Fix verity discarded bug If update_engine opens CowWriterFileDescriptor w/o writing anything, data past the resume label is readable while fd is open, but will be discarded once the fd is closed. Such "phantom read" causes inconsistency. This CL contains two changes to address the above bug: 1. When device reboots after update, all I/O are served by snapuserd. update_engine should use snapuserd for verification to emulate bahvior of device after reboot. 2. When a CowWriterFd is opened, don't call Finalize() if no verity is written. Since past-the-end data is discarded when we call Finalize() Test: th Bug: 186196758 Change-Id: Ia1d31b671c16fded7319677fe0397f1288457201

commit: 9105f4baeb254e45117ab91c396f0d45a4c8b9ca [log] [tgz]
author: Kelvin Zhang <zhangkelvin@google.com> Mon Apr 26 13:44:49 2021 -0400
committer: Kelvin Zhang <zhangkelvin@google.com> Thu May 06 09:58:11 2021 -0400
tree: ee2709f66298be280e0a51c524e2f2777e7dbbbe
parent: a9b5d8c8eec4534c3433466fc6766ede675d16ce [diff] [blame]
diff --git a/common/hash_calculator.cc b/common/hash_calculator.cc
index d010a53..60812d5 100644
--- a/common/hash_calculator.cc
+++ b/common/hash_calculator.cc

@@ -95,6 +95,11 @@
   return RawHashOfBytes(data.data(), data.size(), out_hash);
 }
 
+bool HashCalculator::RawHashOfFile(const string& name, brillo::Blob* out_hash) {
+  const auto file_size = utils::FileSize(name);
+  return RawHashOfFile(name, file_size, out_hash) == file_size;
+}
+
 off_t HashCalculator::RawHashOfFile(const string& name,
                                     off_t length,
                                     brillo::Blob* out_hash) {
commit	9105f4baeb254e45117ab91c396f0d45a4c8b9ca	[log] [tgz]
author	Kelvin Zhang <zhangkelvin@google.com>	Mon Apr 26 13:44:49 2021 -0400
committer	Kelvin Zhang <zhangkelvin@google.com>	Thu May 06 09:58:11 2021 -0400
tree	ee2709f66298be280e0a51c524e2f2777e7dbbbe
parent	a9b5d8c8eec4534c3433466fc6766ede675d16ce [diff] [blame]