Merge "fs_mgr: set "partition.system.verified" when AVB is used in a A/B device" into oc-dev
diff --git a/adb/bugreport.cpp b/adb/bugreport.cpp
index 9dc9811..d159d6a 100644
--- a/adb/bugreport.cpp
+++ b/adb/bugreport.cpp
@@ -48,7 +48,7 @@
show_progress_(show_progress),
status_(0),
line_(),
- last_progress_(0) {
+ last_progress_percentage_(0) {
SetLineMessage("generating");
}
@@ -147,13 +147,14 @@
size_t idx1 = line.rfind(BUGZ_PROGRESS_PREFIX) + strlen(BUGZ_PROGRESS_PREFIX);
size_t idx2 = line.rfind(BUGZ_PROGRESS_SEPARATOR);
int progress = std::stoi(line.substr(idx1, (idx2 - idx1)));
- if (progress <= last_progress_) {
+ int total = std::stoi(line.substr(idx2 + 1));
+ int progress_percentage = (progress * 100 / total);
+ if (progress_percentage <= last_progress_percentage_) {
// Ignore.
return;
}
- last_progress_ = progress;
- int total = std::stoi(line.substr(idx2 + 1));
- br_->UpdateProgress(line_message_, progress, total);
+ last_progress_percentage_ = progress_percentage;
+ br_->UpdateProgress(line_message_, progress_percentage);
} else {
invalid_lines_.push_back(line);
}
@@ -189,7 +190,7 @@
// Last displayed progress.
// Since dumpstate progress can recede, only forward progress should be displayed
- int last_progress_;
+ int last_progress_percentage_;
DISALLOW_COPY_AND_ASSIGN(BugreportStandardStreamsCallback);
};
@@ -267,8 +268,7 @@
return SendShellCommand(transport_type, serial, bugz_command, false, &bugz_callback);
}
-void Bugreport::UpdateProgress(const std::string& message, int progress, int total) {
- int progress_percentage = (progress * 100 / total);
+void Bugreport::UpdateProgress(const std::string& message, int progress_percentage) {
line_printer_.Print(
android::base::StringPrintf("[%3d%%] %s", progress_percentage, message.c_str()),
LinePrinter::INFO);
diff --git a/adb/bugreport.h b/adb/bugreport.h
index ee99cbc..d9a4468 100644
--- a/adb/bugreport.h
+++ b/adb/bugreport.h
@@ -43,7 +43,7 @@
const char* name);
private:
- virtual void UpdateProgress(const std::string& file_name, int progress, int total);
+ virtual void UpdateProgress(const std::string& file_name, int progress_percentage);
LinePrinter line_printer_;
DISALLOW_COPY_AND_ASSIGN(Bugreport);
};
diff --git a/adb/bugreport_test.cpp b/adb/bugreport_test.cpp
index b500c49..2b368d7 100644
--- a/adb/bugreport_test.cpp
+++ b/adb/bugreport_test.cpp
@@ -123,7 +123,7 @@
bool disable_shell_protocol, StandardStreamsCallbackInterface* callback));
MOCK_METHOD4(DoSyncPull, bool(const std::vector<const char*>& srcs, const char* dst,
bool copy_attrs, const char* name));
- MOCK_METHOD3(UpdateProgress, void(const std::string&, int, int));
+ MOCK_METHOD2(UpdateProgress, void(const std::string&, int));
};
class BugreportTest : public ::testing::Test {
@@ -142,8 +142,8 @@
WithArg<4>(ReturnCallbackDone(0))));
}
- void ExpectProgress(int progress, int total, const std::string& file = "file.zip") {
- EXPECT_CALL(br_, UpdateProgress(StrEq("generating " + file), progress, total));
+ void ExpectProgress(int progress_percentage, const std::string& file = "file.zip") {
+ EXPECT_CALL(br_, UpdateProgress(StrEq("generating " + file), progress_percentage));
}
BugreportMock br_;
@@ -200,7 +200,7 @@
ExpectBugreportzVersion("1.1");
std::string dest_file =
android::base::StringPrintf("%s%cda_bugreport.zip", cwd_.c_str(), OS_PATH_SEPARATOR);
- ExpectProgress(50, 100, "da_bugreport.zip");
+ ExpectProgress(50, "da_bugreport.zip");
EXPECT_CALL(br_, SendShellCommand(kTransportLocal, "HannibalLecter", "bugreportz -p", false, _))
.WillOnce(DoAll(WithArg<4>(WriteOnStdout("BEGIN:/device/da_bugreport.zip\n")),
WithArg<4>(WriteOnStdout("PROGRESS:50/100\n")),
@@ -247,10 +247,10 @@
// Tests 'adb bugreport file.zip' when it succeeds and displays progress.
TEST_F(BugreportTest, OkProgress) {
ExpectBugreportzVersion("1.1");
- ExpectProgress(1, 100);
- ExpectProgress(10, 100);
- ExpectProgress(50, 100);
- ExpectProgress(99, 100);
+ ExpectProgress(1);
+ ExpectProgress(10);
+ ExpectProgress(50);
+ ExpectProgress(99);
// clang-format off
EXPECT_CALL(br_, SendShellCommand(kTransportLocal, "HannibalLecter", "bugreportz -p", false, _))
// NOTE: DoAll accepts at most 10 arguments, and we're almost reached that limit...
@@ -283,21 +283,23 @@
// Tests 'adb bugreport file.zip' when it succeeds and displays progress, even if progress recedes.
TEST_F(BugreportTest, OkProgressAlwaysForward) {
ExpectBugreportzVersion("1.1");
- ExpectProgress(1, 100);
- ExpectProgress(50, 100);
- ExpectProgress(75, 100);
+ ExpectProgress(1);
+ ExpectProgress(50);
+ ExpectProgress(75);
// clang-format off
EXPECT_CALL(br_, SendShellCommand(kTransportLocal, "HannibalLecter", "bugreportz -p", false, _))
// NOTE: DoAll accepts at most 10 arguments, and we're almost reached that limit...
.WillOnce(DoAll(
WithArg<4>(WriteOnStdout("BEGIN:/device/bugreport.zip\n")),
- WithArg<4>(WriteOnStdout("PROGRESS:1/100\n")),
- WithArg<4>(WriteOnStdout("PROGRESS:50/100\n")),
- // 25 should be ignored becaused it receded.
- WithArg<4>(WriteOnStdout("PROGRESS:25/100\n")),
- WithArg<4>(WriteOnStdout("PROGRESS:75/100\n")),
- // 75 should be ignored becaused it didn't change.
- WithArg<4>(WriteOnStdout("PROGRESS:75/100\n")),
+ WithArg<4>(WriteOnStdout("PROGRESS:1/100\n")), // 1%
+ WithArg<4>(WriteOnStdout("PROGRESS:50/100\n")), // 50%
+ // 25% should be ignored becaused it receded.
+ WithArg<4>(WriteOnStdout("PROGRESS:25/100\n")), // 25%
+ WithArg<4>(WriteOnStdout("PROGRESS:75/100\n")), // 75%
+ // 75% should be ignored becaused it didn't change.
+ WithArg<4>(WriteOnStdout("PROGRESS:75/100\n")), // 75%
+ // Try a receeding percentage with a different max progress
+ WithArg<4>(WriteOnStdout("PROGRESS:700/1000\n")), // 70%
WithArg<4>(WriteOnStdout("OK:/device/bugreport.zip")),
WithArg<4>(ReturnCallbackDone())));
// clang-format on
diff --git a/init/init.cpp b/init/init.cpp
index 84e4f84..bb6355a 100644
--- a/init/init.cpp
+++ b/init/init.cpp
@@ -19,6 +19,7 @@
#include <errno.h>
#include <fcntl.h>
#include <inttypes.h>
+#include <keyutils.h>
#include <libgen.h>
#include <paths.h>
#include <signal.h>
@@ -1028,6 +1029,11 @@
InitKernelLogging(argv);
LOG(INFO) << "init second stage started!";
+ // Set up a session keyring that all processes will have access to. It
+ // will hold things like FBE encryption keys. No process should override
+ // its session keyring.
+ keyctl(KEYCTL_GET_KEYRING_ID, KEY_SPEC_SESSION_KEYRING, 1);
+
// Indicate that booting is in progress to background fw loaders, etc.
close(open("/dev/.booting", O_WRONLY | O_CREAT | O_CLOEXEC, 0000));
diff --git a/init/init_first_stage.cpp b/init/init_first_stage.cpp
index e6b2f24..a139e34 100644
--- a/init/init_first_stage.cpp
+++ b/init/init_first_stage.cpp
@@ -143,8 +143,11 @@
if (!GetRequiredDevices(&devices_partition_names, &need_dm_verity)) return false;
if (need_dm_verity) {
- device_init("/sys/devices/virtual/misc/device-mapper",
- [&](uevent* uevent) -> coldboot_action_t { return COLDBOOT_STOP; });
+ const std::string dm_path = "/devices/virtual/misc/device-mapper";
+ device_init(("/sys" + dm_path).c_str(), [&dm_path](uevent* uevent) -> coldboot_action_t {
+ if (uevent->path == dm_path) return COLDBOOT_STOP;
+ return COLDBOOT_CONTINUE; // dm_path not found, continue to find it.
+ });
}
bool success = false;
diff --git a/init/keyutils.h b/init/keyutils.h
new file mode 100644
index 0000000..de01beb
--- /dev/null
+++ b/init/keyutils.h
@@ -0,0 +1,44 @@
+/*
+ * Copyright (C) 2017 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/* Miniature version of a header-only keyutils.h (no library required) */
+
+#ifndef _INIT_KEYUTILS_H_
+#define _INIT_KEYUTILS_H_
+
+#ifndef KEYUTILS_H /* walk away if the _real_ one exists */
+
+#include <linux/keyctl.h>
+#include <stdarg.h>
+#include <sys/syscall.h>
+#include <unistd.h>
+
+static inline long keyctl(int cmd, ...) {
+ va_list va;
+ unsigned long arg2, arg3, arg4, arg5;
+
+ va_start(va, cmd);
+ arg2 = va_arg(va, unsigned long);
+ arg3 = va_arg(va, unsigned long);
+ arg4 = va_arg(va, unsigned long);
+ arg5 = va_arg(va, unsigned long);
+ va_end(va);
+ return syscall(__NR_keyctl, cmd, arg2, arg3, arg4, arg5);
+}
+
+#endif
+
+#endif
diff --git a/libcutils/fs_config.c b/libcutils/fs_config.c
index d98a923..17d7cb9 100644
--- a/libcutils/fs_config.c
+++ b/libcutils/fs_config.c
@@ -214,9 +214,6 @@
/* Support wifi_hal_legacy administering a network interface. */
{ 00755, AID_WIFI, AID_WIFI, CAP_MASK_LONG(CAP_NET_ADMIN) |
CAP_MASK_LONG(CAP_NET_RAW),
- "system/vendor/bin/hw/android.hardware.wifi@1.0-service" },
- { 00755, AID_WIFI, AID_WIFI, CAP_MASK_LONG(CAP_NET_ADMIN) |
- CAP_MASK_LONG(CAP_NET_RAW),
"vendor/bin/hw/android.hardware.wifi@1.0-service" },
/* A non-privileged zygote that spawns
diff --git a/libutils/include/utils/Flattenable.h b/libutils/include/utils/Flattenable.h
index 22b811a..070c710 100644
--- a/libutils/include/utils/Flattenable.h
+++ b/libutils/include/utils/Flattenable.h
@@ -189,11 +189,11 @@
}
inline status_t flatten(void* buffer, size_t size) const {
if (size < sizeof(T)) return NO_MEMORY;
- *reinterpret_cast<T*>(buffer) = *static_cast<T const*>(this);
+ memcpy(buffer, static_cast<T const*>(this), sizeof(T));
return NO_ERROR;
}
inline status_t unflatten(void const* buffer, size_t) {
- *static_cast<T*>(this) = *reinterpret_cast<T const*>(buffer);
+ memcpy(static_cast<T*>(this), buffer, sizeof(T));
return NO_ERROR;
}
};
diff --git a/rootdir/etc/ld.config.txt b/rootdir/etc/ld.config.txt
index 21179fb..e8a34bf 100644
--- a/rootdir/etc/ld.config.txt
+++ b/rootdir/etc/ld.config.txt
@@ -97,7 +97,7 @@
namespace.vndk.search.paths = /system/${LIB}/vndk-sp:/vendor/${LIB}
namespace.vndk.permitted.paths = /vendor/${LIB}/hw:/vendor/${LIB}/egl
-namespace.vndk.asan.search.paths = /data/asan/vendor/${LIB}/vndk-sp:/vendor/${LIB}/vndk-sp:/data/asan/vendor/${LIB}:/vendor/${LIB}
+namespace.vndk.asan.search.paths = /data/asan/system/${LIB}/vndk-sp:/system/${LIB}/vndk-sp:/data/asan/vendor/${LIB}:/vendor/${LIB}
namespace.vndk.asan.permitted.paths = /data/asan/vendor/${LIB}/hw:/vendor/${LIB}/hw:/data/asan/vendor/${LIB}/egl:/vendor/${LIB}/egl
# When these NDK libs are required inside this namespace, then it is redirected
@@ -115,6 +115,6 @@
[vendor]
namespace.default.isolated = false
-namespace.default.search.paths = /vendor/${LIB}:/vendor/${LIB}/vndk-sp:/system/${LIB}
+namespace.default.search.paths = /vendor/${LIB}:/system/${LIB}/vndk-sp:/system/${LIB}
-namespace.default.asan.search.paths = /data/asan/vendor/${LIB}:/vendor/${LIB}:/data/asan/vendor/${LIB}/vndk-sp:/vendor/${LIB}/vndk-sp:/data/asan/system/${LIB}:/system/${LIB}
+namespace.default.asan.search.paths = /data/asan/vendor/${LIB}:/vendor/${LIB}:/data/asan/system/${LIB}/vndk-sp:/system/${LIB}/vndk-sp:/data/asan/system/${LIB}:/system/${LIB}