Merge "fs_mgr: Remove deprecated mount option" into main
diff --git a/fs_mgr/fs_mgr.cpp b/fs_mgr/fs_mgr.cpp
index 711d7c1..3e70f79 100644
--- a/fs_mgr/fs_mgr.cpp
+++ b/fs_mgr/fs_mgr.cpp
@@ -28,6 +28,7 @@
#include <sys/ioctl.h>
#include <sys/mount.h>
#include <sys/stat.h>
+#include <sys/statvfs.h>
#include <sys/swap.h>
#include <sys/types.h>
#include <sys/utsname.h>
@@ -926,7 +927,8 @@
// attempted_idx: On return, will indicate which fstab entry
// succeeded. In case of failure, it will be the start_idx.
// Sets errno to match the 1st mount failure on failure.
-static bool mount_with_alternatives(Fstab& fstab, int start_idx, int* end_idx, int* attempted_idx) {
+static bool mount_with_alternatives(Fstab& fstab, int start_idx, bool interrupted, int* end_idx,
+ int* attempted_idx) {
unsigned long i;
int mount_errno = 0;
bool mounted = false;
@@ -945,6 +947,13 @@
continue;
}
+ if (interrupted) {
+ LINFO << __FUNCTION__ << "(): skipping fstab mountpoint=" << fstab[i].mount_point
+ << " rec[" << i << "].fs_type=" << fstab[i].fs_type
+ << " (previously interrupted during encryption step)";
+ continue;
+ }
+
// fstab[start_idx].blk_device is already updated to /dev/dm-<N> by
// AVB related functions. Copy it from start_idx to the current index i.
if ((i != start_idx) && fstab[i].fs_mgr_flags.logical &&
@@ -1412,6 +1421,15 @@
return GetEntryForMountPoint(&fstab, mount_point) != nullptr;
}
+std::string fs_mgr_metadata_encryption_in_progress_file_name(const FstabEntry& entry) {
+ return entry.metadata_key_dir + "/in_progress";
+}
+
+bool WasMetadataEncryptionInterrupted(const FstabEntry& entry) {
+ if (!should_use_metadata_encryption(entry)) return false;
+ return access(fs_mgr_metadata_encryption_in_progress_file_name(entry).c_str(), R_OK) == 0;
+}
+
// When multiple fstab records share the same mount_point, it will try to mount each
// one in turn, and ignore any duplicates after a first successful mount.
// Returns -1 on error, and FS_MGR_MNTALL_* otherwise.
@@ -1526,7 +1544,9 @@
int top_idx = i;
int attempted_idx = -1;
- bool mret = mount_with_alternatives(*fstab, i, &last_idx_inspected, &attempted_idx);
+ bool encryption_interrupted = WasMetadataEncryptionInterrupted(current_entry);
+ bool mret = mount_with_alternatives(*fstab, i, encryption_interrupted, &last_idx_inspected,
+ &attempted_idx);
auto& attempted_entry = (*fstab)[attempted_idx];
i = last_idx_inspected;
int mount_errno = errno;
@@ -1575,13 +1595,18 @@
// Mounting failed, understand why and retry.
wiped = partition_wiped(current_entry.blk_device.c_str());
if (mount_errno != EBUSY && mount_errno != EACCES &&
- current_entry.fs_mgr_flags.formattable && wiped) {
+ current_entry.fs_mgr_flags.formattable && (wiped || encryption_interrupted)) {
// current_entry and attempted_entry point at the same partition, but sometimes
// at two different lines in the fstab. Use current_entry for formatting
// as that is the preferred one.
- LERROR << __FUNCTION__ << "(): " << realpath(current_entry.blk_device)
- << " is wiped and " << current_entry.mount_point << " " << current_entry.fs_type
- << " is formattable. Format it.";
+ if (wiped)
+ LERROR << __FUNCTION__ << "(): " << realpath(current_entry.blk_device)
+ << " is wiped and " << current_entry.mount_point << " "
+ << current_entry.fs_type << " is formattable. Format it.";
+ if (encryption_interrupted)
+ LERROR << __FUNCTION__ << "(): " << realpath(current_entry.blk_device)
+ << " was interrupted during encryption and " << current_entry.mount_point
+ << " " << current_entry.fs_type << " is formattable. Format it.";
checkpoint_manager.Revert(¤t_entry);
@@ -1621,7 +1646,7 @@
}
// mount(2) returned an error, handle the encryptable/formattable case.
- if (mount_errno != EBUSY && mount_errno != EACCES &&
+ if (mount_errno != EBUSY && mount_errno != EACCES && !encryption_interrupted &&
should_use_metadata_encryption(attempted_entry)) {
if (!call_vdc({"cryptfs", "mountFstab", attempted_entry.blk_device,
attempted_entry.mount_point,
@@ -1639,13 +1664,13 @@
// Use StringPrintf to output "(null)" instead.
if (attempted_entry.fs_mgr_flags.no_fail) {
PERROR << android::base::StringPrintf(
- "Ignoring failure to mount an un-encryptable or wiped "
+ "Ignoring failure to mount an un-encryptable, interrupted, or wiped "
"partition on %s at %s options: %s",
attempted_entry.blk_device.c_str(), attempted_entry.mount_point.c_str(),
attempted_entry.fs_options.c_str());
} else {
PERROR << android::base::StringPrintf(
- "Failed to mount an un-encryptable or wiped partition "
+ "Failed to mount an un-encryptable, interrupted, or wiped partition "
"on %s at %s options: %s",
attempted_entry.blk_device.c_str(), attempted_entry.mount_point.c_str(),
attempted_entry.fs_options.c_str());
@@ -2065,11 +2090,45 @@
return true;
}
+/*
+ * Zram backing device can be created as long as /data has at least `size`
+ * free space, though we may want to leave some extra space for the remaining
+ * boot process and other system activities.
+ */
+static bool ZramBackingDeviceSizeAvailable(off64_t size) {
+ constexpr const char* data_path = "/data";
+ uint64_t min_free_mb =
+ android::base::GetUintProperty<uint64_t>("ro.zram_backing_device_min_free_mb", 0);
+
+ // No min_free property. Skip the available size check.
+ if (min_free_mb == 0) return true;
+
+ struct statvfs vst;
+ if (statvfs(data_path, &vst) < 0) {
+ PERROR << "Cannot check available space: " << data_path;
+ return false;
+ }
+
+ uint64_t size_free = static_cast<uint64_t>(vst.f_bfree) * vst.f_frsize;
+ uint64_t size_required = size + (min_free_mb * 1024 * 1024);
+ if (size_required > size_free) {
+ PERROR << "Free space is not enough for zram backing device: " << size_required << " > "
+ << size_free;
+ return false;
+ }
+ return true;
+}
+
static bool PrepareZramBackingDevice(off64_t size) {
constexpr const char* file_path = "/data/per_boot/zram_swap";
if (size == 0) return true;
+ // Check available space
+ if (!ZramBackingDeviceSizeAvailable(size)) {
+ PERROR << "No space for target path: " << file_path;
+ return false;
+ }
// Prepare target path
unique_fd target_fd(TEMP_FAILURE_RETRY(open(file_path, O_RDWR | O_CREAT | O_CLOEXEC, 0600)));
if (target_fd.get() == -1) {
@@ -2078,6 +2137,7 @@
}
if (fallocate(target_fd.get(), 0, 0, size) < 0) {
PERROR << "Cannot truncate target path: " << file_path;
+ unlink(file_path);
return false;
}
diff --git a/fs_mgr/include/fs_mgr.h b/fs_mgr/include/fs_mgr.h
index bc4a7a6..2e1cf76 100644
--- a/fs_mgr/include/fs_mgr.h
+++ b/fs_mgr/include/fs_mgr.h
@@ -144,3 +144,7 @@
// Unlike fs_mgr_overlayfs, mount overlayfs without upperdir and workdir, so the
// filesystem cannot be remount read-write.
bool fs_mgr_mount_overlayfs_fstab_entry(const android::fs_mgr::FstabEntry& entry);
+
+// File name used to track if encryption was interrupted, leading to a known bad fs state
+std::string fs_mgr_metadata_encryption_in_progress_file_name(
+ const android::fs_mgr::FstabEntry& entry);
diff --git a/init/first_stage_mount.cpp b/init/first_stage_mount.cpp
index 55cce6e..927b45f 100644
--- a/init/first_stage_mount.cpp
+++ b/init/first_stage_mount.cpp
@@ -305,6 +305,11 @@
return false;
}
}
+
+ if (IsArcvm() && !block_dev_init_.InitHvcDevice("hvc1")) {
+ return false;
+ }
+
return true;
}
diff --git a/init/selinux.cpp b/init/selinux.cpp
index c2d9b8d..01af2b6 100644
--- a/init/selinux.cpp
+++ b/init/selinux.cpp
@@ -474,6 +474,8 @@
RestoreconIfExists(SnapshotManager::GetGlobalRollbackIndicatorPath().c_str(), 0);
RestoreconIfExists("/metadata/gsi",
SELINUX_ANDROID_RESTORECON_RECURSE | SELINUX_ANDROID_RESTORECON_SKIP_SEHASH);
+
+ RestoreconIfExists("/dev/hvc1", 0);
}
int SelinuxKlogCallback(int type, const char* fmt, ...) {
diff --git a/init/util.h b/init/util.h
index aa24123..0565391 100644
--- a/init/util.h
+++ b/init/util.h
@@ -18,6 +18,7 @@
#include <sys/stat.h>
#include <sys/types.h>
+#include <sys/unistd.h>
#include <chrono>
#include <functional>
@@ -108,6 +109,10 @@
#endif
}
+inline bool IsArcvm() {
+ return !access("/is_arcvm", F_OK);
+}
+
bool Has32BitAbi();
std::string GetApexNameFromFileName(const std::string& path);
diff --git a/rootdir/Android.bp b/rootdir/Android.bp
index 7105ed5..1e7b48b 100644
--- a/rootdir/Android.bp
+++ b/rootdir/Android.bp
@@ -134,3 +134,58 @@
sanitizer_libraries_txt {
name: "sanitizer.libraries.txt",
}
+
+EXPORT_GLOBAL_ASAN_OPTIONS = select(soong_config_variable("ANDROID", "ASAN_ENABLED"), {
+ true: "export ASAN_OPTIONS include=/system/asan.options",
+ default: "",
+})
+
+EXPORT_GLOBAL_HWASAN_OPTIONS = select(soong_config_variable("ANDROID", "HWASAN_ENABLED"), {
+ true: "export HWASAN_OPTIONS heap_history_size=1023,stack_history_size=512,export_memory_stats=0,max_malloc_fill_size=131072,malloc_fill_byte=0",
+ default: "",
+})
+
+EXPORT_GLOBAL_GCOV_OPTIONS = select(soong_config_variable("ANDROID", "GCOV_COVERAGE"), {
+ true: "export GCOV_PREFIX /data/misc/trace",
+ default: "",
+})
+
+EXPORT_GLOBAL_CLANG_COVERAGE_OPTIONS = select((soong_config_variable("ANDROID", "CLANG_COVERAGE"), soong_config_variable("ANDROID", "CLANG_COVERAGE_CONTINUOUS_MODE")), {
+ (true, true): "export LLVM_PROFILE_FILE /data/misc/trace/clang%c-%20m.profraw",
+ (true, default): "export LLVM_PROFILE_FILE /data/misc/trace/clang-%20m.profraw",
+ (default, default): "",
+})
+
+EXPORT_GLOBAL_SCUDO_ALLOCATION_RING_BUFFER_SIZE = select(soong_config_variable("ANDROID", "SCUDO_ALLOCATION_RING_BUFFER_SIZE"), {
+ "": "",
+ any @ size: "export SCUDO_ALLOCATION_RING_BUFFER_SIZE " + size,
+ default: "",
+})
+
+genrule {
+ name: "init.environ.rc.gen",
+ srcs: ["init.environ.rc.in"],
+ out: ["init.environ.rc"],
+ cmd: "cp -f $(in) $(out) && " +
+ "echo ' " + EXPORT_GLOBAL_ASAN_OPTIONS + "' >> $(out) && " +
+ "echo ' " + EXPORT_GLOBAL_GCOV_OPTIONS + "' >> $(out) && " +
+ "echo ' " + EXPORT_GLOBAL_CLANG_COVERAGE_OPTIONS + "' >> $(out) && " +
+ "echo ' " + EXPORT_GLOBAL_HWASAN_OPTIONS + "' >> $(out) && " +
+ "echo ' " + EXPORT_GLOBAL_SCUDO_ALLOCATION_RING_BUFFER_SIZE + "' >> $(out)",
+}
+
+prebuilt_root {
+ name: "init.environ.rc-soong",
+ src: ":init.environ.rc.gen",
+ filename: "init.environ.rc",
+ install_in_root: true,
+ no_full_install: true,
+ required: select((soong_config_variable("ANDROID", "ASAN_ENABLED"), soong_config_variable("ANDROID", "SANITIZE_TARGET_SYSTEM_ENABLED")), {
+ (true, true): [
+ "asan.options",
+ "asan_extract",
+ ],
+ (true, default): ["asan.options"],
+ (default, default): [],
+ }),
+}
diff --git a/rootdir/Android.mk b/rootdir/Android.mk
index e6ccda7..e743743 100644
--- a/rootdir/Android.mk
+++ b/rootdir/Android.mk
@@ -11,6 +11,7 @@
endif
#######################################
# init.environ.rc
+# TODO(b/353429422): move LOCAL_POST_INSTALL_CMD to other rules and remove Android.mk module.
include $(CLEAR_VARS)
LOCAL_MODULE_CLASS := ETC
@@ -19,36 +20,8 @@
LOCAL_LICENSE_CONDITIONS := notice
LOCAL_MODULE_PATH := $(TARGET_ROOT_OUT)
-EXPORT_GLOBAL_ASAN_OPTIONS :=
ifneq ($(filter address,$(SANITIZE_TARGET)),)
- EXPORT_GLOBAL_ASAN_OPTIONS := export ASAN_OPTIONS include=/system/asan.options
- LOCAL_REQUIRED_MODULES := asan.options $(ASAN_OPTIONS_FILES) $(ASAN_EXTRACT_FILES)
-endif
-
-EXPORT_GLOBAL_HWASAN_OPTIONS :=
-ifneq ($(filter hwaddress,$(SANITIZE_TARGET)),)
- ifneq ($(HWADDRESS_SANITIZER_GLOBAL_OPTIONS),)
- EXPORT_GLOBAL_HWASAN_OPTIONS := export HWASAN_OPTIONS $(HWADDRESS_SANITIZER_GLOBAL_OPTIONS)
- endif
-endif
-
-EXPORT_GLOBAL_SCUDO_ALLOCATION_RING_BUFFER_SIZE :=
-ifneq ($(PRODUCT_SCUDO_ALLOCATION_RING_BUFFER_SIZE),)
- EXPORT_GLOBAL_SCUDO_ALLOCATION_RING_BUFFER_SIZE := export SCUDO_ALLOCATION_RING_BUFFER_SIZE $(PRODUCT_SCUDO_ALLOCATION_RING_BUFFER_SIZE)
-endif
-
-EXPORT_GLOBAL_GCOV_OPTIONS :=
-ifeq ($(NATIVE_COVERAGE),true)
- EXPORT_GLOBAL_GCOV_OPTIONS := export GCOV_PREFIX /data/misc/trace
-endif
-
-EXPORT_GLOBAL_CLANG_COVERAGE_OPTIONS :=
-ifeq ($(CLANG_COVERAGE),true)
- ifeq ($(CLANG_COVERAGE_CONTINUOUS_MODE),true)
- EXPORT_GLOBAL_CLANG_COVERAGE_OPTIONS := export LLVM_PROFILE_FILE /data/misc/trace/clang%c-%20m.profraw
- else
- EXPORT_GLOBAL_CLANG_COVERAGE_OPTIONS := export LLVM_PROFILE_FILE /data/misc/trace/clang-%20m.profraw
- endif
+ LOCAL_REQUIRED_MODULES := asan.options $(ASAN_EXTRACT_FILES)
endif
# Put it here instead of in init.rc module definition,
@@ -173,15 +146,10 @@
include $(BUILD_SYSTEM)/base_rules.mk
$(ALL_ROOTDIR_SYMLINKS): $(LOCAL_BUILT_MODULE)
-$(LOCAL_BUILT_MODULE): $(LOCAL_PATH)/init.environ.rc.in
- @echo "Generate: $< -> $@"
- @mkdir -p $(dir $@)
- $(hide) cp $< $@
- $(hide) sed -i -e 's?%EXPORT_GLOBAL_ASAN_OPTIONS%?$(EXPORT_GLOBAL_ASAN_OPTIONS)?g' $@
- $(hide) sed -i -e 's?%EXPORT_GLOBAL_GCOV_OPTIONS%?$(EXPORT_GLOBAL_GCOV_OPTIONS)?g' $@
- $(hide) sed -i -e 's?%EXPORT_GLOBAL_CLANG_COVERAGE_OPTIONS%?$(EXPORT_GLOBAL_CLANG_COVERAGE_OPTIONS)?g' $@
- $(hide) sed -i -e 's?%EXPORT_GLOBAL_HWASAN_OPTIONS%?$(EXPORT_GLOBAL_HWASAN_OPTIONS)?g' $@
- $(hide) sed -i -e 's?%EXPORT_GLOBAL_SCUDO_ALLOCATION_RING_BUFFER_SIZE%?$(EXPORT_GLOBAL_SCUDO_ALLOCATION_RING_BUFFER_SIZE)?g' $@
+
+init.environ.rc-soong := $(call intermediates-dir-for,ETC,init.environ.rc-soong)/init.environ.rc-soong
+$(eval $(call copy-one-file,$(init.environ.rc-soong),$(LOCAL_BUILT_MODULE)))
+init.environ.rc-soong :=
#######################################
# ramdisk_node_list
diff --git a/rootdir/init.environ.rc.in b/rootdir/init.environ.rc.in
index 7ba1f46..9249270 100644
--- a/rootdir/init.environ.rc.in
+++ b/rootdir/init.environ.rc.in
@@ -10,8 +10,5 @@
export ANDROID_TZDATA_ROOT /apex/com.android.tzdata
export EXTERNAL_STORAGE /sdcard
export ASEC_MOUNTPOINT /mnt/asec
- %EXPORT_GLOBAL_ASAN_OPTIONS%
- %EXPORT_GLOBAL_GCOV_OPTIONS%
- %EXPORT_GLOBAL_CLANG_COVERAGE_OPTIONS%
- %EXPORT_GLOBAL_HWASAN_OPTIONS%
- %EXPORT_GLOBAL_SCUDO_ALLOCATION_RING_BUFFER_SIZE%
+ # Additional environment variables will be appended here during build (see Android.bp).
+ # DO NOT ADD additional sections like 'on <event>' here.