Mark the active slot from update_engine instead of /postinstall.
In Chrome OS, we were reliying on the /postinst script to generate the
verity hashes and mark the new kernel as bootable. This means that we
also need to run /postinst from the other (not verified) slot when
doing a user-initiated rollback. The update_engine already interacts
with the bootloader via the BootControlInterface to mark the other slot
as unbootable and check if there are other slots available for
rollback.
This patch moves the responsibility of marking the new slot as bootable
from the /postinst script to the update_engine, introducing a new
SetActiveBootSlot() method in the BootControlInterface. Chrome OS
builds will continue to mark the new slot as active from /postinstall
in order to be compatible with old builds, resulting in the new slot
marked as active twice during a successful normal update.
Bug: 23523562
Test: cros flash and image to the new daemon; rolled it back
Change-Id: I02502d7b8e85523a6eb9a7721053739e8381d266
diff --git a/boot_control_chromeos.cc b/boot_control_chromeos.cc
index 5f8f74e..d9a38b0 100644
--- a/boot_control_chromeos.cc
+++ b/boot_control_chromeos.cc
@@ -126,8 +126,8 @@
}
LOG(INFO) << "Booted from slot " << current_slot_ << " (slot "
- << BootControlInterface::SlotName(current_slot_) << ") of "
- << num_slots_ << " slots present on disk " << boot_disk_name_;
+ << SlotName(current_slot_) << ") of " << num_slots_
+ << " slots present on disk " << boot_disk_name_;
return true;
}
@@ -172,8 +172,7 @@
}
bool BootControlChromeOS::MarkSlotUnbootable(Slot slot) {
- LOG(INFO) << "Marking slot " << BootControlInterface::SlotName(slot)
- << " unbootable";
+ LOG(INFO) << "Marking slot " << SlotName(slot) << " unbootable";
if (slot == current_slot_) {
LOG(ERROR) << "Refusing to mark current slot as unbootable.";
@@ -205,6 +204,48 @@
return true;
}
+bool BootControlChromeOS::SetActiveBootSlot(Slot slot) {
+ LOG(INFO) << "Marking slot " << SlotName(slot) << " active.";
+
+ int partition_num = GetPartitionNumber(kChromeOSPartitionNameKernel, slot);
+ if (partition_num < 0)
+ return false;
+
+ CgptPrioritizeParams prio_params;
+ memset(&prio_params, 0, sizeof(prio_params));
+
+ prio_params.drive_name = const_cast<char*>(boot_disk_name_.c_str());
+ prio_params.set_partition = partition_num;
+
+ prio_params.max_priority = 0;
+
+ int retval = CgptPrioritize(&prio_params);
+ if (retval != CGPT_OK) {
+ LOG(ERROR) << "Unable to set highest priority for slot " << SlotName(slot)
+ << " (partition " << partition_num << ").";
+ return false;
+ }
+
+ CgptAddParams add_params;
+ memset(&add_params, 0, sizeof(add_params));
+
+ add_params.drive_name = const_cast<char*>(boot_disk_name_.c_str());
+ add_params.partition = partition_num;
+
+ add_params.tries = 6;
+ add_params.set_tries = true;
+
+ retval = CgptSetAttributes(&add_params);
+ if (retval != CGPT_OK) {
+ LOG(ERROR) << "Unable to set NumTriesLeft to " << add_params.tries
+ << " for slot " << SlotName(slot) << " (partition "
+ << partition_num << ").";
+ return false;
+ }
+
+ return true;
+}
+
bool BootControlChromeOS::MarkBootSuccessfulAsync(
base::Callback<void(bool)> callback) {
return Subprocess::Get().Exec(