Google Git
Sign in
android / platform / system / update_engine / 31d95ac85d294b2b1bfa293835013e66c010fbcf^! / . / boot_control_android.cc
commit31d95ac85d294b2b1bfa293835013e66c010fbcf[log] [tgz]
authorAlex Deymo <deymo@google.com>Thu Sep 17 11:56:18 2015 -0700
committerAlex Deymo <deymo@google.com>Fri Sep 18 08:44:14 2015 -0700
treec29408c3eac7f2af9c6baa3b75342640be70512f
parent145956092aa11984b55faa56865648f871b52fcd [diff] [blame]
Mark the active slot from update_engine instead of /postinstall.

In Chrome OS, we were reliying on the /postinst script to generate the
verity hashes and mark the new kernel as bootable. This means that we
also need to run /postinst from the other (not verified) slot when
doing a user-initiated rollback. The update_engine already interacts
with the bootloader via the BootControlInterface to mark the other slot
as unbootable and check if there are other slots available for
rollback.

This patch moves the responsibility of marking the new slot as bootable
from the /postinst script to the update_engine, introducing a new
SetActiveBootSlot() method in the BootControlInterface. Chrome OS
builds will continue to mark the new slot as active from /postinstall
in order to be compatible with old builds, resulting in the new slot
marked as active twice during a successful normal update.

Bug: 23523562
Test: cros flash and image to the new daemon; rolled it back

Change-Id: I02502d7b8e85523a6eb9a7721053739e8381d266

diff --git a/boot_control_android.cc b/boot_control_android.cc
index 43a1c18..7cf42b6 100644
--- a/boot_control_android.cc
+++ b/boot_control_android.cc

@@ -142,7 +142,8 @@
 
   const char* suffix = module_->getSuffix(module_, slot);
   if (suffix == nullptr) {
-    LOG(ERROR) << "boot_control impl returned no suffix for slot " << slot;
+    LOG(ERROR) << "boot_control impl returned no suffix for slot "
+               << SlotName(slot);
     return false;
   }
 
@@ -159,7 +160,7 @@
 bool BootControlAndroid::IsSlotBootable(Slot slot) const {
   int ret = module_->isSlotBootable(module_, slot);
   if (ret < 0) {
-    LOG(ERROR) << "Unable to determine if slot " << slot
+    LOG(ERROR) << "Unable to determine if slot " << SlotName(slot)
                << " is bootable: " << strerror(-ret);
     return false;
   }
@@ -169,13 +170,22 @@
 bool BootControlAndroid::MarkSlotUnbootable(Slot slot) {
   int ret = module_->setSlotAsUnbootable(module_, slot);
   if (ret < 0) {
-    LOG(ERROR) << "Unable to mark slot " << slot
+    LOG(ERROR) << "Unable to mark slot " << SlotName(slot)
                << " as bootable: " << strerror(-ret);
     return false;
   }
   return ret == 0;
 }
 
+bool BootControlAndroid::SetActiveBootSlot(Slot slot) {
+  int ret = module_->setActiveBootSlot(module_, slot);
+  if (ret < 0) {
+    LOG(ERROR) << "Unable to set the active slot to slot " << SlotName(slot)
+               << ": " << strerror(-ret);
+  }
+  return ret == 0;
+}
+
 bool BootControlAndroid::MarkBootSuccessfulAsync(
     base::Callback<void(bool)> callback) {
   int ret = module_->markBootSuccessful(module_);