Merge "Remove OEM_UNLOCK_PROP usage" into main
diff --git a/init/README.md b/init/README.md
index de57208..560c528 100644
--- a/init/README.md
+++ b/init/README.md
@@ -501,9 +501,10 @@
reformatted here if it couldn't mount in first-stage init.
6. `post-fs-data-checkpointed` - Triggered when vold has completed committing a checkpoint
after an OTA update. Not triggered if checkpointing is not needed or supported.
- 7. `zygote-start` - Start the zygote.
- 8. `early-boot` - After zygote has started.
- 9. `boot` - After `early-boot` actions have completed.
+ 7. `bpf-progs-loaded` - Starts things that want to start ASAP but need eBPF (incl. netd)
+ 8. `zygote-start` - Start the zygote.
+ 9. `early-boot` - After zygote has started.
+ 10. `boot` - After `early-boot` actions have completed.
Commands
--------
diff --git a/libstats/pull_rust/Android.bp b/libstats/pull_rust/Android.bp
index 6902026..2a8939e 100644
--- a/libstats/pull_rust/Android.bp
+++ b/libstats/pull_rust/Android.bp
@@ -61,7 +61,6 @@
srcs: ["stats_pull.rs"],
rustlibs: [
"liblog_rust",
- "libonce_cell",
"libstatslog_rust_header",
"libstatspull_bindgen",
],
diff --git a/libstats/pull_rust/stats_pull.rs b/libstats/pull_rust/stats_pull.rs
index b2bebcc..03929e3 100644
--- a/libstats/pull_rust/stats_pull.rs
+++ b/libstats/pull_rust/stats_pull.rs
@@ -14,13 +14,12 @@
//! A Rust interface for the StatsD pull API.
-use once_cell::sync::Lazy;
use statslog_rust_header::{Atoms, Stat, StatsError};
use statspull_bindgen::*;
use std::collections::HashMap;
use std::convert::TryInto;
use std::os::raw::c_void;
-use std::sync::Mutex;
+use std::sync::{LazyLock, Mutex};
/// The return value of callbacks.
pub type StatsPullResult = Vec<Box<dyn Stat>>;
@@ -107,8 +106,8 @@
}
}
-static COOKIES: Lazy<Mutex<HashMap<i32, fn() -> StatsPullResult>>> =
- Lazy::new(|| Mutex::new(HashMap::new()));
+static COOKIES: LazyLock<Mutex<HashMap<i32, fn() -> StatsPullResult>>> =
+ LazyLock::new(|| Mutex::new(HashMap::new()));
/// # Safety
///
diff --git a/rootdir/init.rc b/rootdir/init.rc
index 4b3ad82..1acd637 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -567,7 +567,8 @@
trigger post-fs-data
# Should be before netd, but after apex, properties and logging is available.
- trigger load_bpf_programs
+ trigger load-bpf-programs
+ trigger bpf-progs-loaded
# Now we can start zygote.
trigger zygote-start
@@ -1109,6 +1110,22 @@
on property:vold.checkpoint_committed=1
trigger post-fs-data-checkpointed
+# It is important that we start bpfloader after:
+# - /sys/fs/bpf is already mounted,
+# - apex (incl. rollback) is initialized (so that we can load bpf
+# programs shipped as part of apex mainline modules)
+# - logd is ready for us to log stuff
+#
+# At the same time we want to be as early as possible to reduce races and thus
+# failures (before memory is fragmented, and cpu is busy running tons of other
+# stuff) and we absolutely want to be before netd and the system boot slot is
+# considered to have booted successfully.
+on load-bpf-programs
+ exec_start bpfloader
+
+on bpf-progs-loaded
+ start netd
+
# It is recommended to put unnecessary data/ initialization from post-fs-data
# to start-zygote in device's init.rc to unblock zygote start.
on zygote-start
@@ -1116,7 +1133,6 @@
# A/B update verifier that marks a successful boot.
exec_start update_verifier
start statsd
- start netd
start zygote
start zygote_secondary
@@ -1277,7 +1293,7 @@
# controlling access. On older kernels, the paranoid value is the only means of
# controlling access. It is normally 3 (allow only root), but the shell user
# can lower it to 1 (allowing thread-scoped pofiling) via security.perf_harden.
-on load_bpf_programs && property:sys.init.perf_lsm_hooks=1
+on load-bpf-programs && property:sys.init.perf_lsm_hooks=1
write /proc/sys/kernel/perf_event_paranoid -1
on property:security.perf_harden=0 && property:sys.init.perf_lsm_hooks=""
write /proc/sys/kernel/perf_event_paranoid 1
diff --git a/trusty/metrics/include/trusty/metrics/tipc.h b/trusty/metrics/include/trusty/metrics/tipc.h
index b4428d5..4c4d37d 100644
--- a/trusty/metrics/include/trusty/metrics/tipc.h
+++ b/trusty/metrics/include/trusty/metrics/tipc.h
@@ -43,6 +43,8 @@
#define UUID_STR_SIZE (37)
+#define HASH_SIZE_BYTES 64
+
/**
* enum metrics_cmd - command identifiers for metrics interface
* @METRICS_CMD_RESP_BIT: message is a response
@@ -112,10 +114,22 @@
* "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
* @crash_reason: architecture-specific code representing the reason for the
* crash
+ * @far: Fault Address Register corresponding to the crash. It is set to 0 and
+ * not always revealed
+ * @far_hash: Fault Address Register obfuscated, always revealed
+ * @elr: Exception Link Register corresponding to the crash. It is set to 0 and
+ * not always revealed
+ * @elr_hash: Exception Link Register obfuscated, always revealed
+ * @is_hash: Boolean value indicating whether far and elr have been ob
*/
struct metrics_report_crash_req {
char app_id[UUID_STR_SIZE];
uint32_t crash_reason;
+ uint64_t far;
+ uint8_t far_hash[HASH_SIZE_BYTES];
+ uint64_t elr;
+ uint8_t elr_hash[HASH_SIZE_BYTES];
+ bool is_hash;
} __attribute__((__packed__));
enum TrustyStorageErrorType {
diff --git a/trusty/storage/interface/Android.bp b/trusty/storage/interface/Android.bp
index d031b0c..769f53d 100644
--- a/trusty/storage/interface/Android.bp
+++ b/trusty/storage/interface/Android.bp
@@ -20,6 +20,7 @@
cc_library_static {
name: "libtrustystorageinterface",
- vendor: true,
+ vendor_available: true,
+ system_ext_specific: true,
export_include_dirs: ["include"],
}
diff --git a/trusty/storage/proxy/Android.bp b/trusty/storage/proxy/Android.bp
index e362b8b..f32188a 100644
--- a/trusty/storage/proxy/Android.bp
+++ b/trusty/storage/proxy/Android.bp
@@ -18,10 +18,8 @@
default_applicable_licenses: ["Android-Apache-2.0"],
}
-cc_binary {
- name: "storageproxyd",
- vendor: true,
-
+cc_defaults {
+ name: "storageproxyd.defaults",
srcs: [
"checkpoint_handling.cpp",
"ipc.c",
@@ -47,9 +45,22 @@
"libtrustystorageinterface",
"libtrusty",
],
-
cflags: [
"-Wall",
"-Werror",
],
}
+
+cc_binary {
+ name: "storageproxyd",
+ defaults: ["storageproxyd.defaults"],
+ vendor: true,
+ // vendor variant requires this flag
+ cflags: ["-DVENDOR_FS_READY_PROPERTY"],
+}
+
+cc_binary {
+ name: "storageproxyd.system",
+ defaults: ["storageproxyd.defaults"],
+ system_ext_specific: true,
+}
diff --git a/trusty/storage/proxy/storage.c b/trusty/storage/proxy/storage.c
index ca39f6a..72c4e93 100644
--- a/trusty/storage/proxy/storage.c
+++ b/trusty/storage/proxy/storage.c
@@ -54,6 +54,8 @@
/* List head for storage mapping, elements added at init, and never removed */
static struct storage_mapping_node* storage_mapping_head;
+#ifdef VENDOR_FS_READY_PROPERTY
+
/*
* Properties set to 1 after we have opened a file under ssdir_name. The backing
* files for both TD and TDP are currently located under /data/vendor/ss and can
@@ -75,16 +77,6 @@
static bool fs_ready_set = false;
static bool fs_ready_rw_set = false;
-static enum sync_state fs_state;
-static enum sync_state fd_state[FD_TBL_SIZE];
-
-static bool alternate_mode;
-
-static struct {
- struct storage_file_read_resp hdr;
- uint8_t data[MAX_READ_SIZE];
-} read_rsp;
-
static bool property_set_helper(const char* prop) {
int rc = property_set(prop, "1");
if (rc == 0) {
@@ -96,6 +88,18 @@
return rc == 0;
}
+#endif // #ifdef VENDOR_FS_READY_PROPERTY
+
+static enum sync_state fs_state;
+static enum sync_state fd_state[FD_TBL_SIZE];
+
+static bool alternate_mode;
+
+static struct {
+ struct storage_file_read_resp hdr;
+ uint8_t data[MAX_READ_SIZE];
+} read_rsp;
+
static uint32_t insert_fd(int open_flags, int fd, struct storage_mapping_node* node) {
uint32_t handle = fd;
@@ -535,6 +539,7 @@
free(path);
path = NULL;
+#ifdef VENDOR_FS_READY_PROPERTY
/* a backing file has been opened, notify any waiting init steps */
if (!fs_ready_set || !fs_ready_rw_set) {
bool is_checkpoint_active = false;
@@ -552,6 +557,7 @@
}
}
}
+#endif // #ifdef VENDOR_FS_READY_PROPERTY
return ipc_respond(msg, &resp, sizeof(resp));
diff --git a/fastboot/Android.mk b/trusty/trusty-storage-cf.mk
similarity index 61%
rename from fastboot/Android.mk
rename to trusty/trusty-storage-cf.mk
index cde0cb2..3b46445 100644
--- a/fastboot/Android.mk
+++ b/trusty/trusty-storage-cf.mk
@@ -1,4 +1,5 @@
-# Copyright (C) 2007 Google Inc.
+#
+# Copyright (C) 2024 The Android Open-Source Project
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -11,15 +12,14 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-
-LOCAL_PATH:= $(call my-dir)
-
-#
-# Package fastboot-related executables.
#
-my_dist_files := $(HOST_OUT_EXECUTABLES)/mke2fs
-my_dist_files += $(HOST_OUT_EXECUTABLES)/make_f2fs
-my_dist_files += $(HOST_OUT_EXECUTABLES)/make_f2fs_casefold
-$(call dist-for-goals,dist_files sdk,$(my_dist_files))
-my_dist_files :=
+#
+# This makefile should be included by the cuttlefish device
+# when enabling the Trusty VM to pull in the baseline set
+# of storage specific modules
+
+PRODUCT_PACKAGES += \
+ storageproxyd.system \
+ rpmb_dev.system \
+
diff --git a/trusty/utils/rpmb_dev/Android.bp b/trusty/utils/rpmb_dev/Android.bp
index 603a1a8..13f151d 100644
--- a/trusty/utils/rpmb_dev/Android.bp
+++ b/trusty/utils/rpmb_dev/Android.bp
@@ -15,11 +15,8 @@
default_applicable_licenses: ["Android-Apache-2.0"],
}
-cc_binary {
- name: "rpmb_dev",
- vendor: true,
- host_supported: true,
-
+cc_defaults {
+ name: "rpmb_dev.cc_defaults",
srcs: [
"rpmb_dev.c",
],
@@ -32,7 +29,23 @@
"-Wall",
"-Werror",
],
+}
+
+cc_binary {
+ name: "rpmb_dev",
+ defaults: ["rpmb_dev.cc_defaults"],
+ vendor: true,
+ host_supported: true,
init_rc: [
"rpmb_dev.rc",
],
}
+
+cc_binary {
+ name: "rpmb_dev.system",
+ defaults: ["rpmb_dev.cc_defaults"],
+ system_ext_specific: true,
+ init_rc: [
+ "rpmb_dev.system.rc",
+ ],
+}
diff --git a/trusty/utils/rpmb_dev/rpmb_dev.system.rc b/trusty/utils/rpmb_dev/rpmb_dev.system.rc
new file mode 100644
index 0000000..b78c4e2
--- /dev/null
+++ b/trusty/utils/rpmb_dev/rpmb_dev.system.rc
@@ -0,0 +1,64 @@
+service storageproxyd_system /system_ext/bin/storageproxyd.system \
+ -d ${storageproxyd_system.trusty_ipc_dev:-/dev/trusty-ipc-dev0} \
+ -r /dev/socket/rpmb_mock_system \
+ -p /data/secure_storage_system \
+ -t sock
+ disabled
+ user system
+ group system
+
+service rpmb_mock_init_system /system_ext/bin/rpmb_dev.system \
+ --dev /mnt/secure_storage_rpmb_system/persist/RPMB_DATA --init --size 2048
+ disabled
+ user system
+ group system
+ oneshot
+
+service rpmb_mock_system /system_ext/bin/rpmb_dev.system \
+ --dev /mnt/secure_storage_rpmb_system/persist/RPMB_DATA \
+ --sock rpmb_mock_system
+ disabled
+ user system
+ group system
+ socket rpmb_mock_system stream 660 system system
+
+# storageproxyd
+on late-fs && \
+ property:trusty_vm_system_nonsecure.ready=1 && \
+ property:storageproxyd_system.trusty_ipc_dev=*
+ wait /dev/socket/rpmb_mock_system
+ start storageproxyd_system
+
+
+# RPMB Mock
+on post-fs && \
+ property:trusty_vm_system_nonsecure.ready=1 && \
+ property:trusty_vm_system.vm_cid=*
+ # Create a persistent location for the RPMB data
+ # (work around lack of RPMb block device on CF).
+ # file contexts secure_storage_rpmb_system_file
+ # (only used on Cuttlefish as this is non secure)
+ mkdir /metadata/secure_storage_rpmb_system 0770 system system
+ mkdir /mnt/secure_storage_rpmb_system 0770 system system
+ symlink /metadata/secure_storage_rpmb_system \
+ /mnt/secure_storage_rpmb_system/persist
+ # Create a system persist directory in /metadata
+ # (work around lack of dedicated system persist partition).
+ # file contexts secure_storage_persist_system_file
+ mkdir /metadata/secure_storage_persist_system 0770 system system
+ mkdir /mnt/secure_storage_persist_system 0770 system system
+ symlink /metadata/secure_storage_persist_system \
+ /mnt/secure_storage_persist_system/persist
+ setprop storageproxyd_system.trusty_ipc_dev VSOCK:${trusty_vm_system.vm_cid}:1
+ exec_start rpmb_mock_init_system
+ start rpmb_mock_system
+
+on post-fs-data && \
+ property:trusty_vm_system_nonsecure.ready=1 && \
+ property:storageproxyd_system.trusty_ipc_dev=*
+ # file contexts secure_storage_system_file
+ mkdir /data/secure_storage_system 0770 root system
+ symlink /mnt/secure_storage_persist_system/persist \
+ /data/secure_storage_system/persist
+ chown root system /data/secure_storage_system/persist
+ restart storageproxyd_system
diff --git a/trusty/utils/trusty-ut-ctrl/Android.bp b/trusty/utils/trusty-ut-ctrl/Android.bp
index 6fc2a48..c255614 100644
--- a/trusty/utils/trusty-ut-ctrl/Android.bp
+++ b/trusty/utils/trusty-ut-ctrl/Android.bp
@@ -16,9 +16,8 @@
default_applicable_licenses: ["Android-Apache-2.0"],
}
-cc_binary {
- name: "trusty-ut-ctrl",
- vendor: true,
+cc_defaults {
+ name: "trusty-ut-ctrl.defaults",
srcs: ["ut-ctrl.c"],
shared_libs: [
@@ -33,3 +32,15 @@
"-Werror",
],
}
+
+cc_binary {
+ name: "trusty-ut-ctrl",
+ defaults: ["trusty-ut-ctrl.defaults"],
+ vendor: true,
+}
+
+cc_binary {
+ name: "trusty-ut-ctrl.system",
+ defaults: ["trusty-ut-ctrl.defaults"],
+ system_ext_specific: true,
+}