Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / system / update_engine / 76a29aef71c1602d6dcec6fc7062d2162b03c9ec^! / . / update_attempter.cc
commit76a29aef71c1602d6dcec6fc7062d2162b03c9ec[log] [tgz]
authorChris Sosa <sosa@chromium.org>Thu Jul 11 17:59:24 2013 -0700
committerChromeBot <chrome-bot@google.com>Fri Jul 12 15:52:26 2013 -0700
treec92c96812ca759ced2699af4b40dde1c3d5c8c2e
parentefb7c4c605440fdc6297deed8fa9d1aecb77235e [diff] [blame]
Don't allow rollback when we are enterprise enrolled.

As stated (and verified) by the device_policy protobuf, we can determine
whether a device is enterprise enrolled by checking if GetOwner is empty.
We use this knowledge to not allow rollback when powerwash is also requested (
the default).

As part of this CL I've figured out how to unittest Rollback and added tests
for both enterprise and non-enterprise rollback.

BUG=chromium:254829
TEST=Tested on both an enrolled and non-enrolled device. Verified only the
latter actually did a powerwash while the other aborted correctly. Also ran
new unittests

Change-Id: Idfe6bfef88819fe1bab7da6b31854faf7642c9ce
Reviewed-on: https://gerrit.chromium.org/gerrit/61645
Reviewed-by: David Zeuthen <zeuthen@chromium.org>
Commit-Queue: Chris Sosa <sosa@chromium.org>
Tested-by: Chris Sosa <sosa@chromium.org>

diff --git a/update_attempter.cc b/update_attempter.cc
index ca6643b..4104739 100644
--- a/update_attempter.cc
+++ b/update_attempter.cc

@@ -544,7 +544,7 @@
   }
 }
 
-bool UpdateAttempter::Rollback(bool powerwash) {
+bool UpdateAttempter::Rollback(bool powerwash, string *install_path) {
   CHECK(!processor_->IsRunning());
   processor_->set_delegate(this);
 
@@ -554,11 +554,27 @@
 
   LOG(INFO) << "Setting rollback options.";
   InstallPlan install_plan;
-  TEST_AND_RETURN_FALSE(utils::GetInstallDev(utils::BootDevice(),
-                                             &install_plan.install_path));
+  if (install_path == NULL) {
+    TEST_AND_RETURN_FALSE(utils::GetInstallDev(utils::BootDevice(),
+                                               &install_plan.install_path));
+  }
+  else {
+    install_plan.install_path = *install_path;
+  }
+
   install_plan.kernel_install_path = utils::BootKernelDevice(
       install_plan.install_path);
   install_plan.powerwash_required = powerwash;
+  if (powerwash) {
+    // Enterprise-enrolled devices have an empty owner in their device policy.
+    string owner;
+    const policy::DevicePolicy* device_policy = system_state_->device_policy();
+    if (!device_policy->GetOwner(&owner) || owner.empty()) {
+      LOG(ERROR) << "Enterprise device detected. "
+                 << "Cannot perform a powerwash for enterprise devices.";
+      return false;
+    }
+  }
 
   LOG(INFO) << "Using this install plan:";
   install_plan.Dump();