Merge "fs_mgr: Skip zram setup on swapon_all if mmd zram management is enabled" into main
diff --git a/gatekeeperd/OWNERS b/gatekeeperd/OWNERS
index 04cd19e..7d822e6 100644
--- a/gatekeeperd/OWNERS
+++ b/gatekeeperd/OWNERS
@@ -1,5 +1,4 @@
# Bug component: 1124862
drysdale@google.com
oarbildo@google.com
-subrahmanyaman@google.com
swillden@google.com
diff --git a/init/init.cpp b/init/init.cpp
index b6ba6a8..920b926 100644
--- a/init/init.cpp
+++ b/init/init.cpp
@@ -100,6 +100,8 @@
using android::base::boot_clock;
using android::base::ConsumePrefix;
using android::base::GetProperty;
+using android::base::GetIntProperty;
+using android::base::GetBoolProperty;
using android::base::ReadFileToString;
using android::base::SetProperty;
using android::base::StringPrintf;
@@ -108,6 +110,8 @@
using android::base::unique_fd;
using android::fs_mgr::AvbHandle;
using android::snapshot::SnapshotManager;
+using android::base::WaitForProperty;
+using android::base::WriteStringToFile;
namespace android {
namespace init {
@@ -919,6 +923,34 @@
return {};
}
+static void SecondStageBootMonitor(int timeout_sec) {
+ auto cur_time = boot_clock::now().time_since_epoch();
+ int cur_sec = std::chrono::duration_cast<std::chrono::seconds>(cur_time).count();
+ int extra_sec = timeout_sec <= cur_sec? 0 : timeout_sec - cur_sec;
+ auto boot_timeout = std::chrono::seconds(extra_sec);
+
+ LOG(INFO) << "Started BootMonitorThread, expiring in "
+ << timeout_sec
+ << " seconds from boot-up";
+
+ if (!WaitForProperty("sys.boot_completed", "1", boot_timeout)) {
+ LOG(ERROR) << "BootMonitorThread: boot didn't complete in "
+ << timeout_sec
+ << " seconds. Trigger a panic!";
+
+ // add a short delay for logs to be flushed out.
+ std::this_thread::sleep_for(200ms);
+
+ // trigger a kernel panic
+ WriteStringToFile("c", PROC_SYSRQ);
+ }
+}
+
+static void StartSecondStageBootMonitor(int timeout_sec) {
+ std::thread monitor_thread(&SecondStageBootMonitor, timeout_sec);
+ monitor_thread.detach();
+}
+
int SecondStageMain(int argc, char** argv) {
if (REBOOT_BOOTLOADER_ON_PANIC) {
InstallRebootSignalHandlers();
@@ -1010,6 +1042,14 @@
InstallInitNotifier(&epoll);
StartPropertyService(&property_fd);
+ // If boot_timeout property has been set in a debug build, start the boot monitor
+ if (GetBoolProperty("ro.debuggable", false)) {
+ int timeout = GetIntProperty("ro.boot.boot_timeout", 0);
+ if (timeout > 0) {
+ StartSecondStageBootMonitor(timeout);
+ }
+ }
+
// Make the time that init stages started available for bootstat to log.
RecordStageBoottimes(start_time);
diff --git a/init/reboot.cpp b/init/reboot.cpp
index d7ad861..a26149f 100644
--- a/init/reboot.cpp
+++ b/init/reboot.cpp
@@ -268,6 +268,19 @@
}
static UmountStat UmountPartitions(std::chrono::milliseconds timeout) {
+ // Terminate (SIGTERM) the services before unmounting partitions.
+ // If the processes block the signal, then partitions will eventually fail
+ // to unmount and then we fallback to SIGKILL the services.
+ //
+ // Hence, give the services a chance for a graceful shutdown before sending SIGKILL.
+ for (const auto& s : ServiceList::GetInstance()) {
+ if (s->IsShutdownCritical()) {
+ LOG(INFO) << "Shutdown service: " << s->name();
+ s->Terminate();
+ }
+ }
+ ReapAnyOutstandingChildren();
+
Timer t;
/* data partition needs all pending writes to be completed and all emulated partitions
* umounted.If the current waiting is not good enough, give
@@ -815,6 +828,7 @@
if (IsDataMounted("f2fs")) {
uint32_t flag = F2FS_GOING_DOWN_FULLSYNC;
unique_fd fd(TEMP_FAILURE_RETRY(open("/data", O_RDONLY)));
+ LOG(INFO) << "Invoking F2FS_IOC_SHUTDOWN during shutdown";
int ret = ioctl(fd.get(), F2FS_IOC_SHUTDOWN, &flag);
if (ret) {
PLOG(ERROR) << "Shutdown /data: ";
diff --git a/trusty/libtrusty/include/trusty/ipc.h b/trusty/libtrusty/include/trusty/ipc.h
index 04e84c6..4a19692 100644
--- a/trusty/libtrusty/include/trusty/ipc.h
+++ b/trusty/libtrusty/include/trusty/ipc.h
@@ -23,19 +23,21 @@
/**
* enum transfer_kind - How to send an fd to Trusty
- * @TRUSTY_SHARE: Memory will be accessible by Linux and Trusty. On ARM it
- * will be mapped as nonsecure. Suitable for shared memory.
- * The paired fd must be a "dma_buf".
- * @TRUSTY_LEND: Memory will be accessible only to Trusty. On ARM it will
- * be transitioned to "Secure" memory if Trusty is in
- * TrustZone. This transfer kind is suitable for donating
- * video buffers or other similar resources. The paired fd
- * may need to come from a platform-specific allocator for
- * memory that may be transitioned to "Secure".
- * @TRUSTY_SEND_SECURE: Send memory that is already "Secure". Memory will be
- * accessible only to Trusty. The paired fd may need to
- * come from a platform-specific allocator that returns
- * "Secure" buffers.
+ * @TRUSTY_SHARE: Memory will be accessible by Linux and Trusty. On ARM it
+ * will be mapped as nonsecure. Suitable for shared memory.
+ * The paired fd must be a "dma_buf".
+ * @TRUSTY_LEND: Memory will be accessible only to Trusty. On ARM it will
+ * be transitioned to "Secure" memory if Trusty is in
+ * TrustZone. This transfer kind is suitable for donating
+ * video buffers or other similar resources. The paired fd
+ * may need to come from a platform-specific allocator for
+ * memory that may be transitioned to "Secure".
+ * @TRUSTY_SEND_SECURE: Send memory that is already "Secure". Memory will be
+ * accessible only to Trusty. The paired fd may need to
+ * come from a platform-specific allocator that returns
+ * "Secure" buffers.
+ * @TRUSTY_SEND_SECURE_OR_SHARE: Acts as TRUSTY_SEND_SECURE if the memory is already
+ * "Secure" and as TRUSTY_SHARE otherwise.
*
* Describes how the user would like the resource in question to be sent to
* Trusty. Options may be valid only for certain kinds of fds.
@@ -44,6 +46,7 @@
TRUSTY_SHARE = 0,
TRUSTY_LEND = 1,
TRUSTY_SEND_SECURE = 2,
+ TRUSTY_SEND_SECURE_OR_SHARE = 3,
};
/**
diff --git a/trusty/libtrusty/tipc-test/tipc_test.c b/trusty/libtrusty/tipc-test/tipc_test.c
index 121837d..9910aee 100644
--- a/trusty/libtrusty/tipc-test/tipc_test.c
+++ b/trusty/libtrusty/tipc-test/tipc_test.c
@@ -55,6 +55,8 @@
"}"
/* clang-format on */
+#define countof(arr) (sizeof(arr) / sizeof(arr[0]))
+
static const char *uuid_name = "com.android.ipc-unittest.srv.uuid";
static const char *echo_name = "com.android.ipc-unittest.srv.echo";
static const char *ta_only_name = "com.android.ipc-unittest.srv.ta_only";
@@ -904,12 +906,14 @@
static int send_fd_test(const struct tipc_test_params* params) {
int ret;
- int dma_buf = -1;
+ int dma_buf[] = {-1, -1, -1};
int fd = -1;
- volatile char* buf = MAP_FAILED;
+ volatile char* buf[countof(dma_buf)] = {MAP_FAILED, MAP_FAILED, MAP_FAILED};
BufferAllocator* allocator = NULL;
+ uint i;
const size_t num_chunks = 10;
+ const size_t buf_size = memref_chunk_size * num_chunks;
fd = tipc_connect(params->dev_name, receiver_name);
if (fd < 0) {
@@ -925,56 +929,86 @@
goto cleanup;
}
- size_t buf_size = memref_chunk_size * num_chunks;
- dma_buf = DmabufHeapAlloc(allocator, "system", buf_size, 0, 0 /* legacy align */);
- if (dma_buf < 0) {
- ret = dma_buf;
- fprintf(stderr, "Failed to create dma-buf fd of size %zu err (%d)\n", buf_size, ret);
- goto cleanup;
+ for (i = 0; i < countof(dma_buf); i++) {
+ ret = DmabufHeapAlloc(allocator, "system", buf_size, 0, 0 /* legacy align */);
+ if (ret < 0) {
+ fprintf(stderr, "Failed to create dma-buf fd of size %zu err (%d)\n", buf_size, ret);
+ goto cleanup;
+ }
+ dma_buf[i] = ret;
}
- buf = mmap(0, buf_size, PROT_READ | PROT_WRITE, MAP_SHARED, dma_buf, 0);
- if (buf == MAP_FAILED) {
- fprintf(stderr, "Failed to map dma-buf: %s\n", strerror(errno));
- ret = -1;
- goto cleanup;
+ for (i = 0; i < countof(dma_buf); i++) {
+ buf[i] = mmap(0, buf_size, PROT_READ | PROT_WRITE, MAP_SHARED, dma_buf[i], 0);
+ if (buf[i] == MAP_FAILED) {
+ fprintf(stderr, "Failed to map dma-buf: %s\n", strerror(errno));
+ ret = -1;
+ goto cleanup;
+ }
+
+ strcpy((char*)buf[i], "From NS");
}
- strcpy((char*)buf, "From NS");
-
- struct trusty_shm shm = {
- .fd = dma_buf,
- .transfer = TRUSTY_SHARE,
+ struct trusty_shm shm[] = {
+ {
+ .fd = dma_buf[0],
+ .transfer = TRUSTY_SHARE,
+ },
+ {
+ .fd = dma_buf[0],
+ .transfer = TRUSTY_SEND_SECURE_OR_SHARE,
+ },
+ {
+ .fd = dma_buf[1],
+ .transfer = TRUSTY_LEND,
+ },
+ {
+ .fd = dma_buf[1],
+ .transfer = TRUSTY_SEND_SECURE_OR_SHARE,
+ },
+ {
+ .fd = dma_buf[2],
+ .transfer = TRUSTY_SEND_SECURE_OR_SHARE,
+ },
};
- ssize_t rc = tipc_send(fd, NULL, 0, &shm, 1);
- if (rc < 0) {
- fprintf(stderr, "tipc_send failed: %zd\n", rc);
- ret = rc;
- goto cleanup;
+ for (i = 0; i < countof(shm); i++) {
+ ssize_t rc = tipc_send(fd, NULL, 0, &shm[i], 1);
+ if (rc < 0) {
+ fprintf(stderr, "tipc_send failed: %zd\n", rc);
+ ret = rc;
+ goto cleanup;
+ }
+ char c;
+ read(fd, &c, 1);
}
- char c;
- read(fd, &c, 1);
- tipc_close(fd);
ret = 0;
- for (size_t skip = 0; skip < num_chunks; skip++) {
- int cmp = strcmp("Hello from Trusty!",
- (const char*)&buf[skip * memref_chunk_size]) ? (-1) : 0;
- if (cmp)
- fprintf(stderr, "Failed: Unexpected content at page %zu in dmabuf\n", skip);
- ret |= cmp;
+ for (i = 0; i < countof(buf); i++) {
+ for (size_t skip = 0; skip < num_chunks; skip++) {
+ int cmp = strcmp("Hello from Trusty!", (const char*)&buf[i][skip * memref_chunk_size])
+ ? (-1)
+ : 0;
+ if (cmp) fprintf(stderr, "Failed: Unexpected content at page %zu in dmabuf\n", skip);
+ ret |= cmp;
+ }
}
cleanup:
- if (buf != MAP_FAILED) {
- munmap((char*)buf, buf_size);
+ for (i = 0; i < countof(dma_buf); i++) {
+ if (buf[i] != MAP_FAILED) {
+ munmap((char*)buf[i], buf_size);
+ }
+ if (dma_buf[i] >= 0) {
+ close(dma_buf[i]);
+ }
}
- close(dma_buf);
if (allocator) {
FreeDmabufHeapBufferAllocator(allocator);
}
- tipc_close(fd);
+ if (fd >= 0) {
+ tipc_close(fd);
+ }
return ret;
}