From b37d794351e3718683cd13238972cf79da7f6cdd Mon Sep 17 00:00:00 2001
From: Hongguang Chen <hgchen@google.com>
Date: Sun, 15 Mar 2020 21:09:21 -0700
Subject: Add more mounting options to updater mount function.

If enabling the oem partition, it will be mounted by updater before
reading product properties from it. To be safety, we want to enable AVB
to this oem partition. But this means the oem partition can never be
mounted to writable. Otherwise, that partition will be corrupted to AVB
verifying.
This change follows fs_mgr to allow to pass more mounting options to the
updater.

BUG: 150156957
Test: make ota package which mounts AVB oem partition to read only and
run OTA.

Change-Id: I2ebbe3c8ac53c70112f3fed2703fcba9170405a6
---
 updater/updater_runtime.cpp | 60 +++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 58 insertions(+), 2 deletions(-)

diff --git a/updater/updater_runtime.cpp b/updater/updater_runtime.cpp
index c4222a56e..b1b8863fd 100644
--- a/updater/updater_runtime.cpp
+++ b/updater/updater_runtime.cpp
@@ -43,10 +43,62 @@ std::string UpdaterRuntime::FindBlockDeviceName(const std::string_view name) con
   return std::string(name);
 }
 
+static struct {
+  const char* name;
+  unsigned flag;
+} mount_flags_list[] = {
+  { "noatime", MS_NOATIME },
+  { "noexec", MS_NOEXEC },
+  { "nosuid", MS_NOSUID },
+  { "nodev", MS_NODEV },
+  { "nodiratime", MS_NODIRATIME },
+  { "ro", MS_RDONLY },
+  { "rw", 0 },
+  { "remount", MS_REMOUNT },
+  { "bind", MS_BIND },
+  { "rec", MS_REC },
+  { "unbindable", MS_UNBINDABLE },
+  { "private", MS_PRIVATE },
+  { "slave", MS_SLAVE },
+  { "shared", MS_SHARED },
+  { "defaults", 0 },
+  { 0, 0 },
+};
+
+static bool setMountFlag(const std::string& flag, unsigned* mount_flags) {
+  for (const auto& [name, value] : mount_flags_list) {
+    if (flag == name) {
+      *mount_flags |= value;
+      return true;
+    }
+  }
+  return false;
+}
+
+static bool parseMountFlags(const std::string& flags, unsigned* mount_flags,
+                            std::string* fs_options) {
+  bool is_flag_set = false;
+  std::vector<std::string> flag_list;
+  for (const auto& flag : android::base::Split(flags, ",")) {
+    if (!setMountFlag(flag, mount_flags)) {
+      // Unknown flag, so it must be a filesystem specific option.
+      flag_list.push_back(flag);
+    } else {
+      is_flag_set = true;
+    }
+  }
+  *fs_options = android::base::Join(flag_list, ',');
+  return is_flag_set;
+}
+
 int UpdaterRuntime::Mount(const std::string_view location, const std::string_view mount_point,
                           const std::string_view fs_type, const std::string_view mount_options) {
   std::string mount_point_string(mount_point);
+  std::string mount_options_string(mount_options);
   char* secontext = nullptr;
+  unsigned mount_flags = 0;
+  std::string fs_options;
+
   if (sehandle_) {
     selabel_lookup(sehandle_, &secontext, mount_point_string.c_str(), 0755);
     setfscreatecon(secontext);
@@ -59,9 +111,13 @@ int UpdaterRuntime::Mount(const std::string_view location, const std::string_vie
     setfscreatecon(nullptr);
   }
 
+  if (!parseMountFlags(mount_options_string, &mount_flags, &fs_options)) {
+    // Fall back to default
+    mount_flags = MS_NOATIME | MS_NODEV | MS_NODIRATIME;
+  }
+
   return mount(std::string(location).c_str(), mount_point_string.c_str(),
-               std::string(fs_type).c_str(), MS_NOATIME | MS_NODEV | MS_NODIRATIME,
-               std::string(mount_options).c_str());
+               std::string(fs_type).c_str(), mount_flags, fs_options.c_str());
 }
 
 bool UpdaterRuntime::IsMounted(const std::string_view mount_point) const {
-- 
cgit v1.2.3


From e8ca1b86347992d3c92db8e7a25ee77a6280787b Mon Sep 17 00:00:00 2001
From: Tianjie Xu <xunchang@google.com>
Date: Fri, 13 Mar 2020 14:25:02 -0700
Subject: Consolidate the wait in recovery's reboot

After a reboot function call, we should always wait for it to finish
without executing other instructions.

Bug: 151110322
Test: build
Change-Id: I1dda291a0835ff96df7eaf42eba1a38267a3beeb
(cherry picked from commit 00c4aba9bf428717fc00e26a03e97401eca76ee8)
---
 otautil/include/otautil/sysutil.h | 2 +-
 otautil/sysutil.cpp               | 8 ++++++--
 recovery.cpp                      | 8 +-------
 recovery_ui/ui.cpp                | 3 ---
 updater/install.cpp               | 1 -
 5 files changed, 8 insertions(+), 14 deletions(-)

diff --git a/otautil/include/otautil/sysutil.h b/otautil/include/otautil/sysutil.h
index 326db8644..d0d2e67d7 100644
--- a/otautil/include/otautil/sysutil.h
+++ b/otautil/include/otautil/sysutil.h
@@ -103,7 +103,7 @@ class MemMapping {
 
 // Reboots the device into the specified target, by additionally handling quiescent reboot mode.
 // All unknown targets reboot into Android.
-bool Reboot(std::string_view target);
+[[noreturn]] void Reboot(std::string_view target);
 
 // Triggers a shutdown.
 bool Shutdown(std::string_view target);
diff --git a/otautil/sysutil.cpp b/otautil/sysutil.cpp
index 6cd46c6a9..b3ead9736 100644
--- a/otautil/sysutil.cpp
+++ b/otautil/sysutil.cpp
@@ -219,14 +219,18 @@ MemMapping::~MemMapping() {
   ranges_.clear();
 }
 
-bool Reboot(std::string_view target) {
+void Reboot(std::string_view target) {
   std::string cmd = "reboot," + std::string(target);
   // Honor the quiescent mode if applicable.
   if (target != "bootloader" && target != "fastboot" &&
       android::base::GetBoolProperty("ro.boot.quiescent", false)) {
     cmd += ",quiescent";
   }
-  return android::base::SetProperty(ANDROID_RB_PROPERTY, cmd);
+  if (!android::base::SetProperty(ANDROID_RB_PROPERTY, cmd)) {
+    LOG(FATAL) << "Reboot failed";
+  }
+
+  while (true) pause();
 }
 
 bool Shutdown(std::string_view target) {
diff --git a/recovery.cpp b/recovery.cpp
index 0382697ab..7675121d4 100644
--- a/recovery.cpp
+++ b/recovery.cpp
@@ -781,13 +781,7 @@ Device::BuiltinAction start_recovery(Device* device, const std::vector<std::stri
           ui->Print("Retry attempt %d\n", retry_count);
 
           // Reboot back into recovery to retry the update.
-          if (!Reboot("recovery")) {
-            ui->Print("Reboot failed\n");
-          } else {
-            while (true) {
-              pause();
-            }
-          }
+          Reboot("recovery");
         }
         // If this is an eng or userdebug build, then automatically
         // turn the text display on if the script fails so the error
diff --git a/recovery_ui/ui.cpp b/recovery_ui/ui.cpp
index 6f5cbbca6..330721773 100644
--- a/recovery_ui/ui.cpp
+++ b/recovery_ui/ui.cpp
@@ -375,9 +375,6 @@ void RecoveryUI::ProcessKey(int key_code, int updown) {
       case RecoveryUI::REBOOT:
         if (reboot_enabled) {
           Reboot("userrequested,recovery,ui");
-          while (true) {
-            pause();
-          }
         }
         break;
 
diff --git a/updater/install.cpp b/updater/install.cpp
index 62ff87e76..7608dc3cd 100644
--- a/updater/install.cpp
+++ b/updater/install.cpp
@@ -733,7 +733,6 @@ Value* RebootNowFn(const char* name, State* state, const std::vector<std::unique
 
   Reboot(property);
 
-  sleep(5);
   return ErrorAbort(state, kRebootFailure, "%s() failed to reboot", name);
 }
 
-- 
cgit v1.2.3