libsnapshot: lock on /metadata/ota
We used to flock() on /metadata/ota/state to ensure
atomic access. However, writing the file itself is
not necessary atomic and may lead to inconsistent
states.
This change redirects flock() to the outer directory, /metadata/ota,
which is very likely to exist (see exception below).
flock() is called on this directory instead of /state. This allows
a follow-up change to turn all writes to the /metadata partition
atomic.
Note: /metadata/ota may not exist during first boot after a flash
with wipe. However, first_stage_init always checks existence of
boot indicator before even trying to flock() (via
IsSnapshotManagerNeeded() and NeedSnapshotsInFirstStageMount()). If
the boot indicator exists, /metadata/ota must exist as well.
Also add tests to ensure LockExclusive() and LockShared() works as
expected.
Test: libsnapshot_test
Test: apply OTA from older build to this, then reboot
Bug: 144549076
Change-Id: Ib4dd9e9be1a43013c328e181b9398ac0b514dbce
3 files changed