Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_update_engine / 199152d68931cbbffa8b4e3cb34b2ef70c19e8b6^! / . / omaha_response_handler_action.cc
commit199152d68931cbbffa8b4e3cb34b2ef70c19e8b6[log] [tgz]
authorMarton Hunyady <hunyadym@chromium.org>Mon May 07 19:08:48 2018 +0200
committerchrome-bot <chrome-bot@chromium.org>Mon May 14 15:32:51 2018 -0700
tree68c1cad6d5daea07e177cace968c578e96c49133
parent3978dddfac37ddbb5c1690e399ba474f32c70294 [diff] [blame]
update_engine: Process Omaha response for rollback images

Omaha returns whether the image returned is a rollback in the
_rollback="true" argument. If this is set, the client has to check
whether it's OK to apply the rollback image (policy is specifically
requesting a rollback and verified boot will accept the image based
on its kernel and firmware key versions).

In addition to this, the device has to do a safe powerwash if the
image is a rollback. (We're not supporting rollbacks with partial
or no powerwash yet.)

We're also setting the rollback_happened preference to avoid force
updates happening before the policy is available again.

Chromium CL adding the error code: http://crrev.com/c/1047866

BUG=chromium:840432
TEST='cros_run_unit_tests --board=caroline --packages update_engine'

Change-Id: I1436ca96211b2a8523e78bf83602ef8b6b525570
Reviewed-on: https://chromium-review.googlesource.com/1047610
Commit-Ready: Marton Hunyady <hunyadym@chromium.org>
Tested-by: Marton Hunyady <hunyadym@chromium.org>
Reviewed-by: Amin Hassani <ahassani@chromium.org>

diff --git a/omaha_response_handler_action.cc b/omaha_response_handler_action.cc
index f1a3310..3007f29 100644
--- a/omaha_response_handler_action.cc
+++ b/omaha_response_handler_action.cc

@@ -140,6 +140,26 @@
   system_state_->prefs()->SetString(current_channel_key,
                                     params->download_channel());
 
+  // Checking whether device is able to boot up the returned rollback image.
+  if (response.is_rollback) {
+    if (!params->rollback_allowed()) {
+      LOG(ERROR) << "Received rollback image but rollback is not allowed.";
+      completer.set_code(ErrorCode::kOmahaResponseInvalid);
+      return;
+    }
+    auto min_kernel_key_version = static_cast<uint32_t>(
+        system_state_->hardware()->GetMinKernelKeyVersion());
+    auto min_firmware_key_version = static_cast<uint32_t>(
+        system_state_->hardware()->GetMinFirmwareKeyVersion());
+    if (response.kernel_version < min_kernel_key_version ||
+        response.firmware_version < min_firmware_key_version) {
+      LOG(ERROR) << "Device won't be able to boot up the rollback image.";
+      completer.set_code(ErrorCode::kRollbackNotPossible);
+      return;
+    }
+    install_plan_.is_rollback = true;
+  }
+
   if (params->ShouldPowerwash())
     install_plan_.powerwash_required = true;