commit 5fb356cac8a87c62fa83005d99370aa2f8416064
author Alex Deymo <deymo@google.com> Fri Mar 25 18:48:22 2016 -0700
committer Alex Deymo <deymo@google.com> Wed Apr 13 00:10:57 2016 +0000
tree 2ba628db747e0c3a2f62c062e18a0e697556a252
parent 4108c32f268c9d50b7aab7599733bd04526bacdf

Mark block device as read-only before mounting.

Mounting a block device as read-only still allows the filesystem to
write to the block device, while keeping the user-facing filesystem
interface "read-only". This behavior will make dm-verity to fail after
reboot if any block is modified during postinstall.

This patch marks the block device as read-only before mounting it, and
marks them read-only or read-write before using them during the update.

Bug: 27859604
TEST=Added logging and deployed an update to brillo, devices are marked RO/RW as needed during a delta update.

Change-Id: I781293cc0b3447dac708470ba6efad4103bf2a58

common/utils.h

diff --git a/common/utils.h b/common/utils.h
index dbf92d2..3af6e71 100644
--- a/common/utils.h
+++ b/common/utils.h
@@ -178,6 +178,10 @@
 // /dev/sda3. Return empty string on error.
 std::string MakePartitionNameForMount(const std::string& part_name);
 
+// Set the read-only attribute on the block device |device| to the value passed
+// in |read_only|. Return whether the operation succeeded.
+bool SetBlockDeviceReadOnly(const std::string& device, bool read_only);
+
 // Synchronously mount or unmount a filesystem. Return true on success.
 // When mounting, it will attempt to mount the device as the passed filesystem
 // type |type|, with the passed |flags| options. If |type| is empty, "ext2",