1 /* 2 * Copyright (C) 2017 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #pragma once 18 19 #include <functional> 20 #include <map> 21 #include <string> 22 #include <vector> 23 24 #include <snapuserd/snapuserd_client.h> 25 #include "otautil/rangeset.h" 26 27 // The update verifier performs verification upon the first boot to a new slot on A/B devices. 28 // During the verification, it reads all the blocks in the care_map. And if a failure happens, 29 // it rejects the current boot and triggers a fallback. 30 31 // Note that update_verifier should be backward compatible to not reject care_map.txt from old 32 // releases, which could otherwise fail to boot into the new release. For example, we've changed 33 // the care_map format between N and O. An O update_verifier would fail to work with N care_map.txt. 34 // This could be a result of sideloading an O OTA while the device having a pending N update. 35 int update_verifier(int argc, char** argv); 36 37 // The UpdateVerifier parses the content in the care map, and continues to verify the 38 // partitions by reading the cared blocks if there's no format error in the file. Otherwise, 39 // it should skip the verification to avoid bricking the device. 40 class UpdateVerifier { 41 public: 42 UpdateVerifier(); 43 44 // This function tries to process the care_map.pb as protobuf message; and falls back to use 45 // care_map.txt if the pb format file doesn't exist. If the parsing succeeds, put the result 46 // of the pair <partition_name, ranges> into the |partition_map_|. 47 bool ParseCareMap(); 48 49 // Verifies the new boot by reading all the cared blocks for partitions in |partition_map_|. 50 bool VerifyPartitions(); 51 52 private: 53 friend class UpdateVerifierTest; 54 // Finds all the dm-enabled partitions, and returns a map of <partition_name, block_device>. 55 std::map<std::string, std::string> FindDmPartitions(); 56 57 // Returns true if we successfully read the blocks in |ranges| of the |dm_block_device|. 58 bool ReadBlocks(const std::string partition_name, const std::string& dm_block_device, 59 const RangeSet& ranges); 60 61 // Functions to override the care_map_prefix_ and property_reader_, used in test only. 62 void set_care_map_prefix(const std::string& prefix); 63 void set_property_reader(const std::function<std::string(const std::string&)>& property_reader); 64 65 std::map<std::string, RangeSet> partition_map_; 66 // The path to the care_map excluding the filename extension; default value: 67 // "/data/ota_package/care_map" 68 std::string care_map_prefix_; 69 70 // The function to read the device property; default value: android::base::GetProperty() 71 std::function<std::string(const std::string&)> property_reader_; 72 73 // Check if snapuserd daemon has already completed the update verification 74 // Applicable only for VABC with userspace snapshots 75 bool CheckVerificationStatus(); 76 }; 77