Try locking after mounting metadata
In rescue mode, if /metadata is mounted but /metadata/ota does
not exist, immediately unmount /metadata and fallback to the code
path when /metadata is not mounted; that is, old partitions are
overwritten.
Test: in recovery, select wipe then immediately sideload
Bug: 160457903
Change-Id: I412d62b7005c81a7126106edc471622e6a7ef813
diff --git a/fs_mgr/libsnapshot/snapshot.cpp b/fs_mgr/libsnapshot/snapshot.cpp
index 0739fab..a287c35 100644
--- a/fs_mgr/libsnapshot/snapshot.cpp
+++ b/fs_mgr/libsnapshot/snapshot.cpp
@@ -2516,7 +2516,19 @@
LOG(INFO) << "EnsureMetadataMounted does nothing in Android mode.";
return std::unique_ptr<AutoUnmountDevice>(new AutoUnmountDevice());
}
- return AutoUnmountDevice::New(device_->GetMetadataDir());
+ auto ret = AutoUnmountDevice::New(device_->GetMetadataDir());
+ if (ret == nullptr) return nullptr;
+
+ // In rescue mode, it is possible to erase and format metadata, but /metadata/ota is not
+ // created to execute snapshot updates. Hence, subsequent calls is likely to fail because
+ // Lock*() fails. By failing early and returning nullptr here, update_engine_sideload can
+ // treat this case as if /metadata is not mounted.
+ if (!LockShared()) {
+ LOG(WARNING) << "/metadata is mounted, but errors occur when acquiring a shared lock. "
+ "Subsequent calls to SnapshotManager will fail. Unmounting /metadata now.";
+ return nullptr;
+ }
+ return ret;
}
bool SnapshotManager::HandleImminentDataWipe(const std::function<void()>& callback) {