Support per-partition timestamps
update_engine is heading toward supporting partial updates, which an OTA
update can update just a subset of all partitions. In this context, a
single max_timestamp in OTA manifest is insufficient for checking
potential downgrades, as different partitions can have different
timestamps. This CL adds per-partition timestamp support on
update_engine side. update_engine will accept a payload with
per-partition timestamps and reject the update if any partition has an
older timestamp.
Changes made:
1. Add new version field to PartitionUpdate protobuf message.
2. Add new methods to HardwareInterface for fetching/checking
timestamp of each partition.
3. Update delta_performer to invoke new APIs in 2 properly.
4. Add relevant testcases.
Test: unittest
Bug: 162553432
Change-Id: I767343e003fd35ce0d22197b15040488cf30be30
diff --git a/payload_consumer/delta_performer.h b/payload_consumer/delta_performer.h
index 2d1768d..0718ef6 100644
--- a/payload_consumer/delta_performer.h
+++ b/payload_consumer/delta_performer.h
@@ -49,6 +49,12 @@
// This class performs the actions in a delta update synchronously. The delta
// update itself should be passed in in chunks as it is received.
+enum class TimestampCheckResult {
+ SUCCESS,
+ FAILURE,
+ DOWNGRADE,
+};
+
class DeltaPerformer : public FileWriter {
public:
// Defines the granularity of progress logging in terms of how many "completed
@@ -310,6 +316,10 @@
// Also see comment for the static PreparePartitionsForUpdate().
bool PreparePartitionsForUpdate(uint64_t* required_size);
+ // Check if current manifest contains timestamp errors. (ill-formed or
+ // downgrade)
+ TimestampCheckResult CheckTimestampError() const;
+
// Update Engine preference store.
PrefsInterface* prefs_;