Merge "Revert "Load persist props before starting apexd.""
diff --git a/debuggerd/Android.bp b/debuggerd/Android.bp
index 0ff047f..edcea44 100644
--- a/debuggerd/Android.bp
+++ b/debuggerd/Android.bp
@@ -283,6 +283,7 @@
"libdebuggerd/test/log_fake.cpp",
"libdebuggerd/test/open_files_list_test.cpp",
"libdebuggerd/test/tombstone_test.cpp",
+ "libdebuggerd/test/utility_test.cpp",
],
target: {
diff --git a/debuggerd/debuggerd_test.cpp b/debuggerd/debuggerd_test.cpp
index 4394274..f415b68 100644
--- a/debuggerd/debuggerd_test.cpp
+++ b/debuggerd/debuggerd_test.cpp
@@ -340,11 +340,17 @@
std::string result;
ConsumeFd(std::move(output_fd), &result);
- ASSERT_MATCH(result, R"(signal 11 \(SIGSEGV\), code 1 \(SEGV_MAPERR\), fault addr 0xdead)");
+#ifdef __LP64__
+ ASSERT_MATCH(result,
+ R"(signal 11 \(SIGSEGV\), code 1 \(SEGV_MAPERR\), fault addr 0x000000000000dead)");
+#else
+ ASSERT_MATCH(result, R"(signal 11 \(SIGSEGV\), code 1 \(SEGV_MAPERR\), fault addr 0x0000dead)");
+#endif
if (mte_supported()) {
// Test that the default TAGGED_ADDR_CTRL value is set.
- ASSERT_MATCH(result, R"(tagged_addr_ctrl: 000000000007fff3)");
+ ASSERT_MATCH(result, R"(tagged_addr_ctrl: 000000000007fff3)"
+ R"( \(PR_TAGGED_ADDR_ENABLE, PR_MTE_TCF_SYNC, mask 0xfffe\))");
}
}
@@ -370,8 +376,7 @@
// The address can either be tagged (new kernels) or untagged (old kernels).
ASSERT_MATCH(
- result,
- R"(signal 11 \(SIGSEGV\), code 1 \(SEGV_MAPERR\), fault addr (0x100000000000dead|0xdead))");
+ result, R"(signal 11 \(SIGSEGV\), code 1 \(SEGV_MAPERR\), fault addr 0x[01]00000000000dead)");
}
// Marked as weak to prevent the compiler from removing the malloc in the caller. In theory, the
@@ -422,6 +427,12 @@
abort();
}
}
+
+static void SetTagCheckingLevelAsync() {
+ if (mallopt(M_BIONIC_SET_HEAP_TAGGING_LEVEL, M_HEAP_TAGGING_LEVEL_ASYNC) == 0) {
+ abort();
+ }
+}
#endif
// Number of iterations required to reliably guarantee a GWP-ASan crash.
@@ -653,6 +664,36 @@
#endif
}
+TEST_F(CrasherTest, mte_async) {
+#if defined(__aarch64__)
+ if (!mte_supported()) {
+ GTEST_SKIP() << "Requires MTE";
+ }
+
+ int intercept_result;
+ unique_fd output_fd;
+ StartProcess([&]() {
+ SetTagCheckingLevelAsync();
+ volatile int* p = (volatile int*)malloc(16);
+ p[-1] = 42;
+ });
+
+ StartIntercept(&output_fd);
+ FinishCrasher();
+ AssertDeath(SIGSEGV);
+ FinishIntercept(&intercept_result);
+
+ ASSERT_EQ(1, intercept_result) << "tombstoned reported failure";
+
+ std::string result;
+ ConsumeFd(std::move(output_fd), &result);
+
+ ASSERT_MATCH(result, R"(signal 11 \(SIGSEGV\), code 8 \(SEGV_MTEAERR\), fault addr --------)");
+#else
+ GTEST_SKIP() << "Requires aarch64";
+#endif
+}
+
TEST_F(CrasherTest, mte_multiple_causes) {
#if defined(__aarch64__)
if (!mte_supported()) {
@@ -703,7 +744,7 @@
for (const auto& result : log_sources) {
ASSERT_MATCH(result, R"(signal 11 \(SIGSEGV\))");
ASSERT_THAT(result, HasSubstr("Note: multiple potential causes for this crash were detected, "
- "listing them in decreasing order of probability."));
+ "listing them in decreasing order of likelihood."));
// Adjacent untracked allocations may cause us to see the wrong underflow here (or only
// overflows), so we can't match explicitly for an underflow message.
ASSERT_MATCH(result,
@@ -890,7 +931,7 @@
std::string result;
ConsumeFd(std::move(output_fd), &result);
- ASSERT_MATCH(result, R"(signal 11 \(SIGSEGV\), code 1 \(SEGV_MAPERR\), fault addr 0xdead)");
+ ASSERT_MATCH(result, R"(signal 11 \(SIGSEGV\), code 1 \(SEGV_MAPERR\), fault addr 0x0+dead)");
}
TEST_F(CrasherTest, abort) {
@@ -1940,7 +1981,7 @@
std::string result;
ConsumeFd(std::move(output_fd), &result);
- ASSERT_MATCH(result, R"(signal 11 \(SIGSEGV\), code 1 \(SEGV_MAPERR\), fault addr 0x1024)");
+ ASSERT_MATCH(result, R"(signal 11 \(SIGSEGV\), code 1 \(SEGV_MAPERR\), fault addr 0x0+1024)");
ASSERT_MATCH(result, R"(\nmemory map \(.*\):\n)");
@@ -1970,8 +2011,8 @@
std::string result;
ConsumeFd(std::move(output_fd), &result);
- std::string match_str = R"(signal 11 \(SIGSEGV\), code 1 \(SEGV_MAPERR\), fault addr )";
- match_str += android::base::StringPrintf("0x%" PRIxPTR, crash_uptr);
+ std::string match_str = R"(signal 11 \(SIGSEGV\), code 1 \(SEGV_MAPERR\), fault addr 0x)";
+ match_str += format_full_pointer(crash_uptr);
ASSERT_MATCH(result, match_str);
ASSERT_MATCH(result, R"(\nmemory map \(.*\): \(fault address prefixed with --->)\n)");
@@ -2018,8 +2059,8 @@
std::string result;
ConsumeFd(std::move(output_fd), &result);
- std::string match_str = R"(signal 11 \(SIGSEGV\), code 1 \(SEGV_MAPERR\), fault addr )";
- match_str += android::base::StringPrintf("%p", middle_ptr);
+ std::string match_str = R"(signal 11 \(SIGSEGV\), code 1 \(SEGV_MAPERR\), fault addr 0x)";
+ match_str += format_full_pointer(reinterpret_cast<uintptr_t>(middle_ptr));
ASSERT_MATCH(result, match_str);
ASSERT_MATCH(result, R"(\nmemory map \(.*\): \(fault address prefixed with --->)\n)");
@@ -2056,8 +2097,8 @@
std::string result;
ConsumeFd(std::move(output_fd), &result);
- std::string match_str = R"(signal 11 \(SIGSEGV\), code 2 \(SEGV_ACCERR\), fault addr )";
- match_str += android::base::StringPrintf("%p", ptr);
+ std::string match_str = R"(signal 11 \(SIGSEGV\), code 2 \(SEGV_ACCERR\), fault addr 0x)";
+ match_str += format_full_pointer(reinterpret_cast<uintptr_t>(ptr));
ASSERT_MATCH(result, match_str);
ASSERT_MATCH(result, R"(\nmemory map \(.*\): \(fault address prefixed with --->)\n)");
@@ -2181,7 +2222,7 @@
ConsumeFd(std::move(output_fd), &result);
// Verify the process crashed properly.
- ASSERT_MATCH(result, R"(signal 11 \(SIGSEGV\), code 1 \(SEGV_MAPERR\), fault addr 0x0)");
+ ASSERT_MATCH(result, R"(signal 11 \(SIGSEGV\), code 1 \(SEGV_MAPERR\), fault addr 0x0*)");
// Now verify that the dex_pc frame includes a proper function name.
ASSERT_MATCH(result, R"( \[anon:dex\] \(Main\.\<init\>\+2)");
diff --git a/debuggerd/libdebuggerd/include/libdebuggerd/utility.h b/debuggerd/libdebuggerd/include/libdebuggerd/utility.h
index 24ae169..002321f 100644
--- a/debuggerd/libdebuggerd/include/libdebuggerd/utility.h
+++ b/debuggerd/libdebuggerd/include/libdebuggerd/utility.h
@@ -92,6 +92,7 @@
void get_signal_sender(char* buf, size_t n, const siginfo_t*);
const char* get_signame(const siginfo_t*);
const char* get_sigcode(const siginfo_t*);
+std::string describe_tagged_addr_ctrl(long ctrl);
// Number of bytes per MTE granule.
constexpr size_t kTagGranuleSize = 16;
diff --git a/debuggerd/libdebuggerd/scudo.cpp b/debuggerd/libdebuggerd/scudo.cpp
index f4690ba..a89f385 100644
--- a/debuggerd/libdebuggerd/scudo.cpp
+++ b/debuggerd/libdebuggerd/scudo.cpp
@@ -135,7 +135,7 @@
if (error_info_.reports[1].error_type != UNKNOWN) {
_LOG(log, logtype::HEADER,
"\nNote: multiple potential causes for this crash were detected, listing them in "
- "decreasing order of probability.\n");
+ "decreasing order of likelihood.\n");
}
size_t report_num = 0;
diff --git a/debuggerd/libdebuggerd/test/utility_test.cpp b/debuggerd/libdebuggerd/test/utility_test.cpp
new file mode 100644
index 0000000..97328b7
--- /dev/null
+++ b/debuggerd/libdebuggerd/test/utility_test.cpp
@@ -0,0 +1,33 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <gtest/gtest.h>
+#include <sys/prctl.h>
+
+#include "libdebuggerd/utility.h"
+
+TEST(UtilityTest, describe_tagged_addr_ctrl) {
+ EXPECT_EQ("", describe_tagged_addr_ctrl(0));
+ EXPECT_EQ(" (PR_TAGGED_ADDR_ENABLE)", describe_tagged_addr_ctrl(PR_TAGGED_ADDR_ENABLE));
+ EXPECT_EQ(" (PR_TAGGED_ADDR_ENABLE, PR_MTE_TCF_SYNC, mask 0xfffe)",
+ describe_tagged_addr_ctrl(PR_TAGGED_ADDR_ENABLE | PR_MTE_TCF_SYNC |
+ (0xfffe << PR_MTE_TAG_SHIFT)));
+ EXPECT_EQ(
+ " (PR_TAGGED_ADDR_ENABLE, PR_MTE_TCF_SYNC, PR_MTE_TCF_ASYNC, mask 0xfffe, unknown "
+ "0xf0000000)",
+ describe_tagged_addr_ctrl(0xf0000000 | PR_TAGGED_ADDR_ENABLE | PR_MTE_TCF_SYNC |
+ PR_MTE_TCF_ASYNC | (0xfffe << PR_MTE_TAG_SHIFT)));
+}
diff --git a/debuggerd/libdebuggerd/tombstone.cpp b/debuggerd/libdebuggerd/tombstone.cpp
index 1835f0e..20539b0 100644
--- a/debuggerd/libdebuggerd/tombstone.cpp
+++ b/debuggerd/libdebuggerd/tombstone.cpp
@@ -213,7 +213,8 @@
thread_info.tid, thread_info.thread_name.c_str(), process_name);
_LOG(log, logtype::HEADER, "uid: %d\n", thread_info.uid);
if (thread_info.tagged_addr_ctrl != -1) {
- _LOG(log, logtype::HEADER, "tagged_addr_ctrl: %016lx\n", thread_info.tagged_addr_ctrl);
+ _LOG(log, logtype::HEADER, "tagged_addr_ctrl: %016lx%s\n", thread_info.tagged_addr_ctrl,
+ describe_tagged_addr_ctrl(thread_info.tagged_addr_ctrl).c_str());
}
}
diff --git a/debuggerd/libdebuggerd/tombstone_proto_to_text.cpp b/debuggerd/libdebuggerd/tombstone_proto_to_text.cpp
index 681b963..de86b0a 100644
--- a/debuggerd/libdebuggerd/tombstone_proto_to_text.cpp
+++ b/debuggerd/libdebuggerd/tombstone_proto_to_text.cpp
@@ -82,7 +82,8 @@
thread.name().c_str(), process_name);
CB(should_log, "uid: %d", tombstone.uid());
if (thread.tagged_addr_ctrl() != -1) {
- CB(should_log, "tagged_addr_ctrl: %016" PRIx64, thread.tagged_addr_ctrl());
+ CB(should_log, "tagged_addr_ctrl: %016" PRIx64 "%s", thread.tagged_addr_ctrl(),
+ describe_tagged_addr_ctrl(thread.tagged_addr_ctrl()).c_str());
}
}
@@ -292,6 +293,7 @@
static void print_main_thread(CallbackType callback, const Tombstone& tombstone,
const Thread& thread) {
+ int word_size = pointer_width(tombstone);
print_thread_header(callback, tombstone, thread, true);
const Signal& signal_info = tombstone.signal_info();
@@ -307,7 +309,7 @@
} else {
std::string fault_addr_desc;
if (signal_info.has_fault_address()) {
- fault_addr_desc = StringPrintf("0x%" PRIx64, signal_info.fault_address());
+ fault_addr_desc = StringPrintf("0x%0*" PRIx64, 2 * word_size, signal_info.fault_address());
} else {
fault_addr_desc = "--------";
}
@@ -331,7 +333,7 @@
if (tombstone.causes_size() > 1) {
CBS("");
CBL("Note: multiple potential causes for this crash were detected, listing them in decreasing "
- "order of probability.");
+ "order of likelihood.");
}
for (const Cause& cause : tombstone.causes()) {
@@ -369,7 +371,6 @@
return;
}
- int word_size = pointer_width(tombstone);
const auto format_pointer = [word_size](uint64_t ptr) -> std::string {
if (word_size == 8) {
uint64_t top = ptr >> 32;
diff --git a/debuggerd/libdebuggerd/utility.cpp b/debuggerd/libdebuggerd/utility.cpp
index a7506b7..71f0c09 100644
--- a/debuggerd/libdebuggerd/utility.cpp
+++ b/debuggerd/libdebuggerd/utility.cpp
@@ -41,6 +41,7 @@
#include <unwindstack/Memory.h>
#include <unwindstack/Unwinder.h>
+using android::base::StringPrintf;
using android::base::unique_fd;
bool is_allowed_in_logcat(enum logtype ltype) {
@@ -275,9 +276,10 @@
case SIGBUS:
case SIGFPE:
case SIGILL:
- case SIGSEGV:
case SIGTRAP:
return true;
+ case SIGSEGV:
+ return si->si_code != SEGV_MTEAERR;
default:
return false;
}
@@ -444,6 +446,33 @@
return "?";
}
+std::string describe_tagged_addr_ctrl(long ctrl) {
+ std::string desc;
+ if (ctrl & PR_TAGGED_ADDR_ENABLE) {
+ desc += ", PR_TAGGED_ADDR_ENABLE";
+ ctrl &= ~PR_TAGGED_ADDR_ENABLE;
+ }
+ if (ctrl & PR_MTE_TCF_SYNC) {
+ desc += ", PR_MTE_TCF_SYNC";
+ ctrl &= ~PR_MTE_TCF_SYNC;
+ }
+ if (ctrl & PR_MTE_TCF_ASYNC) {
+ desc += ", PR_MTE_TCF_ASYNC";
+ ctrl &= ~PR_MTE_TCF_ASYNC;
+ }
+ if (ctrl & PR_MTE_TAG_MASK) {
+ desc += StringPrintf(", mask 0x%04lx", (ctrl & PR_MTE_TAG_MASK) >> PR_MTE_TAG_SHIFT);
+ ctrl &= ~PR_MTE_TAG_MASK;
+ }
+ if (ctrl) {
+ desc += StringPrintf(", unknown 0x%lx", ctrl);
+ }
+ if (desc.empty()) {
+ return "";
+ }
+ return " (" + desc.substr(2) + ")";
+}
+
void log_backtrace(log_t* log, unwindstack::Unwinder* unwinder, const char* prefix) {
if (unwinder->elf_from_memory_not_file()) {
_LOG(log, logtype::BACKTRACE,
diff --git a/fastboot/device/commands.cpp b/fastboot/device/commands.cpp
index 0a72812..4042531 100644
--- a/fastboot/device/commands.cpp
+++ b/fastboot/device/commands.cpp
@@ -725,7 +725,7 @@
return false;
}
- if (!OpenPartition(device_, partition_name_, &handle_, true /* read */)) {
+ if (!OpenPartition(device_, partition_name_, &handle_, O_RDONLY)) {
ret_ = device_->WriteFail(
android::base::StringPrintf("Cannot open %s", partition_name_.c_str()));
return false;
diff --git a/fastboot/device/flashing.cpp b/fastboot/device/flashing.cpp
index 9b5d2cd..3f9bcdc 100644
--- a/fastboot/device/flashing.cpp
+++ b/fastboot/device/flashing.cpp
@@ -16,6 +16,7 @@
#include "flashing.h"
#include <fcntl.h>
+#include <string.h>
#include <sys/stat.h>
#include <unistd.h>
@@ -77,9 +78,20 @@
int FlashRawDataChunk(int fd, const char* data, size_t len) {
size_t ret = 0;
+ const size_t max_write_size = 1048576;
+ void* aligned_buffer;
+
+ if (posix_memalign(&aligned_buffer, 4096, max_write_size)) {
+ PLOG(ERROR) << "Failed to allocate write buffer";
+ return -ENOMEM;
+ }
+
+ auto aligned_buffer_unique_ptr = std::unique_ptr<void, decltype(&free)>{aligned_buffer, free};
+
while (ret < len) {
- int this_len = std::min(static_cast<size_t>(1048576UL * 8), len - ret);
- int this_ret = write(fd, data, this_len);
+ int this_len = std::min(max_write_size, len - ret);
+ memcpy(aligned_buffer_unique_ptr.get(), data, this_len);
+ int this_ret = write(fd, aligned_buffer_unique_ptr.get(), this_len);
if (this_ret < 0) {
PLOG(ERROR) << "Failed to flash data of len " << len;
return -1;
@@ -147,7 +159,7 @@
int Flash(FastbootDevice* device, const std::string& partition_name) {
PartitionHandle handle;
- if (!OpenPartition(device, partition_name, &handle)) {
+ if (!OpenPartition(device, partition_name, &handle, O_WRONLY | O_DIRECT)) {
return -ENOENT;
}
diff --git a/fastboot/device/utility.cpp b/fastboot/device/utility.cpp
index 07ad902..97b5ad4 100644
--- a/fastboot/device/utility.cpp
+++ b/fastboot/device/utility.cpp
@@ -78,7 +78,7 @@
} // namespace
bool OpenPartition(FastbootDevice* device, const std::string& name, PartitionHandle* handle,
- bool read) {
+ int flags) {
// We prioritize logical partitions over physical ones, and do this
// consistently for other partition operations (like getvar:partition-size).
if (LogicalPartitionExists(device, name)) {
@@ -90,7 +90,6 @@
return false;
}
- int flags = (read ? O_RDONLY : O_WRONLY);
flags |= (O_EXCL | O_CLOEXEC | O_BINARY);
unique_fd fd(TEMP_FAILURE_RETRY(open(handle->path().c_str(), flags)));
if (fd < 0) {
diff --git a/fastboot/device/utility.h b/fastboot/device/utility.h
index c2646d7..1d81b7a 100644
--- a/fastboot/device/utility.h
+++ b/fastboot/device/utility.h
@@ -76,9 +76,11 @@
bool LogicalPartitionExists(FastbootDevice* device, const std::string& name,
bool* is_zero_length = nullptr);
-// If read, partition is readonly. Else it is write only.
+// Partition is O_WRONLY by default, caller should pass O_RDONLY for reading.
+// Caller may pass additional flags if needed. (O_EXCL | O_CLOEXEC | O_BINARY)
+// will be logically ORed internally.
bool OpenPartition(FastbootDevice* device, const std::string& name, PartitionHandle* handle,
- bool read = false);
+ int flags = O_WRONLY);
bool GetSlotNumber(const std::string& slot, android::hardware::boot::V1_0::Slot* number);
std::vector<std::string> ListPartitions(FastbootDevice* device);
diff --git a/fs_mgr/Android.bp b/fs_mgr/Android.bp
index cb74ae0..5872dda 100644
--- a/fs_mgr/Android.bp
+++ b/fs_mgr/Android.bp
@@ -246,28 +246,12 @@
"-UALLOW_ADBD_DISABLE_VERITY",
"-DALLOW_ADBD_DISABLE_VERITY=1",
],
- },
- },
- required: [
- "clean_scratch_files",
- ],
-}
-
-cc_binary {
- name: "clean_scratch_files",
- defaults: ["fs_mgr_defaults"],
- shared_libs: [
- "libbase",
- "libfs_mgr_binder",
- ],
- srcs: [
- "clean_scratch_files.cpp",
- ],
- product_variables: {
- debuggable: {
init_rc: [
"clean_scratch_files.rc",
],
},
},
+ symlinks: [
+ "clean_scratch_files",
+ ],
}
diff --git a/fs_mgr/clean_scratch_files.cpp b/fs_mgr/clean_scratch_files.cpp
deleted file mode 100644
index 42fe35a..0000000
--- a/fs_mgr/clean_scratch_files.cpp
+++ /dev/null
@@ -1,22 +0,0 @@
-/*
- * Copyright (C) 2020 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <fs_mgr_overlayfs.h>
-
-int main() {
- android::fs_mgr::CleanupOldScratchFiles();
- return 0;
-}
diff --git a/fs_mgr/fs_mgr.cpp b/fs_mgr/fs_mgr.cpp
index 07e1e6b..a320c0e 100644
--- a/fs_mgr/fs_mgr.cpp
+++ b/fs_mgr/fs_mgr.cpp
@@ -75,9 +75,6 @@
#include "blockdev.h"
#include "fs_mgr_priv.h"
-#define KEY_LOC_PROP "ro.crypto.keyfile.userdata"
-#define KEY_IN_FOOTER "footer"
-
#define E2FSCK_BIN "/system/bin/e2fsck"
#define F2FS_FSCK_BIN "/system/bin/fsck.f2fs"
#define MKSWAP_BIN "/system/bin/mkswap"
@@ -907,7 +904,7 @@
<< "(): skipping mount due to invalid magic, mountpoint=" << fstab[i].mount_point
<< " blk_dev=" << realpath(fstab[i].blk_device) << " rec[" << i
<< "].fs_type=" << fstab[i].fs_type;
- mount_errno = EINVAL; // continue bootup for FDE
+ mount_errno = EINVAL; // continue bootup for metadata encryption
continue;
}
@@ -1005,50 +1002,22 @@
return false;
}
-static bool needs_block_encryption(const FstabEntry& entry) {
- if (android::base::GetBoolProperty("ro.vold.forceencryption", false) && entry.is_encryptable())
- return true;
- if (entry.fs_mgr_flags.force_crypt) return true;
- if (entry.fs_mgr_flags.crypt) {
- // Check for existence of convert_fde breadcrumb file.
- auto convert_fde_name = entry.mount_point + "/misc/vold/convert_fde";
- if (access(convert_fde_name.c_str(), F_OK) == 0) return true;
- }
- if (entry.fs_mgr_flags.force_fde_or_fbe) {
- // Check for absence of convert_fbe breadcrumb file.
- auto convert_fbe_name = entry.mount_point + "/convert_fbe";
- if (access(convert_fbe_name.c_str(), F_OK) != 0) return true;
- }
- return false;
-}
-
static bool should_use_metadata_encryption(const FstabEntry& entry) {
- return !entry.metadata_key_dir.empty() &&
- (entry.fs_mgr_flags.file_encryption || entry.fs_mgr_flags.force_fde_or_fbe);
+ return !entry.metadata_key_dir.empty() && entry.fs_mgr_flags.file_encryption;
}
// Check to see if a mountable volume has encryption requirements
static int handle_encryptable(const FstabEntry& entry) {
- // If this is block encryptable, need to trigger encryption.
- if (needs_block_encryption(entry)) {
- if (umount(entry.mount_point.c_str()) == 0) {
- return FS_MGR_MNTALL_DEV_NEEDS_ENCRYPTION;
- } else {
- PWARNING << "Could not umount " << entry.mount_point << " - allow continue unencrypted";
- return FS_MGR_MNTALL_DEV_NOT_ENCRYPTED;
- }
- } else if (should_use_metadata_encryption(entry)) {
+ if (should_use_metadata_encryption(entry)) {
if (umount(entry.mount_point.c_str()) == 0) {
return FS_MGR_MNTALL_DEV_NEEDS_METADATA_ENCRYPTION;
} else {
PERROR << "Could not umount " << entry.mount_point << " - fail since can't encrypt";
return FS_MGR_MNTALL_FAIL;
}
- } else if (entry.fs_mgr_flags.file_encryption || entry.fs_mgr_flags.force_fde_or_fbe) {
+ } else if (entry.fs_mgr_flags.file_encryption) {
LINFO << entry.mount_point << " is file encrypted";
return FS_MGR_MNTALL_DEV_FILE_ENCRYPTED;
- } else if (entry.is_encryptable()) {
- return FS_MGR_MNTALL_DEV_NOT_ENCRYPTED;
} else {
return FS_MGR_MNTALL_DEV_NOT_ENCRYPTABLE;
}
@@ -1056,9 +1025,6 @@
static void set_type_property(int status) {
switch (status) {
- case FS_MGR_MNTALL_DEV_MIGHT_BE_ENCRYPTED:
- SetProperty("ro.crypto.type", "block");
- break;
case FS_MGR_MNTALL_DEV_FILE_ENCRYPTED:
case FS_MGR_MNTALL_DEV_IS_METADATA_ENCRYPTED:
case FS_MGR_MNTALL_DEV_NEEDS_METADATA_ENCRYPTION:
@@ -1532,7 +1498,6 @@
// Mounting failed, understand why and retry.
wiped = partition_wiped(current_entry.blk_device.c_str());
- bool crypt_footer = false;
if (mount_errno != EBUSY && mount_errno != EACCES &&
current_entry.fs_mgr_flags.formattable && wiped) {
// current_entry and attempted_entry point at the same partition, but sometimes
@@ -1544,19 +1509,6 @@
checkpoint_manager.Revert(¤t_entry);
- if (current_entry.is_encryptable() && current_entry.key_loc != KEY_IN_FOOTER) {
- unique_fd fd(TEMP_FAILURE_RETRY(
- open(current_entry.key_loc.c_str(), O_WRONLY | O_CLOEXEC)));
- if (fd >= 0) {
- LINFO << __FUNCTION__ << "(): also wipe " << current_entry.key_loc;
- wipe_block_device(fd, get_file_size(fd));
- } else {
- PERROR << __FUNCTION__ << "(): " << current_entry.key_loc << " wouldn't open";
- }
- } else if (current_entry.is_encryptable() && current_entry.key_loc == KEY_IN_FOOTER) {
- crypt_footer = true;
- }
-
// EncryptInplace will be used when vdc gives an error or needs to format partitions
// other than /data
if (should_use_metadata_encryption(current_entry) &&
@@ -1577,7 +1529,7 @@
}
}
- if (fs_mgr_do_format(current_entry, crypt_footer) == 0) {
+ if (fs_mgr_do_format(current_entry) == 0) {
// Let's replay the mount actions.
i = top_idx - 1;
continue;
@@ -1590,27 +1542,8 @@
}
// mount(2) returned an error, handle the encryptable/formattable case.
- if (mount_errno != EBUSY && mount_errno != EACCES && attempted_entry.is_encryptable()) {
- if (wiped) {
- LERROR << __FUNCTION__ << "(): " << attempted_entry.blk_device << " is wiped and "
- << attempted_entry.mount_point << " " << attempted_entry.fs_type
- << " is encryptable. Suggest recovery...";
- encryptable = FS_MGR_MNTALL_DEV_NEEDS_RECOVERY;
- continue;
- } else {
- // Need to mount a tmpfs at this mountpoint for now, and set
- // properties that vold will query later for decrypting
- LERROR << __FUNCTION__ << "(): possibly an encryptable blkdev "
- << attempted_entry.blk_device << " for mount " << attempted_entry.mount_point
- << " type " << attempted_entry.fs_type;
- if (fs_mgr_do_tmpfs_mount(attempted_entry.mount_point.c_str()) < 0) {
- ++error_count;
- continue;
- }
- }
- encryptable = FS_MGR_MNTALL_DEV_MIGHT_BE_ENCRYPTED;
- } else if (mount_errno != EBUSY && mount_errno != EACCES &&
- should_use_metadata_encryption(attempted_entry)) {
+ if (mount_errno != EBUSY && mount_errno != EACCES &&
+ should_use_metadata_encryption(attempted_entry)) {
if (!call_vdc({"cryptfs", "mountFstab", attempted_entry.blk_device,
attempted_entry.mount_point},
nullptr)) {
diff --git a/fs_mgr/fs_mgr_format.cpp b/fs_mgr/fs_mgr_format.cpp
index 301c907..bb49873 100644
--- a/fs_mgr/fs_mgr_format.cpp
+++ b/fs_mgr/fs_mgr_format.cpp
@@ -34,7 +34,6 @@
#include <selinux/selinux.h>
#include "fs_mgr_priv.h"
-#include "cryptfs.h"
using android::base::unique_fd;
@@ -58,7 +57,7 @@
}
static int format_ext4(const std::string& fs_blkdev, const std::string& fs_mnt_point,
- bool crypt_footer, bool needs_projid, bool needs_metadata_csum) {
+ bool needs_projid, bool needs_metadata_csum) {
uint64_t dev_sz;
int rc = 0;
@@ -68,9 +67,6 @@
}
/* Format the partition using the calculated length */
- if (crypt_footer) {
- dev_sz -= CRYPT_FOOTER_OFFSET;
- }
std::string size_str = std::to_string(dev_sz / 4096);
@@ -120,8 +116,8 @@
return rc;
}
-static int format_f2fs(const std::string& fs_blkdev, uint64_t dev_sz, bool crypt_footer,
- bool needs_projid, bool needs_casefold, bool fs_compress) {
+static int format_f2fs(const std::string& fs_blkdev, uint64_t dev_sz, bool needs_projid,
+ bool needs_casefold, bool fs_compress) {
if (!dev_sz) {
int rc = get_dev_sz(fs_blkdev, &dev_sz);
if (rc) {
@@ -130,9 +126,6 @@
}
/* Format the partition using the calculated length */
- if (crypt_footer) {
- dev_sz -= CRYPT_FOOTER_OFFSET;
- }
std::string size_str = std::to_string(dev_sz / 4096);
@@ -159,7 +152,7 @@
return logwrap_fork_execvp(args.size(), args.data(), nullptr, false, LOG_KLOG, false, nullptr);
}
-int fs_mgr_do_format(const FstabEntry& entry, bool crypt_footer) {
+int fs_mgr_do_format(const FstabEntry& entry) {
LERROR << __FUNCTION__ << ": Format " << entry.blk_device << " as '" << entry.fs_type << "'";
bool needs_casefold = false;
@@ -171,10 +164,10 @@
}
if (entry.fs_type == "f2fs") {
- return format_f2fs(entry.blk_device, entry.length, crypt_footer, needs_projid,
- needs_casefold, entry.fs_mgr_flags.fs_compress);
+ return format_f2fs(entry.blk_device, entry.length, needs_projid, needs_casefold,
+ entry.fs_mgr_flags.fs_compress);
} else if (entry.fs_type == "ext4") {
- return format_ext4(entry.blk_device, entry.mount_point, crypt_footer, needs_projid,
+ return format_ext4(entry.blk_device, entry.mount_point, needs_projid,
entry.fs_mgr_flags.ext_meta_csum);
} else {
LERROR << "File system type '" << entry.fs_type << "' is not supported";
diff --git a/fs_mgr/fs_mgr_fstab.cpp b/fs_mgr/fs_mgr_fstab.cpp
index 609bd11..9b51529 100644
--- a/fs_mgr/fs_mgr_fstab.cpp
+++ b/fs_mgr/fs_mgr_fstab.cpp
@@ -138,7 +138,7 @@
entry->reserved_size = size_in_4k_blocks << 12;
}
} else if (StartsWith(flag, "lowerdir=")) {
- entry->lowerdir = std::move(arg);
+ entry->lowerdir = arg;
}
}
}
@@ -146,7 +146,7 @@
entry->fs_options = std::move(fs_options);
}
-void ParseFsMgrFlags(const std::string& flags, FstabEntry* entry) {
+bool ParseFsMgrFlags(const std::string& flags, FstabEntry* entry) {
for (const auto& flag : Split(flags, ",")) {
if (flag.empty() || flag == "defaults") continue;
std::string arg;
@@ -189,9 +189,18 @@
// Then handle flags that take an argument.
if (StartsWith(flag, "encryptable=")) {
- // The encryptable flag is followed by an = and the location of the keys.
+ // The "encryptable" flag identifies adoptable storage volumes. The
+ // argument to this flag is ignored, but it should be "userdata".
+ //
+ // Historical note: this flag was originally meant just for /data,
+ // to indicate that FDE (full disk encryption) can be enabled.
+ // Unfortunately, it was also overloaded to identify adoptable
+ // storage volumes. Today, FDE is no longer supported, leaving only
+ // the adoptable storage volume meaning for this flag.
entry->fs_mgr_flags.crypt = true;
- entry->key_loc = arg;
+ } else if (StartsWith(flag, "forceencrypt=") || StartsWith(flag, "forcefdeorfbe=")) {
+ LERROR << "flag no longer supported: " << flag;
+ return false;
} else if (StartsWith(flag, "voldmanaged=")) {
// The voldmanaged flag is followed by an = and the label, a colon and the partition
// number or the word "auto", e.g. voldmanaged=sdcard:3
@@ -235,18 +244,8 @@
LWARNING << "Warning: zramsize= flag malformed: " << arg;
}
}
- } else if (StartsWith(flag, "forceencrypt=")) {
- // The forceencrypt flag is followed by an = and the location of the keys.
- entry->fs_mgr_flags.force_crypt = true;
- entry->key_loc = arg;
} else if (StartsWith(flag, "fileencryption=")) {
ParseFileEncryption(arg, entry);
- } else if (StartsWith(flag, "forcefdeorfbe=")) {
- // The forcefdeorfbe flag is followed by an = and the location of the keys. Get it and
- // return it.
- entry->fs_mgr_flags.force_fde_or_fbe = true;
- entry->key_loc = arg;
- entry->encryption_options = "aes-256-xts:aes-256-cts";
} else if (StartsWith(flag, "max_comp_streams=")) {
if (!ParseInt(arg, &entry->max_comp_streams)) {
LWARNING << "Warning: max_comp_streams= flag malformed: " << arg;
@@ -306,6 +305,19 @@
LWARNING << "Warning: unknown flag: " << flag;
}
}
+
+ // FDE is no longer supported, so reject "encryptable" when used without
+ // "vold_managed". For now skip this check when in recovery mode, since
+ // some recovery fstabs still contain the FDE options since they didn't do
+ // anything in recovery mode anyway (except possibly to cause the
+ // reservation of a crypto footer) and thus never got removed.
+ if (entry->fs_mgr_flags.crypt && !entry->fs_mgr_flags.vold_managed &&
+ access("/system/bin/recovery", F_OK) != 0) {
+ LERROR << "FDE is no longer supported; 'encryptable' can only be used for adoptable "
+ "storage";
+ return false;
+ }
+ return true;
}
std::string InitAndroidDtDir() {
@@ -576,7 +588,10 @@
goto err;
}
- ParseFsMgrFlags(p, &entry);
+ if (!ParseFsMgrFlags(p, &entry)) {
+ LERROR << "Error parsing fs_mgr_flags";
+ goto err;
+ }
if (entry.fs_mgr_flags.logical) {
entry.logical_partition_name = entry.blk_device;
diff --git a/fs_mgr/fs_mgr_remount.cpp b/fs_mgr/fs_mgr_remount.cpp
index bf53c14..deaf5f7 100644
--- a/fs_mgr/fs_mgr_remount.cpp
+++ b/fs_mgr/fs_mgr_remount.cpp
@@ -42,6 +42,8 @@
#include <libavb_user/libavb_user.h>
#include <libgsi/libgsid.h>
+using namespace std::literals;
+
namespace {
[[noreturn]] void usage(int exit_status) {
@@ -142,6 +144,7 @@
BINDER_ERROR,
CHECKPOINTING,
GSID_ERROR,
+ CLEAN_SCRATCH_FILES,
};
static int do_remount(int argc, char* argv[]) {
@@ -163,6 +166,7 @@
{"help", no_argument, nullptr, 'h'},
{"reboot", no_argument, nullptr, 'R'},
{"verbose", no_argument, nullptr, 'v'},
+ {"clean_scratch_files", no_argument, nullptr, 'C'},
{0, 0, nullptr, 0},
};
for (int opt; (opt = ::getopt_long(argc, argv, "hRT:v", longopts, nullptr)) != -1;) {
@@ -183,6 +187,8 @@
case 'v':
verbose = true;
break;
+ case 'C':
+ return CLEAN_SCRATCH_FILES;
default:
LOG(ERROR) << "Bad Argument -" << char(opt);
usage(BADARG);
@@ -476,14 +482,24 @@
return retval;
}
+static int do_clean_scratch_files() {
+ android::fs_mgr::CleanupOldScratchFiles();
+ return 0;
+}
+
int main(int argc, char* argv[]) {
android::base::InitLogging(argv, MyLogger);
+ if (argc > 0 && android::base::Basename(argv[0]) == "clean_scratch_files"s) {
+ return do_clean_scratch_files();
+ }
int result = do_remount(argc, argv);
if (result == MUST_REBOOT) {
LOG(INFO) << "Now reboot your device for settings to take effect";
result = 0;
} else if (result == REMOUNT_SUCCESS) {
printf("remount succeeded\n");
+ } else if (result == CLEAN_SCRATCH_FILES) {
+ return do_clean_scratch_files();
} else {
printf("remount failed\n");
}
diff --git a/fs_mgr/fs_mgr_roots.cpp b/fs_mgr/fs_mgr_roots.cpp
index d275320..2ad8125 100644
--- a/fs_mgr/fs_mgr_roots.cpp
+++ b/fs_mgr/fs_mgr_roots.cpp
@@ -125,8 +125,7 @@
int result = fs_mgr_do_mount_one(*rec, mount_point);
if (result == -1 && rec->fs_mgr_flags.formattable) {
PERROR << "Failed to mount " << mount_point << "; formatting";
- bool crypt_footer = rec->is_encryptable() && rec->key_loc == "footer";
- if (fs_mgr_do_format(*rec, crypt_footer) != 0) {
+ if (fs_mgr_do_format(*rec) != 0) {
PERROR << "Failed to format " << mount_point;
return false;
}
diff --git a/fs_mgr/include/fs_mgr.h b/fs_mgr/include/fs_mgr.h
index 21c9989..29a5e60 100644
--- a/fs_mgr/include/fs_mgr.h
+++ b/fs_mgr/include/fs_mgr.h
@@ -56,9 +56,6 @@
#define FS_MGR_MNTALL_DEV_NEEDS_METADATA_ENCRYPTION 6
#define FS_MGR_MNTALL_DEV_FILE_ENCRYPTED 5
#define FS_MGR_MNTALL_DEV_NEEDS_RECOVERY 4
-#define FS_MGR_MNTALL_DEV_NEEDS_ENCRYPTION 3
-#define FS_MGR_MNTALL_DEV_MIGHT_BE_ENCRYPTED 2
-#define FS_MGR_MNTALL_DEV_NOT_ENCRYPTED 1
#define FS_MGR_MNTALL_DEV_NOT_ENCRYPTABLE 0
#define FS_MGR_MNTALL_FAIL (-1)
@@ -107,7 +104,7 @@
// device is in "check_at_most_once" mode.
bool fs_mgr_verity_is_check_at_most_once(const android::fs_mgr::FstabEntry& entry);
-int fs_mgr_do_format(const android::fs_mgr::FstabEntry& entry, bool reserve_footer);
+int fs_mgr_do_format(const android::fs_mgr::FstabEntry& entry);
#define FS_MGR_SETUP_VERITY_SKIPPED (-3)
#define FS_MGR_SETUP_VERITY_DISABLED (-2)
diff --git a/fs_mgr/include_fstab/fstab/fstab.h b/fs_mgr/include_fstab/fstab/fstab.h
index d0f32a3..d9c326d 100644
--- a/fs_mgr/include_fstab/fstab/fstab.h
+++ b/fs_mgr/include_fstab/fstab/fstab.h
@@ -37,7 +37,6 @@
unsigned long flags = 0;
std::string fs_options;
std::string fs_checkpoint_opts;
- std::string key_loc;
std::string metadata_key_dir;
std::string metadata_encryption;
off64_t length = 0;
@@ -60,19 +59,17 @@
struct FsMgrFlags {
bool wait : 1;
bool check : 1;
- bool crypt : 1;
+ bool crypt : 1; // Now only used to identify adoptable storage volumes
bool nonremovable : 1;
bool vold_managed : 1;
bool recovery_only : 1;
bool verify : 1;
- bool force_crypt : 1;
bool no_emulated_sd : 1; // No emulated sdcard daemon; sd card is the only external
// storage.
bool no_trim : 1;
bool file_encryption : 1;
bool formattable : 1;
bool slot_select : 1;
- bool force_fde_or_fbe : 1;
bool late_mount : 1;
bool no_fail : 1;
bool verify_at_boot : 1;
@@ -89,9 +86,7 @@
bool overlayfs_remove_missing_lowerdir : 1;
} fs_mgr_flags = {};
- bool is_encryptable() const {
- return fs_mgr_flags.crypt || fs_mgr_flags.force_crypt || fs_mgr_flags.force_fde_or_fbe;
- }
+ bool is_encryptable() const { return fs_mgr_flags.crypt; }
};
// An Fstab is a collection of FstabEntry structs.
diff --git a/fs_mgr/libfiemap/image_manager.cpp b/fs_mgr/libfiemap/image_manager.cpp
index dcbbc54..2c14c8a 100644
--- a/fs_mgr/libfiemap/image_manager.cpp
+++ b/fs_mgr/libfiemap/image_manager.cpp
@@ -696,7 +696,12 @@
bool ok = true;
for (const auto& partition : metadata->partitions) {
if (partition.attributes & LP_PARTITION_ATTR_DISABLED) {
- ok &= DeleteBackingImage(GetPartitionName(partition));
+ const auto name = GetPartitionName(partition);
+ if (!DeleteBackingImage(name)) {
+ ok = false;
+ } else {
+ LOG(INFO) << "Removed disabled partition image: " << name;
+ }
}
}
return ok;
diff --git a/fs_mgr/libsnapshot/snapshot_fuzz_utils.cpp b/fs_mgr/libsnapshot/snapshot_fuzz_utils.cpp
index acee2f4..54c6a00 100644
--- a/fs_mgr/libsnapshot/snapshot_fuzz_utils.cpp
+++ b/fs_mgr/libsnapshot/snapshot_fuzz_utils.cpp
@@ -488,7 +488,7 @@
.fs_type = "ext4",
.mount_point = mount_point,
};
- CHECK(0 == fs_mgr_do_format(entry, false /* crypt_footer */));
+ CHECK(0 == fs_mgr_do_format(entry));
CHECK(0 == fs_mgr_do_mount_one(entry));
return std::make_unique<AutoUnmount>(mount_point);
}
diff --git a/fs_mgr/tests/fs_mgr_test.cpp b/fs_mgr/tests/fs_mgr_test.cpp
index 94e1abb..d631d7a 100644
--- a/fs_mgr/tests/fs_mgr_test.cpp
+++ b/fs_mgr/tests/fs_mgr_test.cpp
@@ -193,13 +193,11 @@
lhs.vold_managed == rhs.vold_managed &&
lhs.recovery_only == rhs.recovery_only &&
lhs.verify == rhs.verify &&
- lhs.force_crypt == rhs.force_crypt &&
lhs.no_emulated_sd == rhs.no_emulated_sd &&
lhs.no_trim == rhs.no_trim &&
lhs.file_encryption == rhs.file_encryption &&
lhs.formattable == rhs.formattable &&
lhs.slot_select == rhs.slot_select &&
- lhs.force_fde_or_fbe == rhs.force_fde_or_fbe &&
lhs.late_mount == rhs.late_mount &&
lhs.no_fail == rhs.no_fail &&
lhs.verify_at_boot == rhs.verify_at_boot &&
@@ -488,18 +486,16 @@
TemporaryFile tf;
ASSERT_TRUE(tf.fd != -1);
std::string fstab_contents = R"fs(
-source none0 swap defaults encryptable,forceencrypt,fileencryption,forcefdeorfbe,keydirectory,length,swapprio,zramsize,max_comp_streams,reservedsize,eraseblk,logicalblk,sysfs_path,zram_backingdev_size
+source none0 swap defaults fileencryption,keydirectory,length,swapprio,zramsize,max_comp_streams,reservedsize,eraseblk,logicalblk,sysfs_path,zram_backingdev_size
-source none1 swap defaults encryptable=,forceencrypt=,fileencryption=,keydirectory=,length=,swapprio=,zramsize=,max_comp_streams=,avb=,reservedsize=,eraseblk=,logicalblk=,sysfs_path=,zram_backingdev_size=
-
-source none2 swap defaults forcefdeorfbe=
+source none1 swap defaults fileencryption=,keydirectory=,length=,swapprio=,zramsize=,max_comp_streams=,avb=,reservedsize=,eraseblk=,logicalblk=,sysfs_path=,zram_backingdev_size=
)fs";
ASSERT_TRUE(android::base::WriteStringToFile(fstab_contents, tf.path));
Fstab fstab;
EXPECT_TRUE(ReadFstabFromFile(tf.path, &fstab));
- ASSERT_LE(3U, fstab.size());
+ ASSERT_LE(2U, fstab.size());
auto entry = fstab.begin();
EXPECT_EQ("none0", entry->mount_point);
@@ -507,7 +503,6 @@
FstabEntry::FsMgrFlags flags = {};
EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
}
- EXPECT_EQ("", entry->key_loc);
EXPECT_EQ("", entry->metadata_key_dir);
EXPECT_EQ(0, entry->length);
EXPECT_EQ("", entry->label);
@@ -526,13 +521,10 @@
EXPECT_EQ("none1", entry->mount_point);
{
FstabEntry::FsMgrFlags flags = {};
- flags.crypt = true;
- flags.force_crypt = true;
flags.file_encryption = true;
flags.avb = true;
EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
}
- EXPECT_EQ("", entry->key_loc);
EXPECT_EQ("", entry->metadata_key_dir);
EXPECT_EQ(0, entry->length);
EXPECT_EQ("", entry->label);
@@ -546,24 +538,26 @@
EXPECT_EQ(0, entry->logical_blk_size);
EXPECT_EQ("", entry->sysfs_path);
EXPECT_EQ(0U, entry->zram_backingdev_size);
- entry++;
-
- // forcefdeorfbe has its own encryption_options defaults, so test it separately.
- EXPECT_EQ("none2", entry->mount_point);
- {
- FstabEntry::FsMgrFlags flags = {};
- flags.force_fde_or_fbe = true;
- EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
- }
- EXPECT_EQ("aes-256-xts:aes-256-cts", entry->encryption_options);
- EXPECT_EQ("", entry->key_loc);
}
-TEST(fs_mgr, ReadFstabFromFile_FsMgrOptions_Encryptable) {
+// FDE is no longer supported, so an fstab with FDE enabled should be rejected.
+TEST(fs_mgr, ReadFstabFromFile_FsMgrOptions_FDE) {
TemporaryFile tf;
ASSERT_TRUE(tf.fd != -1);
std::string fstab_contents = R"fs(
-source none0 swap defaults encryptable=/dir/key
+source /data ext4 noatime forceencrypt=footer
+)fs";
+ ASSERT_TRUE(android::base::WriteStringToFile(fstab_contents, tf.path));
+
+ Fstab fstab;
+ EXPECT_FALSE(ReadFstabFromFile(tf.path, &fstab));
+}
+
+TEST(fs_mgr, ReadFstabFromFile_FsMgrOptions_AdoptableStorage) {
+ TemporaryFile tf;
+ ASSERT_TRUE(tf.fd != -1);
+ std::string fstab_contents = R"fs(
+source none0 swap defaults encryptable=userdata,voldmanaged=sdcard:auto
)fs";
ASSERT_TRUE(android::base::WriteStringToFile(fstab_contents, tf.path));
@@ -573,11 +567,11 @@
FstabEntry::FsMgrFlags flags = {};
flags.crypt = true;
+ flags.vold_managed = true;
auto entry = fstab.begin();
EXPECT_EQ("none0", entry->mount_point);
EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
- EXPECT_EQ("/dir/key", entry->key_loc);
}
TEST(fs_mgr, ReadFstabFromFile_FsMgrOptions_VoldManaged) {
@@ -725,53 +719,6 @@
EXPECT_EQ(0, entry->zram_size);
}
-TEST(fs_mgr, ReadFstabFromFile_FsMgrOptions_ForceEncrypt) {
- TemporaryFile tf;
- ASSERT_TRUE(tf.fd != -1);
- std::string fstab_contents = R"fs(
-source none0 swap defaults forceencrypt=/dir/key
-)fs";
-
- ASSERT_TRUE(android::base::WriteStringToFile(fstab_contents, tf.path));
-
- Fstab fstab;
- EXPECT_TRUE(ReadFstabFromFile(tf.path, &fstab));
- ASSERT_LE(1U, fstab.size());
-
- auto entry = fstab.begin();
- EXPECT_EQ("none0", entry->mount_point);
-
- FstabEntry::FsMgrFlags flags = {};
- flags.force_crypt = true;
- EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
-
- EXPECT_EQ("/dir/key", entry->key_loc);
-}
-
-TEST(fs_mgr, ReadFstabFromFile_FsMgrOptions_ForceFdeOrFbe) {
- TemporaryFile tf;
- ASSERT_TRUE(tf.fd != -1);
- std::string fstab_contents = R"fs(
-source none0 swap defaults forcefdeorfbe=/dir/key
-)fs";
-
- ASSERT_TRUE(android::base::WriteStringToFile(fstab_contents, tf.path));
-
- Fstab fstab;
- EXPECT_TRUE(ReadFstabFromFile(tf.path, &fstab));
- ASSERT_LE(1U, fstab.size());
-
- auto entry = fstab.begin();
- EXPECT_EQ("none0", entry->mount_point);
-
- FstabEntry::FsMgrFlags flags = {};
- flags.force_fde_or_fbe = true;
- EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
-
- EXPECT_EQ("/dir/key", entry->key_loc);
- EXPECT_EQ("aes-256-xts:aes-256-cts", entry->encryption_options);
-}
-
TEST(fs_mgr, ReadFstabFromFile_FsMgrOptions_FileEncryption) {
TemporaryFile tf;
ASSERT_TRUE(tf.fd != -1);
diff --git a/init/README.md b/init/README.md
index 6c29b07..b10ca9e 100644
--- a/init/README.md
+++ b/init/README.md
@@ -487,11 +487,6 @@
not already running. See the start entry for more information on
starting services.
-`class_start_post_data <serviceclass>`
-> Like `class_start`, but only considers services that were started
- after /data was mounted, and that were running at the time
- `class_reset_post_data` was called. Only used for FDE devices.
-
`class_stop <serviceclass>`
> Stop and disable all services of the specified class if they are
currently running.
@@ -501,10 +496,6 @@
currently running, without disabling them. They can be restarted
later using `class_start`.
-`class_reset_post_data <serviceclass>`
-> Like `class_reset`, but only considers services that were started
- after /data was mounted. Only used for FDE devices.
-
`class_restart <serviceclass>`
> Restarts all services of the specified class.
@@ -607,8 +598,7 @@
Properties are expanded within _level_.
`mark_post_data`
-> Used to mark the point right after /data is mounted. Used to implement the
- `class_reset_post_data` and `class_start_post_data` commands.
+> Used to mark the point right after /data is mounted.
`mkdir <path> [<mode>] [<owner>] [<group>] [encryption=<action>] [key=<key>]`
> Create a directory at _path_, optionally with the given mode, owner, and
diff --git a/init/builtins.cpp b/init/builtins.cpp
index 763a147..50a0cb2 100644
--- a/init/builtins.cpp
+++ b/init/builtins.cpp
@@ -46,7 +46,6 @@
#include <map>
#include <memory>
-#include <ApexProperties.sysprop.h>
#include <InitProperties.sysprop.h>
#include <android-base/chrono_utils.h>
#include <android-base/file.h>
@@ -177,28 +176,6 @@
return {};
}
-static Result<void> do_class_start_post_data(const BuiltinArguments& args) {
- if (args.context != kInitContext) {
- return Error() << "command 'class_start_post_data' only available in init context";
- }
- static bool is_apex_updatable = android::sysprop::ApexProperties::updatable().value_or(false);
-
- if (!is_apex_updatable) {
- // No need to start these on devices that don't support APEX, since they're not
- // stopped either.
- return {};
- }
- for (const auto& service : ServiceList::GetInstance()) {
- if (service->classnames().count(args[1])) {
- if (auto result = service->StartIfPostData(); !result.ok()) {
- LOG(ERROR) << "Could not start service '" << service->name()
- << "' as part of class '" << args[1] << "': " << result.error();
- }
- }
- }
- return {};
-}
-
static Result<void> do_class_stop(const BuiltinArguments& args) {
ForEachServiceInClass(args[1], &Service::Stop);
return {};
@@ -209,19 +186,6 @@
return {};
}
-static Result<void> do_class_reset_post_data(const BuiltinArguments& args) {
- if (args.context != kInitContext) {
- return Error() << "command 'class_reset_post_data' only available in init context";
- }
- static bool is_apex_updatable = android::sysprop::ApexProperties::updatable().value_or(false);
- if (!is_apex_updatable) {
- // No need to stop these on devices that don't support APEX.
- return {};
- }
- ForEachServiceInClass(args[1], &Service::ResetIfPostData);
- return {};
-}
-
static Result<void> do_class_restart(const BuiltinArguments& args) {
// Do not restart a class if it has a property persist.dont_start_class.CLASS set to 1.
if (android::base::GetBoolProperty("persist.init.dont_start_class." + args[1], false))
@@ -586,32 +550,7 @@
* return code is processed based on input code
*/
static Result<void> queue_fs_event(int code, bool userdata_remount) {
- if (code == FS_MGR_MNTALL_DEV_NEEDS_ENCRYPTION) {
- if (userdata_remount) {
- // FS_MGR_MNTALL_DEV_NEEDS_ENCRYPTION should only happen on FDE devices. Since we don't
- // support userdata remount on FDE devices, this should never been triggered. Time to
- // panic!
- LOG(ERROR) << "Userdata remount is not supported on FDE devices. How did you get here?";
- trigger_shutdown("reboot,requested-userdata-remount-on-fde-device");
- }
- ActionManager::GetInstance().QueueEventTrigger("encrypt");
- return {};
- } else if (code == FS_MGR_MNTALL_DEV_MIGHT_BE_ENCRYPTED) {
- if (userdata_remount) {
- // FS_MGR_MNTALL_DEV_MIGHT_BE_ENCRYPTED should only happen on FDE devices. Since we
- // don't support userdata remount on FDE devices, this should never been triggered.
- // Time to panic!
- LOG(ERROR) << "Userdata remount is not supported on FDE devices. How did you get here?";
- trigger_shutdown("reboot,requested-userdata-remount-on-fde-device");
- }
- SetProperty("ro.crypto.state", "encrypted");
- ActionManager::GetInstance().QueueEventTrigger("defaultcrypto");
- return {};
- } else if (code == FS_MGR_MNTALL_DEV_NOT_ENCRYPTED) {
- SetProperty("ro.crypto.state", "unencrypted");
- ActionManager::GetInstance().QueueEventTrigger("nonencrypted");
- return {};
- } else if (code == FS_MGR_MNTALL_DEV_NOT_ENCRYPTABLE) {
+ if (code == FS_MGR_MNTALL_DEV_NOT_ENCRYPTABLE) {
SetProperty("ro.crypto.state", "unsupported");
ActionManager::GetInstance().QueueEventTrigger("nonencrypted");
return {};
@@ -1119,17 +1058,6 @@
}
static Result<void> do_load_persist_props(const BuiltinArguments& args) {
- // Devices with FDE have load_persist_props called twice; the first time when the temporary
- // /data partition is mounted and then again once /data is truly mounted. We do not want to
- // read persistent properties from the temporary /data partition or mark persistent properties
- // as having been loaded during the first call, so we return in that case.
- std::string crypto_state = android::base::GetProperty("ro.crypto.state", "");
- std::string crypto_type = android::base::GetProperty("ro.crypto.type", "");
- if (crypto_state == "encrypted" && crypto_type == "block") {
- static size_t num_calls = 0;
- if (++num_calls == 1) return {};
- }
-
SendLoadPersistentPropertiesMessage();
start_waiting_for_property("ro.persistent_properties.ready", "true");
@@ -1464,10 +1392,8 @@
{"chmod", {2, 2, {true, do_chmod}}},
{"chown", {2, 3, {true, do_chown}}},
{"class_reset", {1, 1, {false, do_class_reset}}},
- {"class_reset_post_data", {1, 1, {false, do_class_reset_post_data}}},
{"class_restart", {1, 1, {false, do_class_restart}}},
{"class_start", {1, 1, {false, do_class_start}}},
- {"class_start_post_data", {1, 1, {false, do_class_start_post_data}}},
{"class_stop", {1, 1, {false, do_class_stop}}},
{"copy", {2, 2, {true, do_copy}}},
{"copy_per_line", {2, 2, {true, do_copy_per_line}}},
diff --git a/init/property_service.cpp b/init/property_service.cpp
index 83042ad..70e26ec 100644
--- a/init/property_service.cpp
+++ b/init/property_service.cpp
@@ -1175,10 +1175,8 @@
LoadPropertyInfoFromFile("/system_ext/etc/selinux/system_ext_property_contexts",
&property_infos);
}
- if (!LoadPropertyInfoFromFile("/vendor/etc/selinux/vendor_property_contexts",
- &property_infos)) {
- // Fallback to nonplat_* if vendor_* doesn't exist.
- LoadPropertyInfoFromFile("/vendor/etc/selinux/nonplat_property_contexts",
+ if (access("/vendor/etc/selinux/vendor_property_contexts", R_OK) != -1) {
+ LoadPropertyInfoFromFile("/vendor/etc/selinux/vendor_property_contexts",
&property_infos);
}
if (access("/product/etc/selinux/product_property_contexts", R_OK) != -1) {
@@ -1193,10 +1191,7 @@
return;
}
LoadPropertyInfoFromFile("/system_ext_property_contexts", &property_infos);
- if (!LoadPropertyInfoFromFile("/vendor_property_contexts", &property_infos)) {
- // Fallback to nonplat_* if vendor_* doesn't exist.
- LoadPropertyInfoFromFile("/nonplat_property_contexts", &property_infos);
- }
+ LoadPropertyInfoFromFile("/vendor_property_contexts", &property_infos);
LoadPropertyInfoFromFile("/product_property_contexts", &property_infos);
LoadPropertyInfoFromFile("/odm_property_contexts", &property_infos);
}
diff --git a/init/selinux.cpp b/init/selinux.cpp
index 29c0ff3..28cd012 100644
--- a/init/selinux.cpp
+++ b/init/selinux.cpp
@@ -27,7 +27,7 @@
// file located at /sepolicy and is directly loaded into the kernel SELinux subsystem.
// The split policy is for supporting treble devices. It splits the SEPolicy across files on
-// /system/etc/selinux (the 'plat' portion of the policy) and /vendor/etc/selinux (the 'nonplat'
+// /system/etc/selinux (the 'plat' portion of the policy) and /vendor/etc/selinux (the 'vendor'
// portion of the policy). This is necessary to allow the system image to be updated independently
// of the vendor image, while maintaining contributions from both partitions in the SEPolicy. This
// is especially important for VTS testing, where the SEPolicy on the Google System Image may not be
@@ -320,12 +320,12 @@
};
bool OpenSplitPolicy(PolicyFile* policy_file) {
- // IMPLEMENTATION NOTE: Split policy consists of three CIL files:
+ // IMPLEMENTATION NOTE: Split policy consists of three or more CIL files:
// * platform -- policy needed due to logic contained in the system image,
- // * non-platform -- policy needed due to logic contained in the vendor image,
+ // * vendor -- policy needed due to logic contained in the vendor image,
// * mapping -- mapping policy which helps preserve forward-compatibility of non-platform policy
// with newer versions of platform policy.
- //
+ // * (optional) policy needed due to logic on product, system_ext, or odm images.
// secilc is invoked to compile the above three policy files into a single monolithic policy
// file. This file is then loaded into the kernel.
@@ -404,17 +404,14 @@
product_mapping_file.clear();
}
- // vendor_sepolicy.cil and plat_pub_versioned.cil are the new design to replace
- // nonplat_sepolicy.cil.
- std::string plat_pub_versioned_cil_file("/vendor/etc/selinux/plat_pub_versioned.cil");
std::string vendor_policy_cil_file("/vendor/etc/selinux/vendor_sepolicy.cil");
-
if (access(vendor_policy_cil_file.c_str(), F_OK) == -1) {
- // For backward compatibility.
- // TODO: remove this after no device is using nonplat_sepolicy.cil.
- vendor_policy_cil_file = "/vendor/etc/selinux/nonplat_sepolicy.cil";
- plat_pub_versioned_cil_file.clear();
- } else if (access(plat_pub_versioned_cil_file.c_str(), F_OK) == -1) {
+ LOG(ERROR) << "Missing " << vendor_policy_cil_file;
+ return false;
+ }
+
+ std::string plat_pub_versioned_cil_file("/vendor/etc/selinux/plat_pub_versioned.cil");
+ if (access(plat_pub_versioned_cil_file.c_str(), F_OK) == -1) {
LOG(ERROR) << "Missing " << plat_pub_versioned_cil_file;
return false;
}
diff --git a/init/service.cpp b/init/service.cpp
index 489dd67..f7318cb 100644
--- a/init/service.cpp
+++ b/init/service.cpp
@@ -661,25 +661,6 @@
StopOrReset(SVC_RESET);
}
-void Service::ResetIfPostData() {
- if (post_data_) {
- if (flags_ & SVC_RUNNING) {
- running_at_post_data_reset_ = true;
- }
- StopOrReset(SVC_RESET);
- }
-}
-
-Result<void> Service::StartIfPostData() {
- // Start the service, but only if it was started after /data was mounted,
- // and it was still running when we reset the post-data services.
- if (running_at_post_data_reset_) {
- return Start();
- }
-
- return {};
-}
-
void Service::Stop() {
StopOrReset(SVC_DISABLED);
}
diff --git a/init/service.h b/init/service.h
index ccf6899..3289f54 100644
--- a/init/service.h
+++ b/init/service.h
@@ -80,10 +80,8 @@
Result<void> ExecStart();
Result<void> Start();
Result<void> StartIfNotDisabled();
- Result<void> StartIfPostData();
Result<void> Enable();
void Reset();
- void ResetIfPostData();
void Stop();
void Terminate();
void Timeout();
@@ -214,8 +212,6 @@
bool post_data_ = false;
- bool running_at_post_data_reset_ = false;
-
std::optional<std::string> on_failure_reboot_target_;
bool from_apex_ = false;
diff --git a/libprocessgroup/cgroup_map.cpp b/libprocessgroup/cgroup_map.cpp
index 0734f25..352847a 100644
--- a/libprocessgroup/cgroup_map.cpp
+++ b/libprocessgroup/cgroup_map.cpp
@@ -34,6 +34,7 @@
#include <android-base/logging.h>
#include <android-base/properties.h>
#include <android-base/stringprintf.h>
+#include <android-base/strings.h>
#include <android-base/unique_fd.h>
#include <cgroup_map.h>
#include <json/reader.h>
@@ -41,6 +42,7 @@
#include <processgroup/processgroup.h>
using android::base::GetBoolProperty;
+using android::base::StartsWith;
using android::base::StringPrintf;
using android::base::unique_fd;
using android::base::WriteStringToFile;
@@ -204,6 +206,24 @@
return CgroupController(nullptr);
}
+CgroupController CgroupMap::FindControllerByPath(const std::string& path) const {
+ if (!loaded_) {
+ LOG(ERROR) << "CgroupMap::FindControllerByPath called for [" << getpid()
+ << "] failed, RC file was not initialized properly";
+ return CgroupController(nullptr);
+ }
+
+ auto controller_count = ACgroupFile_getControllerCount();
+ for (uint32_t i = 0; i < controller_count; ++i) {
+ const ACgroupController* controller = ACgroupFile_getController(i);
+ if (StartsWith(path, ACgroupController_getPath(controller))) {
+ return CgroupController(controller);
+ }
+ }
+
+ return CgroupController(nullptr);
+}
+
int CgroupMap::ActivateControllers(const std::string& path) const {
if (__builtin_available(android 30, *)) {
auto controller_count = ACgroupFile_getControllerCount();
diff --git a/libprocessgroup/cgroup_map.h b/libprocessgroup/cgroup_map.h
index 22d717b..5cdf8b2 100644
--- a/libprocessgroup/cgroup_map.h
+++ b/libprocessgroup/cgroup_map.h
@@ -62,6 +62,7 @@
static CgroupMap& GetInstance();
CgroupController FindController(const std::string& name) const;
+ CgroupController FindControllerByPath(const std::string& path) const;
int ActivateControllers(const std::string& path) const;
private:
diff --git a/libprocessgroup/include/processgroup/processgroup.h b/libprocessgroup/include/processgroup/processgroup.h
index fa2642d..be34f95 100644
--- a/libprocessgroup/include/processgroup/processgroup.h
+++ b/libprocessgroup/include/processgroup/processgroup.h
@@ -26,6 +26,7 @@
static constexpr const char* CGROUPV2_CONTROLLER_NAME = "cgroup2";
bool CgroupGetControllerPath(const std::string& cgroup_name, std::string* path);
+bool CgroupGetControllerFromPath(const std::string& path, std::string* cgroup_name);
bool CgroupGetAttributePath(const std::string& attr_name, std::string* path);
bool CgroupGetAttributePathForTask(const std::string& attr_name, int tid, std::string* path);
diff --git a/libprocessgroup/processgroup.cpp b/libprocessgroup/processgroup.cpp
index faf945c..0320b02 100644
--- a/libprocessgroup/processgroup.cpp
+++ b/libprocessgroup/processgroup.cpp
@@ -69,6 +69,20 @@
return true;
}
+bool CgroupGetControllerFromPath(const std::string& path, std::string* cgroup_name) {
+ auto controller = CgroupMap::GetInstance().FindControllerByPath(path);
+
+ if (!controller.HasValue()) {
+ return false;
+ }
+
+ if (cgroup_name) {
+ *cgroup_name = controller.name();
+ }
+
+ return true;
+}
+
bool CgroupGetAttributePath(const std::string& attr_name, std::string* path) {
const TaskProfiles& tp = TaskProfiles::GetInstance();
const ProfileAttribute* attr = tp.GetAttribute(attr_name);
diff --git a/libprocessgroup/tools/Android.bp b/libprocessgroup/tools/Android.bp
new file mode 100644
index 0000000..91418e1
--- /dev/null
+++ b/libprocessgroup/tools/Android.bp
@@ -0,0 +1,30 @@
+// Copyright (C) 2021 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package {
+ default_applicable_licenses: ["Android-Apache-2.0"],
+}
+
+cc_binary {
+ name: "settaskprofile",
+ cflags: [
+ "-Wall",
+ "-Werror",
+ ],
+
+ srcs: ["settaskprofile.cpp"],
+ shared_libs: [
+ "libprocessgroup",
+ ],
+}
diff --git a/libprocessgroup/tools/settaskprofile.cpp b/libprocessgroup/tools/settaskprofile.cpp
new file mode 100644
index 0000000..f83944a
--- /dev/null
+++ b/libprocessgroup/tools/settaskprofile.cpp
@@ -0,0 +1,53 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <stdlib.h>
+
+#include <iostream>
+
+#include <processgroup/processgroup.h>
+
+[[noreturn]] static void usage(int exit_status) {
+ std::cerr << "Usage: " << getprogname() << " <tid> <profile> [... profileN]" << std::endl
+ << " tid Thread ID to apply the profiles to." << std::endl
+ << " profile Name of the profile to apply." << std::endl
+ << "Applies listed profiles to the thread with specified ID." << std::endl
+ << "Profiles are applied in the order specified in the command line." << std::endl
+ << "If applying a profile fails, remaining profiles are ignored." << std::endl;
+ exit(exit_status);
+}
+
+int main(int argc, char* argv[]) {
+ if (argc < 3) {
+ usage(EXIT_FAILURE);
+ }
+
+ int tid = atoi(argv[1]);
+ if (tid == 0) {
+ std::cerr << "Invalid thread id" << std::endl;
+ exit(EXIT_FAILURE);
+ }
+
+ for (int i = 2; i < argc; i++) {
+ if (!SetTaskProfiles(tid, {argv[i]})) {
+ std::cerr << "Failed to apply " << argv[i] << " profile" << std::endl;
+ exit(EXIT_FAILURE);
+ }
+ std::cout << "Profile " << argv[i] << " is applied successfully!" << std::endl;
+ }
+
+ return 0;
+}
diff --git a/llkd/libllkd.cpp b/llkd/libllkd.cpp
index c4c58ee..42602e9 100644
--- a/llkd/libllkd.cpp
+++ b/llkd/libllkd.cpp
@@ -1283,8 +1283,7 @@
llkEnableSysrqT &= !llkLowRam;
if (debuggable) {
llkEnableSysrqT |= llkCheckEng(LLK_ENABLE_SYSRQ_T_PROPERTY);
- if (!LLK_ENABLE_DEFAULT) { // NB: default is currently true ...
- llkEnable |= llkCheckEng(LLK_ENABLE_PROPERTY);
+ if (!LLK_ENABLE_DEFAULT) {
khtEnable |= llkCheckEng(KHT_ENABLE_PROPERTY);
}
}
diff --git a/llkd/llkd-debuggable.rc b/llkd/llkd-debuggable.rc
index 8697e9a..8355e9d 100644
--- a/llkd/llkd-debuggable.rc
+++ b/llkd/llkd-debuggable.rc
@@ -1,5 +1,5 @@
on property:ro.debuggable=1
- setprop llk.enable ${ro.llk.enable:-1}
+ setprop llk.enable ${ro.llk.enable:-0}
setprop khungtask.enable ${ro.khungtask.enable:-1}
on property:ro.llk.enable=eng
diff --git a/llkd/tests/llkd_test.cpp b/llkd/tests/llkd_test.cpp
index 475512c..8eb9b00 100644
--- a/llkd/tests/llkd_test.cpp
+++ b/llkd/tests/llkd_test.cpp
@@ -69,13 +69,9 @@
seconds llkdSleepPeriod(char state) {
auto default_eng = android::base::GetProperty(LLK_ENABLE_PROPERTY, "eng") == "eng";
auto default_enable = LLK_ENABLE_DEFAULT;
- if (!LLK_ENABLE_DEFAULT && default_eng &&
- android::base::GetBoolProperty("ro.debuggable", false)) {
- default_enable = true;
- }
default_enable = android::base::GetBoolProperty(LLK_ENABLE_PROPERTY, default_enable);
if (default_eng) {
- GTEST_LOG_INFO << LLK_ENABLE_PROPERTY " defaults to \"eng\" thus "
+ GTEST_LOG_INFO << LLK_ENABLE_PROPERTY " defaults to "
<< (default_enable ? "true" : "false") << "\n";
}
// Hail Mary hope is unconfigured.
@@ -108,10 +104,6 @@
rest();
}
default_enable = LLK_ENABLE_DEFAULT;
- if (!LLK_ENABLE_DEFAULT && (android::base::GetProperty(LLK_ENABLE_PROPERTY, "eng") == "eng") &&
- android::base::GetBoolProperty("ro.debuggable", false)) {
- default_enable = true;
- }
default_enable = android::base::GetBoolProperty(LLK_ENABLE_PROPERTY, default_enable);
if (default_enable) {
execute("start llkd-1");
diff --git a/property_service/libpropertyinfoserializer/property_info_serializer_test.cpp b/property_service/libpropertyinfoserializer/property_info_serializer_test.cpp
index 3907413..77cbdd4 100644
--- a/property_service/libpropertyinfoserializer/property_info_serializer_test.cpp
+++ b/property_service/libpropertyinfoserializer/property_info_serializer_test.cpp
@@ -490,7 +490,6 @@
{"media.recorder.show_manufacturer_and_model", "u:object_r:default_prop:s0"},
{"net.bt.name", "u:object_r:system_prop:s0"},
{"net.lte.ims.data.enabled", "u:object_r:net_radio_prop:s0"},
- {"net.qtaguid_enabled", "u:object_r:system_prop:s0"},
{"net.tcp.default_init_rwnd", "u:object_r:system_prop:s0"},
{"nfc.initialized", "u:object_r:nfc_prop:s0"},
{"persist.audio.fluence.speaker", "u:object_r:audio_prop:s0"},
diff --git a/rootdir/init.rc b/rootdir/init.rc
index 27fa059..939b92d 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -1119,37 +1119,6 @@
on charger
class_start charger
-on property:vold.decrypt=trigger_load_persist_props
- load_persist_props
- start logd
- start logd-reinit
-
-on property:vold.decrypt=trigger_post_fs_data
- trigger post-fs-data
- trigger zygote-start
-
-on property:vold.decrypt=trigger_restart_min_framework
- # A/B update verifier that marks a successful boot.
- exec_start update_verifier
- class_start main
-
-on property:vold.decrypt=trigger_restart_framework
- # A/B update verifier that marks a successful boot.
- exec_start update_verifier
- class_start_post_data hal
- class_start_post_data core
- class_start main
- class_start late_start
- setprop service.bootanim.exit 0
- setprop service.bootanim.progress 0
- start bootanim
-
-on property:vold.decrypt=trigger_shutdown_framework
- class_reset late_start
- class_reset main
- class_reset_post_data core
- class_reset_post_data hal
-
on property:sys.boot_completed=1
bootchart stop
# Setup per_boot directory so other .rc could start to use it on boot_completed
diff --git a/rootdir/init.zygote32.rc b/rootdir/init.zygote32.rc
index 0090841..63b09c0 100644
--- a/rootdir/init.zygote32.rc
+++ b/rootdir/init.zygote32.rc
@@ -10,6 +10,7 @@
onrestart restart audioserver
onrestart restart cameraserver
onrestart restart media
+ onrestart restart media.tuner
onrestart restart netd
onrestart restart wificond
task_profiles ProcessCapacityHigh
diff --git a/rootdir/init.zygote64.rc b/rootdir/init.zygote64.rc
index 63772bd..5bde5f4 100644
--- a/rootdir/init.zygote64.rc
+++ b/rootdir/init.zygote64.rc
@@ -10,6 +10,7 @@
onrestart restart audioserver
onrestart restart cameraserver
onrestart restart media
+ onrestart restart media.tuner
onrestart restart netd
onrestart restart wificond
task_profiles ProcessCapacityHigh
diff --git a/rootdir/init.zygote64_32.rc b/rootdir/init.zygote64_32.rc
index 3eee180..efb30d6 100644
--- a/rootdir/init.zygote64_32.rc
+++ b/rootdir/init.zygote64_32.rc
@@ -10,6 +10,7 @@
onrestart restart audioserver
onrestart restart cameraserver
onrestart restart media
+ onrestart restart media.tuner
onrestart restart netd
onrestart restart wificond
task_profiles ProcessCapacityHigh MaxPerformance
diff --git a/shell_and_utilities/Android.bp b/shell_and_utilities/Android.bp
index 97e8d8e..d85f6ed 100644
--- a/shell_and_utilities/Android.bp
+++ b/shell_and_utilities/Android.bp
@@ -26,6 +26,7 @@
"mkshrc",
"newfs_msdos",
"reboot",
+ "settaskprofile",
"sh",
"simpleperf",
"simpleperf_app_runner",