Merge "Ensure CancelUpdate() always works in recovery." into main am: c81f2e81a0 am: e7d3408be6 (b3188b66) · Commits · e / os / android_system_core

fs_mgr/libfiemap/binder.cpp

+4 −0

Original line number	Diff line number	Diff line
		@@ -62,6 +62,7 @@ class ImageManagerBinder final : public IImageManager {
		std::string* dev) override;
		FiemapStatus ZeroFillNewImage(const std::string& name, uint64_t bytes) override;
		bool RemoveAllImages() override;
		bool DisableAllImages() override;
		bool DisableImage(const std::string& name) override;
		bool RemoveDisabledImages() override;
		bool GetMappedImageDevice(const std::string& name, std::string* device) override;
		@@ -194,6 +195,9 @@ bool ImageManagerBinder::RemoveAllImages() {
		}
		return true;
		}
		bool ImageManagerBinder::DisableAllImages() {
		return true;
		}

		bool ImageManagerBinder::DisableImage(const std::string& name) {
		auto status = manager_->disableImage(name);

fs_mgr/libfiemap/image_manager.cpp

+17 −0

Original line number	Diff line number	Diff line
		@@ -655,6 +655,23 @@ bool ImageManager::RemoveAllImages() {
		return ok && RemoveAllMetadata(metadata_dir_);
		}

		bool ImageManager::DisableAllImages() {
		if (!MetadataExists(metadata_dir_)) {
		return true;
		}
		auto metadata = OpenMetadata(metadata_dir_);
		if (!metadata) {
		return false;
		}

		bool ok = true;
		for (const auto& partition : metadata->partitions) {
		auto partition_name = GetPartitionName(partition);
		ok &= DisableImage(partition_name);
		}
		return ok;
		}

		bool ImageManager::Validate() {
		auto metadata = OpenMetadata(metadata_dir_);
		if (!metadata) {

fs_mgr/libfiemap/include/libfiemap/image_manager.h

+5 −0

Original line number	Diff line number	Diff line
		@@ -127,6 +127,10 @@ class IImageManager {
		// Find and remove all images and metadata for this manager.
		virtual bool RemoveAllImages() = 0;

		// Finds and marks all images for deletion upon next reboot. This is used during recovery since
		// we cannot mount /data
		virtual bool DisableAllImages() = 0;

		virtual bool UnmapImageIfExists(const std::string& name);

		// Returns whether DisableImage() was called.
		@@ -158,6 +162,7 @@ class ImageManager final : public IImageManager {
		bool MapImageWithDeviceMapper(const IPartitionOpener& opener, const std::string& name,
		std::string* dev) override;
		bool RemoveAllImages() override;
		bool DisableAllImages() override;
		bool DisableImage(const std::string& name) override;
		bool RemoveDisabledImages() override;
		bool GetMappedImageDevice(const std::string& name, std::string* device) override;

fs_mgr/libsnapshot/include/libsnapshot/mock_snapshot.h

+1 −0

Original line number	Diff line number	Diff line
		@@ -63,6 +63,7 @@ class MockSnapshotManager : public ISnapshotManager {
		MOCK_METHOD(ISnapshotMergeStats*, GetSnapshotMergeStatsInstance, (), (override));
		MOCK_METHOD(std::string, ReadSourceBuildFingerprint, (), (override));
		MOCK_METHOD(void, SetMergeStatsFeatures, (ISnapshotMergeStats*), (override));
		MOCK_METHOD(bool, IsCancelUpdateSafe, (), (override));
		};

		} // namespace android::snapshot

fs_mgr/libsnapshot/include/libsnapshot/snapshot.h

+18 −6

Original line number	Diff line number	Diff line
		@@ -88,6 +88,13 @@ enum class CreateResult : unsigned int {
		NOT_CREATED,
		};

		enum class CancelResult : unsigned int {
		OK,
		ERROR,
		LIVE_SNAPSHOTS,
		NEEDS_MERGE,
		};

		class ISnapshotManager {
		public:
		// Dependency injection for testing.
		@@ -125,6 +132,10 @@ class ISnapshotManager {
		// Cancel an update; any snapshots will be deleted. This is allowed if the
		// state == Initiated, None, or Unverified (before rebooting to the new
		// slot).
		//
		// In recovery, it will cancel an update even if a merge is in progress.
		// Thus, it should only be called if a new OTA will be sideloaded. The
		// safety can be checked via IsCancelUpdateSafe().
		virtual bool CancelUpdate() = 0;

		// Mark snapshot writes as having completed. After this, new snapshots cannot
		@@ -301,6 +312,9 @@ class ISnapshotManager {

		// Return the associated ISnapshotMergeStats instance. Never null.
		virtual ISnapshotMergeStats* GetSnapshotMergeStatsInstance() = 0;

		// Return whether cancelling an update is safe. This is for use in recovery.
		virtual bool IsCancelUpdateSafe() = 0;
		};

		class SnapshotManager final : public ISnapshotManager {
		@@ -390,6 +404,7 @@ class SnapshotManager final : public ISnapshotManager {
		bool UnmapAllSnapshots() override;
		std::string ReadSourceBuildFingerprint() override;
		void SetMergeStatsFeatures(ISnapshotMergeStats* stats) override;
		bool IsCancelUpdateSafe() override;

		// We can't use WaitForFile during first-stage init, because ueventd is not
		// running and therefore will not automatically create symlinks. Instead,
		@@ -444,6 +459,7 @@ class SnapshotManager final : public ISnapshotManager {
		FRIEND_TEST(SnapshotUpdateTest, SpaceSwapUpdate);
		FRIEND_TEST(SnapshotUpdateTest, InterruptMergeDuringPhaseUpdate);
		FRIEND_TEST(SnapshotUpdateTest, MapAllSnapshotsWithoutSlotSwitch);
		FRIEND_TEST(SnapshotUpdateTest, CancelInRecovery);
		friend class SnapshotTest;
		friend class SnapshotUpdateTest;
		friend class FlashAfterUpdateTest;
		@@ -743,12 +759,8 @@ class SnapshotManager final : public ISnapshotManager {
		// Unmap a dm-user device for user space snapshots
		bool UnmapUserspaceSnapshotDevice(LockedFile* lock, const std::string& snapshot_name);

		// If there isn't a previous update, return true. \|needs_merge\| is set to false.
		// If there is a previous update but the device has not boot into it, tries to cancel the
		// update and delete any snapshots. Return true if successful. \|needs_merge\| is set to false.
		// If there is a previous update and the device has boot into it, do nothing and return true.
		// \|needs_merge\| is set to true.
		bool TryCancelUpdate(bool* needs_merge);
		CancelResult TryCancelUpdate();
		CancelResult IsCancelUpdateSafe(UpdateState state);

		// Helper for CreateUpdateSnapshots.
		// Creates all underlying images, COW partitions and snapshot files. Does not initialize them.