fuchsia.paver

PROTOCOLS

PayloadStream

Defined in fuchsia.paver/paver.fidl

Protocol for streaming the FVM payload.

RegisterVmo

Registers a VMO to stream into.

Request

NameType
vmo handle<vmo>

Response

NameType
status zx/status

ReadData

Reads data into the pre-registered vmo.

Request

NameType

Response

NameType
result ReadResult

Paver

Defined in fuchsia.paver/paver.fidl

Protocol for managing boot partitions.

Most of the protocol methods rely on auto-discovery of the storage device which will be paved. If the device has no pre-initialized storage devices or multiple, the methods will fail. For devices with dynamic partitions (i.e. GPT), |InitializePartitionTables| and |WipeVolumes| can be used to control which device is paved to.

InitializeAbr

Initializes ABR metadata. Should only be called to initialize ABR metadata for the first time (i.e. it should not be called every boot), or recover from corrupted ABR metadata.

Returns ZX_ERR_NOT_SUPPORTED if A/B partition scheme is not supported and we always boot from configuration A.

Request

NameType

Response

NameType
status zx/status

QueryActiveConfiguration

Queries active configuration.

Returns ZX_ERR_NOT_SUPPORTED if A/B partition scheme is not supported and we always boot from configuration A.

Request

NameType

Response

NameType
result Paver_QueryActiveConfiguration_Result

QueryConfigurationStatus

Queries status of |configuration|.

Returns ZX_ERR_INVALID_ARGS if Configuration.RECOVERY is passed in via |configuration|.

Request

NameType
configuration Configuration

Response

NameType
result Paver_QueryConfigurationStatus_Result

SetConfigurationActive

Updates persistent metadata identifying which configuration should be selected as 'primary' for booting purposes. Should only be called after KERNEL as well as optional VERIFIED_BOOT_METADATA assets for specified configuration were written successfully.

Returns ZX_ERR_INVALID_ARGS if Configuration.RECOVERY is passed in via |configuration|.

Request

NameType
configuration Configuration

Response

NameType
status zx/status

SetConfigurationUnbootable

Updates persistent metadata identifying whether |configuration| is bootable. Should only be called in the following situations:

  • Before KERNEL as well as optional VERIFIED_BOOT_METADATA assets for specified |configuration| are written.
  • After successfully booting from a new configuration and marking it healthy. This method would be then called on the old configuration.
  • After "successfully" booting from a new configuration, but encountering an unrecoverable error during health check. This method would be then called on the new configuration.

If the configuration is unbootable, no action is taken.

Returns ZX_ERR_INVALID_ARGS if Configuration.RECOVERY is passed in via |configuration|.

Request

NameType
configuration Configuration

Response

NameType
status zx/status

SetActiveConfigurationHealthy

Updates persistent metadata identifying that active configuration is stable. Used to signal "rollback to previous slot" logic is not needed anymore. Meant to be called in subsequent boot attempt after SetActiveConfiguration was called. Will return error if active configuration is currently unbootable.

If the configuration is already marked healthy, no action is taken.

Returns ZX_ERR_NOT_SUPPORTED if A/B partition scheme is not supported.

Request

NameType

Response

NameType
status zx/status

ReadAsset

Reads partition corresponding to |configuration| and |asset| into a vmo and returns it.

Request

NameType
configuration Configuration
asset Asset

Response

NameType
result Paver_ReadAsset_Result

WriteAsset

Writes partition corresponding to configuration and asset with data from payload. payload may need to be resized to the partition size, so the provided vmo must have been created with ZX_VMO_RESIZABLE or must be a child VMO that was created with ZX_VMO_CHILD_RESIZABLE. Will zero out rest of the partition if payload is smaller than the size of the partition being written.

Returns ZX_ERR_INVALID_ARGS if configuration specifies active configuration.

Request

NameType
configuration Configuration
asset Asset
payload fuchsia.mem/Buffer

Response

NameType
status zx/status

WriteVolumes

Writes FVM with data from streamed via payload. This potentially affects all configurations.

Request

NameType
payload request<PayloadStream>

Response

NameType
status zx/status

WriteBootloader

Writes bootloader partition with data from payload.

payload may need to be resized to the partition size, so the provided vmo must have been created with ZX_VMO_RESIZABLE or must be a child VMO that was created with ZX_VMO_CHILD_RESIZABLE.

Request

NameType
payload fuchsia.mem/Buffer

Response

NameType
status zx/status

WriteDataFile

Writes /data/filename with data from payload. Overwrites file if it already exists.

Request

NameType
filename string[4096]
payload fuchsia.mem/Buffer

Response

NameType
status zx/status

WipeVolume

Wipes the FVM partition from the device. Should not be confused with factory reset, which is less intrusive.

Notable use cases include recovering from corrupted FVM as well as setting device to a "clean" state for automation.

If |block_device| is not provided, the paver will perform a search for the the FVM. If multiple block devices have valid GPT, |block_device| can be provided to specify which one to target. It assumed that channel backing |block_device| also implements fuchsia.io.Node for now.

On success, returns a channel to the initialized FVM volume.

Request

NameType
block_device request<fuchsia.hardware.block/Block>?

Response

NameType
result Paver_WipeVolume_Result

InitializePartitionTables

Initializes GPT on given block device and then adds an FVM partition.

|gpt_block_device| specifies the block device to use. It assumed that channel backing |gpt_block_device| also implements fuchsia.io.Node for now.

Request

NameType
gpt_block_device request<fuchsia.hardware.block/Block>

Response

NameType
status zx/status

WipePartitionTables

Wipes all entries from the partition table of the specified block device. Currently only supported on devices with a GPT.

If |block_device| is not provided, the paver will perform a search for the the FVM. If multiple block devices have valid GPT, |block_device| can be provided to specify which one to target. It assumed that channel backing |block_device| also implements fuchsia.io.Node for now.

WARNING: This API may destructively remove non-fuchsia maintained partitions from the block device.

Request

NameType
block_device request<fuchsia.hardware.block/Block>?

Response

NameType
status zx/status

STRUCTS

Paver_QueryActiveConfiguration_Response

generated

NameTypeDescriptionDefault
configuration Configuration No default

Paver_QueryConfigurationStatus_Response

generated

NameTypeDescriptionDefault
status ConfigurationStatus No default

Paver_ReadAsset_Response

generated

NameTypeDescriptionDefault
asset fuchsia.mem/Buffer No default

Paver_WipeVolume_Response

generated

NameTypeDescriptionDefault
volume request<fuchsia.hardware.block/Block> No default

ReadInfo

Defined in fuchsia.paver/paver.fidl

NameTypeDescriptionDefault
offset zx/off

Offset into VMO where read data starts.

No default
size uint64

Size of read data.

No default

ENUMS

Configuration

Type: uint32

Defined in fuchsia.paver/paver.fidl

Describes the version of an asset.

NameValueDescription
A 1
B 2
RECOVERY 3

Asset

Type: uint32

Defined in fuchsia.paver/paver.fidl

Describes assets which may be updated. Each asset has 3 versions, each tied to a particular configuration.

NameValueDescription
KERNEL 1

Zircon Boot Image (ZBI) containing the kernel image as well as bootfs.

VERIFIED_BOOT_METADATA 2

Metadata used for verified boot purposes.

ConfigurationStatus

Type: uint32

Defined in fuchsia.paver/paver.fidl

Set of states configuration may be in.

NameValueDescription
HEALTHY 1

Bootable and health checked.

PENDING 2

Bootable but not yet marked healthy.

UNBOOTABLE 3

Unbootable.

UNIONS

Paver_QueryActiveConfiguration_Result

generated

NameTypeDescription
response Paver_QueryActiveConfiguration_Response
err zx/status

Paver_QueryConfigurationStatus_Result

generated

NameTypeDescription
response Paver_QueryConfigurationStatus_Response
err zx/status

Paver_ReadAsset_Result

generated

NameTypeDescription
response Paver_ReadAsset_Response
err zx/status

Paver_WipeVolume_Result

generated

NameTypeDescription
response Paver_WipeVolume_Response
err zx/status

ReadResult

Defined in fuchsia.paver/paver.fidl

NameTypeDescription
err zx/status

Error encountered while reading data.

eof bool

End of file reached.

info ReadInfo

Information about location of successfully read data within pre-registered VMO.