commit 89d22239d28c69daeb1b47f3200044dbe6fea60e
author David Anderson <dvander@google.com> Thu Jul 20 16:23:08 2023 +0000
committer Gerrit Code Review <noreply-gerritcodereview@google.com> Thu Jul 20 16:23:08 2023 +0000
tree d7a2144c99f61794ec9d187c9677a2fd056fdee0
parent 998c3b4fbe4347cbdded73b09bb63bb84e2a430f
parent e1132a9c2ff5a039fcdd33694fe42bd245d2fca8

Merge "snapuserd: Fix ubsan when reading a single aligned sector." into main

init/devices.cpp

diff --git a/init/devices.cpp b/init/devices.cpp
index d29ffd6..7c23492 100644
--- a/init/devices.cpp
+++ b/init/devices.cpp
@@ -568,6 +568,8 @@
         return;
     } else if (uevent.subsystem == "misc" && StartsWith(uevent.device_name, "dm-user/")) {
         devpath = "/dev/dm-user/" + uevent.device_name.substr(8);
+    } else if (uevent.subsystem == "misc" && uevent.device_name == "vfio/vfio") {
+        devpath = "/dev/" + uevent.device_name;
     } else {
         devpath = "/dev/" + Basename(uevent.path);
     }

rootdir/ueventd.rc

diff --git a/rootdir/ueventd.rc b/rootdir/ueventd.rc
index 0b7ffb8..60dcc2a 100644
--- a/rootdir/ueventd.rc
+++ b/rootdir/ueventd.rc
@@ -23,6 +23,11 @@
 subsystem dma_heap
    devname uevent_devpath
    dirname /dev/dma_heap
+
+subsystem vfio
+    devname uevent_devpath
+    dirname /dev/vfio
+
 # ueventd can only set permissions on device nodes and their associated
 # sysfs attributes, not on arbitrary paths.
 #
@@ -43,6 +48,7 @@
 /dev/binder               0666   root       root
 /dev/hwbinder             0666   root       root
 /dev/vndbinder            0666   root       root
+/dev/vfio/*               0666   root       root
 
 /dev/pmsg0                0222   root       log
 /dev/dma_heap/system      0444   system     system

trusty/storage/proxy/Android.bp

diff --git a/trusty/storage/proxy/Android.bp b/trusty/storage/proxy/Android.bp
index 2e97ee0..e362b8b 100644
--- a/trusty/storage/proxy/Android.bp
+++ b/trusty/storage/proxy/Android.bp
@@ -33,6 +33,7 @@
 
     shared_libs: [
         "libbase",
+        "libbinder_ndk",
         "libcutils",
         "liblog",
         "libhardware_legacy",

trusty/storage/proxy/proxy.c

diff --git a/trusty/storage/proxy/proxy.c b/trusty/storage/proxy/proxy.c
index c89c5b6..3b744ec 100644
--- a/trusty/storage/proxy/proxy.c
+++ b/trusty/storage/proxy/proxy.c
@@ -24,6 +24,7 @@
 #include <sys/stat.h>
 #include <unistd.h>
 
+#include <android/binder_process.h>
 #include <cutils/android_filesystem_config.h>
 
 #include "checkpoint_handling.h"
@@ -238,6 +239,15 @@
     /* parse arguments */
     parse_args(argc, argv);
 
+    /*
+     * Start binder threadpool. At least one extra binder thread is needed to
+     * connect to the wakelock service without relying on polling. If we poll on
+     * the main thread we end up pausing for at least 1s even if the service
+     * starts faster.
+     */
+    ABinderProcess_setThreadPoolMaxThreadCount(1);
+    ABinderProcess_startThreadPool();
+
     /* initialize secure storage directory */
     rc = storage_init(ss_data_root);
     if (rc < 0) return EXIT_FAILURE;

trusty/storage/proxy/rpmb.c

diff --git a/trusty/storage/proxy/rpmb.c b/trusty/storage/proxy/rpmb.c
index 22a85a7..1f5d107 100644
--- a/trusty/storage/proxy/rpmb.c
+++ b/trusty/storage/proxy/rpmb.c
@@ -399,6 +399,14 @@
 
     bool is_request_write = req->reliable_write_size > 0;
 
+    /*
+     * Internally this call connects to the suspend service, which will cause
+     * this service to start if not already running. If the binder thread pool
+     * has not been started at this point, this call will block and poll for the
+     * service every 1s. We need to make sure the thread pool is started to
+     * receive an async notification that the service is started to avoid
+     * blocking (see main).
+     */
     wl_rc = acquire_wake_lock(PARTIAL_WAKE_LOCK, UFS_WAKE_LOCK_NAME);
     if (wl_rc < 0) {
         ALOGE("%s: failed to acquire wakelock: %d, %s\n", __func__, wl_rc, strerror(errno));