Merge "Add tombstone_handler for crashes in Microdroid"
diff --git a/debuggerd/crasher/arm/crashglue.S b/debuggerd/crasher/arm/crashglue.S
index 8649056..e4adf40 100644
--- a/debuggerd/crasher/arm/crashglue.S
+++ b/debuggerd/crasher/arm/crashglue.S
@@ -1,6 +1,10 @@
.globl crash1
.type crash1, %function
crash1:
+ .cfi_startproc
+ push {lr}
+ .cfi_def_cfa_offset 4
+ .cfi_rel_offset lr, 0
ldr r0, =0xa5a50000
ldr r1, =0xa5a50001
ldr r2, =0xa5a50002
@@ -15,48 +19,19 @@
ldr r11, =0xa5a50011
ldr r12, =0xa5a50012
-
- fconstd d0, #0
- fconstd d1, #1
- fconstd d2, #2
- fconstd d3, #3
- fconstd d4, #4
- fconstd d5, #5
- fconstd d6, #6
- fconstd d7, #7
- fconstd d8, #8
- fconstd d9, #9
- fconstd d10, #10
- fconstd d11, #11
- fconstd d12, #12
- fconstd d13, #13
- fconstd d14, #14
- fconstd d15, #15
- fconstd d16, #16
- fconstd d17, #17
- fconstd d18, #18
- fconstd d19, #19
- fconstd d20, #20
- fconstd d21, #21
- fconstd d22, #22
- fconstd d23, #23
- fconstd d24, #24
- fconstd d25, #25
- fconstd d26, #26
- fconstd d27, #27
- fconstd d28, #28
- fconstd d29, #29
- fconstd d30, #30
- fconstd d31, #31
-
mov lr, #0
ldr lr, [lr]
b .
+ .cfi_endproc
.globl crashnostack
.type crashnostack, %function
crashnostack:
+ .cfi_startproc
+ mov r1, sp
+ .cfi_def_cfa_register r1
mov sp, #0
mov r0, #0
ldr r0, [r0]
b .
+ .cfi_endproc
diff --git a/debuggerd/crasher/arm64/crashglue.S b/debuggerd/crasher/arm64/crashglue.S
index e58b542..97c824e 100644
--- a/debuggerd/crasher/arm64/crashglue.S
+++ b/debuggerd/crasher/arm64/crashglue.S
@@ -1,6 +1,11 @@
.globl crash1
.type crash1, %function
crash1:
+ .cfi_startproc
+ stp x29, x30, [sp, -16]!
+ .cfi_def_cfa_offset 16
+ .cfi_rel_offset x29, 0
+ .cfi_rel_offset x30, 8
ldr x0, =0xa5a50000
ldr x1, =0xa5a50001
ldr x2, =0xa5a50002
@@ -32,48 +37,20 @@
ldr x28, =0xa5a50028
ldr x29, =0xa5a50029
- fmov d0, -1.0 // -1 is more convincing than 0.
- fmov d1, 1.0
- fmov d2, 2.0
- fmov d3, 3.0
- fmov d4, 4.0
- fmov d5, 5.0
- fmov d6, 6.0
- fmov d7, 7.0
- fmov d8, 8.0
- fmov d9, 9.0
- fmov d10, 10.0
- fmov d11, 11.0
- fmov d12, 12.0
- fmov d13, 13.0
- fmov d14, 14.0
- fmov d15, 15.0
- fmov d16, 16.0
- fmov d17, 17.0
- fmov d18, 18.0
- fmov d19, 19.0
- fmov d20, 20.0
- fmov d21, 21.0
- fmov d22, 22.0
- fmov d23, 23.0
- fmov d24, 24.0
- fmov d25, 25.0
- fmov d26, 26.0
- fmov d27, 27.0
- fmov d28, 28.0
- fmov d29, 29.0
- fmov d30, 30.0
- fmov d31, 31.0
-
mov x30, xzr
ldr x30, [x30]
b .
+ .cfi_endproc
.globl crashnostack
.type crashnostack, %function
crashnostack:
+ .cfi_startproc
+ mov x1, sp
+ .cfi_def_cfa_register x1
mov x0, xzr
add sp, x0, xzr
ldr x0, [x0]
b .
+ .cfi_endproc
diff --git a/debuggerd/crasher/riscv64/crashglue.S b/debuggerd/crasher/riscv64/crashglue.S
index 47dd93b..42f59b3 100644
--- a/debuggerd/crasher/riscv64/crashglue.S
+++ b/debuggerd/crasher/riscv64/crashglue.S
@@ -1,45 +1,56 @@
-
- .globl crash1
- .globl crashnostack
-
+.globl crash1
crash1:
- li x0,0xdead0000+0
- li x1,0xdead0000+1
- li x2,0xdead0000+2
- li x3,0xdead0000+3
- li x4,0xdead0000+4
- li x5,0xdead0000+5
- li x6,0xdead0000+6
- li x7,0xdead0000+7
- li x8,0xdead0000+8
- li x9,0xdead0000+9
- li x10,0xdead0000+10
- li x11,0xdead0000+11
- li x12,0xdead0000+12
- li x13,0xdead0000+13
- li x14,0xdead0000+14
- li x15,0xdead0000+15
- li x16,0xdead0000+16
- li x17,0xdead0000+17
- li x18,0xdead0000+18
- li x19,0xdead0000+19
- li x20,0xdead0000+20
- li x21,0xdead0000+21
- li x22,0xdead0000+22
- li x23,0xdead0000+23
- li x24,0xdead0000+24
- li x25,0xdead0000+25
- li x26,0xdead0000+26
- li x27,0xdead0000+27
- li x28,0xdead0000+28
- # don't trash the stack otherwise the signal handler won't run
- #li $29,0xdead0000+29
- li x30,0xdead0000+30
- li x31,0xdead0000+31
+ .cfi_startproc
+ addi sp, sp, -16
+ .cfi_def_cfa_offset 16
+ sd ra, 8(sp)
+ .cfi_offset ra, -8
+ li x0,0xa5a50000
+ li x1,0xa5a50001
+ li x2,0xa5a50002
+ li x3,0xa5a50003
+ li x4,0xa5a50004
+ li x5,0xa5a50005
+ li x6,0xa5a50006
+ li x7,0xa5a50007
+ li x8,0xa5a50008
+ li x9,0xa5a50009
+ li x10,0xa5a50010
+ li x11,0xa5a50011
+ li x12,0xa5a50012
+ li x13,0xa5a50013
+ li x14,0xa5a50014
+ li x15,0xa5a50015
+ li x16,0xa5a50016
+ li x17,0xa5a50017
+ li x18,0xa5a50018
+ li x19,0xa5a50019
+ li x20,0xa5a50020
+ li x21,0xa5a50021
+ li x22,0xa5a50022
+ li x23,0xa5a50023
+ li x24,0xa5a50024
+ li x25,0xa5a50025
+ li x26,0xa5a50026
+ li x27,0xa5a50027
+ li x28,0xa5a50028
+ li x29,0xa5a50029
+ li x30,0xa5a50030
+ li x31,0xa5a50031
+
+ li sp, 0
+ ld t2, 0(zero)
j .
+ .cfi_endproc
+.globl crashnostack
crashnostack:
- li sp, 0
+ .cfi_startproc
+ mv t1, sp
+ .cfi_def_cfa_register t1
+ li sp, 0
+ ld t2, 0(zero)
j .
+ .cfi_endproc
diff --git a/debuggerd/crasher/x86/crashglue.S b/debuggerd/crasher/x86/crashglue.S
index 59df432..e8eb3a7 100644
--- a/debuggerd/crasher/x86/crashglue.S
+++ b/debuggerd/crasher/x86/crashglue.S
@@ -1,6 +1,4 @@
.globl crash1
-.globl crashnostack
-
crash1:
movl $0xa5a50000, %eax
movl $0xa5a50001, %ebx
@@ -10,6 +8,11 @@
jmp *%edx
+.globl crashnostack
crashnostack:
- movl $0, %ebp
- jmp *%ebp
+ .cfi_startproc
+ movl %esp, %eax
+ .cfi_def_cfa_register %eax
+ movl $0, %esp
+ movl (%esp), %ebx
+ .cfi_endproc
diff --git a/debuggerd/crasher/x86_64/crashglue.S b/debuggerd/crasher/x86_64/crashglue.S
index 4d2a5c0..8f67214 100644
--- a/debuggerd/crasher/x86_64/crashglue.S
+++ b/debuggerd/crasher/x86_64/crashglue.S
@@ -1,6 +1,4 @@
.globl crash1
-.globl crashnostack
-
crash1:
movl $0xa5a50000, %eax
movl $0xa5a50001, %ebx
@@ -10,6 +8,11 @@
jmp *%rdx
+.globl crashnostack
crashnostack:
- movl $0, %ebp
- jmp *%rbp
+ .cfi_startproc
+ movq %rsp, %rax
+ .cfi_def_cfa_register %rax
+ movq $0, %rsp
+ movq (%rsp), %rbx
+ .cfi_endproc
diff --git a/debuggerd/debuggerd_test.cpp b/debuggerd/debuggerd_test.cpp
index 4d60ddb..517f2df 100644
--- a/debuggerd/debuggerd_test.cpp
+++ b/debuggerd/debuggerd_test.cpp
@@ -642,7 +642,7 @@
std::string result;
ConsumeFd(std::move(output_fd), &result);
- ASSERT_MATCH(result, R"(signal 11 \(SIGSEGV\), code 8 \(SEGV_MTEAERR\), fault addr --------)");
+ ASSERT_MATCH(result, R"(signal 11 \(SIGSEGV\), code [89] \(SEGV_MTE[AS]ERR\), fault addr)");
#else
GTEST_SKIP() << "Requires aarch64";
#endif
diff --git a/debuggerd/libdebuggerd/include/libdebuggerd/utility.h b/debuggerd/libdebuggerd/include/libdebuggerd/utility.h
index 25b03af..198de37 100644
--- a/debuggerd/libdebuggerd/include/libdebuggerd/utility.h
+++ b/debuggerd/libdebuggerd/include/libdebuggerd/utility.h
@@ -51,7 +51,6 @@
HEADER,
THREAD,
REGISTERS,
- FP_REGISTERS,
BACKTRACE,
MAPS,
MEMORY,
diff --git a/debuggerd/libdebuggerd/utility.cpp b/debuggerd/libdebuggerd/utility.cpp
index 74a1423..d71fc6c 100644
--- a/debuggerd/libdebuggerd/utility.cpp
+++ b/debuggerd/libdebuggerd/utility.cpp
@@ -47,12 +47,7 @@
using android::base::unique_fd;
bool is_allowed_in_logcat(enum logtype ltype) {
- if ((ltype == HEADER)
- || (ltype == REGISTERS)
- || (ltype == BACKTRACE)) {
- return true;
- }
- return false;
+ return (ltype == HEADER) || (ltype == REGISTERS) || (ltype == BACKTRACE);
}
static bool should_write_to_kmsg() {
diff --git a/fastboot/fastboot.cpp b/fastboot/fastboot.cpp
index 430ff14..0979fd2 100644
--- a/fastboot/fastboot.cpp
+++ b/fastboot/fastboot.cpp
@@ -982,7 +982,7 @@
fprintf(stderr, "--------------------------------------------\n");
}
-static std::vector<SparsePtr> resparse_file(sparse_file* s, int64_t max_size) {
+std::vector<SparsePtr> resparse_file(sparse_file* s, int64_t max_size) {
if (max_size <= 0 || max_size > std::numeric_limits<uint32_t>::max()) {
die("invalid max size %" PRId64, max_size);
}
@@ -1027,7 +1027,7 @@
return value;
}
-static int64_t get_sparse_limit(int64_t size) {
+int64_t get_sparse_limit(int64_t size) {
int64_t limit = sparse_limit;
if (limit == 0) {
// Unlimited, so see what the target device's limit is.
@@ -1159,9 +1159,15 @@
fb->GetVar("partition-type:vbmeta_b", &partition_type) == fastboot::SUCCESS;
}
+static bool is_vbmeta_partition(const std::string& partition) {
+ return android::base::EndsWith(partition, "vbmeta") ||
+ android::base::EndsWith(partition, "vbmeta_a") ||
+ android::base::EndsWith(partition, "vbmeta_b");
+}
+
// Note: this only works in userspace fastboot. In the bootloader, use
// should_flash_in_userspace().
-static bool is_logical(const std::string& partition) {
+bool is_logical(const std::string& partition) {
std::string value;
return fb->GetVar("is-logical:" + partition, &value) == fastboot::SUCCESS && value == "yes";
}
@@ -1196,10 +1202,9 @@
}
static void copy_avb_footer(const std::string& partition, struct fastboot_buffer* buf) {
- if (buf->sz < AVB_FOOTER_SIZE) {
+ if (buf->sz < AVB_FOOTER_SIZE || is_logical(partition)) {
return;
}
-
// If overflows and negative, it should be < buf->sz.
int64_t partition_size = static_cast<int64_t>(get_partition_size(partition));
@@ -1243,8 +1248,7 @@
lseek(buf->fd.get(), 0, SEEK_SET);
}
-static void flash_partition_files(const std::string& partition,
- const std::vector<SparsePtr>& files) {
+void flash_partition_files(const std::string& partition, const std::vector<SparsePtr>& files) {
for (size_t i = 0; i < files.size(); i++) {
sparse_file* s = files[i].get();
int64_t sz = sparse_file_len(s, true, false);
@@ -1252,20 +1256,15 @@
}
}
-static void flash_buf(const std::string& partition, struct fastboot_buffer* buf) {
- if (partition == "boot" || partition == "boot_a" || partition == "boot_b" ||
- partition == "init_boot" || partition == "init_boot_a" || partition == "init_boot_b" ||
- partition == "recovery" || partition == "recovery_a" || partition == "recovery_b") {
- copy_avb_footer(partition, buf);
- }
+static void flash_buf(const std::string& partition, struct fastboot_buffer* buf,
+ const bool apply_vbmeta) {
+ copy_avb_footer(partition, buf);
// Rewrite vbmeta if that's what we're flashing and modification has been requested.
if (g_disable_verity || g_disable_verification) {
// The vbmeta partition might have additional prefix if running in virtual machine
// e.g., guest_vbmeta_a.
- if (android::base::EndsWith(partition, "vbmeta") ||
- android::base::EndsWith(partition, "vbmeta_a") ||
- android::base::EndsWith(partition, "vbmeta_b")) {
+ if (apply_vbmeta) {
rewrite_vbmeta_buffer(buf, false /* vbmeta_in_boot */);
} else if (!has_vbmeta_partition() &&
(partition == "boot" || partition == "boot_a" || partition == "boot_b")) {
@@ -1303,7 +1302,7 @@
return count;
}
-static bool supports_AB() {
+bool supports_AB() {
return get_slot_count() >= 2;
}
@@ -1426,7 +1425,7 @@
}
}
-static bool is_retrofit_device() {
+bool is_retrofit_device() {
std::string value;
if (fb->GetVar("super-partition-name", &value) != fastboot::SUCCESS) {
return false;
@@ -1500,7 +1499,7 @@
return partition;
}
-void do_flash(const char* pname, const char* fname) {
+void do_flash(const char* pname, const char* fname, const bool apply_vbmeta) {
verbose("Do flash %s %s", pname, fname);
struct fastboot_buffer buf;
@@ -1511,7 +1510,7 @@
fb->ResizePartition(pname, std::to_string(buf.image_size));
}
std::string flash_pname = repack_ramdisk(pname, &buf);
- flash_buf(flash_pname, &buf);
+ flash_buf(flash_pname, &buf, apply_vbmeta);
}
// Sets slot_override as the active slot. If slot_override is blank,
@@ -1562,6 +1561,20 @@
}
}
+std::string GetPartitionName(const ImageEntry& entry, std::string& current_slot) {
+ auto slot = entry.second;
+ if (slot.empty()) {
+ slot = current_slot;
+ }
+ if (slot.empty()) {
+ return entry.first->part_name;
+ }
+ if (slot == "all") {
+ LOG(FATAL) << "Cannot retrieve a singular name when using all slots";
+ }
+ return entry.first->part_name + "_" + slot;
+}
+
class FlashAllTool {
public:
FlashAllTool(FlashingPlan* fp);
@@ -1574,15 +1587,6 @@
void CollectImages();
void FlashImages(const std::vector<std::pair<const Image*, std::string>>& images);
void FlashImage(const Image& image, const std::string& slot, fastboot_buffer* buf);
- void UpdateSuperPartition();
- bool OptimizedFlashSuper();
-
- // If the image uses the default slot, or the user specified "all", then
- // the paired string will be empty. If the image requests a specific slot
- // (for example, system_other) it is specified instead.
- using ImageEntry = std::pair<const Image*, std::string>;
-
- std::string GetPartitionName(const ImageEntry& entry);
std::vector<ImageEntry> boot_images_;
std::vector<ImageEntry> os_images_;
@@ -1612,92 +1616,36 @@
// or in bootloader fastboot.
FlashImages(boot_images_);
- if (!OptimizedFlashSuper()) {
- // Sync the super partition. This will reboot to userspace fastboot if needed.
- UpdateSuperPartition();
+ std::vector<std::unique_ptr<Task>> tasks;
+ if (auto flash_super_task = FlashSuperLayoutTask::Initialize(fp_, os_images_)) {
+ tasks.emplace_back(std::move(flash_super_task));
+ } else {
+ // Sync the super partition. This will reboot to userspace fastboot if needed.
+ tasks.emplace_back(std::make_unique<UpdateSuperTask>(fp_));
// Resize any logical partition to 0, so each partition is reset to 0
// extents, and will achieve more optimal allocation.
for (const auto& [image, slot] : os_images_) {
- auto resize_partition = [](const std::string& partition) -> void {
- if (is_logical(partition)) {
- fb->ResizePartition(partition, "0");
+ // Retrofit devices have two super partitions, named super_a and super_b.
+ // On these devices, secondary slots must be flashed as physical
+ // partitions (otherwise they would not mount on first boot). To enforce
+ // this, we delete any logical partitions for the "other" slot.
+ if (is_retrofit_device()) {
+ std::string partition_name = image->part_name + "_"s + slot;
+ if (image->IsSecondary() && is_logical(partition_name)) {
+ fp_->fb->DeletePartition(partition_name);
}
- };
- do_for_partitions(image->part_name, slot, resize_partition, false);
+ tasks.emplace_back(std::make_unique<DeleteTask>(fp_, partition_name));
+ }
+ tasks.emplace_back(std::make_unique<ResizeTask>(fp_, image->part_name, "0", slot));
}
}
-
- // Flash OS images, resizing logical partitions as needed.
+ for (auto& task : tasks) {
+ task->Run();
+ }
FlashImages(os_images_);
}
-bool FlashAllTool::OptimizedFlashSuper() {
- if (!supports_AB()) {
- LOG(VERBOSE) << "Cannot optimize flashing super on non-AB device";
- return false;
- }
- if (fp_->slot == "all") {
- LOG(VERBOSE) << "Cannot optimize flashing super for all slots";
- return false;
- }
-
- // Does this device use dynamic partitions at all?
- unique_fd fd = fp_->source->OpenFile("super_empty.img");
- if (fd < 0) {
- LOG(VERBOSE) << "could not open super_empty.img";
- return false;
- }
-
- // Try to find whether there is a super partition.
- std::string super_name;
- if (fb->GetVar("super-partition-name", &super_name) != fastboot::SUCCESS) {
- super_name = "super";
- }
- std::string partition_size_str;
- if (fb->GetVar("partition-size:" + super_name, &partition_size_str) != fastboot::SUCCESS) {
- LOG(VERBOSE) << "Cannot optimize super flashing: could not determine super partition";
- return false;
- }
-
- SuperFlashHelper helper(*fp_->source);
- if (!helper.Open(fd)) {
- return false;
- }
-
- for (const auto& entry : os_images_) {
- auto partition = GetPartitionName(entry);
- auto image = entry.first;
-
- if (!helper.AddPartition(partition, image->img_name, image->optional_if_no_image)) {
- return false;
- }
- }
-
- auto s = helper.GetSparseLayout();
- if (!s) {
- return false;
- }
-
- std::vector<SparsePtr> files;
- if (int limit = get_sparse_limit(sparse_file_len(s.get(), false, false))) {
- files = resparse_file(s.get(), limit);
- } else {
- files.emplace_back(std::move(s));
- }
-
- // Send the data to the device.
- flash_partition_files(super_name, files);
-
- // Remove images that we already flashed, just in case we have non-dynamic OS images.
- auto remove_if_callback = [&, this](const ImageEntry& entry) -> bool {
- return helper.WillFlash(GetPartitionName(entry));
- };
- os_images_.erase(std::remove_if(os_images_.begin(), os_images_.end(), remove_if_callback),
- os_images_.end());
- return true;
-}
-
void FlashAllTool::CheckRequirements() {
std::vector<char> contents;
if (!fp_->source->ReadFile("android-info.txt", &contents)) {
@@ -1771,60 +1719,12 @@
if (is_logical(partition_name)) {
fb->ResizePartition(partition_name, std::to_string(buf->image_size));
}
- flash_buf(partition_name.c_str(), buf);
+
+ flash_buf(partition_name.c_str(), buf, is_vbmeta_partition(partition_name));
};
do_for_partitions(image.part_name, slot, flash, false);
}
-void FlashAllTool::UpdateSuperPartition() {
- unique_fd fd = fp_->source->OpenFile("super_empty.img");
- if (fd < 0) {
- return;
- }
- if (!is_userspace_fastboot()) {
- reboot_to_userspace_fastboot();
- }
-
- std::string super_name;
- if (fb->GetVar("super-partition-name", &super_name) != fastboot::RetCode::SUCCESS) {
- super_name = "super";
- }
- fb->Download(super_name, fd, get_file_size(fd));
-
- std::string command = "update-super:" + super_name;
- if (fp_->wants_wipe) {
- command += ":wipe";
- }
- fb->RawCommand(command, "Updating super partition");
-
- // Retrofit devices have two super partitions, named super_a and super_b.
- // On these devices, secondary slots must be flashed as physical
- // partitions (otherwise they would not mount on first boot). To enforce
- // this, we delete any logical partitions for the "other" slot.
- if (is_retrofit_device()) {
- for (const auto& [image, slot] : os_images_) {
- std::string partition_name = image->part_name + "_"s + slot;
- if (image->IsSecondary() && is_logical(partition_name)) {
- fb->DeletePartition(partition_name);
- }
- }
- }
-}
-
-std::string FlashAllTool::GetPartitionName(const ImageEntry& entry) {
- auto slot = entry.second;
- if (slot.empty()) {
- slot = fp_->current_slot;
- }
- if (slot.empty()) {
- return entry.first->part_name;
- }
- if (slot == "all") {
- LOG(FATAL) << "Cannot retrieve a singular name when using all slots";
- }
- return entry.first->part_name + "_" + slot;
-}
-
class ZipImageSource final : public ImageSource {
public:
explicit ZipImageSource(ZipArchiveHandle zip) : zip_(zip) {}
@@ -1921,9 +1821,9 @@
return size;
}
-static void fb_perform_format(const std::string& partition, int skip_if_not_supported,
- const std::string& type_override, const std::string& size_override,
- const unsigned fs_options) {
+void fb_perform_format(const std::string& partition, int skip_if_not_supported,
+ const std::string& type_override, const std::string& size_override,
+ const unsigned fs_options) {
std::string partition_type, partition_size;
struct fastboot_buffer buf;
@@ -1995,7 +1895,7 @@
if (!load_buf_fd(std::move(fd), &buf)) {
die("Cannot read image: %s", strerror(errno));
}
- flash_buf(partition, &buf);
+ flash_buf(partition, &buf, is_vbmeta_partition(partition));
return;
failed:
@@ -2065,7 +1965,7 @@
auto image_path = temp_dir.path + "/"s + image_name;
auto flash = [&](const std::string& partition_name) {
- do_flash(partition_name.c_str(), image_path.c_str());
+ do_flash(partition_name.c_str(), image_path.c_str(), false);
};
do_for_partitions(partition, slot, flash, force_slot);
@@ -2117,7 +2017,6 @@
android::base::InitLogging(argv, FastbootLogger, FastbootAborter);
std::unique_ptr<FlashingPlan> fp = std::make_unique<FlashingPlan>();
- unsigned fs_options = 0;
int longindex;
std::string slot_override;
std::string next_active;
@@ -2171,7 +2070,7 @@
} else if (name == "force") {
fp->force_flash = true;
} else if (name == "fs-options") {
- fs_options = ParseFsOption(optarg);
+ fp->fs_options = ParseFsOption(optarg);
} else if (name == "header-version") {
g_boot_img_hdr.header_version = strtoul(optarg, nullptr, 0);
} else if (name == "dtb") {
@@ -2341,7 +2240,7 @@
std::string partition = next_arg(&args);
auto format = [&](const std::string& partition) {
- fb_perform_format(partition, 0, type_override, size_override, fs_options);
+ fb_perform_format(partition, 0, type_override, size_override, fp->fs_options);
};
do_for_partitions(partition, slot_override, format, true);
} else if (command == "signature") {
@@ -2387,7 +2286,8 @@
fname = find_item(pname);
}
if (fname.empty()) die("cannot determine image filename for '%s'", pname.c_str());
- FlashTask task(slot_override, pname, fname);
+
+ FlashTask task(slot_override, pname, fname, is_vbmeta_partition(pname));
task.Run();
} else if (command == "flash:raw") {
std::string partition = next_arg(&args);
@@ -2456,11 +2356,14 @@
fb->CreatePartition(partition, size);
} else if (command == FB_CMD_DELETE_PARTITION) {
std::string partition = next_arg(&args);
+ auto delete_task = std::make_unique<DeleteTask>(fp.get(), partition);
fb->DeletePartition(partition);
} else if (command == FB_CMD_RESIZE_PARTITION) {
std::string partition = next_arg(&args);
std::string size = next_arg(&args);
- fb->ResizePartition(partition, size);
+ std::unique_ptr<ResizeTask> resize_task =
+ std::make_unique<ResizeTask>(fp.get(), partition, size, slot_override);
+ resize_task->Run();
} else if (command == "gsi") {
std::string arg = next_arg(&args);
if (arg == "wipe") {
@@ -2495,19 +2398,15 @@
syntax_error("unknown command %s", command.c_str());
}
}
+
if (fp->wants_wipe) {
if (fp->force_flash) {
CancelSnapshotIfNeeded();
}
std::vector<std::string> partitions = {"userdata", "cache", "metadata"};
for (const auto& partition : partitions) {
- std::string partition_type;
- if (fb->GetVar("partition-type:" + partition, &partition_type) != fastboot::SUCCESS) {
- continue;
- }
- if (partition_type.empty()) continue;
- fb->Erase(partition);
- fb_perform_format(partition, 1, partition_type, "", fs_options);
+ std::unique_ptr<WipeTask> wipe_task = std::make_unique<WipeTask>(fp.get(), partition);
+ wipe_task->Run();
}
}
if (fp->wants_set_active) {
diff --git a/fastboot/fastboot.h b/fastboot/fastboot.h
index 09666aa..c954487 100644
--- a/fastboot/fastboot.h
+++ b/fastboot/fastboot.h
@@ -29,6 +29,7 @@
#include <string>
#include "fastboot_driver.h"
+#include "super_flash_helper.h"
#include "util.h"
#include <bootimg.h>
@@ -68,6 +69,7 @@
using ImageEntry = std::pair<const Image*, std::string>;
struct FlashingPlan {
+ unsigned fs_options = 0;
// If the image uses the default slot, or the user specified "all", then
// the paired string will be empty. If the image requests a specific slot
// (for example, system_other) it is specified instead.
@@ -82,12 +84,11 @@
std::string current_slot;
std::string secondary_slot;
fastboot::FastBootDriver* fb;
-
};
bool should_flash_in_userspace(const std::string& partition_name);
bool is_userspace_fastboot();
-void do_flash(const char* pname, const char* fname);
+void do_flash(const char* pname, const char* fname, const bool apply_vbmeta);
void do_for_partitions(const std::string& part, const std::string& slot,
const std::function<void(const std::string&)>& func, bool force_slot);
std::string find_item(const std::string& item);
@@ -100,4 +101,15 @@
int port;
};
-Result<NetworkSerial, FastbootError> ParseNetworkSerial(const std::string& serial);
\ No newline at end of file
+Result<NetworkSerial, FastbootError> ParseNetworkSerial(const std::string& serial);
+bool supports_AB();
+std::string GetPartitionName(const ImageEntry& entry, std::string& current_slot_);
+void flash_partition_files(const std::string& partition, const std::vector<SparsePtr>& files);
+int64_t get_sparse_limit(int64_t size);
+std::vector<SparsePtr> resparse_file(sparse_file* s, int64_t max_size);
+
+bool is_retrofit_device();
+bool is_logical(const std::string& partition);
+void fb_perform_format(const std::string& partition, int skip_if_not_supported,
+ const std::string& type_override, const std::string& size_override,
+ const unsigned fs_options);
diff --git a/fastboot/task.cpp b/fastboot/task.cpp
index a4aa637..29befb7 100644
--- a/fastboot/task.cpp
+++ b/fastboot/task.cpp
@@ -14,18 +14,15 @@
// limitations under the License.
//
#include "task.h"
+#include <iostream>
#include "fastboot.h"
-#include "util.h"
+#include "filesystem.h"
+#include "super_flash_helper.h"
-#include "fastboot.h"
-#include "util.h"
-
-FlashTask::FlashTask(const std::string& _slot, const std::string& _pname)
- : pname_(_pname), fname_(find_item(_pname)), slot_(_slot) {
- if (fname_.empty()) die("cannot determine image filename for '%s'", pname_.c_str());
-}
-FlashTask::FlashTask(const std::string& _slot, const std::string& _pname, const std::string& _fname)
- : pname_(_pname), fname_(_fname), slot_(_slot) {}
+using namespace std::string_literals;
+FlashTask::FlashTask(const std::string& _slot, const std::string& _pname, const std::string& _fname,
+ const bool apply_vbmeta)
+ : pname_(_pname), fname_(_fname), slot_(_slot), apply_vbmeta_(apply_vbmeta) {}
void FlashTask::Run() {
auto flash = [&](const std::string& partition) {
@@ -38,14 +35,14 @@
"And try again. If you are intentionally trying to "
"overwrite a fixed partition, use --force.");
}
- do_flash(partition.c_str(), fname_.c_str());
+ do_flash(partition.c_str(), fname_.c_str(), apply_vbmeta_);
};
do_for_partitions(pname_, slot_, flash, true);
}
-RebootTask::RebootTask(FlashingPlan* _fp) : fp_(_fp){};
-RebootTask::RebootTask(FlashingPlan* _fp, const std::string& _reboot_target)
- : reboot_target_(_reboot_target), fp_(_fp){};
+RebootTask::RebootTask(FlashingPlan* fp) : fp_(fp){};
+RebootTask::RebootTask(FlashingPlan* fp, const std::string& reboot_target)
+ : reboot_target_(reboot_target), fp_(fp){};
void RebootTask::Run() {
if ((reboot_target_ == "userspace" || reboot_target_ == "fastboot")) {
@@ -66,3 +63,133 @@
syntax_error("unknown reboot target %s", reboot_target_.c_str());
}
}
+
+FlashSuperLayoutTask::FlashSuperLayoutTask(const std::string& super_name,
+ std::unique_ptr<SuperFlashHelper> helper,
+ SparsePtr sparse_layout)
+ : super_name_(super_name),
+ helper_(std::move(helper)),
+ sparse_layout_(std::move(sparse_layout)) {}
+
+void FlashSuperLayoutTask::Run() {
+ std::vector<SparsePtr> files;
+ if (int limit = get_sparse_limit(sparse_file_len(sparse_layout_.get(), false, false))) {
+ files = resparse_file(sparse_layout_.get(), limit);
+ } else {
+ files.emplace_back(std::move(sparse_layout_));
+ }
+
+ // Send the data to the device.
+ flash_partition_files(super_name_, files);
+}
+
+std::unique_ptr<FlashSuperLayoutTask> FlashSuperLayoutTask::Initialize(
+ FlashingPlan* fp, std::vector<ImageEntry>& os_images) {
+ if (!supports_AB()) {
+ LOG(VERBOSE) << "Cannot optimize flashing super on non-AB device";
+ return nullptr;
+ }
+ if (fp->slot == "all") {
+ LOG(VERBOSE) << "Cannot optimize flashing super for all slots";
+ return nullptr;
+ }
+
+ // Does this device use dynamic partitions at all?
+ unique_fd fd = fp->source->OpenFile("super_empty.img");
+
+ if (fd < 0) {
+ LOG(VERBOSE) << "could not open super_empty.img";
+ return nullptr;
+ }
+
+ std::string super_name;
+ // Try to find whether there is a super partition.
+ if (fp->fb->GetVar("super-partition-name", &super_name) != fastboot::SUCCESS) {
+ super_name = "super";
+ }
+ std::string partition_size_str;
+
+ if (fp->fb->GetVar("partition-size:" + super_name, &partition_size_str) != fastboot::SUCCESS) {
+ LOG(VERBOSE) << "Cannot optimize super flashing: could not determine super partition";
+ return nullptr;
+ }
+ std::unique_ptr<SuperFlashHelper> helper = std::make_unique<SuperFlashHelper>(*fp->source);
+ if (!helper->Open(fd)) {
+ return nullptr;
+ }
+
+ for (const auto& entry : os_images) {
+ auto partition = GetPartitionName(entry, fp->current_slot);
+ auto image = entry.first;
+
+ if (!helper->AddPartition(partition, image->img_name, image->optional_if_no_image)) {
+ return nullptr;
+ }
+ }
+
+ auto s = helper->GetSparseLayout();
+ if (!s) return nullptr;
+
+ // Remove images that we already flashed, just in case we have non-dynamic OS images.
+ auto remove_if_callback = [&](const ImageEntry& entry) -> bool {
+ return helper->WillFlash(GetPartitionName(entry, fp->current_slot));
+ };
+ os_images.erase(std::remove_if(os_images.begin(), os_images.end(), remove_if_callback),
+ os_images.end());
+ return std::make_unique<FlashSuperLayoutTask>(super_name, std::move(helper), std::move(s));
+}
+
+UpdateSuperTask::UpdateSuperTask(FlashingPlan* fp) : fp_(fp) {}
+
+void UpdateSuperTask::Run() {
+ unique_fd fd = fp_->source->OpenFile("super_empty.img");
+ if (fd < 0) {
+ return;
+ }
+ if (!is_userspace_fastboot()) {
+ reboot_to_userspace_fastboot();
+ }
+
+ std::string super_name;
+ if (fp_->fb->GetVar("super-partition-name", &super_name) != fastboot::RetCode::SUCCESS) {
+ super_name = "super";
+ }
+ fp_->fb->Download(super_name, fd, get_file_size(fd));
+
+ std::string command = "update-super:" + super_name;
+ if (fp_->wants_wipe) {
+ command += ":wipe";
+ }
+ fp_->fb->RawCommand(command, "Updating super partition");
+}
+
+ResizeTask::ResizeTask(FlashingPlan* fp, const std::string& pname, const std::string& size,
+ const std::string& slot)
+ : fp_(fp), pname_(pname), size_(size), slot_(slot) {}
+
+void ResizeTask::Run() {
+ auto resize_partition = [this](const std::string& partition) -> void {
+ if (is_logical(partition)) {
+ fp_->fb->ResizePartition(partition, size_);
+ }
+ };
+ do_for_partitions(pname_, slot_, resize_partition, false);
+}
+
+DeleteTask::DeleteTask(FlashingPlan* fp, const std::string& pname) : fp_(fp), pname_(pname){};
+
+void DeleteTask::Run() {
+ fp_->fb->DeletePartition(pname_);
+}
+
+WipeTask::WipeTask(FlashingPlan* fp, const std::string& pname) : fp_(fp), pname_(pname){};
+
+void WipeTask::Run() {
+ std::string partition_type;
+ if (fp_->fb->GetVar("partition-type:" + pname_, &partition_type) != fastboot::SUCCESS) {
+ return;
+ }
+ if (partition_type.empty()) return;
+ fp_->fb->Erase(pname_);
+ fb_perform_format(pname_, 1, partition_type, "", fp_->fs_options);
+}
diff --git a/fastboot/task.h b/fastboot/task.h
index d8b9e21..8aa4d2f 100644
--- a/fastboot/task.h
+++ b/fastboot/task.h
@@ -20,6 +20,8 @@
#include "fastboot.h"
#include "fastboot_driver.h"
+#include "super_flash_helper.h"
+#include "util.h"
class Task {
public:
@@ -30,26 +32,82 @@
class FlashTask : public Task {
public:
- FlashTask(const std::string& _slot, const std::string& _pname);
- FlashTask(const std::string& _slot, const std::string& _pname, const std::string& _fname);
+ FlashTask(const std::string& slot, const std::string& pname, const std::string& fname,
+ const bool apply_vbmeta);
void Run() override;
- ~FlashTask() {}
private:
const std::string pname_;
const std::string fname_;
const std::string slot_;
+ const bool apply_vbmeta_;
};
class RebootTask : public Task {
public:
- RebootTask(FlashingPlan* _fp);
- RebootTask(FlashingPlan* _fp, const std::string& _reboot_target);
+ RebootTask(FlashingPlan* fp);
+ RebootTask(FlashingPlan* fp, const std::string& reboot_target);
void Run() override;
- ~RebootTask() {}
private:
const std::string reboot_target_ = "";
- FlashingPlan* fp_;
-};
\ No newline at end of file
+ const FlashingPlan* fp_;
+};
+
+class FlashSuperLayoutTask : public Task {
+ public:
+ FlashSuperLayoutTask(const std::string& super_name, std::unique_ptr<SuperFlashHelper> helper,
+ SparsePtr sparse_layout);
+ static std::unique_ptr<FlashSuperLayoutTask> Initialize(FlashingPlan* fp,
+ std::vector<ImageEntry>& os_images);
+ using ImageEntry = std::pair<const Image*, std::string>;
+ void Run() override;
+
+ private:
+ const std::string super_name_;
+ std::unique_ptr<SuperFlashHelper> helper_;
+ SparsePtr sparse_layout_;
+};
+
+class UpdateSuperTask : public Task {
+ public:
+ UpdateSuperTask(FlashingPlan* fp);
+ void Run() override;
+
+ private:
+ const FlashingPlan* fp_;
+};
+
+class ResizeTask : public Task {
+ public:
+ ResizeTask(FlashingPlan* fp, const std::string& pname, const std::string& size,
+ const std::string& slot);
+ void Run() override;
+
+ private:
+ const FlashingPlan* fp_;
+ const std::string pname_;
+ const std::string size_;
+ const std::string slot_;
+};
+
+class DeleteTask : public Task {
+ public:
+ DeleteTask(FlashingPlan* _fp, const std::string& _pname);
+ void Run() override;
+
+ private:
+ const FlashingPlan* fp_;
+ const std::string pname_;
+};
+
+class WipeTask : public Task {
+ public:
+ WipeTask(FlashingPlan* fp, const std::string& pname);
+ void Run() override;
+
+ private:
+ const FlashingPlan* fp_;
+ const std::string pname_;
+};
diff --git a/fs_mgr/TEST_MAPPING b/fs_mgr/TEST_MAPPING
index b6710d5..db27cf0 100644
--- a/fs_mgr/TEST_MAPPING
+++ b/fs_mgr/TEST_MAPPING
@@ -28,9 +28,6 @@
"name": "vabc_legacy_tests"
},
{
- "name": "libsnapshot_fuzzer_test"
- },
- {
"name": "cow_api_test"
}
],
diff --git a/fs_mgr/libsnapshot/Android.bp b/fs_mgr/libsnapshot/Android.bp
index c2f435f..3bfa4d5 100644
--- a/fs_mgr/libsnapshot/Android.bp
+++ b/fs_mgr/libsnapshot/Android.bp
@@ -366,80 +366,6 @@
gtest: false,
}
-cc_defaults {
- name: "libsnapshot_fuzzer_defaults",
- defaults: [
- "libsnapshot_cow_defaults",
- ],
- native_coverage : true,
- srcs: [
- // Compile the protobuf definition again with type full.
- "android/snapshot/snapshot_fuzz.proto",
- "update_engine/update_metadata.proto",
- "fuzz_utils.cpp",
- "snapshot_fuzz.cpp",
- "snapshot_fuzz_utils.cpp",
-
- // Compile libsnapshot sources directly to avoid dependency
- // to update_metadata-protos
- ":libsnapshot_sources",
- ],
- static_libs: [
- "libbase",
- "libbrotli",
- "libc++fs",
- "libchrome",
- "libcrypto_static",
- "libcutils",
- "libext2_uuid",
- "libext4_utils",
- "libfstab",
- "libfs_mgr",
- "libgtest", // from libsnapshot_test_helpers
- "libgmock", // from libsnapshot_test_helpers
- "liblog",
- "liblp",
- "libsnapshot_cow",
- "libsnapshot_test_helpers",
- "libprotobuf-mutator",
- "libz",
- ],
- header_libs: [
- "libfiemap_headers",
- "libstorage_literals_headers",
- "libupdate_engine_headers",
- ],
- proto: {
- type: "full",
- canonical_path_from_root: false,
- local_include_dirs: ["."],
- },
-}
-
-cc_fuzz {
- name: "libsnapshot_fuzzer",
- defaults: ["libsnapshot_fuzzer_defaults"],
- corpus: ["corpus/*"],
- fuzz_config: {
- cc: ["android-virtual-ab+bugs@google.com"],
- componentid: 30545,
- hotlists: ["1646452"],
- fuzz_on_haiku_host: false,
- fuzz_on_haiku_device: true,
- },
-}
-
-cc_test {
- name: "libsnapshot_fuzzer_test",
- defaults: ["libsnapshot_fuzzer_defaults"],
- data: ["corpus/*"],
- test_suites: [
- "device-tests",
- ],
- auto_gen_config: true,
- require_root: true,
-}
-
cc_test {
name: "cow_api_test",
defaults: [
diff --git a/fs_mgr/libsnapshot/android/snapshot/snapshot_fuzz.proto b/fs_mgr/libsnapshot/android/snapshot/snapshot_fuzz.proto
deleted file mode 100644
index a55b42a..0000000
--- a/fs_mgr/libsnapshot/android/snapshot/snapshot_fuzz.proto
+++ /dev/null
@@ -1,110 +0,0 @@
-// Copyright (C) 2020 The Android Open Source Project
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-syntax = "proto3";
-package android.snapshot;
-
-import "update_engine/update_metadata.proto";
-
-// Controls the behavior of IDeviceInfo.
-// Next: 6
-message FuzzDeviceInfoData {
- bool slot_suffix_is_a = 1;
- bool is_overlayfs_setup = 2;
- bool allow_set_boot_control_merge_status = 3;
- bool allow_set_slot_as_unbootable = 4;
- bool is_recovery = 5;
-}
-
-// Controls the behavior of the test SnapshotManager.
-// Next: 2
-message FuzzSnapshotManagerData {
- bool is_local_image_manager = 1;
-}
-
-// A simplified version of CreateLogicalPartitionParams for fuzzing.
-// Next: 9
-message CreateLogicalPartitionParamsProto {
- bool use_correct_super = 1;
- string block_device = 2;
- bool has_metadata_slot = 3;
- uint32 metadata_slot = 4;
- string partition_name = 5;
- bool force_writable = 6;
- int64 timeout_millis = 7;
- string device_name = 8;
-}
-
-// Mimics the API of ISnapshotManager. Defines one action on the snapshot
-// manager.
-// Next: 18
-message SnapshotManagerActionProto {
- message NoArgs {}
- message ProcessUpdateStateArgs {
- bool has_before_cancel = 1;
- bool fail_before_cancel = 2;
- }
- message CreateLogicalAndSnapshotPartitionsArgs {
- bool use_correct_super = 1;
- string super = 2;
- int64 timeout_millis = 3;
- }
- message RecoveryCreateSnapshotDevicesArgs {
- bool has_metadata_device_object = 1;
- bool metadata_mounted = 2;
- }
- reserved 18 to 9999;
- oneof value {
- NoArgs begin_update = 1;
- NoArgs cancel_update = 2;
- bool finished_snapshot_writes = 3;
- NoArgs initiate_merge = 4;
- ProcessUpdateStateArgs process_update_state = 5;
- bool get_update_state = 6;
- chromeos_update_engine.DeltaArchiveManifest create_update_snapshots = 7;
- CreateLogicalPartitionParamsProto map_update_snapshot = 8;
- string unmap_update_snapshot = 9;
- NoArgs need_snapshots_in_first_stage_mount = 10;
- CreateLogicalAndSnapshotPartitionsArgs create_logical_and_snapshot_partitions = 11;
- bool handle_imminent_data_wipe = 12;
- NoArgs recovery_create_snapshot_devices = 13;
- RecoveryCreateSnapshotDevicesArgs recovery_create_snapshot_devices_with_metadata = 14;
- NoArgs dump = 15;
- NoArgs ensure_metadata_mounted = 16;
- NoArgs get_snapshot_merge_stats_instance = 17;
-
- // Test directives that has nothing to do with ISnapshotManager API surface.
- NoArgs switch_slot = 10000;
- }
-}
-
-// Includes all data that needs to be fuzzed.
-message SnapshotFuzzData {
- FuzzDeviceInfoData device_info_data = 1;
- FuzzSnapshotManagerData manager_data = 2;
-
- // If true:
- // - if super_data is empty, create empty super partition metadata.
- // - otherwise, create super partition metadata accordingly.
- // If false, no valid super partition metadata (it is zeroed)
- bool is_super_metadata_valid = 3;
- chromeos_update_engine.DeltaArchiveManifest super_data = 4;
-
- // Whether the directory that mocks /metadata/ota/snapshot is created.
- bool has_metadata_snapshots_dir = 5;
-
- // More data used to prep the test before running actions.
- reserved 6 to 9999;
- repeated SnapshotManagerActionProto actions = 10000;
-}
diff --git a/fs_mgr/libsnapshot/corpus/avoid-io-in-fuzzer.txt b/fs_mgr/libsnapshot/corpus/avoid-io-in-fuzzer.txt
deleted file mode 100644
index c474f4c..0000000
--- a/fs_mgr/libsnapshot/corpus/avoid-io-in-fuzzer.txt
+++ /dev/null
@@ -1,41 +0,0 @@
-device_info_data {
- allow_set_slot_as_unbootable: true
- is_recovery: true
-}
-is_super_metadata_valid: true
-super_data {
- partitions {
- partition_name: "sys_a"
- new_partition_info {
- size: 3145728
- }
- }
- partitions {
- partition_name: "vnnd_"
- new_partition_info {
- size: 3145728
- }
- }
- partitions {
- partition_name: "prd_a"
- new_partition_info {
- }
- }
- dynamic_partition_metadata {
- groups {
- name: "group_google_dp_a"
- size: 34375467008
- partition_names: "sys_a"
- partition_names: "vnd_a"
- partition_names: "prd_a"
- }
- }
-}
-has_metadata_snapshots_dir: true
-actions {
- handle_imminent_data_wipe: true
-}
-actions {
- begin_update {
- }
-}
diff --git a/fs_mgr/libsnapshot/corpus/launch_device.txt b/fs_mgr/libsnapshot/corpus/launch_device.txt
deleted file mode 100644
index 55a7f2c..0000000
--- a/fs_mgr/libsnapshot/corpus/launch_device.txt
+++ /dev/null
@@ -1,161 +0,0 @@
-device_info_data {
- slot_suffix_is_a: true
- is_overlayfs_setup: false
- allow_set_boot_control_merge_status: true
- allow_set_slot_as_unbootable: true
- is_recovery: false
-}
-manager_data {
- is_local_image_manager: false
-}
-is_super_metadata_valid: true
-super_data {
- partitions {
- partition_name: "sys_a"
- new_partition_info {
- size: 3145728
- }
- }
- partitions {
- partition_name: "vnd_a"
- new_partition_info {
- size: 3145728
- }
- }
- partitions {
- partition_name: "prd_a"
- new_partition_info {
- size: 3145728
- }
- }
- dynamic_partition_metadata {
- groups {
- name: "group_google_dp_a"
- size: 15728640
- partition_names: "sys_a"
- partition_names: "vnd_a"
- partition_names: "prd_a"
- }
- }
-}
-has_metadata_snapshots_dir: true
-actions {
- begin_update {
- }
-}
-actions {
- create_update_snapshots {
- partitions {
- partition_name: "sys"
- new_partition_info {
- size: 3878912
- }
- operations {
- type: ZERO,
- dst_extents {
- start_block: 0
- num_blocks: 947
- }
- }
- }
- partitions {
- partition_name: "vnd"
- new_partition_info {
- size: 3878912
- }
- operations {
- type: ZERO,
- dst_extents {
- start_block: 0
- num_blocks: 947
- }
- }
- }
- partitions {
- partition_name: "prd"
- new_partition_info {
- size: 3878912
- }
- operations {
- type: ZERO,
- dst_extents {
- start_block: 0
- num_blocks: 947
- }
- }
- }
- dynamic_partition_metadata {
- groups {
- name: "group_google_dp"
- size: 15728640
- partition_names: "sys"
- partition_names: "vnd"
- partition_names: "prd"
- }
- }
- }
-}
-actions {
- map_update_snapshot {
- use_correct_super: true
- has_metadata_slot: true
- metadata_slot: 1
- partition_name: "sys_b"
- force_writable: true
- timeout_millis: 3000
- }
-}
-actions {
- map_update_snapshot {
- use_correct_super: true
- has_metadata_slot: true
- metadata_slot: 1
- partition_name: "vnd_b"
- force_writable: true
- timeout_millis: 3000
- }
-}
-actions {
- map_update_snapshot {
- use_correct_super: true
- has_metadata_slot: true
- metadata_slot: 1
- partition_name: "prd_b"
- force_writable: true
- timeout_millis: 3000
- }
-}
-actions {
- finished_snapshot_writes: false
-}
-actions {
- unmap_update_snapshot: "sys_b"
-}
-actions {
- unmap_update_snapshot: "vnd_b"
-}
-actions {
- unmap_update_snapshot: "prd_b"
-}
-actions {
- switch_slot {
- }
-}
-actions {
- need_snapshots_in_first_stage_mount {
- }
-}
-actions {
- create_logical_and_snapshot_partitions {
- use_correct_super: true
- timeout_millis: 5000
- }
-}
-actions {
- initiate_merge {
- }
-}
-actions {
- process_update_state {
- }
-}
diff --git a/fs_mgr/libsnapshot/fuzz.sh b/fs_mgr/libsnapshot/fuzz.sh
deleted file mode 100755
index 5995cef..0000000
--- a/fs_mgr/libsnapshot/fuzz.sh
+++ /dev/null
@@ -1,90 +0,0 @@
-#!/bin/bash
-PROJECT_PATH=system/core/fs_mgr/libsnapshot
-FUZZ_TARGET=libsnapshot_fuzzer
-TARGET_ARCH=$(get_build_var TARGET_ARCH)
-FUZZ_BINARY=/data/fuzz/${TARGET_ARCH}/${FUZZ_TARGET}/${FUZZ_TARGET}
-DEVICE_INIT_CORPUS_DIR=/data/fuzz/${TARGET_ARCH}/${FUZZ_TARGET}/corpus
-DEVICE_GENERATED_CORPUS_DIR=/data/local/tmp/${FUZZ_TARGET}/corpus
-DEVICE_GCOV_DIR=/data/local/tmp/${FUZZ_TARGET}/gcov
-HOST_SCRATCH_DIR=/tmp/${FUZZ_TARGET}
-GCOV_TOOL=${HOST_SCRATCH_DIR}/llvm-gcov
-
-build_normal() (
- pushd $(gettop)
- NATIVE_COVERAGE="" NATIVE_LINE_COVERAGE="" NATIVE_COVERAGE_PATHS="" m ${FUZZ_TARGET}
- ret=$?
- popd
- return ${ret}
-)
-
-build_cov() {
- pushd $(gettop)
- NATIVE_COVERAGE="true" NATIVE_LINE_COVERAGE="true" NATIVE_COVERAGE_PATHS="${PROJECT_PATH}" m ${FUZZ_TARGET}
- ret=$?
- popd
- return ${ret}
-}
-
-prepare_device() {
- adb root && adb remount &&
- adb shell mkdir -p ${DEVICE_GENERATED_CORPUS_DIR} &&
- adb shell rm -rf ${DEVICE_GCOV_DIR} &&
- adb shell mkdir -p ${DEVICE_GCOV_DIR}
-}
-
-push_binary() {
- adb push ${ANDROID_PRODUCT_OUT}/${FUZZ_BINARY} ${FUZZ_BINARY} &&
- adb push ${ANDROID_PRODUCT_OUT}/${DEVICE_INIT_CORPUS_DIR} $(dirname ${FUZZ_BINARY})
-}
-
-prepare_host() {
- which lcov || {
- echo "please run:";
- echo " sudo apt-get install lcov ";
- return 1;
- }
- rm -rf ${HOST_SCRATCH_DIR} &&
- mkdir -p ${HOST_SCRATCH_DIR}
-}
-
-# run_snapshot_fuzz -runs=10000
-generate_corpus() {
- [[ "$@" ]] || { echo "run with -runs=X"; return 1; }
-
- prepare_device &&
- build_normal &&
- push_binary &&
- adb shell ${FUZZ_BINARY} "$@" ${DEVICE_INIT_CORPUS_DIR} ${DEVICE_GENERATED_CORPUS_DIR}
-}
-
-run_snapshot_fuzz() {
- prepare_device &&
- build_cov &&
- push_binary &&
- adb shell GCOV_PREFIX=${DEVICE_GCOV_DIR} GCOV_PREFIX_STRIP=3 \
- ${FUZZ_BINARY} \
- -runs=0 \
- ${DEVICE_INIT_CORPUS_DIR} ${DEVICE_GENERATED_CORPUS_DIR}
-}
-
-show_fuzz_result() {
- prepare_host &&
- unzip -o -j -d ${HOST_SCRATCH_DIR} ${ANDROID_PRODUCT_OUT}/coverage/data/fuzz/${TARGET_ARCH}/${FUZZ_TARGET}/${FUZZ_TARGET}.zip &&
- adb shell find ${DEVICE_GCOV_DIR} -type f | xargs -I {} adb pull {} ${HOST_SCRATCH_DIR} &&
- ls ${HOST_SCRATCH_DIR} &&
- cat > ${GCOV_TOOL} <<< '
-#!/bin/bash
-exec llvm-cov gcov "$@"
-' &&
- chmod +x ${GCOV_TOOL} &&
- lcov --directory ${HOST_SCRATCH_DIR} --base-directory $(gettop) --gcov-tool ${GCOV_TOOL} --capture -o ${HOST_SCRATCH_DIR}/report.cov &&
- genhtml ${HOST_SCRATCH_DIR}/report.cov -o ${HOST_SCRATCH_DIR}/html &&
- echo file://$(realpath ${HOST_SCRATCH_DIR}/html/index.html)
-}
-
-# run_snapshot_fuzz -runs=10000
-run_snapshot_fuzz_all() {
- generate_corpus "$@" &&
- run_snapshot_fuzz &&
- show_fuzz_result
-}
diff --git a/fs_mgr/libsnapshot/fuzz_utils.cpp b/fs_mgr/libsnapshot/fuzz_utils.cpp
deleted file mode 100644
index 0263f7e..0000000
--- a/fs_mgr/libsnapshot/fuzz_utils.cpp
+++ /dev/null
@@ -1,38 +0,0 @@
-// Copyright (C) 2020 The Android Open Source Project
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-#include "fuzz_utils.h"
-
-#include <android-base/logging.h>
-
-namespace android::fuzz {
-
-void CheckInternal(bool value, std::string_view msg) {
- CHECK(value) << msg;
-}
-
-const google::protobuf::OneofDescriptor* GetProtoValueDescriptor(
- const google::protobuf::Descriptor* action_desc) {
- CHECK(action_desc);
- CHECK(action_desc->oneof_decl_count() == 1)
- << action_desc->oneof_decl_count() << " oneof fields found in " << action_desc->name()
- << "; only one is expected.";
- auto* oneof_value_desc = action_desc->oneof_decl(0);
- CHECK(oneof_value_desc);
- CHECK(oneof_value_desc->name() == "value")
- << "oneof field has name " << oneof_value_desc->name();
- return oneof_value_desc;
-}
-
-} // namespace android::fuzz
diff --git a/fs_mgr/libsnapshot/fuzz_utils.h b/fs_mgr/libsnapshot/fuzz_utils.h
deleted file mode 100644
index 20b13b2..0000000
--- a/fs_mgr/libsnapshot/fuzz_utils.h
+++ /dev/null
@@ -1,285 +0,0 @@
-// Copyright (C) 2020 The Android Open Source Project
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-#pragma once
-
-#include <map>
-#include <string>
-#include <string_view>
-
-#include <google/protobuf/descriptor.h>
-#include <google/protobuf/message.h>
-#include <google/protobuf/repeated_field.h>
-
-// Utilities for using a protobuf definition to fuzz APIs in a class.
-// Terms:
-// The "fuzzed class" is the C++ class definition whose functions are fuzzed.
-// The "fuzzed object" is an instantiated object of the fuzzed class. It is
-// typically created and destroyed for each test run.
-// An "action" is an operation on the fuzzed object that may mutate its state.
-// This typically involves one function call into the fuzzed object.
-
-namespace android::fuzz {
-
-// CHECK(value) << msg
-void CheckInternal(bool value, std::string_view msg);
-
-// Get the oneof descriptor inside Action
-const google::protobuf::OneofDescriptor* GetProtoValueDescriptor(
- const google::protobuf::Descriptor* action_desc);
-
-template <typename Class>
-using FunctionMapImpl =
- std::map<int, std::function<void(Class*, const google::protobuf::Message& action_proto,
- const google::protobuf::FieldDescriptor* field_desc)>>;
-
-template <typename Class>
-class FunctionMap : public FunctionMapImpl<Class> {
- public:
- void CheckEmplace(typename FunctionMapImpl<Class>::key_type key,
- typename FunctionMapImpl<Class>::mapped_type&& value) {
- auto [it, inserted] = this->emplace(key, std::move(value));
- CheckInternal(inserted,
- "Multiple implementation registered for tag number " + std::to_string(key));
- }
-};
-
-template <typename Action>
-int CheckConsistency() {
- const auto* function_map = Action::GetFunctionMap();
- const auto* action_value_desc = GetProtoValueDescriptor(Action::Proto::GetDescriptor());
-
- for (int field_index = 0; field_index < action_value_desc->field_count(); ++field_index) {
- const auto* field_desc = action_value_desc->field(field_index);
- CheckInternal(function_map->find(field_desc->number()) != function_map->end(),
- "Missing impl for function " + field_desc->camelcase_name());
- }
- return 0;
-}
-
-// Get the field descriptor for the oneof field in the action message. If no oneof field is set,
-// return nullptr.
-template <typename Action>
-const google::protobuf::FieldDescriptor* GetValueFieldDescriptor(
- const typename Action::Proto& action_proto) {
- static auto* action_value_desc = GetProtoValueDescriptor(Action::Proto::GetDescriptor());
-
- auto* action_refl = Action::Proto::GetReflection();
- if (!action_refl->HasOneof(action_proto, action_value_desc)) {
- return nullptr;
- }
- return action_refl->GetOneofFieldDescriptor(action_proto, action_value_desc);
-}
-
-template <typename Action>
-void ExecuteActionProto(typename Action::ClassType* module,
- const typename Action::Proto& action_proto) {
- const auto* field_desc = GetValueFieldDescriptor<Action>(action_proto);
- if (field_desc == nullptr) return;
- auto number = field_desc->number();
- const auto& map = *Action::GetFunctionMap();
- auto it = map.find(number);
- CheckInternal(it != map.end(), "Missing impl for function " + field_desc->camelcase_name());
- const auto& func = it->second;
- func(module, action_proto, field_desc);
-}
-
-template <typename Action>
-void ExecuteAllActionProtos(
- typename Action::ClassType* module,
- const google::protobuf::RepeatedPtrField<typename Action::Proto>& action_protos) {
- for (const auto& proto : action_protos) {
- ExecuteActionProto<Action>(module, proto);
- }
-}
-
-// Safely cast message to T. Returns a pointer to message if cast successfully, otherwise nullptr.
-template <typename T>
-const T* SafeCast(const google::protobuf::Message& message) {
- if (message.GetDescriptor() != T::GetDescriptor()) {
- return nullptr;
- }
- return static_cast<const T*>(&message);
-}
-
-// Cast message to const T&. Abort if type mismatch.
-template <typename T>
-const T& CheckedCast(const google::protobuf::Message& message) {
- const auto* ptr = SafeCast<T>(message);
- CheckInternal(ptr, "Cannot cast " + message.GetDescriptor()->name() + " to " +
- T::GetDescriptor()->name());
- return *ptr;
-}
-
-// A templated way to a primitive field from a message using reflection.
-template <typename T>
-struct PrimitiveGetter;
-#define FUZZ_DEFINE_PRIMITIVE_GETTER(type, func_name) \
- template <> \
- struct PrimitiveGetter<type> { \
- static constexpr const auto fp = &google::protobuf::Reflection::func_name; \
- }
-
-FUZZ_DEFINE_PRIMITIVE_GETTER(bool, GetBool);
-FUZZ_DEFINE_PRIMITIVE_GETTER(uint32_t, GetUInt32);
-FUZZ_DEFINE_PRIMITIVE_GETTER(int32_t, GetInt32);
-FUZZ_DEFINE_PRIMITIVE_GETTER(uint64_t, GetUInt64);
-FUZZ_DEFINE_PRIMITIVE_GETTER(int64_t, GetInt64);
-FUZZ_DEFINE_PRIMITIVE_GETTER(double, GetDouble);
-FUZZ_DEFINE_PRIMITIVE_GETTER(float, GetFloat);
-
-// ActionPerformer extracts arguments from the protobuf message, and then call FuzzFunction
-// with these arguments.
-template <typename FuzzFunction, typename Signature, typename Enabled = void>
-struct ActionPerformerImpl; // undefined
-
-template <typename FuzzFunction, typename MessageProto>
-struct ActionPerformerImpl<
- FuzzFunction, void(const MessageProto&),
- typename std::enable_if_t<std::is_base_of_v<google::protobuf::Message, MessageProto>>> {
- static typename FuzzFunction::ReturnType Invoke(
- typename FuzzFunction::ClassType* module, const google::protobuf::Message& action_proto,
- const google::protobuf::FieldDescriptor* field_desc) {
- const MessageProto& arg = CheckedCast<std::remove_reference_t<MessageProto>>(
- action_proto.GetReflection()->GetMessage(action_proto, field_desc));
- return FuzzFunction::ImplBody(module, arg);
- }
-};
-
-template <typename FuzzFunction, typename Primitive>
-struct ActionPerformerImpl<FuzzFunction, void(Primitive),
- typename std::enable_if_t<std::is_arithmetic_v<Primitive>>> {
- static typename FuzzFunction::ReturnType Invoke(
- typename FuzzFunction::ClassType* module, const google::protobuf::Message& action_proto,
- const google::protobuf::FieldDescriptor* field_desc) {
- Primitive arg = std::invoke(PrimitiveGetter<Primitive>::fp, action_proto.GetReflection(),
- action_proto, field_desc);
- return FuzzFunction::ImplBody(module, arg);
- }
-};
-
-template <typename FuzzFunction>
-struct ActionPerformerImpl<FuzzFunction, void()> {
- static typename FuzzFunction::ReturnType Invoke(typename FuzzFunction::ClassType* module,
- const google::protobuf::Message&,
- const google::protobuf::FieldDescriptor*) {
- return FuzzFunction::ImplBody(module);
- }
-};
-
-template <typename FuzzFunction>
-struct ActionPerformerImpl<FuzzFunction, void(const std::string&)> {
- static typename FuzzFunction::ReturnType Invoke(
- typename FuzzFunction::ClassType* module, const google::protobuf::Message& action_proto,
- const google::protobuf::FieldDescriptor* field_desc) {
- std::string scratch;
- const std::string& arg = action_proto.GetReflection()->GetStringReference(
- action_proto, field_desc, &scratch);
- return FuzzFunction::ImplBody(module, arg);
- }
-};
-
-template <typename FuzzFunction>
-struct ActionPerformer : ActionPerformerImpl<FuzzFunction, typename FuzzFunction::Signature> {};
-
-} // namespace android::fuzz
-
-// Fuzz existing C++ class, ClassType, with a collection of functions under the name Action.
-//
-// Prerequisite: ActionProto must be defined in Protobuf to describe possible actions:
-// message FooActionProto {
-// message NoArgs {}
-// oneof value {
-// bool do_foo = 1;
-// NoArgs do_bar = 1;
-// }
-// }
-// Use it to fuzz a C++ class Foo by doing the following:
-// FUZZ_CLASS(Foo, FooAction)
-// After linking functions of Foo to FooAction, execute all actions by:
-// FooAction::ExecuteAll(foo_object, action_protos)
-#define FUZZ_CLASS(Class, Action) \
- class Action { \
- public: \
- using Proto = Action##Proto; \
- using ClassType = Class; \
- using FunctionMap = android::fuzz::FunctionMap<Class>; \
- static FunctionMap* GetFunctionMap() { \
- static Action::FunctionMap map; \
- return ↦ \
- } \
- static void ExecuteAll(Class* module, \
- const google::protobuf::RepeatedPtrField<Proto>& action_protos) { \
- [[maybe_unused]] static int consistent = android::fuzz::CheckConsistency<Action>(); \
- android::fuzz::ExecuteAllActionProtos<Action>(module, action_protos); \
- } \
- }
-
-#define FUZZ_FUNCTION_CLASS_NAME(Action, FunctionName) Action##_##FunctionName
-#define FUZZ_FUNCTION_TAG_NAME(FunctionName) k##FunctionName
-
-// Implement an action defined in protobuf. Example:
-// message FooActionProto {
-// oneof value {
-// bool do_foo = 1;
-// }
-// }
-// class Foo { public: void DoAwesomeFoo(bool arg); };
-// FUZZ_OBJECT(FooAction, Foo);
-// FUZZ_FUNCTION(FooAction, DoFoo, void, IFoo* module, bool arg) {
-// module->DoAwesomeFoo(arg);
-// }
-// The name DoFoo is the camel case name of the action in protobuf definition of FooActionProto.
-#define FUZZ_FUNCTION(Action, FunctionName, Return, ModuleArg, ...) \
- class FUZZ_FUNCTION_CLASS_NAME(Action, FunctionName) { \
- public: \
- using ActionType = Action; \
- using ClassType = Action::ClassType; \
- using ReturnType = Return; \
- using Signature = void(__VA_ARGS__); \
- static constexpr const char name[] = #FunctionName; \
- static constexpr const auto tag = \
- Action::Proto::ValueCase::FUZZ_FUNCTION_TAG_NAME(FunctionName); \
- static ReturnType ImplBody(ModuleArg, ##__VA_ARGS__); \
- \
- private: \
- static bool registered_; \
- }; \
- auto FUZZ_FUNCTION_CLASS_NAME(Action, FunctionName)::registered_ = ([] { \
- auto tag = FUZZ_FUNCTION_CLASS_NAME(Action, FunctionName)::tag; \
- auto func = &::android::fuzz::ActionPerformer<FUZZ_FUNCTION_CLASS_NAME( \
- Action, FunctionName)>::Invoke; \
- Action::GetFunctionMap()->CheckEmplace(tag, func); \
- return true; \
- })(); \
- Return FUZZ_FUNCTION_CLASS_NAME(Action, FunctionName)::ImplBody(ModuleArg, ##__VA_ARGS__)
-
-// Implement a simple action by linking it to the function with the same name. Example:
-// message FooActionProto {
-// message NoArgs {}
-// oneof value {
-// NoArgs do_bar = 1;
-// }
-// }
-// class Foo { public void DoBar(); };
-// FUZZ_OBJECT(FooAction, Foo);
-// FUZZ_FUNCTION(FooAction, DoBar);
-// The name DoBar is the camel case name of the action in protobuf definition of FooActionProto, and
-// also the name of the function of Foo.
-#define FUZZ_SIMPLE_FUNCTION(Action, FunctionName) \
- FUZZ_FUNCTION(Action, FunctionName, \
- decltype(std::declval<Action::ClassType>().FunctionName()), \
- Action::ClassType* module) { \
- return module->FunctionName(); \
- }
diff --git a/fs_mgr/libsnapshot/snapshot.cpp b/fs_mgr/libsnapshot/snapshot.cpp
index f655522..64637c2 100644
--- a/fs_mgr/libsnapshot/snapshot.cpp
+++ b/fs_mgr/libsnapshot/snapshot.cpp
@@ -2901,6 +2901,20 @@
}
}
+std::ostream& operator<<(std::ostream& os, MergePhase phase) {
+ switch (phase) {
+ case MergePhase::NO_MERGE:
+ return os << "none";
+ case MergePhase::FIRST_PHASE:
+ return os << "first";
+ case MergePhase::SECOND_PHASE:
+ return os << "second";
+ default:
+ LOG(ERROR) << "Unknown merge phase: " << static_cast<uint32_t>(phase);
+ return os << "unknown(" << static_cast<uint32_t>(phase) << ")";
+ }
+}
+
UpdateState SnapshotManager::ReadUpdateState(LockedFile* lock) {
SnapshotUpdateStatus status = ReadSnapshotUpdateStatus(lock);
return status.state();
@@ -3761,7 +3775,7 @@
auto update_status = ReadSnapshotUpdateStatus(file.get());
- ss << "Update state: " << ReadUpdateState(file.get()) << std::endl;
+ ss << "Update state: " << update_status.state() << std::endl;
ss << "Using snapuserd: " << update_status.using_snapuserd() << std::endl;
ss << "Using userspace snapshots: " << update_status.userspace_snapshots() << std::endl;
ss << "Using io_uring: " << update_status.io_uring_enabled() << std::endl;
@@ -3776,6 +3790,17 @@
<< std::endl;
ss << "Source build fingerprint: " << update_status.source_build_fingerprint() << std::endl;
+ if (update_status.state() == UpdateState::Merging) {
+ ss << "Merge completion: ";
+ if (!EnsureSnapuserdConnected()) {
+ ss << "N/A";
+ } else {
+ ss << snapuserd_client_->GetMergePercent() << "%";
+ }
+ ss << std::endl;
+ ss << "Merge phase: " << update_status.merge_phase() << std::endl;
+ }
+
bool ok = true;
std::vector<std::string> snapshots;
if (!ListSnapshots(file.get(), &snapshots)) {
@@ -3798,6 +3823,7 @@
ss << " allocated sectors: " << status.sectors_allocated() << std::endl;
ss << " metadata sectors: " << status.metadata_sectors() << std::endl;
ss << " compression: " << status.compression_algorithm() << std::endl;
+ ss << " merge phase: " << DecideMergePhase(status) << std::endl;
}
os << ss.rdbuf();
return ok;
diff --git a/fs_mgr/libsnapshot/snapshot_fuzz.cpp b/fs_mgr/libsnapshot/snapshot_fuzz.cpp
deleted file mode 100644
index aced3ed..0000000
--- a/fs_mgr/libsnapshot/snapshot_fuzz.cpp
+++ /dev/null
@@ -1,352 +0,0 @@
-// Copyright (C) 2020 The Android Open Source Project
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-#include <stddef.h>
-#include <stdint.h>
-#include <sysexits.h>
-
-#include <functional>
-#include <sstream>
-#include <tuple>
-
-#include <android-base/logging.h>
-#include <android-base/properties.h>
-#include <android-base/result.h>
-#include <gtest/gtest.h>
-#include <src/libfuzzer/libfuzzer_macro.h>
-#include <storage_literals/storage_literals.h>
-
-#include "fuzz_utils.h"
-#include "snapshot_fuzz_utils.h"
-
-using android::base::Error;
-using android::base::GetBoolProperty;
-using android::base::LogId;
-using android::base::LogSeverity;
-using android::base::ReadFileToString;
-using android::base::Result;
-using android::base::SetLogger;
-using android::base::StderrLogger;
-using android::base::StdioLogger;
-using android::fs_mgr::CreateLogicalPartitionParams;
-using android::fuzz::CheckedCast;
-using android::snapshot::SnapshotFuzzData;
-using android::snapshot::SnapshotFuzzEnv;
-using chromeos_update_engine::DeltaArchiveManifest;
-using google::protobuf::FieldDescriptor;
-using google::protobuf::Message;
-using google::protobuf::RepeatedPtrField;
-
-// Avoid linking to libgsi since it needs disk I/O.
-namespace android::gsi {
-bool IsGsiRunning() {
- LOG(FATAL) << "Called IsGsiRunning";
- __builtin_unreachable();
-}
-std::string GetDsuSlot(const std::string& install_dir) {
- LOG(FATAL) << "Called GetDsuSlot(" << install_dir << ")";
- __builtin_unreachable();
-}
-} // namespace android::gsi
-
-namespace android::snapshot {
-
-const SnapshotFuzzData* current_data = nullptr;
-const SnapshotTestModule* current_module = nullptr;
-
-SnapshotFuzzEnv* GetSnapshotFuzzEnv();
-
-FUZZ_CLASS(ISnapshotManager, SnapshotManagerAction);
-
-using ProcessUpdateStateArgs = SnapshotManagerAction::Proto::ProcessUpdateStateArgs;
-using CreateLogicalAndSnapshotPartitionsArgs =
- SnapshotManagerAction::Proto::CreateLogicalAndSnapshotPartitionsArgs;
-using RecoveryCreateSnapshotDevicesArgs =
- SnapshotManagerAction::Proto::RecoveryCreateSnapshotDevicesArgs;
-
-FUZZ_SIMPLE_FUNCTION(SnapshotManagerAction, BeginUpdate);
-FUZZ_SIMPLE_FUNCTION(SnapshotManagerAction, CancelUpdate);
-FUZZ_SIMPLE_FUNCTION(SnapshotManagerAction, InitiateMerge);
-FUZZ_SIMPLE_FUNCTION(SnapshotManagerAction, NeedSnapshotsInFirstStageMount);
-FUZZ_SIMPLE_FUNCTION(SnapshotManagerAction, RecoveryCreateSnapshotDevices);
-FUZZ_SIMPLE_FUNCTION(SnapshotManagerAction, EnsureMetadataMounted);
-FUZZ_SIMPLE_FUNCTION(SnapshotManagerAction, GetSnapshotMergeStatsInstance);
-
-#define SNAPSHOT_FUZZ_FUNCTION(FunctionName, ReturnType, ...) \
- FUZZ_FUNCTION(SnapshotManagerAction, FunctionName, ReturnType, ISnapshotManager* snapshot, \
- ##__VA_ARGS__)
-
-SNAPSHOT_FUZZ_FUNCTION(FinishedSnapshotWrites, bool, bool wipe) {
- return snapshot->FinishedSnapshotWrites(wipe);
-}
-
-SNAPSHOT_FUZZ_FUNCTION(ProcessUpdateState, bool, const ProcessUpdateStateArgs& args) {
- std::function<bool()> before_cancel;
- if (args.has_before_cancel()) {
- before_cancel = [&]() { return args.fail_before_cancel(); };
- }
- return snapshot->ProcessUpdateState({}, before_cancel);
-}
-
-SNAPSHOT_FUZZ_FUNCTION(GetUpdateState, UpdateState, bool has_progress_arg) {
- double progress;
- return snapshot->GetUpdateState(has_progress_arg ? &progress : nullptr);
-}
-
-SNAPSHOT_FUZZ_FUNCTION(HandleImminentDataWipe, bool, bool has_callback) {
- std::function<void()> callback;
- if (has_callback) {
- callback = []() {};
- }
- return snapshot->HandleImminentDataWipe(callback);
-}
-
-SNAPSHOT_FUZZ_FUNCTION(Dump, bool) {
- std::stringstream ss;
- return snapshot->Dump(ss);
-}
-
-SNAPSHOT_FUZZ_FUNCTION(CreateUpdateSnapshots, bool, const DeltaArchiveManifest& manifest) {
- return snapshot->CreateUpdateSnapshots(manifest);
-}
-
-SNAPSHOT_FUZZ_FUNCTION(UnmapUpdateSnapshot, bool, const std::string& name) {
- return snapshot->UnmapUpdateSnapshot(name);
-}
-
-SNAPSHOT_FUZZ_FUNCTION(CreateLogicalAndSnapshotPartitions, bool,
- const CreateLogicalAndSnapshotPartitionsArgs& args) {
- const std::string* super;
- if (args.use_correct_super()) {
- super = &GetSnapshotFuzzEnv()->super();
- } else {
- super = &args.super();
- }
- return snapshot->CreateLogicalAndSnapshotPartitions(
- *super, std::chrono::milliseconds(args.timeout_millis()));
-}
-
-SNAPSHOT_FUZZ_FUNCTION(RecoveryCreateSnapshotDevicesWithMetadata, CreateResult,
- const RecoveryCreateSnapshotDevicesArgs& args) {
- std::unique_ptr<AutoDevice> device;
- if (args.has_metadata_device_object()) {
- device = std::make_unique<NoOpAutoDevice>(args.metadata_mounted());
- }
- return snapshot->RecoveryCreateSnapshotDevices(device);
-}
-
-SNAPSHOT_FUZZ_FUNCTION(MapUpdateSnapshot, bool,
- const CreateLogicalPartitionParamsProto& params_proto) {
- auto partition_opener = std::make_unique<TestPartitionOpener>(GetSnapshotFuzzEnv()->super());
- CreateLogicalPartitionParams params;
- if (params_proto.use_correct_super()) {
- params.block_device = GetSnapshotFuzzEnv()->super();
- } else {
- params.block_device = params_proto.block_device();
- }
- if (params_proto.has_metadata_slot()) {
- params.metadata_slot = params_proto.metadata_slot();
- }
- params.partition_name = params_proto.partition_name();
- params.force_writable = params_proto.force_writable();
- params.timeout_ms = std::chrono::milliseconds(params_proto.timeout_millis());
- params.device_name = params_proto.device_name();
- params.partition_opener = partition_opener.get();
- std::string path;
- return snapshot->MapUpdateSnapshot(params, &path);
-}
-
-SNAPSHOT_FUZZ_FUNCTION(SwitchSlot, void) {
- (void)snapshot;
- CHECK(current_module != nullptr);
- CHECK(current_module->device_info != nullptr);
- current_module->device_info->SwitchSlot();
-}
-
-// During global init, log all messages to stdio. This is only done once.
-int AllowLoggingDuringGlobalInit() {
- SetLogger(&StdioLogger);
- return 0;
-}
-
-// Only log fatal messages during tests.
-void FatalOnlyLogger(LogId logid, LogSeverity severity, const char* tag, const char* file,
- unsigned int line, const char* message) {
- if (severity == LogSeverity::FATAL) {
- StderrLogger(logid, severity, tag, file, line, message);
-
- // If test fails by a LOG(FATAL) or CHECK(), log the corpus. If it abort()'s, there's
- // nothing else we can do.
- StderrLogger(logid, severity, tag, __FILE__, __LINE__,
- "Attempting to dump current corpus:");
- if (current_data == nullptr) {
- StderrLogger(logid, severity, tag, __FILE__, __LINE__, "Current corpus is nullptr.");
- } else {
- std::string content;
- if (!google::protobuf::TextFormat::PrintToString(*current_data, &content)) {
- StderrLogger(logid, severity, tag, __FILE__, __LINE__,
- "Failed to print corpus to string.");
- } else {
- StderrLogger(logid, severity, tag, __FILE__, __LINE__, content.c_str());
- }
- }
- }
-}
-// Stop logging (except fatal messages) after global initialization. This is only done once.
-int StopLoggingAfterGlobalInit() {
- (void)GetSnapshotFuzzEnv();
- [[maybe_unused]] static protobuf_mutator::protobuf::LogSilencer log_silencer;
- SetLogger(&FatalOnlyLogger);
- return 0;
-}
-
-SnapshotFuzzEnv* GetSnapshotFuzzEnv() {
- [[maybe_unused]] static auto allow_logging = AllowLoggingDuringGlobalInit();
- static SnapshotFuzzEnv env;
- return &env;
-}
-
-SnapshotTestModule SetUpTest(const SnapshotFuzzData& snapshot_fuzz_data) {
- current_data = &snapshot_fuzz_data;
-
- auto env = GetSnapshotFuzzEnv();
- env->CheckSoftReset();
-
- auto test_module = env->CheckCreateSnapshotManager(snapshot_fuzz_data);
- current_module = &test_module;
- CHECK(test_module.snapshot);
- return test_module;
-}
-
-void TearDownTest() {
- current_module = nullptr;
- current_data = nullptr;
-}
-
-} // namespace android::snapshot
-
-DEFINE_PROTO_FUZZER(const SnapshotFuzzData& snapshot_fuzz_data) {
- using namespace android::snapshot;
-
- [[maybe_unused]] static auto stop_logging = StopLoggingAfterGlobalInit();
- auto test_module = SetUpTest(snapshot_fuzz_data);
- SnapshotManagerAction::ExecuteAll(test_module.snapshot.get(), snapshot_fuzz_data.actions());
- TearDownTest();
-}
-
-namespace android::snapshot {
-
-// Work-around to cast a 'void' value to Result<void>.
-template <typename T>
-struct GoodResult {
- template <typename F>
- static Result<T> Cast(F&& f) {
- return f();
- }
-};
-
-template <>
-struct GoodResult<void> {
- template <typename F>
- static Result<void> Cast(F&& f) {
- f();
- return {};
- }
-};
-
-class LibsnapshotFuzzerTest : public ::testing::Test {
- protected:
- static void SetUpTestCase() {
- // Do initialization once.
- (void)GetSnapshotFuzzEnv();
- }
- void SetUp() override {
- bool is_virtual_ab = GetBoolProperty("ro.virtual_ab.enabled", false);
- if (!is_virtual_ab) GTEST_SKIP() << "Test only runs on Virtual A/B devices.";
- }
- void SetUpFuzzData(const std::string& fn) {
- auto path = android::base::GetExecutableDirectory() + "/corpus/"s + fn;
- std::string proto_text;
- ASSERT_TRUE(ReadFileToString(path, &proto_text));
- snapshot_fuzz_data_ = std::make_unique<SnapshotFuzzData>();
- ASSERT_TRUE(google::protobuf::TextFormat::ParseFromString(proto_text,
- snapshot_fuzz_data_.get()));
- test_module_ = android::snapshot::SetUpTest(*snapshot_fuzz_data_);
- }
- void TearDown() override { android::snapshot::TearDownTest(); }
- template <typename FuzzFunction>
- Result<typename FuzzFunction::ReturnType> Execute(int action_index) {
- if (action_index >= snapshot_fuzz_data_->actions_size()) {
- return Error() << "Index " << action_index << " is out of bounds ("
- << snapshot_fuzz_data_->actions_size() << " actions in corpus";
- }
- const auto& action_proto = snapshot_fuzz_data_->actions(action_index);
- const auto* field_desc =
- android::fuzz::GetValueFieldDescriptor<typename FuzzFunction::ActionType>(
- action_proto);
- if (field_desc == nullptr) {
- return Error() << "Action at index " << action_index << " has no value defined.";
- }
- if (FuzzFunction::tag != field_desc->number()) {
- return Error() << "Action at index " << action_index << " is expected to be "
- << FuzzFunction::name << ", but it is " << field_desc->name()
- << " in corpus.";
- }
- return GoodResult<typename FuzzFunction::ReturnType>::Cast([&]() {
- return android::fuzz::ActionPerformer<FuzzFunction>::Invoke(test_module_.snapshot.get(),
- action_proto, field_desc);
- });
- }
-
- std::unique_ptr<SnapshotFuzzData> snapshot_fuzz_data_;
- SnapshotTestModule test_module_;
-};
-
-#define SNAPSHOT_FUZZ_FN_NAME(name) FUZZ_FUNCTION_CLASS_NAME(SnapshotManagerAction, name)
-
-MATCHER_P(ResultIs, expected, "") {
- if (!arg.ok()) {
- *result_listener << arg.error();
- return false;
- }
- *result_listener << "expected: " << expected;
- return arg.value() == expected;
-}
-
-#define ASSERT_RESULT_TRUE(actual) ASSERT_THAT(actual, ResultIs(true))
-
-// Check that launch_device.txt is executed correctly.
-TEST_F(LibsnapshotFuzzerTest, LaunchDevice) {
- SetUpFuzzData("launch_device.txt");
-
- int i = 0;
- ASSERT_RESULT_TRUE(Execute<SNAPSHOT_FUZZ_FN_NAME(BeginUpdate)>(i++));
- ASSERT_RESULT_TRUE(Execute<SNAPSHOT_FUZZ_FN_NAME(CreateUpdateSnapshots)>(i++));
- ASSERT_RESULT_TRUE(Execute<SNAPSHOT_FUZZ_FN_NAME(MapUpdateSnapshot)>(i++)) << "sys_b";
- ASSERT_RESULT_TRUE(Execute<SNAPSHOT_FUZZ_FN_NAME(MapUpdateSnapshot)>(i++)) << "vnd_b";
- ASSERT_RESULT_TRUE(Execute<SNAPSHOT_FUZZ_FN_NAME(MapUpdateSnapshot)>(i++)) << "prd_b";
- ASSERT_RESULT_TRUE(Execute<SNAPSHOT_FUZZ_FN_NAME(FinishedSnapshotWrites)>(i++));
- ASSERT_RESULT_TRUE(Execute<SNAPSHOT_FUZZ_FN_NAME(UnmapUpdateSnapshot)>(i++)) << "sys_b";
- ASSERT_RESULT_TRUE(Execute<SNAPSHOT_FUZZ_FN_NAME(UnmapUpdateSnapshot)>(i++)) << "vnd_b";
- ASSERT_RESULT_TRUE(Execute<SNAPSHOT_FUZZ_FN_NAME(UnmapUpdateSnapshot)>(i++)) << "prd_b";
- ASSERT_RESULT_OK(Execute<SNAPSHOT_FUZZ_FN_NAME(SwitchSlot)>(i++));
- ASSERT_EQ("_b", test_module_.device_info->GetSlotSuffix());
- ASSERT_RESULT_TRUE(Execute<SNAPSHOT_FUZZ_FN_NAME(NeedSnapshotsInFirstStageMount)>(i++));
- ASSERT_RESULT_TRUE(Execute<SNAPSHOT_FUZZ_FN_NAME(CreateLogicalAndSnapshotPartitions)>(i++));
- ASSERT_RESULT_TRUE(Execute<SNAPSHOT_FUZZ_FN_NAME(InitiateMerge)>(i++));
- ASSERT_RESULT_TRUE(Execute<SNAPSHOT_FUZZ_FN_NAME(ProcessUpdateState)>(i++));
- ASSERT_EQ(i, snapshot_fuzz_data_->actions_size()) << "Not all actions are executed.";
-}
-
-} // namespace android::snapshot
diff --git a/fs_mgr/libsnapshot/snapshot_fuzz_utils.cpp b/fs_mgr/libsnapshot/snapshot_fuzz_utils.cpp
deleted file mode 100644
index 54c6a00..0000000
--- a/fs_mgr/libsnapshot/snapshot_fuzz_utils.cpp
+++ /dev/null
@@ -1,513 +0,0 @@
-// Copyright (C) 2020 The Android Open Source Project
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-#include <ftw.h>
-#include <inttypes.h>
-#include <sys/mman.h>
-#include <sys/mount.h>
-#include <sys/stat.h>
-#include <sysexits.h>
-
-#include <chrono>
-#include <string>
-
-#include <android-base/file.h>
-#include <android-base/logging.h>
-#include <android-base/properties.h>
-#include <android-base/stringprintf.h>
-#include <android-base/strings.h>
-#include <fs_mgr.h>
-#include <libsnapshot/auto_device.h>
-#include <libsnapshot/snapshot.h>
-#include <storage_literals/storage_literals.h>
-
-#include "snapshot_fuzz_utils.h"
-#include "utility.h"
-
-// Prepends the errno string, but it is good enough.
-#ifndef PCHECK
-#define PCHECK(x) CHECK(x) << strerror(errno) << ": "
-#endif
-
-using namespace android::storage_literals;
-using namespace std::chrono_literals;
-using namespace std::string_literals;
-
-using android::base::Basename;
-using android::base::ReadFileToString;
-using android::base::SetProperty;
-using android::base::Split;
-using android::base::StartsWith;
-using android::base::StringPrintf;
-using android::base::unique_fd;
-using android::base::WriteStringToFile;
-using android::dm::DeviceMapper;
-using android::dm::DmTarget;
-using android::dm::LoopControl;
-using android::fiemap::IImageManager;
-using android::fiemap::ImageManager;
-using android::fs_mgr::BlockDeviceInfo;
-using android::fs_mgr::FstabEntry;
-using android::fs_mgr::IPartitionOpener;
-using chromeos_update_engine::DynamicPartitionMetadata;
-
-static const char MNT_DIR[] = "/mnt";
-static const char BLOCK_SYSFS[] = "/sys/block";
-
-static const char FAKE_ROOT_NAME[] = "snapshot_fuzz";
-static const auto SUPER_IMAGE_SIZE = 16_MiB;
-static const auto DATA_IMAGE_SIZE = 16_MiB;
-static const auto FAKE_ROOT_SIZE = 64_MiB;
-
-namespace android::snapshot {
-
-bool Mkdir(const std::string& path) {
- if (mkdir(path.c_str(), 0750) == -1 && errno != EEXIST) {
- PLOG(ERROR) << "Cannot create " << path;
- return false;
- }
- return true;
-}
-
-bool RmdirRecursive(const std::string& path) {
- auto callback = [](const char* child, const struct stat*, int file_type, struct FTW*) -> int {
- switch (file_type) {
- case FTW_D:
- case FTW_DP:
- case FTW_DNR:
- if (rmdir(child) == -1) {
- PLOG(ERROR) << "rmdir " << child;
- return -1;
- }
- return 0;
- case FTW_NS:
- default:
- if (rmdir(child) != -1) break;
- [[fallthrough]];
- case FTW_F:
- case FTW_SL:
- case FTW_SLN:
- if (unlink(child) == -1) {
- PLOG(ERROR) << "unlink " << child;
- return -1;
- }
- return 0;
- }
- return 0;
- };
-
- return nftw(path.c_str(), callback, 128, FTW_DEPTH | FTW_MOUNT | FTW_PHYS) == 0;
-}
-
-std::string GetLinearBaseDeviceString(const DeviceMapper::TargetInfo& target) {
- if (target.spec.target_type != "linear"s) return {};
- auto tokens = Split(target.data, " ");
- CHECK_EQ(2, tokens.size());
- return tokens[0];
-}
-
-std::vector<std::string> GetSnapshotBaseDeviceStrings(const DeviceMapper::TargetInfo& target) {
- if (target.spec.target_type != "snapshot"s && target.spec.target_type != "snapshot-merge"s)
- return {};
- auto tokens = Split(target.data, " ");
- CHECK_EQ(4, tokens.size());
- return {tokens[0], tokens[1]};
-}
-
-bool ShouldDeleteLoopDevice(const std::string& node) {
- std::string backing_file;
- if (ReadFileToString(StringPrintf("%s/loop/backing_file", node.data()), &backing_file)) {
- if (StartsWith(backing_file, std::string(MNT_DIR) + "/" + FAKE_ROOT_NAME)) {
- return true;
- }
- }
- return false;
-}
-
-std::vector<DeviceMapper::TargetInfo> GetTableInfoIfExists(const std::string& dev_name) {
- auto& dm = DeviceMapper::Instance();
- std::vector<DeviceMapper::TargetInfo> table;
- if (!dm.GetTableInfo(dev_name, &table)) {
- PCHECK(errno == ENODEV || errno == ENXIO);
- return {};
- }
- return table;
-}
-
-std::set<std::string> GetAllBaseDeviceStrings(const std::string& child_dev) {
- std::set<std::string> ret;
- for (const auto& child_target : GetTableInfoIfExists(child_dev)) {
- auto snapshot_bases = GetSnapshotBaseDeviceStrings(child_target);
- ret.insert(snapshot_bases.begin(), snapshot_bases.end());
-
- auto linear_base = GetLinearBaseDeviceString(child_target);
- if (!linear_base.empty()) {
- ret.insert(linear_base);
- }
- }
- return ret;
-}
-
-using PropertyList = std::set<std::string>;
-void InsertProperty(const char* key, const char* /*name*/, void* cookie) {
- reinterpret_cast<PropertyList*>(cookie)->insert(key);
-}
-
-// Attempt to delete all devices that is based on dev_name, including itself.
-void CheckDeleteDeviceMapperTree(const std::string& dev_name, bool known_allow_delete = false,
- uint64_t depth = 100) {
- CHECK(depth > 0) << "Reaching max depth when deleting " << dev_name
- << ". There may be devices referencing itself. Check `dmctl list devices -v`.";
-
- auto& dm = DeviceMapper::Instance();
- auto table = GetTableInfoIfExists(dev_name);
- if (table.empty()) {
- PCHECK(dm.DeleteDeviceIfExists(dev_name)) << dev_name;
- return;
- }
-
- if (!known_allow_delete) {
- for (const auto& target : table) {
- auto base_device_string = GetLinearBaseDeviceString(target);
- if (base_device_string.empty()) continue;
- if (ShouldDeleteLoopDevice(
- StringPrintf("/sys/dev/block/%s", base_device_string.data()))) {
- known_allow_delete = true;
- break;
- }
- }
- }
- if (!known_allow_delete) {
- return;
- }
-
- std::string dev_string;
- PCHECK(dm.GetDeviceString(dev_name, &dev_string));
-
- std::vector<DeviceMapper::DmBlockDevice> devices;
- PCHECK(dm.GetAvailableDevices(&devices));
- for (const auto& child_dev : devices) {
- auto child_bases = GetAllBaseDeviceStrings(child_dev.name());
- if (child_bases.find(dev_string) != child_bases.end()) {
- CheckDeleteDeviceMapperTree(child_dev.name(), true /* known_allow_delete */, depth - 1);
- }
- }
-
- PCHECK(dm.DeleteDeviceIfExists(dev_name)) << dev_name;
-}
-
-// Attempt to clean up residues from previous runs.
-void CheckCleanupDeviceMapperDevices() {
- auto& dm = DeviceMapper::Instance();
- std::vector<DeviceMapper::DmBlockDevice> devices;
- PCHECK(dm.GetAvailableDevices(&devices));
-
- for (const auto& dev : devices) {
- CheckDeleteDeviceMapperTree(dev.name());
- }
-}
-
-void CheckUmount(const std::string& path) {
- PCHECK(TEMP_FAILURE_RETRY(umount(path.data()) == 0) || errno == ENOENT || errno == EINVAL)
- << path;
-}
-
-void CheckDetachLoopDevices(const std::set<std::string>& exclude_names = {}) {
- // ~SnapshotFuzzEnv automatically does the following.
- std::unique_ptr<DIR, decltype(&closedir)> dir(opendir(BLOCK_SYSFS), closedir);
- PCHECK(dir != nullptr) << BLOCK_SYSFS;
- LoopControl loop_control;
- dirent* dp;
- while ((dp = readdir(dir.get())) != nullptr) {
- if (exclude_names.find(dp->d_name) != exclude_names.end()) {
- continue;
- }
- if (!ShouldDeleteLoopDevice(StringPrintf("%s/%s", BLOCK_SYSFS, dp->d_name).data())) {
- continue;
- }
- PCHECK(loop_control.Detach(StringPrintf("/dev/block/%s", dp->d_name).data()));
- }
-}
-
-void CheckUmountAll() {
- CheckUmount(std::string(MNT_DIR) + "/snapshot_fuzz_data");
- CheckUmount(std::string(MNT_DIR) + "/" + FAKE_ROOT_NAME);
-}
-
-class AutoDeleteDir : public AutoDevice {
- public:
- static std::unique_ptr<AutoDeleteDir> New(const std::string& path) {
- if (!Mkdir(path)) {
- return std::unique_ptr<AutoDeleteDir>(new AutoDeleteDir(""));
- }
- return std::unique_ptr<AutoDeleteDir>(new AutoDeleteDir(path));
- }
- ~AutoDeleteDir() {
- if (!HasDevice()) return;
- PCHECK(rmdir(name_.c_str()) == 0 || errno == ENOENT) << name_;
- }
-
- private:
- AutoDeleteDir(const std::string& path) : AutoDevice(path) {}
-};
-
-class AutoUnmount : public AutoDevice {
- public:
- ~AutoUnmount() {
- if (!HasDevice()) return;
- CheckUmount(name_);
- }
- AutoUnmount(const std::string& path) : AutoDevice(path) {}
-};
-
-class AutoUnmountTmpfs : public AutoUnmount {
- public:
- static std::unique_ptr<AutoUnmount> New(const std::string& path, uint64_t size) {
- if (mount("tmpfs", path.c_str(), "tmpfs", 0,
- (void*)StringPrintf("size=%" PRIu64, size).data()) == -1) {
- PLOG(ERROR) << "Cannot mount " << path;
- return std::unique_ptr<AutoUnmount>(new AutoUnmount(""));
- }
- return std::unique_ptr<AutoUnmount>(new AutoUnmount(path));
- }
- private:
- using AutoUnmount::AutoUnmount;
-};
-
-// A directory on tmpfs. Upon destruct, it is unmounted and deleted.
-class AutoMemBasedDir : public AutoDevice {
- public:
- static std::unique_ptr<AutoMemBasedDir> New(const std::string& name, uint64_t size) {
- auto ret = std::unique_ptr<AutoMemBasedDir>(new AutoMemBasedDir(name));
- ret->auto_delete_mount_dir_ = AutoDeleteDir::New(ret->mount_path());
- if (!ret->auto_delete_mount_dir_->HasDevice()) {
- return std::unique_ptr<AutoMemBasedDir>(new AutoMemBasedDir(""));
- }
- ret->auto_umount_mount_point_ = AutoUnmountTmpfs::New(ret->mount_path(), size);
- if (!ret->auto_umount_mount_point_->HasDevice()) {
- return std::unique_ptr<AutoMemBasedDir>(new AutoMemBasedDir(""));
- }
- // tmp_path() and persist_path does not need to be deleted upon destruction, hence it is
- // not wrapped with AutoDeleteDir.
- if (!Mkdir(ret->tmp_path())) {
- return std::unique_ptr<AutoMemBasedDir>(new AutoMemBasedDir(""));
- }
- if (!Mkdir(ret->persist_path())) {
- return std::unique_ptr<AutoMemBasedDir>(new AutoMemBasedDir(""));
- }
- return ret;
- }
- // Return the temporary scratch directory.
- std::string tmp_path() const {
- CHECK(HasDevice());
- return mount_path() + "/tmp";
- }
- // Return the temporary scratch directory.
- std::string persist_path() const {
- CHECK(HasDevice());
- return mount_path() + "/persist";
- }
- // Delete all contents in tmp_path() and start over. tmp_path() itself is re-created.
- void CheckSoftReset() {
- PCHECK(RmdirRecursive(tmp_path()));
- PCHECK(Mkdir(tmp_path()));
- }
-
- private:
- AutoMemBasedDir(const std::string& name) : AutoDevice(name) {}
- std::string mount_path() const {
- CHECK(HasDevice());
- return MNT_DIR + "/"s + name_;
- }
- std::unique_ptr<AutoDeleteDir> auto_delete_mount_dir_;
- std::unique_ptr<AutoUnmount> auto_umount_mount_point_;
-};
-
-SnapshotFuzzEnv::SnapshotFuzzEnv() {
- CheckCleanupDeviceMapperDevices();
- CheckDetachLoopDevices();
- CheckUmountAll();
-
- fake_root_ = AutoMemBasedDir::New(FAKE_ROOT_NAME, FAKE_ROOT_SIZE);
- CHECK(fake_root_ != nullptr);
- CHECK(fake_root_->HasDevice());
- loop_control_ = std::make_unique<LoopControl>();
-
- fake_data_mount_point_ = MNT_DIR + "/snapshot_fuzz_data"s;
- auto_delete_data_mount_point_ = AutoDeleteDir::New(fake_data_mount_point_);
- CHECK(auto_delete_data_mount_point_ != nullptr);
- CHECK(auto_delete_data_mount_point_->HasDevice());
-
- const auto& fake_persist_path = fake_root_->persist_path();
- mapped_super_ = CheckMapImage(fake_persist_path + "/super.img", SUPER_IMAGE_SIZE,
- loop_control_.get(), &fake_super_);
- mapped_data_ = CheckMapImage(fake_persist_path + "/data.img", DATA_IMAGE_SIZE,
- loop_control_.get(), &fake_data_block_device_);
- mounted_data_ = CheckMountFormatData(fake_data_block_device_, fake_data_mount_point_);
-}
-
-SnapshotFuzzEnv::~SnapshotFuzzEnv() {
- CheckCleanupDeviceMapperDevices();
- mounted_data_ = nullptr;
- auto_delete_data_mount_point_ = nullptr;
- mapped_data_ = nullptr;
- mapped_super_ = nullptr;
- CheckDetachLoopDevices();
- loop_control_ = nullptr;
- fake_root_ = nullptr;
- CheckUmountAll();
-}
-
-void CheckZeroFill(const std::string& file, size_t size) {
- std::string zeros(size, '\0');
- PCHECK(WriteStringToFile(zeros, file)) << "Cannot write zeros to " << file;
-}
-
-void SnapshotFuzzEnv::CheckSoftReset() {
- fake_root_->CheckSoftReset();
- CheckZeroFill(super(), SUPER_IMAGE_SIZE);
- CheckCleanupDeviceMapperDevices();
- CheckDetachLoopDevices({Basename(fake_super_), Basename(fake_data_block_device_)});
-}
-
-std::unique_ptr<IImageManager> SnapshotFuzzEnv::CheckCreateFakeImageManager() {
- auto metadata_dir = fake_root_->tmp_path() + "/images_manager_metadata";
- auto data_dir = fake_data_mount_point_ + "/image_manager_data";
- PCHECK(Mkdir(metadata_dir));
- PCHECK(Mkdir(data_dir));
- return SnapshotFuzzImageManager::Open(metadata_dir, data_dir);
-}
-
-// Helper to create a loop device for a file.
-static void CheckCreateLoopDevice(LoopControl* control, const std::string& file,
- const std::chrono::milliseconds& timeout_ms, std::string* path) {
- static constexpr int kOpenFlags = O_RDWR | O_NOFOLLOW | O_CLOEXEC;
- android::base::unique_fd file_fd(open(file.c_str(), kOpenFlags));
- PCHECK(file_fd >= 0) << "Could not open file: " << file;
- CHECK(control->Attach(file_fd, timeout_ms, path))
- << "Could not create loop device for: " << file;
-}
-
-class AutoDetachLoopDevice : public AutoDevice {
- public:
- AutoDetachLoopDevice(LoopControl* control, const std::string& device)
- : AutoDevice(device), control_(control) {}
- ~AutoDetachLoopDevice() { PCHECK(control_->Detach(name_)) << name_; }
-
- private:
- LoopControl* control_;
-};
-
-std::unique_ptr<AutoDevice> SnapshotFuzzEnv::CheckMapImage(const std::string& img_path,
- uint64_t size, LoopControl* control,
- std::string* mapped_path) {
- CheckZeroFill(img_path, size);
- CheckCreateLoopDevice(control, img_path, 1s, mapped_path);
-
- return std::make_unique<AutoDetachLoopDevice>(control, *mapped_path);
-}
-
-SnapshotTestModule SnapshotFuzzEnv::CheckCreateSnapshotManager(const SnapshotFuzzData& data) {
- SnapshotTestModule ret;
- auto partition_opener = std::make_unique<TestPartitionOpener>(super());
- ret.opener = partition_opener.get();
- CheckWriteSuperMetadata(data, *partition_opener);
- auto metadata_dir = fake_root_->tmp_path() + "/snapshot_metadata";
- PCHECK(Mkdir(metadata_dir));
- if (data.has_metadata_snapshots_dir()) {
- PCHECK(Mkdir(metadata_dir + "/snapshots"));
- }
-
- ret.device_info = new SnapshotFuzzDeviceInfo(this, data.device_info_data(),
- std::move(partition_opener), metadata_dir);
- auto snapshot = SnapshotManager::New(ret.device_info /* takes ownership */);
- ret.snapshot = std::move(snapshot);
-
- return ret;
-}
-
-const std::string& SnapshotFuzzEnv::super() const {
- return fake_super_;
-}
-
-void SnapshotFuzzEnv::CheckWriteSuperMetadata(const SnapshotFuzzData& data,
- const IPartitionOpener& opener) {
- if (!data.is_super_metadata_valid()) {
- // Leave it zero.
- return;
- }
-
- BlockDeviceInfo super_device("super", SUPER_IMAGE_SIZE, 0, 0, 4096);
- std::vector<BlockDeviceInfo> devices = {super_device};
- auto builder = MetadataBuilder::New(devices, "super", 65536, 2);
- CHECK(builder != nullptr);
-
- // Attempt to create a super partition metadata using proto. All errors are ignored.
- for (const auto& group_proto : data.super_data().dynamic_partition_metadata().groups()) {
- (void)builder->AddGroup(group_proto.name(), group_proto.size());
- for (const auto& partition_name : group_proto.partition_names()) {
- (void)builder->AddPartition(partition_name, group_proto.name(),
- LP_PARTITION_ATTR_READONLY);
- }
- }
-
- for (const auto& partition_proto : data.super_data().partitions()) {
- auto p = builder->FindPartition(partition_proto.partition_name());
- if (p == nullptr) continue;
- (void)builder->ResizePartition(p, partition_proto.new_partition_info().size());
- }
-
- auto metadata = builder->Export();
- // metadata may be nullptr if it is not valid (e.g. partition name too long).
- // In this case, just use empty super partition data.
- if (metadata == nullptr) {
- builder = MetadataBuilder::New(devices, "super", 65536, 2);
- CHECK(builder != nullptr);
- metadata = builder->Export();
- CHECK(metadata != nullptr);
- }
- CHECK(FlashPartitionTable(opener, super(), *metadata.get()));
-}
-
-std::unique_ptr<AutoDevice> SnapshotFuzzEnv::CheckMountFormatData(const std::string& blk_device,
- const std::string& mount_point) {
- FstabEntry entry{
- .blk_device = blk_device,
- .length = static_cast<off64_t>(DATA_IMAGE_SIZE),
- .fs_type = "ext4",
- .mount_point = mount_point,
- };
- CHECK(0 == fs_mgr_do_format(entry));
- CHECK(0 == fs_mgr_do_mount_one(entry));
- return std::make_unique<AutoUnmount>(mount_point);
-}
-
-SnapshotFuzzImageManager::~SnapshotFuzzImageManager() {
- // Remove relevant gsid.mapped_images.* props.
- for (const auto& name : mapped_) {
- CHECK(UnmapImageIfExists(name)) << "Cannot unmap " << name;
- }
-}
-
-bool SnapshotFuzzImageManager::MapImageDevice(const std::string& name,
- const std::chrono::milliseconds& timeout_ms,
- std::string* path) {
- if (impl_->MapImageDevice(name, timeout_ms, path)) {
- mapped_.insert(name);
- return true;
- }
- return false;
-}
-
-} // namespace android::snapshot
diff --git a/fs_mgr/libsnapshot/snapshot_fuzz_utils.h b/fs_mgr/libsnapshot/snapshot_fuzz_utils.h
deleted file mode 100644
index eb8246a..0000000
--- a/fs_mgr/libsnapshot/snapshot_fuzz_utils.h
+++ /dev/null
@@ -1,214 +0,0 @@
-// Copyright (C) 2020 The Android Open Source Project
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-#include <memory>
-#include <set>
-#include <string>
-
-#include <android-base/file.h>
-#include <android-base/stringprintf.h>
-#include <android/snapshot/snapshot_fuzz.pb.h>
-#include <libdm/loop_control.h>
-#include <libfiemap/image_manager.h>
-#include <liblp/liblp.h>
-#include <libsnapshot/auto_device.h>
-#include <libsnapshot/test_helpers.h>
-
-// libsnapshot-specific code for fuzzing. Defines fake classes that are depended
-// by SnapshotManager.
-
-#include "android/snapshot/snapshot_fuzz.pb.h"
-#include "libsnapshot/snapshot.h"
-
-namespace android::snapshot {
-
-class AutoMemBasedDir;
-class SnapshotFuzzDeviceInfo;
-
-class NoOpAutoDevice : public AutoDevice {
- public:
- NoOpAutoDevice(bool mounted) : AutoDevice(mounted ? "no_op" : "") {}
-};
-
-struct SnapshotTestModule {
- std::unique_ptr<ISnapshotManager> snapshot;
- SnapshotFuzzDeviceInfo* device_info = nullptr;
- TestPartitionOpener* opener = nullptr;
-};
-
-// Prepare test environment. This has a heavy overhead and should be done once.
-class SnapshotFuzzEnv {
- public:
- // Check if test should run at all.
- static bool ShouldSkipTest();
-
- // Initialize the environment.
- SnapshotFuzzEnv();
- ~SnapshotFuzzEnv();
-
- // Soft reset part of the environment before running the next test.
- // Abort if fails.
- void CheckSoftReset();
-
- // Create a snapshot manager for this test run.
- // Client is responsible for maintaining the lifetime of |data| over the life time of
- // ISnapshotManager.
- SnapshotTestModule CheckCreateSnapshotManager(const SnapshotFuzzData& data);
-
- std::unique_ptr<android::fiemap::IImageManager> CheckCreateFakeImageManager();
-
- // Return path to super partition.
- const std::string& super() const;
-
- private:
- std::unique_ptr<AutoMemBasedDir> fake_root_;
- std::unique_ptr<android::dm::LoopControl> loop_control_;
- std::string fake_data_mount_point_;
- std::unique_ptr<AutoDevice> auto_delete_data_mount_point_;
- std::unique_ptr<AutoDevice> mapped_super_;
- std::string fake_super_;
- std::unique_ptr<AutoDevice> mapped_data_;
- std::string fake_data_block_device_;
- std::unique_ptr<AutoDevice> mounted_data_;
-
- static std::unique_ptr<AutoDevice> CheckMapImage(const std::string& fake_persist_path,
- uint64_t size,
- android::dm::LoopControl* control,
- std::string* mapped_path);
- static std::unique_ptr<AutoDevice> CheckMountFormatData(const std::string& blk_device,
- const std::string& mount_point);
-
- void CheckWriteSuperMetadata(const SnapshotFuzzData& proto,
- const android::fs_mgr::IPartitionOpener& opener);
-};
-
-class SnapshotFuzzDeviceInfo : public ISnapshotManager::IDeviceInfo {
- public:
- using MergeStatus = ISnapshotManager::IDeviceInfo::MergeStatus;
- // Client is responsible for maintaining the lifetime of |data|.
- SnapshotFuzzDeviceInfo(SnapshotFuzzEnv* env, const FuzzDeviceInfoData& data,
- std::unique_ptr<TestPartitionOpener>&& partition_opener,
- const std::string& metadata_dir)
- : env_(env),
- data_(&data),
- partition_opener_(std::move(partition_opener)),
- metadata_dir_(metadata_dir),
- dm_(android::dm::DeviceMapper::Instance()) {}
-
- // Following APIs are mocked.
- std::string GetMetadataDir() const override { return metadata_dir_; }
- std::string GetSuperDevice(uint32_t) const override {
- // TestPartitionOpener can recognize this.
- return "super";
- }
- const android::fs_mgr::IPartitionOpener& GetPartitionOpener() const override {
- return *partition_opener_;
- }
-
- // Following APIs are fuzzed.
- std::string GetSlotSuffix() const override { return CurrentSlotIsA() ? "_a" : "_b"; }
- std::string GetOtherSlotSuffix() const override { return CurrentSlotIsA() ? "_b" : "_a"; }
- bool IsOverlayfsSetup() const override { return data_->is_overlayfs_setup(); }
- bool SetBootControlMergeStatus(MergeStatus) override {
- return data_->allow_set_boot_control_merge_status();
- }
- bool SetSlotAsUnbootable(unsigned int) override {
- return data_->allow_set_slot_as_unbootable();
- }
- bool IsRecovery() const override { return data_->is_recovery(); }
- bool IsFirstStageInit() const override { return false; }
- android::dm::IDeviceMapper& GetDeviceMapper() override { return dm_; }
- std::unique_ptr<IImageManager> OpenImageManager() const {
- return env_->CheckCreateFakeImageManager();
- }
-
- void SwitchSlot() { switched_slot_ = !switched_slot_; }
-
- private:
- SnapshotFuzzEnv* env_;
- const FuzzDeviceInfoData* data_;
- std::unique_ptr<TestPartitionOpener> partition_opener_;
- std::string metadata_dir_;
- bool switched_slot_ = false;
- android::dm::DeviceMapper& dm_;
-
- bool CurrentSlotIsA() const { return data_->slot_suffix_is_a() != switched_slot_; }
-};
-
-// A spy class on ImageManager implementation. Upon destruction, unmaps all images
-// map through this object.
-class SnapshotFuzzImageManager : public android::fiemap::IImageManager {
- public:
- static std::unique_ptr<SnapshotFuzzImageManager> Open(const std::string& metadata_dir,
- const std::string& data_dir) {
- auto impl = android::fiemap::ImageManager::Open(metadata_dir, data_dir);
- if (impl == nullptr) return nullptr;
- return std::unique_ptr<SnapshotFuzzImageManager>(
- new SnapshotFuzzImageManager(std::move(impl)));
- }
-
- ~SnapshotFuzzImageManager();
-
- // Spied APIs.
- bool MapImageDevice(const std::string& name, const std::chrono::milliseconds& timeout_ms,
- std::string* path) override;
-
- // Other functions call through.
- android::fiemap::FiemapStatus CreateBackingImage(
- const std::string& name, uint64_t size, int flags,
- std::function<bool(uint64_t, uint64_t)>&& on_progress) override {
- return impl_->CreateBackingImage(name, size, flags, std::move(on_progress));
- }
- bool DeleteBackingImage(const std::string& name) override {
- return impl_->DeleteBackingImage(name);
- }
- bool UnmapImageDevice(const std::string& name) override {
- return impl_->UnmapImageDevice(name);
- }
- bool BackingImageExists(const std::string& name) override {
- return impl_->BackingImageExists(name);
- }
- bool IsImageMapped(const std::string& name) override { return impl_->IsImageMapped(name); }
- bool MapImageWithDeviceMapper(const IPartitionOpener& opener, const std::string& name,
- std::string* dev) override {
- return impl_->MapImageWithDeviceMapper(opener, name, dev);
- }
- bool GetMappedImageDevice(const std::string& name, std::string* device) override {
- return impl_->GetMappedImageDevice(name, device);
- }
- bool MapAllImages(const std::function<bool(std::set<std::string>)>& init) override {
- return impl_->MapAllImages(init);
- }
- bool DisableImage(const std::string& name) override { return impl_->DisableImage(name); }
- bool RemoveDisabledImages() override { return impl_->RemoveDisabledImages(); }
- std::vector<std::string> GetAllBackingImages() override { return impl_->GetAllBackingImages(); }
- android::fiemap::FiemapStatus ZeroFillNewImage(const std::string& name,
- uint64_t bytes) override {
- return impl_->ZeroFillNewImage(name, bytes);
- }
- bool RemoveAllImages() override { return impl_->RemoveAllImages(); }
- bool UnmapImageIfExists(const std::string& name) override {
- return impl_->UnmapImageIfExists(name);
- }
- bool IsImageDisabled(const std::string& name) override { return impl_->IsImageDisabled(name); }
-
- private:
- std::unique_ptr<android::fiemap::IImageManager> impl_;
- std::set<std::string> mapped_;
-
- SnapshotFuzzImageManager(std::unique_ptr<android::fiemap::IImageManager>&& impl)
- : impl_(std::move(impl)) {}
-};
-
-} // namespace android::snapshot
diff --git a/fs_mgr/libsnapshot/snapuserd/Android.bp b/fs_mgr/libsnapshot/snapuserd/Android.bp
index a67e37c..9261482 100644
--- a/fs_mgr/libsnapshot/snapuserd/Android.bp
+++ b/fs_mgr/libsnapshot/snapuserd/Android.bp
@@ -25,8 +25,6 @@
],
cflags: [
"-D_FILE_OFFSET_BITS=64",
- "-Wall",
- "-Werror",
],
export_include_dirs: ["include"],
srcs: [
@@ -54,6 +52,39 @@
vendor_ramdisk_available: true,
}
+cc_library_static {
+ name: "libsnapuserd",
+ defaults: [
+ "fs_mgr_defaults",
+ ],
+ srcs: [
+ "dm-snapshot-merge/snapuserd.cpp",
+ "dm-snapshot-merge/snapuserd_worker.cpp",
+ "dm-snapshot-merge/snapuserd_readahead.cpp",
+ "snapuserd_buffer.cpp",
+ "user-space-merge/snapuserd_core.cpp",
+ "user-space-merge/snapuserd_dm_user.cpp",
+ "user-space-merge/snapuserd_merge.cpp",
+ "user-space-merge/snapuserd_readahead.cpp",
+ "user-space-merge/snapuserd_transitions.cpp",
+ "user-space-merge/snapuserd_verify.cpp",
+ ],
+ static_libs: [
+ "libbase",
+ "libdm",
+ "libext4_utils",
+ "libsnapshot_cow",
+ "liburing",
+ ],
+ include_dirs: ["bionic/libc/kernel"],
+ header_libs: [
+ "libstorage_literals_headers",
+ ],
+ ramdisk_available: true,
+ vendor_ramdisk_available: true,
+ recovery_available: true,
+}
+
cc_defaults {
name: "snapuserd_defaults",
defaults: [
@@ -61,23 +92,8 @@
],
srcs: [
"dm-snapshot-merge/snapuserd_server.cpp",
- "dm-snapshot-merge/snapuserd.cpp",
- "dm-snapshot-merge/snapuserd_worker.cpp",
- "dm-snapshot-merge/snapuserd_readahead.cpp",
"snapuserd_daemon.cpp",
- "snapuserd_buffer.cpp",
- "user-space-merge/snapuserd_core.cpp",
- "user-space-merge/snapuserd_dm_user.cpp",
- "user-space-merge/snapuserd_merge.cpp",
- "user-space-merge/snapuserd_readahead.cpp",
- "user-space-merge/snapuserd_transitions.cpp",
"user-space-merge/snapuserd_server.cpp",
- "user-space-merge/snapuserd_verify.cpp",
- ],
-
- cflags: [
- "-Wall",
- "-Werror",
],
static_libs: [
@@ -90,6 +106,7 @@
"liblog",
"libsnapshot_cow",
"libsnapshot_snapuserd",
+ "libsnapuserd",
"libz",
"liblz4",
"libext4_utils",
@@ -125,7 +142,6 @@
],
ramdisk_available: false,
vendor_ramdisk_available: true,
- recovery_available: true,
}
// This target will install to /system/bin/snapuserd_ramdisk
@@ -158,10 +174,6 @@
"dm-snapshot-merge/snapuserd_worker.cpp",
"snapuserd_buffer.cpp",
],
- cflags: [
- "-Wall",
- "-Werror",
- ],
shared_libs: [
"libbase",
"liblog",
@@ -197,10 +209,6 @@
srcs: [
"user-space-merge/snapuserd_test.cpp",
],
- cflags: [
- "-Wall",
- "-Werror",
- ],
shared_libs: [
"libbase",
"liblog",
diff --git a/fs_mgr/libsnapshot/snapuserd/user-space-merge/snapuserd_core.cpp b/fs_mgr/libsnapshot/snapuserd/user-space-merge/snapuserd_core.cpp
index 492c43f..2c201ff 100644
--- a/fs_mgr/libsnapshot/snapuserd/user-space-merge/snapuserd_core.cpp
+++ b/fs_mgr/libsnapshot/snapuserd/user-space-merge/snapuserd_core.cpp
@@ -31,30 +31,21 @@
using android::base::unique_fd;
SnapshotHandler::SnapshotHandler(std::string misc_name, std::string cow_device,
- std::string backing_device, std::string base_path_merge) {
+ std::string backing_device, std::string base_path_merge,
+ int num_worker_threads, bool use_iouring,
+ bool perform_verification) {
misc_name_ = std::move(misc_name);
cow_device_ = std::move(cow_device);
backing_store_device_ = std::move(backing_device);
control_device_ = "/dev/dm-user/" + misc_name_;
base_path_merge_ = std::move(base_path_merge);
+ num_worker_threads_ = num_worker_threads;
+ is_io_uring_enabled_ = use_iouring;
+ perform_verification_ = perform_verification;
}
bool SnapshotHandler::InitializeWorkers() {
- int num_worker_threads = kNumWorkerThreads;
-
- // We will need multiple worker threads only during
- // device boot after OTA. For all other purposes,
- // one thread is sufficient. We don't want to consume
- // unnecessary memory especially during OTA install phase
- // when daemon will be up during entire post install phase.
- //
- // During boot up, we need multiple threads primarily for
- // update-verification.
- if (is_socket_present_) {
- num_worker_threads = 1;
- }
-
- for (int i = 0; i < num_worker_threads; i++) {
+ for (int i = 0; i < num_worker_threads_; i++) {
std::unique_ptr<Worker> wt =
std::make_unique<Worker>(cow_device_, backing_store_device_, control_device_,
misc_name_, base_path_merge_, GetSharedPtr());
@@ -331,19 +322,11 @@
std::async(std::launch::async, &Worker::RunThread, worker_threads_[i].get()));
}
- bool partition_verification = true;
-
- // We don't want to read the blocks during first stage init or
- // during post-install phase.
- if (android::base::EndsWith(misc_name_, "-init") || is_socket_present_) {
- partition_verification = false;
- }
-
std::future<bool> merge_thread =
std::async(std::launch::async, &Worker::RunMergeThread, merge_thread_.get());
// Now that the worker threads are up, scan the partitions.
- if (partition_verification) {
+ if (perform_verification_) {
update_verify_->VerifyUpdatePartition();
}
diff --git a/fs_mgr/libsnapshot/snapuserd/user-space-merge/snapuserd_core.h b/fs_mgr/libsnapshot/snapuserd/user-space-merge/snapuserd_core.h
index 42237ef..777aa07 100644
--- a/fs_mgr/libsnapshot/snapuserd/user-space-merge/snapuserd_core.h
+++ b/fs_mgr/libsnapshot/snapuserd/user-space-merge/snapuserd_core.h
@@ -301,7 +301,8 @@
class SnapshotHandler : public std::enable_shared_from_this<SnapshotHandler> {
public:
SnapshotHandler(std::string misc_name, std::string cow_device, std::string backing_device,
- std::string base_path_merge);
+ std::string base_path_merge, int num_workers, bool use_iouring,
+ bool perform_verification);
bool InitCowDevice();
bool Start();
@@ -369,8 +370,6 @@
// Total number of blocks to be merged in a given read-ahead buffer region
void SetMergedBlockCountForNextCommit(int x) { total_ra_blocks_merged_ = x; }
int GetTotalBlocksToMerge() { return total_ra_blocks_merged_; }
- void SetSocketPresent(bool socket) { is_socket_present_ = socket; }
- void SetIouringEnabled(bool io_uring_enabled) { is_io_uring_enabled_ = io_uring_enabled; }
bool MergeInitiated() { return merge_initiated_; }
bool MergeMonitored() { return merge_monitored_; }
double GetMergePercentage() { return merge_completion_percentage_; }
@@ -441,9 +440,10 @@
bool merge_initiated_ = false;
bool merge_monitored_ = false;
bool attached_ = false;
- bool is_socket_present_;
bool is_io_uring_enabled_ = false;
bool scratch_space_ = false;
+ int num_worker_threads_ = kNumWorkerThreads;
+ bool perform_verification_ = true;
std::unique_ptr<struct io_uring> ring_;
std::unique_ptr<UpdateVerify> update_verify_;
diff --git a/fs_mgr/libsnapshot/snapuserd/user-space-merge/snapuserd_server.cpp b/fs_mgr/libsnapshot/snapuserd/user-space-merge/snapuserd_server.cpp
index d437d32..b7ce210 100644
--- a/fs_mgr/libsnapshot/snapuserd/user-space-merge/snapuserd_server.cpp
+++ b/fs_mgr/libsnapshot/snapuserd/user-space-merge/snapuserd_server.cpp
@@ -29,6 +29,7 @@
#include <android-base/logging.h>
#include <android-base/properties.h>
#include <android-base/scopeguard.h>
+#include <android-base/strings.h>
#include <fs_mgr/file_wait.h>
#include <snapuserd/snapuserd_client.h>
#include "snapuserd_server.h"
@@ -101,7 +102,7 @@
JoinAllThreads();
}
-UserSnapshotDmUserHandler::UserSnapshotDmUserHandler(std::shared_ptr<SnapshotHandler> snapuserd)
+HandlerThread::HandlerThread(std::shared_ptr<SnapshotHandler> snapuserd)
: snapuserd_(snapuserd), misc_name_(snapuserd_->GetMiscName()) {}
bool UserSnapshotServer::Sendmsg(android::base::borrowed_fd fd, const std::string& msg) {
@@ -307,7 +308,7 @@
}
}
-void UserSnapshotServer::RunThread(std::shared_ptr<UserSnapshotDmUserHandler> handler) {
+void UserSnapshotServer::RunThread(std::shared_ptr<HandlerThread> handler) {
LOG(INFO) << "Entering thread for handler: " << handler->misc_name();
if (!handler->snapuserd()->Start()) {
@@ -428,7 +429,7 @@
void UserSnapshotServer::JoinAllThreads() {
// Acquire the thread list within the lock.
- std::vector<std::shared_ptr<UserSnapshotDmUserHandler>> dm_users;
+ std::vector<std::shared_ptr<HandlerThread>> dm_users;
{
std::lock_guard<std::mutex> guard(lock_);
dm_users = std::move(dm_users_);
@@ -483,25 +484,42 @@
SetTerminating();
}
-std::shared_ptr<UserSnapshotDmUserHandler> UserSnapshotServer::AddHandler(
- const std::string& misc_name, const std::string& cow_device_path,
- const std::string& backing_device, const std::string& base_path_merge) {
+std::shared_ptr<HandlerThread> UserSnapshotServer::AddHandler(const std::string& misc_name,
+ const std::string& cow_device_path,
+ const std::string& backing_device,
+ const std::string& base_path_merge) {
+ // We will need multiple worker threads only during
+ // device boot after OTA. For all other purposes,
+ // one thread is sufficient. We don't want to consume
+ // unnecessary memory especially during OTA install phase
+ // when daemon will be up during entire post install phase.
+ //
+ // During boot up, we need multiple threads primarily for
+ // update-verification.
+ int num_worker_threads = kNumWorkerThreads;
+ if (is_socket_present_) {
+ num_worker_threads = 1;
+ }
+
+ bool perform_verification = true;
+ if (android::base::EndsWith(misc_name, "-init") || is_socket_present_) {
+ perform_verification = false;
+ }
+
auto snapuserd = std::make_shared<SnapshotHandler>(misc_name, cow_device_path, backing_device,
- base_path_merge);
+ base_path_merge, num_worker_threads,
+ io_uring_enabled_, perform_verification);
if (!snapuserd->InitCowDevice()) {
LOG(ERROR) << "Failed to initialize Snapuserd";
return nullptr;
}
- snapuserd->SetSocketPresent(is_socket_present_);
- snapuserd->SetIouringEnabled(io_uring_enabled_);
-
if (!snapuserd->InitializeWorkers()) {
LOG(ERROR) << "Failed to initialize workers";
return nullptr;
}
- auto handler = std::make_shared<UserSnapshotDmUserHandler>(snapuserd);
+ auto handler = std::make_shared<HandlerThread>(snapuserd);
{
std::lock_guard<std::mutex> lock(lock_);
if (FindHandler(&lock, misc_name) != dm_users_.end()) {
@@ -513,7 +531,7 @@
return handler;
}
-bool UserSnapshotServer::StartHandler(const std::shared_ptr<UserSnapshotDmUserHandler>& handler) {
+bool UserSnapshotServer::StartHandler(const std::shared_ptr<HandlerThread>& handler) {
if (handler->snapuserd()->IsAttached()) {
LOG(ERROR) << "Handler already attached";
return false;
@@ -526,7 +544,7 @@
}
bool UserSnapshotServer::StartMerge(std::lock_guard<std::mutex>* proof_of_lock,
- const std::shared_ptr<UserSnapshotDmUserHandler>& handler) {
+ const std::shared_ptr<HandlerThread>& handler) {
CHECK(proof_of_lock);
if (!handler->snapuserd()->IsAttached()) {
@@ -568,8 +586,7 @@
}
}
-std::string UserSnapshotServer::GetMergeStatus(
- const std::shared_ptr<UserSnapshotDmUserHandler>& handler) {
+std::string UserSnapshotServer::GetMergeStatus(const std::shared_ptr<HandlerThread>& handler) {
return handler->snapuserd()->GetMergeStatus();
}
@@ -604,7 +621,7 @@
}
bool UserSnapshotServer::RemoveAndJoinHandler(const std::string& misc_name) {
- std::shared_ptr<UserSnapshotDmUserHandler> handler;
+ std::shared_ptr<HandlerThread> handler;
{
std::lock_guard<std::mutex> lock(lock_);
diff --git a/fs_mgr/libsnapshot/snapuserd/user-space-merge/snapuserd_server.h b/fs_mgr/libsnapshot/snapuserd/user-space-merge/snapuserd_server.h
index c2af61f..12c3903 100644
--- a/fs_mgr/libsnapshot/snapuserd/user-space-merge/snapuserd_server.h
+++ b/fs_mgr/libsnapshot/snapuserd/user-space-merge/snapuserd_server.h
@@ -54,9 +54,9 @@
INVALID,
};
-class UserSnapshotDmUserHandler {
+class HandlerThread {
public:
- explicit UserSnapshotDmUserHandler(std::shared_ptr<SnapshotHandler> snapuserd);
+ explicit HandlerThread(std::shared_ptr<SnapshotHandler> snapuserd);
void FreeResources() {
// Each worker thread holds a reference to snapuserd.
@@ -99,9 +99,9 @@
std::mutex lock_;
- using HandlerList = std::vector<std::shared_ptr<UserSnapshotDmUserHandler>>;
+ using HandlerList = std::vector<std::shared_ptr<HandlerThread>>;
HandlerList dm_users_;
- std::queue<std::shared_ptr<UserSnapshotDmUserHandler>> merge_handlers_;
+ std::queue<std::shared_ptr<HandlerThread>> merge_handlers_;
void AddWatchedFd(android::base::borrowed_fd fd, int events);
void AcceptClient();
@@ -118,13 +118,13 @@
bool IsTerminating() { return terminating_; }
- void RunThread(std::shared_ptr<UserSnapshotDmUserHandler> handler);
+ void RunThread(std::shared_ptr<HandlerThread> handler);
void MonitorMerge();
void JoinAllThreads();
bool StartWithSocket(bool start_listening);
- // Find a UserSnapshotDmUserHandler within a lock.
+ // Find a HandlerThread within a lock.
HandlerList::iterator FindHandler(std::lock_guard<std::mutex>* proof_of_lock,
const std::string& misc_name);
@@ -143,14 +143,14 @@
bool RunForSocketHandoff();
bool WaitForSocket();
- std::shared_ptr<UserSnapshotDmUserHandler> AddHandler(const std::string& misc_name,
- const std::string& cow_device_path,
- const std::string& backing_device,
- const std::string& base_path_merge);
- bool StartHandler(const std::shared_ptr<UserSnapshotDmUserHandler>& handler);
+ std::shared_ptr<HandlerThread> AddHandler(const std::string& misc_name,
+ const std::string& cow_device_path,
+ const std::string& backing_device,
+ const std::string& base_path_merge);
+ bool StartHandler(const std::shared_ptr<HandlerThread>& handler);
bool StartMerge(std::lock_guard<std::mutex>* proof_of_lock,
- const std::shared_ptr<UserSnapshotDmUserHandler>& handler);
- std::string GetMergeStatus(const std::shared_ptr<UserSnapshotDmUserHandler>& handler);
+ const std::shared_ptr<HandlerThread>& handler);
+ std::string GetMergeStatus(const std::shared_ptr<HandlerThread>& handler);
void WakeupMonitorMergeThread();
void SetTerminating() { terminating_ = true; }
diff --git a/gatekeeperd/OWNERS b/gatekeeperd/OWNERS
index 9c99c6e..04cd19e 100644
--- a/gatekeeperd/OWNERS
+++ b/gatekeeperd/OWNERS
@@ -1,2 +1,5 @@
+# Bug component: 1124862
+drysdale@google.com
+oarbildo@google.com
+subrahmanyaman@google.com
swillden@google.com
-jdanis@google.com
diff --git a/gatekeeperd/gatekeeperd.cpp b/gatekeeperd/gatekeeperd.cpp
index 76fcd55..eb43a33 100644
--- a/gatekeeperd/gatekeeperd.cpp
+++ b/gatekeeperd/gatekeeperd.cpp
@@ -151,7 +151,7 @@
void clear_sid(uint32_t userId) {
char filename[21];
snprintf(filename, sizeof(filename), "%u", userId);
- if (remove(filename) < 0) {
+ if (remove(filename) < 0 && errno != ENOENT) {
ALOGE("%s: could not remove file [%s], attempting 0 write", __func__, strerror(errno));
store_sid(userId, 0);
}
diff --git a/healthd/healthd_mode_charger.cpp b/healthd/healthd_mode_charger.cpp
index 1ce174b..a0527e8 100644
--- a/healthd/healthd_mode_charger.cpp
+++ b/healthd/healthd_mode_charger.cpp
@@ -88,7 +88,7 @@
#define POWER_ON_KEY_TIME (2 * MSEC_PER_SEC)
#define UNPLUGGED_SHUTDOWN_TIME (10 * MSEC_PER_SEC)
#define UNPLUGGED_DISPLAY_TIME (3 * MSEC_PER_SEC)
-#define MAX_BATT_LEVEL_WAIT_TIME (3 * MSEC_PER_SEC)
+#define MAX_BATT_LEVEL_WAIT_TIME (5 * MSEC_PER_SEC)
#define UNPLUGGED_SHUTDOWN_TIME_PROP "ro.product.charger.unplugged_shutdown_time"
#define LAST_KMSG_MAX_SZ (32 * 1024)
diff --git a/init/Android.bp b/init/Android.bp
index 1aba4b3..7b52903 100644
--- a/init/Android.bp
+++ b/init/Android.bp
@@ -502,11 +502,13 @@
"libbase",
"libcutils",
"libselinux",
- "libhidl-gen-utils",
"liblog",
"libprocessgroup",
"libprotobuf-cpp-lite",
],
+ static_libs: [
+ "libhidl-gen-utils",
+ ],
}
cc_library_static {
diff --git a/init/fuzzer/init_parser_fuzzer.cpp b/init/fuzzer/init_parser_fuzzer.cpp
index e6a78a2..dc76465 100644
--- a/init/fuzzer/init_parser_fuzzer.cpp
+++ b/init/fuzzer/init_parser_fuzzer.cpp
@@ -125,7 +125,7 @@
std::string path = fdp_.ConsumeBool() ? fdp_.PickValueInArray(kValidPaths)
: fdp_.ConsumeRandomLengthString(kMaxBytes);
parser.ParseConfig(path);
- parser.ParseConfigFileInsecure(path);
+ parser.ParseConfigFileInsecure(path, false /* follow_symlinks */);
}
void InitParserFuzzer::Process() {
diff --git a/init/host_init_verifier.cpp b/init/host_init_verifier.cpp
index db127d3..f070776 100644
--- a/init/host_init_verifier.cpp
+++ b/init/host_init_verifier.cpp
@@ -326,7 +326,9 @@
}
}
} else {
- if (!parser.ParseConfigFileInsecure(*argv)) {
+ if (!parser.ParseConfigFileInsecure(*argv, true /* follow_symlinks */)) {
+ // Follow symlinks as inputs during build execution in Bazel's
+ // execution root are symlinks, unlike Soong or Make.
LOG(ERROR) << "Failed to open init rc script '" << *argv << "'";
return EXIT_FAILURE;
}
diff --git a/init/parser.cpp b/init/parser.cpp
index adb41ad..8c0bb2b 100644
--- a/init/parser.cpp
+++ b/init/parser.cpp
@@ -131,9 +131,9 @@
}
}
-bool Parser::ParseConfigFileInsecure(const std::string& path) {
+bool Parser::ParseConfigFileInsecure(const std::string& path, bool follow_symlinks = false) {
std::string config_contents;
- if (!android::base::ReadFileToString(path, &config_contents)) {
+ if (!android::base::ReadFileToString(path, &config_contents, follow_symlinks)) {
return false;
}
diff --git a/init/parser.h b/init/parser.h
index 980ae0c..8e5bca7 100644
--- a/init/parser.h
+++ b/init/parser.h
@@ -77,7 +77,7 @@
void AddSingleLineParser(const std::string& prefix, LineCallback callback);
// Host init verifier check file permissions.
- bool ParseConfigFileInsecure(const std::string& path);
+ bool ParseConfigFileInsecure(const std::string& path, bool follow_symlinks);
size_t parse_error_count() const { return parse_error_count_; }
diff --git a/init/service.cpp b/init/service.cpp
index 8456d1e..35beaad 100644
--- a/init/service.cpp
+++ b/init/service.cpp
@@ -453,6 +453,7 @@
// disable services requiring the console. For older kernels and boot
// images, not setting this at all will fall back to the old behavior
if (GetProperty("ro.boot.serialconsole", "") == "0") {
+ flags_ |= SVC_DISABLED;
return {};
}
diff --git a/init/test_kill_services/init_kill_services_test.cpp b/init/test_kill_services/init_kill_services_test.cpp
index 66a3328..5355703 100644
--- a/init/test_kill_services/init_kill_services_test.cpp
+++ b/init/test_kill_services/init_kill_services_test.cpp
@@ -29,8 +29,8 @@
const std::string initial_pid = GetProperty(pid_prop, "");
- EXPECT_EQ("running", GetProperty(status_prop, "")) << status_prop;
- EXPECT_NE("", initial_pid) << pid_prop;
+ ASSERT_EQ("running", GetProperty(status_prop, "")) << status_prop;
+ ASSERT_NE("", initial_pid) << pid_prop;
EXPECT_EQ(0, system(("kill -9 " + initial_pid).c_str()));
diff --git a/libprocessgroup/processgroup.cpp b/libprocessgroup/processgroup.cpp
index 38f19ff..f7af08b 100644
--- a/libprocessgroup/processgroup.cpp
+++ b/libprocessgroup/processgroup.cpp
@@ -446,6 +446,14 @@
static int KillProcessGroup(uid_t uid, int initialPid, int signal, int retries,
int* max_processes) {
+ if (uid < 0) {
+ LOG(ERROR) << __func__ << ": invalid UID " << uid;
+ return -1;
+ }
+ if (initialPid <= 0) {
+ LOG(ERROR) << __func__ << ": invalid PID " << initialPid;
+ return -1;
+ }
std::string hierarchy_root_path;
if (CgroupsAvailable()) {
CgroupGetControllerPath(CGROUPV2_CONTROLLER_NAME, &hierarchy_root_path);
diff --git a/libsparse/sparse.cpp b/libsparse/sparse.cpp
index 396e7eb..ca7e5fe 100644
--- a/libsparse/sparse.cpp
+++ b/libsparse/sparse.cpp
@@ -260,8 +260,8 @@
return s->block_size;
}
-static struct backed_block* move_chunks_up_to_len(struct sparse_file* from, struct sparse_file* to,
- unsigned int len) {
+static int move_chunks_up_to_len(struct sparse_file* from, struct sparse_file* to, unsigned int len,
+ backed_block** out_bb) {
int64_t count = 0;
struct output_file* out_counter;
struct backed_block* last_bb = nullptr;
@@ -282,7 +282,7 @@
out_counter = output_file_open_callback(out_counter_write, &count, to->block_size, to->len, false,
true, 0, false);
if (!out_counter) {
- return nullptr;
+ return -1;
}
for (bb = start; bb; bb = backed_block_iter_next(bb)) {
@@ -319,7 +319,8 @@
out:
output_file_close(out_counter);
- return bb;
+ *out_bb = bb;
+ return 0;
}
int sparse_file_resparse(struct sparse_file* in_s, unsigned int max_len, struct sparse_file** out_s,
@@ -337,7 +338,15 @@
do {
s = sparse_file_new(in_s->block_size, in_s->len);
- bb = move_chunks_up_to_len(in_s, s, max_len);
+ if (move_chunks_up_to_len(in_s, s, max_len, &bb) < 0) {
+ sparse_file_destroy(s);
+ for (int i = 0; i < c && i < out_s_count; i++) {
+ sparse_file_destroy(out_s[i]);
+ out_s[i] = nullptr;
+ }
+ sparse_file_destroy(tmp);
+ return -1;
+ }
if (c < out_s_count) {
out_s[c] = s;
diff --git a/libstats/expresslog/Counter.cpp b/libstats/expresslog/Counter.cpp
index bee1303..9382041 100644
--- a/libstats/expresslog/Counter.cpp
+++ b/libstats/expresslog/Counter.cpp
@@ -28,5 +28,10 @@
stats_write(EXPRESS_EVENT_REPORTED, metricIdHash, amount);
}
+void Counter::logIncrementWithUid(const char* metricName, int32_t uid, int64_t amount) {
+ const int64_t metricIdHash = farmhash::Fingerprint64(metricName, strlen(metricName));
+ stats_write(EXPRESS_UID_EVENT_REPORTED, metricIdHash, amount, uid);
+}
+
} // namespace expresslog
} // namespace android
diff --git a/libstats/expresslog/include/Counter.h b/libstats/expresslog/include/Counter.h
index 57328f5..8d0ab6a 100644
--- a/libstats/expresslog/include/Counter.h
+++ b/libstats/expresslog/include/Counter.h
@@ -24,6 +24,8 @@
class Counter final {
public:
static void logIncrement(const char* metricId, int64_t amount = 1);
+
+ static void logIncrementWithUid(const char* metricId, int32_t uid, int64_t amount = 1);
};
} // namespace expresslog
diff --git a/trusty/keymaster/TEST_MAPPING b/trusty/keymaster/TEST_MAPPING
index 0dd39fb..0475e04 100644
--- a/trusty/keymaster/TEST_MAPPING
+++ b/trusty/keymaster/TEST_MAPPING
@@ -5,6 +5,18 @@
},
{
"name": "VtsHalRemotelyProvisionedComponentTargetTest"
+ },
+ {
+ "name": "RkpdAppUnitTests"
+ },
+ {
+ "name": "RkpdAppGoogleUnitTests"
+ },
+ {
+ "name": "RkpdAppIntegrationTests"
+ },
+ {
+ "name": "RkpdAppGoogleIntegrationTests"
}
]
}
diff --git a/trusty/stats/aidl/Android.bp b/trusty/stats/aidl/Android.bp
new file mode 100644
index 0000000..078cc99
--- /dev/null
+++ b/trusty/stats/aidl/Android.bp
@@ -0,0 +1,39 @@
+// Copyright (C) 2023 The Android Open-Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package {
+ default_applicable_licenses: ["Android-Apache-2.0"],
+}
+
+aidl_interface {
+ name: "android.trusty.stats.nw.setter",
+ unstable: true,
+ vendor_available: true,
+ srcs: [
+ "android/trusty/stats/nw/setter/IStatsSetter.aidl",
+ ],
+ imports: ["android.frameworks.stats-V1"],
+ backend: {
+ cpp: {
+ enabled: true,
+ },
+ java: {
+ enabled: false,
+ platform_apis: false,
+ },
+ ndk: {
+ enabled: false,
+ },
+ },
+}
diff --git a/trusty/stats/aidl/android/trusty/stats/nw/setter/IStatsSetter.aidl b/trusty/stats/aidl/android/trusty/stats/nw/setter/IStatsSetter.aidl
new file mode 100644
index 0000000..f44f4a3
--- /dev/null
+++ b/trusty/stats/aidl/android/trusty/stats/nw/setter/IStatsSetter.aidl
@@ -0,0 +1,28 @@
+//
+// Copyright (C) 2023 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+package android.trusty.stats.nw.setter;
+
+import android.frameworks.stats.IStats;
+
+interface IStatsSetter {
+ /**
+ * Set the IStats interface facet.
+ *
+ * @param istats The IStats facet provided by the caller for the remote
+ * service to report IStats' VendorAtom.
+ */
+ void setInterface(in IStats istats);
+}
diff --git a/trusty/stats/test/Android.bp b/trusty/stats/test/Android.bp
new file mode 100644
index 0000000..6b2bce9
--- /dev/null
+++ b/trusty/stats/test/Android.bp
@@ -0,0 +1,47 @@
+// Copyright (C) 2021 The Android Open-Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package {
+ default_applicable_licenses: ["Android-Apache-2.0"],
+}
+
+cc_test {
+ name: "trusty_stats_test",
+ vendor: true,
+ srcs: [
+ "stats_test.cpp",
+ ],
+ static_libs: [
+ "libgmock",
+ ],
+ shared_libs: [
+ "libbase",
+ "liblog",
+ "libtrusty",
+ "libbinder",
+ "libbinder_trusty",
+ "libutils",
+
+ // AIDL interface deps versions, please refer to below link
+ // https://source.android.com/docs/core/architecture/aidl/stable-aidl#module-naming-rules
+ "android.frameworks.stats-V1-cpp",
+ "android.trusty.stats.nw.setter-cpp",
+ ],
+ cflags: [
+ "-Wall",
+ "-Werror",
+ ],
+ require_root: true,
+ proprietary: true,
+}
diff --git a/trusty/stats/test/README.md b/trusty/stats/test/README.md
new file mode 100644
index 0000000..45e6af8
--- /dev/null
+++ b/trusty/stats/test/README.md
@@ -0,0 +1,97 @@
+# Development Notes
+
+* First get [repo_pull.py and gerrit.py](https://android.googlesource.com/platform/development/+/master/tools/repo_pull/) from aosp.
+
+* Although this repo is not currently in Trusty’s manifest, it’s sufficient to copy these two python scripts to the root of the Trusty project and run them from there. Make sure to follow the [repo_pull installation](https://android.googlesource.com/platform/development/+/master/tools/repo_pull/#installation) steps if necessary.
+
+## Build
+
+Build Android:
+
+```sh
+source build/envsetup.sh
+lunch qemu_trusty_arm64-userdebug
+m
+```
+
+Build Trusty:
+
+```sh
+./trusty/vendor/google/aosp/scripts/build.py qemu-generic-arm64-test-debug --skip-tests 2>stderr.log
+```
+
+## Trusty PORT_TEST
+
+On QEmu:
+
+```sh
+./build-root/build-qemu-generic-arm64-test-debug/run --headless --boot-test "com.android.trusty.stats.test" --verbose
+```
+
+On device: (Build for your device's debug target on both Adroid and Trusty)
+
+```sh
+/vendor/bin/trusty-ut-ctrl -D /dev/trusty-ipc-dev0 "com.android.trusty.stats.test"
+```
+
+On device, in a loop:
+
+```sh
+cat << 'EOF' > metrics.sh
+#!/system/bin/sh
+TIMES=${1:-0}
+X=0
+while [ "$TIMES" -eq 0 -o "$TIMES" -gt "$X" ]
+do
+ echo "######################## stats.test $X " $(( X++ ));
+ /vendor/bin/trusty-ut-ctrl -D /dev/trusty-ipc-dev0 "com.android.trusty.stats.test"
+done
+EOF
+
+adb wait-for-device
+adb push metrics.sh /data/user/test/metrics.sh
+adb shell sh /data/user/test/metrics.sh
+```
+
+## Android Native Test
+
+On QEmu:
+
+```sh
+./build-root/build-qemu-generic-arm64-test-debug/run --headless --android $ANDROID_PROJECT_ROOT --shell-command "/data/nativetest64/vendor/trusty_stats_test/trusty_stats_test" --verbose
+```
+
+On device: (Build for your device's debug target on both Adroid and Trusty)
+
+```sh
+/data/nativetest64/vendor/trusty_stats_test/trusty_stats_test
+```
+
+On device, in a loop:
+
+```sh
+cat << 'EOF' > metrics-nw.sh
+#!/system/bin/sh
+TIMES=${1:-0}
+X=0
+while [ "$TIMES" -eq 0 -o "$TIMES" -gt "$X" ]
+do
+ echo "######################## stats.test $X " $(( X++ ));
+ /data/nativetest64/vendor/trusty_stats_test/trusty_stats_test
+done
+EOF
+
+adb wait-for-device
+adb push metrics.sh /data/user/test/metrics-nw.sh
+adb shell sh /data/user/test/metrics-nw.sh
+```
+
+## Trusty Backtrace analysis
+
+
+```
+$ export A2L=./prebuilts/clang/host/linux-x86/llvm-binutils-stable/llvm-addr2line
+$ export OD=./prebuilts/clang/host/linux-x86/llvm-binutils-stable/llvm-objdump
+$ $OD -d -C build-root/build-qemu-generic-arm64-test-debug/user_tasks/trusty/user/base/app/metrics/metrics.syms.elf > objdump.lst
+$ $A2L -e build-root/build-qemu-generic-arm64-test-debug/user_tasks/trusty/user/base/app/metrics/metrics.syms.elf 0xe5104
+```
diff --git a/trusty/stats/test/stats_test.cpp b/trusty/stats/test/stats_test.cpp
new file mode 100644
index 0000000..1edddeb
--- /dev/null
+++ b/trusty/stats/test/stats_test.cpp
@@ -0,0 +1,364 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#include <errno.h>
+#include <getopt.h>
+#include <gmock/gmock.h>
+#include <gtest/gtest.h>
+#include <stdbool.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/uio.h>
+#include <unistd.h>
+
+#include <condition_variable>
+#include <cstddef>
+#include <mutex>
+#include <queue>
+
+#include <android-base/expected.h>
+#include <android-base/logging.h>
+#include <android/frameworks/stats/BnStats.h>
+#include <android/frameworks/stats/IStats.h>
+#include <android/trusty/stats/nw/setter/IStatsSetter.h>
+#include <binder/RpcServer.h>
+#include <binder/RpcSession.h>
+#include <binder/RpcTransportRaw.h>
+#include <binder/RpcTransportTipcAndroid.h>
+#include <binder/RpcTrusty.h>
+#include <trusty/tipc.h>
+
+/** DOC:
+ * ./build-root/build-qemu-generic-arm64-test-debug/run \
+ * --android $ANDROID_PROJECT_ROOT \
+ * --headless --shell-command \
+ * "/data/nativetest64/vendor/trusty_stats_test/trusty_stats_test"
+ *
+ * adb -s emulator-5554 shell \
+ * /data/nativetest64/vendor/trusty_stats_test/trusty_stats_test
+ */
+using ::android::base::unique_fd;
+using ::android::binder::Status;
+using ::android::frameworks::stats::BnStats;
+using ::android::frameworks::stats::IStats;
+using ::android::frameworks::stats::VendorAtom;
+using ::android::frameworks::stats::VendorAtomValue;
+using ::android::trusty::stats::nw::setter::IStatsSetter;
+
+constexpr const char kTrustyDefaultDeviceName[] = "/dev/trusty-ipc-dev0";
+constexpr const char kTrustyStatsSetterTest[] =
+ "com.android.frameworks.stats.trusty.test.relayer.istats_setter";
+constexpr const char kTrustyStatsSetterMetrics[] =
+ "com.android.frameworks.stats.trusty.metrics.istats_setter";
+constexpr const char kTrustyStatsPortTest[] = "com.android.trusty.stats.test";
+constexpr const char kTrustyCrashPortTest[] = "com.android.trusty.crashtest";
+constexpr const char kTrustyCrasherUuid[] = "7ee4dddc-177a-420a-96ea-5d413d88228e:crasher";
+
+enum TrustyAtoms : int32_t {
+ TrustyAppCrashed = 100072,
+ TrustyError = 100145,
+ TrustyStorageError = 100146
+};
+
+enum TestMsgHeader : int32_t {
+ TEST_PASSED = 0,
+ TEST_FAILED = 1,
+ TEST_MESSAGE = 2,
+};
+
+namespace android {
+namespace trusty {
+namespace stats {
+
+class Stats : public BnStats {
+ public:
+ Stats() : BnStats() {}
+
+ Status reportVendorAtom(const VendorAtom& vendorAtom) override {
+ const char* atomIdStr = vendorAtomStr(vendorAtom.atomId);
+ ALOGD("Vendor atom reported of type: %s\n", atomIdStr);
+ std::lock_guard lock(mLock);
+ mQueueVendorAtom.push(vendorAtom);
+ mCondVar.notify_one();
+ return Status::ok();
+ }
+
+ status_t getVendorAtom(VendorAtom* pVendorAtom, int64_t waitForMs) {
+ std::unique_lock lock(mLock);
+ while (mQueueVendorAtom.empty()) {
+ auto rc = mCondVar.wait_for(lock, std::chrono::milliseconds(waitForMs));
+ if (rc == std::cv_status::timeout) {
+ return TIMED_OUT;
+ }
+ }
+ *pVendorAtom = mQueueVendorAtom.front();
+ mQueueVendorAtom.pop();
+ return NO_ERROR;
+ }
+
+ private:
+ const char* vendorAtomStr(int32_t atomId) {
+ switch (atomId) {
+ case TrustyAtoms::TrustyAppCrashed:
+ return "TrustyAtoms::TrustyAppCrashed";
+ case TrustyAtoms::TrustyError:
+ return "TrustyAtoms::TrustyError";
+ case TrustyAtoms::TrustyStorageError:
+ return "TrustyAtoms::TrustyStorageError";
+ default:
+ return "unknown TrustyAtoms type";
+ }
+ }
+ std::mutex mLock;
+ std::condition_variable mCondVar;
+ std::queue<VendorAtom> mQueueVendorAtom;
+};
+
+class TrustyStatsTestBase : public ::testing::Test {
+ protected:
+ TrustyStatsTestBase(std::string&& portNameStatsSetter, std::string&& portNamePortTest)
+ : mPortTestFd(-1),
+ mPortNameStatsSetter(std::move(portNameStatsSetter)),
+ mPortNamePortTest(std::move(portNamePortTest)) {}
+
+ void SetUp() override {
+ // Commenting out the server portion because we do not have any direct
+ // incoming call Calls from TA are currently being handled on the mSession's
+ // extra thread. android::sp<::android::RpcServer> server =
+ // ::android::RpcServer::make(::android::RpcTransportCtxFactoryRaw::make());
+
+ mStats = android::sp<Stats>::make();
+ // Increasing number of incoming threads on mSession to be able to receive
+ // callbacks
+ auto session_initializer = [](sp<RpcSession>& session) {
+ session->setMaxIncomingThreads(1);
+ };
+
+ ASSERT_FALSE(mSession);
+ mSession = RpcTrustyConnectWithSessionInitializer(
+ kTrustyDefaultDeviceName, mPortNameStatsSetter.c_str(), session_initializer);
+ ASSERT_TRUE(mSession);
+
+ auto root = mSession->getRootObject();
+ ASSERT_TRUE(root);
+ auto statsSetter = IStatsSetter::asInterface(root);
+ ASSERT_TRUE(statsSetter);
+ statsSetter->setInterface(mStats);
+ }
+ void TearDown() override {
+ // close connection to unitest app
+ if (mPortTestFd != -1) {
+ tipc_close(mPortTestFd);
+ }
+ mPortTestFd = -1;
+
+ if (mSession) {
+ // shutdownAndWait here races with sending out the DecStrong
+ // messages after reportVendorAtom returns, so we delay it a little
+ // bit to give the messages time to go out over the transport
+ usleep(50000);
+ ASSERT_TRUE(mSession->shutdownAndWait(true));
+ }
+ mSession.clear();
+ mStats.clear();
+ }
+ void StartPortTest() {
+ // connect to unitest app
+ mPortTestFd = tipc_connect(kTrustyDefaultDeviceName, mPortNamePortTest.c_str());
+ if (mPortTestFd < 0) {
+ ALOGE("Failed to connect to '%s' app: %s\n", kTrustyStatsPortTest,
+ strerror(-mPortTestFd));
+ }
+ ASSERT_GT(mPortTestFd, 0);
+ }
+ void WaitPortTestDone() {
+ // wait for test to complete
+ char rxBuf[1024];
+ const char prolog[] = "Trusty PORT_TEST:";
+ strncpy(rxBuf, prolog, sizeof(prolog) - 1);
+ char* pRxBuf = rxBuf + sizeof(prolog) - 1;
+ size_t remainingBufSize = sizeof(rxBuf) - sizeof(prolog) - 1;
+
+ ASSERT_NE(mPortTestFd, -1);
+ for (;;) {
+ int rc = read(mPortTestFd, pRxBuf, remainingBufSize);
+ ASSERT_GT(rc, 0);
+ ASSERT_LT(rc, (int)remainingBufSize);
+ if (pRxBuf[0] == TEST_PASSED) {
+ break;
+ } else if (pRxBuf[0] == TEST_FAILED) {
+ break;
+ } else if (pRxBuf[0] == TEST_MESSAGE) {
+ pRxBuf[0] = ' ';
+ write(STDOUT_FILENO, rxBuf, rc + sizeof(prolog) - 1);
+ } else {
+ ALOGE("Bad message header: %d\n", rxBuf[0]);
+ break;
+ }
+ }
+ ASSERT_EQ(pRxBuf[0], TEST_PASSED);
+ }
+
+ android::sp<Stats> mStats;
+
+ private:
+ android::sp<RpcSession> mSession;
+ int mPortTestFd;
+ std::string mPortNameStatsSetter;
+ std::string mPortNamePortTest;
+};
+
+class TrustyStatsTest : public TrustyStatsTestBase {
+ protected:
+ TrustyStatsTest() : TrustyStatsTestBase(kTrustyStatsSetterTest, kTrustyStatsPortTest) {}
+};
+
+class TrustyMetricsCrashTest : public TrustyStatsTestBase {
+ protected:
+ TrustyMetricsCrashTest()
+ : TrustyStatsTestBase(kTrustyStatsSetterMetrics, kTrustyCrashPortTest) {}
+};
+
+TEST_F(TrustyStatsTest, CheckAtoms) {
+ int atomAppCrashedCnt = 0;
+ int atomStorageErrorCnt = 0;
+ int atomTrustyErrorCnt = 0;
+ uint64_t blockForMs = 500;
+ StartPortTest();
+ WaitPortTestDone();
+ for (;;) {
+ VendorAtom vendorAtom;
+ auto status = mStats->getVendorAtom(&vendorAtom, blockForMs);
+ ASSERT_THAT(status, ::testing::AnyOf(NO_ERROR, TIMED_OUT));
+ if (status == TIMED_OUT) {
+ // No more atoms
+ break;
+ }
+
+ ASSERT_THAT(vendorAtom.atomId,
+ ::testing::AnyOf(::testing::Eq(TrustyAtoms::TrustyAppCrashed),
+ ::testing::Eq(TrustyAtoms::TrustyError),
+ ::testing::Eq(TrustyAtoms::TrustyStorageError)));
+ ASSERT_STREQ(String8(vendorAtom.reverseDomainName), "google.android.trusty");
+ switch (vendorAtom.atomId) {
+ case TrustyAtoms::TrustyAppCrashed:
+ ++atomAppCrashedCnt;
+ ASSERT_STREQ(String8(vendorAtom.values[0].get<VendorAtomValue::stringValue>()),
+ "5247d19b-cf09-4272-a450-3ef20dbefc14");
+ break;
+ case TrustyAtoms::TrustyStorageError:
+ ++atomStorageErrorCnt;
+ ASSERT_EQ(vendorAtom.values[0].get<VendorAtomValue::intValue>(), 5);
+ ASSERT_STREQ(String8(vendorAtom.values[1].get<VendorAtomValue::stringValue>()),
+ "5247d19b-cf09-4272-a450-3ef20dbefc14");
+ ASSERT_STREQ(String8(vendorAtom.values[2].get<VendorAtomValue::stringValue>()),
+ "5247d19b-cf09-4272-a450-3ef20dbefc14");
+ ASSERT_EQ(vendorAtom.values[3].get<VendorAtomValue::intValue>(), 1);
+ ASSERT_EQ(vendorAtom.values[4].get<VendorAtomValue::intValue>(), 3);
+ ASSERT_EQ(vendorAtom.values[5].get<VendorAtomValue::longValue>(),
+ 0x4BCDEFABBAFEDCBALL);
+ ASSERT_EQ(vendorAtom.values[6].get<VendorAtomValue::intValue>(), 4);
+ ASSERT_EQ(vendorAtom.values[7].get<VendorAtomValue::longValue>(), 1023);
+ break;
+ case TrustyAtoms::TrustyError:
+ ++atomTrustyErrorCnt;
+ break;
+ default:
+ FAIL() << "Unknown vendor atom ID: " << vendorAtom.atomId;
+ break;
+ }
+ };
+ ASSERT_EQ(atomAppCrashedCnt, 1);
+ ASSERT_EQ(atomStorageErrorCnt, 1);
+ ASSERT_EQ(atomTrustyErrorCnt, 0);
+}
+
+TEST_F(TrustyMetricsCrashTest, CheckTrustyCrashAtoms) {
+ const std::vector<uint32_t> kExpectedCrashReasonsArm64{
+ 0x00000001U, // exit_failure (twice)
+ 0x00000001U,
+ 0x92000004U, // read_null_ptr
+ 0xf200002aU, // brk_instruction
+ 0x92000004U, // read_bad_ptr
+ 0x92000044U, // crash_write_bad_ptr
+ 0x9200004fU, // crash_write_ro_ptr
+ 0x8200000fU, // crash_exec_rodata
+ 0x8200000fU, // crash_exec_data
+ };
+ const std::vector<uint32_t> kExpectedCrashReasonsArm32{
+ 0x00000001U, // exit_failure (twice)
+ 0x00000001U,
+ 0x20000007U, // read_null_ptr
+ 0x20000007U, // read_bad_ptr
+ 0x20000807U, // crash_write_bad_ptr
+ 0x2000080fU, // crash_write_ro_ptr
+ 0x3000000fU, // crash_exec_rodata
+ 0x3000000fU, // crash_exec_data
+ };
+
+ int expectedAtomCnt = 7;
+ int atomAppCrashedCnt = 0;
+ int atomStorageErrorCnt = 0;
+ int atomTrustyErrorCnt = 0;
+ std::vector<uint32_t> atomCrashReasons;
+ uint64_t blockForMs = 500;
+ StartPortTest();
+ WaitPortTestDone();
+ for (;;) {
+ VendorAtom vendorAtom;
+ auto status = mStats->getVendorAtom(&vendorAtom, blockForMs);
+ ASSERT_THAT(status, ::testing::AnyOf(NO_ERROR, TIMED_OUT));
+ if (status == TIMED_OUT) {
+ // No more atoms
+ break;
+ }
+
+ ASSERT_THAT(vendorAtom.atomId,
+ ::testing::AnyOf(::testing::Eq(TrustyAtoms::TrustyAppCrashed),
+ ::testing::Eq(TrustyAtoms::TrustyError),
+ ::testing::Eq(TrustyAtoms::TrustyStorageError)));
+ ASSERT_STREQ(String8(vendorAtom.reverseDomainName), "google.android.trusty");
+
+ switch (vendorAtom.atomId) {
+ case TrustyAtoms::TrustyAppCrashed:
+ ++atomAppCrashedCnt;
+ ASSERT_STREQ(String8(vendorAtom.values[0].get<VendorAtomValue::stringValue>()),
+ kTrustyCrasherUuid);
+ atomCrashReasons.push_back(vendorAtom.values[1].get<VendorAtomValue::intValue>());
+ break;
+ case TrustyAtoms::TrustyStorageError:
+ ++atomStorageErrorCnt;
+ break;
+ case TrustyAtoms::TrustyError:
+ ++atomTrustyErrorCnt;
+ ASSERT_STREQ(String8(vendorAtom.values[1].get<VendorAtomValue::stringValue>()), "");
+ break;
+ default:
+ FAIL() << "Unknown vendor atom ID: " << vendorAtom.atomId;
+ }
+ }
+ ASSERT_GE(atomAppCrashedCnt, expectedAtomCnt - 1);
+ ASSERT_EQ(atomStorageErrorCnt, 0);
+ // There is one dropped event left over from Trusty boot,
+ // it may show up here
+ ASSERT_LE(atomTrustyErrorCnt, 1);
+ ASSERT_THAT(atomCrashReasons,
+ ::testing::AnyOf(kExpectedCrashReasonsArm64, kExpectedCrashReasonsArm32));
+};
+
+} // namespace stats
+} // namespace trusty
+} // namespace android
diff --git a/trusty/trusty-base.mk b/trusty/trusty-base.mk
index 5a3a320..1986c73 100644
--- a/trusty/trusty-base.mk
+++ b/trusty/trusty-base.mk
@@ -39,7 +39,6 @@
$(LOCAL_KEYMINT_PRODUCT_PACKAGE) \
android.hardware.gatekeeper-service.trusty \
trusty_apploader \
- RemoteProvisioner
PRODUCT_PROPERTY_OVERRIDES += \
ro.hardware.keystore_desede=true \