119 // (At time of writing) usually 4096 |
96 optional uint32 block_size = 3 [default = 4096]; | 120 optional uint32 block_size = 3 [default = 4096]; |
| 121 |
| 122 // If signatures are present, the offset into the blobs, generally |
| 123 // tacked onto the end of the file. We use an offset rather than |
| 124 // a bool to allow for more flexibility in future file formats. |
| 125 // If this is absent, it means signatures aren't supported in this |
| 126 // file. |
| 127 optional uint64 signatures_offset = 4; |
97 } | 128 } |
OLD | NEW |