Merge "storageproxyd: Remove duplicate interface definition" into main
diff --git a/fs_mgr/fs_mgr.cpp b/fs_mgr/fs_mgr.cpp
index a30d9c0..204e690 100644
--- a/fs_mgr/fs_mgr.cpp
+++ b/fs_mgr/fs_mgr.cpp
@@ -2023,6 +2023,84 @@
return InstallZramDevice(loop_device);
}
+// Check whether it is in recovery mode or not.
+//
+// This is a copy from util.h in libinit.
+//
+// You need to check ALL relevant executables calling this function has access to
+// "/system/bin/recovery" (including SELinux permissions and UNIX permissions).
+static bool IsRecovery() {
+ return access("/system/bin/recovery", F_OK) == 0;
+}
+
+// Decides whether swapon_all should skip setting up zram.
+//
+// swapon_all is deprecated to setup zram after mmd is launched. swapon_all command should skip
+// setting up zram if mmd is enabled by AConfig flag and mmd is configured to set up zram.
+static bool ShouldSkipZramSetup() {
+ if (IsRecovery()) {
+ // swapon_all continue to support zram setup in recovery mode after mmd launch.
+ return false;
+ }
+
+ // Since AConfig does not support to load the status from init, we use the system property
+ // "mmd.enabled_aconfig" copied from AConfig by `mmd --set-property` command to check whether
+ // mmd is enabled or not.
+ //
+ // aconfig_prop can have either of:
+ //
+ // * "true": mmd is enabled by AConfig
+ // * "false": mmd is disabled by AConfig
+ // * "": swapon_all is executed before `mmd --set-property`
+ //
+ // During mmd being launched, we request OEMs, who decided to use mmd to set up zram, to execute
+ // swapon_all after "mmd.enabled_aconfig" system property is initialized. Init can wait the
+ // "mmd.enabled_aconfig" initialization by `property:mmd.enabled_aconfig=*` trigger.
+ //
+ // After mmd is launched, we deprecate swapon_all command for setting up zram but recommend to
+ // use `mmd --setup-zram`. It means that the system should call swapon_all with fstab with no
+ // zram entry or the system should never call swapon_all.
+ //
+ // As a transition, OEMs can use the deprecated swapon_all to set up zram for several versions
+ // after mmd is launched. swapon_all command will show warning logs during the transition
+ // period.
+ const std::string aconfig_prop = android::base::GetProperty("mmd.enabled_aconfig", "");
+ const bool is_zram_managed_by_mmd = android::base::GetBoolProperty("mmd.zram.enabled", false);
+ if (aconfig_prop == "true" && is_zram_managed_by_mmd) {
+ // Skip zram setup since zram is managed by mmd.
+ //
+ // We expect swapon_all is not called when mmd is enabled by AConfig flag.
+ // TODO: b/394484720 - Make this log as warning after mmd is launched.
+ LINFO << "Skip setting up zram because mmd sets up zram instead.";
+ return true;
+ }
+
+ if (aconfig_prop == "false") {
+ // It is expected to swapon_all command to set up zram before mmd is launched.
+ LOG(DEBUG) << "mmd is not launched yet. swapon_all setup zram.";
+ } else if (is_zram_managed_by_mmd) {
+ // This branch is for aconfig_prop == ""
+
+ // On the system which uses mmd to setup zram, swapon_all must be executed after
+ // mmd.enabled_aconfig is initialized.
+ LERROR << "swapon_all must be called after mmd.enabled_aconfig system "
+ "property is initialized";
+ // Since we don't know whether mmd is enabled on the system or not, we fall back to enable
+ // zram from swapon_all conservatively. Both swapon_all and `mmd --setup-zram` command
+ // trying to set up zram does not break the system but just either ends up failing.
+ } else {
+ // We show the warning log for swapon_all deprecation on both aconfig_prop is "true" and ""
+ // cases.
+ // If mmd is enabled, swapon_all is already deprecated.
+ // If aconfig_prop is "", we don't know whether mmd is launched or not. But we show the
+ // deprecation warning log conservatively.
+ LWARNING << "mmd is recommended to set up zram over swapon_all command with "
+ "fstab entry.";
+ }
+
+ return false;
+}
+
bool fs_mgr_swapon_all(const Fstab& fstab) {
bool ret = true;
for (const auto& entry : fstab) {
@@ -2032,6 +2110,10 @@
}
if (entry.zram_size > 0) {
+ if (ShouldSkipZramSetup()) {
+ continue;
+ }
+
if (!PrepareZramBackingDevice(entry.zram_backingdev_size)) {
LERROR << "Failure of zram backing device file for '" << entry.blk_device << "'";
}
diff --git a/gatekeeperd/OWNERS b/gatekeeperd/OWNERS
index 04cd19e..7d822e6 100644
--- a/gatekeeperd/OWNERS
+++ b/gatekeeperd/OWNERS
@@ -1,5 +1,4 @@
# Bug component: 1124862
drysdale@google.com
oarbildo@google.com
-subrahmanyaman@google.com
swillden@google.com
diff --git a/init/README.md b/init/README.md
index 89e20a4..c9742ad 100644
--- a/init/README.md
+++ b/init/README.md
@@ -785,6 +785,16 @@
fstab.${ro.hardware} or fstab.${ro.hardware.platform} will be scanned for
under /odm/etc, /vendor/etc, or / at runtime, in that order.
+> swapon_all is deprecated and will do nothing if `mmd_enabled` AConfig flag
+ in `system_performance` namespace and `mmd.zram.enabled` sysprop are enabled.
+ OEMs, who decided to use mmd to manage zram, must remove zram entry from fstab
+ or remove swapon_all call from their init script.
+
+> swapon_all continues to support setting up non-zram swap devices.
+
+> swapon_all on recovery mode continues to support setting up zram because mmd
+ does not support the recovery mode.
+
`swapoff <path>`
> Stops swapping to the file or block device specified by path.
diff --git a/init/init.cpp b/init/init.cpp
index b6ba6a8..920b926 100644
--- a/init/init.cpp
+++ b/init/init.cpp
@@ -100,6 +100,8 @@
using android::base::boot_clock;
using android::base::ConsumePrefix;
using android::base::GetProperty;
+using android::base::GetIntProperty;
+using android::base::GetBoolProperty;
using android::base::ReadFileToString;
using android::base::SetProperty;
using android::base::StringPrintf;
@@ -108,6 +110,8 @@
using android::base::unique_fd;
using android::fs_mgr::AvbHandle;
using android::snapshot::SnapshotManager;
+using android::base::WaitForProperty;
+using android::base::WriteStringToFile;
namespace android {
namespace init {
@@ -919,6 +923,34 @@
return {};
}
+static void SecondStageBootMonitor(int timeout_sec) {
+ auto cur_time = boot_clock::now().time_since_epoch();
+ int cur_sec = std::chrono::duration_cast<std::chrono::seconds>(cur_time).count();
+ int extra_sec = timeout_sec <= cur_sec? 0 : timeout_sec - cur_sec;
+ auto boot_timeout = std::chrono::seconds(extra_sec);
+
+ LOG(INFO) << "Started BootMonitorThread, expiring in "
+ << timeout_sec
+ << " seconds from boot-up";
+
+ if (!WaitForProperty("sys.boot_completed", "1", boot_timeout)) {
+ LOG(ERROR) << "BootMonitorThread: boot didn't complete in "
+ << timeout_sec
+ << " seconds. Trigger a panic!";
+
+ // add a short delay for logs to be flushed out.
+ std::this_thread::sleep_for(200ms);
+
+ // trigger a kernel panic
+ WriteStringToFile("c", PROC_SYSRQ);
+ }
+}
+
+static void StartSecondStageBootMonitor(int timeout_sec) {
+ std::thread monitor_thread(&SecondStageBootMonitor, timeout_sec);
+ monitor_thread.detach();
+}
+
int SecondStageMain(int argc, char** argv) {
if (REBOOT_BOOTLOADER_ON_PANIC) {
InstallRebootSignalHandlers();
@@ -1010,6 +1042,14 @@
InstallInitNotifier(&epoll);
StartPropertyService(&property_fd);
+ // If boot_timeout property has been set in a debug build, start the boot monitor
+ if (GetBoolProperty("ro.debuggable", false)) {
+ int timeout = GetIntProperty("ro.boot.boot_timeout", 0);
+ if (timeout > 0) {
+ StartSecondStageBootMonitor(timeout);
+ }
+ }
+
// Make the time that init stages started available for bootstat to log.
RecordStageBoottimes(start_time);
diff --git a/init/reboot.cpp b/init/reboot.cpp
index d7ad861..a26149f 100644
--- a/init/reboot.cpp
+++ b/init/reboot.cpp
@@ -268,6 +268,19 @@
}
static UmountStat UmountPartitions(std::chrono::milliseconds timeout) {
+ // Terminate (SIGTERM) the services before unmounting partitions.
+ // If the processes block the signal, then partitions will eventually fail
+ // to unmount and then we fallback to SIGKILL the services.
+ //
+ // Hence, give the services a chance for a graceful shutdown before sending SIGKILL.
+ for (const auto& s : ServiceList::GetInstance()) {
+ if (s->IsShutdownCritical()) {
+ LOG(INFO) << "Shutdown service: " << s->name();
+ s->Terminate();
+ }
+ }
+ ReapAnyOutstandingChildren();
+
Timer t;
/* data partition needs all pending writes to be completed and all emulated partitions
* umounted.If the current waiting is not good enough, give
@@ -815,6 +828,7 @@
if (IsDataMounted("f2fs")) {
uint32_t flag = F2FS_GOING_DOWN_FULLSYNC;
unique_fd fd(TEMP_FAILURE_RETRY(open("/data", O_RDONLY)));
+ LOG(INFO) << "Invoking F2FS_IOC_SHUTDOWN during shutdown";
int ret = ioctl(fd.get(), F2FS_IOC_SHUTDOWN, &flag);
if (ret) {
PLOG(ERROR) << "Shutdown /data: ";
diff --git a/libcutils/ashmem-dev.cpp b/libcutils/ashmem-dev.cpp
index 768db81..b4f1d7f 100644
--- a/libcutils/ashmem-dev.cpp
+++ b/libcutils/ashmem-dev.cpp
@@ -76,8 +76,8 @@
* debugging.
*/
-static bool debug_log = false; /* set to true for verbose logging and other debug */
-static bool pin_deprecation_warn = true; /* Log the pin deprecation warning only once */
+/* set to true for verbose logging and other debug */
+static bool debug_log = false;
/* Determine if vendor processes would be ok with memfd in the system:
*
@@ -120,11 +120,9 @@
// permissions of the buffer (i.e. they cannot be changed by fchmod()).
//
// MFD_NOEXEC_SEAL implies MFD_ALLOW_SEALING.
- const char *test_buf_name = "test_android_memfd";
- size_t buf_size = getpagesize();
android::base::unique_fd fd(
- syscall(__NR_memfd_create, test_buf_name, MFD_CLOEXEC | MFD_NOEXEC_SEAL));
+ syscall(__NR_memfd_create, "test_android_memfd", MFD_CLOEXEC | MFD_NOEXEC_SEAL));
if (fd == -1) {
ALOGE("memfd_create failed: %m, no memfd support");
return false;
@@ -135,9 +133,9 @@
return false;
}
+ size_t buf_size = getpagesize();
if (ftruncate(fd, buf_size) == -1) {
- ALOGE("ftruncate(%s, %zd) failed to set memfd buffer size: %m, no memfd support",
- test_buf_name, buf_size);
+ ALOGE("ftruncate(%zd) failed to set memfd buffer size: %m, no memfd support", buf_size);
return false;
}
@@ -159,11 +157,7 @@
}
static bool has_memfd_support() {
- /* memfd_supported is the initial global per-process state of what is known
- * about memfd.
- */
static bool memfd_supported = __has_memfd_support();
-
return memfd_supported;
}
@@ -173,75 +167,64 @@
if (!android::base::ReadFileToString(boot_id_path, &boot_id)) {
ALOGE("Failed to read %s: %m", boot_id_path.c_str());
return "";
- };
+ }
boot_id = android::base::Trim(boot_id);
return "/dev/ashmem" + boot_id;
}
/* logistics of getting file descriptor for ashmem */
-static int __ashmem_open_locked()
-{
+static int __ashmem_open_locked() {
static const std::string ashmem_device_path = get_ashmem_device_path();
if (ashmem_device_path.empty()) {
return -1;
}
- int fd = TEMP_FAILURE_RETRY(open(ashmem_device_path.c_str(), O_RDWR | O_CLOEXEC));
-
+ android::base::unique_fd fd(TEMP_FAILURE_RETRY(open(ashmem_device_path.c_str(), O_RDWR | O_CLOEXEC)));
+ int errno1 = errno;
// fallback for APEX w/ use_vendor on Q, which would have still used /dev/ashmem
- if (fd < 0) {
- int saved_errno = errno;
- fd = TEMP_FAILURE_RETRY(open("/dev/ashmem", O_RDWR | O_CLOEXEC));
- if (fd < 0) {
+ // TODO: remove this?
+ if (!fd.ok()) {
+ fd.reset(TEMP_FAILURE_RETRY(open("/dev/ashmem", O_RDWR | O_CLOEXEC)));
+ int errno2 = errno;
+ if (!fd.ok()) {
/* Q launching devices and newer must not reach here since they should have been
* able to open ashmem_device_path */
- ALOGE("Unable to open ashmem device %s (error = %s) and /dev/ashmem(error = %s)",
- ashmem_device_path.c_str(), strerror(saved_errno), strerror(errno));
- return fd;
+ ALOGE("Unable to open ashmem device %s (%s) and /dev/ashmem (%s)",
+ ashmem_device_path.c_str(), strerror(errno1), strerror(errno2));
+ return -1;
}
}
+
struct stat st;
- int ret = TEMP_FAILURE_RETRY(fstat(fd, &st));
- if (ret < 0) {
- int save_errno = errno;
- close(fd);
- errno = save_errno;
- return ret;
+ if (TEMP_FAILURE_RETRY(fstat(fd, &st)) == -1) {
+ return -1;
}
if (!S_ISCHR(st.st_mode) || !st.st_rdev) {
- close(fd);
errno = ENOTTY;
return -1;
}
__ashmem_rdev = st.st_rdev;
- return fd;
+ return fd.release();
}
-static int __ashmem_open()
-{
- int fd;
-
+static int __ashmem_open() {
pthread_mutex_lock(&__ashmem_lock);
- fd = __ashmem_open_locked();
+ int fd = __ashmem_open_locked();
pthread_mutex_unlock(&__ashmem_lock);
-
return fd;
}
/* Make sure file descriptor references ashmem, negative number means false */
-static int __ashmem_is_ashmem(int fd, int fatal)
-{
- dev_t rdev;
+static int __ashmem_is_ashmem(int fd, bool fatal) {
struct stat st;
-
if (fstat(fd, &st) < 0) {
return -1;
}
- rdev = 0; /* Too much complexity to sniff __ashmem_rdev */
+ dev_t rdev = 0; /* Too much complexity to sniff __ashmem_rdev */
if (S_ISCHR(st.st_mode) && st.st_rdev) {
pthread_mutex_lock(&__ashmem_lock);
rdev = __ashmem_rdev;
@@ -282,16 +265,15 @@
return -1;
}
-static int __ashmem_check_failure(int fd, int result)
-{
- if (result == -1 && errno == ENOTTY) __ashmem_is_ashmem(fd, 1);
+static int __ashmem_check_failure(int fd, int result) {
+ if (result == -1 && errno == ENOTTY) __ashmem_is_ashmem(fd, true);
return result;
}
-static bool memfd_is_ashmem(int fd) {
+static bool is_ashmem_fd(int fd) {
static bool fd_check_error_once = false;
- if (__ashmem_is_ashmem(fd, 0) == 0) {
+ if (__ashmem_is_ashmem(fd, false) == 0) {
if (!fd_check_error_once) {
ALOGE("memfd: memfd expected but ashmem fd used - please use libcutils");
fd_check_error_once = true;
@@ -303,13 +285,16 @@
return false;
}
-int ashmem_valid(int fd)
-{
- if (has_memfd_support() && !memfd_is_ashmem(fd)) {
+static bool is_memfd_fd(int fd) {
+ return has_memfd_support() && !is_ashmem_fd(fd);
+}
+
+int ashmem_valid(int fd) {
+ if (is_memfd_fd(fd)) {
return 1;
}
- return __ashmem_is_ashmem(fd, 0) >= 0;
+ return __ashmem_is_ashmem(fd, false) >= 0;
}
static int memfd_create_region(const char* name, size_t size) {
@@ -352,41 +337,20 @@
* `name' is an optional label to give the region (visible in /proc/pid/maps)
* `size' is the size of the region, in page-aligned bytes
*/
-int ashmem_create_region(const char *name, size_t size)
-{
- int ret, save_errno;
+int ashmem_create_region(const char* name, size_t size) {
+ if (name == NULL) name = "none";
if (has_memfd_support()) {
- return memfd_create_region(name ? name : "none", size);
+ return memfd_create_region(name, size);
}
- int fd = __ashmem_open();
- if (fd < 0) {
- return fd;
+ android::base::unique_fd fd(__ashmem_open());
+ if (!fd.ok() ||
+ TEMP_FAILURE_RETRY(ioctl(fd, ASHMEM_SET_NAME, name) < 0) ||
+ TEMP_FAILURE_RETRY(ioctl(fd, ASHMEM_SET_SIZE, size) < 0)) {
+ return -1;
}
-
- if (name) {
- char buf[ASHMEM_NAME_LEN] = {0};
-
- strlcpy(buf, name, sizeof(buf));
- ret = TEMP_FAILURE_RETRY(ioctl(fd, ASHMEM_SET_NAME, buf));
- if (ret < 0) {
- goto error;
- }
- }
-
- ret = TEMP_FAILURE_RETRY(ioctl(fd, ASHMEM_SET_SIZE, size));
- if (ret < 0) {
- goto error;
- }
-
- return fd;
-
-error:
- save_errno = errno;
- close(fd);
- errno = save_errno;
- return ret;
+ return fd.release();
}
static int memfd_set_prot_region(int fd, int prot) {
@@ -418,61 +382,45 @@
return 0;
}
-int ashmem_set_prot_region(int fd, int prot)
-{
- if (has_memfd_support() && !memfd_is_ashmem(fd)) {
+int ashmem_set_prot_region(int fd, int prot) {
+ if (is_memfd_fd(fd)) {
return memfd_set_prot_region(fd, prot);
}
return __ashmem_check_failure(fd, TEMP_FAILURE_RETRY(ioctl(fd, ASHMEM_SET_PROT_MASK, prot)));
}
-int ashmem_pin_region(int fd, size_t offset, size_t len)
-{
- if (!pin_deprecation_warn || debug_log) {
+static int do_pin(int op, int fd, size_t offset, size_t length) {
+ static bool already_warned_about_pin_deprecation = false;
+ if (!already_warned_about_pin_deprecation || debug_log) {
ALOGE("Pinning is deprecated since Android Q. Please use trim or other methods.");
- pin_deprecation_warn = true;
+ already_warned_about_pin_deprecation = true;
}
- if (has_memfd_support() && !memfd_is_ashmem(fd)) {
+ if (is_memfd_fd(fd)) {
return 0;
}
// TODO: should LP64 reject too-large offset/len?
- ashmem_pin pin = { static_cast<uint32_t>(offset), static_cast<uint32_t>(len) };
- return __ashmem_check_failure(fd, TEMP_FAILURE_RETRY(ioctl(fd, ASHMEM_PIN, &pin)));
+ ashmem_pin pin = { static_cast<uint32_t>(offset), static_cast<uint32_t>(length) };
+ return __ashmem_check_failure(fd, TEMP_FAILURE_RETRY(ioctl(fd, op, &pin)));
}
-int ashmem_unpin_region(int fd, size_t offset, size_t len)
-{
- if (!pin_deprecation_warn || debug_log) {
- ALOGE("Pinning is deprecated since Android Q. Please use trim or other methods.");
- pin_deprecation_warn = true;
- }
-
- if (has_memfd_support() && !memfd_is_ashmem(fd)) {
- return 0;
- }
-
- // TODO: should LP64 reject too-large offset/len?
- ashmem_pin pin = { static_cast<uint32_t>(offset), static_cast<uint32_t>(len) };
- return __ashmem_check_failure(fd, TEMP_FAILURE_RETRY(ioctl(fd, ASHMEM_UNPIN, &pin)));
+int ashmem_pin_region(int fd, size_t offset, size_t length) {
+ return do_pin(ASHMEM_PIN, fd, offset, length);
}
-int ashmem_get_size_region(int fd)
-{
- if (has_memfd_support() && !memfd_is_ashmem(fd)) {
+int ashmem_unpin_region(int fd, size_t offset, size_t length) {
+ return do_pin(ASHMEM_UNPIN, fd, offset, length);
+}
+
+int ashmem_get_size_region(int fd) {
+ if (is_memfd_fd(fd)) {
struct stat sb;
-
if (fstat(fd, &sb) == -1) {
ALOGE("ashmem_get_size_region(%d): fstat failed: %m", fd);
return -1;
}
-
- if (debug_log) {
- ALOGD("ashmem_get_size_region(%d): %d", fd, static_cast<int>(sb.st_size));
- }
-
return sb.st_size;
}
diff --git a/libsparse/Android.bp b/libsparse/Android.bp
index 44907a1..1d67cbe 100644
--- a/libsparse/Android.bp
+++ b/libsparse/Android.bp
@@ -89,11 +89,6 @@
name: "simg_dump",
main: "simg_dump.py",
srcs: ["simg_dump.py"],
- version: {
- py3: {
- embedded_launcher: true,
- },
- },
}
cc_fuzz {
diff --git a/rootdir/init.rc b/rootdir/init.rc
index 734197b..54493d5 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -727,7 +727,6 @@
mkdir /data/apex/active 0755 root system
mkdir /data/apex/backup 0700 root system
mkdir /data/apex/decompressed 0755 root system encryption=Require
- mkdir /data/apex/sessions 0700 root system
mkdir /data/app-staging 0751 system system encryption=DeleteIfNecessary
mkdir /data/apex/ota_reserved 0700 root system encryption=Require
setprop apexd.status ""
diff --git a/trusty/test/driver/Android.bp b/trusty/test/driver/Android.bp
index b813a04..3faa878 100644
--- a/trusty/test/driver/Android.bp
+++ b/trusty/test/driver/Android.bp
@@ -23,10 +23,4 @@
"**/*.py",
],
test_suites: ["general-tests"],
- version: {
- py3: {
- embedded_launcher: true,
- enabled: true,
- },
- },
}
diff --git a/trusty/utils/rpmb_dev/rpmb_dev.test.system.rc b/trusty/utils/rpmb_dev/rpmb_dev.test.system.rc
index 2127798..c85dd12 100644
--- a/trusty/utils/rpmb_dev/rpmb_dev.test.system.rc
+++ b/trusty/utils/rpmb_dev/rpmb_dev.test.system.rc
@@ -1,11 +1,15 @@
-service trusty_test_vm /apex/com.android.virt/bin/vm run \
- /data/local/tmp/TrustyTestVM_UnitTests/trusty-test_vm-config.json
+service storageproxyd_test_vm /system_ext/bin/storageproxyd.system \
+ -d VSOCK:${trusty.test_vm.vm_cid}:1 \
+ -r /dev/socket/rpmb_mock_test_system \
+ -p /data/secure_storage_test_system \
+ -t sock
disabled
+ class hal
user system
group system
-service storageproxyd_test_system /system_ext/bin/storageproxyd.system \
- -d VSOCK:${trusty.test_vm.vm_cid}:1 \
+service storageproxyd_test_vm_os /system_ext/bin/storageproxyd.system \
+ -d VSOCK:${trusty.test_vm_os.vm_cid}:1 \
-r /dev/socket/rpmb_mock_test_system \
-p /data/secure_storage_test_system \
-t sock
diff --git a/trusty/utils/trusty-ut-ctrl/Android.bp b/trusty/utils/trusty-ut-ctrl/Android.bp
index c255614..dbd8016 100644
--- a/trusty/utils/trusty-ut-ctrl/Android.bp
+++ b/trusty/utils/trusty-ut-ctrl/Android.bp
@@ -39,8 +39,8 @@
vendor: true,
}
-cc_binary {
+cc_test {
name: "trusty-ut-ctrl.system",
defaults: ["trusty-ut-ctrl.defaults"],
- system_ext_specific: true,
+ gtest: false,
}