update_verifier: Verify blocks

Check if the block verification was already done by snapuserd daemon - If so, skip the verification process. If daemon failed to verify the block, update_verifier will fallback and continue the verification. Bug: 193863442 Test: OTA Signed-off-by: Akilesh Kailash <akailash@google.com> Change-Id: I18946fb730376f19cce0738bd6765d5f5d0248b6
2022-03-23 18:53:52 +00:00 · 2022-03-23 18:53:52 +00:00 · dc1f6dadef
commit dc1f6dadef
parent 94bb8a80c7
3 changed files with 31 additions and 0 deletions
--- a/update_verifier/Android.bp
+++ b/update_verifier/Android.bp
@ -73,6 +73,10 @@ cc_library_static {
        "libvold_binder",
    ],

+    whole_static_libs: [
+	"libsnapshot_snapuserd",
+    ],
+
    shared_libs: [
        "android.hardware.boot@1.0",
        "libbase",
--- a/update_verifier/include/update_verifier/update_verifier.h
+++ b/update_verifier/include/update_verifier/update_verifier.h
@ -21,6 +21,7 @@
 #include <string>
 #include <vector>

+#include <snapuserd/snapuserd_client.h>
 #include "otautil/rangeset.h"

 // The update verifier performs verification upon the first boot to a new slot on A/B devices.
@ -68,4 +69,8 @@ class UpdateVerifier {

  // The function to read the device property; default value: android::base::GetProperty()
  std::function<std::string(const std::string&)> property_reader_;
+
+  // Check if snapuserd daemon has already completed the update verification
+  // Applicable only for VABC with userspace snapshots
+  bool CheckVerificationStatus();
 };
--- a/update_verifier/update_verifier.cpp
+++ b/update_verifier/update_verifier.cpp
@ -52,6 +52,7 @@
 #include <future>
 #include <thread>

+#include <android-base/chrono_utils.h>
 #include <android-base/file.h>
 #include <android-base/logging.h>
 #include <android-base/parseint.h>
@ -188,7 +189,28 @@ bool UpdateVerifier::ReadBlocks(const std::string partition_name,
  return ret;
 }

+bool UpdateVerifier::CheckVerificationStatus() {
+  auto client =
+      android::snapshot::SnapuserdClient::Connect(android::snapshot::kSnapuserdSocket, 5s);
+  if (!client) {
+    LOG(ERROR) << "Unable to connect to snapuserd";
+    return false;
+  }
+
+  return client->QueryUpdateVerification();
+}
+
 bool UpdateVerifier::VerifyPartitions() {
+  const bool userspace_snapshots =
+      android::base::GetBoolProperty("ro.virtual_ab.userspace.snapshots.enabled", false);
+
+  if (userspace_snapshots && CheckVerificationStatus()) {
+    LOG(INFO) << "Partitions verified by snapuserd daemon";
+    return true;
+  }
+
+  LOG(INFO) << "Partitions not verified by snapuserd daemon";
+
  auto dm_block_devices = FindDmPartitions();
  if (dm_block_devices.empty()) {
    LOG(ERROR) << "No dm-enabled block device is found.";