Merge "debuggerd: Use libprocessgroup to unfreeze" into main
diff --git a/fs_mgr/libfstab/fstab.cpp b/fs_mgr/libfstab/fstab.cpp
index 01e0e3d..010fbc8 100644
--- a/fs_mgr/libfstab/fstab.cpp
+++ b/fs_mgr/libfstab/fstab.cpp
@@ -75,6 +75,7 @@
{"slave", MS_SLAVE},
{"shared", MS_SHARED},
{"lazytime", MS_LAZYTIME},
+ {"nosymfollow", MS_NOSYMFOLLOW},
{"defaults", 0},
};
diff --git a/fs_mgr/libsnapshot/snapshot.cpp b/fs_mgr/libsnapshot/snapshot.cpp
index acabd67..ecf567e 100644
--- a/fs_mgr/libsnapshot/snapshot.cpp
+++ b/fs_mgr/libsnapshot/snapshot.cpp
@@ -2404,6 +2404,9 @@
PLOG(ERROR) << "Unable to write rollback indicator: " << path;
} else {
LOG(INFO) << "Rollback detected, writing rollback indicator to " << path;
+ if (device_->IsTempMetadata()) {
+ CleanupScratchOtaMetadataIfPresent();
+ }
}
}
LOG(INFO) << "Not booting from new slot. Will not mount snapshots.";
diff --git a/fs_mgr/tests/fs_mgr_test.cpp b/fs_mgr/tests/fs_mgr_test.cpp
index 8004977..fc3d5dc 100644
--- a/fs_mgr/tests/fs_mgr_test.cpp
+++ b/fs_mgr/tests/fs_mgr_test.cpp
@@ -330,6 +330,7 @@
{"slave", MS_SLAVE},
{"shared", MS_SHARED},
{"lazytime", MS_LAZYTIME},
+ {"nosymfollow", MS_NOSYMFOLLOW},
{"defaults", 0},
{0, 0},
};
diff --git a/gatekeeperd/fuzzer/GateKeeperServiceFuzzer.cpp b/gatekeeperd/fuzzer/GateKeeperServiceFuzzer.cpp
index bc0d5fe..a3cc3f3 100644
--- a/gatekeeperd/fuzzer/GateKeeperServiceFuzzer.cpp
+++ b/gatekeeperd/fuzzer/GateKeeperServiceFuzzer.cpp
@@ -22,6 +22,8 @@
using android::GateKeeperProxy;
extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
+ // TODO(b/183141167): need to rewrite 'dump' to avoid SIGPIPE.
+ signal(SIGPIPE, SIG_IGN);
auto gatekeeperService = new GateKeeperProxy();
fuzzService(gatekeeperService, FuzzedDataProvider(data, size));
return 0;
diff --git a/init/builtins.cpp b/init/builtins.cpp
index c4af5b5..38aed9c 100644
--- a/init/builtins.cpp
+++ b/init/builtins.cpp
@@ -471,6 +471,7 @@
{ "private", MS_PRIVATE },
{ "slave", MS_SLAVE },
{ "shared", MS_SHARED },
+ { "nosymfollow", MS_NOSYMFOLLOW },
{ "defaults", 0 },
{ 0, 0 },
};
diff --git a/init/libprefetch/prefetch/src/arch/android.rs b/init/libprefetch/prefetch/src/arch/android.rs
index c765e38..3404e42 100644
--- a/init/libprefetch/prefetch/src/arch/android.rs
+++ b/init/libprefetch/prefetch/src/arch/android.rs
@@ -11,8 +11,8 @@
use rustutils::system_properties::error::PropertyWatcherError;
use rustutils::system_properties::PropertyWatcher;
-const PREFETCH_RECORD_PROPERTY: &str = "ro.prefetch_boot.record";
-const PREFETCH_REPLAY_PROPERTY: &str = "ro.prefetch_boot.replay";
+const PREFETCH_RECORD_PROPERTY: &str = "prefetch_boot.record";
+const PREFETCH_REPLAY_PROPERTY: &str = "prefetch_boot.replay";
const PREFETCH_RECORD_PROPERTY_STOP: &str = "ro.prefetch_boot.record_stop";
fn wait_for_property_true(
diff --git a/libcutils/ashmem-dev.cpp b/libcutils/ashmem-dev.cpp
index 46b8ef2..cebfa5d 100644
--- a/libcutils/ashmem-dev.cpp
+++ b/libcutils/ashmem-dev.cpp
@@ -114,8 +114,14 @@
// Check if kernel support exists, otherwise fall back to ashmem.
// This code needs to build on old API levels, so we can't use the libc
// wrapper.
+ //
+ // MFD_NOEXEC_SEAL is used to match the semantics of the ashmem device,
+ // which did not have executable permissions. This also seals the executable
+ // permissions of the buffer (i.e. they cannot be changed by fchmod()).
+ //
+ // MFD_NOEXEC_SEAL implies MFD_ALLOW_SEALING.
android::base::unique_fd fd(
- syscall(__NR_memfd_create, "test_android_memfd", MFD_CLOEXEC | MFD_ALLOW_SEALING));
+ syscall(__NR_memfd_create, "test_android_memfd", MFD_CLOEXEC | MFD_NOEXEC_SEAL));
if (fd == -1) {
ALOGE("memfd_create failed: %s, no memfd support.\n", strerror(errno));
return false;
@@ -289,7 +295,13 @@
static int memfd_create_region(const char* name, size_t size) {
// This code needs to build on old API levels, so we can't use the libc
// wrapper.
- android::base::unique_fd fd(syscall(__NR_memfd_create, name, MFD_CLOEXEC | MFD_ALLOW_SEALING));
+ //
+ // MFD_NOEXEC_SEAL to match the semantics of the ashmem device, which did
+ // not have executable permissions. This also seals the executable
+ // permissions of the buffer (i.e. they cannot be changed by fchmod()).
+ //
+ // MFD_NOEXEC_SEAL implies MFD_ALLOW_SEALING.
+ android::base::unique_fd fd(syscall(__NR_memfd_create, name, MFD_CLOEXEC | MFD_NOEXEC_SEAL));
if (fd == -1) {
ALOGE("memfd_create(%s, %zd) failed: %s\n", name, size, strerror(errno));
diff --git a/libprocessgroup/cgrouprc/Android.bp b/libprocessgroup/cgrouprc/Android.bp
index 38b2fa3..9e46b8e 100644
--- a/libprocessgroup/cgrouprc/Android.bp
+++ b/libprocessgroup/cgrouprc/Android.bp
@@ -19,9 +19,6 @@
cc_library {
name: "libcgrouprc",
host_supported: true,
- ramdisk_available: true,
- vendor_ramdisk_available: true,
- recovery_available: true,
// Do not ever mark this as vendor_available; otherwise, vendor modules
// that links to the static library will behave unexpectedly. All on-device
// modules should use libprocessgroup which links to the LL-NDK library
diff --git a/libsysutils/EventLogTags.logtags b/libsysutils/EventLogTags.logtags
index 713f8cd..bb06d34 100644
--- a/libsysutils/EventLogTags.logtags
+++ b/libsysutils/EventLogTags.logtags
@@ -1,4 +1,4 @@
-# See system/core/logcat/event.logtags for a description of the format of this file.
+# See system/logging/logcat/event.logtags for a description of the format of this file.
# FrameworkListener dispatchCommand overflow
78001 exp_det_dispatchCommand_overflow
diff --git a/libutils/OWNERS b/libutils/OWNERS
index 40164aa..4ce6893 100644
--- a/libutils/OWNERS
+++ b/libutils/OWNERS
@@ -1 +1,2 @@
+shayba@google.com
smoreland@google.com
diff --git a/rootdir/init.rc b/rootdir/init.rc
index f00479e..ae6a658 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -54,6 +54,10 @@
mkdir /linkerconfig/bootstrap 0755
mkdir /linkerconfig/default 0755
+ # Greatly extend dm-verity's Merkle tree cache timeout. The default timeout
+ # is much too short and is unnecessary, given that there is also a shrinker.
+ write /sys/module/dm_bufio/parameters/max_age_seconds 86400
+
# Disable dm-verity hash prefetching, since it doesn't help performance
# Read more in b/136247322
write /sys/module/dm_verity/parameters/prefetch_cluster 0
@@ -609,17 +613,6 @@
mkdir /metadata/staged-install 0770 root system
- mkdir /metadata/aconfig 0775 root system
- mkdir /metadata/aconfig/flags 0770 root system
- mkdir /metadata/aconfig/maps 0775 root system
- mkdir /metadata/aconfig/boot 0775 root system
-
- mkdir /metadata/aconfig_test_missions 0775 root system
-
- # See flag enable_system_aconfigd_rust, which toggles these processes.
- exec_start system_aconfigd_platform_init
- exec_start aconfigd-platform-init
-
on late-fs
# Ensure that tracefs has the correct permissions.
# This does not work correctly if it is called in post-fs.
@@ -1008,16 +1001,13 @@
wait_for_prop apexd.status activated
perform_apex_config
- # See flag enable_system_aconfigd_rust, which toggles these processes.
- exec_start aconfigd-mainline-init
exec_start system_aconfigd_mainline_init
-
- # system_aconfigd_socket_service is replacing aconfigd:
- # - A flag (enable_system_aconfigd_rust) toggles which socket executes.
- # - When enabled, aconfigd is a no-op, system_aconfigd_socket_service executes.
- # - Conversely, when disabled, aconfigd executes, and system_aconfigd_socket_service is a no-op.
start system_aconfigd_socket_service
- start aconfigd
+
+ # start mainline aconfigd init, after transition, the above system_aconfigd_mainline_init
+ # will be deprecated
+ exec_start mainline_aconfigd_init
+ start mainline_aconfigd_socket_service
# Create directories for boot animation.
mkdir /data/misc/bootanim 0755 system system
diff --git a/shell_and_utilities/Android.bp b/shell_and_utilities/Android.bp
index 1f5c179..0a1f7c5 100644
--- a/shell_and_utilities/Android.bp
+++ b/shell_and_utilities/Android.bp
@@ -43,9 +43,10 @@
required: [
"sh.recovery",
"toolbox.recovery",
- "toybox.recovery",
+ "toybox_recovery",
"ziptool.recovery",
],
+ recovery: true,
}
phony {
diff --git a/trusty/keymaster/Android.bp b/trusty/keymaster/Android.bp
index 5a1e420..8ebfc1a 100644
--- a/trusty/keymaster/Android.bp
+++ b/trusty/keymaster/Android.bp
@@ -106,11 +106,11 @@
"keymint/service.cpp",
],
shared_libs: [
- "android.hardware.security.keymint-V3-ndk",
+ "android.hardware.security.keymint-V4-ndk",
"android.hardware.security.rkp-V3-ndk",
"android.hardware.security.secureclock-V1-ndk",
"android.hardware.security.sharedsecret-V1-ndk",
- "lib_android_keymaster_keymint_utils_V3",
+ "lib_android_keymaster_keymint_utils",
"libbase",
"libbinder_ndk",
"libhardware",
@@ -120,9 +120,10 @@
"libtrusty",
"libutils",
],
- required: [
- "android.hardware.hardware_keystore_V3.xml",
- ],
+ required: select(release_flag("RELEASE_AIDL_USE_UNFROZEN"), {
+ true: ["android.hardware.hardware_keystore.xml"],
+ default: ["android.hardware.hardware_keystore_V3.xml"],
+ }),
}
prebuilt_etc {
diff --git a/trusty/keymaster/TrustyKeymaster.cpp b/trusty/keymaster/TrustyKeymaster.cpp
index b118a20..723229d 100644
--- a/trusty/keymaster/TrustyKeymaster.cpp
+++ b/trusty/keymaster/TrustyKeymaster.cpp
@@ -295,6 +295,13 @@
return response;
}
+SetAdditionalAttestationInfoResponse TrustyKeymaster::SetAdditionalAttestationInfo(
+ const SetAdditionalAttestationInfoRequest& request) {
+ SetAdditionalAttestationInfoResponse response(message_version());
+ ForwardCommand(KM_SET_ADDITIONAL_ATTESTATION_INFO, request, &response);
+ return response;
+}
+
GetHwInfoResponse TrustyKeymaster::GetHwInfo() {
GetHwInfoResponse response(message_version());
ForwardCommand(KM_GET_HW_INFO, GetHwInfoRequest(message_version()), &response);
diff --git a/trusty/keymaster/include/trusty_keymaster/TrustyKeyMintDevice.h b/trusty/keymaster/include/trusty_keymaster/TrustyKeyMintDevice.h
index c8d8932..5e876d3 100644
--- a/trusty/keymaster/include/trusty_keymaster/TrustyKeyMintDevice.h
+++ b/trusty/keymaster/include/trusty_keymaster/TrustyKeyMintDevice.h
@@ -85,6 +85,7 @@
ScopedAStatus getRootOfTrust(const array<uint8_t, 16>& challenge,
vector<uint8_t>* rootOfTrust) override;
ScopedAStatus sendRootOfTrust(const vector<uint8_t>& rootOfTrust) override;
+ ScopedAStatus setAdditionalAttestationInfo(const vector<KeyParameter>& info) override;
protected:
std::shared_ptr<TrustyKeymaster> impl_;
diff --git a/trusty/keymaster/include/trusty_keymaster/TrustyKeymaster.h b/trusty/keymaster/include/trusty_keymaster/TrustyKeymaster.h
index c50178b..65d7217 100644
--- a/trusty/keymaster/include/trusty_keymaster/TrustyKeymaster.h
+++ b/trusty/keymaster/include/trusty_keymaster/TrustyKeymaster.h
@@ -70,6 +70,8 @@
ConfigureVendorPatchlevelResponse ConfigureVendorPatchlevel(
const ConfigureVendorPatchlevelRequest& request);
GetRootOfTrustResponse GetRootOfTrust(const GetRootOfTrustRequest& request);
+ SetAdditionalAttestationInfoResponse SetAdditionalAttestationInfo(
+ const SetAdditionalAttestationInfoRequest& request);
GetHwInfoResponse GetHwInfo();
uint32_t message_version() const { return message_version_; }
diff --git a/trusty/keymaster/include/trusty_keymaster/ipc/keymaster_ipc.h b/trusty/keymaster/include/trusty_keymaster/ipc/keymaster_ipc.h
index 822e933..721315d 100644
--- a/trusty/keymaster/include/trusty_keymaster/ipc/keymaster_ipc.h
+++ b/trusty/keymaster/include/trusty_keymaster/ipc/keymaster_ipc.h
@@ -62,6 +62,7 @@
KM_GET_ROOT_OF_TRUST = (34 << KEYMASTER_REQ_SHIFT),
KM_GET_HW_INFO = (35 << KEYMASTER_REQ_SHIFT),
KM_GENERATE_CSR_V2 = (36 << KEYMASTER_REQ_SHIFT),
+ KM_SET_ADDITIONAL_ATTESTATION_INFO = (37 << KEYMASTER_REQ_SHIFT),
// Bootloader/provisioning calls.
KM_SET_BOOT_PARAMS = (0x1000 << KEYMASTER_REQ_SHIFT),
diff --git a/trusty/keymaster/keymint/TrustyKeyMintDevice.cpp b/trusty/keymaster/keymint/TrustyKeyMintDevice.cpp
index fec4c60..154597f 100644
--- a/trusty/keymaster/keymint/TrustyKeyMintDevice.cpp
+++ b/trusty/keymaster/keymint/TrustyKeyMintDevice.cpp
@@ -349,4 +349,18 @@
return kmError2ScopedAStatus(KM_ERROR_UNIMPLEMENTED);
}
+ScopedAStatus TrustyKeyMintDevice::setAdditionalAttestationInfo(const vector<KeyParameter>& info) {
+ keymaster::SetAdditionalAttestationInfoRequest request(impl_->message_version());
+ request.info.Reinitialize(KmParamSet(info));
+
+ keymaster::SetAdditionalAttestationInfoResponse response =
+ impl_->SetAdditionalAttestationInfo(request);
+
+ if (response.error != KM_ERROR_OK) {
+ return kmError2ScopedAStatus(response.error);
+ } else {
+ return ScopedAStatus::ok();
+ }
+}
+
} // namespace aidl::android::hardware::security::keymint::trusty
diff --git a/trusty/keymaster/keymint/android.hardware.security.keymint-service.trusty.xml b/trusty/keymaster/keymint/android.hardware.security.keymint-service.trusty.xml
index 3dc9c88..f74d212 100644
--- a/trusty/keymaster/keymint/android.hardware.security.keymint-service.trusty.xml
+++ b/trusty/keymaster/keymint/android.hardware.security.keymint-service.trusty.xml
@@ -1,7 +1,7 @@
<manifest version="1.0" type="device">
<hal format="aidl">
<name>android.hardware.security.keymint</name>
- <version>3</version>
+ <version>4</version>
<fqname>IKeyMintDevice/default</fqname>
</hal>
<hal format="aidl">
diff --git a/trusty/secretkeeper/Android.bp b/trusty/secretkeeper/Android.bp
index 6523eda..d399bf8 100644
--- a/trusty/secretkeeper/Android.bp
+++ b/trusty/secretkeeper/Android.bp
@@ -27,18 +27,16 @@
"src/hal_main.rs",
],
rustlibs: [
+ "android.hardware.security.secretkeeper-V1-rust",
"libandroid_logger",
"libauthgraph_hal",
"libauthgraph_wire",
"libbinder_rs",
"liblibc",
"liblog_rust",
- "libsecretkeeper_hal",
+ "libsecretkeeper_hal_v1",
"libtrusty-rs",
],
- defaults: [
- "secretkeeper_use_latest_hal_aidl_rust",
- ],
prefer_rlib: true,
}
diff --git a/trusty/trusty-storage-cf.mk b/trusty/trusty-storage-cf.mk
index 3b46445..acefd3e 100644
--- a/trusty/trusty-storage-cf.mk
+++ b/trusty/trusty-storage-cf.mk
@@ -22,4 +22,5 @@
PRODUCT_PACKAGES += \
storageproxyd.system \
rpmb_dev.system \
+ rpmb_dev.test.system \
diff --git a/trusty/utils/rpmb_dev/Android.bp b/trusty/utils/rpmb_dev/Android.bp
index ef23cc5..2f362e8 100644
--- a/trusty/utils/rpmb_dev/Android.bp
+++ b/trusty/utils/rpmb_dev/Android.bp
@@ -58,3 +58,12 @@
"rpmb_dev.wv.system.rc",
],
}
+
+cc_binary {
+ name: "rpmb_dev.test.system",
+ defaults: ["rpmb_dev.cc_defaults"],
+ system_ext_specific: true,
+ init_rc: [
+ "rpmb_dev.test.system.rc",
+ ],
+}
diff --git a/trusty/utils/rpmb_dev/rpmb_dev.test.system.rc b/trusty/utils/rpmb_dev/rpmb_dev.test.system.rc
new file mode 100644
index 0000000..2127798
--- /dev/null
+++ b/trusty/utils/rpmb_dev/rpmb_dev.test.system.rc
@@ -0,0 +1,56 @@
+service trusty_test_vm /apex/com.android.virt/bin/vm run \
+ /data/local/tmp/TrustyTestVM_UnitTests/trusty-test_vm-config.json
+ disabled
+ user system
+ group system
+
+service storageproxyd_test_system /system_ext/bin/storageproxyd.system \
+ -d VSOCK:${trusty.test_vm.vm_cid}:1 \
+ -r /dev/socket/rpmb_mock_test_system \
+ -p /data/secure_storage_test_system \
+ -t sock
+ disabled
+ class hal
+ user system
+ group system
+
+service rpmb_mock_init_test_system /system_ext/bin/rpmb_dev.test.system \
+ --dev /mnt/secure_storage_rpmb_test_system/persist/RPMB_DATA --init --size 2048
+ disabled
+ user system
+ group system
+ oneshot
+
+service rpmb_mock_test_system /system_ext/bin/rpmb_dev.test.system \
+ --dev /mnt/secure_storage_rpmb_test_system/persist/RPMB_DATA \
+ --sock rpmb_mock_test_system
+ disabled
+ user system
+ group system
+ socket rpmb_mock_test_system stream 660 system system
+
+# RPMB Mock
+on post-fs-data
+ # Create a persistent location for the RPMB data
+ # (work around lack of RPMb block device on CF).
+ # file contexts secure_storage_rpmb_system_file
+ # (only used on Cuttlefish as this is non secure)
+ mkdir /metadata/secure_storage_rpmb_test_system 0770 system system
+ mkdir /mnt/secure_storage_rpmb_test_system 0770 system system
+ symlink /metadata/secure_storage_rpmb_test_system \
+ /mnt/secure_storage_rpmb_test_system/persist
+ # Create a system persist directory in /metadata
+ # (work around lack of dedicated system persist partition).
+ # file contexts secure_storage_persist_system_file
+ mkdir /metadata/secure_storage_persist_test_system 0770 system system
+ mkdir /mnt/secure_storage_persist_test_system 0770 system system
+ symlink /metadata/secure_storage_persist_test_system \
+ /mnt/secure_storage_persist_test_system/persist
+ # file contexts secure_storage_system_file
+ mkdir /data/secure_storage_test_system 0770 root system
+ symlink /mnt/secure_storage_persist_test_system/persist \
+ /data/secure_storage_test_system/persist
+ chown root system /data/secure_storage_test_system/persist
+ # setprop storageproxyd_test_system.trusty_ipc_dev VSOCK:${trusty.test_vm.vm_cid}:1
+ exec_start rpmb_mock_init_test_system
+ start rpmb_mock_test_system