From fc1e1aeef9e152f5db4b2b9fce7aab16df03d6cd Mon Sep 17 00:00:00 2001
From: Yifan Hong <elsk@google.com>
Date: Tue, 7 Jul 2020 13:23:07 -0700
Subject: [PATCH] Try locking after mounting metadata

In rescue mode, if /metadata is mounted but /metadata/ota does
not exist, immeidately unmount /metadata and fallback to the code
path when /metadata is not mounted; that is, old partitions are
overwritten.

Test: in recovery, select wipe then immediately sideload
Bug: 160457903
Change-Id: I412d62b7005c81a7126106edc471622e6a7ef813
Merged-In: I412d62b7005c81a7126106edc471622e6a7ef813
---
 fs_mgr/libsnapshot/snapshot.cpp | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/fs_mgr/libsnapshot/snapshot.cpp b/fs_mgr/libsnapshot/snapshot.cpp
index 55214f545..688b65820 100644
--- a/fs_mgr/libsnapshot/snapshot.cpp
+++ b/fs_mgr/libsnapshot/snapshot.cpp
@@ -2520,7 +2520,19 @@ std::unique_ptr<AutoDevice> SnapshotManager::EnsureMetadataMounted() {
         LOG(INFO) << "EnsureMetadataMounted does nothing in Android mode.";
         return std::unique_ptr<AutoUnmountDevice>(new AutoUnmountDevice());
     }
-    return AutoUnmountDevice::New(device_->GetMetadataDir());
+    auto ret = AutoUnmountDevice::New(device_->GetMetadataDir());
+    if (ret == nullptr) return nullptr;
+
+    // In rescue mode, it is possible to erase and format metadata, but /metadata/ota is not
+    // created to execute snapshot updates. Hence, subsequent calls is likely to fail because
+    // Lock*() fails. By failing early and returning nullptr here, update_engine_sideload can
+    // treat this case as if /metadata is not mounted.
+    if (!LockShared()) {
+        LOG(WARNING) << "/metadata is mounted, but errors occur when acquiring a shared lock. "
+                        "Subsequent calls to SnapshotManager will fail. Unmounting /metadata now.";
+        return nullptr;
+    }
+    return ret;
 }
 
 bool SnapshotManager::HandleImminentDataWipe(const std::function<void()>& callback) {