Enhance the fault tolerance of GSID installation

The gsid may function abnormally when an installation get interrupted.

case 1.
$ gsi_tool install

 ... use ctrl+C to stop ...

$ gsi_tool wipe
Could not remove GSI install.

case 2
When it's interrupted. The installer destructor does not have the
the chance to run therefore it can be a resource leak because the
backing files, e.g. system_gsi and userdata_gsi are not released.
Neither can they be enabled because the IsGsiInstalled() == false.

This CL fixes cases above by making a integrity model based on
IsGsiInstalled() as an atomic switch, e.g.

if (IsGsiInstalled()) {
    The installation must be complete and the enableGsi() must work.
} else {
    All resources that have been allocated must be cleaned up.
    a. Clean up methods and command must work.
    b. runStartup method must do the clean up.
}

All corresponding changes are based on this model.

Bug: 140014207
Test: \
 1. gsi_tool install & reboot
 2. gsi_tool install & ctrl+C & gsi_tool status & gsi_tool wipe & gsi_tool status
 3. gsi_tool install & ctrl+C & gsi_tool status & reboot & gsi_tool status

Change-Id: I0dcf043d65b50f0dd82eac1f428a295e94c81812

1 files changed, 2 insertions, 0 deletions

diff --git a/gsi_service.h b/gsi_service.h
index 1df4aeb..56ce8c6 100644
--- a/gsi_service.h
+++ b/gsi_service.h
@@ -89,12 +89,14 @@ class GsiService : public BinderService<GsiService>, public BnGsiService {
 
     static void RunStartupTasks();
     static std::string GetInstalledImageDir();
+    std::string GetActiveInstalledImageDir();
 
   private:
     GsiService(Gsid* parent);
     int ValidateInstallParams(GsiInstallParams* params);
     bool DisableGsiInstall();
     int ReenableGsi(bool one_shot);
+    static void CleanCorruptedInstallation();
 
     enum class AccessLevel { System, SystemOrShell };
     binder::Status CheckUid(AccessLevel level = AccessLevel::System);