Merge "Add the "sys" group for tests."
diff --git a/debuggerd/Android.bp b/debuggerd/Android.bp
index c15146b..1c89472 100644
--- a/debuggerd/Android.bp
+++ b/debuggerd/Android.bp
@@ -14,9 +14,15 @@
"-Wno-nullability-completeness",
"-Os",
"-fno-finite-loops",
+ "-DANDROID_DEBUGGABLE=0",
],
local_include_dirs: ["include"],
+ product_variables: {
+ debuggable: {
+ cflags: ["-UANDROID_DEBUGGABLE", "-DANDROID_DEBUGGABLE=1"],
+ }
+ },
}
cc_library_headers {
diff --git a/debuggerd/include/debuggerd/handler.h b/debuggerd/include/debuggerd/handler.h
index bc08327..68b2e67 100644
--- a/debuggerd/include/debuggerd/handler.h
+++ b/debuggerd/include/debuggerd/handler.h
@@ -62,10 +62,11 @@
#define DEBUGGER_SIGNAL BIONIC_SIGNAL_DEBUGGER
static void __attribute__((__unused__)) debuggerd_register_handlers(struct sigaction* action) {
+ bool enabled = true;
+#if ANDROID_DEBUGGABLE
char value[PROP_VALUE_MAX] = "";
- bool enabled =
- !(__system_property_get("ro.debuggable", value) > 0 && !strcmp(value, "1") &&
- __system_property_get("debug.debuggerd.disable", value) > 0 && !strcmp(value, "1"));
+ enabled = !(__system_property_get("debug.debuggerd.disable", value) > 0 && !strcmp(value, "1"));
+#endif
if (enabled) {
sigaction(SIGABRT, action, nullptr);
sigaction(SIGBUS, action, nullptr);
diff --git a/fs_mgr/tests/adb-remount-test.sh b/fs_mgr/tests/adb-remount-test.sh
index 0157f46..949cec6 100755
--- a/fs_mgr/tests/adb-remount-test.sh
+++ b/fs_mgr/tests/adb-remount-test.sh
@@ -55,7 +55,6 @@
YELLOW="${ESCAPE}[33m"
BLUE="${ESCAPE}[34m"
NORMAL="${ESCAPE}[0m"
-TMPDIR=${TMPDIR:-/tmp}
print_time=false
start_time=`date +%s`
ACTIVE_SLOT=
@@ -213,15 +212,6 @@
adb_sh getprop ${1} </dev/null
}
-[ "USAGE: isDebuggable
-
-Returns: true if device is (likely) a debug build" ]
-isDebuggable() {
- if inAdb && [ 1 != "`get_property ro.debuggable`" ]; then
- false
- fi
-}
-
[ "USAGE: adb_su <commands> </dev/stdin >/dev/stdout 2>/dev/stderr
Returns: true if the command running as root succeeded" ]
@@ -240,17 +230,6 @@
return ${ret}
}
-[ "USAGE: adb_ls <dirfile> >stdout
-
-Returns: filename or directoru content to stdout with carriage returns skipped,
- true if the ls had no errors" ]
-adb_ls() {
- local OUTPUT="`adb_sh ls ${1} </dev/null 2>/dev/null`"
- local ret=${?}
- echo "${OUTPUT}" | tr -d '\r'
- return ${ret}
-}
-
[ "USAGE: adb_test <expression>
Returns: exit status of the test expression" ]
@@ -608,22 +587,13 @@
[ "USAGE: restore
-Do nothing: should be redefined when necessary. Called after cleanup.
+Do nothing: should be redefined when necessary.
Returns: reverses configurations" ]
restore() {
true
}
-[ "USAGE: cleanup
-
-Do nothing: should be redefined when necessary
-
-Returns: cleans up any latent resources" ]
-cleanup() {
- true
-}
-
[ "USAGE: test_duration >/dev/stderr
Prints the duration of the test
@@ -657,9 +627,6 @@
shift 2
fi >&2
LOG FAILED "${@}"
- cleanup
- restore
- test_duration
exit 1
}
@@ -744,10 +711,11 @@
local exclude_filesystems=(
"overlay" "tmpfs" "none" "sysfs" "proc" "selinuxfs" "debugfs" "bpf"
"binfmt_misc" "cg2_bpf" "pstore" "tracefs" "adb" "mtp" "ptp" "devpts"
- "ramdumpfs" "binder" "securityfs" "functionfs" "rootfs"
+ "ramdumpfs" "binder" "securityfs" "functionfs" "rootfs" "fuse"
)
local exclude_devices=(
"\/sys\/kernel\/debug" "\/data\/media" "\/dev\/block\/loop[0-9]*"
+ "\/dev\/block\/vold\/[^ ]+"
"${exclude_filesystems[@]}"
)
local exclude_mount_points=(
@@ -769,8 +737,10 @@
Filters out all apex and vendor override administrative overlay mounts
uninteresting to the test" ]
skip_unrelated_mounts() {
- grep -v "^overlay.* /\(apex\|bionic\|system\|vendor\)/[^ ]" |
- grep -v "[%] /\(data_mirror\|apex\|bionic\|system\|vendor\)/[^ ][^ ]*$"
+ grep -vE \
+ -e "^overlay.* /(apex|bionic|system|vendor)/[^ ]" \
+ -e "^[^ ]+ /apex/[^ ]" \
+ -e "[%] /(data_mirror|apex|bionic|system|vendor)/[^ ]+$"
}
[ "USAGE: surgically_wipe_overlayfs
@@ -894,10 +864,36 @@
NORMAL=""
fi
+TMPDIR=
+
+exit_handler() {
+ [ -n "${TMPDIR}" ] && rm -rf "${TMPDIR}"
+ local err=0
+ if ! restore; then
+ LOG ERROR "restore failed"
+ err=1
+ fi >&2
+ test_duration || true
+ if [ "${err}" != 0 ]; then
+ exit "${err}"
+ fi
+}
+trap 'exit_handler' EXIT
+
+TMPDIR=$(mktemp -d)
+
if ${print_time}; then
LOG INFO "start $(date)"
fi
+if [ -z "${ANDROID_SERIAL}" ]; then
+ inAdb || die "no device or more than one device in adb mode"
+ D=$(adb devices | awk '$2 == "device" { print $1; exit }')
+ [ -n "${D}" ] || die "cannot get device serial"
+ ANDROID_SERIAL="${D}"
+fi
+export ANDROID_SERIAL
+
inFastboot && die "device in fastboot mode"
inRecovery && die "device in recovery mode"
if ! inAdb; then
@@ -905,7 +901,13 @@
adb_wait ${ADB_WAIT}
fi
inAdb || die "specified device not in adb mode"
-isDebuggable || die "device not a debug build"
+[ "1" = "$(get_property ro.debuggable)" ] || die "device not a debug build"
+[ "orange" = "$(get_property ro.boot.verifiedbootstate)" ] || die "device not bootloader unlocked"
+can_restore_verity=true
+if [ "2" != "$(get_property partition.system.verified)" ]; then
+ LOG WARNING "device might not support verity"
+ can_restore_verity=false
+fi
enforcing=true
if ! adb_su getenforce </dev/null | grep 'Enforcing' >/dev/null; then
LOG WARNING "device does not have sepolicy in enforcing mode"
@@ -916,9 +918,6 @@
# Collect characteristics of the device and report.
-D=`get_property ro.serialno`
-[ -n "${D}" ] || D=`get_property ro.boot.serialno`
-[ -z "${D}" -o -n "${ANDROID_SERIAL}" ] || ANDROID_SERIAL=${D}
USB_SERIAL=
if [ -n "${ANDROID_SERIAL}" -a "Darwin" != "${HOSTOS}" ]; then
USB_SERIAL="`find /sys/devices -name serial | grep usb || true`"
@@ -932,8 +931,8 @@
USB_ADDRESS=${USB_SERIAL%/serial}
USB_ADDRESS=usb${USB_ADDRESS##*/}
fi
-[ -z "${ANDROID_SERIAL}${USB_ADDRESS}" ] ||
- USB_DEVICE=`usb_devnum`
+USB_DEVICE=$(usb_devnum)
+[ -z "${ANDROID_SERIAL}${USB_ADDRESS}${USB_DEVICE}" ] ||
LOG INFO "${ANDROID_SERIAL} ${USB_ADDRESS} ${USB_DEVICE}"
BUILD_DESCRIPTION=`get_property ro.build.description`
[ -z "${BUILD_DESCRIPTION}" ] ||
@@ -946,14 +945,23 @@
LOG INFO "active slot is ${ACTIVE_SLOT}"
# Acquire list of system partitions
+FSTAB_SUFFIXES=(
+ "$(get_property ro.boot.fstab_suffix)"
+ "$(get_property ro.boot.hardware)"
+ "$(get_property ro.boot.hardware.platform)"
+)
+FSTAB_PATTERN='\.('"$(join_with "|" "${FSTAB_SUFFIXES[@]}")"')$'
+FSTAB_FILE=$(adb_su ls -1 '/vendor/etc/fstab*' </dev/null |
+ grep -E "${FSTAB_PATTERN}" |
+ head -1)
# KISS (assume system partition mount point is "/<partition name>")
-PARTITIONS=`adb_su cat /vendor/etc/fstab* </dev/null |
- grep -v "^[#${SPACE}${TAB}]" |
- skip_administrative_mounts |
- awk '$1 ~ /^[^\/]+$/ && "/"$1 == $2 && $4 ~ /(^|,)ro(,|$)/ { print $1 }' |
- sort -u |
- tr '\n' ' '`
+[ -n "${FSTAB_FILE}" ] &&
+ PARTITIONS=$(adb_su grep -v "^[#${SPACE}${TAB}]" "${FSTAB_FILE}" |
+ skip_administrative_mounts |
+ awk '$1 ~ /^[^\/]+$/ && "/"$1 == $2 && $4 ~ /(^|,)ro(,|$)/ { print $1 }' |
+ sort -u |
+ tr '\n' ' ')
PARTITIONS="${PARTITIONS:-system vendor}"
# KISS (we do not support sub-mounts for system partitions currently)
MOUNTS="`for i in ${PARTITIONS}; do
@@ -985,8 +993,33 @@
LOG INFO "partition ${name} device ${device} size ${size}K"
done
+LOG RUN "Checking kernel support for overlayfs"
+
overlayfs_supported=true
-can_restore_verity=false
+adb_root || die "becoming root to mine kernel information"
+if ! adb_test -d /sys/module/overlay; then
+ if adb_sh grep -q "nodev${TAB}overlay" /proc/filesystems; then
+ LOG OK "overlay module present"
+ else
+ LOG WARNING "overlay module not present"
+ overlayfs_supported=false
+ fi
+fi >&2
+if ${overlayfs_supported}; then
+ if adb_test -f /sys/module/overlay/parameters/override_creds; then
+ LOG OK "overlay module supports override_creds"
+ else
+ case "$(adb_sh uname -r </dev/null)" in
+ 4.[456789].* | 4.[1-9][0-9]* | [56789].*)
+ LOG WARNING "overlay module does not support override_creds"
+ overlayfs_supported=false
+ ;;
+ *)
+ LOG OK "overlay module uses caller's creds"
+ ;;
+ esac
+ fi
+fi
restore() {
LOG INFO "restoring device"
@@ -1020,73 +1053,18 @@
# If reboot too soon after fresh flash, could trip device update failure logic
if ${screen_wait}; then
- LOG WARNING "waiting for screen to come up. Consider --no-wait-screen option"
+ LOG INFO "waiting for screen to come up. Consider --no-wait-screen option"
fi
if ! wait_for_screen && ${screen_wait}; then
screen_wait=false
LOG WARNING "not healthy, no launcher, skipping wait for screen"
fi
-# Can we test remount -R command?
-if [ "orange" = "$(get_property ro.boot.verifiedbootstate)" ] &&
- [ "2" = "$(get_property partition.system.verified)" ]; then
- can_restore_verity=true
-
- LOG RUN "Testing adb shell su root remount -R command"
-
- avc_check
- T=`adb_date`
- adb_su remount -R system </dev/null
- err=${?}
- if [ "${err}" != 0 ]; then
- LOG WARNING "adb shell su root remount -R system = ${err}, likely did not reboot!"
- T="-t ${T}"
- else
- # Rebooted, logcat will be meaningless, and last logcat will likely be clear
- T=""
- fi
- sleep 2
- adb_wait ${ADB_WAIT} ||
- die "waiting for device after adb shell su root remount -R system `usb_status`"
- if [ "orange" != "`get_property ro.boot.verifiedbootstate`" -o \
- "2" = "`get_property partition.system.verified`" ]; then
- die ${T} "remount -R command failed
-${INDENT}ro.boot.verifiedbootstate=\"`get_property ro.boot.verifiedbootstate`\"
-${INDENT}partition.system.verified=\"`get_property partition.system.verified`\""
- fi
-
- LOG OK "adb shell su root remount -R command"
-fi
-
-LOG RUN "Testing kernel support for overlayfs"
+################################################################################
+LOG RUN "Checking current overlayfs status"
adb_wait || die "wait for device failed"
-adb_root ||
- die "initial setup"
-
-adb_test -d /sys/module/overlay ||
- adb_sh grep "nodev${TAB}overlay" /proc/filesystems </dev/null >/dev/null 2>/dev/null &&
- LOG OK "overlay module present" ||
- (
- LOG WARNING "overlay module not present" &&
- false
- ) ||
- overlayfs_supported=false
-if ${overlayfs_supported}; then
- adb_test -f /sys/module/overlay/parameters/override_creds &&
- LOG OK "overlay module supports override_creds" ||
- case `adb_sh uname -r </dev/null` in
- 4.[456789].* | 4.[1-9][0-9]* | [56789].*)
- LOG WARNING "overlay module does not support override_creds" &&
- overlayfs_supported=false
- ;;
- *)
- LOG OK "overlay module uses caller's creds"
- ;;
- esac
-fi
-
-LOG RUN "Checking current overlayfs status"
+adb_root || die "adb root failed"
# We can not universally use adb enable-verity to ensure device is
# in a overlayfs disabled state since it can prevent reboot on
@@ -1097,30 +1075,27 @@
LOG WARNING "rebooting before test"
adb_reboot &&
adb_wait ${ADB_WAIT} ||
- die "lost device after reboot after wipe `usb_status`"
+ die "lost device after reboot after overlay wipe $(usb_status)"
adb_root ||
die "lost device after elevation to root after wipe `usb_status`"
fi
is_overlayfs_mounted &&
die "overlay takeover unexpected at this phase"
-LOG OK "no overlay present before setup"
overlayfs_needed=true
-D=`adb_sh cat /proc/mounts </dev/null |
- skip_administrative_mounts data`
-if echo "${D}" | grep /dev/root >/dev/null; then
- D=`echo / /
- echo "${D}" | grep -v /dev/root`
-fi
-D=`echo "${D}" | cut -s -d' ' -f1 | sort -u`
+D=$(adb_sh grep " ro," /proc/mounts </dev/null |
+ skip_administrative_mounts data |
+ skip_unrelated_mounts |
+ awk '{ print $1 }' |
+ sed 's|/dev/root|/|' |
+ sort -u)
no_dedupe=true
for d in ${D}; do
adb_sh tune2fs -l $d </dev/null 2>&1 |
grep "Filesystem features:.*shared_blocks" >/dev/null &&
no_dedupe=false
done
-D=`adb_sh df -k ${D} </dev/null |
- sed 's@\([%] /\)\(apex\|bionic\|system\|vendor\)/[^ ][^ ]*$@\1@'`
+D=$(adb_sh df -k ${D} </dev/null)
echo "${D}" >&2
if [ X"${D}" = X"${D##* 100[%] }" ] && ${no_dedupe} ; then
overlayfs_needed=false
@@ -1129,113 +1104,163 @@
elif ! ${overlayfs_supported}; then
die "need overlayfs, but do not have it"
fi
+LOG OK "no overlay present before setup"
-LOG RUN "disable-verity -R"
+################################################################################
+# Precondition is overlayfs *not* setup.
+LOG RUN "Testing adb disable-verity -R"
-L=
T=$(adb_date)
-H=$(adb_su disable-verity -R 2>&1)
-err="${?}"
-echo "${H}" >&2
+adb_su disable-verity -R >&2 ||
+ die -t "${T}" "disable-verity -R failed"
+sleep 2
+adb_wait "${ADB_WAIT}" ||
+ die "lost device after adb disable-verity -R $(usb_status)"
-if [ "${err}" != 0 ]; then
- die -t "${T}" "disable-verity -R"
+if [ "2" = "$(get_property partition.system.verified)" ]; then
+ LOG ERROR "partition.system.verified=$(get_property partition.system.verified)"
+ die "verity not disabled after adb disable-verity -R"
fi
-
-# Fuzzy search for a line that contains "overlay" and "fail". Informational only.
-if echo "${H}" | grep -i "overlay" | grep -iq "fail"; then
- LOG WARNING "overlayfs setup whined"
-fi
-
-adb_wait "${ADB_WAIT}" &&
- adb_root ||
- die "lost device after adb shell su root disable-verity -R $(usb_status)"
-
if ${overlayfs_needed}; then
- if ! is_overlayfs_mounted; then
- die "no overlay being setup after disable-verity -R"
- fi
+ is_overlayfs_mounted ||
+ die "no overlay takeover after adb disable-verity -R"
+ LOG OK "overlay takeover after adb disable-verity -R"
fi
+LOG OK "adb disable-verity -R"
-LOG RUN "remount"
+
+LOG RUN "Testing adb remount -R"
+
+if surgically_wipe_overlayfs; then
+ adb_reboot &&
+ adb_wait "${ADB_WAIT}" ||
+ die "lost device after reboot after overlay wipe $(usb_status)"
+fi
+is_overlayfs_mounted &&
+ die "overlay takeover unexpected at this phase"
+
+T=$(adb_date)
+adb_su remount -R </dev/null >&2 ||
+ die -t "${T}" "adb remount -R failed"
+sleep 2
+adb_wait "${ADB_WAIT}" ||
+ die "lost device after adb remount -R $(usb_status)"
+
+if [ "2" = "$(get_property partition.system.verified)" ]; then
+ LOG ERROR "partition.system.verified=$(get_property partition.system.verified)"
+ die "verity not disabled after adb remount -R"
+fi
+if ${overlayfs_needed}; then
+ is_overlayfs_mounted ||
+ die "no overlay takeover after adb remount -R"
+ LOG OK "overlay takeover after adb remount -R"
+fi
+LOG OK "adb remount -R"
+
+################################################################################
+# Precondition is a verity-disabled device with overlayfs already setup.
+LOG RUN "Testing adb remount RW"
+
+if ! ${overlayfs_needed}; then
+ LOG WARNING "Reboot to RO (device doesn't use overlayfs)"
+ adb_reboot &&
+ adb_wait "${ADB_WAIT}" ||
+ die "lost device after reboot to RO $(usb_status)"
+fi
# Feed log with selinux denials as baseline before overlays
adb_unroot
adb_sh find ${MOUNTS} </dev/null >/dev/null 2>/dev/null || true
adb_root
-D=`adb remount 2>&1`
-ret=${?}
-echo "${D}" >&2
-[ ${ret} != 0 ] ||
- [ X"${D}" = X"${D##*remount failed}" ] ||
- ( [ -n "${L}" ] && echo "${L}" && false ) >&2 ||
- die -t "${T}" "adb remount failed"
-D=`adb_sh df -k </dev/null` &&
- H=`echo "${D}" | head -1` &&
- D=`echo "${D}" | skip_unrelated_mounts | grep "^overlay "` ||
- ( [ -n "${L}" ] && echo "${L}" && false ) >&2
-ret=${?}
+adb_sh grep -q " /vendor [^ ]* rw," /proc/mounts </dev/null &&
+ die "/vendor is not RO"
+T=$(adb_date)
+adb remount vendor >&2 ||
+ die -t "${T}" "adb remount vendor"
+adb_sh grep -q " /vendor [^ ]* rw," /proc/mounts </dev/null ||
+ die "/vendor is not RW"
+
+adb_sh grep -qE " (/system|/) [^ ]* rw," /proc/mounts </dev/null &&
+ die "/system is not RO"
+T=$(adb_date)
+adb remount >&2 ||
+ die -t "${T}" "adb remount"
+adb_sh grep -qE " (/system|/) [^ ]* rw," /proc/mounts </dev/null ||
+ die "/system is not RW"
+
+D=$(adb_sh df -k </dev/null)
+H=$(echo "${D}" | head -1)
+D=$(echo "${D}" | skip_unrelated_mounts | grep "^overlay ")
+if [ -n "${D}" ] && ! ${overlayfs_needed}; then
+ die -t "${T}" "unexpected overlay takeover"
+fi
+if [ -z "${D}" ] && ${overlayfs_needed}; then
+ die -t "${T}" "expected overlay takeover"
+fi
+
+# If scratch_partition && uses_dynamic_scratch, then scratch is on super.
+# If scratch_partition && !uses_dynamic_scratch, then scratch is super_other, system_other.
+# If !scratch_partition, then scratch is on /data via image_manager.
uses_dynamic_scratch=false
scratch_partition=
-virtual_ab=`get_property ro.virtual_ab.enabled`
+virtual_ab=$(get_property ro.virtual_ab.enabled)
if ${overlayfs_needed}; then
- if [ ${ret} != 0 ]; then
- die -t ${T} "overlay takeover failed"
- fi
- echo "${D}" | grep "^overlay .* /system\$" >/dev/null ||
- LOG WARNING "overlay takeover not complete"
- if [ -z "${virtual_ab}" ]; then
+ M=$(adb_sh cat /proc/mounts </dev/null |
+ awk '$2 == "/mnt/scratch" { print $1, $3; exit }')
+ [ -z "${M}" ] && die "cannot find any scratch device mounted on /mnt/scratch"
+
+ scratch_device=$(echo "${M}" | awk '{ print $1 }')
+ scratch_filesystem=$(echo "${M}" | awk '{ print $2 }')
+ scratch_size=$(adb_sh df -k "${scratch_device}" </dev/null |
+ tail +2 | head -1 | awk '{ print $2 }')
+ [ -z "${scratch_size}" ] && die "cannot get size of scratch device (${scratch_device})"
+
+ if [ -n "${virtual_ab}" ]; then
+ LOG INFO "using dynamic scratch partition on /data (VAB device)"
+ elif [[ "${scratch_device}" == /dev/block/by-name/* ]]; then
+ scratch_partition="${scratch_device##/dev/block/by-name/}"
+ LOG INFO "using physical scratch partition ${scratch_partition}"
+ else
+ uses_dynamic_scratch=true
scratch_partition=scratch
+ LOG INFO "using dynamic scratch partition on super"
fi
- if echo "${D}" | grep " /mnt/scratch" >/dev/null; then
- LOG INFO "using ${scratch_partition} dynamic partition for overrides"
- fi
- M=`adb_sh cat /proc/mounts </dev/null |
- sed -n 's@\([^ ]*\) /mnt/scratch \([^ ]*\) .*@\2 on \1@p'`
- [ -n "${M}" ] &&
- LOG INFO "scratch filesystem ${M}"
- uses_dynamic_scratch=true
- if [ "${M}" != "${M##*/dev/block/by-name/}" ]; then
- uses_dynamic_scratch=false
- scratch_partition="${M##*/dev/block/by-name/}"
- fi
- scratch_size=`adb_sh df -k /mnt/scratch </dev/null 2>/dev/null |
- while read device kblocks used available use mounted on; do
- if [ "/mnt/scratch" = "\${mounted}" ]; then
- echo \${kblocks}
- fi
- done` &&
- [ -n "${scratch_size}" ] ||
- die "scratch size"
- LOG INFO "scratch size ${scratch_size}KB"
+ LOG INFO "scratch device ${scratch_device} filesystem ${scratch_filesystem} size ${scratch_size}KiB"
+
for d in ${OVERLAYFS_BACKING}; do
if adb_test -d /${d}/overlay/system/upper; then
LOG INFO "/${d}/overlay is setup"
fi
done
- ( echo "${H}" &&
+ ( echo "${H}"
echo "${D}"
- ) >&2 &&
- echo "${D}" | grep "^overlay .* /system\$" >/dev/null ||
- die "overlay takeover after remount"
- !(adb_sh grep "^overlay " /proc/mounts </dev/null |
+ ) >&2
+ echo "${D}" | grep ' /system$' >/dev/null ||
+ die -t "${T}" "expected overlay to takeover /system after remount"
+ adb_sh grep "^overlay " /proc/mounts </dev/null |
skip_unrelated_mounts |
- grep " overlay ro,") ||
- die "remount overlayfs missed a spot (ro)"
- !(adb_sh grep -v noatime /proc/mounts </dev/null |
+ grep " overlay ro," &&
+ die "expected overlay to be RW after remount"
+ adb_sh grep -v noatime /proc/mounts </dev/null |
skip_administrative_mounts data |
skip_unrelated_mounts |
- grep -v ' ro,') ||
+ grep -v ' ro,' &&
die "mounts are not noatime"
- D=`adb_sh grep " rw," /proc/mounts </dev/null |
- skip_administrative_mounts data`
- if echo "${D}" | grep /dev/root >/dev/null; then
- D=`echo / /
- echo "${D}" | grep -v /dev/root`
- fi
- D=`echo "${D}" | cut -s -d' ' -f1 | sort -u`
+
+ data_device=$(adb_sh cat /proc/mounts </dev/null | awk '$2 == "/data" { print $1; exit }')
+ D=$(adb_sh grep " rw," /proc/mounts </dev/null |
+ skip_administrative_mounts data |
+ skip_unrelated_mounts |
+ awk '{ print $1 }' |
+ grep -v "${data_device}" |
+ sed 's|/dev/root|/|' |
+ sort -u)
+ if [ -n "${D}" ]; then
+ adb_sh df -k ${D} </dev/null |
+ sed -e 's/^Filesystem /Filesystem (rw) /'
+ fi >&2
bad_rw=false
for d in ${D}; do
if adb_sh tune2fs -l $d </dev/null 2>&1 |
@@ -1248,18 +1273,11 @@
bad_rw=true
fi
done
- [ -z "${D}" ] ||
- D=`adb_sh df -k ${D} </dev/null |
- sed -e 's@\([%] /\)\(apex\|bionic\|system\|vendor\)/[^ ][^ ]*$@\1@' \
- -e 's/^Filesystem /Filesystem (rw) /'`
- [ -z "${D}" ] || echo "${D}" >&2
${bad_rw} && die "remount overlayfs missed a spot (rw)"
-else
- if [ ${ret} = 0 ]; then
- die -t ${T} "unexpected overlay takeover"
- fi
fi
+LOG OK "adb remount RW"
+
# Check something.
LOG RUN "push content to ${MOUNTS}"
@@ -1281,19 +1299,15 @@
# Download libc.so, append some garbage, push back, and check if the file
# is updated.
-tempdir="`mktemp -d`"
-cleanup() {
- rm -rf ${tempdir}
-}
-adb pull /system/lib/bootstrap/libc.so ${tempdir} >/dev/null ||
+adb pull /system/lib/bootstrap/libc.so "${TMPDIR}/libc.so" >/dev/null ||
die "pull libc.so from device"
garbage="D105225BBFCB1EB8AB8EBDB7094646F0"
-echo "${garbage}" >> ${tempdir}/libc.so
-adb push ${tempdir}/libc.so /system/lib/bootstrap/libc.so >/dev/null ||
+echo "${garbage}" >>"${TMPDIR}/libc.so"
+adb push "${TMPDIR}/libc.so" /system/lib/bootstrap/libc.so >/dev/null ||
die "push libc.so to device"
-adb pull /system/lib/bootstrap/libc.so ${tempdir}/libc.so.fromdevice >/dev/null ||
+adb pull /system/lib/bootstrap/libc.so "${TMPDIR}/libc.so.fromdevice" >/dev/null ||
die "pull libc.so from device"
-diff ${tempdir}/libc.so ${tempdir}/libc.so.fromdevice > /dev/null ||
+diff "${TMPDIR}/libc.so" "${TMPDIR}/libc.so.fromdevice" > /dev/null ||
die "libc.so differ"
LOG RUN "reboot to confirm content persistent"
@@ -1314,7 +1328,6 @@
D=`adb_su df -k </dev/null` &&
H=`echo "${D}" | head -1` &&
D=`echo "${D}" | grep -v " /vendor/..*$" | grep "^overlay "` ||
- ( echo "${L}" && false ) >&2 ||
die -d "overlay takeover failed after reboot"
adb_su sed -n '1,/overlay \/system/p' /proc/mounts </dev/null |
@@ -1335,10 +1348,8 @@
adb_sh find ${MOUNTS} </dev/null >/dev/null 2>/dev/null || true
fi
# If overlayfs has a nested security problem, this will fail.
-B="`adb_ls /system/`" ||
- die "adb ls /system"
-[ X"${B}" != X"${B#*priv-app}" ] ||
- die "adb ls /system/priv-app"
+adb_sh ls /system >/dev/null || die "ls /system"
+adb_test -d /system/priv-app || die "[ -d /system/priv-app ]"
B="`adb_cat /system/priv-app/hello`"
check_eq "${A}" "${B}" /system/priv-app after reboot
# Only root can read vendor if sepolicy permissions are as expected.
@@ -1358,87 +1369,85 @@
# Check if the updated libc.so is persistent after reboot.
adb_root &&
- adb pull /system/lib/bootstrap/libc.so ${tempdir}/libc.so.fromdevice >/dev/null ||
+ adb pull /system/lib/bootstrap/libc.so "${TMPDIR}/libc.so.fromdevice" >/dev/null ||
die "pull libc.so from device"
-diff ${tempdir}/libc.so ${tempdir}/libc.so.fromdevice > /dev/null || die "libc.so differ"
-rm -rf ${tempdir}
-cleanup() {
- true
-}
+diff "${TMPDIR}/libc.so" "${TMPDIR}/libc.so.fromdevice" > /dev/null || die "libc.so differ"
LOG OK "/system/lib/bootstrap/libc.so content remains after reboot"
-LOG RUN "flash vendor, confirm its content disappears"
+################################################################################
+LOG RUN "flash vendor, and confirm vendor override disappears"
-H=`adb_sh echo '${HOSTNAME}' </dev/null 2>/dev/null`
-is_bootloader_fastboot=false
+is_bootloader_fastboot=true
# cuttlefish?
-[ X"${H}" != X"${H#vsoc}" ] || is_bootloader_fastboot=true
+[[ "$(get_property ro.product.device)" == vsoc* ]] &&
+ is_bootloader_fastboot=false
is_userspace_fastboot=false
if ! ${is_bootloader_fastboot}; then
- LOG WARNING "does not support fastboot, skipping"
-elif [ -z "${ANDROID_PRODUCT_OUT}" ]; then
- LOG WARNING "build tree not setup, skipping"
-elif [ ! -s "${ANDROID_PRODUCT_OUT}/vendor.img" ]; then
- LOG WARNING "vendor image missing, skipping"
-elif [ "${ANDROID_PRODUCT_OUT}" = "${ANDROID_PRODUCT_OUT%*/${H}}" ]; then
- LOG WARNING "wrong vendor image, skipping"
-elif [ -z "${ANDROID_HOST_OUT}" ]; then
- LOG WARNING "please run lunch, skipping"
-elif ! (
- adb_cat /vendor/build.prop |
- cmp -s ${ANDROID_PRODUCT_OUT}/vendor/build.prop
- ) >/dev/null 2>/dev/null; then
- LOG WARNING "vendor image signature mismatch, skipping"
+ LOG WARNING "does not support fastboot flash, skipping"
else
wait_for_screen
+ adb_root || die "adb root"
+
+ VENDOR_DEVICE_CANDIDATES=(
+ "/dev/block/mapper/vendor"{_${ACTIVE_SLOT},}
+ "/dev/block/by-name/vendor"{_${ACTIVE_SLOT},}
+ )
+ for b in "${VENDOR_DEVICE_CANDIDATES[@]}"; do
+ if adb_test -e "${b}"; then
+ adb pull "${b}" "${TMPDIR}/vendor.img" || die "adb pull ${b}"
+ LOG INFO "pulled ${b} from device as vendor.img"
+ break
+ fi
+ done
+ [ -f "${TMPDIR}/vendor.img" ] ||
+ die "cannot find block device of vendor partition"
+
avc_check
adb reboot fastboot </dev/null ||
die "fastbootd not supported (wrong adb in path?)"
any_wait ${ADB_WAIT} &&
inFastboot ||
die "reboot into fastboot to flash vendor `usb_status` (bad bootloader?)"
- fastboot flash vendor ||
+ fastboot flash vendor "${TMPDIR}/vendor.img" ||
( fastboot reboot && false) ||
die "fastboot flash vendor"
+ LOG OK "flashed vendor"
+
fastboot_getvar is-userspace yes &&
is_userspace_fastboot=true
+ # check ${scratch_partition} via fastboot
if [ -n "${scratch_partition}" ]; then
fastboot_getvar partition-type:${scratch_partition} raw ||
( fastboot reboot && false) ||
die "fastboot can not see ${scratch_partition} parameters"
if ${uses_dynamic_scratch}; then
- # check ${scratch_partition} via fastboot
fastboot_getvar has-slot:${scratch_partition} no &&
fastboot_getvar is-logical:${scratch_partition} yes ||
( fastboot reboot && false) ||
die "fastboot can not see ${scratch_partition} parameters"
- else
- fastboot_getvar is-logical:${scratch_partition} no ||
- ( fastboot reboot && false) ||
- die "fastboot can not see ${scratch_partition} parameters"
- fi
- if ! ${uses_dynamic_scratch}; then
- fastboot reboot-bootloader ||
- die "Reboot into fastboot"
- fi
- if ${uses_dynamic_scratch}; then
LOG INFO "expect fastboot erase ${scratch_partition} to fail"
fastboot erase ${scratch_partition} &&
( fastboot reboot || true) &&
die "fastboot can erase ${scratch_partition}"
+ else
+ fastboot_getvar is-logical:${scratch_partition} no ||
+ ( fastboot reboot && false) ||
+ die "fastboot can not see ${scratch_partition} parameters"
+ fastboot reboot-bootloader ||
+ die "fastboot reboot bootloader"
fi
LOG INFO "expect fastboot format ${scratch_partition} to fail"
fastboot format ${scratch_partition} &&
( fastboot reboot || true) &&
die "fastboot can format ${scratch_partition}"
fi
- fastboot reboot ||
- die "can not reboot out of fastboot"
- LOG WARNING "adb after fastboot"
+
+ fastboot reboot || die "cannot reboot out of fastboot"
+ LOG INFO "reboot from fastboot"
adb_wait ${ADB_WAIT} ||
fixup_from_recovery ||
- die "did not reboot after formatting ${scratch_partition} `usb_status`"
+ die "cannot reboot after flash vendor $(usb_status)"
if ${overlayfs_needed}; then
adb_root &&
D=`adb_sh df -k </dev/null` &&
@@ -1453,35 +1462,30 @@
if ${is_userspace_fastboot}; then
die "overlay supposed to be minus /vendor takeover after flash vendor"
else
- LOG WARNING "user fastboot missing required to invalidate, ignoring a failure"
+ LOG WARNING "fastbootd missing required to invalidate, ignoring a failure"
LOG WARNING "overlay supposed to be minus /vendor takeover after flash vendor"
fi
fi
- B="`adb_cat /system/hello`"
- check_eq "${A}" "${B}" system after flash vendor
- B="`adb_ls /system/`" ||
- die "adb ls /system"
- [ X"${B}" != X"${B#*priv-app}" ] ||
- die "adb ls /system/priv-app"
- B="`adb_cat /system/priv-app/hello`"
- check_eq "${A}" "${B}" system/priv-app after flash vendor
- adb_root ||
- die "adb root"
- B="`adb_cat /vendor/hello`"
- if ${is_userspace_fastboot} || ! ${overlayfs_needed}; then
- check_eq "cat: /vendor/hello: No such file or directory" "${B}" \
- vendor content after flash vendor
- else
- LOG WARNING "user fastboot missing required to invalidate, ignoring a failure"
- check_eq "cat: /vendor/hello: No such file or directory" "${B}" \
- --warning vendor content after flash vendor
+ check_eq "${A}" "$(adb_cat /system/hello)" "/system content after flash vendor"
+ check_eq "${SYSTEM_INO}" "$(adb_sh stat --format=%i /system/hello </dev/null)" "system inode after flash vendor"
+ adb_sh ls /system >/dev/null || die "ls /system"
+ adb_test -d /system/priv-app || die "[ -d /system/priv-app ]"
+ check_eq "${A}" "$(adb_cat /system/priv-app/hello)" "/system/priv-app content after flash vendor"
+ adb_root || die "adb root"
+ if adb_test -e /vendor/hello; then
+ if ${is_userspace_fastboot} || ! ${overlayfs_needed}; then
+ die "vendor content after flash vendor"
+ else
+ LOG WARNING "fastbootd missing required to invalidate, ignoring a failure"
+ LOG WARNING "vendor content after flash vendor"
+ fi
fi
-
- check_eq "${SYSTEM_INO}" "`adb_sh stat --format=%i /system/hello </dev/null`" system inode after reboot
-
-fi
+ LOG OK "vendor override destroyed after flash verdor"
+fi >&2
wait_for_screen
+
+################################################################################
LOG RUN "remove test content (cleanup)"
T=`adb_date`
@@ -1506,12 +1510,12 @@
adb_sh rm /system/hello /system/priv-app/hello </dev/null ||
( [ -n "${L}" ] && echo "${L}" && false ) >&2 ||
die -t ${T} "cleanup hello"
-B="`adb_cat /system/hello`"
-check_eq "cat: /system/hello: No such file or directory" "${B}" after rm
-B="`adb_cat /system/priv-app/hello`"
-check_eq "cat: /system/priv-app/hello: No such file or directory" "${B}" after rm
-B="`adb_cat /vendor/hello`"
-check_eq "cat: /vendor/hello: No such file or directory" "${B}" after rm
+adb_test -e /system/hello &&
+ die "/system/hello lingers after rm"
+adb_test -e /system/priv-app/hello &&
+ die "/system/priv-app/hello lingers after rm"
+adb_test -e /vendor/hello &&
+ die "/vendor/hello lingers after rm"
for i in ${MOUNTS}; do
adb_sh rm ${i}/hello </dev/null 2>/dev/null || true
done
@@ -1523,19 +1527,12 @@
avc_check
adb reboot fastboot </dev/null ||
die "Reboot into fastbootd"
- img=${TMPDIR}/adb-remount-test-${$}.img
- cleanup() {
- rm ${img}
- }
+ img="${TMPDIR}/adb-remount-test-${$}.img"
dd if=/dev/zero of=${img} bs=4096 count=16 2>/dev/null &&
fastboot_wait ${FASTBOOT_WAIT} ||
die "reboot into fastboot to flash scratch `usb_status`"
fastboot flash --force ${scratch_partition} ${img}
err=${?}
- cleanup
- cleanup() {
- true
- }
fastboot reboot ||
die "can not reboot out of fastboot"
[ 0 -eq ${err} ] ||
@@ -1565,12 +1562,7 @@
[ X"${D}" != X"${D##*[Uu]sing overlayfs}" ] &&
LOG OK "${scratch_partition} recreated" ||
die -t ${T} "setup for overlayfs"
- D=`adb remount 2>&1`
- err=${?}
- echo "${D}" >&2
- [ ${err} != 0 ] ||
- [ X"${D}" = X"${D##*remount failed}" ] ||
- ( echo "${D}" && false ) >&2 ||
+ adb remount >&2 ||
die -t ${T} "remount failed"
fi
@@ -1604,21 +1596,6 @@
die "/vendor is not read-write"
LOG OK "mount -o rw,remount command works"
-# Prerequisite is a prepped device from above.
-adb_reboot &&
- adb_wait ${ADB_WAIT} ||
- fixup_from_fastboot ||
- die "lost device after reboot to ro state `usb_status`"
-adb_sh grep " /vendor .* rw," /proc/mounts >/dev/null </dev/null &&
- die "/vendor is not read-only"
-adb_su remount vendor </dev/null ||
- die "remount command"
-adb_sh grep " /vendor .* rw," /proc/mounts >/dev/null </dev/null ||
- die "/vendor is not read-write"
-adb_sh grep " /system .* rw," /proc/mounts >/dev/null </dev/null &&
- die "/vendor is not read-only"
-LOG OK "remount command works from setup"
-
# Prerequisite is an overlayfs deconstructed device but with verity disabled.
# This also saves a lot of 'noise' from the command doing a mkfs on backing
# storage and all the related tuning and adjustment.
@@ -1638,51 +1615,5 @@
die "/system is not read-only"
LOG OK "remount command works from scratch"
-if ! restore; then
- restore() {
- true
- }
- die "failed to restore verity after remount from scratch test"
-fi
-
-err=0
-
-if ${overlayfs_supported}; then
- LOG RUN "test 'adb remount -R'"
- avc_check
- adb_root ||
- die "adb root in preparation for adb remount -R"
- T=`adb_date`
- adb remount -R
- err=${?}
- if [ "${err}" != 0 ]; then
- die -t ${T} "adb remount -R = ${err}"
- fi
- sleep 2
- adb_wait ${ADB_WAIT} ||
- die "waiting for device after adb remount -R `usb_status`"
- if [ "orange" != "`get_property ro.boot.verifiedbootstate`" -o \
- "2" = "`get_property partition.system.verified`" ] &&
- [ -n "`get_property ro.boot.verifiedbootstate`" -o \
- -n "`get_property partition.system.verified`" ]; then
- die "remount -R command failed to disable verity
-${INDENT}ro.boot.verifiedbootstate=\"`get_property ro.boot.verifiedbootstate`\"
-${INDENT}partition.system.verified=\"`get_property partition.system.verified`\""
- fi
-
- LOG OK "'adb remount -R' command"
-
- restore
- err=${?}
-fi
-
-restore() {
- true
-}
-
-[ ${err} = 0 ] ||
- die "failed to restore verity"
LOG PASSED "adb remount test"
-
-test_duration
diff --git a/init/apex_init_util.cpp b/init/apex_init_util.cpp
index de9f547..d618a6e 100644
--- a/init/apex_init_util.cpp
+++ b/init/apex_init_util.cpp
@@ -81,16 +81,13 @@
}
Result<void> ParseApexConfigs(const std::string& apex_name) {
- Result<std::vector<std::string>> configs = CollectApexConfigs(apex_name);
- if (!configs.ok()) {
- return configs.error();
- }
+ auto configs = OR_RETURN(CollectApexConfigs(apex_name));
- if (configs.value().empty()) {
+ if (configs.empty()) {
return {};
}
- auto filtered_configs = FilterVersionedConfigs(configs.value(),
+ auto filtered_configs = FilterVersionedConfigs(configs,
android::base::GetIntProperty("ro.build.version.sdk", INT_MAX));
return ParseConfigs(filtered_configs);
}
diff --git a/init/init.cpp b/init/init.cpp
index 9411b47..ce668d7 100644
--- a/init/init.cpp
+++ b/init/init.cpp
@@ -490,7 +490,6 @@
return Error() << "Unable to stop all service from " << apex_name;
}
RemoveServiceAndActionFromApex(apex_name);
- SetProperty("init.apex." + apex_name, "unloaded");
return {};
}
@@ -522,7 +521,6 @@
return result.error();
}
- SetProperty("init.apex." + apex_name, "loaded");
return {};
}
diff --git a/init/init_test.cpp b/init/init_test.cpp
index 529bbdf..05cf3fd 100644
--- a/init/init_test.cpp
+++ b/init/init_test.cpp
@@ -535,20 +535,6 @@
EXPECT_EQ(2, num_executed);
}
-TEST(init, RespondToCtlApexMessages) {
- if (getuid() != 0) {
- GTEST_SKIP() << "Skipping test, must be run as root.";
- return;
- }
-
- std::string apex_name = "com.android.apex.cts.shim";
- SetProperty("ctl.apex_unload", apex_name);
- EXPECT_TRUE(WaitForProperty("init.apex." + apex_name, "unloaded", 10s));
-
- SetProperty("ctl.apex_load", apex_name);
- EXPECT_TRUE(WaitForProperty("init.apex." + apex_name, "loaded", 10s));
-}
-
TEST(init, RejectsCriticalAndOneshotService) {
if (GetIntProperty("ro.product.first_api_level", 10000) < 30) {
GTEST_SKIP() << "Test only valid for devices launching with R or later";
diff --git a/init/reboot.cpp b/init/reboot.cpp
index 4e4bfd8..880674c 100644
--- a/init/reboot.cpp
+++ b/init/reboot.cpp
@@ -491,7 +491,7 @@
return ErrnoError() << "zram_backing_dev: swapoff (" << backing_dev << ")"
<< " failed";
}
- LOG(INFO) << "swapoff() took " << swap_timer;;
+ LOG(INFO) << "swapoff() took " << swap_timer;
if (!WriteStringToFile("1", ZRAM_RESET)) {
return Error() << "zram_backing_dev: reset (" << backing_dev << ")"