Merge changes from topic "or_return"
* changes:
Sort exported headers of libutils
OR_RETURN supports status_t
diff --git a/fastboot/Android.mk b/fastboot/Android.mk
index 322fe5c..10bed6d 100644
--- a/fastboot/Android.mk
+++ b/fastboot/Android.mk
@@ -23,5 +23,5 @@
my_dist_files += $(HOST_OUT_EXECUTABLES)/make_f2fs
my_dist_files += $(HOST_OUT_EXECUTABLES)/make_f2fs_casefold
my_dist_files += $(HOST_OUT_EXECUTABLES)/sload_f2fs
-$(call dist-for-goals,dist_files sdk win_sdk,$(my_dist_files))
+$(call dist-for-goals,dist_files sdk,$(my_dist_files))
my_dist_files :=
diff --git a/fastboot/OWNERS b/fastboot/OWNERS
index 58b2a81..17b3466 100644
--- a/fastboot/OWNERS
+++ b/fastboot/OWNERS
@@ -1,3 +1,3 @@
dvander@google.com
-hridya@google.com
+elsk@google.com
enh@google.com
diff --git a/fastboot/device/commands.cpp b/fastboot/device/commands.cpp
index 4042531..b9f6c97 100644
--- a/fastboot/device/commands.cpp
+++ b/fastboot/device/commands.cpp
@@ -268,10 +268,18 @@
}
// arg[0] is the command name, arg[1] contains size of data to be downloaded
+ // which should always be 8 bytes
+ if (args[1].length() != 8) {
+ return device->WriteStatus(FastbootResult::FAIL,
+ "Invalid size (length of size != 8)");
+ }
unsigned int size;
if (!android::base::ParseUint("0x" + args[1], &size, kMaxDownloadSizeDefault)) {
return device->WriteStatus(FastbootResult::FAIL, "Invalid size");
}
+ if (size == 0) {
+ return device->WriteStatus(FastbootResult::FAIL, "Invalid size (0)");
+ }
device->download_data().resize(size);
if (!device->WriteStatus(FastbootResult::DATA, android::base::StringPrintf("%08x", size))) {
return false;
diff --git a/fastboot/device/fastboot_device.cpp b/fastboot/device/fastboot_device.cpp
index e6a834e..ae225de 100644
--- a/fastboot/device/fastboot_device.cpp
+++ b/fastboot/device/fastboot_device.cpp
@@ -186,6 +186,11 @@
PLOG(ERROR) << "Couldn't read command";
return;
}
+ if (std::count_if(command, command + bytes_read, iscntrl) != 0) {
+ WriteStatus(FastbootResult::FAIL,
+ "Command contains control character");
+ continue;
+ }
command[bytes_read] = '\0';
LOG(INFO) << "Fastboot command: " << command;
diff --git a/fastboot/device/flashing.cpp b/fastboot/device/flashing.cpp
index 3f9bcdc..7bef72a 100644
--- a/fastboot/device/flashing.cpp
+++ b/fastboot/device/flashing.cpp
@@ -172,7 +172,8 @@
return -EOVERFLOW;
} else if (data.size() < block_device_size &&
(partition_name == "boot" || partition_name == "boot_a" ||
- partition_name == "boot_b")) {
+ partition_name == "boot_b" || partition_name == "init_boot" ||
+ partition_name == "init_boot_a" || partition_name == "init_boot_b")) {
CopyAVBFooter(&data, block_device_size);
}
if (android::base::GetProperty("ro.system.build.type", "") != "user") {
diff --git a/fastboot/fastboot.bash b/fastboot/fastboot.bash
index f5a3384..e9bf9e9 100644
--- a/fastboot/fastboot.bash
+++ b/fastboot/fastboot.bash
@@ -109,7 +109,7 @@
cur="${COMP_WORDS[COMP_CWORD]}"
if [[ $i -eq $COMP_CWORD ]]; then
- partitions="boot bootloader dtbo modem odm odm_dlkm oem product pvmfw radio recovery system vbmeta vendor vendor_dlkm"
+ partitions="boot bootloader dtbo init_boot modem odm odm_dlkm oem product pvmfw radio recovery system system_dlkm vbmeta vendor vendor_dlkm"
COMPREPLY=( $(compgen -W "$partitions" -- $cur) )
else
_fastboot_util_complete_local_file "${cur}" '!*.img'
diff --git a/fastboot/fastboot.cpp b/fastboot/fastboot.cpp
index 532b524..fde1dab 100644
--- a/fastboot/fastboot.cpp
+++ b/fastboot/fastboot.cpp
@@ -141,6 +141,10 @@
static Image images[] = {
// clang-format off
{ "boot", "boot.img", "boot.sig", "boot", false, ImageType::BootCritical },
+ { "init_boot",
+ "init_boot.img", "init_boot.sig",
+ "init_boot",
+ true, ImageType::BootCritical },
{ nullptr, "boot_other.img", "boot.sig", "boot", true, ImageType::Normal },
{ "cache", "cache.img", "cache.sig", "cache", true, ImageType::Extra },
{ "dtbo", "dtbo.img", "dtbo.sig", "dtbo", true, ImageType::BootCritical },
@@ -152,6 +156,10 @@
{ "recovery", "recovery.img", "recovery.sig", "recovery", true, ImageType::BootCritical },
{ "super", "super.img", "super.sig", "super", true, ImageType::Extra },
{ "system", "system.img", "system.sig", "system", false, ImageType::Normal },
+ { "system_dlkm",
+ "system_dlkm.img", "system_dlkm.sig",
+ "system_dlkm",
+ true, ImageType::Normal },
{ "system_ext",
"system_ext.img", "system_ext.sig",
"system_ext",
@@ -1017,7 +1025,7 @@
return partition_size;
}
-static void copy_boot_avb_footer(const std::string& partition, struct fastboot_buffer* buf) {
+static void copy_avb_footer(const std::string& partition, struct fastboot_buffer* buf) {
if (buf->sz < AVB_FOOTER_SIZE) {
return;
}
@@ -1032,9 +1040,9 @@
// In this case, partition_size will be zero.
if (partition_size < buf->sz) {
fprintf(stderr,
- "Warning: skip copying boot image avb footer"
- " (boot partition size: %" PRId64 ", boot image size: %" PRId64 ").\n",
- partition_size, buf->sz);
+ "Warning: skip copying %s image avb footer"
+ " (%s partition size: %" PRId64 ", %s image size: %" PRId64 ").\n",
+ partition.c_str(), partition.c_str(), partition_size, partition.c_str(), buf->sz);
return;
}
@@ -1042,7 +1050,7 @@
// Because buf->fd will still be used afterwards.
std::string data;
if (!android::base::ReadFdToString(buf->fd, &data)) {
- die("Failed reading from boot");
+ die("Failed reading from %s", partition.c_str());
}
uint64_t footer_offset = buf->sz - AVB_FOOTER_SIZE;
@@ -1051,13 +1059,14 @@
return;
}
- unique_fd fd(make_temporary_fd("boot rewriting"));
+ const std::string tmp_fd_template = partition + " rewriting";
+ unique_fd fd(make_temporary_fd(tmp_fd_template.c_str()));
if (!android::base::WriteStringToFd(data, fd)) {
- die("Failed writing to modified boot");
+ die("Failed writing to modified %s", partition.c_str());
}
lseek(fd.get(), partition_size - AVB_FOOTER_SIZE, SEEK_SET);
if (!android::base::WriteStringToFd(data.substr(footer_offset), fd)) {
- die("Failed copying AVB footer in boot");
+ die("Failed copying AVB footer in %s", partition.c_str());
}
buf->fd = std::move(fd);
buf->sz = partition_size;
@@ -1068,8 +1077,9 @@
{
sparse_file** s;
- if (partition == "boot" || partition == "boot_a" || partition == "boot_b") {
- copy_boot_avb_footer(partition, buf);
+ if (partition == "boot" || partition == "boot_a" || partition == "boot_b" ||
+ partition == "init_boot" || partition == "init_boot_a" || partition == "init_boot_b") {
+ copy_avb_footer(partition, buf);
}
// Rewrite vbmeta if that's what we're flashing and modification has been requested.
diff --git a/fastboot/fuzzy_fastboot/README.md b/fastboot/fuzzy_fastboot/README.md
index 72967c5..a5b64c7 100644
--- a/fastboot/fuzzy_fastboot/README.md
+++ b/fastboot/fuzzy_fastboot/README.md
@@ -293,7 +293,7 @@
Begin with just the generic tests (i.e. no XML file). In particular, make sure all
the conformance tests are passing before you move on. All other tests require that
the basic generic conformance tests all pass for them to be valid. The conformance
-tests can be run with `./fuzzy_fastboot --gtests_filter=Conformance.*`.
+tests can be run with `./fuzzy_fastboot --gtest_filter=Conformance.*`.
#### Understanding and Fixing Failed Tests
Whenever a test fails, it will print out to the console the reason for failure
diff --git a/fastboot/fuzzy_fastboot/main.cpp b/fastboot/fuzzy_fastboot/main.cpp
index b6beaf9..8593adc 100644
--- a/fastboot/fuzzy_fastboot/main.cpp
+++ b/fastboot/fuzzy_fastboot/main.cpp
@@ -890,28 +890,51 @@
TEST_F(Fuzz, BadCommandTooLarge) {
std::string s = RandomString(FB_COMMAND_SZ + 1, rand_legal);
- EXPECT_EQ(fb->RawCommand(s), DEVICE_FAIL)
+ RetCode ret = fb->RawCommand(s);
+ EXPECT_TRUE(ret == DEVICE_FAIL || ret == IO_ERROR)
<< "Device did not respond with failure after sending length " << s.size()
<< " string of random ASCII chars";
+ if (ret == IO_ERROR) EXPECT_EQ(transport->Reset(), 0) << "USB reset failed";
std::string s1 = RandomString(1000, rand_legal);
- EXPECT_EQ(fb->RawCommand(s1), DEVICE_FAIL)
+ ret = fb->RawCommand(s1);
+ EXPECT_TRUE(ret == DEVICE_FAIL || ret == IO_ERROR)
<< "Device did not respond with failure after sending length " << s1.size()
<< " string of random ASCII chars";
+ if (ret == IO_ERROR) EXPECT_EQ(transport->Reset(), 0) << "USB reset failed";
std::string s2 = RandomString(1000, rand_illegal);
- EXPECT_EQ(fb->RawCommand(s2), DEVICE_FAIL)
- << "Device did not respond with failure after sending length " << s1.size()
+ ret = fb->RawCommand(s2);
+ EXPECT_TRUE(ret == DEVICE_FAIL || ret == IO_ERROR)
+ << "Device did not respond with failure after sending length " << s2.size()
<< " string of random non-ASCII chars";
+ if (ret == IO_ERROR) EXPECT_EQ(transport->Reset(), 0) << "USB reset failed";
std::string s3 = RandomString(1000, rand_char);
- EXPECT_EQ(fb->RawCommand(s3), DEVICE_FAIL)
- << "Device did not respond with failure after sending length " << s1.size()
+ ret = fb->RawCommand(s3);
+ EXPECT_TRUE(ret == DEVICE_FAIL || ret == IO_ERROR)
+ << "Device did not respond with failure after sending length " << s3.size()
<< " string of random chars";
+ if (ret == IO_ERROR) EXPECT_EQ(transport->Reset(), 0) << "USB reset failed";
+
+ std::string s4 = RandomString(10 * 1024 * 1024, rand_legal);
+ ret = fb->RawCommand(s);
+ EXPECT_TRUE(ret == DEVICE_FAIL || ret == IO_ERROR)
+ << "Device did not respond with failure after sending length " << s4.size()
+ << " string of random ASCII chars ";
+ if (ret == IO_ERROR) EXPECT_EQ(transport->Reset(), 0) << "USB reset failed";
+
+ ASSERT_TRUE(UsbStillAvailible()) << USB_PORT_GONE;
+ std::string resp;
+ EXPECT_EQ(fb->GetVar("product", &resp), SUCCESS)
+ << "Device is unresponsive to getvar command";
}
TEST_F(Fuzz, CommandTooLarge) {
for (const std::string& s : CMDS) {
std::string rs = RandomString(1000, rand_char);
- EXPECT_EQ(fb->RawCommand(s + rs), DEVICE_FAIL)
- << "Device did not respond with failure after '" << s + rs << "'";
+ RetCode ret;
+ ret = fb->RawCommand(s + rs);
+ EXPECT_TRUE(ret == DEVICE_FAIL || ret == IO_ERROR)
+ << "Device did not respond with failure " << ret << "after '" << s + rs << "'";
+ if (ret == IO_ERROR) EXPECT_EQ(transport->Reset(), 0) << "USB reset failed";
ASSERT_TRUE(UsbStillAvailible()) << USB_PORT_GONE;
std::string resp;
EXPECT_EQ(fb->GetVar("product", &resp), SUCCESS)
diff --git a/fs_mgr/Android.bp b/fs_mgr/Android.bp
index 5872dda..49761ac 100644
--- a/fs_mgr/Android.bp
+++ b/fs_mgr/Android.bp
@@ -69,7 +69,6 @@
"file_wait.cpp",
"fs_mgr.cpp",
"fs_mgr_format.cpp",
- "fs_mgr_verity.cpp",
"fs_mgr_dm_linear.cpp",
"fs_mgr_overlayfs.cpp",
"fs_mgr_roots.cpp",
diff --git a/fs_mgr/fs_mgr.cpp b/fs_mgr/fs_mgr.cpp
index 137b066..8ce961b 100644
--- a/fs_mgr/fs_mgr.cpp
+++ b/fs_mgr/fs_mgr.cpp
@@ -170,6 +170,22 @@
FS_STAT_SET_RESERVED_BLOCKS_FAILED | FS_STAT_ENABLE_ENCRYPTION_FAILED);
}
+static bool umount_retry(const std::string& mount_point) {
+ int retry_count = 5;
+ bool umounted = false;
+
+ while (retry_count-- > 0) {
+ umounted = umount(mount_point.c_str()) == 0;
+ if (umounted) {
+ LINFO << __FUNCTION__ << "(): unmount(" << mount_point << ") succeeded";
+ break;
+ }
+ PERROR << __FUNCTION__ << "(): umount(" << mount_point << ") failed";
+ if (retry_count) sleep(1);
+ }
+ return umounted;
+}
+
static void check_fs(const std::string& blk_device, const std::string& fs_type,
const std::string& target, int* fs_stat) {
int status;
@@ -209,25 +225,12 @@
tmpmnt_opts.c_str());
PINFO << __FUNCTION__ << "(): mount(" << blk_device << "," << target << "," << fs_type
<< ")=" << ret;
- if (!ret) {
- bool umounted = false;
- int retry_count = 5;
- while (retry_count-- > 0) {
- umounted = umount(target.c_str()) == 0;
- if (umounted) {
- LINFO << __FUNCTION__ << "(): unmount(" << target << ") succeeded";
- break;
- }
- PERROR << __FUNCTION__ << "(): umount(" << target << ") failed";
- if (retry_count) sleep(1);
- }
- if (!umounted) {
- // boot may fail but continue and leave it to later stage for now.
- PERROR << __FUNCTION__ << "(): umount(" << target << ") timed out";
- *fs_stat |= FS_STAT_RO_UNMOUNT_FAILED;
- }
- } else {
+ if (ret) {
*fs_stat |= FS_STAT_RO_MOUNT_FAILED;
+ } else if (!umount_retry(target)) {
+ // boot may fail but continue and leave it to later stage for now.
+ PERROR << __FUNCTION__ << "(): umount(" << target << ") timed out";
+ *fs_stat |= FS_STAT_RO_UNMOUNT_FAILED;
}
}
@@ -268,12 +271,12 @@
LINFO << "Running " << F2FS_FSCK_BIN << " -f -c 10000 --debug-cache "
<< realpath(blk_device);
ret = logwrap_fork_execvp(ARRAY_SIZE(f2fs_fsck_forced_argv), f2fs_fsck_forced_argv,
- &status, false, LOG_KLOG | LOG_FILE, false, FSCK_LOG_FILE);
+ &status, false, LOG_KLOG | LOG_FILE, false, nullptr);
} else {
LINFO << "Running " << F2FS_FSCK_BIN << " -a -c 10000 --debug-cache "
<< realpath(blk_device);
ret = logwrap_fork_execvp(ARRAY_SIZE(f2fs_fsck_argv), f2fs_fsck_argv, &status, false,
- LOG_KLOG | LOG_FILE, false, FSCK_LOG_FILE);
+ LOG_KLOG | LOG_FILE, false, nullptr);
}
if (ret < 0) {
/* No need to check for error in fork, we can't really handle it now */
@@ -1009,12 +1012,11 @@
// Check to see if a mountable volume has encryption requirements
static int handle_encryptable(const FstabEntry& entry) {
if (should_use_metadata_encryption(entry)) {
- if (umount(entry.mount_point.c_str()) == 0) {
+ if (umount_retry(entry.mount_point)) {
return FS_MGR_MNTALL_DEV_NEEDS_METADATA_ENCRYPTION;
- } else {
- PERROR << "Could not umount " << entry.mount_point << " - fail since can't encrypt";
- return FS_MGR_MNTALL_FAIL;
}
+ PERROR << "Could not umount " << entry.mount_point << " - fail since can't encrypt";
+ return FS_MGR_MNTALL_FAIL;
} else if (entry.fs_mgr_flags.file_encryption) {
LINFO << entry.mount_point << " is file encrypted";
return FS_MGR_MNTALL_DEV_FILE_ENCRYPTED;
@@ -1443,14 +1445,6 @@
// Skips mounting the device.
continue;
}
- } else if ((current_entry.fs_mgr_flags.verify)) {
- int rc = fs_mgr_setup_verity(¤t_entry, true);
- if (rc == FS_MGR_SETUP_VERITY_DISABLED || rc == FS_MGR_SETUP_VERITY_SKIPPED) {
- LINFO << "Verity disabled";
- } else if (rc != FS_MGR_SETUP_VERITY_SUCCESS) {
- LERROR << "Could not set up verified partition, skipping!";
- continue;
- }
}
int last_idx_inspected;
@@ -1615,13 +1609,6 @@
ret |= FsMgrUmountStatus::ERROR_VERITY;
continue;
}
- } else if ((current_entry.fs_mgr_flags.verify)) {
- if (!fs_mgr_teardown_verity(¤t_entry)) {
- LERROR << "Failed to tear down verified partition on mount point: "
- << current_entry.mount_point;
- ret |= FsMgrUmountStatus::ERROR_VERITY;
- continue;
- }
}
}
return ret;
@@ -1822,9 +1809,13 @@
auto& mount_point = alt_mount_point.empty() ? entry.mount_point : alt_mount_point;
// Run fsck if needed
- prepare_fs_for_mount(entry.blk_device, entry, mount_point);
+ int ret = prepare_fs_for_mount(entry.blk_device, entry, mount_point);
+ // Wiped case doesn't require to try __mount below.
+ if (ret & FS_STAT_INVALID_MAGIC) {
+ return FS_MGR_DOMNT_FAILED;
+ }
- int ret = __mount(entry.blk_device, mount_point, entry);
+ ret = __mount(entry.blk_device, mount_point, entry);
if (ret) {
ret = (errno == EBUSY) ? FS_MGR_DOMNT_BUSY : FS_MGR_DOMNT_FAILED;
}
@@ -1914,14 +1905,6 @@
// Skips mounting the device.
continue;
}
- } else if (fstab_entry.fs_mgr_flags.verify) {
- int rc = fs_mgr_setup_verity(&fstab_entry, true);
- if (rc == FS_MGR_SETUP_VERITY_DISABLED || rc == FS_MGR_SETUP_VERITY_SKIPPED) {
- LINFO << "Verity disabled";
- } else if (rc != FS_MGR_SETUP_VERITY_SUCCESS) {
- LERROR << "Could not set up verified partition, skipping!";
- continue;
- }
}
int retry_count = 2;
@@ -2140,7 +2123,7 @@
}
bool fs_mgr_is_verity_enabled(const FstabEntry& entry) {
- if (!entry.fs_mgr_flags.verify && !entry.fs_mgr_flags.avb) {
+ if (!entry.fs_mgr_flags.avb) {
return false;
}
@@ -2151,17 +2134,12 @@
return false;
}
- const char* status;
std::vector<DeviceMapper::TargetInfo> table;
if (!dm.GetTableStatus(mount_point, &table) || table.empty() || table[0].data.empty()) {
- if (!entry.fs_mgr_flags.verify_at_boot) {
- return false;
- }
- status = "V";
- } else {
- status = table[0].data.c_str();
+ return false;
}
+ auto status = table[0].data.c_str();
if (*status == 'C' || *status == 'V') {
return true;
}
@@ -2170,7 +2148,7 @@
}
std::optional<HashtreeInfo> fs_mgr_get_hashtree_info(const android::fs_mgr::FstabEntry& entry) {
- if (!entry.fs_mgr_flags.verify && !entry.fs_mgr_flags.avb) {
+ if (!entry.fs_mgr_flags.avb) {
return {};
}
DeviceMapper& dm = DeviceMapper::Instance();
@@ -2206,7 +2184,7 @@
}
bool fs_mgr_verity_is_check_at_most_once(const android::fs_mgr::FstabEntry& entry) {
- if (!entry.fs_mgr_flags.verify && !entry.fs_mgr_flags.avb) {
+ if (!entry.fs_mgr_flags.avb) {
return false;
}
@@ -2342,3 +2320,22 @@
LINFO << report << ret;
return true;
}
+
+bool fs_mgr_load_verity_state(int* mode) {
+ // unless otherwise specified, use EIO mode.
+ *mode = VERITY_MODE_EIO;
+
+ // The bootloader communicates verity mode via the kernel commandline
+ std::string verity_mode;
+ if (!fs_mgr_get_boot_config("veritymode", &verity_mode)) {
+ return false;
+ }
+
+ if (verity_mode == "enforcing") {
+ *mode = VERITY_MODE_DEFAULT;
+ } else if (verity_mode == "logging") {
+ *mode = VERITY_MODE_LOGGING;
+ }
+
+ return true;
+}
diff --git a/fs_mgr/fs_mgr_fstab.cpp b/fs_mgr/fs_mgr_fstab.cpp
index 07b533b..0ca1946 100644
--- a/fs_mgr/fs_mgr_fstab.cpp
+++ b/fs_mgr/fs_mgr_fstab.cpp
@@ -167,12 +167,10 @@
CheckFlag("recoveryonly", recovery_only);
CheckFlag("noemulatedsd", no_emulated_sd);
CheckFlag("notrim", no_trim);
- CheckFlag("verify", verify);
CheckFlag("formattable", formattable);
CheckFlag("slotselect", slot_select);
CheckFlag("latemount", late_mount);
CheckFlag("nofail", no_fail);
- CheckFlag("verifyatboot", verify_at_boot);
CheckFlag("quota", quota);
CheckFlag("avb", avb);
CheckFlag("logical", logical);
diff --git a/fs_mgr/fs_mgr_overlayfs.cpp b/fs_mgr/fs_mgr_overlayfs.cpp
index 2b31119..2da5b0f 100644
--- a/fs_mgr/fs_mgr_overlayfs.cpp
+++ b/fs_mgr/fs_mgr_overlayfs.cpp
@@ -880,9 +880,14 @@
errno = save_errno;
}
entry.flags &= ~MS_RDONLY;
+ entry.flags |= MS_SYNCHRONOUS;
+ entry.fs_options = "nodiscard";
fs_mgr_set_blk_ro(device_path, false);
}
- entry.fs_mgr_flags.check = true;
+ // check_fs requires apex runtime library
+ if (fs_mgr_overlayfs_already_mounted("/data", false)) {
+ entry.fs_mgr_flags.check = true;
+ }
auto save_errno = errno;
if (mounted) mounted = fs_mgr_do_mount_one(entry) == 0;
if (!mounted) {
diff --git a/fs_mgr/fs_mgr_verity.cpp b/fs_mgr/fs_mgr_verity.cpp
deleted file mode 100644
index efa2180..0000000
--- a/fs_mgr/fs_mgr_verity.cpp
+++ /dev/null
@@ -1,557 +0,0 @@
-/*
- * Copyright (C) 2013 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <ctype.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <inttypes.h>
-#include <libgen.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/mount.h>
-#include <sys/stat.h>
-#include <sys/types.h>
-#include <sys/wait.h>
-#include <time.h>
-#include <unistd.h>
-
-#include <android-base/file.h>
-#include <android-base/properties.h>
-#include <android-base/strings.h>
-#include <android-base/unique_fd.h>
-#include <crypto_utils/android_pubkey.h>
-#include <cutils/properties.h>
-#include <fs_mgr/file_wait.h>
-#include <libdm/dm.h>
-#include <logwrap/logwrap.h>
-#include <openssl/obj_mac.h>
-#include <openssl/rsa.h>
-#include <openssl/sha.h>
-
-#include "fec/io.h"
-
-#include "fs_mgr.h"
-#include "fs_mgr_dm_linear.h"
-#include "fs_mgr_priv.h"
-
-// Realistically, this file should be part of the android::fs_mgr namespace;
-using namespace android::fs_mgr;
-
-#define VERITY_TABLE_RSA_KEY "/verity_key"
-#define VERITY_TABLE_HASH_IDX 8
-#define VERITY_TABLE_SALT_IDX 9
-
-#define VERITY_TABLE_OPT_RESTART "restart_on_corruption"
-#define VERITY_TABLE_OPT_LOGGING "ignore_corruption"
-#define VERITY_TABLE_OPT_IGNZERO "ignore_zero_blocks"
-
-#define VERITY_TABLE_OPT_FEC_FORMAT \
- "use_fec_from_device %s fec_start %" PRIu64 " fec_blocks %" PRIu64 \
- " fec_roots %u " VERITY_TABLE_OPT_IGNZERO
-#define VERITY_TABLE_OPT_FEC_ARGS 9
-
-#define METADATA_MAGIC 0x01564c54
-#define METADATA_TAG_MAX_LENGTH 63
-#define METADATA_EOD "eod"
-
-#define VERITY_LASTSIG_TAG "verity_lastsig"
-
-#define VERITY_STATE_TAG "verity_state"
-#define VERITY_STATE_HEADER 0x83c0ae9d
-#define VERITY_STATE_VERSION 1
-
-#define VERITY_KMSG_RESTART "dm-verity device corrupted"
-#define VERITY_KMSG_BUFSIZE 1024
-
-#define READ_BUF_SIZE 4096
-
-#define __STRINGIFY(x) #x
-#define STRINGIFY(x) __STRINGIFY(x)
-
-struct verity_state {
- uint32_t header;
- uint32_t version;
- int32_t mode;
-};
-
-extern struct fs_info info;
-
-static RSA *load_key(const char *path)
-{
- uint8_t key_data[ANDROID_PUBKEY_ENCODED_SIZE];
-
- auto f = std::unique_ptr<FILE, decltype(&fclose)>{fopen(path, "re"), fclose};
- if (!f) {
- LERROR << "Can't open " << path;
- return nullptr;
- }
-
- if (!fread(key_data, sizeof(key_data), 1, f.get())) {
- LERROR << "Could not read key!";
- return nullptr;
- }
-
- RSA* key = nullptr;
- if (!android_pubkey_decode(key_data, sizeof(key_data), &key)) {
- LERROR << "Could not parse key!";
- return nullptr;
- }
-
- return key;
-}
-
-static int verify_table(const uint8_t *signature, size_t signature_size,
- const char *table, uint32_t table_length)
-{
- RSA *key;
- uint8_t hash_buf[SHA256_DIGEST_LENGTH];
- int retval = -1;
-
- // Hash the table
- SHA256((uint8_t*)table, table_length, hash_buf);
-
- // Now get the public key from the keyfile
- key = load_key(VERITY_TABLE_RSA_KEY);
- if (!key) {
- LERROR << "Couldn't load verity keys";
- goto out;
- }
-
- // verify the result
- if (!RSA_verify(NID_sha256, hash_buf, sizeof(hash_buf), signature,
- signature_size, key)) {
- LERROR << "Couldn't verify table";
- goto out;
- }
-
- retval = 0;
-
-out:
- RSA_free(key);
- return retval;
-}
-
-static int verify_verity_signature(const struct fec_verity_metadata& verity)
-{
- if (verify_table(verity.signature, sizeof(verity.signature),
- verity.table, verity.table_length) == 0 ||
- verify_table(verity.ecc_signature, sizeof(verity.ecc_signature),
- verity.table, verity.table_length) == 0) {
- return 0;
- }
-
- return -1;
-}
-
-static int invalidate_table(char *table, size_t table_length)
-{
- size_t n = 0;
- size_t idx = 0;
- size_t cleared = 0;
-
- while (n < table_length) {
- if (table[n++] == ' ') {
- ++idx;
- }
-
- if (idx != VERITY_TABLE_HASH_IDX && idx != VERITY_TABLE_SALT_IDX) {
- continue;
- }
-
- while (n < table_length && table[n] != ' ') {
- table[n++] = '0';
- }
-
- if (++cleared == 2) {
- return 0;
- }
- }
-
- return -1;
-}
-
-struct verity_table_params {
- char *table;
- int mode;
- struct fec_ecc_metadata ecc;
- const char *ecc_dev;
-};
-
-typedef bool (*format_verity_table_func)(char *buf, const size_t bufsize,
- const struct verity_table_params *params);
-
-static bool format_verity_table(char *buf, const size_t bufsize,
- const struct verity_table_params *params)
-{
- const char *mode_flag = NULL;
- int res = -1;
-
- if (params->mode == VERITY_MODE_RESTART) {
- mode_flag = VERITY_TABLE_OPT_RESTART;
- } else if (params->mode == VERITY_MODE_LOGGING) {
- mode_flag = VERITY_TABLE_OPT_LOGGING;
- }
-
- if (params->ecc.valid) {
- if (mode_flag) {
- res = snprintf(buf, bufsize,
- "%s %u %s " VERITY_TABLE_OPT_FEC_FORMAT,
- params->table, 1 + VERITY_TABLE_OPT_FEC_ARGS, mode_flag, params->ecc_dev,
- params->ecc.start / FEC_BLOCKSIZE, params->ecc.blocks, params->ecc.roots);
- } else {
- res = snprintf(buf, bufsize,
- "%s %u " VERITY_TABLE_OPT_FEC_FORMAT,
- params->table, VERITY_TABLE_OPT_FEC_ARGS, params->ecc_dev,
- params->ecc.start / FEC_BLOCKSIZE, params->ecc.blocks, params->ecc.roots);
- }
- } else if (mode_flag) {
- res = snprintf(buf, bufsize, "%s 2 " VERITY_TABLE_OPT_IGNZERO " %s", params->table,
- mode_flag);
- } else {
- res = snprintf(buf, bufsize, "%s 1 " VERITY_TABLE_OPT_IGNZERO, params->table);
- }
-
- if (res < 0 || (size_t)res >= bufsize) {
- LERROR << "Error building verity table; insufficient buffer size?";
- return false;
- }
-
- return true;
-}
-
-static bool format_legacy_verity_table(char *buf, const size_t bufsize,
- const struct verity_table_params *params)
-{
- int res;
-
- if (params->mode == VERITY_MODE_EIO) {
- res = strlcpy(buf, params->table, bufsize);
- } else {
- res = snprintf(buf, bufsize, "%s %d", params->table, params->mode);
- }
-
- if (res < 0 || (size_t)res >= bufsize) {
- LERROR << "Error building verity table; insufficient buffer size?";
- return false;
- }
-
- return true;
-}
-
-static int load_verity_table(android::dm::DeviceMapper& dm, const std::string& name,
- uint64_t device_size, const struct verity_table_params* params,
- format_verity_table_func format) {
- android::dm::DmTable table;
- table.set_readonly(true);
-
- char buffer[DM_BUF_SIZE];
- if (!format(buffer, sizeof(buffer), params)) {
- LERROR << "Failed to format verity parameters";
- return -1;
- }
-
- android::dm::DmTargetVerityString target(0, device_size / 512, buffer);
- if (!table.AddTarget(std::make_unique<decltype(target)>(target))) {
- LERROR << "Failed to add verity target";
- return -1;
- }
- if (!dm.CreateDevice(name, table)) {
- LERROR << "Failed to create verity device \"" << name << "\"";
- return -1;
- }
- return 0;
-}
-
-static int read_partition(const char *path, uint64_t size)
-{
- char buf[READ_BUF_SIZE];
- ssize_t size_read;
- android::base::unique_fd fd(TEMP_FAILURE_RETRY(open(path, O_RDONLY | O_CLOEXEC)));
-
- if (fd == -1) {
- PERROR << "Failed to open " << path;
- return -errno;
- }
-
- while (size) {
- size_read = TEMP_FAILURE_RETRY(read(fd, buf, READ_BUF_SIZE));
- if (size_read == -1) {
- PERROR << "Error in reading partition " << path;
- return -errno;
- }
- size -= size_read;
- }
-
- return 0;
-}
-
-bool fs_mgr_load_verity_state(int* mode) {
- // unless otherwise specified, use EIO mode.
- *mode = VERITY_MODE_EIO;
-
- // The bootloader communicates verity mode via the kernel commandline
- std::string verity_mode;
- if (!fs_mgr_get_boot_config("veritymode", &verity_mode)) {
- return false;
- }
-
- if (verity_mode == "enforcing") {
- *mode = VERITY_MODE_DEFAULT;
- } else if (verity_mode == "logging") {
- *mode = VERITY_MODE_LOGGING;
- }
-
- return true;
-}
-
-// Update the verity table using the actual block device path.
-// Two cases:
-// Case-1: verity table is shared for devices with different by-name prefix.
-// Example:
-// verity table token: /dev/block/bootdevice/by-name/vendor
-// blk_device-1 (non-A/B): /dev/block/platform/soc.0/7824900.sdhci/by-name/vendor
-// blk_device-2 (A/B): /dev/block/platform/soc.0/f9824900.sdhci/by-name/vendor_a
-//
-// Case-2: append A/B suffix in the verity table.
-// Example:
-// verity table token: /dev/block/platform/soc.0/7824900.sdhci/by-name/vendor
-// blk_device: /dev/block/platform/soc.0/7824900.sdhci/by-name/vendor_a
-static void update_verity_table_blk_device(const std::string& blk_device, char** table,
- bool slot_select) {
- bool updated = false;
- std::string result, ab_suffix;
- auto tokens = android::base::Split(*table, " ");
-
- // If slot_select is set, it means blk_device is already updated with ab_suffix.
- if (slot_select) ab_suffix = fs_mgr_get_slot_suffix();
-
- for (const auto& token : tokens) {
- std::string new_token;
- if (android::base::StartsWith(token, "/dev/block/")) {
- if (token == blk_device) return; // no need to update if they're already the same.
- std::size_t found1 = blk_device.find("by-name");
- std::size_t found2 = token.find("by-name");
- if (found1 != std::string::npos && found2 != std::string::npos &&
- blk_device.substr(found1) == token.substr(found2) + ab_suffix) {
- new_token = blk_device;
- }
- }
-
- if (!new_token.empty()) {
- updated = true;
- LINFO << "Verity table: updated block device from '" << token << "' to '" << new_token
- << "'";
- } else {
- new_token = token;
- }
-
- if (result.empty()) {
- result = new_token;
- } else {
- result += " " + new_token;
- }
- }
-
- if (!updated) {
- return;
- }
-
- free(*table);
- *table = strdup(result.c_str());
-}
-
-// prepares the verity enabled (MF_VERIFY / MF_VERIFYATBOOT) fstab record for
-// mount. The 'wait_for_verity_dev' parameter makes this function wait for the
-// verity device to get created before return
-int fs_mgr_setup_verity(FstabEntry* entry, bool wait_for_verity_dev) {
- int retval = FS_MGR_SETUP_VERITY_FAIL;
- int fd = -1;
- std::string verity_blk_name;
- struct fec_handle *f = NULL;
- struct fec_verity_metadata verity;
- struct verity_table_params params = { .table = NULL };
-
- const std::string mount_point(basename(entry->mount_point.c_str()));
- bool verified_at_boot = false;
-
- android::dm::DeviceMapper& dm = android::dm::DeviceMapper::Instance();
-
- if (fec_open(&f, entry->blk_device.c_str(), O_RDONLY, FEC_VERITY_DISABLE, FEC_DEFAULT_ROOTS) <
- 0) {
- PERROR << "Failed to open '" << entry->blk_device << "'";
- return retval;
- }
-
- // read verity metadata
- if (fec_verity_get_metadata(f, &verity) < 0) {
- PERROR << "Failed to get verity metadata '" << entry->blk_device << "'";
- // Allow verity disabled when the device is unlocked without metadata
- if (fs_mgr_is_device_unlocked()) {
- retval = FS_MGR_SETUP_VERITY_SKIPPED;
- LWARNING << "Allow invalid metadata when the device is unlocked";
- }
- goto out;
- }
-
-#ifdef ALLOW_ADBD_DISABLE_VERITY
- if (verity.disabled) {
- retval = FS_MGR_SETUP_VERITY_DISABLED;
- LINFO << "Attempt to cleanly disable verity - only works in USERDEBUG/ENG";
- goto out;
- }
-#endif
-
- // read ecc metadata
- if (fec_ecc_get_metadata(f, ¶ms.ecc) < 0) {
- params.ecc.valid = false;
- }
-
- params.ecc_dev = entry->blk_device.c_str();
-
- if (!fs_mgr_load_verity_state(¶ms.mode)) {
- /* if accessing or updating the state failed, switch to the default
- * safe mode. This makes sure the device won't end up in an endless
- * restart loop, and no corrupted data will be exposed to userspace
- * without a warning. */
- params.mode = VERITY_MODE_EIO;
- }
-
- if (!verity.table) {
- goto out;
- }
-
- params.table = strdup(verity.table);
- if (!params.table) {
- goto out;
- }
-
- // verify the signature on the table
- if (verify_verity_signature(verity) < 0) {
- // Allow signature verification error when the device is unlocked
- if (fs_mgr_is_device_unlocked()) {
- retval = FS_MGR_SETUP_VERITY_SKIPPED;
- LWARNING << "Allow signature verification error when the device is unlocked";
- goto out;
- }
- if (params.mode == VERITY_MODE_LOGGING) {
- // the user has been warned, allow mounting without dm-verity
- retval = FS_MGR_SETUP_VERITY_SKIPPED;
- goto out;
- }
-
- // invalidate root hash and salt to trigger device-specific recovery
- if (invalidate_table(params.table, verity.table_length) < 0) {
- goto out;
- }
- }
-
- LINFO << "Enabling dm-verity for " << mount_point.c_str()
- << " (mode " << params.mode << ")";
-
- // Update the verity params using the actual block device path
- update_verity_table_blk_device(entry->blk_device, ¶ms.table,
- entry->fs_mgr_flags.slot_select);
-
- // load the verity mapping table
- if (load_verity_table(dm, mount_point, verity.data_size, ¶ms, format_verity_table) == 0) {
- goto loaded;
- }
-
- if (params.ecc.valid) {
- // kernel may not support error correction, try without
- LINFO << "Disabling error correction for " << mount_point.c_str();
- params.ecc.valid = false;
-
- if (load_verity_table(dm, mount_point, verity.data_size, ¶ms, format_verity_table) == 0) {
- goto loaded;
- }
- }
-
- // try the legacy format for backwards compatibility
- if (load_verity_table(dm, mount_point, verity.data_size, ¶ms, format_legacy_verity_table) ==
- 0) {
- goto loaded;
- }
-
- if (params.mode != VERITY_MODE_EIO) {
- // as a last resort, EIO mode should always be supported
- LINFO << "Falling back to EIO mode for " << mount_point.c_str();
- params.mode = VERITY_MODE_EIO;
-
- if (load_verity_table(dm, mount_point, verity.data_size, ¶ms,
- format_legacy_verity_table) == 0) {
- goto loaded;
- }
- }
-
- LERROR << "Failed to load verity table for " << mount_point.c_str();
- goto out;
-
-loaded:
- if (!dm.GetDmDevicePathByName(mount_point, &verity_blk_name)) {
- LERROR << "Couldn't get verity device number!";
- goto out;
- }
-
- // mark the underlying block device as read-only
- fs_mgr_set_blk_ro(entry->blk_device);
-
- // Verify the entire partition in one go
- // If there is an error, allow it to mount as a normal verity partition.
- if (entry->fs_mgr_flags.verify_at_boot) {
- LINFO << "Verifying partition " << entry->blk_device << " at boot";
- int err = read_partition(verity_blk_name.c_str(), verity.data_size);
- if (!err) {
- LINFO << "Verified verity partition " << entry->blk_device << " at boot";
- verified_at_boot = true;
- }
- }
-
- // assign the new verity block device as the block device
- if (!verified_at_boot) {
- entry->blk_device = verity_blk_name;
- } else if (!dm.DeleteDevice(mount_point)) {
- LERROR << "Failed to remove verity device " << mount_point.c_str();
- goto out;
- }
-
- // make sure we've set everything up properly
- if (wait_for_verity_dev && !WaitForFile(entry->blk_device, 1s)) {
- goto out;
- }
-
- retval = FS_MGR_SETUP_VERITY_SUCCESS;
-
-out:
- if (fd != -1) {
- close(fd);
- }
-
- fec_close(f);
- free(params.table);
-
- return retval;
-}
-
-bool fs_mgr_teardown_verity(FstabEntry* entry) {
- const std::string mount_point(basename(entry->mount_point.c_str()));
- if (!android::fs_mgr::UnmapDevice(mount_point)) {
- return false;
- }
- LINFO << "Unmapped verity device " << mount_point;
- return true;
-}
diff --git a/fs_mgr/include_fstab/fstab/fstab.h b/fs_mgr/include_fstab/fstab/fstab.h
index 054300e..b831d12 100644
--- a/fs_mgr/include_fstab/fstab/fstab.h
+++ b/fs_mgr/include_fstab/fstab/fstab.h
@@ -63,7 +63,6 @@
bool nonremovable : 1;
bool vold_managed : 1;
bool recovery_only : 1;
- bool verify : 1;
bool no_emulated_sd : 1; // No emulated sdcard daemon; sd card is the only external
// storage.
bool no_trim : 1;
@@ -72,7 +71,6 @@
bool slot_select : 1;
bool late_mount : 1;
bool no_fail : 1;
- bool verify_at_boot : 1;
bool quota : 1;
bool avb : 1;
bool logical : 1;
diff --git a/fs_mgr/libfs_avb/avb_util.cpp b/fs_mgr/libfs_avb/avb_util.cpp
index e913d50..85dbb36 100644
--- a/fs_mgr/libfs_avb/avb_util.cpp
+++ b/fs_mgr/libfs_avb/avb_util.cpp
@@ -35,19 +35,6 @@
namespace android {
namespace fs_mgr {
-std::string GetAvbPropertyDescriptor(const std::string& key,
- const std::vector<VBMetaData>& vbmeta_images) {
- size_t value_size;
- for (const auto& vbmeta : vbmeta_images) {
- const char* value = avb_property_lookup(vbmeta.data(), vbmeta.size(), key.data(),
- key.size(), &value_size);
- if (value != nullptr) {
- return {value, value_size};
- }
- }
- return "";
-}
-
// Constructs dm-verity arguments for sending DM_TABLE_LOAD ioctl to kernel.
// See the following link for more details:
// https://gitlab.com/cryptsetup/cryptsetup/wikis/DMVerity
@@ -130,64 +117,6 @@
return true;
}
-std::unique_ptr<FsAvbHashDescriptor> GetHashDescriptor(
- const std::string& partition_name, const std::vector<VBMetaData>& vbmeta_images) {
- bool found = false;
- const uint8_t* desc_partition_name;
- auto hash_desc = std::make_unique<FsAvbHashDescriptor>();
-
- for (const auto& vbmeta : vbmeta_images) {
- size_t num_descriptors;
- std::unique_ptr<const AvbDescriptor*[], decltype(&avb_free)> descriptors(
- avb_descriptor_get_all(vbmeta.data(), vbmeta.size(), &num_descriptors), avb_free);
-
- if (!descriptors || num_descriptors < 1) {
- continue;
- }
-
- for (size_t n = 0; n < num_descriptors && !found; n++) {
- AvbDescriptor desc;
- if (!avb_descriptor_validate_and_byteswap(descriptors[n], &desc)) {
- LWARNING << "Descriptor[" << n << "] is invalid";
- continue;
- }
- if (desc.tag == AVB_DESCRIPTOR_TAG_HASH) {
- desc_partition_name = (const uint8_t*)descriptors[n] + sizeof(AvbHashDescriptor);
- if (!avb_hash_descriptor_validate_and_byteswap((AvbHashDescriptor*)descriptors[n],
- hash_desc.get())) {
- continue;
- }
- if (hash_desc->partition_name_len != partition_name.length()) {
- continue;
- }
- // Notes that desc_partition_name is not NUL-terminated.
- std::string hash_partition_name((const char*)desc_partition_name,
- hash_desc->partition_name_len);
- if (hash_partition_name == partition_name) {
- found = true;
- }
- }
- }
-
- if (found) break;
- }
-
- if (!found) {
- LERROR << "Hash descriptor not found: " << partition_name;
- return nullptr;
- }
-
- hash_desc->partition_name = partition_name;
-
- const uint8_t* desc_salt = desc_partition_name + hash_desc->partition_name_len;
- hash_desc->salt = BytesToHex(desc_salt, hash_desc->salt_len);
-
- const uint8_t* desc_digest = desc_salt + hash_desc->salt_len;
- hash_desc->digest = BytesToHex(desc_digest, hash_desc->digest_len);
-
- return hash_desc;
-}
-
std::unique_ptr<FsAvbHashtreeDescriptor> GetHashtreeDescriptor(
const std::string& partition_name, const std::vector<VBMetaData>& vbmeta_images) {
bool found = false;
diff --git a/fs_mgr/libfs_avb/avb_util.h b/fs_mgr/libfs_avb/avb_util.h
index e8f7c39..7941c70 100644
--- a/fs_mgr/libfs_avb/avb_util.h
+++ b/fs_mgr/libfs_avb/avb_util.h
@@ -37,12 +37,6 @@
: partition_name(chain_partition_name), public_key_blob(chain_public_key_blob) {}
};
-std::string GetAvbPropertyDescriptor(const std::string& key,
- const std::vector<VBMetaData>& vbmeta_images);
-
-std::unique_ptr<FsAvbHashDescriptor> GetHashDescriptor(
- const std::string& partition_name, const std::vector<VBMetaData>& vbmeta_images);
-
// AvbHashtreeDescriptor to dm-verity table setup.
std::unique_ptr<FsAvbHashtreeDescriptor> GetHashtreeDescriptor(
const std::string& partition_name, const std::vector<VBMetaData>& vbmeta_images);
diff --git a/fs_mgr/libfs_avb/fs_avb.cpp b/fs_mgr/libfs_avb/fs_avb.cpp
index 1da7117..a288876 100644
--- a/fs_mgr/libfs_avb/fs_avb.cpp
+++ b/fs_mgr/libfs_avb/fs_avb.cpp
@@ -37,6 +37,7 @@
#include "avb_ops.h"
#include "avb_util.h"
+#include "fs_avb/fs_avb_util.h"
#include "sha.h"
#include "util.h"
diff --git a/fs_mgr/libfs_avb/fs_avb_util.cpp b/fs_mgr/libfs_avb/fs_avb_util.cpp
index 1c14cc0..5326226 100644
--- a/fs_mgr/libfs_avb/fs_avb_util.cpp
+++ b/fs_mgr/libfs_avb/fs_avb_util.cpp
@@ -74,6 +74,64 @@
return GetHashtreeDescriptor(avb_partition_name, vbmeta_images);
}
+std::unique_ptr<FsAvbHashDescriptor> GetHashDescriptor(
+ const std::string& partition_name, const std::vector<VBMetaData>& vbmeta_images) {
+ bool found = false;
+ const uint8_t* desc_partition_name;
+ auto hash_desc = std::make_unique<FsAvbHashDescriptor>();
+
+ for (const auto& vbmeta : vbmeta_images) {
+ size_t num_descriptors;
+ std::unique_ptr<const AvbDescriptor*[], decltype(&avb_free)> descriptors(
+ avb_descriptor_get_all(vbmeta.data(), vbmeta.size(), &num_descriptors), avb_free);
+
+ if (!descriptors || num_descriptors < 1) {
+ continue;
+ }
+
+ for (size_t n = 0; n < num_descriptors && !found; n++) {
+ AvbDescriptor desc;
+ if (!avb_descriptor_validate_and_byteswap(descriptors[n], &desc)) {
+ LWARNING << "Descriptor[" << n << "] is invalid";
+ continue;
+ }
+ if (desc.tag == AVB_DESCRIPTOR_TAG_HASH) {
+ desc_partition_name = (const uint8_t*)descriptors[n] + sizeof(AvbHashDescriptor);
+ if (!avb_hash_descriptor_validate_and_byteswap((AvbHashDescriptor*)descriptors[n],
+ hash_desc.get())) {
+ continue;
+ }
+ if (hash_desc->partition_name_len != partition_name.length()) {
+ continue;
+ }
+ // Notes that desc_partition_name is not NUL-terminated.
+ std::string hash_partition_name((const char*)desc_partition_name,
+ hash_desc->partition_name_len);
+ if (hash_partition_name == partition_name) {
+ found = true;
+ }
+ }
+ }
+
+ if (found) break;
+ }
+
+ if (!found) {
+ LERROR << "Hash descriptor not found: " << partition_name;
+ return nullptr;
+ }
+
+ hash_desc->partition_name = partition_name;
+
+ const uint8_t* desc_salt = desc_partition_name + hash_desc->partition_name_len;
+ hash_desc->salt = BytesToHex(desc_salt, hash_desc->salt_len);
+
+ const uint8_t* desc_digest = desc_salt + hash_desc->salt_len;
+ hash_desc->digest = BytesToHex(desc_digest, hash_desc->digest_len);
+
+ return hash_desc;
+}
+
// Given a path, loads and verifies the vbmeta, to extract the Avb Hash descriptor.
std::unique_ptr<FsAvbHashDescriptor> GetHashDescriptor(const std::string& avb_partition_name,
VBMetaData&& vbmeta) {
@@ -84,5 +142,18 @@
return GetHashDescriptor(avb_partition_name, vbmeta_images);
}
+std::string GetAvbPropertyDescriptor(const std::string& key,
+ const std::vector<VBMetaData>& vbmeta_images) {
+ size_t value_size;
+ for (const auto& vbmeta : vbmeta_images) {
+ const char* value = avb_property_lookup(vbmeta.data(), vbmeta.size(), key.data(),
+ key.size(), &value_size);
+ if (value != nullptr) {
+ return {value, value_size};
+ }
+ }
+ return "";
+}
+
} // namespace fs_mgr
} // namespace android
diff --git a/fs_mgr/libfs_avb/include/fs_avb/fs_avb_util.h b/fs_mgr/libfs_avb/include/fs_avb/fs_avb_util.h
index 3f37bd7..1b15db7 100644
--- a/fs_mgr/libfs_avb/include/fs_avb/fs_avb_util.h
+++ b/fs_mgr/libfs_avb/include/fs_avb/fs_avb_util.h
@@ -43,9 +43,15 @@
std::unique_ptr<FsAvbHashtreeDescriptor> GetHashtreeDescriptor(
const std::string& avb_partition_name, VBMetaData&& vbmeta);
+std::unique_ptr<FsAvbHashDescriptor> GetHashDescriptor(
+ const std::string& partition_name, const std::vector<VBMetaData>& vbmeta_images);
+
// Gets the hash descriptor for avb_partition_name from the vbmeta.
std::unique_ptr<FsAvbHashDescriptor> GetHashDescriptor(const std::string& avb_partition_name,
VBMetaData&& vbmeta);
+std::string GetAvbPropertyDescriptor(const std::string& key,
+ const std::vector<VBMetaData>& vbmeta_images);
+
} // namespace fs_mgr
} // namespace android
diff --git a/fs_mgr/libfs_avb/run_tests.sh b/fs_mgr/libfs_avb/run_tests.sh
index 5d2ce3d..3e945a4 100755
--- a/fs_mgr/libfs_avb/run_tests.sh
+++ b/fs_mgr/libfs_avb/run_tests.sh
@@ -1,8 +1,13 @@
#!/bin/sh
#
# Run host tests
-atest libfs_avb_test # Tests public libfs_avb APIs.
-atest libfs_avb_internal_test # Tests libfs_avb private APIs.
+atest --host libfs_avb_test # Tests public libfs_avb APIs.
+
+# Tests libfs_avb private APIs.
+# The tests need more time to finish, so increase the timeout to 5 mins.
+# The default timeout is only 60 seconds.
+atest --host libfs_avb_internal_test -- --test-arg \
+ com.android.tradefed.testtype.HostGTest:native-test-timeout:5m
# Run device tests
atest libfs_avb_device_test # Test public libfs_avb APIs on a device.
diff --git a/fs_mgr/libfs_avb/tests/avb_util_test.cpp b/fs_mgr/libfs_avb/tests/avb_util_test.cpp
index 6f874a6..2e34920 100644
--- a/fs_mgr/libfs_avb/tests/avb_util_test.cpp
+++ b/fs_mgr/libfs_avb/tests/avb_util_test.cpp
@@ -23,6 +23,7 @@
#include <libavb/libavb.h>
#include "avb_util.h"
+#include "fs_avb/fs_avb_util.h"
#include "fs_avb_test_util.h"
// Target classes or functions to test:
diff --git a/fs_mgr/libsnapshot/cow_reader.cpp b/fs_mgr/libsnapshot/cow_reader.cpp
index 20030b9..9b5fd2a 100644
--- a/fs_mgr/libsnapshot/cow_reader.cpp
+++ b/fs_mgr/libsnapshot/cow_reader.cpp
@@ -475,10 +475,7 @@
std::sort(other_ops.begin(), other_ops.end(), std::greater<int>());
}
- merge_op_blocks->reserve(merge_op_blocks->size() + other_ops.size());
- for (auto block : other_ops) {
- merge_op_blocks->emplace_back(block);
- }
+ merge_op_blocks->insert(merge_op_blocks->end(), other_ops.begin(), other_ops.end());
num_total_data_ops_ = merge_op_blocks->size();
if (header_.num_merge_ops > 0) {
diff --git a/fs_mgr/libsnapshot/include/libsnapshot/snapshot.h b/fs_mgr/libsnapshot/include/libsnapshot/snapshot.h
index 41c6ef5..120f95b 100644
--- a/fs_mgr/libsnapshot/include/libsnapshot/snapshot.h
+++ b/fs_mgr/libsnapshot/include/libsnapshot/snapshot.h
@@ -396,6 +396,17 @@
DM_USER,
};
+ // Add new public entries above this line.
+
+ // Helpers for failure injection.
+ using MergeConsistencyChecker =
+ std::function<MergeFailureCode(const std::string& name, const SnapshotStatus& status)>;
+
+ void set_merge_consistency_checker(MergeConsistencyChecker checker) {
+ merge_consistency_checker_ = checker;
+ }
+ MergeConsistencyChecker merge_consistency_checker() const { return merge_consistency_checker_; }
+
private:
FRIEND_TEST(SnapshotTest, CleanFirstStageMount);
FRIEND_TEST(SnapshotTest, CreateSnapshot);
@@ -410,6 +421,7 @@
FRIEND_TEST(SnapshotTest, NoMergeBeforeReboot);
FRIEND_TEST(SnapshotTest, UpdateBootControlHal);
FRIEND_TEST(SnapshotUpdateTest, AddPartition);
+ FRIEND_TEST(SnapshotUpdateTest, ConsistencyCheckResume);
FRIEND_TEST(SnapshotUpdateTest, DaemonTransition);
FRIEND_TEST(SnapshotUpdateTest, DataWipeAfterRollback);
FRIEND_TEST(SnapshotUpdateTest, DataWipeRollbackInRecovery);
@@ -811,6 +823,7 @@
std::unique_ptr<SnapuserdClient> snapuserd_client_;
std::unique_ptr<LpMetadata> old_partition_metadata_;
std::optional<bool> is_snapshot_userspace_;
+ MergeConsistencyChecker merge_consistency_checker_;
};
} // namespace snapshot
diff --git a/fs_mgr/libsnapshot/snapshot.cpp b/fs_mgr/libsnapshot/snapshot.cpp
index e6e17bd..18a9d22 100644
--- a/fs_mgr/libsnapshot/snapshot.cpp
+++ b/fs_mgr/libsnapshot/snapshot.cpp
@@ -87,6 +87,8 @@
static constexpr char kRollbackIndicatorPath[] = "/metadata/ota/rollback-indicator";
static constexpr auto kUpdateStateCheckInterval = 2s;
+MergeFailureCode CheckMergeConsistency(const std::string& name, const SnapshotStatus& status);
+
// Note: IImageManager is an incomplete type in the header, so the default
// destructor doesn't work.
SnapshotManager::~SnapshotManager() {}
@@ -116,7 +118,9 @@
}
SnapshotManager::SnapshotManager(IDeviceInfo* device)
- : dm_(device->GetDeviceMapper()), device_(device), metadata_dir_(device_->GetMetadataDir()) {}
+ : dm_(device->GetDeviceMapper()), device_(device), metadata_dir_(device_->GetMetadataDir()) {
+ merge_consistency_checker_ = android::snapshot::CheckMergeConsistency;
+}
static std::string GetCowName(const std::string& snapshot_name) {
return snapshot_name + "-cow";
@@ -1329,14 +1333,20 @@
const SnapshotStatus& status) {
CHECK(lock);
+ return merge_consistency_checker_(name, status);
+}
+
+MergeFailureCode CheckMergeConsistency(const std::string& name, const SnapshotStatus& status) {
if (!status.compression_enabled()) {
// Do not try to verify old-style COWs yet.
return MergeFailureCode::Ok;
}
+ auto& dm = DeviceMapper::Instance();
+
std::string cow_image_name = GetMappedCowDeviceName(name, status);
std::string cow_image_path;
- if (!dm_.GetDmDevicePathByName(cow_image_name, &cow_image_path)) {
+ if (!dm.GetDmDevicePathByName(cow_image_name, &cow_image_path)) {
LOG(ERROR) << "Failed to get path for cow device: " << cow_image_name;
return MergeFailureCode::GetCowPathConsistencyCheck;
}
@@ -1400,9 +1410,11 @@
}
SnapshotUpdateStatus update_status = ReadSnapshotUpdateStatus(lock);
- CHECK(update_status.state() == UpdateState::Merging);
+ CHECK(update_status.state() == UpdateState::Merging ||
+ update_status.state() == UpdateState::MergeFailed);
CHECK(update_status.merge_phase() == MergePhase::FIRST_PHASE);
+ update_status.set_state(UpdateState::Merging);
update_status.set_merge_phase(MergePhase::SECOND_PHASE);
if (!WriteSnapshotUpdateStatus(lock, update_status)) {
return MergeFailureCode::WriteStatus;
diff --git a/fs_mgr/libsnapshot/snapshot_test.cpp b/fs_mgr/libsnapshot/snapshot_test.cpp
index 14f2d45..11cebe1 100644
--- a/fs_mgr/libsnapshot/snapshot_test.cpp
+++ b/fs_mgr/libsnapshot/snapshot_test.cpp
@@ -1394,6 +1394,93 @@
}
}
+// Test that a transient merge consistency check failure can resume properly.
+TEST_F(SnapshotUpdateTest, ConsistencyCheckResume) {
+ if (!ShouldUseCompression()) {
+ // b/179111359
+ GTEST_SKIP() << "Skipping Virtual A/B Compression test";
+ }
+
+ auto old_sys_size = GetSize(sys_);
+ auto old_prd_size = GetSize(prd_);
+
+ // Grow |sys| but shrink |prd|.
+ SetSize(sys_, old_sys_size * 2);
+ sys_->set_estimate_cow_size(8_MiB);
+ SetSize(prd_, old_prd_size / 2);
+ prd_->set_estimate_cow_size(1_MiB);
+
+ AddOperationForPartitions();
+
+ ASSERT_TRUE(sm->BeginUpdate());
+ ASSERT_TRUE(sm->CreateUpdateSnapshots(manifest_));
+ ASSERT_TRUE(WriteSnapshotAndHash("sys_b"));
+ ASSERT_TRUE(WriteSnapshotAndHash("vnd_b"));
+ ASSERT_TRUE(ShiftAllSnapshotBlocks("prd_b", old_prd_size));
+
+ sync();
+
+ // Assert that source partitions aren't affected.
+ for (const auto& name : {"sys_a", "vnd_a", "prd_a"}) {
+ ASSERT_TRUE(IsPartitionUnchanged(name));
+ }
+
+ ASSERT_TRUE(sm->FinishedSnapshotWrites(false));
+
+ // Simulate shutting down the device.
+ ASSERT_TRUE(UnmapAll());
+
+ // After reboot, init does first stage mount.
+ auto init = NewManagerForFirstStageMount("_b");
+ ASSERT_NE(init, nullptr);
+ ASSERT_TRUE(init->NeedSnapshotsInFirstStageMount());
+ ASSERT_TRUE(init->CreateLogicalAndSnapshotPartitions("super", snapshot_timeout_));
+
+ // Check that the target partitions have the same content.
+ for (const auto& name : {"sys_b", "vnd_b", "prd_b"}) {
+ ASSERT_TRUE(IsPartitionUnchanged(name));
+ }
+
+ auto old_checker = init->merge_consistency_checker();
+
+ init->set_merge_consistency_checker(
+ [](const std::string&, const SnapshotStatus&) -> MergeFailureCode {
+ return MergeFailureCode::WrongMergeCountConsistencyCheck;
+ });
+
+ // Initiate the merge and wait for it to be completed.
+ ASSERT_TRUE(init->InitiateMerge());
+ ASSERT_EQ(init->IsSnapuserdRequired(), ShouldUseUserspaceSnapshots());
+ {
+ // Check that the merge phase is FIRST_PHASE until at least one call
+ // to ProcessUpdateState() occurs.
+ ASSERT_TRUE(AcquireLock());
+ auto local_lock = std::move(lock_);
+ auto status = init->ReadSnapshotUpdateStatus(local_lock.get());
+ ASSERT_EQ(status.merge_phase(), MergePhase::FIRST_PHASE);
+ }
+
+ // Merge should have failed.
+ ASSERT_EQ(UpdateState::MergeFailed, init->ProcessUpdateState());
+
+ // Simulate shutting down the device and creating partitions again.
+ ASSERT_TRUE(UnmapAll());
+
+ // Restore the checker.
+ init->set_merge_consistency_checker(std::move(old_checker));
+
+ ASSERT_TRUE(init->CreateLogicalAndSnapshotPartitions("super", snapshot_timeout_));
+
+ // Complete the merge.
+ ASSERT_EQ(UpdateState::MergeCompleted, init->ProcessUpdateState());
+
+ // Check that the target partitions have the same content after the merge.
+ for (const auto& name : {"sys_b", "vnd_b", "prd_b"}) {
+ ASSERT_TRUE(IsPartitionUnchanged(name))
+ << "Content of " << name << " changes after the merge";
+ }
+}
+
// Test that if new system partitions uses empty space in super, that region is not snapshotted.
TEST_F(SnapshotUpdateTest, DirectWriteEmptySpace) {
GTEST_SKIP() << "b/141889746";
diff --git a/fs_mgr/tests/fs_mgr_test.cpp b/fs_mgr/tests/fs_mgr_test.cpp
index d631d7a..eccb902 100644
--- a/fs_mgr/tests/fs_mgr_test.cpp
+++ b/fs_mgr/tests/fs_mgr_test.cpp
@@ -192,7 +192,6 @@
lhs.nonremovable == rhs.nonremovable &&
lhs.vold_managed == rhs.vold_managed &&
lhs.recovery_only == rhs.recovery_only &&
- lhs.verify == rhs.verify &&
lhs.no_emulated_sd == rhs.no_emulated_sd &&
lhs.no_trim == rhs.no_trim &&
lhs.file_encryption == rhs.file_encryption &&
@@ -200,7 +199,6 @@
lhs.slot_select == rhs.slot_select &&
lhs.late_mount == rhs.late_mount &&
lhs.no_fail == rhs.no_fail &&
- lhs.verify_at_boot == rhs.verify_at_boot &&
lhs.quota == rhs.quota &&
lhs.avb == rhs.avb &&
lhs.logical == rhs.logical &&
@@ -409,7 +407,7 @@
TemporaryFile tf;
ASSERT_TRUE(tf.fd != -1);
std::string fstab_contents = R"fs(
-source none0 swap defaults wait,check,nonremovable,recoveryonly,verifyatboot,verify
+source none0 swap defaults wait,check,nonremovable,recoveryonly
source none1 swap defaults avb,noemulatedsd,notrim,formattable,nofail
source none2 swap defaults first_stage_mount,latemount,quota,logical
source none3 swap defaults checkpoint=block
@@ -430,8 +428,6 @@
flags.check = true;
flags.nonremovable = true;
flags.recovery_only = true;
- flags.verify_at_boot = true;
- flags.verify = true;
EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
}
diff --git a/healthd/OWNERS b/healthd/OWNERS
index d3f8758..e64c33d 100644
--- a/healthd/OWNERS
+++ b/healthd/OWNERS
@@ -1,2 +1 @@
elsk@google.com
-hridya@google.com
diff --git a/init/first_stage_mount.cpp b/init/first_stage_mount.cpp
index ada5a47..042988e 100644
--- a/init/first_stage_mount.cpp
+++ b/init/first_stage_mount.cpp
@@ -191,8 +191,6 @@
auto& dm = android::dm::DeviceMapper::Instance();
if (dm.GetState("vroot") != android::dm::DmDeviceState::INVALID) {
root_entry->fs_mgr_flags.avb = true;
- } else {
- root_entry->fs_mgr_flags.verify = true;
}
return true;
}
diff --git a/libcutils/fs_config.cpp b/libcutils/fs_config.cpp
index e9497a8..a6835fc 100644
--- a/libcutils/fs_config.cpp
+++ b/libcutils/fs_config.cpp
@@ -211,6 +211,7 @@
{ 00755, AID_ROOT, AID_ROOT, 0, "first_stage_ramdisk/system/bin/resize2fs" },
{ 00755, AID_ROOT, AID_ROOT, 0, "first_stage_ramdisk/system/bin/snapuserd" },
{ 00755, AID_ROOT, AID_ROOT, 0, "first_stage_ramdisk/system/bin/tune2fs" },
+ { 00755, AID_ROOT, AID_ROOT, 0, "first_stage_ramdisk/system/bin/fsck.f2fs" },
// generic defaults
{ 00755, AID_ROOT, AID_ROOT, 0, "bin/*" },
{ 00640, AID_ROOT, AID_SHELL, 0, "fstab.*" },
diff --git a/libqtaguid/Android.bp b/libqtaguid/Android.bp
deleted file mode 100644
index 64db095..0000000
--- a/libqtaguid/Android.bp
+++ /dev/null
@@ -1,60 +0,0 @@
-//
-// Copyright (C) 2017 The Android Open Source Project
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-//
-
-package {
- default_applicable_licenses: ["Android-Apache-2.0"],
-}
-
-cc_library_headers {
- name: "libqtaguid_headers",
- vendor_available: false,
- host_supported: false,
- export_include_dirs: ["include"],
- target: {
- linux_bionic: {
- enabled: true,
- },
- },
-}
-
-cc_library {
- name: "libqtaguid",
- vendor_available: false,
- host_supported: false,
- target: {
- android: {
- srcs: [
- "qtaguid.c",
- ],
- sanitize: {
- misc_undefined: ["integer"],
- },
- },
- },
-
- shared_libs: ["liblog"],
- header_libs: [
- "libqtaguid_headers",
- ],
- export_header_lib_headers: ["libqtaguid_headers"],
- local_include_dirs: ["include"],
-
- cflags: [
- "-Werror",
- "-Wall",
- "-Wextra",
- ],
-}
diff --git a/libqtaguid/include/qtaguid/qtaguid.h b/libqtaguid/include/qtaguid/qtaguid.h
deleted file mode 100644
index 72285e5..0000000
--- a/libqtaguid/include/qtaguid/qtaguid.h
+++ /dev/null
@@ -1,62 +0,0 @@
-/*
- * Copyright (C) 2011 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __LEGACY_QTAGUID_H
-#define __LEGACY_QTAGUID_H
-
-#include <stdint.h>
-#include <sys/types.h>
-#include <unistd.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/*
- * Set tags (and owning UIDs) for network sockets. The socket must be untagged
- * by calling qtaguid_untagSocket() before closing it, otherwise the qtaguid
- * module will keep a reference to it even after close.
- */
-extern int legacy_tagSocket(int sockfd, int tag, uid_t uid);
-
-/*
- * Untag a network socket before closing.
- */
-extern int legacy_untagSocket(int sockfd);
-
-/*
- * For the given uid, switch counter sets.
- * The kernel only keeps a limited number of sets.
- * 2 for now.
- */
-extern int legacy_setCounterSet(int counterSetNum, uid_t uid);
-
-/*
- * Delete all tag info that relates to the given tag an uid.
- * If the tag is 0, then ALL info about the uid is freeded.
- * The delete data also affects active tagged socketd, which are
- * then untagged.
- * The calling process can only operate on its own tags.
- * Unless it is part of the happy AID_NET_BW_ACCT group.
- * In which case it can clobber everything.
- */
-extern int legacy_deleteTagData(int tag, uid_t uid);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* __LEGACY_QTAGUID_H */
diff --git a/libqtaguid/qtaguid.c b/libqtaguid/qtaguid.c
deleted file mode 100644
index cd38bad..0000000
--- a/libqtaguid/qtaguid.c
+++ /dev/null
@@ -1,143 +0,0 @@
-/*
-** Copyright 2011, The Android Open Source Project
-**
-** Licensed under the Apache License, Version 2.0 (the "License");
-** you may not use this file except in compliance with the License.
-** You may obtain a copy of the License at
-**
-** http://www.apache.org/licenses/LICENSE-2.0
-**
-** Unless required by applicable law or agreed to in writing, software
-** distributed under the License is distributed on an "AS IS" BASIS,
-** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-** See the License for the specific language governing permissions and
-** limitations under the License.
-*/
-
-// #define LOG_NDEBUG 0
-
-#define LOG_TAG "qtaguid"
-
-#include <errno.h>
-#include <fcntl.h>
-#include <inttypes.h>
-#include <pthread.h>
-#include <stdio.h>
-#include <string.h>
-#include <unistd.h>
-
-#include <log/log.h>
-#include <qtaguid/qtaguid.h>
-
-static const char* CTRL_PROCPATH = "/proc/net/xt_qtaguid/ctrl";
-static const int CTRL_MAX_INPUT_LEN = 128;
-
-/*
- * One per proccess.
- * Once the device is open, this process will have its socket tags tracked.
- * And on exit or untimely death, all socket tags will be removed.
- * A process can only open /dev/xt_qtaguid once.
- * It should not close it unless it is really done with all the socket tags.
- * Failure to open it will be visible when socket tagging will be attempted.
- */
-static int resTrackFd = -1;
-pthread_once_t resTrackInitDone = PTHREAD_ONCE_INIT;
-
-/* Only call once per process. */
-void legacy_resTrack(void) {
- resTrackFd = TEMP_FAILURE_RETRY(open("/dev/xt_qtaguid", O_RDONLY | O_CLOEXEC));
-}
-
-/*
- * Returns:
- * 0 on success.
- * -errno on failure.
- */
-static int write_ctrl(const char* cmd) {
- int fd, res, savedErrno;
-
- ALOGV("write_ctrl(%s)", cmd);
-
- fd = TEMP_FAILURE_RETRY(open(CTRL_PROCPATH, O_WRONLY | O_CLOEXEC));
- if (fd < 0) {
- return -errno;
- }
-
- res = TEMP_FAILURE_RETRY(write(fd, cmd, strlen(cmd)));
- if (res < 0) {
- savedErrno = errno;
- } else {
- savedErrno = 0;
- }
- if (res < 0) {
- // ALOGV is enough because all the callers also log failures
- ALOGV("Failed write_ctrl(%s) res=%d errno=%d", cmd, res, savedErrno);
- }
- close(fd);
- return -savedErrno;
-}
-
-int legacy_tagSocket(int sockfd, int tag, uid_t uid) {
- char lineBuf[CTRL_MAX_INPUT_LEN];
- int res;
- uint64_t kTag = ((uint64_t)tag << 32);
-
- pthread_once(&resTrackInitDone, legacy_resTrack);
-
- snprintf(lineBuf, sizeof(lineBuf), "t %d %" PRIu64 " %d", sockfd, kTag, uid);
-
- ALOGV("Tagging socket %d with tag %" PRIx64 "{%u,0} for uid %d", sockfd, kTag, tag, uid);
-
- res = write_ctrl(lineBuf);
- if (res < 0) {
- ALOGI("Tagging socket %d with tag %" PRIx64 "(%d) for uid %d failed errno=%d", sockfd, kTag,
- tag, uid, res);
- }
-
- return res;
-}
-
-int legacy_untagSocket(int sockfd) {
- char lineBuf[CTRL_MAX_INPUT_LEN];
- int res;
-
- ALOGV("Untagging socket %d", sockfd);
-
- snprintf(lineBuf, sizeof(lineBuf), "u %d", sockfd);
- res = write_ctrl(lineBuf);
- if (res < 0) {
- ALOGI("Untagging socket %d failed errno=%d", sockfd, res);
- }
-
- return res;
-}
-
-int legacy_setCounterSet(int counterSetNum, uid_t uid) {
- char lineBuf[CTRL_MAX_INPUT_LEN];
- int res;
-
- ALOGV("Setting counters to set %d for uid %d", counterSetNum, uid);
-
- snprintf(lineBuf, sizeof(lineBuf), "s %d %d", counterSetNum, uid);
- res = write_ctrl(lineBuf);
- return res;
-}
-
-int legacy_deleteTagData(int tag, uid_t uid) {
- char lineBuf[CTRL_MAX_INPUT_LEN];
- int cnt = 0, res = 0;
- uint64_t kTag = (uint64_t)tag << 32;
-
- ALOGV("Deleting tag data with tag %" PRIx64 "{%d,0} for uid %d", kTag, tag, uid);
-
- pthread_once(&resTrackInitDone, legacy_resTrack);
-
- snprintf(lineBuf, sizeof(lineBuf), "d %" PRIu64 " %d", kTag, uid);
- res = write_ctrl(lineBuf);
- if (res < 0) {
- ALOGI("Deleting tag data with tag %" PRIx64 "/%d for uid %d failed with cnt=%d errno=%d",
- kTag, tag, uid, cnt, errno);
- }
-
- return res;
-}
diff --git a/libsync/OWNERS b/libsync/OWNERS
index e75b15b..8f69e50 100644
--- a/libsync/OWNERS
+++ b/libsync/OWNERS
@@ -1,3 +1,2 @@
chrisforbes@google.com
-hridya@google.com
jessehall@google.com
diff --git a/libutils/Android.bp b/libutils/Android.bp
index 9d17ff5..234638b 100644
--- a/libutils/Android.bp
+++ b/libutils/Android.bp
@@ -179,6 +179,8 @@
"//apex_available:platform",
],
min_sdk_version: "apex_inherit",
+
+ afdo: true,
}
cc_library {
diff --git a/rootdir/Android.mk b/rootdir/Android.mk
index ce2ec0e..2ed9eec 100644
--- a/rootdir/Android.mk
+++ b/rootdir/Android.mk
@@ -75,9 +75,14 @@
EXPORT_GLOBAL_GCOV_OPTIONS := export GCOV_PREFIX /data/misc/trace
endif
-EXPORT_GLOBAL_CLANG_COVERAGE_OPTIONS :=
ifeq ($(CLANG_COVERAGE),true)
- EXPORT_GLOBAL_CLANG_COVERAGE_OPTIONS := export LLVM_PROFILE_FILE /data/misc/trace/clang-%20m.profraw
+ ifeq ($(BIONIC_COVERAGE),false)
+ # http://b/210012154 Disable continuous coverage if instrumentation is on
+ # for bionic/libc
+ EXPORT_GLOBAL_CLANG_COVERAGE_OPTIONS := export LLVM_PROFILE_FILE /data/misc/trace/clang%c-%20m.profraw
+ else
+ EXPORT_GLOBAL_CLANG_COVERAGE_OPTIONS := export LLVM_PROFILE_FILE /data/misc/trace/clang-%20m.profraw
+ endif
endif
# Put it here instead of in init.rc module definition,
diff --git a/rootdir/avb/Android.bp b/rootdir/avb/Android.bp
deleted file mode 100644
index cfc59a7..0000000
--- a/rootdir/avb/Android.bp
+++ /dev/null
@@ -1,31 +0,0 @@
-package {
- default_applicable_licenses: ["Android-Apache-2.0"],
-}
-
-filegroup {
- name: "q-gsi_avbpubkey",
- srcs: [
- "q-gsi.avbpubkey",
- ],
-}
-
-filegroup {
- name: "r-gsi_avbpubkey",
- srcs: [
- "r-gsi.avbpubkey",
- ],
-}
-
-filegroup {
- name: "s-gsi_avbpubkey",
- srcs: [
- "s-gsi.avbpubkey",
- ],
-}
-
-filegroup {
- name: "qcar-gsi_avbpubkey",
- srcs: [
- "qcar-gsi.avbpubkey",
- ],
-}
diff --git a/rootdir/avb/Android.mk b/rootdir/avb/Android.mk
index 647cfa2..8cf3172 100644
--- a/rootdir/avb/Android.mk
+++ b/rootdir/avb/Android.mk
@@ -15,19 +15,6 @@
endif
#######################################
-# q-gsi.avbpubkey
-include $(CLEAR_VARS)
-
-LOCAL_MODULE := q-gsi.avbpubkey
-LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0
-LOCAL_LICENSE_CONDITIONS := notice
-LOCAL_MODULE_CLASS := ETC
-LOCAL_SRC_FILES := $(LOCAL_MODULE)
-LOCAL_MODULE_PATH := $(my_gsi_avb_keys_path)
-
-include $(BUILD_PREBUILT)
-
-#######################################
# q-developer-gsi.avbpubkey
include $(CLEAR_VARS)
@@ -41,19 +28,6 @@
include $(BUILD_PREBUILT)
#######################################
-# r-gsi.avbpubkey
-include $(CLEAR_VARS)
-
-LOCAL_MODULE := r-gsi.avbpubkey
-LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0
-LOCAL_LICENSE_CONDITIONS := notice
-LOCAL_MODULE_CLASS := ETC
-LOCAL_SRC_FILES := $(LOCAL_MODULE)
-LOCAL_MODULE_PATH := $(my_gsi_avb_keys_path)
-
-include $(BUILD_PREBUILT)
-
-#######################################
# r-developer-gsi.avbpubkey
include $(CLEAR_VARS)
@@ -67,19 +41,6 @@
include $(BUILD_PREBUILT)
#######################################
-# s-gsi.avbpubkey
-include $(CLEAR_VARS)
-
-LOCAL_MODULE := s-gsi.avbpubkey
-LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0
-LOCAL_LICENSE_CONDITIONS := notice
-LOCAL_MODULE_CLASS := ETC
-LOCAL_SRC_FILES := $(LOCAL_MODULE)
-LOCAL_MODULE_PATH := $(my_gsi_avb_keys_path)
-
-include $(BUILD_PREBUILT)
-
-#######################################
# s-developer-gsi.avbpubkey
include $(CLEAR_VARS)
@@ -92,17 +53,4 @@
include $(BUILD_PREBUILT)
-#######################################
-# qcar-gsi.avbpubkey
-include $(CLEAR_VARS)
-
-LOCAL_MODULE := qcar-gsi.avbpubkey
-LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0
-LOCAL_LICENSE_CONDITIONS := notice
-LOCAL_MODULE_CLASS := ETC
-LOCAL_SRC_FILES := $(LOCAL_MODULE)
-LOCAL_MODULE_PATH := $(my_gsi_avb_keys_path)
-
-include $(BUILD_PREBUILT)
-
my_gsi_avb_keys_path :=
diff --git a/rootdir/avb/q-gsi.avbpubkey b/rootdir/avb/q-gsi.avbpubkey
deleted file mode 100644
index 5ed7543..0000000
--- a/rootdir/avb/q-gsi.avbpubkey
+++ /dev/null
Binary files differ
diff --git a/rootdir/avb/qcar-gsi.avbpubkey b/rootdir/avb/qcar-gsi.avbpubkey
deleted file mode 100644
index ce56646..0000000
--- a/rootdir/avb/qcar-gsi.avbpubkey
+++ /dev/null
Binary files differ
diff --git a/rootdir/avb/r-gsi.avbpubkey b/rootdir/avb/r-gsi.avbpubkey
deleted file mode 100644
index 2609b30..0000000
--- a/rootdir/avb/r-gsi.avbpubkey
+++ /dev/null
Binary files differ
diff --git a/rootdir/avb/s-gsi.avbpubkey b/rootdir/avb/s-gsi.avbpubkey
deleted file mode 100644
index 9065fb8..0000000
--- a/rootdir/avb/s-gsi.avbpubkey
+++ /dev/null
Binary files differ
diff --git a/rootdir/init.rc b/rootdir/init.rc
index 42545d9..cd73498 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -914,6 +914,9 @@
exec - media_rw media_rw -- /system/bin/chattr +F /data/media
mkdir /data/media/obb 0770 media_rw media_rw encryption=Attempt
+ # Create directories for boot animation.
+ mkdir /data/bootanim 0755 system system encryption=None
+
exec_start derive_sdk
init_user0
diff --git a/set-verity-state/set-verity-state.cpp b/set-verity-state/set-verity-state.cpp
index 0a26aba..52a7f74 100644
--- a/set-verity-state/set-verity-state.cpp
+++ b/set-verity-state/set-verity-state.cpp
@@ -244,25 +244,6 @@
any_changed = true;
}
avb_ops_user_free(ops);
- } else {
- // Not using AVB - assume VB1.0.
-
- // read all fstab entries at once from all sources
- android::fs_mgr::Fstab fstab;
- if (!android::fs_mgr::ReadDefaultFstab(&fstab)) {
- printf("Failed to read fstab\n");
- suggest_run_adb_root();
- return 0;
- }
-
- // Loop through entries looking for ones that verity manages.
- for (const auto& entry : fstab) {
- if (entry.fs_mgr_flags.verify) {
- if (set_verity_enabled_state(entry.blk_device.c_str(), entry.mount_point.c_str(), enable)) {
- any_changed = true;
- }
- }
- }
}
if (!any_changed) any_changed = overlayfs_setup(enable);