Merge "adb: fix infinite loop when attempting to push to //foo."
diff --git a/adb/Android.bp b/adb/Android.bp
index 57872b0..9ef82bf 100644
--- a/adb/Android.bp
+++ b/adb/Android.bp
@@ -629,6 +629,7 @@
"libselinux",
],
test_suites: ["device-tests"],
+ require_root: true,
}
python_test_host {
diff --git a/adb/adb.cpp b/adb/adb.cpp
index ba6df7a..1ec145b 100644
--- a/adb/adb.cpp
+++ b/adb/adb.cpp
@@ -1131,7 +1131,9 @@
if (service == "features") {
std::string error;
- atransport* t = acquire_one_transport(type, serial, transport_id, nullptr, &error);
+ atransport* t =
+ s->transport ? s->transport
+ : acquire_one_transport(type, serial, transport_id, nullptr, &error);
if (t != nullptr) {
SendOkay(reply_fd, FeatureSetToString(t->features()));
} else {
@@ -1190,7 +1192,9 @@
// These always report "unknown" rather than the actual error, for scripts.
if (service == "get-serialno") {
std::string error;
- atransport* t = acquire_one_transport(type, serial, transport_id, nullptr, &error);
+ atransport* t =
+ s->transport ? s->transport
+ : acquire_one_transport(type, serial, transport_id, nullptr, &error);
if (t) {
SendOkay(reply_fd, !t->serial.empty() ? t->serial : "unknown");
} else {
@@ -1200,7 +1204,9 @@
}
if (service == "get-devpath") {
std::string error;
- atransport* t = acquire_one_transport(type, serial, transport_id, nullptr, &error);
+ atransport* t =
+ s->transport ? s->transport
+ : acquire_one_transport(type, serial, transport_id, nullptr, &error);
if (t) {
SendOkay(reply_fd, !t->devpath.empty() ? t->devpath : "unknown");
} else {
@@ -1210,7 +1216,9 @@
}
if (service == "get-state") {
std::string error;
- atransport* t = acquire_one_transport(type, serial, transport_id, nullptr, &error);
+ atransport* t =
+ s->transport ? s->transport
+ : acquire_one_transport(type, serial, transport_id, nullptr, &error);
if (t) {
SendOkay(reply_fd, t->connection_state_name());
} else {
@@ -1234,7 +1242,9 @@
if (service == "reconnect") {
std::string response;
- atransport* t = acquire_one_transport(type, serial, transport_id, nullptr, &response, true);
+ atransport* t = s->transport ? s->transport
+ : acquire_one_transport(type, serial, transport_id, nullptr,
+ &response, true);
if (t != nullptr) {
kick_transport(t, true);
response =
@@ -1246,8 +1256,15 @@
// TODO: Switch handle_forward_request to string_view.
std::string service_str(service);
- if (handle_forward_request(
- service_str.c_str(), [=](std::string* error) { return s->transport; }, reply_fd)) {
+ auto transport_acquirer = [=](std::string* error) {
+ if (s->transport) {
+ return s->transport;
+ } else {
+ std::string error;
+ return acquire_one_transport(type, serial, transport_id, nullptr, &error);
+ }
+ };
+ if (handle_forward_request(service_str.c_str(), transport_acquirer, reply_fd)) {
return HostRequestResult::Handled;
}
diff --git a/adb/client/adb_install.cpp b/adb/client/adb_install.cpp
index a6e8998..042a2d6 100644
--- a/adb/client/adb_install.cpp
+++ b/adb/client/adb_install.cpp
@@ -201,69 +201,68 @@
#else
error_exit("fastdeploy is disabled");
#endif
- } else {
- struct stat sb;
- if (stat(file, &sb) == -1) {
- fprintf(stderr, "adb: failed to stat %s: %s\n", file, strerror(errno));
- return 1;
- }
+ }
- unique_fd local_fd(adb_open(file, O_RDONLY | O_CLOEXEC));
- if (local_fd < 0) {
- fprintf(stderr, "adb: failed to open %s: %s\n", file, strerror(errno));
- return 1;
- }
-
-#ifdef __linux__
- posix_fadvise(local_fd.get(), 0, 0, POSIX_FADV_SEQUENTIAL | POSIX_FADV_NOREUSE);
-#endif
-
- const bool use_abb = can_use_feature(kFeatureAbb);
- std::string error;
- std::vector<std::string> cmd_args = {use_abb ? "package" : "exec:cmd package"};
- cmd_args.reserve(argc + 3);
-
- // don't copy the APK name, but, copy the rest of the arguments as-is
- while (argc-- > 1) {
- if (use_abb) {
- cmd_args.push_back(*argv++);
- } else {
- cmd_args.push_back(escape_arg(*argv++));
- }
- }
-
- // add size parameter [required for streaming installs]
- // do last to override any user specified value
- cmd_args.push_back("-S");
- cmd_args.push_back(
- android::base::StringPrintf("%" PRIu64, static_cast<uint64_t>(sb.st_size)));
-
- if (is_apex) {
- cmd_args.push_back("--apex");
- }
-
- unique_fd remote_fd;
- if (use_abb) {
- remote_fd = send_abb_exec_command(cmd_args, &error);
- } else {
- remote_fd.reset(adb_connect(android::base::Join(cmd_args, " "), &error));
- }
- if (remote_fd < 0) {
- fprintf(stderr, "adb: connect error for write: %s\n", error.c_str());
- return 1;
- }
-
- copy_to_file(local_fd.get(), remote_fd.get());
-
- char buf[BUFSIZ];
- read_status_line(remote_fd.get(), buf, sizeof(buf));
- if (!strncmp("Success", buf, 7)) {
- fputs(buf, stdout);
- return 0;
- }
- fprintf(stderr, "adb: failed to install %s: %s", file, buf);
+ struct stat sb;
+ if (stat(file, &sb) == -1) {
+ fprintf(stderr, "adb: failed to stat %s: %s\n", file, strerror(errno));
return 1;
}
+
+ unique_fd local_fd(adb_open(file, O_RDONLY | O_CLOEXEC));
+ if (local_fd < 0) {
+ fprintf(stderr, "adb: failed to open %s: %s\n", file, strerror(errno));
+ return 1;
+ }
+
+#ifdef __linux__
+ posix_fadvise(local_fd.get(), 0, 0, POSIX_FADV_SEQUENTIAL | POSIX_FADV_NOREUSE);
+#endif
+
+ const bool use_abb = can_use_feature(kFeatureAbbExec);
+ std::string error;
+ std::vector<std::string> cmd_args = {use_abb ? "package" : "exec:cmd package"};
+ cmd_args.reserve(argc + 3);
+
+ // don't copy the APK name, but, copy the rest of the arguments as-is
+ while (argc-- > 1) {
+ if (use_abb) {
+ cmd_args.push_back(*argv++);
+ } else {
+ cmd_args.push_back(escape_arg(*argv++));
+ }
+ }
+
+ // add size parameter [required for streaming installs]
+ // do last to override any user specified value
+ cmd_args.push_back("-S");
+ cmd_args.push_back(android::base::StringPrintf("%" PRIu64, static_cast<uint64_t>(sb.st_size)));
+
+ if (is_apex) {
+ cmd_args.push_back("--apex");
+ }
+
+ unique_fd remote_fd;
+ if (use_abb) {
+ remote_fd = send_abb_exec_command(cmd_args, &error);
+ } else {
+ remote_fd.reset(adb_connect(android::base::Join(cmd_args, " "), &error));
+ }
+ if (remote_fd < 0) {
+ fprintf(stderr, "adb: connect error for write: %s\n", error.c_str());
+ return 1;
+ }
+
+ copy_to_file(local_fd.get(), remote_fd.get());
+
+ char buf[BUFSIZ];
+ read_status_line(remote_fd.get(), buf, sizeof(buf));
+ if (!strncmp("Success", buf, 7)) {
+ fputs(buf, stdout);
+ return 0;
+ }
+ fprintf(stderr, "adb: failed to install %s: %s", file, buf);
+ return 1;
}
static int install_app_legacy(int argc, const char** argv, bool use_fastdeploy,
diff --git a/adb/client/commandline.cpp b/adb/client/commandline.cpp
index fe2bdfe..a0818d3 100644
--- a/adb/client/commandline.cpp
+++ b/adb/client/commandline.cpp
@@ -1713,8 +1713,12 @@
}
if (CanUseFeature(features, kFeatureRemountShell)) {
- const char* arg[2] = {"shell", "remount"};
- return adb_shell(2, arg);
+ std::vector<const char*> args = {"shell"};
+ args.insert(args.cend(), argv, argv + argc);
+ return adb_shell(args.size(), args.data());
+ } else if (argc > 1) {
+ auto command = android::base::StringPrintf("%s:%s", argv[0], argv[1]);
+ return adb_connect_command(command);
} else {
return adb_connect_command("remount:");
}
diff --git a/adb/fastdeploy/deploypatchgenerator/deploy_patch_generator.cpp b/adb/fastdeploy/deploypatchgenerator/deploy_patch_generator.cpp
index 22c9243..154c9b9 100644
--- a/adb/fastdeploy/deploypatchgenerator/deploy_patch_generator.cpp
+++ b/adb/fastdeploy/deploypatchgenerator/deploy_patch_generator.cpp
@@ -46,10 +46,10 @@
void DeployPatchGenerator::APKEntryToLog(const APKEntry& entry) {
Log("Filename: %s", entry.filename().c_str());
- Log("CRC32: 0x%08llX", entry.crc32());
- Log("Data Offset: %lld", entry.dataoffset());
- Log("Compressed Size: %lld", entry.compressedsize());
- Log("Uncompressed Size: %lld", entry.uncompressedsize());
+ Log("CRC32: 0x%08" PRIX64, entry.crc32());
+ Log("Data Offset: %" PRId64, entry.dataoffset());
+ Log("Compressed Size: %" PRId64, entry.compressedsize());
+ Log("Uncompressed Size: %" PRId64, entry.uncompressedsize());
}
void DeployPatchGenerator::APKMetaDataToLog(const char* file, const APKMetaData& metadata) {
@@ -164,4 +164,4 @@
return lhs.localEntry->dataoffset() < rhs.localEntry->dataoffset();
});
return totalSize;
-}
\ No newline at end of file
+}
diff --git a/adb/sockets.cpp b/adb/sockets.cpp
index 75993b3..e78530c 100644
--- a/adb/sockets.cpp
+++ b/adb/sockets.cpp
@@ -757,6 +757,8 @@
#if ADB_HOST
service = std::string_view(s->smart_socket_data).substr(4);
+
+ // TODO: These should be handled in handle_host_request.
if (android::base::ConsumePrefix(&service, "host-serial:")) {
// serial number should follow "host:" and could be a host:port string.
if (!internal::parse_host_service(&serial, &service, service)) {
diff --git a/adb/test_device.py b/adb/test_device.py
index b845e3e..32d797e 100755
--- a/adb/test_device.py
+++ b/adb/test_device.py
@@ -139,6 +139,25 @@
msg = self.device.forward_list()
self.assertEqual('', msg.strip())
+ def test_forward_old_protocol(self):
+ serialno = subprocess.check_output(self.device.adb_cmd + ['get-serialno']).strip()
+
+ msg = self.device.forward_list()
+ self.assertEqual('', msg.strip(),
+ 'Forwarding list must be empty to run this test.')
+
+ s = socket.create_connection(("localhost", 5037))
+ service = b"host-serial:%s:forward:tcp:5566;tcp:6655" % serialno
+ cmd = b"%04x%s" % (len(service), service)
+ s.sendall(cmd)
+
+ msg = self.device.forward_list()
+ self.assertTrue(re.search(r'tcp:5566.+tcp:6655', msg))
+
+ self.device.forward_remove_all()
+ msg = self.device.forward_list()
+ self.assertEqual('', msg.strip())
+
def test_forward_tcp_port_0(self):
self.assertEqual('', self.device.forward_list().strip(),
'Forwarding list must be empty to run this test.')
diff --git a/adb/transport.h b/adb/transport.h
index 61a3d9a..c38cb1d 100644
--- a/adb/transport.h
+++ b/adb/transport.h
@@ -65,8 +65,10 @@
extern const char* const kFeatureApex;
// adbd has b/110953234 fixed.
extern const char* const kFeatureFixedPushMkdir;
-// adbd supports android binder bridge (abb).
+// adbd supports android binder bridge (abb) in interactive mode using shell protocol.
extern const char* const kFeatureAbb;
+// adbd supports abb using raw pipe.
+extern const char* const kFeatureAbbExec;
// adbd properly updates symlink timestamps on push.
extern const char* const kFeatureFixedPushSymlinkTimestamp;
extern const char* const kFeatureRemountShell;
diff --git a/base/Android.bp b/base/Android.bp
index 357ce01..f5000c1 100644
--- a/base/Android.bp
+++ b/base/Android.bp
@@ -20,8 +20,14 @@
"-Wall",
"-Werror",
"-Wextra",
- "-D_FILE_OFFSET_BITS=64",
],
+ target: {
+ android: {
+ cflags: [
+ "-D_FILE_OFFSET_BITS=64",
+ ],
+ },
+ },
}
cc_library_headers {
diff --git a/base/include/android-base/endian.h b/base/include/android-base/endian.h
index 2d0f614..8fa6365 100644
--- a/base/include/android-base/endian.h
+++ b/base/include/android-base/endian.h
@@ -51,8 +51,10 @@
/* macOS has some of the basics. */
#include <sys/_endian.h>
#else
-/* Windows has even less. */
+/* Windows has some of the basics as well. */
#include <sys/param.h>
+#include <winsock2.h>
+/* winsock2.h *must* be included before the following four macros. */
#define htons(x) __builtin_bswap16(x)
#define htonl(x) __builtin_bswap32(x)
#define ntohs(x) __builtin_bswap16(x)
diff --git a/bootstat/bootstat.cpp b/bootstat/bootstat.cpp
index dd24aac..d08a59f 100644
--- a/bootstat/bootstat.cpp
+++ b/bootstat/bootstat.cpp
@@ -311,6 +311,7 @@
{"shutdown,userrequested,recovery", 182},
{"reboot,unknown[0-9]*", 183},
{"reboot,longkey,.*", 184},
+ {"reboot,boringssl-self-check-failed", 185},
};
// Converts a string value representing the reason the system booted to an
diff --git a/debuggerd/debuggerd_test.cpp b/debuggerd/debuggerd_test.cpp
index fbc8b97..c9a193c 100644
--- a/debuggerd/debuggerd_test.cpp
+++ b/debuggerd/debuggerd_test.cpp
@@ -176,7 +176,7 @@
if (crasher_pid != -1) {
kill(crasher_pid, SIGKILL);
int status;
- waitpid(crasher_pid, &status, WUNTRACED);
+ TEMP_FAILURE_RETRY(waitpid(crasher_pid, &status, WUNTRACED));
}
android::base::SetProperty(kWaitForGdbKey, previous_wait_for_gdb ? "1" : "0");
@@ -195,8 +195,7 @@
void CrasherTest::FinishIntercept(int* result) {
InterceptResponse response;
- // Timeout for tombstoned intercept is 10 seconds.
- ssize_t rc = TIMEOUT(20, read(intercept_fd.get(), &response, sizeof(response)));
+ ssize_t rc = TIMEOUT(30, read(intercept_fd.get(), &response, sizeof(response)));
if (rc == -1) {
FAIL() << "failed to read response from tombstoned: " << strerror(errno);
} else if (rc == 0) {
@@ -233,7 +232,7 @@
FAIL() << "crasher pipe uninitialized";
}
- ssize_t rc = write(crasher_pipe.get(), "\n", 1);
+ ssize_t rc = TEMP_FAILURE_RETRY(write(crasher_pipe.get(), "\n", 1));
if (rc == -1) {
FAIL() << "failed to write to crasher pipe: " << strerror(errno);
} else if (rc == 0) {
@@ -243,7 +242,7 @@
void CrasherTest::AssertDeath(int signo) {
int status;
- pid_t pid = TIMEOUT(10, waitpid(crasher_pid, &status, 0));
+ pid_t pid = TIMEOUT(30, waitpid(crasher_pid, &status, 0));
if (pid != crasher_pid) {
printf("failed to wait for crasher (expected pid %d, return value %d): %s\n", crasher_pid, pid,
strerror(errno));
@@ -441,7 +440,7 @@
FinishCrasher();
int status;
- ASSERT_EQ(crasher_pid, waitpid(crasher_pid, &status, WUNTRACED));
+ ASSERT_EQ(crasher_pid, TEMP_FAILURE_RETRY(waitpid(crasher_pid, &status, WUNTRACED)));
ASSERT_TRUE(WIFSTOPPED(status));
ASSERT_EQ(SIGSTOP, WSTOPSIG(status));
@@ -603,13 +602,15 @@
policy += "\nclone: 1";
policy += "\nsigaltstack: 1";
policy += "\nnanosleep: 1";
+ policy += "\ngetrlimit: 1";
+ policy += "\nugetrlimit: 1";
FILE* tmp_file = tmpfile();
if (!tmp_file) {
PLOG(FATAL) << "tmpfile failed";
}
- unique_fd tmp_fd(dup(fileno(tmp_file)));
+ unique_fd tmp_fd(TEMP_FAILURE_RETRY(dup(fileno(tmp_file))));
if (!android::base::WriteStringToFd(policy, tmp_fd.get())) {
PLOG(FATAL) << "failed to write policy to tmpfile";
}
@@ -822,7 +823,7 @@
FinishCrasher();
int status;
- ASSERT_EQ(crasher_pid, waitpid(crasher_pid, &status, 0));
+ ASSERT_EQ(crasher_pid, TEMP_FAILURE_RETRY(waitpid(crasher_pid, &status, 0)));
ASSERT_TRUE(WIFSTOPPED(status));
ASSERT_EQ(SIGABRT, WSTOPSIG(status));
@@ -837,7 +838,7 @@
regex += R"( \(.+debuggerd_test)";
ASSERT_MATCH(result, regex.c_str());
- ASSERT_EQ(crasher_pid, waitpid(crasher_pid, &status, 0));
+ ASSERT_EQ(crasher_pid, TEMP_FAILURE_RETRY(waitpid(crasher_pid, &status, 0)));
ASSERT_TRUE(WIFSTOPPED(status));
ASSERT_EQ(SIGABRT, WSTOPSIG(status));
@@ -851,7 +852,7 @@
StartProcess([]() {
android_fdsan_set_error_level(ANDROID_FDSAN_ERROR_LEVEL_WARN_ONCE);
- unique_fd fd(open("/dev/null", O_RDONLY | O_CLOEXEC));
+ unique_fd fd(TEMP_FAILURE_RETRY(open("/dev/null", O_RDONLY | O_CLOEXEC)));
if (fd == -1) {
abort();
}
@@ -886,13 +887,13 @@
raise(DEBUGGER_SIGNAL);
errno = 0;
- rc = waitpid(-1, &status, __WALL | __WNOTHREAD);
+ rc = TEMP_FAILURE_RETRY(waitpid(-1, &status, __WALL | __WNOTHREAD));
if (rc != -1 || errno != ECHILD) {
errx(2, "second waitpid returned %d (%s), expected failure with ECHILD", rc, strerror(errno));
}
_exit(0);
} else {
- rc = waitpid(forkpid, &status, 0);
+ rc = TEMP_FAILURE_RETRY(waitpid(forkpid, &status, 0));
ASSERT_EQ(forkpid, rc);
ASSERT_TRUE(WIFEXITED(status));
ASSERT_EQ(0, WEXITSTATUS(status));
diff --git a/fastboot/Android.bp b/fastboot/Android.bp
index 978eed0..f452a64 100644
--- a/fastboot/Android.bp
+++ b/fastboot/Android.bp
@@ -143,6 +143,10 @@
static_libs: [
"libhealthhalutils",
],
+
+ header_libs: [
+ "libsnapshot_headers",
+ ]
}
cc_defaults {
@@ -185,7 +189,11 @@
// will violate ODR.
shared_libs: [],
- header_libs: ["bootimg_headers"],
+ header_libs: [
+ "avb_headers",
+ "bootimg_headers",
+ ],
+
static_libs: [
"libziparchive",
"libsparse",
diff --git a/fastboot/device/flashing.cpp b/fastboot/device/flashing.cpp
index 99854c9..102ebdb 100644
--- a/fastboot/device/flashing.cpp
+++ b/fastboot/device/flashing.cpp
@@ -32,6 +32,7 @@
#include <fstab/fstab.h>
#include <liblp/builder.h>
#include <liblp/liblp.h>
+#include <libsnapshot/snapshot.h>
#include <sparse/sparse.h>
#include "fastboot_device.h"
@@ -171,6 +172,11 @@
if (!slot_suffix.empty() && GetPartitionSlotSuffix(partition_name) == slot_suffix) {
continue;
}
+ std::string group_name = GetPartitionGroupName(old_metadata->groups[partition.group_index]);
+ // Skip partitions in the COW group
+ if (group_name == android::snapshot::kCowGroupName) {
+ continue;
+ }
partitions_to_keep.emplace(partition_name);
}
diff --git a/fastboot/fastboot.cpp b/fastboot/fastboot.cpp
index 4737ae4..2fe3b1a 100644
--- a/fastboot/fastboot.cpp
+++ b/fastboot/fastboot.cpp
@@ -51,6 +51,7 @@
#include <utility>
#include <vector>
+#include <android-base/endian.h>
#include <android-base/file.h>
#include <android-base/macros.h>
#include <android-base/parseint.h>
@@ -59,6 +60,7 @@
#include <android-base/strings.h>
#include <android-base/unique_fd.h>
#include <build/version.h>
+#include <libavb/libavb.h>
#include <liblp/liblp.h>
#include <platform_tools_version.h>
#include <sparse/sparse.h>
@@ -874,7 +876,7 @@
return false;
}
- if (sparse_file* s = sparse_file_import_auto(fd, false, false)) {
+ if (sparse_file* s = sparse_file_import(fd, false, false)) {
buf->image_size = sparse_file_len(s, false, false);
sparse_file_destroy(s);
} else {
@@ -919,33 +921,50 @@
return load_buf_fd(fd.release(), buf);
}
-static void rewrite_vbmeta_buffer(struct fastboot_buffer* buf) {
+static void rewrite_vbmeta_buffer(struct fastboot_buffer* buf, bool vbmeta_in_boot) {
// Buffer needs to be at least the size of the VBMeta struct which
// is 256 bytes.
if (buf->sz < 256) {
return;
}
- int fd = make_temporary_fd("vbmeta rewriting");
-
std::string data;
if (!android::base::ReadFdToString(buf->fd, &data)) {
die("Failed reading from vbmeta");
}
+ uint64_t vbmeta_offset = 0;
+ if (vbmeta_in_boot) {
+ // Tries to locate top-level vbmeta from boot.img footer.
+ uint64_t footer_offset = buf->sz - AVB_FOOTER_SIZE;
+ if (0 != data.compare(footer_offset, AVB_FOOTER_MAGIC_LEN, AVB_FOOTER_MAGIC)) {
+ die("Failed to find AVB_FOOTER at offset: %" PRId64, footer_offset);
+ }
+ const AvbFooter* footer = reinterpret_cast<const AvbFooter*>(data.c_str() + footer_offset);
+ vbmeta_offset = be64toh(footer->vbmeta_offset);
+ }
+ // Ensures there is AVB_MAGIC at vbmeta_offset.
+ if (0 != data.compare(vbmeta_offset, AVB_MAGIC_LEN, AVB_MAGIC)) {
+ die("Failed to find AVB_MAGIC at offset: %" PRId64, vbmeta_offset);
+ }
+
+ fprintf(stderr, "Rewriting vbmeta struct at offset: %" PRId64 "\n", vbmeta_offset);
+
// There's a 32-bit big endian |flags| field at offset 120 where
// bit 0 corresponds to disable-verity and bit 1 corresponds to
// disable-verification.
//
// See external/avb/libavb/avb_vbmeta_image.h for the layout of
// the VBMeta struct.
+ uint64_t flags_offset = 123 + vbmeta_offset;
if (g_disable_verity) {
- data[123] |= 0x01;
+ data[flags_offset] |= 0x01;
}
if (g_disable_verification) {
- data[123] |= 0x02;
+ data[flags_offset] |= 0x02;
}
+ int fd = make_temporary_fd("vbmeta rewriting");
if (!android::base::WriteStringToFd(data, fd)) {
die("Failed writing to modified vbmeta");
}
@@ -954,14 +973,25 @@
lseek(fd, 0, SEEK_SET);
}
+static bool has_vbmeta_partition() {
+ std::string partition_type;
+ return fb->GetVar("partition-type:vbmeta", &partition_type) == fastboot::SUCCESS ||
+ fb->GetVar("partition-type:vbmeta_a", &partition_type) == fastboot::SUCCESS ||
+ fb->GetVar("partition-type:vbmeta_b", &partition_type) == fastboot::SUCCESS;
+}
+
static void flash_buf(const std::string& partition, struct fastboot_buffer *buf)
{
sparse_file** s;
// Rewrite vbmeta if that's what we're flashing and modification has been requested.
- if ((g_disable_verity || g_disable_verification) &&
- (partition == "vbmeta" || partition == "vbmeta_a" || partition == "vbmeta_b")) {
- rewrite_vbmeta_buffer(buf);
+ if (g_disable_verity || g_disable_verification) {
+ if (partition == "vbmeta" || partition == "vbmeta_a" || partition == "vbmeta_b") {
+ rewrite_vbmeta_buffer(buf, false /* vbmeta_in_boot */);
+ } else if (!has_vbmeta_partition() &&
+ (partition == "boot" || partition == "boot_a" || partition == "boot_b")) {
+ rewrite_vbmeta_buffer(buf, true /* vbmeta_in_boot */ );
+ }
}
switch (buf->type) {
diff --git a/fs_mgr/fs_mgr_dm_linear.cpp b/fs_mgr/fs_mgr_dm_linear.cpp
index ea799ce..0dcb9fe 100644
--- a/fs_mgr/fs_mgr_dm_linear.cpp
+++ b/fs_mgr/fs_mgr_dm_linear.cpp
@@ -79,22 +79,22 @@
return true;
}
-bool CreateDmTable(const IPartitionOpener& opener, const LpMetadata& metadata,
- const LpMetadataPartition& partition, const std::string& super_device,
- DmTable* table) {
+bool CreateDmTableInternal(const CreateLogicalPartitionParams& params, DmTable* table) {
+ const auto& super_device = params.block_device;
+
uint64_t sector = 0;
- for (size_t i = 0; i < partition.num_extents; i++) {
- const auto& extent = metadata.extents[partition.first_extent_index + i];
+ for (size_t i = 0; i < params.partition->num_extents; i++) {
+ const auto& extent = params.metadata->extents[params.partition->first_extent_index + i];
std::unique_ptr<DmTarget> target;
switch (extent.target_type) {
case LP_TARGET_TYPE_ZERO:
target = std::make_unique<DmTargetZero>(sector, extent.num_sectors);
break;
case LP_TARGET_TYPE_LINEAR: {
- const auto& block_device = metadata.block_devices[extent.target_source];
+ const auto& block_device = params.metadata->block_devices[extent.target_source];
std::string dev_string;
- if (!GetPhysicalPartitionDevicePath(opener, metadata, block_device, super_device,
- &dev_string)) {
+ if (!GetPhysicalPartitionDevicePath(*params.partition_opener, *params.metadata,
+ block_device, super_device, &dev_string)) {
LOG(ERROR) << "Unable to complete device-mapper table, unknown block device";
return false;
}
@@ -111,12 +111,21 @@
}
sector += extent.num_sectors;
}
- if (partition.attributes & LP_PARTITION_ATTR_READONLY) {
+ if (params.partition->attributes & LP_PARTITION_ATTR_READONLY) {
table->set_readonly(true);
}
+ if (params.force_writable) {
+ table->set_readonly(false);
+ }
return true;
}
+bool CreateDmTable(CreateLogicalPartitionParams params, DmTable* table) {
+ CreateLogicalPartitionParams::OwnedData owned_data;
+ if (!params.InitDefaults(&owned_data)) return false;
+ return CreateDmTableInternal(params, table);
+}
+
bool CreateLogicalPartitions(const std::string& block_device) {
uint32_t slot = SlotNumberForSlotSuffix(fs_mgr_get_slot_suffix());
auto metadata = ReadMetadata(block_device.c_str(), slot);
@@ -160,6 +169,11 @@
return false;
}
+ if (!partition_opener) {
+ owned->partition_opener = std::make_unique<PartitionOpener>();
+ partition_opener = owned->partition_opener.get();
+ }
+
// Read metadata if needed.
if (!metadata) {
if (!metadata_slot) {
@@ -167,7 +181,8 @@
return false;
}
auto slot = *metadata_slot;
- if (owned->metadata = ReadMetadata(block_device, slot); !owned->metadata) {
+ if (owned->metadata = ReadMetadata(*partition_opener, block_device, slot);
+ !owned->metadata) {
LOG(ERROR) << "Could not read partition table for: " << block_device;
return false;
}
@@ -195,11 +210,6 @@
return false;
}
- if (!partition_opener) {
- owned->partition_opener = std::make_unique<PartitionOpener>();
- partition_opener = owned->partition_opener.get();
- }
-
if (device_name.empty()) {
device_name = partition_name;
}
@@ -212,13 +222,9 @@
if (!params.InitDefaults(&owned_data)) return false;
DmTable table;
- if (!CreateDmTable(*params.partition_opener, *params.metadata, *params.partition,
- params.block_device, &table)) {
+ if (!CreateDmTableInternal(params, &table)) {
return false;
}
- if (params.force_writable) {
- table.set_readonly(false);
- }
DeviceMapper& dm = DeviceMapper::Instance();
if (!dm.CreateDevice(params.device_name, table, path, params.timeout_ms)) {
diff --git a/fs_mgr/fs_mgr_fstab.cpp b/fs_mgr/fs_mgr_fstab.cpp
index 4dbacd7..e50f7c3 100644
--- a/fs_mgr/fs_mgr_fstab.cpp
+++ b/fs_mgr/fs_mgr_fstab.cpp
@@ -36,6 +36,7 @@
#include "fs_mgr_priv.h"
+using android::base::EndsWith;
using android::base::ParseByteCount;
using android::base::ParseInt;
using android::base::ReadFileToString;
@@ -598,7 +599,7 @@
return boot_devices;
}
-FstabEntry BuildGsiUserdataFstabEntry() {
+FstabEntry BuildDsuUserdataFstabEntry() {
constexpr uint32_t kFlags = MS_NOATIME | MS_NOSUID | MS_NODEV;
FstabEntry userdata = {
@@ -627,7 +628,12 @@
return false;
}
-void TransformFstabForGsi(Fstab* fstab) {
+} // namespace
+
+void TransformFstabForDsu(Fstab* fstab, const std::vector<std::string>& dsu_partitions) {
+ static constexpr char kGsiKeys[] =
+ "/avb/q-gsi.avbpubkey:/avb/r-gsi.avbpubkey:/avb/s-gsi.avbpubkey";
+ // Convert userdata
// Inherit fstab properties for userdata.
FstabEntry userdata;
if (FstabEntry* entry = GetEntryForMountPoint(fstab, "/data")) {
@@ -639,19 +645,75 @@
userdata.key_dir += "/gsi";
}
} else {
- userdata = BuildGsiUserdataFstabEntry();
- }
-
- if (EraseFstabEntry(fstab, "/system")) {
- fstab->emplace_back(BuildGsiSystemFstabEntry());
+ userdata = BuildDsuUserdataFstabEntry();
}
if (EraseFstabEntry(fstab, "/data")) {
fstab->emplace_back(userdata);
}
-}
-} // namespace
+ // Convert others
+ for (auto&& partition : dsu_partitions) {
+ if (!EndsWith(partition, gsi::kDsuPostfix)) {
+ continue;
+ }
+ // userdata has been handled
+ if (StartsWith(partition, "user")) {
+ continue;
+ }
+ // dsu_partition_name = corresponding_partition_name + kDsuPostfix
+ // e.g.
+ // system_gsi for system
+ // product_gsi for product
+ // vendor_gsi for vendor
+ std::string lp_name = partition.substr(0, partition.length() - strlen(gsi::kDsuPostfix));
+ std::string mount_point = "/" + lp_name;
+ std::vector<FstabEntry*> entries = GetEntriesForMountPoint(fstab, mount_point);
+ if (entries.empty()) {
+ FstabEntry entry = {
+ .blk_device = partition,
+ .mount_point = mount_point,
+ .fs_type = "ext4",
+ .flags = MS_RDONLY,
+ .fs_options = "barrier=1",
+ .avb_keys = kGsiKeys,
+ // .logical_partition_name is required to look up AVB Hashtree descriptors.
+ .logical_partition_name = "system"};
+ entry.fs_mgr_flags.wait = true;
+ entry.fs_mgr_flags.logical = true;
+ entry.fs_mgr_flags.first_stage_mount = true;
+ // Use the system key which may be in the vbmeta or vbmeta_system
+ // TODO: b/141284191
+ entry.vbmeta_partition = "vbmeta";
+ fstab->emplace_back(entry);
+ entry.vbmeta_partition = "vbmeta_system";
+ fstab->emplace_back(entry);
+ } else {
+ // If the corresponding partition exists, transform all its Fstab
+ // by pointing .blk_device to the DSU partition.
+ for (auto&& entry : entries) {
+ entry->blk_device = partition;
+ if (entry->avb_keys.size() > 0) {
+ entry->avb_keys += ":";
+ }
+ // If the DSU is signed by OEM, the original Fstab already has the information
+ // required by avb, otherwise the DSU is GSI and will need the avb_keys as listed
+ // below.
+ entry->avb_keys += kGsiKeys;
+ }
+ // Make sure the ext4 is included to support GSI.
+ auto partition_ext4 =
+ std::find_if(fstab->begin(), fstab->end(), [&](const auto& entry) {
+ return entry.mount_point == mount_point && entry.fs_type == "ext4";
+ });
+ if (partition_ext4 == fstab->end()) {
+ auto new_entry = *GetEntryForMountPoint(fstab, mount_point);
+ new_entry.fs_type = "ext4";
+ fstab->emplace_back(new_entry);
+ }
+ }
+ }
+}
bool ReadFstabFromFile(const std::string& path, Fstab* fstab) {
auto fstab_file = std::unique_ptr<FILE, decltype(&fclose)>{fopen(path.c_str(), "re"), fclose};
@@ -667,7 +729,9 @@
return false;
}
if (!is_proc_mounts && !access(android::gsi::kGsiBootedIndicatorFile, F_OK)) {
- TransformFstabForGsi(fstab);
+ std::string lp_names;
+ ReadFileToString(gsi::kGsiLpNamesFile, &lp_names);
+ TransformFstabForDsu(fstab, Split(lp_names, ","));
}
SkipMountingPartitions(fstab);
@@ -779,6 +843,21 @@
return nullptr;
}
+std::vector<FstabEntry*> GetEntriesForMountPoint(Fstab* fstab, const std::string& path) {
+ std::vector<FstabEntry*> entries;
+ if (fstab == nullptr) {
+ return entries;
+ }
+
+ for (auto& entry : *fstab) {
+ if (entry.mount_point == path) {
+ entries.emplace_back(&entry);
+ }
+ }
+
+ return entries;
+}
+
std::set<std::string> GetBootDevices() {
// First check the kernel commandline, then try the device tree otherwise
std::string dt_file_name = get_android_dt_dir() + "/boot_devices";
@@ -798,23 +877,6 @@
return ExtraBootDevices(fstab);
}
-FstabEntry BuildGsiSystemFstabEntry() {
- // .logical_partition_name is required to look up AVB Hashtree descriptors.
- FstabEntry system = {
- .blk_device = "system_gsi",
- .mount_point = "/system",
- .fs_type = "ext4",
- .flags = MS_RDONLY,
- .fs_options = "barrier=1",
- // could add more keys separated by ':'.
- .avb_keys = "/avb/q-gsi.avbpubkey:/avb/r-gsi.avbpubkey:/avb/s-gsi.avbpubkey",
- .logical_partition_name = "system"};
- system.fs_mgr_flags.wait = true;
- system.fs_mgr_flags.logical = true;
- system.fs_mgr_flags.first_stage_mount = true;
- return system;
-}
-
std::string GetVerityDeviceName(const FstabEntry& entry) {
std::string base_device;
if (entry.mount_point == "/") {
diff --git a/fs_mgr/include/fs_mgr_dm_linear.h b/fs_mgr/include/fs_mgr_dm_linear.h
index a912208..f3d09fb 100644
--- a/fs_mgr/include/fs_mgr_dm_linear.h
+++ b/fs_mgr/include/fs_mgr_dm_linear.h
@@ -105,9 +105,7 @@
bool DestroyLogicalPartition(const std::string& name);
// Helper for populating a DmTable for a logical partition.
-bool CreateDmTable(const IPartitionOpener& opener, const LpMetadata& metadata,
- const LpMetadataPartition& partition, const std::string& super_device,
- android::dm::DmTable* table);
+bool CreateDmTable(CreateLogicalPartitionParams params, android::dm::DmTable* table);
} // namespace fs_mgr
} // namespace android
diff --git a/fs_mgr/include_fstab/fstab/fstab.h b/fs_mgr/include_fstab/fstab/fstab.h
index c7193ab..d999ae1 100644
--- a/fs_mgr/include_fstab/fstab/fstab.h
+++ b/fs_mgr/include_fstab/fstab/fstab.h
@@ -101,9 +101,18 @@
bool SkipMountingPartitions(Fstab* fstab);
FstabEntry* GetEntryForMountPoint(Fstab* fstab, const std::string& path);
+// The Fstab can contain multiple entries for the same mount point with different configurations.
+std::vector<FstabEntry*> GetEntriesForMountPoint(Fstab* fstab, const std::string& path);
-// Helper method to build a GSI fstab entry for mounting /system.
-FstabEntry BuildGsiSystemFstabEntry();
+// This method builds DSU fstab entries and transfer the fstab.
+//
+// fstab points to the unmodified fstab.
+//
+// dsu_partitions contains partition names, e.g.
+// dsu_partitions[0] = "system_gsi"
+// dsu_partitions[1] = "userdata_gsi"
+// dsu_partitions[2] = ...
+void TransformFstabForDsu(Fstab* fstab, const std::vector<std::string>& dsu_partitions);
std::set<std::string> GetBootDevices();
diff --git a/fs_mgr/libdm/Android.bp b/fs_mgr/libdm/Android.bp
index 4cdea71..449a170 100644
--- a/fs_mgr/libdm/Android.bp
+++ b/fs_mgr/libdm/Android.bp
@@ -44,9 +44,24 @@
},
}
-cc_test {
- name: "libdm_test",
- defaults: ["fs_mgr_defaults"],
+filegroup {
+ name: "libdm_test_srcs",
+ srcs: [
+ "dm_test.cpp",
+ "loop_control_test.cpp",
+ "test_util.cpp",
+ ],
+}
+
+cc_defaults {
+ name: "libdm_defaults",
+ sanitize: {
+ misc_undefined: ["integer"],
+ },
+ cflags: [
+ "-Wall",
+ "-Werror",
+ ],
static_libs: [
"libdm",
"libbase",
@@ -54,9 +69,10 @@
"libfs_mgr",
"liblog",
],
- srcs: [
- "dm_test.cpp",
- "loop_control_test.cpp",
- "test_util.cpp",
- ]
+ srcs: [":libdm_test_srcs"],
+}
+
+cc_test {
+ name: "libdm_test",
+ defaults: ["libdm_defaults"],
}
diff --git a/fs_mgr/libdm/vts_core/Android.bp b/fs_mgr/libdm/vts_core/Android.bp
new file mode 100644
index 0000000..2eceb28
--- /dev/null
+++ b/fs_mgr/libdm/vts_core/Android.bp
@@ -0,0 +1,23 @@
+//
+// Copyright (C) 2019 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+cc_test {
+ name: "vts_libdm_test",
+ defaults: ["libdm_defaults"],
+ test_suites: ["vts-core"],
+ require_root: true,
+ test_min_api_level: 29,
+}
diff --git a/fs_mgr/liblp/Android.bp b/fs_mgr/liblp/Android.bp
index f0142bb..7fee83c 100644
--- a/fs_mgr/liblp/Android.bp
+++ b/fs_mgr/liblp/Android.bp
@@ -55,19 +55,8 @@
export_include_dirs: ["include"],
}
-cc_defaults {
- name: "liblp_test_defaults",
- defaults: ["fs_mgr_defaults"],
- cppflags: [
- "-Wno-unused-parameter",
- ],
- static_libs: [
- "libcutils",
- "libgmock",
- "libfs_mgr",
- "liblp",
- ] + liblp_lib_deps,
- stl: "libc++_static",
+filegroup {
+ name: "liblp_test_srcs",
srcs: [
"builder_test.cpp",
"device_test.cpp",
@@ -77,14 +66,36 @@
],
}
+cc_defaults {
+ name: "liblp_test_defaults",
+ sanitize: {
+ misc_undefined: ["integer"],
+ },
+ cflags: [
+ "-Wall",
+ "-Werror",
+ ],
+ cppflags: [
+ "-Wno-unused-parameter",
+ ],
+ static_libs: [
+ "libcutils",
+ "libgmock",
+ "libfs_mgr",
+ "liblp",
+ ] + liblp_lib_deps,
+ header_libs: [
+ "libstorage_literals_headers",
+ ],
+ stl: "libc++_static",
+ srcs: [":liblp_test_srcs"],
+}
+
cc_test {
name: "liblp_test",
defaults: ["liblp_test_defaults"],
test_config: "liblp_test.xml",
- test_suites: [
- "device-tests",
- "vts-core",
- ],
+ test_suites: ["device-tests"],
}
cc_test {
diff --git a/fs_mgr/liblp/builder.cpp b/fs_mgr/liblp/builder.cpp
index c5d6a3b..96068b1 100644
--- a/fs_mgr/liblp/builder.cpp
+++ b/fs_mgr/liblp/builder.cpp
@@ -40,6 +40,10 @@
return true;
}
+Interval LinearExtent::AsInterval() const {
+ return Interval(device_index(), physical_sector(), end_sector());
+}
+
bool ZeroExtent::AddTo(LpMetadata* out) const {
out->extents.emplace_back(LpMetadataExtent{num_sectors_, LP_TARGET_TYPE_ZERO, 0, 0});
return true;
@@ -96,6 +100,20 @@
DCHECK(size_ == aligned_size);
}
+Partition Partition::GetBeginningExtents(uint64_t aligned_size) const {
+ Partition p(name_, group_name_, attributes_);
+ for (const auto& extent : extents_) {
+ auto le = extent->AsLinearExtent();
+ if (le) {
+ p.AddExtent(std::make_unique<LinearExtent>(*le));
+ } else {
+ p.AddExtent(std::make_unique<ZeroExtent>(extent->num_sectors()));
+ }
+ }
+ p.ShrinkTo(aligned_size);
+ return p;
+}
+
uint64_t Partition::BytesOnDisk() const {
uint64_t sectors = 0;
for (const auto& extent : extents_) {
@@ -486,7 +504,7 @@
return total;
}
-void MetadataBuilder::RemovePartition(const std::string& name) {
+void MetadataBuilder::RemovePartition(std::string_view name) {
for (auto iter = partitions_.begin(); iter != partitions_.end(); iter++) {
if ((*iter)->name() == name) {
partitions_.erase(iter);
@@ -602,6 +620,10 @@
return ret;
}
+std::unique_ptr<Extent> Interval::AsExtent() const {
+ return std::make_unique<LinearExtent>(length(), device_index, start);
+}
+
bool MetadataBuilder::GrowPartition(Partition* partition, uint64_t aligned_size,
const std::vector<Interval>& free_region_hint) {
uint64_t space_needed = aligned_size - partition->size();
@@ -1168,5 +1190,9 @@
: "";
}
+uint64_t MetadataBuilder::logical_block_size() const {
+ return geometry_.logical_block_size;
+}
+
} // namespace fs_mgr
} // namespace android
diff --git a/fs_mgr/liblp/builder_test.cpp b/fs_mgr/liblp/builder_test.cpp
index bd41f59..a67ffa7 100644
--- a/fs_mgr/liblp/builder_test.cpp
+++ b/fs_mgr/liblp/builder_test.cpp
@@ -17,11 +17,13 @@
#include <gmock/gmock.h>
#include <gtest/gtest.h>
#include <liblp/builder.h>
+#include <storage_literals/storage_literals.h>
#include "liblp_test.h"
#include "utility.h"
using namespace std;
+using namespace android::storage_literals;
using namespace android::fs_mgr;
using namespace android::fs_mgr::testing;
using ::testing::_;
@@ -591,13 +593,6 @@
ASSERT_NE(builder->Export(), nullptr);
}
-constexpr unsigned long long operator"" _GiB(unsigned long long x) { // NOLINT
- return x << 30;
-}
-constexpr unsigned long long operator"" _MiB(unsigned long long x) { // NOLINT
- return x << 20;
-}
-
TEST_F(BuilderTest, RemoveAndAddFirstPartition) {
auto builder = MetadataBuilder::New(10_GiB, 65536, 2);
ASSERT_NE(nullptr, builder);
diff --git a/fs_mgr/liblp/images.cpp b/fs_mgr/liblp/images.cpp
index 58a88b5..6b842b3 100644
--- a/fs_mgr/liblp/images.cpp
+++ b/fs_mgr/liblp/images.cpp
@@ -17,6 +17,7 @@
#include "images.h"
#include <limits.h>
+#include <sys/stat.h>
#include <android-base/file.h>
@@ -27,12 +28,45 @@
namespace android {
namespace fs_mgr {
+using android::base::borrowed_fd;
using android::base::unique_fd;
#if defined(_WIN32)
static const int O_NOFOLLOW = 0;
#endif
+static bool IsEmptySuperImage(borrowed_fd fd) {
+ struct stat s;
+ if (fstat(fd.get(), &s) < 0) {
+ PERROR << __PRETTY_FUNCTION__ << " fstat failed";
+ return false;
+ }
+ if (s.st_size < LP_METADATA_GEOMETRY_SIZE) {
+ return false;
+ }
+
+ // Rewind back to the start, read the geometry struct.
+ LpMetadataGeometry geometry = {};
+ if (SeekFile64(fd.get(), 0, SEEK_SET) < 0) {
+ PERROR << __PRETTY_FUNCTION__ << " lseek failed";
+ return false;
+ }
+ if (!android::base::ReadFully(fd, &geometry, sizeof(geometry))) {
+ PERROR << __PRETTY_FUNCTION__ << " read failed";
+ return false;
+ }
+ return geometry.magic == LP_METADATA_GEOMETRY_MAGIC;
+}
+
+bool IsEmptySuperImage(const std::string& file) {
+ unique_fd fd = GetControlFileOrOpen(file, O_RDONLY | O_CLOEXEC);
+ if (fd < 0) {
+ PERROR << __PRETTY_FUNCTION__ << " open failed";
+ return false;
+ }
+ return IsEmptySuperImage(fd);
+}
+
std::unique_ptr<LpMetadata> ReadFromImageFile(int fd) {
std::unique_ptr<uint8_t[]> buffer = std::make_unique<uint8_t[]>(LP_METADATA_GEOMETRY_SIZE);
if (SeekFile64(fd, 0, SEEK_SET) < 0) {
diff --git a/fs_mgr/liblp/include/liblp/builder.h b/fs_mgr/liblp/include/liblp/builder.h
index 6f2ab75..4d7f81d 100644
--- a/fs_mgr/liblp/include/liblp/builder.h
+++ b/fs_mgr/liblp/include/liblp/builder.h
@@ -33,10 +33,11 @@
namespace fs_mgr {
class LinearExtent;
+struct Interval;
// By default, partitions are aligned on a 1MiB boundary.
-static const uint32_t kDefaultPartitionAlignment = 1024 * 1024;
-static const uint32_t kDefaultBlockSize = 4096;
+static constexpr uint32_t kDefaultPartitionAlignment = 1024 * 1024;
+static constexpr uint32_t kDefaultBlockSize = 4096;
// Name of the default group in a metadata.
static constexpr std::string_view kDefaultGroup = "default";
@@ -74,6 +75,8 @@
return sector >= physical_sector_ && sector < end_sector();
}
+ Interval AsInterval() const;
+
private:
uint32_t device_index_;
uint64_t physical_sector_;
@@ -127,6 +130,12 @@
const std::vector<std::unique_ptr<Extent>>& extents() const { return extents_; }
uint64_t size() const { return size_; }
+ // Return a copy of *this, but with extents that includes only the first
+ // |aligned_size| bytes. |aligned_size| should be aligned to
+ // logical_block_size() of the MetadataBuilder that this partition belongs
+ // to.
+ Partition GetBeginningExtents(uint64_t aligned_size) const;
+
private:
void ShrinkTo(uint64_t aligned_size);
void set_group_name(std::string_view group_name) { group_name_ = group_name; }
@@ -156,6 +165,8 @@
return (start == other.start) ? end < other.end : start < other.start;
}
+ std::unique_ptr<Extent> AsExtent() const;
+
// Intersect |a| with |b|.
// If no intersection, result has 0 length().
static Interval Intersect(const Interval& a, const Interval& b);
@@ -249,7 +260,7 @@
Partition* AddPartition(const std::string& name, uint32_t attributes);
// Delete a partition by name if it exists.
- void RemovePartition(const std::string& name);
+ void RemovePartition(std::string_view name);
// Find a partition by name. If no partition is found, nullptr is returned.
Partition* FindPartition(std::string_view name);
@@ -325,6 +336,8 @@
// Return the list of free regions not occupied by extents in the metadata.
std::vector<Interval> GetFreeRegions() const;
+ uint64_t logical_block_size() const;
+
private:
MetadataBuilder();
MetadataBuilder(const MetadataBuilder&) = delete;
diff --git a/fs_mgr/liblp/include/liblp/liblp.h b/fs_mgr/liblp/include/liblp/liblp.h
index 135a1b3..cd860cd 100644
--- a/fs_mgr/liblp/include/liblp/liblp.h
+++ b/fs_mgr/liblp/include/liblp/liblp.h
@@ -70,8 +70,15 @@
uint32_t slot_number);
std::unique_ptr<LpMetadata> ReadMetadata(const std::string& super_partition, uint32_t slot_number);
+// Returns whether an image is an "empty" image or not. An empty image contains
+// only metadata. Unlike a flashed block device, there are no reserved bytes or
+// backup sections, and only one slot is stored (even if multiple slots are
+// supported). It is a format specifically for storing only metadata.
+bool IsEmptySuperImage(const std::string& file);
+
// Read/Write logical partition metadata to an image file, for diagnostics or
-// flashing.
+// flashing. If no partition images are specified, the file will be in the
+// empty format.
bool WriteToImageFile(const std::string& file, const LpMetadata& metadata, uint32_t block_size,
const std::map<std::string, std::string>& images, bool sparsify);
bool WriteToImageFile(const std::string& file, const LpMetadata& metadata);
diff --git a/fs_mgr/liblp/utility.cpp b/fs_mgr/liblp/utility.cpp
index afcce8f..48c5c83 100644
--- a/fs_mgr/liblp/utility.cpp
+++ b/fs_mgr/liblp/utility.cpp
@@ -205,9 +205,9 @@
#endif
}
-base::unique_fd GetControlFileOrOpen(const char* path, int flags) {
+base::unique_fd GetControlFileOrOpen(std::string_view path, int flags) {
#if defined(__ANDROID__)
- int fd = android_get_control_file(path);
+ int fd = android_get_control_file(path.data());
if (fd >= 0) {
int newfd = TEMP_FAILURE_RETRY(dup(fd));
if (newfd >= 0) {
@@ -216,7 +216,7 @@
PERROR << "Cannot dup fd for already controlled file: " << path << ", reopening...";
}
#endif
- return base::unique_fd(open(path, flags));
+ return base::unique_fd(open(path.data(), flags));
}
bool UpdateMetadataForInPlaceSnapshot(LpMetadata* metadata, uint32_t source_slot_number,
diff --git a/fs_mgr/liblp/utility.h b/fs_mgr/liblp/utility.h
index 25ab66b..0661769 100644
--- a/fs_mgr/liblp/utility.h
+++ b/fs_mgr/liblp/utility.h
@@ -21,6 +21,9 @@
#include <stdint.h>
#include <sys/types.h>
+#include <string>
+#include <string_view>
+
#include <android-base/logging.h>
#include <android-base/unique_fd.h>
@@ -94,7 +97,7 @@
// Call BLKROSET ioctl on fd so that fd is readonly / read-writable.
bool SetBlockReadonly(int fd, bool readonly);
-::android::base::unique_fd GetControlFileOrOpen(const char* path, int flags);
+::android::base::unique_fd GetControlFileOrOpen(std::string_view path, int flags);
// For Virtual A/B updates, modify |metadata| so that it can be written to |target_slot_number|.
bool UpdateMetadataForInPlaceSnapshot(LpMetadata* metadata, uint32_t source_slot_number,
diff --git a/fs_mgr/liblp/vts_core/Android.bp b/fs_mgr/liblp/vts_core/Android.bp
new file mode 100644
index 0000000..7af0b9e
--- /dev/null
+++ b/fs_mgr/liblp/vts_core/Android.bp
@@ -0,0 +1,22 @@
+//
+// Copyright (C) 2019 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+cc_test {
+ name: "vts_core_liblp_test",
+ defaults: ["liblp_test_defaults"],
+ test_suites: ["vts-core"],
+ test_min_api_level: 29,
+}
diff --git a/fs_mgr/libsnapshot/Android.bp b/fs_mgr/libsnapshot/Android.bp
index 8df9c52..a012099 100644
--- a/fs_mgr/libsnapshot/Android.bp
+++ b/fs_mgr/libsnapshot/Android.bp
@@ -25,11 +25,14 @@
shared_libs: [
"libbase",
"liblog",
+ "liblp",
],
static_libs: [
"libdm",
"libfs_mgr",
+ "libfstab",
"liblp",
+ "update_metadata-protos",
],
whole_static_libs: [
"libext2_uuid",
@@ -39,6 +42,9 @@
header_libs: [
"libfiemap_headers",
],
+ export_static_lib_headers: [
+ "update_metadata-protos",
+ ],
export_header_lib_headers: [
"libfiemap_headers",
],
@@ -49,10 +55,18 @@
name: "libsnapshot_sources",
srcs: [
"snapshot.cpp",
+ "snapshot_metadata_updater.cpp",
+ "partition_cow_creator.cpp",
"utility.cpp",
],
}
+cc_library_headers {
+ name: "libsnapshot_headers",
+ recovery_available: true,
+ defaults: ["libsnapshot_defaults"],
+}
+
cc_library_static {
name: "libsnapshot",
defaults: ["libsnapshot_defaults"],
@@ -77,10 +91,13 @@
defaults: ["libsnapshot_defaults"],
srcs: [
"snapshot_test.cpp",
+ "partition_cow_creator_test.cpp",
+ "snapshot_metadata_updater_test.cpp",
"test_helpers.cpp",
],
shared_libs: [
"libbinder",
+ "libprotobuf-cpp-lite",
"libutils",
],
static_libs: [
@@ -90,5 +107,36 @@
"libgmock",
"liblp",
"libsnapshot",
+ "libsparse",
+ "libz",
+ ],
+ header_libs: [
+ "libstorage_literals_headers",
+ ],
+}
+
+cc_binary {
+ name: "snapshotctl",
+ srcs: [
+ "snapshotctl.cpp",
+ ],
+ static_libs: [
+ "libdm",
+ "libext2_uuid",
+ "libfiemap_binder",
+ "libfstab",
+ "libsnapshot",
+ ],
+ shared_libs: [
+ "libbase",
+ "libbinder",
+ "libext4_utils",
+ "libfs_mgr",
+ "libutils",
+ "liblog",
+ "liblp",
+ ],
+ init_rc: [
+ "snapshotctl.rc",
],
}
diff --git a/fs_mgr/libsnapshot/include/libsnapshot/snapshot.h b/fs_mgr/libsnapshot/include/libsnapshot/snapshot.h
index c41a951..0dd275a 100644
--- a/fs_mgr/libsnapshot/include/libsnapshot/snapshot.h
+++ b/fs_mgr/libsnapshot/include/libsnapshot/snapshot.h
@@ -17,14 +17,20 @@
#include <stdint.h>
#include <chrono>
+#include <map>
#include <memory>
+#include <ostream>
#include <string>
+#include <string_view>
#include <vector>
#include <android-base/unique_fd.h>
+#include <fs_mgr_dm_linear.h>
#include <libdm/dm.h>
#include <libfiemap/image_manager.h>
+#include <liblp/builder.h>
#include <liblp/liblp.h>
+#include <update_engine/update_metadata.pb.h>
#ifndef FRIEND_TEST
#define FRIEND_TEST(test_set_name, individual_test) \
@@ -45,6 +51,13 @@
namespace snapshot {
+struct AutoDeleteCowImage;
+struct AutoDeleteSnapshot;
+struct PartitionCowCreator;
+struct AutoDeviceList;
+
+static constexpr const std::string_view kCowGroupName = "cow";
+
enum class UpdateState : unsigned int {
// No update or merge is in progress.
None,
@@ -72,11 +85,14 @@
// operation via fastboot. This state can only be returned by WaitForMerge.
Cancelled
};
+std::ostream& operator<<(std::ostream& os, UpdateState state);
class SnapshotManager final {
using CreateLogicalPartitionParams = android::fs_mgr::CreateLogicalPartitionParams;
- using LpMetadata = android::fs_mgr::LpMetadata;
using IPartitionOpener = android::fs_mgr::IPartitionOpener;
+ using LpMetadata = android::fs_mgr::LpMetadata;
+ using MetadataBuilder = android::fs_mgr::MetadataBuilder;
+ using DeltaArchiveManifest = chromeos_update_engine::DeltaArchiveManifest;
public:
// Dependency injection for testing.
@@ -86,8 +102,10 @@
virtual std::string GetGsidDir() const = 0;
virtual std::string GetMetadataDir() const = 0;
virtual std::string GetSlotSuffix() const = 0;
+ virtual std::string GetOtherSlotSuffix() const = 0;
virtual std::string GetSuperDevice(uint32_t slot) const = 0;
virtual const IPartitionOpener& GetPartitionOpener() const = 0;
+ virtual bool IsOverlayfsSetup() const = 0;
};
~SnapshotManager();
@@ -109,8 +127,9 @@
// will fail if GetUpdateState() != None.
bool BeginUpdate();
- // Cancel an update; any snapshots will be deleted. This will fail if the
- // state != Initiated or None.
+ // Cancel an update; any snapshots will be deleted. This is allowed if the
+ // state == Initiated, None, or Unverified (before rebooting to the new
+ // slot).
bool CancelUpdate();
// Mark snapshot writes as having completed. After this, new snapshots cannot
@@ -153,6 +172,18 @@
// Other: 0
UpdateState GetUpdateState(double* progress = nullptr);
+ // Create necessary COW device / files for OTA clients. New logical partitions will be added to
+ // group "cow" in target_metadata. Regions of partitions of current_metadata will be
+ // "write-protected" and snapshotted.
+ bool CreateUpdateSnapshots(const DeltaArchiveManifest& manifest);
+
+ // Map a snapshotted partition for OTA clients to write to. Write-protected regions are
+ // determined previously in CreateSnapshots.
+ bool MapUpdateSnapshot(const CreateLogicalPartitionParams& params, std::string* snapshot_path);
+
+ // Unmap a snapshot device that's previously mapped with MapUpdateSnapshot.
+ bool UnmapUpdateSnapshot(const std::string& target_partition_name);
+
// If this returns true, first-stage mount must call
// CreateLogicalAndSnapshotPartitions rather than CreateLogicalPartitions.
bool NeedSnapshotsInFirstStageMount();
@@ -161,6 +192,9 @@
// call to CreateLogicalPartitions when snapshots are present.
bool CreateLogicalAndSnapshotPartitions(const std::string& super_device);
+ // Dump debug information.
+ bool Dump(std::ostream& os);
+
private:
FRIEND_TEST(SnapshotTest, CleanFirstStageMount);
FRIEND_TEST(SnapshotTest, CreateSnapshot);
@@ -173,7 +207,12 @@
FRIEND_TEST(SnapshotTest, Merge);
FRIEND_TEST(SnapshotTest, MergeCannotRemoveCow);
FRIEND_TEST(SnapshotTest, NoMergeBeforeReboot);
+ FRIEND_TEST(SnapshotUpdateTest, SnapshotStatusFileWithoutCow);
friend class SnapshotTest;
+ friend class SnapshotUpdateTest;
+ friend struct AutoDeleteCowImage;
+ friend struct AutoDeleteSnapshot;
+ friend struct PartitionCowCreator;
using DmTargetSnapshot = android::dm::DmTargetSnapshot;
using IImageManager = android::fiemap::IImageManager;
@@ -241,9 +280,8 @@
// be mapped with two table entries: a dm-snapshot range covering
// snapshot_size, and a dm-linear range covering the remainder.
//
- // All sizes are specified in bytes, and the device, snapshot and COW partition sizes
- // must be a multiple of the sector size (512 bytes). COW file size will be rounded up
- // to the nearest sector.
+ // All sizes are specified in bytes, and the device, snapshot, COW partition and COW file sizes
+ // must be a multiple of the sector size (512 bytes).
bool CreateSnapshot(LockedFile* lock, const std::string& name, SnapshotStatus status);
// |name| should be the base partition name (e.g. "system_a"). Create the
@@ -262,8 +300,7 @@
std::string* dev_path);
// Map a COW image that was previous created with CreateCowImage.
- bool MapCowImage(const std::string& name, const std::chrono::milliseconds& timeout_ms,
- std::string* cow_image_device);
+ bool MapCowImage(const std::string& name, const std::chrono::milliseconds& timeout_ms);
// Remove the backing copy-on-write image and snapshot states for the named snapshot. The
// caller is responsible for ensuring that the snapshot is unmapped.
@@ -344,6 +381,31 @@
bool MapPartitionWithSnapshot(LockedFile* lock, CreateLogicalPartitionParams params,
std::string* path);
+ // Map the COW devices, including the partition in super and the images.
+ // |params|:
+ // - |partition_name| should be the name of the top-level partition (e.g. system_b),
+ // not system_b-cow-img
+ // - |device_name| and |partition| is ignored
+ // - |timeout_ms| and the rest is respected
+ // Return the path in |cow_device_path| (e.g. /dev/block/dm-1) and major:minor in
+ // |cow_device_string|
+ bool MapCowDevices(LockedFile* lock, const CreateLogicalPartitionParams& params,
+ const SnapshotStatus& snapshot_status, AutoDeviceList* created_devices,
+ std::string* cow_name);
+
+ // The reverse of MapCowDevices.
+ bool UnmapCowDevices(LockedFile* lock, const std::string& name);
+
+ // The reverse of MapPartitionWithSnapshot.
+ bool UnmapPartitionWithSnapshot(LockedFile* lock, const std::string& target_partition_name);
+
+ // If there isn't a previous update, return true. |needs_merge| is set to false.
+ // If there is a previous update but the device has not boot into it, tries to cancel the
+ // update and delete any snapshots. Return true if successful. |needs_merge| is set to false.
+ // If there is a previous update and the device has boot into it, do nothing and return true.
+ // |needs_merge| is set to true.
+ bool TryCancelUpdate(bool* needs_merge);
+
std::string gsid_dir_;
std::string metadata_dir_;
std::unique_ptr<IDeviceInfo> device_;
diff --git a/fs_mgr/libsnapshot/partition_cow_creator.cpp b/fs_mgr/libsnapshot/partition_cow_creator.cpp
new file mode 100644
index 0000000..4250d23
--- /dev/null
+++ b/fs_mgr/libsnapshot/partition_cow_creator.cpp
@@ -0,0 +1,180 @@
+// Copyright (C) 2019 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include "partition_cow_creator.h"
+
+#include <math.h>
+
+#include <android-base/logging.h>
+
+#include "utility.h"
+
+using android::dm::kSectorSize;
+using android::fs_mgr::Extent;
+using android::fs_mgr::Interval;
+using android::fs_mgr::kDefaultBlockSize;
+using android::fs_mgr::Partition;
+using chromeos_update_engine::InstallOperation;
+template <typename T>
+using RepeatedPtrField = google::protobuf::RepeatedPtrField<T>;
+
+namespace android {
+namespace snapshot {
+
+// Round |d| up to a multiple of |block_size|.
+static uint64_t RoundUp(double d, uint64_t block_size) {
+ uint64_t ret = ((uint64_t)ceil(d) + block_size - 1) / block_size * block_size;
+ CHECK(ret >= d) << "Can't round " << d << " up to a multiple of " << block_size;
+ return ret;
+}
+
+// Intersect two linear extents. If no intersection, return an extent with length 0.
+static std::unique_ptr<Extent> Intersect(Extent* target_extent, Extent* existing_extent) {
+ // Convert target_extent and existing_extent to linear extents. Zero extents
+ // doesn't matter and doesn't result in any intersection.
+ auto existing_linear_extent = existing_extent->AsLinearExtent();
+ if (!existing_linear_extent) return nullptr;
+
+ auto target_linear_extent = target_extent->AsLinearExtent();
+ if (!target_linear_extent) return nullptr;
+
+ return Interval::Intersect(target_linear_extent->AsInterval(),
+ existing_linear_extent->AsInterval())
+ .AsExtent();
+}
+
+// Check that partition |p| contains |e| fully. Both of them should
+// be from |target_metadata|.
+// Returns true as long as |e| is a subrange of any extent of |p|.
+bool PartitionCowCreator::HasExtent(Partition* p, Extent* e) {
+ for (auto& partition_extent : p->extents()) {
+ auto intersection = Intersect(partition_extent.get(), e);
+ if (intersection != nullptr && intersection->num_sectors() == e->num_sectors()) {
+ return true;
+ }
+ }
+ return false;
+}
+
+// Return the number of sectors, N, where |target_partition|[0..N] (from
+// |target_metadata|) are the sectors that should be snapshotted. N is computed
+// so that this range of sectors are used by partitions in |current_metadata|.
+//
+// The client code (update_engine) should have computed target_metadata by
+// resizing partitions of current_metadata, so only the first N sectors should
+// be snapshotted, not a range with start index != 0.
+//
+// Note that if partition A has shrunk and partition B has grown, the new
+// extents of partition B may use the empty space that was used by partition A.
+// In this case, that new extent cannot be written directly, as it may be used
+// by the running system. Hence, all extents of the new partition B must be
+// intersected with all old partitions (including old partition A and B) to get
+// the region that needs to be snapshotted.
+std::optional<uint64_t> PartitionCowCreator::GetSnapshotSize() {
+ // Compute the number of sectors that needs to be snapshotted.
+ uint64_t snapshot_sectors = 0;
+ std::vector<std::unique_ptr<Extent>> intersections;
+ for (const auto& extent : target_partition->extents()) {
+ for (auto* existing_partition :
+ ListPartitionsWithSuffix(current_metadata, current_suffix)) {
+ for (const auto& existing_extent : existing_partition->extents()) {
+ auto intersection = Intersect(extent.get(), existing_extent.get());
+ if (intersection != nullptr && intersection->num_sectors() > 0) {
+ snapshot_sectors += intersection->num_sectors();
+ intersections.emplace_back(std::move(intersection));
+ }
+ }
+ }
+ }
+ uint64_t snapshot_size = snapshot_sectors * kSectorSize;
+
+ // Sanity check that all recorded intersections are indeed within
+ // target_partition[0..snapshot_sectors].
+ Partition target_partition_snapshot = target_partition->GetBeginningExtents(snapshot_size);
+ for (const auto& intersection : intersections) {
+ if (!HasExtent(&target_partition_snapshot, intersection.get())) {
+ auto linear_intersection = intersection->AsLinearExtent();
+ LOG(ERROR) << "Extent "
+ << (linear_intersection
+ ? (std::to_string(linear_intersection->physical_sector()) + "," +
+ std::to_string(linear_intersection->end_sector()))
+ : "")
+ << " is not part of Partition " << target_partition->name() << "[0.."
+ << snapshot_size
+ << "]. The metadata wasn't constructed correctly. This should not happen.";
+ return std::nullopt;
+ }
+ }
+
+ return snapshot_size;
+}
+
+std::optional<uint64_t> PartitionCowCreator::GetCowSize(uint64_t snapshot_size) {
+ // TODO: Use |operations|. to determine a minimum COW size.
+ // kCowEstimateFactor is good for prototyping but we can't use that in production.
+ static constexpr double kCowEstimateFactor = 1.05;
+ auto cow_size = RoundUp(snapshot_size * kCowEstimateFactor, kDefaultBlockSize);
+ return cow_size;
+}
+
+std::optional<PartitionCowCreator::Return> PartitionCowCreator::Run() {
+ CHECK(current_metadata->GetBlockDevicePartitionName(0) == LP_METADATA_DEFAULT_PARTITION_NAME &&
+ target_metadata->GetBlockDevicePartitionName(0) == LP_METADATA_DEFAULT_PARTITION_NAME);
+
+ uint64_t logical_block_size = current_metadata->logical_block_size();
+ CHECK(logical_block_size != 0 && !(logical_block_size & (logical_block_size - 1)))
+ << "logical_block_size is not power of 2";
+
+ Return ret;
+ ret.snapshot_status.device_size = target_partition->size();
+
+ auto snapshot_size = GetSnapshotSize();
+ if (!snapshot_size.has_value()) return std::nullopt;
+
+ ret.snapshot_status.snapshot_size = *snapshot_size;
+
+ auto cow_size = GetCowSize(*snapshot_size);
+ if (!cow_size.has_value()) return std::nullopt;
+
+ // Compute regions that are free in both current and target metadata. These are the regions
+ // we can use for COW partition.
+ auto target_free_regions = target_metadata->GetFreeRegions();
+ auto current_free_regions = current_metadata->GetFreeRegions();
+ auto free_regions = Interval::Intersect(target_free_regions, current_free_regions);
+ uint64_t free_region_length = 0;
+ for (const auto& interval : free_regions) {
+ free_region_length += interval.length() * kSectorSize;
+ }
+
+ LOG(INFO) << "Remaining free space for COW: " << free_region_length << " bytes";
+
+ // Compute the COW partition size.
+ ret.snapshot_status.cow_partition_size = std::min(*cow_size, free_region_length);
+ // Round it down to the nearest logical block. Logical partitions must be a multiple
+ // of logical blocks.
+ ret.snapshot_status.cow_partition_size &= ~(logical_block_size - 1);
+ // Assign cow_partition_usable_regions to indicate what regions should the COW partition uses.
+ ret.cow_partition_usable_regions = std::move(free_regions);
+
+ // The rest of the COW space is allocated on ImageManager.
+ ret.snapshot_status.cow_file_size = (*cow_size) - ret.snapshot_status.cow_partition_size;
+ // Round it up to the nearest sector.
+ ret.snapshot_status.cow_file_size += kSectorSize - 1;
+ ret.snapshot_status.cow_file_size &= ~(kSectorSize - 1);
+
+ return ret;
+}
+
+} // namespace snapshot
+} // namespace android
diff --git a/fs_mgr/libsnapshot/partition_cow_creator.h b/fs_mgr/libsnapshot/partition_cow_creator.h
new file mode 100644
index 0000000..7c81418
--- /dev/null
+++ b/fs_mgr/libsnapshot/partition_cow_creator.h
@@ -0,0 +1,67 @@
+// Copyright (C) 2019 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#pragma once
+
+#include <stdint.h>
+
+#include <optional>
+#include <string>
+
+#include <liblp/builder.h>
+
+#include <libsnapshot/snapshot.h>
+
+namespace android {
+namespace snapshot {
+
+// Helper class that creates COW for a partition.
+struct PartitionCowCreator {
+ using Extent = android::fs_mgr::Extent;
+ using Interval = android::fs_mgr::Interval;
+ using MetadataBuilder = android::fs_mgr::MetadataBuilder;
+ using Partition = android::fs_mgr::Partition;
+ using InstallOperation = chromeos_update_engine::InstallOperation;
+ template <typename T>
+ using RepeatedPtrField = google::protobuf::RepeatedPtrField<T>;
+
+ // The metadata that will be written to target metadata slot.
+ MetadataBuilder* target_metadata = nullptr;
+ // The suffix of the target slot.
+ std::string target_suffix;
+ // The partition in target_metadata that needs to be snapshotted.
+ Partition* target_partition = nullptr;
+ // The metadata at the current slot (that would be used if the device boots
+ // normally). This is used to determine which extents are being used.
+ MetadataBuilder* current_metadata = nullptr;
+ // The suffix of the current slot.
+ std::string current_suffix;
+ // List of operations to be applied on the partition.
+ const RepeatedPtrField<InstallOperation>* operations = nullptr;
+
+ struct Return {
+ SnapshotManager::SnapshotStatus snapshot_status;
+ std::vector<Interval> cow_partition_usable_regions;
+ };
+
+ std::optional<Return> Run();
+
+ private:
+ bool HasExtent(Partition* p, Extent* e);
+ std::optional<uint64_t> GetSnapshotSize();
+ std::optional<uint64_t> GetCowSize(uint64_t snapshot_size);
+};
+
+} // namespace snapshot
+} // namespace android
diff --git a/fs_mgr/libsnapshot/partition_cow_creator_test.cpp b/fs_mgr/libsnapshot/partition_cow_creator_test.cpp
new file mode 100644
index 0000000..29d15af
--- /dev/null
+++ b/fs_mgr/libsnapshot/partition_cow_creator_test.cpp
@@ -0,0 +1,87 @@
+// Copyright (C) 2018 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include <gmock/gmock.h>
+#include <gtest/gtest.h>
+#include <liblp/builder.h>
+#include <liblp/property_fetcher.h>
+
+#include "partition_cow_creator.h"
+
+using ::android::fs_mgr::MetadataBuilder;
+using ::testing::_;
+using ::testing::AnyNumber;
+using ::testing::Return;
+
+namespace android {
+namespace snapshot {
+
+class MockPropertyFetcher : public fs_mgr::IPropertyFetcher {
+ public:
+ MOCK_METHOD2(GetProperty, std::string(const std::string&, const std::string&));
+ MOCK_METHOD2(GetBoolProperty, bool(const std::string&, bool));
+};
+
+class PartitionCowCreatorTest : ::testing::Test {
+ public:
+ void SetUp() override {
+ fs_mgr::IPropertyFetcher::OverrideForTesting(std::make_unique<MockPropertyFetcher>());
+
+ EXPECT_CALL(fetcher(), GetProperty("ro.boot.slot_suffix", _))
+ .Times(AnyNumber())
+ .WillRepeatedly(Return("_a"));
+ EXPECT_CALL(fetcher(), GetBoolProperty("ro.boot.dynamic_partitions", _))
+ .Times(AnyNumber())
+ .WillRepeatedly(Return(true));
+ EXPECT_CALL(fetcher(), GetBoolProperty("ro.boot.dynamic_partitions_retrofit", _))
+ .Times(AnyNumber())
+ .WillRepeatedly(Return(false));
+ EXPECT_CALL(fetcher(), GetBoolProperty("ro.virtual_ab.enabled", _))
+ .Times(AnyNumber())
+ .WillRepeatedly(Return(true));
+ }
+ void TearDown() override {
+ fs_mgr::IPropertyFetcher::OverrideForTesting(std::make_unique<MockPropertyFetcher>());
+ }
+ MockPropertyFetcher& fetcher() {
+ return *static_cast<MockPropertyFetcher*>(fs_mgr::IPropertyFetcher::GetInstance());
+ }
+};
+
+TEST(PartitionCowCreator, IntersectSelf) {
+ auto builder_a = MetadataBuilder::New(1024 * 1024, 1024, 2);
+ ASSERT_NE(builder_a, nullptr);
+ auto system_a = builder_a->AddPartition("system_a", LP_PARTITION_ATTR_READONLY);
+ ASSERT_NE(system_a, nullptr);
+ ASSERT_TRUE(builder_a->ResizePartition(system_a, 40 * 1024));
+
+ auto builder_b = MetadataBuilder::New(1024 * 1024, 1024, 2);
+ ASSERT_NE(builder_b, nullptr);
+ auto system_b = builder_b->AddPartition("system_b", LP_PARTITION_ATTR_READONLY);
+ ASSERT_NE(system_b, nullptr);
+ ASSERT_TRUE(builder_b->ResizePartition(system_b, 40 * 1024));
+
+ PartitionCowCreator creator{.target_metadata = builder_b.get(),
+ .target_suffix = "_b",
+ .target_partition = system_b,
+ .current_metadata = builder_a.get(),
+ .current_suffix = "_a"};
+ auto ret = creator.Run();
+ ASSERT_TRUE(ret.has_value());
+ ASSERT_EQ(40 * 1024, ret->snapshot_status.device_size);
+ ASSERT_EQ(40 * 1024, ret->snapshot_status.snapshot_size);
+}
+
+} // namespace snapshot
+} // namespace android
diff --git a/fs_mgr/libsnapshot/snapshot.cpp b/fs_mgr/libsnapshot/snapshot.cpp
index f00129a..9d0272b 100644
--- a/fs_mgr/libsnapshot/snapshot.cpp
+++ b/fs_mgr/libsnapshot/snapshot.cpp
@@ -15,6 +15,7 @@
#include <libsnapshot/snapshot.h>
#include <dirent.h>
+#include <math.h>
#include <sys/file.h>
#include <sys/types.h>
#include <sys/unistd.h>
@@ -31,11 +32,14 @@
#include <ext4_utils/ext4_utils.h>
#include <fs_mgr.h>
#include <fs_mgr_dm_linear.h>
+#include <fs_mgr_overlayfs.h>
#include <fstab/fstab.h>
#include <libdm/dm.h>
#include <libfiemap/image_manager.h>
#include <liblp/liblp.h>
+#include "partition_cow_creator.h"
+#include "snapshot_metadata_updater.h"
#include "utility.h"
namespace android {
@@ -53,9 +57,15 @@
using android::fs_mgr::CreateDmTable;
using android::fs_mgr::CreateLogicalPartition;
using android::fs_mgr::CreateLogicalPartitionParams;
+using android::fs_mgr::GetPartitionGroupName;
using android::fs_mgr::GetPartitionName;
using android::fs_mgr::LpMetadata;
+using android::fs_mgr::MetadataBuilder;
using android::fs_mgr::SlotNumberForSlotSuffix;
+using chromeos_update_engine::DeltaArchiveManifest;
+using chromeos_update_engine::InstallOperation;
+template <typename T>
+using RepeatedPtrField = google::protobuf::RepeatedPtrField<T>;
using std::chrono::duration_cast;
using namespace std::chrono_literals;
using namespace std::string_literals;
@@ -69,10 +79,12 @@
std::string GetGsidDir() const override { return "ota"s; }
std::string GetMetadataDir() const override { return "/metadata/ota"s; }
std::string GetSlotSuffix() const override { return fs_mgr_get_slot_suffix(); }
+ std::string GetOtherSlotSuffix() const override { return fs_mgr_get_other_slot_suffix(); }
const android::fs_mgr::IPartitionOpener& GetPartitionOpener() const { return opener_; }
std::string GetSuperDevice(uint32_t slot) const override {
return fs_mgr_get_super_partition_name(slot);
}
+ bool IsOverlayfsSetup() const override { return fs_mgr_overlayfs_is_setup(); }
private:
android::fs_mgr::PartitionOpener opener_;
@@ -102,7 +114,7 @@
metadata_dir_ = device_->GetMetadataDir();
}
-[[maybe_unused]] static std::string GetCowName(const std::string& snapshot_name) {
+static std::string GetCowName(const std::string& snapshot_name) {
return snapshot_name + "-cow";
}
@@ -119,6 +131,16 @@
}
bool SnapshotManager::BeginUpdate() {
+ bool needs_merge = false;
+ if (!TryCancelUpdate(&needs_merge)) {
+ return false;
+ }
+ if (needs_merge) {
+ LOG(INFO) << "Wait for merge (if any) before beginning a new update.";
+ auto state = ProcessUpdateState();
+ LOG(INFO) << "Merged with state = " << state;
+ }
+
auto file = LockExclusive();
if (!file) return false;
@@ -131,16 +153,45 @@
}
bool SnapshotManager::CancelUpdate() {
+ bool needs_merge = false;
+ if (!TryCancelUpdate(&needs_merge)) {
+ return false;
+ }
+ if (needs_merge) {
+ LOG(ERROR) << "Cannot cancel update after it has completed or started merging";
+ }
+ return !needs_merge;
+}
+
+bool SnapshotManager::TryCancelUpdate(bool* needs_merge) {
+ *needs_merge = false;
+
auto file = LockExclusive();
if (!file) return false;
UpdateState state = ReadUpdateState(file.get());
if (state == UpdateState::None) return true;
- if (state != UpdateState::Initiated) {
- LOG(ERROR) << "Cannot cancel update after it has completed or started merging";
- return false;
+
+ if (state == UpdateState::Initiated) {
+ LOG(INFO) << "Update has been initiated, now canceling";
+ return RemoveAllUpdateState(file.get());
}
- return RemoveAllUpdateState(file.get());
+
+ if (state == UpdateState::Unverified) {
+ // We completed an update, but it can still be canceled if we haven't booted into it.
+ auto boot_file = GetSnapshotBootIndicatorPath();
+ std::string contents;
+ if (!android::base::ReadFileToString(boot_file, &contents)) {
+ PLOG(WARNING) << "Cannot read " << boot_file << ", proceed to canceling the update:";
+ return RemoveAllUpdateState(file.get());
+ }
+ if (device_->GetSlotSuffix() == contents) {
+ LOG(INFO) << "Canceling a previously completed update";
+ return RemoveAllUpdateState(file.get());
+ }
+ }
+ *needs_merge = true;
+ return true;
}
bool SnapshotManager::RemoveAllUpdateState(LockedFile* lock) {
@@ -189,7 +240,7 @@
CHECK(lock->lock_mode() == LOCK_EX);
// Sanity check these sizes. Like liblp, we guarantee the partition size
// is respected, which means it has to be sector-aligned. (This guarantee
- // is useful for locating avb footers correctly). The COW size, however,
+ // is useful for locating avb footers correctly). The COW file size, however,
// can be arbitrarily larger than specified, so we can safely round it up.
if (status.device_size % kSectorSize != 0) {
LOG(ERROR) << "Snapshot " << name
@@ -201,10 +252,17 @@
<< status.snapshot_size;
return false;
}
-
- // Round the COW size up to the nearest sector.
- status.cow_file_size += kSectorSize - 1;
- status.cow_file_size &= ~(kSectorSize - 1);
+ if (status.cow_partition_size % kSectorSize != 0) {
+ LOG(ERROR) << "Snapshot " << name
+ << " cow partition size is not a multiple of the sector size: "
+ << status.cow_partition_size;
+ return false;
+ }
+ if (status.cow_file_size % kSectorSize != 0) {
+ LOG(ERROR) << "Snapshot " << name << " cow file size is not a multiple of the sector size: "
+ << status.cow_partition_size;
+ return false;
+ }
status.state = SnapshotState::Created;
status.sectors_allocated = 0;
@@ -237,26 +295,7 @@
std::string cow_image_name = GetCowImageDeviceName(name);
int cow_flags = IImageManager::CREATE_IMAGE_DEFAULT;
- if (!images_->CreateBackingImage(cow_image_name, status.cow_file_size, cow_flags)) {
- return false;
- }
-
- // when the kernel creates a persistent dm-snapshot, it requires a CoW file
- // to store the modifications. The kernel interface does not specify how
- // the CoW is used, and there is no standard associated.
- // By looking at the current implementation, the CoW file is treated as:
- // - a _NEW_ snapshot if its first 32 bits are zero, so the newly created
- // dm-snapshot device will look like a perfect copy of the origin device;
- // - an _EXISTING_ snapshot if the first 32 bits are equal to a
- // kernel-specified magic number and the CoW file metadata is set as valid,
- // so it can be used to resume the last state of a snapshot device;
- // - an _INVALID_ snapshot otherwise.
- // To avoid zero-filling the whole CoW file when a new dm-snapshot is
- // created, here we zero-fill only the first 32 bits. This is a temporary
- // workaround that will be discussed again when the kernel API gets
- // consolidated.
- ssize_t dm_snap_magic_size = 4; // 32 bit
- return images_->ZeroFillNewImage(cow_image_name, dm_snap_magic_size);
+ return images_->CreateBackingImage(cow_image_name, status.cow_file_size, cow_flags);
}
bool SnapshotManager::MapSnapshot(LockedFile* lock, const std::string& name,
@@ -346,12 +385,18 @@
}
if (linear_sectors) {
+ std::string snap_dev;
+ if (!dm.GetDeviceString(snap_name, &snap_dev)) {
+ LOG(ERROR) << "Cannot determine major/minor for: " << snap_name;
+ return false;
+ }
+
// Our stacking will looks like this:
// [linear, linear] ; to snapshot, and non-snapshot region of base device
// [snapshot-inner]
// [base device] [cow]
DmTable table;
- table.Emplace<DmTargetLinear>(0, snapshot_sectors, *dev_path, 0);
+ table.Emplace<DmTargetLinear>(0, snapshot_sectors, snap_dev, 0);
table.Emplace<DmTargetLinear>(snapshot_sectors, linear_sectors, base_device,
snapshot_sectors);
if (!dm.CreateDevice(name, table, dev_path, timeout_ms)) {
@@ -368,21 +413,24 @@
}
bool SnapshotManager::MapCowImage(const std::string& name,
- const std::chrono::milliseconds& timeout_ms,
- std::string* cow_dev) {
+ const std::chrono::milliseconds& timeout_ms) {
if (!EnsureImageManager()) return false;
auto cow_image_name = GetCowImageDeviceName(name);
bool ok;
+ std::string cow_dev;
if (has_local_image_manager_) {
// If we forced a local image manager, it means we don't have binder,
// which means first-stage init. We must use device-mapper.
const auto& opener = device_->GetPartitionOpener();
- ok = images_->MapImageWithDeviceMapper(opener, cow_image_name, cow_dev);
+ ok = images_->MapImageWithDeviceMapper(opener, cow_image_name, &cow_dev);
} else {
- ok = images_->MapImageDevice(cow_image_name, timeout_ms, cow_dev);
+ ok = images_->MapImageDevice(cow_image_name, timeout_ms, &cow_dev);
}
- if (!ok) {
+
+ if (ok) {
+ LOG(INFO) << "Mapped " << cow_image_name << " to " << cow_dev;
+ } else {
LOG(ERROR) << "Could not map image device: " << cow_image_name;
}
return ok;
@@ -391,22 +439,15 @@
bool SnapshotManager::UnmapSnapshot(LockedFile* lock, const std::string& name) {
CHECK(lock);
- SnapshotStatus status;
- if (!ReadSnapshotStatus(lock, name, &status)) {
- return false;
- }
-
auto& dm = DeviceMapper::Instance();
if (!dm.DeleteDeviceIfExists(name)) {
LOG(ERROR) << "Could not delete snapshot device: " << name;
return false;
}
- // There may be an extra device, since the kernel doesn't let us have a
- // snapshot and linear target in the same table.
- auto dm_name = GetSnapshotDeviceName(name, status);
- if (name != dm_name && !dm.DeleteDeviceIfExists(dm_name)) {
- LOG(ERROR) << "Could not delete inner snapshot device: " << dm_name;
+ auto snapshot_extra_device = GetSnapshotExtraDeviceName(name);
+ if (!dm.DeleteDeviceIfExists(snapshot_extra_device)) {
+ LOG(ERROR) << "Could not delete snapshot inner device: " << snapshot_extra_device;
return false;
}
@@ -423,11 +464,12 @@
CHECK(lock->lock_mode() == LOCK_EX);
if (!EnsureImageManager()) return false;
+ if (!UnmapCowDevices(lock, name)) {
+ return false;
+ }
+
auto cow_image_name = GetCowImageDeviceName(name);
if (images_->BackingImageExists(cow_image_name)) {
- if (!images_->UnmapImageIfExists(cow_image_name)) {
- return false;
- }
if (!images_->DeleteBackingImage(cow_image_name)) {
return false;
}
@@ -927,8 +969,8 @@
return false;
}
- uint64_t num_sectors = status.snapshot_size / kSectorSize;
- if (num_sectors * kSectorSize != status.snapshot_size) {
+ uint64_t snapshot_sectors = status.snapshot_size / kSectorSize;
+ if (snapshot_sectors * kSectorSize != status.snapshot_size) {
LOG(ERROR) << "Snapshot " << name
<< " size is not sector aligned: " << status.snapshot_size;
return false;
@@ -956,32 +998,30 @@
return false;
}
}
- uint64_t sectors = outer_table[0].spec.length + outer_table[1].spec.length;
- if (sectors != num_sectors) {
- LOG(ERROR) << "Outer snapshot " << name << " should have " << num_sectors
- << ", got: " << sectors;
+ if (outer_table[0].spec.length != snapshot_sectors) {
+ LOG(ERROR) << "dm-snapshot " << name << " should have " << snapshot_sectors
+ << " sectors, got: " << outer_table[0].spec.length;
+ return false;
+ }
+ uint64_t expected_device_sectors = status.device_size / kSectorSize;
+ uint64_t actual_device_sectors = outer_table[0].spec.length + outer_table[1].spec.length;
+ if (expected_device_sectors != actual_device_sectors) {
+ LOG(ERROR) << "Outer device " << name << " should have " << expected_device_sectors
+ << " sectors, got: " << actual_device_sectors;
return false;
}
}
- // Grab the partition metadata for the snapshot.
uint32_t slot = SlotNumberForSlotSuffix(device_->GetSlotSuffix());
- auto super_device = device_->GetSuperDevice(slot);
- const auto& opener = device_->GetPartitionOpener();
- auto metadata = android::fs_mgr::ReadMetadata(opener, super_device, slot);
- if (!metadata) {
- LOG(ERROR) << "Could not read super partition metadata.";
- return false;
- }
- auto partition = android::fs_mgr::FindPartition(*metadata.get(), name);
- if (!partition) {
- LOG(ERROR) << "Snapshot does not have a partition in super: " << name;
- return false;
- }
-
// Create a DmTable that is identical to the base device.
+ CreateLogicalPartitionParams base_device_params{
+ .block_device = device_->GetSuperDevice(slot),
+ .metadata_slot = slot,
+ .partition_name = name,
+ .partition_opener = &device_->GetPartitionOpener(),
+ };
DmTable table;
- if (!CreateDmTable(opener, *metadata.get(), *partition, super_device, &table)) {
+ if (!CreateDmTable(base_device_params, &table)) {
LOG(ERROR) << "Could not create a DmTable for partition: " << name;
return false;
}
@@ -1058,7 +1098,7 @@
bool ok = true;
for (const auto& name : snapshots) {
- ok &= DeleteSnapshot(lock, name);
+ ok &= (UnmapPartitionWithSnapshot(lock, name) && DeleteSnapshot(lock, name));
}
return ok;
}
@@ -1160,6 +1200,12 @@
}
for (const auto& partition : metadata->partitions) {
+ if (GetPartitionGroupName(metadata->groups[partition.group_index]) == kCowGroupName) {
+ LOG(INFO) << "Skip mapping partition " << GetPartitionName(partition) << " in group "
+ << kCowGroupName;
+ continue;
+ }
+
CreateLogicalPartitionParams params = {
.block_device = super_device,
.metadata = metadata.get(),
@@ -1201,6 +1247,12 @@
CHECK(lock);
path->clear();
+ if (params.GetPartitionName() != params.GetDeviceName()) {
+ LOG(ERROR) << "Mapping snapshot with a different name is unsupported: partition_name = "
+ << params.GetPartitionName() << ", device_name = " << params.GetDeviceName();
+ return false;
+ }
+
// Fill out fields in CreateLogicalPartitionParams so that we have more information (e.g. by
// reading super partition metadata).
CreateLogicalPartitionParams::OwnedData params_owned_data;
@@ -1276,22 +1328,20 @@
return false;
}
- // If there is a timeout specified, compute the remaining time to call Map* functions.
- // init calls CreateLogicalAndSnapshotPartitions, which has no timeout specified. Still call
- // Map* functions in this case.
auto remaining_time = GetRemainingTime(params.timeout_ms, begin);
if (remaining_time.count() < 0) return false;
- std::string cow_image_device;
- if (!MapCowImage(params.GetPartitionName(), remaining_time, &cow_image_device)) {
- LOG(ERROR) << "Could not map cow image for partition: " << params.GetPartitionName();
+ std::string cow_name;
+ CreateLogicalPartitionParams cow_params = params;
+ cow_params.timeout_ms = remaining_time;
+ if (!MapCowDevices(lock, cow_params, *live_snapshot_status, &created_devices, &cow_name)) {
return false;
}
- created_devices.EmplaceBack<AutoUnmapImage>(images_.get(),
- GetCowImageDeviceName(params.partition_name));
-
- // TODO: map cow linear device here
- std::string cow_device = cow_image_device;
+ std::string cow_device;
+ if (!dm.GetDeviceString(cow_name, &cow_device)) {
+ LOG(ERROR) << "Could not determine major/minor for: " << cow_name;
+ return false;
+ }
remaining_time = GetRemainingTime(params.timeout_ms, begin);
if (remaining_time.count() < 0) return false;
@@ -1310,6 +1360,121 @@
return true;
}
+bool SnapshotManager::UnmapPartitionWithSnapshot(LockedFile* lock,
+ const std::string& target_partition_name) {
+ CHECK(lock);
+
+ if (!UnmapSnapshot(lock, target_partition_name)) {
+ return false;
+ }
+
+ if (!UnmapCowDevices(lock, target_partition_name)) {
+ return false;
+ }
+
+ auto& dm = DeviceMapper::Instance();
+ std::string base_name = GetBaseDeviceName(target_partition_name);
+ if (!dm.DeleteDeviceIfExists(base_name)) {
+ LOG(ERROR) << "Cannot delete base device: " << base_name;
+ return false;
+ }
+
+ LOG(INFO) << "Successfully unmapped snapshot " << target_partition_name;
+
+ return true;
+}
+
+bool SnapshotManager::MapCowDevices(LockedFile* lock, const CreateLogicalPartitionParams& params,
+ const SnapshotStatus& snapshot_status,
+ AutoDeviceList* created_devices, std::string* cow_name) {
+ CHECK(lock);
+ if (!EnsureImageManager()) return false;
+ CHECK(snapshot_status.cow_partition_size + snapshot_status.cow_file_size > 0);
+ auto begin = std::chrono::steady_clock::now();
+
+ std::string partition_name = params.GetPartitionName();
+ std::string cow_image_name = GetCowImageDeviceName(partition_name);
+ *cow_name = GetCowName(partition_name);
+
+ auto& dm = DeviceMapper::Instance();
+
+ // Map COW image if necessary.
+ if (snapshot_status.cow_file_size > 0) {
+ auto remaining_time = GetRemainingTime(params.timeout_ms, begin);
+ if (remaining_time.count() < 0) return false;
+
+ if (!MapCowImage(partition_name, remaining_time)) {
+ LOG(ERROR) << "Could not map cow image for partition: " << partition_name;
+ return false;
+ }
+ created_devices->EmplaceBack<AutoUnmapImage>(images_.get(), cow_image_name);
+
+ // If no COW partition exists, just return the image alone.
+ if (snapshot_status.cow_partition_size == 0) {
+ *cow_name = std::move(cow_image_name);
+ LOG(INFO) << "Mapped COW image for " << partition_name << " at " << *cow_name;
+ return true;
+ }
+ }
+
+ auto remaining_time = GetRemainingTime(params.timeout_ms, begin);
+ if (remaining_time.count() < 0) return false;
+
+ CHECK(snapshot_status.cow_partition_size > 0);
+
+ // Create the DmTable for the COW device. It is the DmTable of the COW partition plus
+ // COW image device as the last extent.
+ CreateLogicalPartitionParams cow_partition_params = params;
+ cow_partition_params.partition = nullptr;
+ cow_partition_params.partition_name = *cow_name;
+ cow_partition_params.device_name.clear();
+ DmTable table;
+ if (!CreateDmTable(cow_partition_params, &table)) {
+ return false;
+ }
+ // If the COW image exists, append it as the last extent.
+ if (snapshot_status.cow_file_size > 0) {
+ std::string cow_image_device;
+ if (!dm.GetDeviceString(cow_image_name, &cow_image_device)) {
+ LOG(ERROR) << "Cannot determine major/minor for: " << cow_image_name;
+ return false;
+ }
+ auto cow_partition_sectors = snapshot_status.cow_partition_size / kSectorSize;
+ auto cow_image_sectors = snapshot_status.cow_file_size / kSectorSize;
+ table.Emplace<DmTargetLinear>(cow_partition_sectors, cow_image_sectors, cow_image_device,
+ 0);
+ }
+
+ // We have created the DmTable now. Map it.
+ std::string cow_path;
+ if (!dm.CreateDevice(*cow_name, table, &cow_path, remaining_time)) {
+ LOG(ERROR) << "Could not create COW device: " << *cow_name;
+ return false;
+ }
+ created_devices->EmplaceBack<AutoUnmapDevice>(&dm, *cow_name);
+ LOG(INFO) << "Mapped COW device for " << params.GetPartitionName() << " at " << cow_path;
+ return true;
+}
+
+bool SnapshotManager::UnmapCowDevices(LockedFile* lock, const std::string& name) {
+ CHECK(lock);
+ if (!EnsureImageManager()) return false;
+
+ auto& dm = DeviceMapper::Instance();
+ auto cow_name = GetCowName(name);
+ if (!dm.DeleteDeviceIfExists(cow_name)) {
+ LOG(ERROR) << "Cannot unmap " << cow_name;
+ return false;
+ }
+
+ std::string cow_image_name = GetCowImageDeviceName(name);
+ if (!images_->UnmapImageIfExists(cow_image_name)) {
+ LOG(ERROR) << "Cannot unmap image " << cow_image_name;
+ return false;
+ }
+ return true;
+}
+
auto SnapshotManager::OpenFile(const std::string& file, int open_flags, int lock_flags)
-> std::unique_ptr<LockedFile> {
unique_fd fd(open(file.c_str(), open_flags | O_CLOEXEC | O_NOFOLLOW | O_SYNC, 0660));
@@ -1317,7 +1482,7 @@
PLOG(ERROR) << "Open failed: " << file;
return nullptr;
}
- if (flock(fd, lock_flags) < 0) {
+ if (lock_flags != 0 && flock(fd, lock_flags) < 0) {
PLOG(ERROR) << "Acquire flock failed: " << file;
return nullptr;
}
@@ -1384,34 +1549,33 @@
}
}
-bool SnapshotManager::WriteUpdateState(LockedFile* file, UpdateState state) {
- std::string contents;
+std::ostream& operator<<(std::ostream& os, UpdateState state) {
switch (state) {
case UpdateState::None:
- contents = "none";
- break;
+ return os << "none";
case UpdateState::Initiated:
- contents = "initiated";
- break;
+ return os << "initiated";
case UpdateState::Unverified:
- contents = "unverified";
- break;
+ return os << "unverified";
case UpdateState::Merging:
- contents = "merging";
- break;
+ return os << "merging";
case UpdateState::MergeCompleted:
- contents = "merge-completed";
- break;
+ return os << "merge-completed";
case UpdateState::MergeNeedsReboot:
- contents = "merge-needs-reboot";
- break;
+ return os << "merge-needs-reboot";
case UpdateState::MergeFailed:
- contents = "merge-failed";
- break;
+ return os << "merge-failed";
default:
LOG(ERROR) << "Unknown update state";
- return false;
+ return os;
}
+}
+
+bool SnapshotManager::WriteUpdateState(LockedFile* file, UpdateState state) {
+ std::stringstream ss;
+ ss << state;
+ std::string contents = ss.str();
+ if (contents.empty()) return false;
if (!Truncate(file)) return false;
if (!android::base::WriteStringToFd(contents, file->fd())) {
@@ -1577,5 +1741,268 @@
return true;
}
+bool SnapshotManager::CreateUpdateSnapshots(const DeltaArchiveManifest& manifest) {
+ auto lock = LockExclusive();
+ if (!lock) return false;
+
+ const auto& opener = device_->GetPartitionOpener();
+ auto current_suffix = device_->GetSlotSuffix();
+ uint32_t current_slot = SlotNumberForSlotSuffix(current_suffix);
+ auto target_suffix = device_->GetOtherSlotSuffix();
+ uint32_t target_slot = SlotNumberForSlotSuffix(target_suffix);
+ auto current_super = device_->GetSuperDevice(current_slot);
+
+ auto current_metadata = MetadataBuilder::New(opener, current_super, current_slot);
+ auto target_metadata =
+ MetadataBuilder::NewForUpdate(opener, current_super, current_slot, target_slot);
+
+ SnapshotMetadataUpdater metadata_updater(target_metadata.get(), target_slot, manifest);
+ if (!metadata_updater.Update()) {
+ LOG(ERROR) << "Cannot calculate new metadata.";
+ return false;
+ }
+
+ if (!target_metadata->AddGroup(kCowGroupName, 0)) {
+ LOG(ERROR) << "Cannot add group " << kCowGroupName;
+ return false;
+ }
+
+ std::map<std::string, const RepeatedPtrField<InstallOperation>*> install_operation_map;
+ for (const auto& partition_update : manifest.partitions()) {
+ auto suffixed_name = partition_update.partition_name() + target_suffix;
+ auto&& [it, inserted] = install_operation_map.emplace(std::move(suffixed_name),
+ &partition_update.operations());
+ if (!inserted) {
+ LOG(ERROR) << "Duplicated partition " << partition_update.partition_name()
+ << " in update manifest.";
+ return false;
+ }
+ }
+
+ // TODO(b/134949511): remove this check. Right now, with overlayfs mounted, the scratch
+ // partition takes up a big chunk of space in super, causing COW images to be created on
+ // retrofit Virtual A/B devices.
+ if (device_->IsOverlayfsSetup()) {
+ LOG(ERROR) << "Cannot create update snapshots with overlayfs setup. Run `adb enable-verity`"
+ << ", reboot, then try again.";
+ return false;
+ }
+
+ // Check that all these metadata is not retrofit dynamic partitions. Snapshots on
+ // devices with retrofit dynamic partitions does not make sense.
+ // This ensures that current_metadata->GetFreeRegions() uses the same device
+ // indices as target_metadata (i.e. 0 -> "super").
+ // This is also assumed in MapCowDevices() call below.
+ CHECK(current_metadata->GetBlockDevicePartitionName(0) == LP_METADATA_DEFAULT_PARTITION_NAME &&
+ target_metadata->GetBlockDevicePartitionName(0) == LP_METADATA_DEFAULT_PARTITION_NAME);
+
+ std::map<std::string, SnapshotStatus> all_snapshot_status;
+
+ // In case of error, automatically delete devices that are created along the way.
+ // Note that "lock" is destroyed after "created_devices", so it is safe to use |lock| for
+ // these devices.
+ AutoDeviceList created_devices;
+
+ for (auto* target_partition : ListPartitionsWithSuffix(target_metadata.get(), target_suffix)) {
+ const RepeatedPtrField<InstallOperation>* operations = nullptr;
+ auto operations_it = install_operation_map.find(target_partition->name());
+ if (operations_it != install_operation_map.end()) {
+ operations = operations_it->second;
+ }
+
+ // Compute the device sizes for the partition.
+ PartitionCowCreator cow_creator{target_metadata.get(), target_suffix, target_partition,
+ current_metadata.get(), current_suffix, operations};
+ auto cow_creator_ret = cow_creator.Run();
+ if (!cow_creator_ret.has_value()) {
+ return false;
+ }
+
+ LOG(INFO) << "For partition " << target_partition->name()
+ << ", device size = " << cow_creator_ret->snapshot_status.device_size
+ << ", snapshot size = " << cow_creator_ret->snapshot_status.snapshot_size
+ << ", cow partition size = "
+ << cow_creator_ret->snapshot_status.cow_partition_size
+ << ", cow file size = " << cow_creator_ret->snapshot_status.cow_file_size;
+
+ // Delete any existing snapshot before re-creating one.
+ if (!DeleteSnapshot(lock.get(), target_partition->name())) {
+ LOG(ERROR) << "Cannot delete existing snapshot before creating a new one for partition "
+ << target_partition->name();
+ return false;
+ }
+
+ // It is possible that the whole partition uses free space in super, and snapshot / COW
+ // would not be needed. In this case, skip the partition.
+ bool needs_snapshot = cow_creator_ret->snapshot_status.snapshot_size > 0;
+ bool needs_cow = (cow_creator_ret->snapshot_status.cow_partition_size +
+ cow_creator_ret->snapshot_status.cow_file_size) > 0;
+ CHECK(needs_snapshot == needs_cow);
+
+ if (!needs_snapshot) {
+ LOG(INFO) << "Skip creating snapshot for partition " << target_partition->name()
+ << "because nothing needs to be snapshotted.";
+ continue;
+ }
+
+ // Store these device sizes to snapshot status file.
+ if (!CreateSnapshot(lock.get(), target_partition->name(),
+ cow_creator_ret->snapshot_status)) {
+ return false;
+ }
+ created_devices.EmplaceBack<AutoDeleteSnapshot>(this, lock.get(), target_partition->name());
+
+ // Create the COW partition. That is, use any remaining free space in super partition before
+ // creating the COW images.
+ if (cow_creator_ret->snapshot_status.cow_partition_size > 0) {
+ CHECK(cow_creator_ret->snapshot_status.cow_partition_size % kSectorSize == 0)
+ << "cow_partition_size == "
+ << cow_creator_ret->snapshot_status.cow_partition_size
+ << " is not a multiple of sector size " << kSectorSize;
+ auto cow_partition = target_metadata->AddPartition(GetCowName(target_partition->name()),
+ kCowGroupName, 0 /* flags */);
+ if (cow_partition == nullptr) {
+ return false;
+ }
+
+ if (!target_metadata->ResizePartition(
+ cow_partition, cow_creator_ret->snapshot_status.cow_partition_size,
+ cow_creator_ret->cow_partition_usable_regions)) {
+ LOG(ERROR) << "Cannot create COW partition on metadata with size "
+ << cow_creator_ret->snapshot_status.cow_partition_size;
+ return false;
+ }
+ // Only the in-memory target_metadata is modified; nothing to clean up if there is an
+ // error in the future.
+ }
+
+ // Create the backing COW image if necessary.
+ if (cow_creator_ret->snapshot_status.cow_file_size > 0) {
+ if (!CreateCowImage(lock.get(), target_partition->name())) {
+ return false;
+ }
+ }
+
+ all_snapshot_status[target_partition->name()] = std::move(cow_creator_ret->snapshot_status);
+
+ LOG(INFO) << "Successfully created snapshot for " << target_partition->name();
+ }
+
+ auto& dm = DeviceMapper::Instance();
+ auto exported_target_metadata = target_metadata->Export();
+ if (exported_target_metadata == nullptr) {
+ LOG(ERROR) << "Cannot export target metadata";
+ return false;
+ }
+ CreateLogicalPartitionParams cow_params{
+ .block_device = LP_METADATA_DEFAULT_PARTITION_NAME,
+ .metadata = exported_target_metadata.get(),
+ .timeout_ms = std::chrono::milliseconds::max(),
+ .partition_opener = &device_->GetPartitionOpener(),
+ };
+ for (auto* target_partition : ListPartitionsWithSuffix(target_metadata.get(), target_suffix)) {
+ AutoDeviceList created_devices_for_cow;
+
+ if (!UnmapPartitionWithSnapshot(lock.get(), target_partition->name())) {
+ LOG(ERROR) << "Cannot unmap existing COW devices before re-mapping them for zero-fill: "
+ << target_partition->name();
+ return false;
+ }
+
+ auto it = all_snapshot_status.find(target_partition->name());
+ CHECK(it != all_snapshot_status.end()) << target_partition->name();
+ cow_params.partition_name = target_partition->name();
+ std::string cow_name;
+ if (!MapCowDevices(lock.get(), cow_params, it->second, &created_devices_for_cow,
+ &cow_name)) {
+ return false;
+ }
+
+ std::string cow_path;
+ if (!dm.GetDmDevicePathByName(cow_name, &cow_path)) {
+ LOG(ERROR) << "Cannot determine path for " << cow_name;
+ return false;
+ }
+
+ if (!InitializeCow(cow_path)) {
+ LOG(ERROR) << "Can't zero-fill COW device for " << target_partition->name() << ": "
+ << cow_path;
+ return false;
+ }
+ // Let destructor of created_devices_for_cow to unmap the COW devices.
+ };
+
+ if (!UpdatePartitionTable(opener, device_->GetSuperDevice(target_slot),
+ *exported_target_metadata, target_slot)) {
+ LOG(ERROR) << "Cannot write target metadata";
+ return false;
+ }
+
+ created_devices.Release();
+ LOG(INFO) << "Successfully created all snapshots for target slot " << target_suffix;
+
+ return true;
+}
+
+bool SnapshotManager::MapUpdateSnapshot(const CreateLogicalPartitionParams& params,
+ std::string* snapshot_path) {
+ auto lock = LockShared();
+ if (!lock) return false;
+ if (!UnmapPartitionWithSnapshot(lock.get(), params.GetPartitionName())) {
+ LOG(ERROR) << "Cannot unmap existing snapshot before re-mapping it: "
+ << params.GetPartitionName();
+ return false;
+ }
+ return MapPartitionWithSnapshot(lock.get(), params, snapshot_path);
+}
+
+bool SnapshotManager::UnmapUpdateSnapshot(const std::string& target_partition_name) {
+ auto lock = LockShared();
+ if (!lock) return false;
+ return UnmapPartitionWithSnapshot(lock.get(), target_partition_name);
+}
+
+bool SnapshotManager::Dump(std::ostream& os) {
+ // Don't actually lock. Dump() is for debugging purposes only, so it is okay
+ // if it is racy.
+ auto file = OpenStateFile(O_RDONLY, 0);
+ if (!file) return false;
+
+ std::stringstream ss;
+
+ ss << "Update state: " << ReadUpdateState(file.get()) << std::endl;
+
+ auto boot_file = GetSnapshotBootIndicatorPath();
+ std::string boot_indicator;
+ if (android::base::ReadFileToString(boot_file, &boot_indicator)) {
+ ss << "Boot indicator: old slot = " << boot_indicator << std::endl;
+ }
+
+ bool ok = true;
+ std::vector<std::string> snapshots;
+ if (!ListSnapshots(file.get(), &snapshots)) {
+ LOG(ERROR) << "Could not list snapshots";
+ snapshots.clear();
+ ok = false;
+ }
+ for (const auto& name : snapshots) {
+ ss << "Snapshot: " << name << std::endl;
+ SnapshotStatus status;
+ if (!ReadSnapshotStatus(file.get(), name, &status)) {
+ ok = false;
+ continue;
+ }
+ ss << " state: " << to_string(status.state) << std::endl;
+ ss << " device size (bytes): " << status.device_size << std::endl;
+ ss << " snapshot size (bytes): " << status.snapshot_size << std::endl;
+ ss << " cow partition size (bytes): " << status.cow_partition_size << std::endl;
+ ss << " cow file size (bytes): " << status.cow_file_size << std::endl;
+ ss << " allocated sectors: " << status.sectors_allocated << std::endl;
+ ss << " metadata sectors: " << status.metadata_sectors << std::endl;
+ }
+ os << ss.rdbuf();
+ return ok;
+}
+
} // namespace snapshot
} // namespace android
diff --git a/fs_mgr/libsnapshot/snapshot_metadata_updater.cpp b/fs_mgr/libsnapshot/snapshot_metadata_updater.cpp
new file mode 100644
index 0000000..60bf796
--- /dev/null
+++ b/fs_mgr/libsnapshot/snapshot_metadata_updater.cpp
@@ -0,0 +1,273 @@
+//
+// Copyright (C) 2019 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+#include "snapshot_metadata_updater.h"
+
+#include <algorithm>
+#include <map>
+#include <optional>
+#include <set>
+#include <string>
+#include <string_view>
+#include <vector>
+
+#include <android-base/logging.h>
+#include <android-base/strings.h>
+#include <fs_mgr.h>
+#include <libsnapshot/snapshot.h>
+
+using android::fs_mgr::MetadataBuilder;
+using android::fs_mgr::Partition;
+using android::fs_mgr::SlotSuffixForSlotNumber;
+using chromeos_update_engine::DeltaArchiveManifest;
+
+namespace android {
+namespace snapshot {
+SnapshotMetadataUpdater::SnapshotMetadataUpdater(MetadataBuilder* builder, uint32_t target_slot,
+ const DeltaArchiveManifest& manifest)
+ : builder_(builder), target_suffix_(SlotSuffixForSlotNumber(target_slot)) {
+ if (!manifest.has_dynamic_partition_metadata()) {
+ return;
+ }
+
+ // Key: partition name ("system"). Value: group name ("group").
+ // No suffix.
+ std::map<std::string_view, std::string_view> partition_group_map;
+ const auto& metadata_groups = manifest.dynamic_partition_metadata().groups();
+ groups_.reserve(metadata_groups.size());
+ for (const auto& group : metadata_groups) {
+ groups_.emplace_back(Group{group.name() + target_suffix_, &group});
+ for (const auto& partition_name : group.partition_names()) {
+ partition_group_map[partition_name] = group.name();
+ }
+ }
+
+ for (const auto& p : manifest.partitions()) {
+ auto it = partition_group_map.find(p.partition_name());
+ if (it != partition_group_map.end()) {
+ partitions_.emplace_back(Partition{p.partition_name() + target_suffix_,
+ std::string(it->second) + target_suffix_, &p});
+ }
+ }
+}
+
+bool SnapshotMetadataUpdater::ShrinkPartitions() const {
+ for (const auto& partition_update : partitions_) {
+ auto* existing_partition = builder_->FindPartition(partition_update.name);
+ if (existing_partition == nullptr) {
+ continue;
+ }
+ auto new_size = partition_update->new_partition_info().size();
+ if (existing_partition->size() <= new_size) {
+ continue;
+ }
+ if (!builder_->ResizePartition(existing_partition, new_size)) {
+ return false;
+ }
+ }
+ return true;
+}
+
+bool SnapshotMetadataUpdater::DeletePartitions() const {
+ std::vector<std::string> partitions_to_delete;
+ // Don't delete partitions in groups where the group name doesn't have target_suffix,
+ // e.g. default.
+ for (auto* existing_partition : ListPartitionsWithSuffix(builder_, target_suffix_)) {
+ auto iter = std::find_if(partitions_.begin(), partitions_.end(),
+ [existing_partition](auto&& partition_update) {
+ return partition_update.name == existing_partition->name();
+ });
+ // Update package metadata doesn't have this partition. Prepare to delete it.
+ // Not deleting from builder_ yet because it may break ListPartitionsWithSuffix if it were
+ // to return an iterable view of builder_.
+ if (iter == partitions_.end()) {
+ partitions_to_delete.push_back(existing_partition->name());
+ }
+ }
+
+ for (const auto& partition_name : partitions_to_delete) {
+ builder_->RemovePartition(partition_name);
+ }
+ return true;
+}
+
+bool SnapshotMetadataUpdater::MovePartitionsToDefault() const {
+ for (const auto& partition_update : partitions_) {
+ auto* existing_partition = builder_->FindPartition(partition_update.name);
+ if (existing_partition == nullptr) {
+ continue;
+ }
+ if (existing_partition->group_name() == partition_update.group_name) {
+ continue;
+ }
+ // Move to "default" group (which doesn't have maximum size constraint)
+ // temporarily.
+ if (!builder_->ChangePartitionGroup(existing_partition, android::fs_mgr::kDefaultGroup)) {
+ return false;
+ }
+ }
+ return true;
+}
+
+bool SnapshotMetadataUpdater::ShrinkGroups() const {
+ for (const auto& group_update : groups_) {
+ auto* existing_group = builder_->FindGroup(group_update.name);
+ if (existing_group == nullptr) {
+ continue;
+ }
+ if (existing_group->maximum_size() <= group_update->size()) {
+ continue;
+ }
+ if (!builder_->ChangeGroupSize(existing_group->name(), group_update->size())) {
+ return false;
+ }
+ }
+ return true;
+}
+
+bool SnapshotMetadataUpdater::DeleteGroups() const {
+ std::vector<std::string> existing_groups = builder_->ListGroups();
+ for (const auto& existing_group_name : existing_groups) {
+ // Don't delete groups without target suffix, e.g. default.
+ if (!android::base::EndsWith(existing_group_name, target_suffix_)) {
+ continue;
+ }
+
+ auto iter = std::find_if(groups_.begin(), groups_.end(),
+ [&existing_group_name](auto&& group_update) {
+ return group_update.name == existing_group_name;
+ });
+ // Update package metadata has this group as well, so not deleting it.
+ if (iter != groups_.end()) {
+ continue;
+ }
+ // Update package metadata doesn't have this group. Before deleting it, sanity check that it
+ // doesn't have any partitions left. Update metadata shouldn't assign any partitions to this
+ // group, so all partitions that originally belong to this group should be moved by
+ // MovePartitionsToDefault at this point.
+ auto existing_partitions_in_group = builder_->ListPartitionsInGroup(existing_group_name);
+ if (!existing_partitions_in_group.empty()) {
+ std::vector<std::string> partition_names_in_group;
+ std::transform(existing_partitions_in_group.begin(), existing_partitions_in_group.end(),
+ std::back_inserter(partition_names_in_group),
+ [](auto* p) { return p->name(); });
+ LOG(ERROR)
+ << "Group " << existing_group_name
+ << " cannot be deleted because the following partitions are left unassigned: ["
+ << android::base::Join(partition_names_in_group, ",") << "]";
+ return false;
+ }
+ builder_->RemoveGroupAndPartitions(existing_group_name);
+ }
+ return true;
+}
+
+bool SnapshotMetadataUpdater::AddGroups() const {
+ for (const auto& group_update : groups_) {
+ if (builder_->FindGroup(group_update.name) == nullptr) {
+ if (!builder_->AddGroup(group_update.name, group_update->size())) {
+ return false;
+ }
+ }
+ }
+ return true;
+}
+
+bool SnapshotMetadataUpdater::GrowGroups() const {
+ for (const auto& group_update : groups_) {
+ auto* existing_group = builder_->FindGroup(group_update.name);
+ if (existing_group == nullptr) {
+ continue;
+ }
+ if (existing_group->maximum_size() >= group_update->size()) {
+ continue;
+ }
+ if (!builder_->ChangeGroupSize(existing_group->name(), group_update->size())) {
+ return false;
+ }
+ }
+ return true;
+}
+
+bool SnapshotMetadataUpdater::AddPartitions() const {
+ for (const auto& partition_update : partitions_) {
+ if (builder_->FindPartition(partition_update.name) == nullptr) {
+ auto* p =
+ builder_->AddPartition(partition_update.name, partition_update.group_name,
+ LP_PARTITION_ATTR_READONLY | LP_PARTITION_ATTR_UPDATED);
+ if (p == nullptr) {
+ return false;
+ }
+ }
+ }
+ // Will be resized in GrowPartitions.
+ return true;
+}
+
+bool SnapshotMetadataUpdater::GrowPartitions() const {
+ for (const auto& partition_update : partitions_) {
+ auto* existing_partition = builder_->FindPartition(partition_update.name);
+ if (existing_partition == nullptr) {
+ continue;
+ }
+ auto new_size = partition_update->new_partition_info().size();
+ if (existing_partition->size() >= new_size) {
+ continue;
+ }
+ if (!builder_->ResizePartition(existing_partition, new_size)) {
+ return false;
+ }
+ }
+ return true;
+}
+
+bool SnapshotMetadataUpdater::MovePartitionsToCorrectGroup() const {
+ for (const auto& partition_update : partitions_) {
+ auto* existing_partition = builder_->FindPartition(partition_update.name);
+ if (existing_partition == nullptr) {
+ continue;
+ }
+ if (existing_partition->group_name() == partition_update.group_name) {
+ continue;
+ }
+ if (!builder_->ChangePartitionGroup(existing_partition, partition_update.group_name)) {
+ return false;
+ }
+ }
+ return true;
+}
+
+bool SnapshotMetadataUpdater::Update() const {
+ // Remove extents used by COW devices by removing the COW group completely.
+ builder_->RemoveGroupAndPartitions(android::snapshot::kCowGroupName);
+
+ // The order of these operations are important so that we
+ // always have enough space to grow or add new partitions / groups.
+ // clang-format off
+ return ShrinkPartitions() &&
+ DeletePartitions() &&
+ MovePartitionsToDefault() &&
+ ShrinkGroups() &&
+ DeleteGroups() &&
+ AddGroups() &&
+ GrowGroups() &&
+ AddPartitions() &&
+ GrowPartitions() &&
+ MovePartitionsToCorrectGroup();
+ // clang-format on
+}
+} // namespace snapshot
+} // namespace android
diff --git a/fs_mgr/libsnapshot/snapshot_metadata_updater.h b/fs_mgr/libsnapshot/snapshot_metadata_updater.h
new file mode 100644
index 0000000..83c9460
--- /dev/null
+++ b/fs_mgr/libsnapshot/snapshot_metadata_updater.h
@@ -0,0 +1,85 @@
+//
+// Copyright (C) 2019 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+#pragma once
+
+#include <stdint.h>
+
+#include <string>
+#include <vector>
+
+#include <liblp/builder.h>
+#include <update_engine/update_metadata.pb.h>
+
+#include "utility.h"
+
+namespace android {
+namespace snapshot {
+
+// Helper class that modifies a super partition metadata for an update for
+// Virtual A/B devices.
+class SnapshotMetadataUpdater {
+ using DeltaArchiveManifest = chromeos_update_engine::DeltaArchiveManifest;
+ using DynamicPartitionMetadata = chromeos_update_engine::DynamicPartitionMetadata;
+ using DynamicPartitionGroup = chromeos_update_engine::DynamicPartitionGroup;
+ using PartitionUpdate = chromeos_update_engine::PartitionUpdate;
+
+ public:
+ // Caller is responsible for ensuring the lifetime of manifest to be longer
+ // than SnapshotMetadataUpdater.
+ SnapshotMetadataUpdater(android::fs_mgr::MetadataBuilder* builder, uint32_t target_slot,
+ const DeltaArchiveManifest& manifest);
+ bool Update() const;
+
+ private:
+ bool RenameGroupSuffix() const;
+ bool ShrinkPartitions() const;
+ bool DeletePartitions() const;
+ bool MovePartitionsToDefault() const;
+ bool ShrinkGroups() const;
+ bool DeleteGroups() const;
+ bool AddGroups() const;
+ bool GrowGroups() const;
+ bool AddPartitions() const;
+ bool GrowPartitions() const;
+ bool MovePartitionsToCorrectGroup() const;
+
+ // Wraps a DynamicPartitionGroup with a slot-suffixed name. Always use
+ // .name instead of ->name() because .name has the slot suffix (e.g.
+ // .name is "group_b" and ->name() is "group".)
+ struct Group {
+ std::string name;
+ const DynamicPartitionGroup* group;
+ const DynamicPartitionGroup* operator->() const { return group; }
+ };
+ // Wraps a PartitionUpdate with a slot-suffixed name / group name. Always use
+ // .name instead of ->partition_name() because .name has the slot suffix (e.g.
+ // .name is "system_b" and ->partition_name() is "system".)
+ struct Partition {
+ std::string name;
+ std::string group_name;
+ const PartitionUpdate* partition;
+ const PartitionUpdate* operator->() const { return partition; }
+ };
+
+ android::fs_mgr::MetadataBuilder* const builder_;
+ const std::string target_suffix_;
+ std::vector<Group> groups_;
+ std::vector<Partition> partitions_;
+};
+
+} // namespace snapshot
+} // namespace android
diff --git a/fs_mgr/libsnapshot/snapshot_metadata_updater_test.cpp b/fs_mgr/libsnapshot/snapshot_metadata_updater_test.cpp
new file mode 100644
index 0000000..535653a
--- /dev/null
+++ b/fs_mgr/libsnapshot/snapshot_metadata_updater_test.cpp
@@ -0,0 +1,328 @@
+//
+// Copyright (C) 2019 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+#include "snapshot_metadata_updater.h"
+
+#include <memory>
+#include <string>
+
+#include <gmock/gmock.h>
+#include <gtest/gtest.h>
+#include <liblp/builder.h>
+#include <storage_literals/storage_literals.h>
+
+#include "test_helpers.h"
+
+using namespace android::storage_literals;
+using android::fs_mgr::LpMetadata;
+using android::fs_mgr::MetadataBuilder;
+using android::fs_mgr::SlotSuffixForSlotNumber;
+using chromeos_update_engine::DeltaArchiveManifest;
+using chromeos_update_engine::DynamicPartitionGroup;
+using chromeos_update_engine::PartitionUpdate;
+using testing::AssertionFailure;
+using testing::AssertionResult;
+using testing::AssertionSuccess;
+
+namespace android {
+namespace snapshot {
+
+class SnapshotMetadataUpdaterTest : public ::testing::TestWithParam<uint32_t> {
+ public:
+ void SetUp() override {
+ target_slot_ = GetParam();
+ target_suffix_ = SlotSuffixForSlotNumber(target_slot_);
+ builder_ = MetadataBuilder::New(4_GiB + 1_MiB, 4_KiB, 2);
+
+ group_ = manifest_.mutable_dynamic_partition_metadata()->add_groups();
+ group_->set_name("group");
+ group_->set_size(4_GiB);
+ group_->add_partition_names("system");
+ group_->add_partition_names("vendor");
+ system_ = manifest_.add_partitions();
+ system_->set_partition_name("system");
+ SetSize(system_, 2_GiB);
+ vendor_ = manifest_.add_partitions();
+ vendor_->set_partition_name("vendor");
+ SetSize(vendor_, 1_GiB);
+
+ ASSERT_TRUE(FillFakeMetadata(builder_.get(), manifest_, target_suffix_));
+ }
+
+ // Append suffix to name.
+ std::string T(std::string_view name) { return std::string(name) + target_suffix_; }
+
+ AssertionResult UpdateAndExport() {
+ SnapshotMetadataUpdater updater(builder_.get(), target_slot_, manifest_);
+ if (!updater.Update()) {
+ return AssertionFailure() << "Update failed.";
+ }
+
+ exported_ = builder_->Export();
+ if (exported_ == nullptr) {
+ return AssertionFailure() << "Export failed.";
+ }
+ return AssertionSuccess();
+ }
+
+ // Check that in |builder_|, partition |name| + |target_suffix_| has the given |size|.
+ AssertionResult CheckSize(std::string_view name, uint64_t size) {
+ auto p = builder_->FindPartition(T(name));
+ if (p == nullptr) {
+ return AssertionFailure() << "Cannot find partition " << T(name);
+ }
+ if (p->size() != size) {
+ return AssertionFailure() << "Partition " << T(name) << " should be " << size
+ << " bytes, but is " << p->size() << " bytes.";
+ }
+ return AssertionSuccess() << "Partition" << T(name) << " is " << size << " bytes.";
+ }
+
+ // Check that in |builder_|, group |name| + |target_suffix_| has the given |size|.
+ AssertionResult CheckGroupSize(std::string_view name, uint64_t size) {
+ auto g = builder_->FindGroup(T(name));
+ if (g == nullptr) {
+ return AssertionFailure() << "Cannot find group " << T(name);
+ }
+ if (g->maximum_size() != size) {
+ return AssertionFailure() << "Group " << T(name) << " should be " << size
+ << " bytes, but is " << g->maximum_size() << " bytes.";
+ }
+ return AssertionSuccess() << "Group" << T(name) << " is " << size << " bytes.";
+ }
+
+ // Check that in |builder_|, partition |partition_name| + |target_suffix_| is in group
+ // |group_name| + |target_suffix_|;
+ AssertionResult CheckGroupName(std::string_view partition_name, std::string_view group_name) {
+ auto p = builder_->FindPartition(T(partition_name));
+ if (p == nullptr) {
+ return AssertionFailure() << "Cannot find partition " << T(partition_name);
+ }
+ if (p->group_name() != T(group_name)) {
+ return AssertionFailure() << "Partition " << T(partition_name) << " should be in "
+ << T(group_name) << ", but is in " << p->group_name() << ".";
+ }
+ return AssertionSuccess() << "Partition" << T(partition_name) << " is in " << T(group_name)
+ << ".";
+ }
+
+ std::unique_ptr<MetadataBuilder> builder_;
+ uint32_t target_slot_;
+ std::string target_suffix_;
+ DeltaArchiveManifest manifest_;
+ std::unique_ptr<LpMetadata> exported_;
+ DynamicPartitionGroup* group_ = nullptr;
+ PartitionUpdate* system_ = nullptr;
+ PartitionUpdate* vendor_ = nullptr;
+};
+
+TEST_P(SnapshotMetadataUpdaterTest, NoChange) {
+ EXPECT_TRUE(UpdateAndExport());
+
+ EXPECT_TRUE(CheckGroupSize("group", 4_GiB));
+ EXPECT_TRUE(CheckSize("system", 2_GiB));
+ EXPECT_TRUE(CheckGroupName("system", "group"));
+ EXPECT_TRUE(CheckSize("vendor", 1_GiB));
+ EXPECT_TRUE(CheckGroupName("vendor", "group"));
+}
+
+TEST_P(SnapshotMetadataUpdaterTest, GrowWithinBounds) {
+ SetSize(system_, 2_GiB + 512_MiB);
+ SetSize(vendor_, 1_GiB + 512_MiB);
+
+ ASSERT_TRUE(UpdateAndExport());
+
+ EXPECT_TRUE(CheckSize("system", 2_GiB + 512_MiB));
+ EXPECT_TRUE(CheckSize("vendor", 1_GiB + 512_MiB));
+}
+
+TEST_P(SnapshotMetadataUpdaterTest, GrowOverSuper) {
+ SetSize(system_, 3_GiB);
+ SetSize(vendor_, 1_GiB + 512_MiB);
+
+ EXPECT_FALSE(UpdateAndExport());
+}
+
+TEST_P(SnapshotMetadataUpdaterTest, GrowOverGroup) {
+ SetSize(system_, 3_GiB);
+ SetSize(vendor_, 1_GiB + 4_KiB);
+
+ EXPECT_FALSE(UpdateAndExport());
+}
+
+TEST_P(SnapshotMetadataUpdaterTest, Add) {
+ group_->add_partition_names("product");
+ auto product = manifest_.add_partitions();
+ product->set_partition_name("product");
+ SetSize(product, 1_GiB);
+
+ EXPECT_TRUE(UpdateAndExport());
+
+ EXPECT_TRUE(CheckSize("system", 2_GiB));
+ EXPECT_TRUE(CheckSize("vendor", 1_GiB));
+ EXPECT_TRUE(CheckSize("product", 1_GiB));
+}
+
+TEST_P(SnapshotMetadataUpdaterTest, AddTooBig) {
+ group_->add_partition_names("product");
+ auto product = manifest_.add_partitions();
+ product->set_partition_name("product");
+ SetSize(product, 1_GiB + 4_KiB);
+
+ EXPECT_FALSE(UpdateAndExport());
+}
+
+TEST_P(SnapshotMetadataUpdaterTest, ShrinkAll) {
+ SetSize(system_, 1_GiB);
+ SetSize(vendor_, 512_MiB);
+
+ ASSERT_TRUE(UpdateAndExport());
+
+ EXPECT_TRUE(CheckSize("system", 1_GiB));
+ EXPECT_TRUE(CheckSize("vendor", 512_MiB));
+}
+
+TEST_P(SnapshotMetadataUpdaterTest, ShrinkAndGrow) {
+ SetSize(system_, 3_GiB + 512_MiB);
+ SetSize(vendor_, 512_MiB);
+
+ ASSERT_TRUE(UpdateAndExport());
+
+ EXPECT_TRUE(CheckSize("system", 3_GiB + 512_MiB));
+ EXPECT_TRUE(CheckSize("vendor", 512_MiB));
+}
+
+TEST_P(SnapshotMetadataUpdaterTest, ShrinkAndAdd) {
+ SetSize(system_, 2_GiB);
+ SetSize(vendor_, 512_MiB);
+ group_->add_partition_names("product");
+ auto product = manifest_.add_partitions();
+ product->set_partition_name("product");
+ SetSize(product, 1_GiB + 512_MiB);
+
+ ASSERT_TRUE(UpdateAndExport());
+
+ EXPECT_TRUE(CheckSize("system", 2_GiB));
+ EXPECT_TRUE(CheckSize("vendor", 512_MiB));
+ EXPECT_TRUE(CheckSize("product", 1_GiB + 512_MiB));
+}
+
+TEST_P(SnapshotMetadataUpdaterTest, Delete) {
+ group_->mutable_partition_names()->RemoveLast();
+ // No need to delete it from manifest.partitions as SnapshotMetadataUpdater
+ // should ignore them (treat them as static partitions).
+
+ EXPECT_TRUE(UpdateAndExport());
+
+ EXPECT_TRUE(CheckSize("system", 2_GiB));
+ EXPECT_EQ(nullptr, builder_->FindPartition(T("vendor")));
+}
+
+TEST_P(SnapshotMetadataUpdaterTest, DeleteAndGrow) {
+ group_->mutable_partition_names()->RemoveLast();
+ SetSize(system_, 4_GiB);
+
+ EXPECT_TRUE(UpdateAndExport());
+
+ EXPECT_TRUE(CheckSize("system", 4_GiB));
+}
+
+TEST_P(SnapshotMetadataUpdaterTest, DeleteAndAdd) {
+ group_->mutable_partition_names()->RemoveLast();
+ group_->add_partition_names("product");
+ auto product = manifest_.add_partitions();
+ product->set_partition_name("product");
+ SetSize(product, 2_GiB);
+
+ EXPECT_TRUE(UpdateAndExport());
+
+ EXPECT_TRUE(CheckSize("system", 2_GiB));
+ EXPECT_EQ(nullptr, builder_->FindPartition(T("vendor")));
+ EXPECT_TRUE(CheckSize("product", 2_GiB));
+}
+
+TEST_P(SnapshotMetadataUpdaterTest, GrowGroup) {
+ group_->set_size(4_GiB + 512_KiB);
+ SetSize(system_, 2_GiB + 256_KiB);
+ SetSize(vendor_, 2_GiB + 256_KiB);
+
+ EXPECT_TRUE(UpdateAndExport());
+
+ EXPECT_TRUE(CheckSize("system", 2_GiB + 256_KiB));
+ EXPECT_TRUE(CheckSize("vendor", 2_GiB + 256_KiB));
+}
+
+TEST_P(SnapshotMetadataUpdaterTest, ShrinkGroup) {
+ group_->set_size(1_GiB);
+ SetSize(system_, 512_MiB);
+ SetSize(vendor_, 512_MiB);
+
+ EXPECT_TRUE(UpdateAndExport());
+
+ EXPECT_TRUE(CheckSize("system", 512_MiB));
+ EXPECT_TRUE(CheckSize("vendor", 512_MiB));
+}
+
+TEST_P(SnapshotMetadataUpdaterTest, MoveToNewGroup) {
+ group_->mutable_partition_names()->RemoveLast();
+ group_->set_size(2_GiB);
+
+ auto another_group = manifest_.mutable_dynamic_partition_metadata()->add_groups();
+ another_group->set_name("another_group");
+ another_group->set_size(2_GiB);
+ another_group->add_partition_names("vendor");
+ SetSize(vendor_, 2_GiB);
+
+ EXPECT_TRUE(UpdateAndExport());
+
+ EXPECT_TRUE(CheckGroupSize("group", 2_GiB));
+ EXPECT_TRUE(CheckGroupSize("another_group", 2_GiB));
+ EXPECT_TRUE(CheckSize("system", 2_GiB));
+ EXPECT_TRUE(CheckGroupName("system", "group"));
+ EXPECT_TRUE(CheckSize("vendor", 2_GiB));
+ EXPECT_TRUE(CheckGroupName("vendor", "another_group"));
+}
+
+TEST_P(SnapshotMetadataUpdaterTest, DeleteAndAddGroup) {
+ manifest_.mutable_dynamic_partition_metadata()->mutable_groups()->RemoveLast();
+ group_ = nullptr;
+
+ auto another_group = manifest_.mutable_dynamic_partition_metadata()->add_groups();
+ another_group->set_name("another_group");
+ another_group->set_size(4_GiB);
+ another_group->add_partition_names("system");
+ another_group->add_partition_names("vendor");
+ another_group->add_partition_names("product");
+ auto product = manifest_.add_partitions();
+ product->set_partition_name("product");
+ SetSize(product, 1_GiB);
+
+ EXPECT_TRUE(UpdateAndExport());
+
+ EXPECT_EQ(nullptr, builder_->FindGroup(T("group")));
+ EXPECT_TRUE(CheckGroupSize("another_group", 4_GiB));
+ EXPECT_TRUE(CheckSize("system", 2_GiB));
+ EXPECT_TRUE(CheckGroupName("system", "another_group"));
+ EXPECT_TRUE(CheckSize("vendor", 1_GiB));
+ EXPECT_TRUE(CheckGroupName("vendor", "another_group"));
+ EXPECT_TRUE(CheckSize("product", 1_GiB));
+ EXPECT_TRUE(CheckGroupName("product", "another_group"));
+}
+
+INSTANTIATE_TEST_SUITE_P(, SnapshotMetadataUpdaterTest, testing::Values(0, 1));
+
+} // namespace snapshot
+} // namespace android
diff --git a/fs_mgr/libsnapshot/snapshot_test.cpp b/fs_mgr/libsnapshot/snapshot_test.cpp
index 429fd8e..bc764fd 100644
--- a/fs_mgr/libsnapshot/snapshot_test.cpp
+++ b/fs_mgr/libsnapshot/snapshot_test.cpp
@@ -32,8 +32,10 @@
#include <libfiemap/image_manager.h>
#include <liblp/builder.h>
#include <liblp/mock_property_fetcher.h>
+#include <storage_literals/storage_literals.h>
#include "test_helpers.h"
+#include "utility.h"
namespace android {
namespace snapshot {
@@ -45,10 +47,14 @@
using android::fs_mgr::BlockDeviceInfo;
using android::fs_mgr::CreateLogicalPartitionParams;
using android::fs_mgr::DestroyLogicalPartition;
+using android::fs_mgr::GetPartitionGroupName;
using android::fs_mgr::GetPartitionName;
using android::fs_mgr::MetadataBuilder;
+using chromeos_update_engine::DeltaArchiveManifest;
+using chromeos_update_engine::PartitionUpdate;
using namespace ::testing;
using namespace android::fs_mgr::testing;
+using namespace android::storage_literals;
using namespace std::chrono_literals;
using namespace std::string_literals;
@@ -58,7 +64,8 @@
TestDeviceInfo* test_device = nullptr;
std::string fake_super;
-static constexpr uint64_t kSuperSize = 16 * 1024 * 1024;
+static constexpr uint64_t kSuperSize = 16_MiB + 4_KiB;
+static constexpr uint64_t kGroupSize = 16_MiB;
class SnapshotTest : public ::testing::Test {
public:
@@ -105,7 +112,7 @@
std::vector<std::string> snapshots = {"test-snapshot", "test_partition_a",
"test_partition_b"};
for (const auto& snapshot : snapshots) {
- DeleteSnapshotDevice(snapshot);
+ ASSERT_TRUE(DeleteSnapshotDevice(snapshot));
DeleteBackingImage(image_manager_, snapshot + "-cow-img");
auto status_file = sm->GetSnapshotStatusFilePath(snapshot);
@@ -211,15 +218,52 @@
return true;
}
- void DeleteSnapshotDevice(const std::string& snapshot) {
- DeleteDevice(snapshot);
- DeleteDevice(snapshot + "-inner");
- ASSERT_TRUE(image_manager_->UnmapImageIfExists(snapshot + "-cow-img"));
- }
- void DeleteDevice(const std::string& device) {
- if (dm_.GetState(device) != DmDeviceState::INVALID) {
- ASSERT_TRUE(dm_.DeleteDevice(device));
+ AssertionResult DeleteSnapshotDevice(const std::string& snapshot) {
+ AssertionResult res = AssertionSuccess();
+ if (!(res = DeleteDevice(snapshot))) return res;
+ if (!(res = DeleteDevice(snapshot + "-inner"))) return res;
+ if (!(res = DeleteDevice(snapshot + "-cow"))) return res;
+ if (!image_manager_->UnmapImageIfExists(snapshot + "-cow-img")) {
+ return AssertionFailure() << "Cannot unmap image " << snapshot << "-cow-img";
}
+ if (!(res = DeleteDevice(snapshot + "-base"))) return res;
+ return AssertionSuccess();
+ }
+
+ AssertionResult DeleteDevice(const std::string& device) {
+ if (!dm_.DeleteDeviceIfExists(device)) {
+ return AssertionFailure() << "Can't delete " << device;
+ }
+ return AssertionSuccess();
+ }
+
+ AssertionResult CreateCowImage(const std::string& name) {
+ if (!sm->CreateCowImage(lock_.get(), name)) {
+ return AssertionFailure() << "Cannot create COW image " << name;
+ }
+ std::string cow_device;
+ auto map_res = MapCowImage(name, 10s, &cow_device);
+ if (!map_res) {
+ return map_res;
+ }
+ if (!InitializeCow(cow_device)) {
+ return AssertionFailure() << "Cannot zero fill " << cow_device;
+ }
+ if (!sm->UnmapCowImage(name)) {
+ return AssertionFailure() << "Cannot unmap " << name << " after zero filling it";
+ }
+ return AssertionSuccess();
+ }
+
+ AssertionResult MapCowImage(const std::string& name,
+ const std::chrono::milliseconds& timeout_ms, std::string* path) {
+ if (!sm->MapCowImage(name, timeout_ms)) {
+ return AssertionFailure() << "Cannot map cow image " << name;
+ }
+ if (!dm_.GetDmDevicePathByName(name + "-cow-img"s, path)) {
+ return AssertionFailure() << "No path for " << name << "-cow-img";
+ }
+ return AssertionSuccess();
}
DeviceMapper& dm_;
@@ -236,7 +280,7 @@
{.device_size = kDeviceSize,
.snapshot_size = kDeviceSize,
.cow_file_size = kDeviceSize}));
- ASSERT_TRUE(sm->CreateCowImage(lock_.get(), "test-snapshot"));
+ ASSERT_TRUE(CreateCowImage("test-snapshot"));
std::vector<std::string> snapshots;
ASSERT_TRUE(sm->ListSnapshots(lock_.get(), &snapshots));
@@ -265,13 +309,13 @@
{.device_size = kDeviceSize,
.snapshot_size = kDeviceSize,
.cow_file_size = kDeviceSize}));
- ASSERT_TRUE(sm->CreateCowImage(lock_.get(), "test-snapshot"));
+ ASSERT_TRUE(CreateCowImage("test-snapshot"));
std::string base_device;
ASSERT_TRUE(CreatePartition("base-device", kDeviceSize, &base_device));
std::string cow_device;
- ASSERT_TRUE(sm->MapCowImage("test-snapshot", 10s, &cow_device));
+ ASSERT_TRUE(MapCowImage("test-snapshot", 10s, &cow_device));
std::string snap_device;
ASSERT_TRUE(sm->MapSnapshot(lock_.get(), "test-snapshot", base_device, cow_device, 10s,
@@ -288,13 +332,13 @@
{.device_size = kDeviceSize,
.snapshot_size = kSnapshotSize,
.cow_file_size = kSnapshotSize}));
- ASSERT_TRUE(sm->CreateCowImage(lock_.get(), "test-snapshot"));
+ ASSERT_TRUE(CreateCowImage("test-snapshot"));
std::string base_device;
ASSERT_TRUE(CreatePartition("base-device", kDeviceSize, &base_device));
std::string cow_device;
- ASSERT_TRUE(sm->MapCowImage("test-snapshot", 10s, &cow_device));
+ ASSERT_TRUE(MapCowImage("test-snapshot", 10s, &cow_device));
std::string snap_device;
ASSERT_TRUE(sm->MapSnapshot(lock_.get(), "test-snapshot", base_device, cow_device, 10s,
@@ -344,8 +388,8 @@
{.device_size = kDeviceSize,
.snapshot_size = kDeviceSize,
.cow_file_size = kDeviceSize}));
- ASSERT_TRUE(sm->CreateCowImage(lock_.get(), "test_partition_b"));
- ASSERT_TRUE(sm->MapCowImage("test_partition_b", 10s, &cow_device));
+ ASSERT_TRUE(CreateCowImage("test_partition_b"));
+ ASSERT_TRUE(MapCowImage("test_partition_b", 10s, &cow_device));
ASSERT_TRUE(sm->MapSnapshot(lock_.get(), "test_partition_b", base_device, cow_device, 10s,
&snap_device));
@@ -403,11 +447,11 @@
{.device_size = kDeviceSize,
.snapshot_size = kDeviceSize,
.cow_file_size = kDeviceSize}));
- ASSERT_TRUE(sm->CreateCowImage(lock_.get(), "test-snapshot"));
+ ASSERT_TRUE(CreateCowImage("test-snapshot"));
std::string base_device, cow_device, snap_device;
ASSERT_TRUE(CreatePartition("base-device", kDeviceSize, &base_device));
- ASSERT_TRUE(sm->MapCowImage("test-snapshot", 10s, &cow_device));
+ ASSERT_TRUE(MapCowImage("test-snapshot", 10s, &cow_device));
ASSERT_TRUE(sm->MapSnapshot(lock_.get(), "test-snapshot", base_device, cow_device, 10s,
&snap_device));
@@ -433,11 +477,11 @@
// Wait 1s, otherwise DeleteSnapshotDevice may fail with EBUSY.
sleep(1);
// Forcefully delete the snapshot device, so it looks like we just rebooted.
- DeleteSnapshotDevice("test-snapshot");
+ ASSERT_TRUE(DeleteSnapshotDevice("test-snapshot"));
// Map snapshot should fail now, because we're in a merge-complete state.
ASSERT_TRUE(AcquireLock());
- ASSERT_TRUE(sm->MapCowImage("test-snapshot", 10s, &cow_device));
+ ASSERT_TRUE(MapCowImage("test-snapshot", 10s, &cow_device));
ASSERT_FALSE(sm->MapSnapshot(lock_.get(), "test-snapshot", base_device, cow_device, 10s,
&snap_device));
@@ -462,7 +506,7 @@
{.device_size = kDeviceSize,
.snapshot_size = kDeviceSize,
.cow_file_size = kDeviceSize}));
- ASSERT_TRUE(sm->CreateCowImage(lock_.get(), "test_partition_b"));
+ ASSERT_TRUE(CreateCowImage("test_partition_b"));
// Simulate a reboot into the new slot.
lock_ = nullptr;
@@ -504,7 +548,7 @@
{.device_size = kDeviceSize,
.snapshot_size = kDeviceSize,
.cow_file_size = kDeviceSize}));
- ASSERT_TRUE(sm->CreateCowImage(lock_.get(), "test_partition_b"));
+ ASSERT_TRUE(CreateCowImage("test_partition_b"));
// Simulate a reboot into the new slot.
lock_ = nullptr;
@@ -552,7 +596,7 @@
{.device_size = kDeviceSize,
.snapshot_size = kDeviceSize,
.cow_file_size = kDeviceSize}));
- ASSERT_TRUE(sm->CreateCowImage(lock_.get(), "test_partition_b"));
+ ASSERT_TRUE(CreateCowImage("test_partition_b"));
// Simulate a reboot into the new slot.
lock_ = nullptr;
@@ -570,7 +614,7 @@
// Now, reflash super. Note that we haven't called ProcessUpdateState, so the
// status is still Merging.
- DeleteSnapshotDevice("test_partition_b");
+ ASSERT_TRUE(DeleteSnapshotDevice("test_partition_b"));
ASSERT_TRUE(init->image_manager()->UnmapImageIfExists("test_partition_b-cow-img"));
FormatFakeSuper();
ASSERT_TRUE(CreatePartition("test_partition_b", kDeviceSize));
@@ -583,6 +627,378 @@
ASSERT_EQ(sm->GetUpdateState(), UpdateState::None);
}
+class SnapshotUpdateTest : public SnapshotTest {
+ public:
+ void SetUp() override {
+ SnapshotTest::SetUp();
+ Cleanup();
+
+ // Cleanup() changes slot suffix, so initialize it again.
+ test_device->set_slot_suffix("_a");
+
+ ON_CALL(*GetMockedPropertyFetcher(), GetBoolProperty("ro.virtual_ab.enabled", _))
+ .WillByDefault(Return(true));
+
+ opener_ = std::make_unique<TestPartitionOpener>(fake_super);
+
+ // Create a fake update package metadata.
+ // Not using full name "system", "vendor", "product" because these names collide with the
+ // mapped partitions on the running device.
+ // Each test modifies manifest_ slightly to indicate changes to the partition layout.
+ auto group = manifest_.mutable_dynamic_partition_metadata()->add_groups();
+ group->set_name("group");
+ group->set_size(kGroupSize);
+ group->add_partition_names("sys");
+ group->add_partition_names("vnd");
+ group->add_partition_names("prd");
+ sys_ = manifest_.add_partitions();
+ sys_->set_partition_name("sys");
+ SetSize(sys_, 3_MiB);
+ vnd_ = manifest_.add_partitions();
+ vnd_->set_partition_name("vnd");
+ SetSize(vnd_, 3_MiB);
+ prd_ = manifest_.add_partitions();
+ prd_->set_partition_name("prd");
+ SetSize(prd_, 3_MiB);
+
+ // Initialize source partition metadata using |manifest_|.
+ src_ = MetadataBuilder::New(*opener_, "super", 0);
+ ASSERT_TRUE(FillFakeMetadata(src_.get(), manifest_, "_a"));
+ ASSERT_NE(nullptr, src_);
+ // Add sys_b which is like system_other.
+ auto partition = src_->AddPartition("sys_b", 0);
+ ASSERT_NE(nullptr, partition);
+ ASSERT_TRUE(src_->ResizePartition(partition, 1_MiB));
+ auto metadata = src_->Export();
+ ASSERT_NE(nullptr, metadata);
+ ASSERT_TRUE(UpdatePartitionTable(*opener_, "super", *metadata.get(), 0));
+
+ // Map source partitions. Additionally, map sys_b to simulate system_other after flashing.
+ std::string path;
+ for (const auto& name : {"sys_a", "vnd_a", "prd_a", "sys_b"}) {
+ ASSERT_TRUE(CreateLogicalPartition(
+ CreateLogicalPartitionParams{
+ .block_device = fake_super,
+ .metadata_slot = 0,
+ .partition_name = name,
+ .timeout_ms = 1s,
+ .partition_opener = opener_.get(),
+ },
+ &path));
+ ASSERT_TRUE(WriteRandomData(path));
+ auto hash = GetHash(path);
+ ASSERT_TRUE(hash.has_value());
+ hashes_[name] = *hash;
+ }
+ }
+ void TearDown() override {
+ Cleanup();
+ SnapshotTest::TearDown();
+ }
+ void Cleanup() {
+ if (!image_manager_) {
+ InitializeState();
+ }
+ for (const auto& suffix : {"_a", "_b"}) {
+ test_device->set_slot_suffix(suffix);
+ EXPECT_TRUE(sm->CancelUpdate()) << suffix;
+ }
+ EXPECT_TRUE(UnmapAll());
+ }
+
+ AssertionResult IsPartitionUnchanged(const std::string& name) {
+ std::string path;
+ if (!dm_.GetDmDevicePathByName(name, &path)) {
+ return AssertionFailure() << "Path of " << name << " cannot be determined";
+ }
+ auto hash = GetHash(path);
+ if (!hash.has_value()) {
+ return AssertionFailure() << "Cannot read partition " << name << ": " << path;
+ }
+ if (hashes_[name] != *hash) {
+ return AssertionFailure() << "Content of " << name << " has changed after the merge";
+ }
+ return AssertionSuccess();
+ }
+
+ std::optional<uint64_t> GetSnapshotSize(const std::string& name) {
+ if (!AcquireLock()) {
+ return std::nullopt;
+ }
+ auto local_lock = std::move(lock_);
+
+ SnapshotManager::SnapshotStatus status;
+ if (!sm->ReadSnapshotStatus(local_lock.get(), name, &status)) {
+ return std::nullopt;
+ }
+ return status.snapshot_size;
+ }
+
+ AssertionResult UnmapAll() {
+ for (const auto& name : {"sys", "vnd", "prd"}) {
+ if (!dm_.DeleteDeviceIfExists(name + "_a"s)) {
+ return AssertionFailure() << "Cannot unmap " << name << "_a";
+ }
+ if (!DeleteSnapshotDevice(name + "_b"s)) {
+ return AssertionFailure() << "Cannot delete snapshot " << name << "_b";
+ }
+ }
+ return AssertionSuccess();
+ }
+
+ std::unique_ptr<TestPartitionOpener> opener_;
+ DeltaArchiveManifest manifest_;
+ std::unique_ptr<MetadataBuilder> src_;
+ std::map<std::string, std::string> hashes_;
+
+ PartitionUpdate* sys_ = nullptr;
+ PartitionUpdate* vnd_ = nullptr;
+ PartitionUpdate* prd_ = nullptr;
+};
+
+// Test full update flow executed by update_engine. Some partitions uses super empty space,
+// some uses images, and some uses both.
+// Also test UnmapUpdateSnapshot unmaps everything.
+// Also test first stage mount and merge after this.
+TEST_F(SnapshotUpdateTest, FullUpdateFlow) {
+ // OTA client calls BeginUpdate before doing anything.
+ ASSERT_TRUE(sm->BeginUpdate());
+
+ // OTA client blindly unmaps all partitions that are possibly mapped.
+ for (const auto& name : {"sys_b", "vnd_b", "prd_b"}) {
+ ASSERT_TRUE(sm->UnmapUpdateSnapshot(name));
+ }
+
+ // Grow all partitions.
+ SetSize(sys_, 4_MiB);
+ SetSize(vnd_, 4_MiB);
+ SetSize(prd_, 4_MiB);
+
+ ASSERT_TRUE(sm->CreateUpdateSnapshots(manifest_));
+
+ // Test that partitions prioritize using space in super.
+ auto tgt = MetadataBuilder::New(*opener_, "super", 1);
+ ASSERT_NE(nullptr, tgt->FindPartition("sys_b-cow"));
+ ASSERT_NE(nullptr, tgt->FindPartition("vnd_b-cow"));
+ ASSERT_EQ(nullptr, tgt->FindPartition("prd_b-cow"));
+
+ // Write some data to target partitions.
+ for (const auto& name : {"sys_b", "vnd_b", "prd_b"}) {
+ std::string path;
+ ASSERT_TRUE(sm->MapUpdateSnapshot(
+ CreateLogicalPartitionParams{
+ .block_device = fake_super,
+ .metadata_slot = 1,
+ .partition_name = name,
+ .timeout_ms = 10s,
+ .partition_opener = opener_.get(),
+ },
+ &path))
+ << name;
+ ASSERT_TRUE(WriteRandomData(path));
+ auto hash = GetHash(path);
+ ASSERT_TRUE(hash.has_value());
+ hashes_[name] = *hash;
+ }
+
+ // Assert that source partitions aren't affected.
+ for (const auto& name : {"sys_a", "vnd_a", "prd_a"}) {
+ ASSERT_TRUE(IsPartitionUnchanged(name));
+ }
+
+ ASSERT_TRUE(sm->FinishedSnapshotWrites());
+
+ // Simulate shutting down the device.
+ ASSERT_TRUE(UnmapAll());
+
+ // After reboot, init does first stage mount.
+ auto rebooted = new TestDeviceInfo(fake_super);
+ rebooted->set_slot_suffix("_b");
+ auto init = SnapshotManager::NewForFirstStageMount(rebooted);
+ ASSERT_NE(init, nullptr);
+ ASSERT_TRUE(init->NeedSnapshotsInFirstStageMount());
+ ASSERT_TRUE(init->CreateLogicalAndSnapshotPartitions("super"));
+
+ // Check that the target partitions have the same content.
+ for (const auto& name : {"sys_b", "vnd_b", "prd_b"}) {
+ ASSERT_TRUE(IsPartitionUnchanged(name));
+ }
+
+ // Initiate the merge and wait for it to be completed.
+ ASSERT_TRUE(init->InitiateMerge());
+ ASSERT_EQ(UpdateState::MergeCompleted, init->ProcessUpdateState());
+
+ // Check that the target partitions have the same content after the merge.
+ for (const auto& name : {"sys_b", "vnd_b", "prd_b"}) {
+ ASSERT_TRUE(IsPartitionUnchanged(name))
+ << "Content of " << name << " changes after the merge";
+ }
+}
+
+// Test that if new system partitions uses empty space in super, that region is not snapshotted.
+TEST_F(SnapshotUpdateTest, DirectWriteEmptySpace) {
+ SetSize(sys_, 4_MiB);
+ // vnd_b and prd_b are unchanged.
+ ASSERT_TRUE(sm->CreateUpdateSnapshots(manifest_));
+ ASSERT_EQ(3_MiB, GetSnapshotSize("sys_b").value_or(0));
+}
+
+// Test that if new system partitions uses space of old vendor partition, that region is
+// snapshotted.
+TEST_F(SnapshotUpdateTest, SnapshotOldPartitions) {
+ SetSize(sys_, 4_MiB); // grows
+ SetSize(vnd_, 2_MiB); // shrinks
+ // prd_b is unchanged
+ ASSERT_TRUE(sm->CreateUpdateSnapshots(manifest_));
+ ASSERT_EQ(4_MiB, GetSnapshotSize("sys_b").value_or(0));
+}
+
+// Test that even if there seem to be empty space in target metadata, COW partition won't take
+// it because they are used by old partitions.
+TEST_F(SnapshotUpdateTest, CowPartitionDoNotTakeOldPartitions) {
+ SetSize(sys_, 2_MiB); // shrinks
+ // vnd_b and prd_b are unchanged.
+ ASSERT_TRUE(sm->CreateUpdateSnapshots(manifest_));
+
+ auto tgt = MetadataBuilder::New(*opener_, "super", 1);
+ ASSERT_NE(nullptr, tgt);
+ auto metadata = tgt->Export();
+ ASSERT_NE(nullptr, metadata);
+ std::vector<std::string> written;
+ // Write random data to all COW partitions in super
+ for (auto p : metadata->partitions) {
+ if (GetPartitionGroupName(metadata->groups[p.group_index]) != kCowGroupName) {
+ continue;
+ }
+ std::string path;
+ ASSERT_TRUE(CreateLogicalPartition(
+ CreateLogicalPartitionParams{
+ .block_device = fake_super,
+ .metadata = metadata.get(),
+ .partition = &p,
+ .timeout_ms = 1s,
+ .partition_opener = opener_.get(),
+ },
+ &path));
+ ASSERT_TRUE(WriteRandomData(path));
+ written.push_back(GetPartitionName(p));
+ }
+ ASSERT_FALSE(written.empty())
+ << "No COW partitions are created even if there are empty space in super partition";
+
+ // Make sure source partitions aren't affected.
+ for (const auto& name : {"sys_a", "vnd_a", "prd_a"}) {
+ ASSERT_TRUE(IsPartitionUnchanged(name));
+ }
+}
+
+// Test that it crashes after creating snapshot status file but before creating COW image, then
+// calling CreateUpdateSnapshots again works.
+TEST_F(SnapshotUpdateTest, SnapshotStatusFileWithoutCow) {
+ // Write some trash snapshot files to simulate leftovers from previous runs.
+ {
+ ASSERT_TRUE(AcquireLock());
+ auto local_lock = std::move(lock_);
+ ASSERT_TRUE(sm->WriteSnapshotStatus(local_lock.get(), "sys_b",
+ SnapshotManager::SnapshotStatus{}));
+ ASSERT_TRUE(image_manager_->CreateBackingImage("sys_b-cow-img", 1_MiB,
+ IImageManager::CREATE_IMAGE_DEFAULT));
+ }
+
+ // Redo the update.
+ ASSERT_TRUE(sm->BeginUpdate());
+ ASSERT_TRUE(sm->UnmapUpdateSnapshot("sys_b"));
+
+ ASSERT_TRUE(sm->CreateUpdateSnapshots(manifest_));
+
+ // Check that target partitions can be mapped.
+ for (const auto& name : {"sys_b", "vnd_b", "prd_b"}) {
+ std::string path;
+ EXPECT_TRUE(sm->MapUpdateSnapshot(
+ CreateLogicalPartitionParams{
+ .block_device = fake_super,
+ .metadata_slot = 1,
+ .partition_name = name,
+ .timeout_ms = 10s,
+ .partition_opener = opener_.get(),
+ },
+ &path))
+ << name;
+ }
+}
+
+// Test that the old partitions are not modified.
+TEST_F(SnapshotUpdateTest, TestRollback) {
+ // Execute the update.
+ ASSERT_TRUE(sm->BeginUpdate());
+ ASSERT_TRUE(sm->UnmapUpdateSnapshot("sys_b"));
+
+ ASSERT_TRUE(sm->CreateUpdateSnapshots(manifest_));
+
+ // Write some data to target partitions.
+ for (const auto& name : {"sys_b", "vnd_b", "prd_b"}) {
+ std::string path;
+ ASSERT_TRUE(sm->MapUpdateSnapshot(
+ CreateLogicalPartitionParams{
+ .block_device = fake_super,
+ .metadata_slot = 1,
+ .partition_name = name,
+ .timeout_ms = 10s,
+ .partition_opener = opener_.get(),
+ },
+ &path))
+ << name;
+ ASSERT_TRUE(WriteRandomData(path));
+ auto hash = GetHash(path);
+ ASSERT_TRUE(hash.has_value());
+ hashes_[name] = *hash;
+ }
+
+ // Assert that source partitions aren't affected.
+ for (const auto& name : {"sys_a", "vnd_a", "prd_a"}) {
+ ASSERT_TRUE(IsPartitionUnchanged(name));
+ }
+
+ ASSERT_TRUE(sm->FinishedSnapshotWrites());
+
+ // Simulate shutting down the device.
+ ASSERT_TRUE(UnmapAll());
+
+ // After reboot, init does first stage mount.
+ auto rebooted = new TestDeviceInfo(fake_super);
+ rebooted->set_slot_suffix("_b");
+ auto init = SnapshotManager::NewForFirstStageMount(rebooted);
+ ASSERT_NE(init, nullptr);
+ ASSERT_TRUE(init->NeedSnapshotsInFirstStageMount());
+ ASSERT_TRUE(init->CreateLogicalAndSnapshotPartitions("super"));
+
+ // Check that the target partitions have the same content.
+ for (const auto& name : {"sys_b", "vnd_b", "prd_b"}) {
+ ASSERT_TRUE(IsPartitionUnchanged(name));
+ }
+
+ // Simulate shutting down the device again.
+ ASSERT_TRUE(UnmapAll());
+ rebooted = new TestDeviceInfo(fake_super);
+ rebooted->set_slot_suffix("_a");
+ init = SnapshotManager::NewForFirstStageMount(rebooted);
+ ASSERT_NE(init, nullptr);
+ ASSERT_FALSE(init->NeedSnapshotsInFirstStageMount());
+ ASSERT_TRUE(init->CreateLogicalAndSnapshotPartitions("super"));
+
+ // Assert that the source partitions aren't affected.
+ for (const auto& name : {"sys_a", "vnd_a", "prd_a"}) {
+ ASSERT_TRUE(IsPartitionUnchanged(name));
+ }
+}
+
+// Test that if an update is applied but not booted into, it can be canceled.
+TEST_F(SnapshotUpdateTest, CancelAfterApply) {
+ ASSERT_TRUE(sm->BeginUpdate());
+ ASSERT_TRUE(sm->FinishedSnapshotWrites());
+ ASSERT_TRUE(sm->CancelUpdate());
+}
+
} // namespace snapshot
} // namespace android
@@ -624,6 +1040,7 @@
}
// Clean up previous run.
+ SnapshotUpdateTest().Cleanup();
SnapshotTest().Cleanup();
// Use a separate image manager for our fake super partition.
diff --git a/fs_mgr/libsnapshot/snapshotctl.cpp b/fs_mgr/libsnapshot/snapshotctl.cpp
new file mode 100644
index 0000000..d65320c
--- /dev/null
+++ b/fs_mgr/libsnapshot/snapshotctl.cpp
@@ -0,0 +1,115 @@
+//
+// Copyright (C) 2019 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+#include <sysexits.h>
+
+#include <chrono>
+#include <iostream>
+#include <map>
+
+#include <android-base/logging.h>
+#include <libsnapshot/snapshot.h>
+
+using namespace std::string_literals;
+
+int Usage() {
+ std::cerr << "snapshotctl: Control snapshots.\n"
+ "Usage: snapshotctl [action] [flags]\n"
+ "Actions:\n"
+ " dump\n"
+ " Print snapshot states.\n"
+ " merge [--logcat]\n"
+ " Initialize merge and wait for it to be completed.\n"
+ " If --logcat is specified, log to logcat. Otherwise, log to stdout.\n";
+ return EX_USAGE;
+}
+
+namespace android {
+namespace snapshot {
+
+bool DumpCmdHandler(int /*argc*/, char** argv) {
+ android::base::InitLogging(argv, &android::base::StderrLogger);
+ return SnapshotManager::New()->Dump(std::cout);
+}
+
+bool MergeCmdHandler(int argc, char** argv) {
+ auto begin = std::chrono::steady_clock::now();
+
+ bool log_to_logcat = false;
+ for (int i = 2; i < argc; ++i) {
+ if (argv[i] == "--logcat"s) {
+ log_to_logcat = true;
+ }
+ }
+ if (log_to_logcat) {
+ android::base::InitLogging(argv);
+ } else {
+ android::base::InitLogging(argv, &android::base::StdioLogger);
+ }
+
+ auto sm = SnapshotManager::New();
+
+ auto state = sm->GetUpdateState();
+ if (state == UpdateState::None) {
+ LOG(INFO) << "Can't find any snapshot to merge.";
+ return true;
+ }
+ if (state == UpdateState::Unverified) {
+ if (!sm->InitiateMerge()) {
+ LOG(ERROR) << "Failed to initiate merge.";
+ return false;
+ }
+ }
+
+ // All other states can be handled by ProcessUpdateState.
+ LOG(INFO) << "Waiting for any merge to complete. This can take up to 1 minute.";
+ state = SnapshotManager::New()->ProcessUpdateState();
+
+ if (state == UpdateState::MergeCompleted) {
+ auto end = std::chrono::steady_clock::now();
+ auto passed = std::chrono::duration_cast<std::chrono::milliseconds>(end - begin).count();
+ LOG(INFO) << "Snapshot merged in " << passed << " ms.";
+ return true;
+ }
+
+ LOG(ERROR) << "Snapshot failed to merge with state \"" << state << "\".";
+ return false;
+}
+
+static std::map<std::string, std::function<bool(int, char**)>> kCmdMap = {
+ // clang-format off
+ {"dump", DumpCmdHandler},
+ {"merge", MergeCmdHandler},
+ // clang-format on
+};
+
+} // namespace snapshot
+} // namespace android
+
+int main(int argc, char** argv) {
+ using namespace android::snapshot;
+ if (argc < 2) {
+ return Usage();
+ }
+
+ for (const auto& cmd : kCmdMap) {
+ if (cmd.first == argv[1]) {
+ return cmd.second(argc, argv) ? EX_OK : EX_SOFTWARE;
+ }
+ }
+
+ return Usage();
+}
diff --git a/fs_mgr/libsnapshot/snapshotctl.rc b/fs_mgr/libsnapshot/snapshotctl.rc
new file mode 100644
index 0000000..29707f1
--- /dev/null
+++ b/fs_mgr/libsnapshot/snapshotctl.rc
@@ -0,0 +1,2 @@
+on property:sys.boot_completed=1
+ exec - root root -- /system/bin/snapshotctl merge --logcat
diff --git a/fs_mgr/libsnapshot/test_helpers.cpp b/fs_mgr/libsnapshot/test_helpers.cpp
index f67dd21..1a6a593 100644
--- a/fs_mgr/libsnapshot/test_helpers.cpp
+++ b/fs_mgr/libsnapshot/test_helpers.cpp
@@ -14,12 +14,21 @@
#include "test_helpers.h"
+#include <android-base/file.h>
+#include <android-base/logging.h>
+#include <android-base/unique_fd.h>
#include <gtest/gtest.h>
+#include <openssl/sha.h>
namespace android {
namespace snapshot {
+using android::base::ReadFully;
+using android::base::unique_fd;
+using android::base::WriteFully;
using android::fiemap::IImageManager;
+using testing::AssertionFailure;
+using testing::AssertionSuccess;
void DeleteBackingImage(IImageManager* manager, const std::string& name) {
if (manager->IsImageMapped(name)) {
@@ -53,5 +62,90 @@
return PartitionOpener::GetDeviceString(partition_name);
}
+bool WriteRandomData(const std::string& path) {
+ unique_fd rand(open("/dev/urandom", O_RDONLY));
+ unique_fd fd(open(path.c_str(), O_WRONLY));
+
+ char buf[4096];
+ while (true) {
+ ssize_t n = TEMP_FAILURE_RETRY(read(rand.get(), buf, sizeof(buf)));
+ if (n <= 0) return false;
+ if (!WriteFully(fd.get(), buf, n)) {
+ if (errno == ENOSPC) {
+ return true;
+ }
+ PLOG(ERROR) << "Cannot write " << path;
+ return false;
+ }
+ }
+}
+
+std::string ToHexString(const uint8_t* buf, size_t len) {
+ char lookup[] = "0123456789abcdef";
+ std::string out(len * 2 + 1, '\0');
+ char* outp = out.data();
+ for (; len > 0; len--, buf++) {
+ *outp++ = (char)lookup[*buf >> 4];
+ *outp++ = (char)lookup[*buf & 0xf];
+ }
+ return out;
+}
+
+std::optional<std::string> GetHash(const std::string& path) {
+ unique_fd fd(open(path.c_str(), O_RDONLY));
+ char buf[4096];
+ SHA256_CTX ctx;
+ SHA256_Init(&ctx);
+ while (true) {
+ ssize_t n = TEMP_FAILURE_RETRY(read(fd.get(), buf, sizeof(buf)));
+ if (n < 0) {
+ PLOG(ERROR) << "Cannot read " << path;
+ return std::nullopt;
+ }
+ if (n == 0) {
+ break;
+ }
+ SHA256_Update(&ctx, buf, n);
+ }
+ uint8_t out[32];
+ SHA256_Final(out, &ctx);
+ return ToHexString(out, sizeof(out));
+}
+
+AssertionResult FillFakeMetadata(MetadataBuilder* builder, const DeltaArchiveManifest& manifest,
+ const std::string& suffix) {
+ for (const auto& group : manifest.dynamic_partition_metadata().groups()) {
+ if (!builder->AddGroup(group.name() + suffix, group.size())) {
+ return AssertionFailure()
+ << "Cannot add group " << group.name() << " with size " << group.size();
+ }
+ for (const auto& partition_name : group.partition_names()) {
+ auto p = builder->AddPartition(partition_name + suffix, group.name() + suffix,
+ 0 /* attr */);
+ if (!p) {
+ return AssertionFailure() << "Cannot add partition " << partition_name + suffix
+ << " to group " << group.name() << suffix;
+ }
+ }
+ }
+ for (const auto& partition : manifest.partitions()) {
+ auto p = builder->FindPartition(partition.partition_name() + suffix);
+ if (!p) {
+ return AssertionFailure() << "Cannot resize partition " << partition.partition_name()
+ << suffix << "; it is not found.";
+ }
+ if (!builder->ResizePartition(p, partition.new_partition_info().size())) {
+ return AssertionFailure()
+ << "Cannot resize partition " << partition.partition_name() << suffix
+ << " to size " << partition.new_partition_info().size();
+ }
+ }
+ return AssertionSuccess();
+}
+
+void SetSize(PartitionUpdate* partition_update, uint64_t size) {
+ partition_update->mutable_new_partition_info()->set_size(size);
+}
+
} // namespace snapshot
} // namespace android
diff --git a/fs_mgr/libsnapshot/test_helpers.h b/fs_mgr/libsnapshot/test_helpers.h
index 9f582d9..0303a14 100644
--- a/fs_mgr/libsnapshot/test_helpers.h
+++ b/fs_mgr/libsnapshot/test_helpers.h
@@ -14,15 +14,23 @@
#pragma once
+#include <optional>
#include <string>
+#include <gtest/gtest.h>
#include <libfiemap/image_manager.h>
#include <liblp/partition_opener.h>
#include <libsnapshot/snapshot.h>
+#include <update_engine/update_metadata.pb.h>
namespace android {
namespace snapshot {
+using android::fs_mgr::MetadataBuilder;
+using chromeos_update_engine::DeltaArchiveManifest;
+using chromeos_update_engine::PartitionUpdate;
+using testing::AssertionResult;
+
using namespace std::string_literals;
// Redirect requests for "super" to our fake super partition.
@@ -47,10 +55,12 @@
std::string GetGsidDir() const override { return "ota/test"s; }
std::string GetMetadataDir() const override { return "/metadata/ota/test"s; }
std::string GetSlotSuffix() const override { return slot_suffix_; }
+ std::string GetOtherSlotSuffix() const override { return slot_suffix_ == "_a" ? "_b" : "_a"; }
std::string GetSuperDevice([[maybe_unused]] uint32_t slot) const override { return "super"; }
const android::fs_mgr::IPartitionOpener& GetPartitionOpener() const override {
return *opener_.get();
}
+ bool IsOverlayfsSetup() const override { return false; }
void set_slot_suffix(const std::string& suffix) { slot_suffix_ = suffix; }
void set_fake_super(const std::string& path) {
@@ -65,5 +75,17 @@
// Helper for error-spam-free cleanup.
void DeleteBackingImage(android::fiemap::IImageManager* manager, const std::string& name);
+// Write some random data to the given device. Will write until reaching end of the device.
+bool WriteRandomData(const std::string& device);
+
+std::optional<std::string> GetHash(const std::string& path);
+
+// Add partitions and groups described by |manifest|.
+AssertionResult FillFakeMetadata(MetadataBuilder* builder, const DeltaArchiveManifest& manifest,
+ const std::string& suffix);
+
+// In the update package metadata, set a partition with the given size.
+void SetSize(PartitionUpdate* partition_update, uint64_t size);
+
} // namespace snapshot
} // namespace android
diff --git a/fs_mgr/libsnapshot/utility.cpp b/fs_mgr/libsnapshot/utility.cpp
index 164b472..66629e8 100644
--- a/fs_mgr/libsnapshot/utility.cpp
+++ b/fs_mgr/libsnapshot/utility.cpp
@@ -14,9 +14,13 @@
#include "utility.h"
+#include <android-base/file.h>
#include <android-base/logging.h>
#include <android-base/strings.h>
+using android::fs_mgr::MetadataBuilder;
+using android::fs_mgr::Partition;
+
namespace android {
namespace snapshot {
@@ -52,5 +56,58 @@
}
}
+std::vector<Partition*> ListPartitionsWithSuffix(MetadataBuilder* builder,
+ const std::string& suffix) {
+ std::vector<Partition*> ret;
+ for (const auto& group : builder->ListGroups()) {
+ for (auto* partition : builder->ListPartitionsInGroup(group)) {
+ if (!base::EndsWith(partition->name(), suffix)) {
+ continue;
+ }
+ ret.push_back(partition);
+ }
+ }
+ return ret;
+}
+
+AutoDeleteSnapshot::~AutoDeleteSnapshot() {
+ if (!name_.empty() && !manager_->DeleteSnapshot(lock_, name_)) {
+ LOG(ERROR) << "Failed to auto delete snapshot " << name_;
+ }
+}
+
+bool InitializeCow(const std::string& device) {
+ // When the kernel creates a persistent dm-snapshot, it requires a CoW file
+ // to store the modifications. The kernel interface does not specify how
+ // the CoW is used, and there is no standard associated.
+ // By looking at the current implementation, the CoW file is treated as:
+ // - a _NEW_ snapshot if its first 32 bits are zero, so the newly created
+ // dm-snapshot device will look like a perfect copy of the origin device;
+ // - an _EXISTING_ snapshot if the first 32 bits are equal to a
+ // kernel-specified magic number and the CoW file metadata is set as valid,
+ // so it can be used to resume the last state of a snapshot device;
+ // - an _INVALID_ snapshot otherwise.
+ // To avoid zero-filling the whole CoW file when a new dm-snapshot is
+ // created, here we zero-fill only the first 32 bits. This is a temporary
+ // workaround that will be discussed again when the kernel API gets
+ // consolidated.
+ // TODO(b/139202197): Remove this hack once the kernel API is consolidated.
+ constexpr ssize_t kDmSnapZeroFillSize = 4; // 32-bit
+
+ char zeros[kDmSnapZeroFillSize] = {0};
+ android::base::unique_fd fd(open(device.c_str(), O_WRONLY | O_BINARY));
+ if (fd < 0) {
+ PLOG(ERROR) << "Can't open COW device: " << device;
+ return false;
+ }
+
+ LOG(INFO) << "Zero-filling COW device: " << device;
+ if (!android::base::WriteFully(fd, zeros, kDmSnapZeroFillSize)) {
+ PLOG(ERROR) << "Can't zero-fill COW device for " << device;
+ return false;
+ }
+ return true;
+}
+
} // namespace snapshot
} // namespace android
diff --git a/fs_mgr/libsnapshot/utility.h b/fs_mgr/libsnapshot/utility.h
index cbab472..75c694c 100644
--- a/fs_mgr/libsnapshot/utility.h
+++ b/fs_mgr/libsnapshot/utility.h
@@ -14,11 +14,15 @@
#pragma once
+#include <functional>
#include <string>
#include <android-base/macros.h>
#include <libdm/dm.h>
#include <libfiemap/image_manager.h>
+#include <liblp/builder.h>
+#include <libsnapshot/snapshot.h>
+#include <update_engine/update_metadata.pb.h>
namespace android {
namespace snapshot {
@@ -81,5 +85,27 @@
android::fiemap::IImageManager* images_ = nullptr;
};
+// Automatically deletes a snapshot. |name| should be the name of the partition, e.g. "system_a".
+// Client is responsible for maintaining the lifetime of |manager| and |lock|.
+struct AutoDeleteSnapshot : AutoDevice {
+ AutoDeleteSnapshot(SnapshotManager* manager, SnapshotManager::LockedFile* lock,
+ const std::string& name)
+ : AutoDevice(name), manager_(manager), lock_(lock) {}
+ AutoDeleteSnapshot(AutoDeleteSnapshot&& other);
+ ~AutoDeleteSnapshot();
+
+ private:
+ DISALLOW_COPY_AND_ASSIGN(AutoDeleteSnapshot);
+ SnapshotManager* manager_ = nullptr;
+ SnapshotManager::LockedFile* lock_ = nullptr;
+};
+
+// Return a list of partitions in |builder| with the name ending in |suffix|.
+std::vector<android::fs_mgr::Partition*> ListPartitionsWithSuffix(
+ android::fs_mgr::MetadataBuilder* builder, const std::string& suffix);
+
+// Initialize a device before using it as the COW device for a dm-snapshot device.
+bool InitializeCow(const std::string& device);
+
} // namespace snapshot
} // namespace android
diff --git a/fs_mgr/libstorage_literals/Android.bp b/fs_mgr/libstorage_literals/Android.bp
new file mode 100644
index 0000000..11611dd
--- /dev/null
+++ b/fs_mgr/libstorage_literals/Android.bp
@@ -0,0 +1,6 @@
+
+cc_library_headers {
+ name: "libstorage_literals_headers",
+ host_supported: true,
+ export_include_dirs: ["."],
+}
diff --git a/fs_mgr/libstorage_literals/storage_literals/storage_literals.h b/fs_mgr/libstorage_literals/storage_literals/storage_literals.h
new file mode 100644
index 0000000..ac0dfbd
--- /dev/null
+++ b/fs_mgr/libstorage_literals/storage_literals/storage_literals.h
@@ -0,0 +1,77 @@
+// Copyright (C) 2019 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#pragma once
+
+#include <stdint.h>
+#include <stdlib.h>
+
+namespace android {
+namespace storage_literals {
+
+template <size_t Power>
+struct Size {
+ static constexpr size_t power = Power;
+ explicit constexpr Size(uint64_t count) : value_(count) {}
+
+ constexpr uint64_t bytes() const { return value_ << power; }
+ constexpr uint64_t count() const { return value_; }
+ constexpr operator uint64_t() const { return bytes(); }
+
+ private:
+ uint64_t value_;
+};
+
+using B = Size<0>;
+using KiB = Size<10>;
+using MiB = Size<20>;
+using GiB = Size<30>;
+
+constexpr B operator""_B(unsigned long long v) { // NOLINT
+ return B{v};
+}
+
+constexpr KiB operator""_KiB(unsigned long long v) { // NOLINT
+ return KiB{v};
+}
+
+constexpr MiB operator""_MiB(unsigned long long v) { // NOLINT
+ return MiB{v};
+}
+
+constexpr GiB operator""_GiB(unsigned long long v) { // NOLINT
+ return GiB{v};
+}
+
+template <typename Dest, typename Src>
+constexpr Dest size_cast(Src src) {
+ if (Src::power < Dest::power) {
+ return Dest(src.count() >> (Dest::power - Src::power));
+ }
+ if (Src::power > Dest::power) {
+ return Dest(src.count() << (Src::power - Dest::power));
+ }
+ return Dest(src.count());
+}
+
+static_assert(1_B == 1);
+static_assert(1_KiB == 1 << 10);
+static_assert(1_MiB == 1 << 20);
+static_assert(1_GiB == 1 << 30);
+static_assert(size_cast<KiB>(1_B).count() == 0);
+static_assert(size_cast<KiB>(1024_B).count() == 1);
+static_assert(size_cast<KiB>(1_MiB).count() == 1024);
+
+} // namespace storage_literals
+} // namespace android
diff --git a/fs_mgr/libvbmeta/Android.bp b/fs_mgr/libvbmeta/Android.bp
new file mode 100644
index 0000000..937e0f3
--- /dev/null
+++ b/fs_mgr/libvbmeta/Android.bp
@@ -0,0 +1,52 @@
+//
+// Copyright (C) 2019 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+libvbmeta_lib_deps = [
+ "libbase",
+ "libcrypto",
+]
+
+cc_library {
+ name: "libvbmeta",
+ host_supported: true,
+ srcs: [
+ "builder.cpp",
+ "reader.cpp",
+ "utility.cpp",
+ "writer.cpp",
+ ],
+ shared_libs: [
+ "liblog",
+ ] + libvbmeta_lib_deps,
+ export_include_dirs: ["include"],
+}
+
+cc_test_host {
+ name: "libvbmeta_test",
+ static_libs: [
+ "libsparse",
+ "libvbmeta",
+ "libz",
+ ] + libvbmeta_lib_deps,
+ srcs: [
+ "builder_test.cpp",
+ "super_vbmeta_test.cpp",
+ ],
+ required: [
+ "avbtool",
+ "vbmake",
+ ],
+}
\ No newline at end of file
diff --git a/fs_mgr/libvbmeta/builder.cpp b/fs_mgr/libvbmeta/builder.cpp
new file mode 100644
index 0000000..a901a4f
--- /dev/null
+++ b/fs_mgr/libvbmeta/builder.cpp
@@ -0,0 +1,214 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "builder.h"
+
+#include <android-base/file.h>
+#include <openssl/sha.h>
+
+#include "reader.h"
+#include "utility.h"
+#include "writer.h"
+
+using android::base::ErrnoError;
+using android::base::Error;
+using android::base::Result;
+using android::base::unique_fd;
+
+namespace android {
+namespace fs_mgr {
+
+SuperVBMetaBuilder::SuperVBMetaBuilder() {}
+
+SuperVBMetaBuilder::SuperVBMetaBuilder(const int super_vbmeta_fd,
+ const std::map<std::string, std::string>& images_path)
+ : super_vbmeta_fd_(super_vbmeta_fd), images_path_(images_path) {}
+
+Result<void> SuperVBMetaBuilder::Build() {
+ for (const auto& [vbmeta_name, file_path] : images_path_) {
+ Result<std::string> content = ReadVBMetaImageFromFile(file_path);
+ if (!content) {
+ return content.error();
+ }
+
+ Result<uint8_t> vbmeta_index = AddVBMetaImage(vbmeta_name);
+ if (!vbmeta_index) {
+ return vbmeta_index.error();
+ }
+
+ Result<void> rv_export_vbmeta_image =
+ ExportVBMetaImageToFile(vbmeta_index.value(), content.value());
+ if (!rv_export_vbmeta_image) {
+ return rv_export_vbmeta_image;
+ }
+ }
+ return {};
+}
+
+Result<std::string> SuperVBMetaBuilder::ReadVBMetaImageFromFile(const std::string& file) {
+ unique_fd source_fd(TEMP_FAILURE_RETRY(open(file.c_str(), O_RDONLY | O_CLOEXEC)));
+ if (source_fd < 0) {
+ return ErrnoError() << "Couldn't open vbmeta image file " << file;
+ }
+
+ Result<uint64_t> file_size = GetFileSize(source_fd);
+ if (!file_size) {
+ return file_size.error();
+ }
+
+ if (file_size.value() > VBMETA_IMAGE_MAX_SIZE) {
+ return Error() << "vbmeta image file size " << file_size.value() << " is too large";
+ }
+
+ std::unique_ptr<uint8_t[]> buffer = std::make_unique<uint8_t[]>(VBMETA_IMAGE_MAX_SIZE);
+ if (!android::base::ReadFully(source_fd, buffer.get(), file_size.value())) {
+ return ErrnoError() << "Couldn't read vbmeta image file " << file;
+ }
+
+ return std::string(reinterpret_cast<const char*>(buffer.get()), VBMETA_IMAGE_MAX_SIZE);
+}
+
+Result<uint8_t> SuperVBMetaBuilder::GetEmptySlot() {
+ for (uint8_t i = 0; i < VBMETA_IMAGE_MAX_NUM; ++i) {
+ if ((table_.header.in_use & (1 << i)) == 0) return i;
+ }
+ return Error() << "There isn't empty slot in super vbmeta";
+}
+
+Result<uint8_t> SuperVBMetaBuilder::AddVBMetaImage(const std::string& vbmeta_name) {
+ auto desc = std::find_if(
+ table_.descriptors.begin(), table_.descriptors.end(),
+ [&vbmeta_name](const auto& entry) { return entry.vbmeta_name == vbmeta_name; });
+
+ uint8_t slot_number = 0;
+ if (desc != table_.descriptors.end()) {
+ slot_number = desc->vbmeta_index;
+ } else {
+ Result<uint8_t> new_slot = GetEmptySlot();
+ if (!new_slot) {
+ return new_slot;
+ }
+ slot_number = new_slot.value();
+
+ // insert new descriptor into table
+ InternalVBMetaDescriptor new_desc;
+ new_desc.vbmeta_index = slot_number;
+ new_desc.vbmeta_name_length = vbmeta_name.length();
+ new_desc.vbmeta_name = vbmeta_name;
+ memset(new_desc.reserved, 0, sizeof(new_desc.reserved));
+ table_.descriptors.emplace_back(std::move(new_desc));
+
+ // mark slot as in use
+ table_.header.in_use |= (1 << slot_number);
+ }
+
+ return slot_number;
+}
+
+void SuperVBMetaBuilder::DeleteVBMetaImage(const std::string& vbmeta_name) {
+ auto desc = std::find_if(
+ table_.descriptors.begin(), table_.descriptors.end(),
+ [&vbmeta_name](const auto& entry) { return entry.vbmeta_name == vbmeta_name; });
+
+ if (desc != table_.descriptors.end()) {
+ // mark slot as not in use
+ table_.header.in_use &= ~(1 << desc->vbmeta_index);
+
+ // erase descriptor in table
+ table_.descriptors.erase(desc);
+ }
+}
+
+std::unique_ptr<VBMetaTable> SuperVBMetaBuilder::ExportVBMetaTable() {
+ // calculate descriptors size
+ uint32_t descriptors_size = 0;
+ for (const auto& desc : table_.descriptors) {
+ descriptors_size += SUPER_VBMETA_DESCRIPTOR_SIZE + desc.vbmeta_name_length * sizeof(char);
+ }
+
+ // export header
+ table_.header.magic = SUPER_VBMETA_MAGIC;
+ table_.header.major_version = SUPER_VBMETA_MAJOR_VERSION;
+ table_.header.minor_version = SUPER_VBMETA_MINOR_VERSION;
+ table_.header.header_size = SUPER_VBMETA_HEADER_SIZE;
+ table_.header.total_size = SUPER_VBMETA_HEADER_SIZE + descriptors_size;
+ memset(table_.header.checksum, 0, sizeof(table_.header.checksum));
+ table_.header.descriptors_size = descriptors_size;
+ memset(table_.header.reserved, 0, sizeof(table_.header.reserved));
+ std::string serialized_table = SerializeVBMetaTable(table_);
+ ::SHA256(reinterpret_cast<const uint8_t*>(serialized_table.c_str()), table_.header.total_size,
+ &table_.header.checksum[0]);
+
+ return std::make_unique<VBMetaTable>(table_);
+}
+
+Result<void> SuperVBMetaBuilder::ExportVBMetaTableToFile() {
+ std::unique_ptr<VBMetaTable> table = ExportVBMetaTable();
+
+ std::string serialized_table = SerializeVBMetaTable(*table);
+
+ android::base::Result<void> rv_write_primary_vbmeta_table =
+ WritePrimaryVBMetaTable(super_vbmeta_fd_, serialized_table);
+ if (!rv_write_primary_vbmeta_table) {
+ return rv_write_primary_vbmeta_table;
+ }
+
+ android::base::Result<void> rv_write_backup_vbmeta_table =
+ WriteBackupVBMetaTable(super_vbmeta_fd_, serialized_table);
+ return rv_write_backup_vbmeta_table;
+}
+
+Result<void> SuperVBMetaBuilder::ExportVBMetaImageToFile(const uint8_t vbmeta_index,
+ const std::string& vbmeta_image) {
+ Result<void> rv_write_vbmeta_image =
+ WriteVBMetaImage(super_vbmeta_fd_, vbmeta_index, vbmeta_image);
+ if (!rv_write_vbmeta_image) {
+ return rv_write_vbmeta_image;
+ }
+
+ Result<void> rv_validate_vbmeta_image =
+ ValidateVBMetaImage(super_vbmeta_fd_, vbmeta_index, vbmeta_image);
+ return rv_validate_vbmeta_image;
+}
+
+bool WriteToSuperVBMetaFile(const std::string& super_vbmeta_file,
+ const std::map<std::string, std::string>& images_path) {
+ unique_fd super_vbmeta_fd(TEMP_FAILURE_RETRY(
+ open(super_vbmeta_file.c_str(), O_CREAT | O_RDWR | O_TRUNC | O_CLOEXEC, 0644)));
+ if (super_vbmeta_fd < 0) {
+ PERROR << "Couldn't open super vbmeta file " << super_vbmeta_file;
+ return false;
+ }
+
+ SuperVBMetaBuilder builder(super_vbmeta_fd, images_path);
+
+ Result<void> rv_build = builder.Build();
+ if (!rv_build) {
+ LERROR << rv_build.error();
+ return false;
+ }
+
+ Result<void> rv_export = builder.ExportVBMetaTableToFile();
+ if (!rv_export) {
+ LERROR << rv_export.error();
+ return false;
+ }
+
+ return true;
+}
+
+} // namespace fs_mgr
+} // namespace android
\ No newline at end of file
diff --git a/fs_mgr/libvbmeta/builder.h b/fs_mgr/libvbmeta/builder.h
new file mode 100644
index 0000000..58ea36a
--- /dev/null
+++ b/fs_mgr/libvbmeta/builder.h
@@ -0,0 +1,55 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include <map>
+#include <string>
+
+#include <android-base/result.h>
+
+#include "super_vbmeta_format.h"
+
+namespace android {
+namespace fs_mgr {
+
+class SuperVBMetaBuilder {
+ public:
+ SuperVBMetaBuilder();
+ SuperVBMetaBuilder(const int super_vbmeta_fd,
+ const std::map<std::string, std::string>& images_path);
+ android::base::Result<void> Build();
+ android::base::Result<std::string> ReadVBMetaImageFromFile(const std::string& file);
+ // It adds the vbmeta image in super_vbmeta and returns the index
+ // (which has the same meaning with vbmeta_index of VBMetaDescriptor).
+ android::base::Result<uint8_t> AddVBMetaImage(const std::string& vbmeta_name);
+ void DeleteVBMetaImage(const std::string& vbmeta_name);
+ std::unique_ptr<VBMetaTable> ExportVBMetaTable();
+ android::base::Result<void> ExportVBMetaTableToFile();
+ android::base::Result<void> ExportVBMetaImageToFile(const uint8_t vbmeta_index,
+ const std::string& vbmeta_image);
+
+ private:
+ android::base::Result<uint8_t> GetEmptySlot();
+
+ int super_vbmeta_fd_;
+ VBMetaTable table_;
+ // Maps vbmeta image name to vbmeta image file path.
+ std::map<std::string, std::string> images_path_;
+};
+
+} // namespace fs_mgr
+} // namespace android
\ No newline at end of file
diff --git a/fs_mgr/libvbmeta/builder_test.cpp b/fs_mgr/libvbmeta/builder_test.cpp
new file mode 100644
index 0000000..9a015fd
--- /dev/null
+++ b/fs_mgr/libvbmeta/builder_test.cpp
@@ -0,0 +1,80 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <gtest/gtest.h>
+
+#include "builder.h"
+#include "super_vbmeta_format.h"
+
+using android::base::Result;
+using android::fs_mgr::SuperVBMetaBuilder;
+
+TEST(BuilderTest, VBMetaTableBasic) {
+ std::unique_ptr<SuperVBMetaBuilder> builder = std::make_unique<SuperVBMetaBuilder>();
+ ASSERT_NE(builder, nullptr);
+
+ Result<uint8_t> vbmeta_index = builder->AddVBMetaImage("vbmeta" /* vbmeta_name */
+ );
+ EXPECT_TRUE(vbmeta_index);
+
+ Result<uint8_t> vbmeta_system_slot = builder->AddVBMetaImage("vbmeta_system" /* vbmeta_name */
+ );
+ EXPECT_TRUE(vbmeta_system_slot);
+
+ Result<uint8_t> vbmeta_vendor_slot = builder->AddVBMetaImage("vbmeta_vendor" /* vbmeta_name */
+ );
+ EXPECT_TRUE(vbmeta_vendor_slot);
+
+ builder->DeleteVBMetaImage("vbmeta_system" /* vbmeta_name */
+ );
+
+ Result<uint8_t> vbmeta_product_slot = builder->AddVBMetaImage("vbmeta_product" /* vbmeta_name */
+ );
+ EXPECT_TRUE(vbmeta_product_slot);
+
+ std::unique_ptr<VBMetaTable> table = builder->ExportVBMetaTable();
+ ASSERT_NE(table, nullptr);
+
+ // check for vbmeta table header
+ EXPECT_EQ(table->header.magic, SUPER_VBMETA_MAGIC);
+ EXPECT_EQ(table->header.major_version, SUPER_VBMETA_MAJOR_VERSION);
+ EXPECT_EQ(table->header.minor_version, SUPER_VBMETA_MINOR_VERSION);
+ EXPECT_EQ(table->header.header_size, SUPER_VBMETA_HEADER_SIZE);
+ EXPECT_EQ(table->header.total_size,
+ SUPER_VBMETA_HEADER_SIZE + SUPER_VBMETA_DESCRIPTOR_SIZE * 3 + 33);
+ EXPECT_EQ(table->header.descriptors_size, SUPER_VBMETA_DESCRIPTOR_SIZE * 3 + 33);
+
+ // Test for vbmeta table descriptors
+ EXPECT_EQ(table->descriptors.size(), 3);
+
+ EXPECT_EQ(table->descriptors[0].vbmeta_index, 0);
+ EXPECT_EQ(table->descriptors[0].vbmeta_name_length, 6);
+ for (int i = 0; i < sizeof(table->descriptors[0].reserved); i++)
+ EXPECT_EQ(table->descriptors[0].reserved[i], 0);
+ EXPECT_EQ(table->descriptors[0].vbmeta_name, "vbmeta");
+
+ EXPECT_EQ(table->descriptors[1].vbmeta_index, 2);
+ EXPECT_EQ(table->descriptors[1].vbmeta_name_length, 13);
+ for (int i = 0; i < sizeof(table->descriptors[1].reserved); i++)
+ EXPECT_EQ(table->descriptors[1].reserved[i], 0);
+ EXPECT_EQ(table->descriptors[1].vbmeta_name, "vbmeta_vendor");
+
+ EXPECT_EQ(table->descriptors[2].vbmeta_index, 1);
+ EXPECT_EQ(table->descriptors[2].vbmeta_name_length, 14);
+ for (int i = 0; i < sizeof(table->descriptors[2].reserved); i++)
+ EXPECT_EQ(table->descriptors[2].reserved[i], 0);
+ EXPECT_EQ(table->descriptors[2].vbmeta_name, "vbmeta_product");
+}
\ No newline at end of file
diff --git a/fs_mgr/libvbmeta/include/libvbmeta/libvbmeta.h b/fs_mgr/libvbmeta/include/libvbmeta/libvbmeta.h
new file mode 100644
index 0000000..ab7ba73
--- /dev/null
+++ b/fs_mgr/libvbmeta/include/libvbmeta/libvbmeta.h
@@ -0,0 +1,29 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include <map>
+#include <string>
+
+namespace android {
+namespace fs_mgr {
+
+bool WriteToSuperVBMetaFile(const std::string& super_vbmeta_file,
+ const std::map<std::string, std::string>& images_path);
+
+} // namespace fs_mgr
+} // namespace android
\ No newline at end of file
diff --git a/fs_mgr/libvbmeta/reader.cpp b/fs_mgr/libvbmeta/reader.cpp
new file mode 100644
index 0000000..212d186
--- /dev/null
+++ b/fs_mgr/libvbmeta/reader.cpp
@@ -0,0 +1,118 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "reader.h"
+
+#include <android-base/file.h>
+
+using android::base::ErrnoError;
+using android::base::Error;
+using android::base::Result;
+
+namespace android {
+namespace fs_mgr {
+
+Result<void> LoadAndVerifySuperVBMetaHeader(const void* buffer, SuperVBMetaHeader* header) {
+ memcpy(header, buffer, sizeof(*header));
+
+ // Do basic validation of super vbmeta.
+ if (header->magic != SUPER_VBMETA_MAGIC) {
+ return Error() << "Super VBMeta has invalid magic value";
+ }
+
+ // Check that the version is compatible.
+ if (header->major_version != SUPER_VBMETA_MAJOR_VERSION ||
+ header->minor_version > SUPER_VBMETA_MINOR_VERSION) {
+ return Error() << "Super VBMeta has incompatible version";
+ }
+ return {};
+}
+
+void LoadVBMetaDescriptors(const void* buffer, uint32_t size,
+ std::vector<InternalVBMetaDescriptor>* descriptors) {
+ for (int p = 0; p < size;) {
+ InternalVBMetaDescriptor descriptor;
+ memcpy(&descriptor, (char*)buffer + p, SUPER_VBMETA_DESCRIPTOR_SIZE);
+ p += SUPER_VBMETA_DESCRIPTOR_SIZE;
+
+ descriptor.vbmeta_name = std::string((char*)buffer + p, descriptor.vbmeta_name_length);
+ p += descriptor.vbmeta_name_length;
+
+ descriptors->emplace_back(std::move(descriptor));
+ }
+}
+
+Result<void> ReadVBMetaTable(int fd, uint64_t offset, VBMetaTable* table) {
+ std::unique_ptr<uint8_t[]> header_buffer =
+ std::make_unique<uint8_t[]>(SUPER_VBMETA_HEADER_SIZE);
+ if (!android::base::ReadFullyAtOffset(fd, header_buffer.get(), SUPER_VBMETA_HEADER_SIZE,
+ offset)) {
+ return ErrnoError() << "Couldn't read super vbmeta header at offset " << offset;
+ }
+
+ Result<void> rv_header = LoadAndVerifySuperVBMetaHeader(header_buffer.get(), &table->header);
+ if (!rv_header) {
+ return rv_header;
+ }
+
+ const uint64_t descriptors_offset = offset + table->header.header_size;
+ std::unique_ptr<uint8_t[]> descriptors_buffer =
+ std::make_unique<uint8_t[]>(table->header.descriptors_size);
+ if (!android::base::ReadFullyAtOffset(fd, descriptors_buffer.get(),
+ table->header.descriptors_size, descriptors_offset)) {
+ return ErrnoError() << "Couldn't read super vbmeta descriptors at offset "
+ << descriptors_offset;
+ }
+
+ LoadVBMetaDescriptors(descriptors_buffer.get(), table->header.descriptors_size,
+ &table->descriptors);
+ return {};
+}
+
+Result<void> ReadPrimaryVBMetaTable(int fd, VBMetaTable* table) {
+ uint64_t offset = PRIMARY_SUPER_VBMETA_TABLE_OFFSET;
+ return ReadVBMetaTable(fd, offset, table);
+}
+
+Result<void> ReadBackupVBMetaTable(int fd, VBMetaTable* table) {
+ uint64_t offset = BACKUP_SUPER_VBMETA_TABLE_OFFSET;
+ return ReadVBMetaTable(fd, offset, table);
+}
+
+Result<std::string> ReadVBMetaImage(int fd, int slot) {
+ const uint64_t offset = 2 * SUPER_VBMETA_TABLE_MAX_SIZE + slot * VBMETA_IMAGE_MAX_SIZE;
+ std::unique_ptr<uint8_t[]> buffer = std::make_unique<uint8_t[]>(VBMETA_IMAGE_MAX_SIZE);
+ if (!android::base::ReadFullyAtOffset(fd, buffer.get(), VBMETA_IMAGE_MAX_SIZE, offset)) {
+ return ErrnoError() << "Couldn't read vbmeta image at offset " << offset;
+ }
+ return std::string(reinterpret_cast<char*>(buffer.get()), VBMETA_IMAGE_MAX_SIZE);
+}
+
+Result<void> ValidateVBMetaImage(int super_vbmeta_fd, int vbmeta_index,
+ const std::string& vbmeta_image) {
+ Result<std::string> content = ReadVBMetaImage(super_vbmeta_fd, vbmeta_index);
+ if (!content) {
+ return content.error();
+ }
+
+ if (vbmeta_image != content.value()) {
+ return Error() << "VBMeta Image in Super VBMeta differ from the original one.";
+ }
+ return {};
+}
+
+} // namespace fs_mgr
+} // namespace android
diff --git a/fs_mgr/libvbmeta/reader.h b/fs_mgr/libvbmeta/reader.h
new file mode 100644
index 0000000..f0997ff
--- /dev/null
+++ b/fs_mgr/libvbmeta/reader.h
@@ -0,0 +1,34 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include <android-base/result.h>
+
+#include "super_vbmeta_format.h"
+
+namespace android {
+namespace fs_mgr {
+
+android::base::Result<void> ReadPrimaryVBMetaTable(int fd, VBMetaTable* table);
+android::base::Result<void> ReadBackupVBMetaTable(int fd, VBMetaTable* table);
+android::base::Result<std::string> ReadVBMetaImage(int fd, int slot);
+
+android::base::Result<void> ValidateVBMetaImage(int super_vbmeta_fd, int vbmeta_index,
+ const std::string& vbmeta_image);
+
+} // namespace fs_mgr
+} // namespace android
\ No newline at end of file
diff --git a/fs_mgr/libvbmeta/super_vbmeta_format.h b/fs_mgr/libvbmeta/super_vbmeta_format.h
new file mode 100644
index 0000000..c62a2dd
--- /dev/null
+++ b/fs_mgr/libvbmeta/super_vbmeta_format.h
@@ -0,0 +1,34 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/* This .h file is intended for CPP clients (usually fastbootd, recovery and update_engine) */
+
+#pragma once
+
+#include <string>
+#include <vector>
+
+#include "super_vbmeta_format_c.h"
+
+struct InternalVBMetaDescriptor : VBMetaDescriptor {
+ /* 64: The vbmeta image's name */
+ std::string vbmeta_name;
+};
+
+struct VBMetaTable {
+ SuperVBMetaHeader header;
+ std::vector<InternalVBMetaDescriptor> descriptors;
+};
\ No newline at end of file
diff --git a/fs_mgr/libvbmeta/super_vbmeta_format_c.h b/fs_mgr/libvbmeta/super_vbmeta_format_c.h
new file mode 100644
index 0000000..6d79801
--- /dev/null
+++ b/fs_mgr/libvbmeta/super_vbmeta_format_c.h
@@ -0,0 +1,122 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/* This .h file is intended for C clients (usually bootloader). */
+
+#pragma once
+
+#include <stdint.h>
+
+/* Magic signature for super vbmeta. */
+#define SUPER_VBMETA_MAGIC 0x5356424d
+
+/* Current super vbmeta version. */
+#define SUPER_VBMETA_MAJOR_VERSION 1
+#define SUPER_VBMETA_MINOR_VERSION 0
+
+/* super vbmeta size. */
+#define SUPER_VBMETA_HEADER_SIZE sizeof(SuperVBMetaHeader)
+#define SUPER_VBMETA_DESCRIPTOR_SIZE sizeof(VBMetaDescriptor)
+#define SUPER_VBMETA_TABLE_MAX_SIZE 2048
+
+/* super vbmeta offset. */
+#define PRIMARY_SUPER_VBMETA_TABLE_OFFSET 0
+#define BACKUP_SUPER_VBMETA_TABLE_OFFSET SUPER_VBMETA_TABLE_MAX_SIZE
+
+/* restriction of vbmeta image */
+#define VBMETA_IMAGE_MAX_NUM 32
+#define VBMETA_IMAGE_MAX_SIZE 64 * 1024
+
+/* Binary format of the super vbmeta image.
+ *
+ * The super vbmeta image consists of two blocks:
+ *
+ * +------------------------------------------+
+ * | Super VBMeta Table - fixed size |
+ * +------------------------------------------+
+ * | Backup Super VBMeta Table - fixed size |
+ * +------------------------------------------+
+ * | VBMeta Images - fixed size |
+ * +------------------------------------------+
+ *
+ * The "Super VBMeta Table" records the offset
+ * and the size of each vbmeta_partition within
+ * /super_vbmeta.
+ *
+ * The "VBMeta Image" is copied from each vbmeta_partition
+ * and filled with 0 until 64K bytes.
+ *
+ * The super vbmeta table consists of two blocks:
+ *
+ * +-----------------------------------------+
+ * | Header data - fixed size |
+ * +-----------------------------------------+
+ * | VBMeta descriptors - variable size |
+ * +-----------------------------------------+
+ *
+ * The "Header data" block is described by the following struct and
+ * is always 128 bytes long.
+ *
+ * The "VBMeta descriptor" is |descriptors_size| + |vbmeta_name_length|
+ * bytes long. It contains the offset and size for each vbmeta image
+ * and is followed by |vbmeta_name_length| bytes of the partition name
+ * (UTF-8 encoded).
+ */
+
+typedef struct SuperVBMetaHeader {
+ /* 0: Magic signature (SUPER_VBMETA_MAGIC). */
+ uint32_t magic;
+
+ /* 4: Major version. Version number required to read this super vbmeta. If the version is not
+ * equal to the library version, the super vbmeta should be considered incompatible.
+ */
+ uint16_t major_version;
+
+ /* 6: Minor version. A library supporting newer features should be able to
+ * read super vbmeta with an older minor version. However, an older library
+ * should not support reading super vbmeta if its minor version is higher.
+ */
+ uint16_t minor_version;
+
+ /* 8: The size of this header struct. */
+ uint32_t header_size;
+
+ /* 12: The size of this super vbmeta table. */
+ uint32_t total_size;
+
+ /* 16: SHA256 checksum of this super vbmeta table, with this field set to 0. */
+ uint8_t checksum[32];
+
+ /* 48: The size of the vbmeta table descriptors. */
+ uint32_t descriptors_size;
+
+ /* 52: mark which slot is in use. */
+ uint32_t in_use = 0;
+
+ /* 56: reserved for other usage, filled with 0. */
+ uint8_t reserved[72];
+} __attribute__((packed)) SuperVBMetaHeader;
+
+typedef struct VBMetaDescriptor {
+ /* 0: The slot number of the vbmeta image. */
+ uint8_t vbmeta_index;
+
+ /* 12: The length of the vbmeta image name. */
+ uint32_t vbmeta_name_length;
+
+ /* 16: Space reserved for other usage, filled with 0. */
+ uint8_t reserved[48];
+} __attribute__((packed)) VBMetaDescriptor;
\ No newline at end of file
diff --git a/fs_mgr/libvbmeta/super_vbmeta_test.cpp b/fs_mgr/libvbmeta/super_vbmeta_test.cpp
new file mode 100644
index 0000000..6b4fc5d
--- /dev/null
+++ b/fs_mgr/libvbmeta/super_vbmeta_test.cpp
@@ -0,0 +1,191 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <unistd.h>
+
+#include <android-base/file.h>
+#include <gtest/gtest.h>
+#include <openssl/sha.h>
+#include <sparse/sparse.h>
+
+#include "reader.h"
+#include "super_vbmeta_format.h"
+#include "utility.h"
+#include "writer.h"
+
+#define FAKE_DATA_SIZE 40960
+#define FAKE_PARTITION_SIZE FAKE_DATA_SIZE * 25
+
+using android::base::Result;
+using android::fs_mgr::GetFileSize;
+using android::fs_mgr::ReadVBMetaImage;
+using SparsePtr = std::unique_ptr<sparse_file, decltype(&sparse_file_destroy)>;
+
+void GeneratePartitionImage(int fd, const std::string& file_name,
+ const std::string& partition_name) {
+ std::unique_ptr<uint8_t[]> buffer = std::make_unique<uint8_t[]>(FAKE_DATA_SIZE);
+ for (size_t c = 0; c < FAKE_DATA_SIZE; c++) {
+ buffer[c] = uint8_t(c);
+ }
+
+ SparsePtr file(sparse_file_new(512 /* block size */, FAKE_DATA_SIZE), sparse_file_destroy);
+ EXPECT_TRUE(file);
+ EXPECT_EQ(0, sparse_file_add_data(file.get(), buffer.get(), FAKE_DATA_SIZE,
+ 0 /* offset in blocks */));
+ EXPECT_EQ(0, sparse_file_write(file.get(), fd, false /* gz */, true /* sparse */,
+ false /* crc */));
+
+ std::stringstream cmd;
+ cmd << "avbtool add_hashtree_footer"
+ << " --image " << file_name << " --partition_name " << partition_name
+ << " --partition_size " << FAKE_PARTITION_SIZE << " --algorithm SHA256_RSA2048"
+ << " --key external/avb/test/data/testkey_rsa2048.pem";
+
+ int rc = system(cmd.str().c_str());
+ EXPECT_TRUE(WIFEXITED(rc));
+ EXPECT_EQ(WEXITSTATUS(rc), 0);
+}
+
+void GenerateVBMetaImage(const std::string& vbmeta_file_name,
+ const std::string& include_file_name) {
+ std::stringstream cmd;
+ cmd << "avbtool make_vbmeta_image"
+ << " --output " << vbmeta_file_name << " --include_descriptors_from_image "
+ << include_file_name;
+
+ int rc = system(cmd.str().c_str());
+ EXPECT_TRUE(WIFEXITED(rc));
+ EXPECT_EQ(WEXITSTATUS(rc), 0);
+}
+
+std::string ReadVBMetaImageFromFile(const std::string& file) {
+ android::base::unique_fd fd(open(file.c_str(), O_RDONLY | O_CLOEXEC));
+ EXPECT_GT(fd, 0);
+ Result<uint64_t> file_size = GetFileSize(fd);
+ EXPECT_TRUE(file_size);
+ std::unique_ptr<uint8_t[]> buffer = std::make_unique<uint8_t[]>(VBMETA_IMAGE_MAX_SIZE);
+ EXPECT_TRUE(android::base::ReadFully(fd, buffer.get(), file_size.value()));
+ return std::string(reinterpret_cast<char*>(buffer.get()), VBMETA_IMAGE_MAX_SIZE);
+}
+
+TEST(VBMetaTableTest, VBMetaTableBasic) {
+ TemporaryDir td;
+
+ // Generate Partition Image
+ TemporaryFile system_tf(std::string(td.path));
+ std::string system_path(system_tf.path);
+ GeneratePartitionImage(system_tf.fd, system_path, "system");
+ system_tf.release();
+
+ TemporaryFile vendor_tf(std::string(td.path));
+ std::string vendor_path(vendor_tf.path);
+ GeneratePartitionImage(vendor_tf.fd, vendor_path, "vendor");
+ vendor_tf.release();
+
+ TemporaryFile product_tf(std::string(td.path));
+ std::string product_path(product_tf.path);
+ GeneratePartitionImage(product_tf.fd, product_path, "product");
+ product_tf.release();
+
+ // Generate VBMeta Image
+ std::string vbmeta_system_path(td.path);
+ vbmeta_system_path.append("/vbmeta_system.img");
+ GenerateVBMetaImage(vbmeta_system_path, system_path);
+
+ std::string vbmeta_vendor_path(td.path);
+ vbmeta_vendor_path.append("/vbmeta_vendor.img");
+ GenerateVBMetaImage(vbmeta_vendor_path, vendor_path);
+
+ std::string vbmeta_product_path(td.path);
+ vbmeta_product_path.append("/vbmeta_product.img");
+ GenerateVBMetaImage(vbmeta_product_path, product_path);
+
+ // Generate Super VBMeta Image
+ std::string super_vbmeta_path(td.path);
+ super_vbmeta_path.append("/super_vbmeta.img");
+
+ std::stringstream cmd;
+ cmd << "vbmake"
+ << " --image "
+ << "vbmeta_system"
+ << "=" << vbmeta_system_path << " --image "
+ << "vbmeta_vendor"
+ << "=" << vbmeta_vendor_path << " --image "
+ << "vbmeta_product"
+ << "=" << vbmeta_product_path << " --output=" << super_vbmeta_path;
+
+ int rc = system(cmd.str().c_str());
+ ASSERT_TRUE(WIFEXITED(rc));
+ ASSERT_EQ(WEXITSTATUS(rc), 0);
+
+ android::base::unique_fd fd(open(super_vbmeta_path.c_str(), O_RDONLY | O_CLOEXEC));
+ EXPECT_GT(fd, 0);
+
+ // Check the size of vbmeta table
+ Result<uint64_t> super_vbmeta_size = GetFileSize(fd);
+ EXPECT_TRUE(super_vbmeta_size);
+ EXPECT_EQ(super_vbmeta_size.value(),
+ SUPER_VBMETA_TABLE_MAX_SIZE * 2 + VBMETA_IMAGE_MAX_SIZE * 3);
+
+ // Check Primary vbmeta table is equal to Backup one
+ VBMetaTable table;
+ EXPECT_TRUE(android::fs_mgr::ReadPrimaryVBMetaTable(fd, &table));
+ VBMetaTable table_backup;
+ EXPECT_TRUE(android::fs_mgr::ReadBackupVBMetaTable(fd, &table_backup));
+ EXPECT_EQ(android::fs_mgr::SerializeVBMetaTable(table),
+ android::fs_mgr::SerializeVBMetaTable(table_backup));
+
+ // Check vbmeta table Header Checksum
+ std::string serial_table = android::fs_mgr::SerializeVBMetaTable(table);
+ std::string serial_removed_checksum(serial_table);
+ // Replace checksum 32 bytes (starts at 16th byte) with 0
+ serial_removed_checksum.replace(16, 32, 32, 0);
+ uint8_t test_checksum[32];
+ ::SHA256(reinterpret_cast<const uint8_t*>(serial_removed_checksum.c_str()),
+ table.header.total_size, &test_checksum[0]);
+ EXPECT_EQ(memcmp(table.header.checksum, test_checksum, 32), 0);
+
+ // Check vbmeta table descriptors and vbmeta images
+ EXPECT_EQ(table.descriptors.size(), 3);
+
+ EXPECT_EQ(table.descriptors[0].vbmeta_index, 0);
+ EXPECT_EQ(table.descriptors[0].vbmeta_name_length, 14);
+ EXPECT_EQ(table.descriptors[0].vbmeta_name, "vbmeta_product");
+ Result<std::string> vbmeta_product_content = ReadVBMetaImage(fd, 0);
+ EXPECT_TRUE(vbmeta_product_content);
+ EXPECT_EQ(ReadVBMetaImageFromFile(vbmeta_product_path), vbmeta_product_content.value());
+
+ EXPECT_EQ(table.descriptors[1].vbmeta_index, 1);
+ EXPECT_EQ(table.descriptors[1].vbmeta_name_length, 13);
+ EXPECT_EQ(table.descriptors[1].vbmeta_name, "vbmeta_system");
+ Result<std::string> vbmeta_system_content = ReadVBMetaImage(fd, 1);
+ EXPECT_TRUE(vbmeta_system_content);
+ EXPECT_EQ(ReadVBMetaImageFromFile(vbmeta_system_path), vbmeta_system_content.value());
+
+ EXPECT_EQ(table.descriptors[2].vbmeta_index, 2);
+ EXPECT_EQ(table.descriptors[2].vbmeta_name_length, 13);
+ EXPECT_EQ(table.descriptors[2].vbmeta_name, "vbmeta_vendor");
+ Result<std::string> vbmeta_vendor_content = ReadVBMetaImage(fd, 2);
+ EXPECT_TRUE(vbmeta_vendor_content);
+ EXPECT_EQ(ReadVBMetaImageFromFile(vbmeta_vendor_path), vbmeta_vendor_content.value());
+}
+
+int main(int argc, char** argv) {
+ ::testing::InitGoogleTest(&argc, argv);
+ return RUN_ALL_TESTS();
+}
\ No newline at end of file
diff --git a/fs_mgr/libvbmeta/utility.cpp b/fs_mgr/libvbmeta/utility.cpp
new file mode 100644
index 0000000..c184227
--- /dev/null
+++ b/fs_mgr/libvbmeta/utility.cpp
@@ -0,0 +1,47 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "utility.h"
+
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <unistd.h>
+
+#include "super_vbmeta_format.h"
+
+using android::base::ErrnoError;
+using android::base::Error;
+using android::base::Result;
+
+namespace android {
+namespace fs_mgr {
+
+Result<uint64_t> GetFileSize(int fd) {
+ struct stat sb;
+ if (fstat(fd, &sb) == -1) {
+ return ErrnoError() << "Couldn't get the file size";
+ }
+ return sb.st_size;
+}
+
+uint64_t IndexOffset(const uint8_t vbmeta_index) {
+ /* There are primary and backup vbmeta table in super_vbmeta,
+ so SUPER_VBMETA_TABLE_MAX_SIZE is counted twice. */
+ return 2 * SUPER_VBMETA_TABLE_MAX_SIZE + vbmeta_index * VBMETA_IMAGE_MAX_SIZE;
+}
+
+} // namespace fs_mgr
+} // namespace android
diff --git a/fs_mgr/libvbmeta/utility.h b/fs_mgr/libvbmeta/utility.h
new file mode 100644
index 0000000..91db0ad
--- /dev/null
+++ b/fs_mgr/libvbmeta/utility.h
@@ -0,0 +1,37 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include <android-base/logging.h>
+#include <android-base/result.h>
+
+#define VBMETA_TAG "[libvbmeta]"
+#define LWARN LOG(WARNING) << VBMETA_TAG
+#define LINFO LOG(INFO) << VBMETA_TAG
+#define LERROR LOG(ERROR) << VBMETA_TAG
+#define PWARNING PLOG(WARNING) << VBMETA_TAG
+#define PERROR PLOG(ERROR) << VBMETA_TAG
+
+namespace android {
+namespace fs_mgr {
+
+android::base::Result<uint64_t> GetFileSize(int fd);
+
+uint64_t IndexOffset(const uint8_t vbmeta_index);
+
+} // namespace fs_mgr
+} // namespace android
\ No newline at end of file
diff --git a/fs_mgr/libvbmeta/writer.cpp b/fs_mgr/libvbmeta/writer.cpp
new file mode 100644
index 0000000..fc0e0fb
--- /dev/null
+++ b/fs_mgr/libvbmeta/writer.cpp
@@ -0,0 +1,81 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "writer.h"
+
+#include <android-base/file.h>
+
+#include "utility.h"
+
+using android::base::ErrnoError;
+using android::base::Result;
+
+namespace android {
+namespace fs_mgr {
+
+std::string SerializeVBMetaTable(const VBMetaTable& input) {
+ std::string table;
+ table.append(reinterpret_cast<const char*>(&input.header), SUPER_VBMETA_HEADER_SIZE);
+
+ for (const auto& desc : input.descriptors) {
+ table.append(reinterpret_cast<const char*>(&desc), SUPER_VBMETA_DESCRIPTOR_SIZE);
+ table.append(desc.vbmeta_name);
+ }
+
+ // Ensure the size of vbmeta table is SUPER_VBMETA_TABLE_MAX_SIZE
+ table.resize(SUPER_VBMETA_TABLE_MAX_SIZE, '\0');
+
+ return table;
+}
+
+Result<void> WritePrimaryVBMetaTable(int fd, const std::string& table) {
+ const uint64_t offset = PRIMARY_SUPER_VBMETA_TABLE_OFFSET;
+ if (lseek(fd, offset, SEEK_SET) < 0) {
+ return ErrnoError() << __PRETTY_FUNCTION__ << " lseek failed";
+ }
+
+ if (!android::base::WriteFully(fd, table.data(), table.size())) {
+ return ErrnoError() << "Failed to write primary vbmeta table at offset " << offset;
+ }
+ return {};
+}
+
+Result<void> WriteBackupVBMetaTable(int fd, const std::string& table) {
+ const uint64_t offset = BACKUP_SUPER_VBMETA_TABLE_OFFSET;
+ if (lseek(fd, offset, SEEK_SET) < 0) {
+ return ErrnoError() << __PRETTY_FUNCTION__ << " lseek failed";
+ }
+
+ if (!android::base::WriteFully(fd, table.data(), table.size())) {
+ return ErrnoError() << "Failed to write backup vbmeta table at offset " << offset;
+ }
+ return {};
+}
+
+Result<void> WriteVBMetaImage(int fd, const uint8_t slot_number, const std::string& vbmeta_image) {
+ const uint64_t offset = IndexOffset(slot_number);
+ if (lseek(fd, offset, SEEK_SET) < 0) {
+ return ErrnoError() << __PRETTY_FUNCTION__ << " lseek failed";
+ }
+
+ if (!android::base::WriteFully(fd, vbmeta_image.data(), vbmeta_image.size())) {
+ return ErrnoError() << "Failed to write vbmeta image at offset " << offset;
+ }
+ return {};
+}
+
+} // namespace fs_mgr
+} // namespace android
\ No newline at end of file
diff --git a/fs_mgr/libvbmeta/writer.h b/fs_mgr/libvbmeta/writer.h
new file mode 100644
index 0000000..f8eed36
--- /dev/null
+++ b/fs_mgr/libvbmeta/writer.h
@@ -0,0 +1,36 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include <string>
+
+#include <android-base/result.h>
+
+#include "super_vbmeta_format.h"
+
+namespace android {
+namespace fs_mgr {
+
+std::string SerializeVBMetaTable(const VBMetaTable& input);
+
+android::base::Result<void> WritePrimaryVBMetaTable(int fd, const std::string& table);
+android::base::Result<void> WriteBackupVBMetaTable(int fd, const std::string& table);
+android::base::Result<void> WriteVBMetaImage(int fd, const uint8_t slot_number,
+ const std::string& vbmeta_image);
+
+} // namespace fs_mgr
+} // namespace android
\ No newline at end of file
diff --git a/init/Android.bp b/init/Android.bp
index 52cd1ca..b601075 100644
--- a/init/Android.bp
+++ b/init/Android.bp
@@ -62,7 +62,6 @@
},
},
static_libs: [
- "libseccomp_policy",
"libavb",
"libc++fs",
"libcgrouprc_format",
@@ -129,6 +128,7 @@
"persistent_properties.cpp",
"persistent_properties.proto",
"property_service.cpp",
+ "property_service.proto",
"property_type.cpp",
"reboot.cpp",
"reboot_utils.cpp",
@@ -223,6 +223,7 @@
srcs: [
"devices_test.cpp",
+ "firmware_handler_test.cpp",
"init_test.cpp",
"keychords_test.cpp",
"persistent_properties_test.cpp",
diff --git a/init/Android.mk b/init/Android.mk
index d7258a7..8f58437 100644
--- a/init/Android.mk
+++ b/init/Android.mk
@@ -92,7 +92,6 @@
liblogwrap \
libext4_utils \
libfscrypt \
- libseccomp_policy \
libcrypto_utils \
libsparse \
libavb \
@@ -119,6 +118,7 @@
LOCAL_SANITIZE := signed-integer-overflow
# First stage init is weird: it may start without stdout/stderr, and no /proc.
LOCAL_NOSANITIZE := hwaddress
+LOCAL_INJECT_BSSL_HASH := true
include $(BUILD_EXECUTABLE)
endif
diff --git a/init/README.md b/init/README.md
index 2de76a9..29b972d 100644
--- a/init/README.md
+++ b/init/README.md
@@ -170,6 +170,8 @@
be changed by setting the "androidboot.console" kernel parameter. In
all cases the leading "/dev/" should be omitted, so "/dev/tty0" would be
specified as just "console tty0".
+ This option connects stdin, stdout, and stderr to the console. It is mutually exclusive with the
+ stdio_to_kmsg option, which only connects stdout and stderr to kmsg.
`critical`
> This is a device-critical service. If it exits more than four times in
@@ -263,6 +265,12 @@
> Scheduling priority of the service process. This value has to be in range
-20 to 19. Default priority is 0. Priority is set via setpriority().
+`reboot_on_failure <target>`
+> If this process cannot be started or if the process terminates with an exit code other than
+ CLD_EXITED or an status other than '0', reboot the system with the target specified in
+ _target_. _target_ takes the same format as the parameter to sys.powerctl. This is particularly
+ intended to be used with the `exec_start` builtin for any must-have checks during boot.
+
`restart_period <seconds>`
> If a non-oneshot service exits, it will be restarted at its start time plus
this period. It defaults to 5s to rate limit crashing services.
@@ -307,6 +315,13 @@
seclabel or computed based on the service executable file security context.
For native executables see libcutils android\_get\_control\_socket().
+`stdio_to_kmsg`
+> Redirect stdout and stderr to /dev/kmsg_debug. This is useful for services that do not use native
+ Android logging during early boot and whose logs messages we want to capture. This is only enabled
+ when /dev/kmsg_debug is enabled, which is only enabled on userdebug and eng builds.
+ This is mutually exclusive with the console option, which additionally connects stdin to the
+ given console.
+
`timeout_period <seconds>`
> Provide a timeout after which point the service will be killed. The oneshot keyword is respected
here, so oneshot services do not automatically restart, however all other services will.
diff --git a/init/README.ueventd.md b/init/README.ueventd.md
index c592c37..053ebf8 100644
--- a/init/README.ueventd.md
+++ b/init/README.ueventd.md
@@ -82,7 +82,7 @@
## Firmware loading
----------------
-Ueventd automatically serves firmware requests by searching through a list of firmware directories
+Ueventd by default serves firmware requests by searching through a list of firmware directories
for a file matching the uevent `FIRMWARE`. It then forks a process to serve this firmware to the
kernel.
@@ -100,6 +100,26 @@
Ueventd will wait until after `post-fs` in init, to keep retrying before believing the firmwares are
not present.
+The exact firmware file to be served can be customized by running an external program by a
+`external_firmware_handler` line in a ueventd.rc file. This line takes the format of
+
+ external_firmware_handler <devpath> <user name to run as> <path to external program>
+For example
+
+ external_firmware_handler /devices/leds/red/firmware/coeffs.bin system /vendor/bin/led_coeffs.bin
+Will launch `/vendor/bin/led_coeffs.bin` as the system user instead of serving the default firmware
+for `/devices/leds/red/firmware/coeffs.bin`.
+
+Ueventd will provide the uevent `DEVPATH` and `FIRMWARE` to this external program on the environment
+via environment variables with the same names. Ueventd will use the string written to stdout as the
+new name of the firmware to load. It will still look for the new firmware in the list of firmware
+directories stated above. It will also reject file names with `..` in them, to prevent leaving these
+directories. If stdout cannot be read, or the program returns with any exit code other than
+`EXIT_SUCCESS`, or the program crashes, the default firmware from the uevent will be loaded.
+
+Ueventd will additionally log all messages sent to stderr from the external program to the serial
+console after the external program has exited.
+
## Coldboot
--------
Ueventd must create devices in `/dev` for all devices that have already sent their uevents before
@@ -110,3 +130,9 @@
For boot time purposes, this is done in parallel across a set of child processes. `ueventd.cpp` in
this directory contains documentation on how the parallelization is done.
+
+There is an option to parallelize the restorecon function during cold boot as well. This should only
+be done for devices that do not use genfscon, which is the recommended method for labeling sysfs
+nodes. To enable this option, use the below line in a ueventd.rc script:
+
+ parallel_restorecon enabled
diff --git a/init/action_parser.cpp b/init/action_parser.cpp
index ff20e43..9736824 100644
--- a/init/action_parser.cpp
+++ b/init/action_parser.cpp
@@ -121,13 +121,8 @@
}
Subcontext* action_subcontext = nullptr;
- if (subcontexts_) {
- for (auto& subcontext : *subcontexts_) {
- if (StartsWith(filename, subcontext.path_prefix())) {
- action_subcontext = &subcontext;
- break;
- }
- }
+ if (subcontext_ && subcontext_->PathMatchesSubcontext(filename)) {
+ action_subcontext = subcontext_;
}
std::string event_trigger;
diff --git a/init/action_parser.h b/init/action_parser.h
index 2fe9983..3000132 100644
--- a/init/action_parser.h
+++ b/init/action_parser.h
@@ -30,8 +30,8 @@
class ActionParser : public SectionParser {
public:
- ActionParser(ActionManager* action_manager, std::vector<Subcontext>* subcontexts)
- : action_manager_(action_manager), subcontexts_(subcontexts), action_(nullptr) {}
+ ActionParser(ActionManager* action_manager, Subcontext* subcontext)
+ : action_manager_(action_manager), subcontext_(subcontext), action_(nullptr) {}
Result<void> ParseSection(std::vector<std::string>&& args, const std::string& filename,
int line) override;
Result<void> ParseLineSection(std::vector<std::string>&& args, int line) override;
@@ -39,7 +39,7 @@
private:
ActionManager* action_manager_;
- std::vector<Subcontext>* subcontexts_;
+ Subcontext* subcontext_;
std::unique_ptr<Action> action_;
};
diff --git a/init/builtins.cpp b/init/builtins.cpp
index d2c73cb..42211b2 100644
--- a/init/builtins.cpp
+++ b/init/builtins.cpp
@@ -80,6 +80,7 @@
using namespace std::literals::string_literals;
using android::base::Basename;
+using android::base::StartsWith;
using android::base::StringPrintf;
using android::base::unique_fd;
using android::fs_mgr::Fstab;
@@ -701,6 +702,15 @@
}
static Result<void> do_setprop(const BuiltinArguments& args) {
+ if (StartsWith(args[1], "ctl.")) {
+ return Error()
+ << "Cannot set ctl. properties from init; call the Service functions directly";
+ }
+ if (args[1] == kRestoreconProperty) {
+ return Error() << "Cannot set '" << kRestoreconProperty
+ << "' from init; use the restorecon builtin directly";
+ }
+
property_set(args[1], args[2]);
return {};
}
@@ -1016,7 +1026,20 @@
}
static Result<void> do_load_persist_props(const BuiltinArguments& args) {
- load_persist_props();
+ // Devices with FDE have load_persist_props called twice; the first time when the temporary
+ // /data partition is mounted and then again once /data is truly mounted. We do not want to
+ // read persistent properties from the temporary /data partition or mark persistent properties
+ // as having been loaded during the first call, so we return in that case.
+ std::string crypto_state = android::base::GetProperty("ro.crypto.state", "");
+ std::string crypto_type = android::base::GetProperty("ro.crypto.type", "");
+ if (crypto_state == "encrypted" && crypto_type == "block") {
+ static size_t num_calls = 0;
+ if (++num_calls == 1) return {};
+ }
+
+ SendLoadPersistentPropertiesMessage();
+
+ start_waiting_for_property("ro.persistent_properties.ready", "true");
return {};
}
@@ -1081,20 +1104,6 @@
return {};
}
-static Result<void> do_exec_reboot_on_failure(const BuiltinArguments& args) {
- auto reboot_reason = args[1];
- auto reboot = [reboot_reason](const std::string& message) {
- property_set(LAST_REBOOT_REASON_PROPERTY, reboot_reason);
- sync();
- LOG(FATAL) << message << ": rebooting into bootloader, reason: " << reboot_reason;
- };
-
- std::vector<std::string> remaining_args(args.begin() + 1, args.end());
- remaining_args[0] = args[0];
-
- return ExecWithFunctionOnFailure(remaining_args, reboot);
-}
-
static Result<void> ExecVdcRebootOnFailure(const std::string& vdc_arg) {
auto reboot_reason = vdc_arg + "_failed";
@@ -1202,7 +1211,6 @@
{"enable", {1, 1, {false, do_enable}}},
{"exec", {1, kMax, {false, do_exec}}},
{"exec_background", {1, kMax, {false, do_exec_background}}},
- {"exec_reboot_on_failure", {2, kMax, {false, do_exec_reboot_on_failure}}},
{"exec_start", {1, 1, {false, do_exec_start}}},
{"export", {2, 2, {false, do_export}}},
{"hostname", {1, 1, {true, do_hostname}}},
diff --git a/init/firmware_handler.cpp b/init/firmware_handler.cpp
index c067f6f..1dce2d5 100644
--- a/init/firmware_handler.cpp
+++ b/init/firmware_handler.cpp
@@ -17,6 +17,10 @@
#include "firmware_handler.h"
#include <fcntl.h>
+#include <pwd.h>
+#include <signal.h>
+#include <stdlib.h>
+#include <string.h>
#include <sys/sendfile.h>
#include <sys/wait.h>
#include <unistd.h>
@@ -26,25 +30,29 @@
#include <android-base/chrono_utils.h>
#include <android-base/file.h>
#include <android-base/logging.h>
+#include <android-base/strings.h>
#include <android-base/unique_fd.h>
+using android::base::ReadFdToString;
+using android::base::Socketpair;
+using android::base::Split;
using android::base::Timer;
+using android::base::Trim;
using android::base::unique_fd;
using android::base::WriteFully;
namespace android {
namespace init {
-static void LoadFirmware(const Uevent& uevent, const std::string& root, int fw_fd, size_t fw_size,
- int loading_fd, int data_fd) {
+static void LoadFirmware(const std::string& firmware, const std::string& root, int fw_fd,
+ size_t fw_size, int loading_fd, int data_fd) {
// Start transfer.
WriteFully(loading_fd, "1", 1);
// Copy the firmware.
int rc = sendfile(data_fd, fw_fd, nullptr, fw_size);
if (rc == -1) {
- PLOG(ERROR) << "firmware: sendfile failed { '" << root << "', '" << uevent.firmware
- << "' }";
+ PLOG(ERROR) << "firmware: sendfile failed { '" << root << "', '" << firmware << "' }";
}
// Tell the firmware whether to abort or commit.
@@ -56,36 +64,151 @@
return access("/dev/.booting", F_OK) == 0;
}
-FirmwareHandler::FirmwareHandler(std::vector<std::string> firmware_directories)
- : firmware_directories_(std::move(firmware_directories)) {}
+FirmwareHandler::FirmwareHandler(std::vector<std::string> firmware_directories,
+ std::vector<ExternalFirmwareHandler> external_firmware_handlers)
+ : firmware_directories_(std::move(firmware_directories)),
+ external_firmware_handlers_(std::move(external_firmware_handlers)) {}
-void FirmwareHandler::ProcessFirmwareEvent(const Uevent& uevent) {
- int booting = IsBooting();
+Result<std::string> FirmwareHandler::RunExternalHandler(const std::string& handler, uid_t uid,
+ const Uevent& uevent) const {
+ unique_fd child_stdout;
+ unique_fd parent_stdout;
+ if (!Socketpair(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0, &child_stdout, &parent_stdout)) {
+ return ErrnoError() << "Socketpair() for stdout failed";
+ }
+ unique_fd child_stderr;
+ unique_fd parent_stderr;
+ if (!Socketpair(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0, &child_stderr, &parent_stderr)) {
+ return ErrnoError() << "Socketpair() for stderr failed";
+ }
+
+ signal(SIGCHLD, SIG_DFL);
+
+ auto pid = fork();
+ if (pid < 0) {
+ return ErrnoError() << "fork() failed";
+ }
+
+ if (pid == 0) {
+ setenv("FIRMWARE", uevent.firmware.c_str(), 1);
+ setenv("DEVPATH", uevent.path.c_str(), 1);
+ parent_stdout.reset();
+ parent_stderr.reset();
+ close(STDOUT_FILENO);
+ close(STDERR_FILENO);
+ dup2(child_stdout.get(), STDOUT_FILENO);
+ dup2(child_stderr.get(), STDERR_FILENO);
+
+ auto args = Split(handler, " ");
+ std::vector<char*> c_args;
+ for (auto& arg : args) {
+ c_args.emplace_back(arg.data());
+ }
+ c_args.emplace_back(nullptr);
+
+ if (setuid(uid) != 0) {
+ fprintf(stderr, "setuid() failed: %s", strerror(errno));
+ _exit(EXIT_FAILURE);
+ }
+
+ execv(c_args[0], c_args.data());
+ fprintf(stderr, "exec() failed: %s", strerror(errno));
+ _exit(EXIT_FAILURE);
+ }
+
+ child_stdout.reset();
+ child_stderr.reset();
+
+ int status;
+ pid_t waited_pid = TEMP_FAILURE_RETRY(waitpid(pid, &status, 0));
+ if (waited_pid == -1) {
+ return ErrnoError() << "waitpid() failed";
+ }
+
+ std::string stdout_content;
+ if (!ReadFdToString(parent_stdout.get(), &stdout_content)) {
+ return ErrnoError() << "ReadFdToString() for stdout failed";
+ }
+
+ std::string stderr_content;
+ if (ReadFdToString(parent_stderr.get(), &stderr_content)) {
+ auto messages = Split(stderr_content, "\n");
+ for (const auto& message : messages) {
+ if (!message.empty()) {
+ LOG(ERROR) << "External Firmware Handler: " << message;
+ }
+ }
+ } else {
+ LOG(ERROR) << "ReadFdToString() for stderr failed";
+ }
+
+ if (WIFEXITED(status)) {
+ if (WEXITSTATUS(status) == EXIT_SUCCESS) {
+ return Trim(stdout_content);
+ } else {
+ return Error() << "exited with status " << WEXITSTATUS(status);
+ }
+ } else if (WIFSIGNALED(status)) {
+ return Error() << "killed by signal " << WTERMSIG(status);
+ }
+
+ return Error() << "unexpected exit status " << status;
+}
+
+std::string FirmwareHandler::GetFirmwarePath(const Uevent& uevent) const {
+ for (const auto& external_handler : external_firmware_handlers_) {
+ if (external_handler.devpath == uevent.path) {
+ LOG(INFO) << "Launching external firmware handler '" << external_handler.handler_path
+ << "' for devpath: '" << uevent.path << "' firmware: '" << uevent.firmware
+ << "'";
+
+ auto result =
+ RunExternalHandler(external_handler.handler_path, external_handler.uid, uevent);
+ if (!result) {
+ LOG(ERROR) << "Using default firmware; External firmware handler failed: "
+ << result.error();
+ return uevent.firmware;
+ }
+ if (result->find("..") != std::string::npos) {
+ LOG(ERROR) << "Using default firmware; External firmware handler provided an "
+ "invalid path, '"
+ << *result << "'";
+ return uevent.firmware;
+ }
+ LOG(INFO) << "Loading firmware '" << *result << "' in place of '" << uevent.firmware
+ << "'";
+ return *result;
+ }
+ }
LOG(INFO) << "firmware: loading '" << uevent.firmware << "' for '" << uevent.path << "'";
+ return uevent.firmware;
+}
- std::string root = "/sys" + uevent.path;
+void FirmwareHandler::ProcessFirmwareEvent(const std::string& root,
+ const std::string& firmware) const {
std::string loading = root + "/loading";
std::string data = root + "/data";
unique_fd loading_fd(open(loading.c_str(), O_WRONLY | O_CLOEXEC));
if (loading_fd == -1) {
- PLOG(ERROR) << "couldn't open firmware loading fd for " << uevent.firmware;
+ PLOG(ERROR) << "couldn't open firmware loading fd for " << firmware;
return;
}
unique_fd data_fd(open(data.c_str(), O_WRONLY | O_CLOEXEC));
if (data_fd == -1) {
- PLOG(ERROR) << "couldn't open firmware data fd for " << uevent.firmware;
+ PLOG(ERROR) << "couldn't open firmware data fd for " << firmware;
return;
}
std::vector<std::string> attempted_paths_and_errors;
+ int booting = IsBooting();
try_loading_again:
attempted_paths_and_errors.clear();
for (const auto& firmware_directory : firmware_directories_) {
- std::string file = firmware_directory + uevent.firmware;
+ std::string file = firmware_directory + firmware;
unique_fd fw_fd(open(file.c_str(), O_RDONLY | O_CLOEXEC));
if (fw_fd == -1) {
attempted_paths_and_errors.emplace_back("firmware: attempted " + file +
@@ -98,7 +221,7 @@
", fstat failed: " + strerror(errno));
continue;
}
- LoadFirmware(uevent, root, fw_fd, sb.st_size, loading_fd, data_fd);
+ LoadFirmware(firmware, root, fw_fd, sb.st_size, loading_fd, data_fd);
return;
}
@@ -110,7 +233,7 @@
goto try_loading_again;
}
- LOG(ERROR) << "firmware: could not find firmware for " << uevent.firmware;
+ LOG(ERROR) << "firmware: could not find firmware for " << firmware;
for (const auto& message : attempted_paths_and_errors) {
LOG(ERROR) << message;
}
@@ -129,7 +252,8 @@
}
if (pid == 0) {
Timer t;
- ProcessFirmwareEvent(uevent);
+ auto firmware = GetFirmwarePath(uevent);
+ ProcessFirmwareEvent("/sys" + uevent.path, firmware);
LOG(INFO) << "loading " << uevent.path << " took " << t;
_exit(EXIT_SUCCESS);
}
diff --git a/init/firmware_handler.h b/init/firmware_handler.h
index 3996096..b4138f1 100644
--- a/init/firmware_handler.h
+++ b/init/firmware_handler.h
@@ -14,32 +14,48 @@
* limitations under the License.
*/
-#ifndef _INIT_FIRMWARE_HANDLER_H
-#define _INIT_FIRMWARE_HANDLER_H
+#pragma once
+
+#include <pwd.h>
#include <string>
#include <vector>
+#include "result.h"
#include "uevent.h"
#include "uevent_handler.h"
namespace android {
namespace init {
+struct ExternalFirmwareHandler {
+ ExternalFirmwareHandler(std::string devpath, uid_t uid, std::string handler_path)
+ : devpath(std::move(devpath)), uid(uid), handler_path(std::move(handler_path)) {}
+ std::string devpath;
+ uid_t uid;
+ std::string handler_path;
+};
+
class FirmwareHandler : public UeventHandler {
public:
- explicit FirmwareHandler(std::vector<std::string> firmware_directories);
+ FirmwareHandler(std::vector<std::string> firmware_directories,
+ std::vector<ExternalFirmwareHandler> external_firmware_handlers);
virtual ~FirmwareHandler() = default;
void HandleUevent(const Uevent& uevent) override;
private:
- void ProcessFirmwareEvent(const Uevent& uevent);
+ friend void FirmwareTestWithExternalHandler(const std::string& test_name,
+ bool expect_new_firmware);
+
+ Result<std::string> RunExternalHandler(const std::string& handler, uid_t uid,
+ const Uevent& uevent) const;
+ std::string GetFirmwarePath(const Uevent& uevent) const;
+ void ProcessFirmwareEvent(const std::string& root, const std::string& firmware) const;
std::vector<std::string> firmware_directories_;
+ std::vector<ExternalFirmwareHandler> external_firmware_handlers_;
};
} // namespace init
} // namespace android
-
-#endif
diff --git a/init/firmware_handler_test.cpp b/init/firmware_handler_test.cpp
new file mode 100644
index 0000000..7bb603c
--- /dev/null
+++ b/init/firmware_handler_test.cpp
@@ -0,0 +1,125 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "firmware_handler.h"
+
+#include <stdlib.h>
+#include <iostream>
+
+#include <android-base/file.h>
+#include <gtest/gtest.h>
+
+#include "uevent.h"
+
+using android::base::GetExecutablePath;
+using namespace std::literals;
+
+namespace android {
+namespace init {
+
+void FirmwareTestWithExternalHandler(const std::string& test_name, bool expect_new_firmware) {
+ auto test_path = GetExecutablePath() + " firmware " + test_name;
+ auto external_firmware_handler = ExternalFirmwareHandler(
+ "/devices/led/firmware/test_firmware001.bin", getuid(), test_path);
+
+ auto firmware_handler = FirmwareHandler({"/test"}, {external_firmware_handler});
+
+ auto uevent = Uevent{
+ .path = "/devices/led/firmware/test_firmware001.bin",
+ .firmware = "test_firmware001.bin",
+ };
+
+ if (expect_new_firmware) {
+ EXPECT_EQ("other_firmware001.bin", firmware_handler.GetFirmwarePath(uevent));
+ } else {
+ EXPECT_EQ("test_firmware001.bin", firmware_handler.GetFirmwarePath(uevent));
+ }
+
+ // Always test the base case that the handler isn't invoked if the devpath doesn't match.
+ auto uevent_different_path = Uevent{
+ .path = "/devices/led/not/mine",
+ .firmware = "test_firmware001.bin",
+ };
+ EXPECT_EQ("test_firmware001.bin", firmware_handler.GetFirmwarePath(uevent_different_path));
+}
+
+TEST(firmware_handler, HandleChange) {
+ FirmwareTestWithExternalHandler("HandleChange", true);
+}
+
+int HandleChange(int argc, char** argv) {
+ // Assert that the environment is set up correctly.
+ if (getenv("DEVPATH") != "/devices/led/firmware/test_firmware001.bin"s) {
+ std::cerr << "$DEVPATH not set correctly" << std::endl;
+ return EXIT_FAILURE;
+ }
+ if (getenv("FIRMWARE") != "test_firmware001.bin"s) {
+ std::cerr << "$FIRMWARE not set correctly" << std::endl;
+ return EXIT_FAILURE;
+ }
+ std::cout << "other_firmware001.bin" << std::endl;
+ return 0;
+}
+
+TEST(firmware_handler, HandleAbort) {
+ FirmwareTestWithExternalHandler("HandleAbort", false);
+}
+
+int HandleAbort(int argc, char** argv) {
+ abort();
+ return 0;
+}
+
+TEST(firmware_handler, HandleFailure) {
+ FirmwareTestWithExternalHandler("HandleFailure", false);
+}
+
+int HandleFailure(int argc, char** argv) {
+ std::cerr << "Failed" << std::endl;
+ return EXIT_FAILURE;
+}
+
+TEST(firmware_handler, HandleBadPath) {
+ FirmwareTestWithExternalHandler("HandleBadPath", false);
+}
+
+int HandleBadPath(int argc, char** argv) {
+ std::cout << "../firmware.bin";
+ return 0;
+}
+
+} // namespace init
+} // namespace android
+
+// init_test.cpp contains the main entry point for all init tests.
+int FirmwareTestChildMain(int argc, char** argv) {
+ if (argc < 3) {
+ return 1;
+ }
+
+#define RunTest(testname) \
+ if (argv[2] == std::string(#testname)) { \
+ return android::init::testname(argc, argv); \
+ }
+
+ RunTest(HandleChange);
+ RunTest(HandleAbort);
+ RunTest(HandleFailure);
+ RunTest(HandleBadPath);
+
+#undef RunTest
+ return 1;
+}
diff --git a/init/first_stage_mount.cpp b/init/first_stage_mount.cpp
index 6b4216f..9121bac 100644
--- a/init/first_stage_mount.cpp
+++ b/init/first_stage_mount.cpp
@@ -50,12 +50,13 @@
using android::fs_mgr::AvbHandleStatus;
using android::fs_mgr::AvbHashtreeResult;
using android::fs_mgr::AvbUniquePtr;
-using android::fs_mgr::BuildGsiSystemFstabEntry;
using android::fs_mgr::Fstab;
using android::fs_mgr::FstabEntry;
using android::fs_mgr::ReadDefaultFstab;
using android::fs_mgr::ReadFstabFromDt;
using android::fs_mgr::SkipMountingPartitions;
+using android::fs_mgr::TransformFstabForDsu;
+using android::init::WriteFile;
using android::snapshot::SnapshotManager;
using namespace std::literals;
@@ -77,8 +78,9 @@
bool InitDevices();
protected:
- ListenerAction HandleBlockDevice(const std::string& name, const Uevent&);
- bool InitRequiredDevices();
+ ListenerAction HandleBlockDevice(const std::string& name, const Uevent&,
+ std::set<std::string>* required_devices);
+ bool InitRequiredDevices(std::set<std::string> devices);
bool InitMappedDevice(const std::string& verity_device);
bool InitDeviceMapper();
bool CreateLogicalPartitions();
@@ -89,14 +91,14 @@
bool TrySwitchSystemAsRoot();
bool TrySkipMountingPartitions();
bool IsDmLinearEnabled();
- bool GetDmLinearMetadataDevice();
+ void GetDmLinearMetadataDevice(std::set<std::string>* devices);
bool InitDmLinearBackingDevices(const android::fs_mgr::LpMetadata& metadata);
void UseGsiIfPresent();
- ListenerAction UeventCallback(const Uevent& uevent);
+ ListenerAction UeventCallback(const Uevent& uevent, std::set<std::string>* required_devices);
// Pure virtual functions.
- virtual bool GetDmVerityDevices() = 0;
+ virtual bool GetDmVerityDevices(std::set<std::string>* devices) = 0;
virtual bool SetUpDmVerity(FstabEntry* fstab_entry) = 0;
bool need_dm_verity_;
@@ -104,7 +106,6 @@
Fstab fstab_;
std::string lp_metadata_partition_;
- std::set<std::string> required_devices_partition_names_;
std::string super_partition_name_;
std::unique_ptr<DeviceHandler> device_handler_;
UeventListener uevent_listener_;
@@ -116,7 +117,7 @@
~FirstStageMountVBootV1() override = default;
protected:
- bool GetDmVerityDevices() override;
+ bool GetDmVerityDevices(std::set<std::string>* devices) override;
bool SetUpDmVerity(FstabEntry* fstab_entry) override;
};
@@ -128,7 +129,7 @@
~FirstStageMountVBootV2() override = default;
protected:
- bool GetDmVerityDevices() override;
+ bool GetDmVerityDevices(std::set<std::string>* devices) override;
bool SetUpDmVerity(FstabEntry* fstab_entry) override;
bool InitAvbHandle();
@@ -252,7 +253,13 @@
}
bool FirstStageMount::InitDevices() {
- return GetDmLinearMetadataDevice() && GetDmVerityDevices() && InitRequiredDevices();
+ std::set<std::string> devices;
+ GetDmLinearMetadataDevice(&devices);
+
+ if (!GetDmVerityDevices(&devices)) {
+ return false;
+ }
+ return InitRequiredDevices(std::move(devices));
}
bool FirstStageMount::IsDmLinearEnabled() {
@@ -262,45 +269,46 @@
return false;
}
-bool FirstStageMount::GetDmLinearMetadataDevice() {
+void FirstStageMount::GetDmLinearMetadataDevice(std::set<std::string>* devices) {
// Add any additional devices required for dm-linear mappings.
if (!IsDmLinearEnabled()) {
- return true;
+ return;
}
- required_devices_partition_names_.emplace(super_partition_name_);
- return true;
+ devices->emplace(super_partition_name_);
}
-// Creates devices with uevent->partition_name matching one in the member variable
-// required_devices_partition_names_. Found partitions will then be removed from it
-// for the subsequent member function to check which devices are NOT created.
-bool FirstStageMount::InitRequiredDevices() {
+// Creates devices with uevent->partition_name matching ones in the given set.
+// Found partitions will then be removed from it for the subsequent member
+// function to check which devices are NOT created.
+bool FirstStageMount::InitRequiredDevices(std::set<std::string> devices) {
if (!InitDeviceMapper()) {
return false;
}
- if (required_devices_partition_names_.empty()) {
+ if (devices.empty()) {
return true;
}
- auto uevent_callback = [this](const Uevent& uevent) { return UeventCallback(uevent); };
+ auto uevent_callback = [&, this](const Uevent& uevent) {
+ return UeventCallback(uevent, &devices);
+ };
uevent_listener_.RegenerateUevents(uevent_callback);
- // UeventCallback() will remove found partitions from required_devices_partition_names_.
- // So if it isn't empty here, it means some partitions are not found.
- if (!required_devices_partition_names_.empty()) {
+ // UeventCallback() will remove found partitions from |devices|. So if it
+ // isn't empty here, it means some partitions are not found.
+ if (!devices.empty()) {
LOG(INFO) << __PRETTY_FUNCTION__
<< ": partition(s) not found in /sys, waiting for their uevent(s): "
- << android::base::Join(required_devices_partition_names_, ", ");
+ << android::base::Join(devices, ", ");
Timer t;
uevent_listener_.Poll(uevent_callback, 10s);
LOG(INFO) << "Wait for partitions returned after " << t;
}
- if (!required_devices_partition_names_.empty()) {
+ if (!devices.empty()) {
LOG(ERROR) << __PRETTY_FUNCTION__ << ": partition(s) not found after polling timeout: "
- << android::base::Join(required_devices_partition_names_, ", ");
+ << android::base::Join(devices, ", ");
return false;
}
@@ -333,27 +341,20 @@
}
bool FirstStageMount::InitDmLinearBackingDevices(const android::fs_mgr::LpMetadata& metadata) {
+ std::set<std::string> devices;
+
auto partition_names = android::fs_mgr::GetBlockDevicePartitionNames(metadata);
for (const auto& partition_name : partition_names) {
// The super partition was found in the earlier pass.
if (partition_name == super_partition_name_) {
continue;
}
- required_devices_partition_names_.emplace(partition_name);
+ devices.emplace(partition_name);
}
- if (required_devices_partition_names_.empty()) {
+ if (devices.empty()) {
return true;
}
-
- auto uevent_callback = [this](const Uevent& uevent) { return UeventCallback(uevent); };
- uevent_listener_.RegenerateUevents(uevent_callback);
-
- if (!required_devices_partition_names_.empty()) {
- LOG(ERROR) << __PRETTY_FUNCTION__ << ": partition(s) not found after polling timeout: "
- << android::base::Join(required_devices_partition_names_, ", ");
- return false;
- }
- return true;
+ return InitRequiredDevices(std::move(devices));
}
bool FirstStageMount::CreateLogicalPartitions() {
@@ -372,6 +373,11 @@
return false;
}
if (sm->NeedSnapshotsInFirstStageMount()) {
+ // When COW images are present for snapshots, they are stored on
+ // the data partition.
+ if (!InitRequiredDevices({"userdata"})) {
+ return false;
+ }
return sm->CreateLogicalAndSnapshotPartitions(lp_metadata_partition_);
}
}
@@ -387,20 +393,21 @@
return android::fs_mgr::CreateLogicalPartitions(*metadata.get(), lp_metadata_partition_);
}
-ListenerAction FirstStageMount::HandleBlockDevice(const std::string& name, const Uevent& uevent) {
+ListenerAction FirstStageMount::HandleBlockDevice(const std::string& name, const Uevent& uevent,
+ std::set<std::string>* required_devices) {
// Matches partition name to create device nodes.
// Both required_devices_partition_names_ and uevent->partition_name have A/B
// suffix when A/B is used.
- auto iter = required_devices_partition_names_.find(name);
- if (iter != required_devices_partition_names_.end()) {
+ auto iter = required_devices->find(name);
+ if (iter != required_devices->end()) {
LOG(VERBOSE) << __PRETTY_FUNCTION__ << ": found partition: " << *iter;
if (IsDmLinearEnabled() && name == super_partition_name_) {
std::vector<std::string> links = device_handler_->GetBlockDeviceSymlinks(uevent);
lp_metadata_partition_ = links[0];
}
- required_devices_partition_names_.erase(iter);
+ required_devices->erase(iter);
device_handler_->HandleUevent(uevent);
- if (required_devices_partition_names_.empty()) {
+ if (required_devices->empty()) {
return ListenerAction::kStop;
} else {
return ListenerAction::kContinue;
@@ -409,18 +416,19 @@
return ListenerAction::kContinue;
}
-ListenerAction FirstStageMount::UeventCallback(const Uevent& uevent) {
+ListenerAction FirstStageMount::UeventCallback(const Uevent& uevent,
+ std::set<std::string>* required_devices) {
// Ignores everything that is not a block device.
if (uevent.subsystem != "block") {
return ListenerAction::kContinue;
}
if (!uevent.partition_name.empty()) {
- return HandleBlockDevice(uevent.partition_name, uevent);
+ return HandleBlockDevice(uevent.partition_name, uevent, required_devices);
} else {
size_t base_idx = uevent.path.rfind('/');
if (base_idx != std::string::npos) {
- return HandleBlockDevice(uevent.path.substr(base_idx + 1), uevent);
+ return HandleBlockDevice(uevent.path.substr(base_idx + 1), uevent, required_devices);
}
}
// Not found a partition or find an unneeded partition, continue to find others.
@@ -577,17 +585,7 @@
const auto devices = fs_mgr_overlayfs_required_devices(&fstab_);
for (auto const& device : devices) {
if (android::base::StartsWith(device, "/dev/block/by-name/")) {
- required_devices_partition_names_.emplace(basename(device.c_str()));
- auto uevent_callback = [this](const Uevent& uevent) { return UeventCallback(uevent); };
- uevent_listener_.RegenerateUevents(uevent_callback);
- if (!required_devices_partition_names_.empty()) {
- uevent_listener_.Poll(uevent_callback, 10s);
- if (!required_devices_partition_names_.empty()) {
- LOG(ERROR) << __PRETTY_FUNCTION__
- << ": partition(s) not found after polling timeout: "
- << android::base::Join(required_devices_partition_names_, ", ");
- }
- }
+ InitRequiredDevices({basename(device.c_str())});
} else {
InitMappedDevice(device);
}
@@ -599,14 +597,14 @@
}
void FirstStageMount::UseGsiIfPresent() {
- std::string metadata_file, error;
+ std::string error;
- if (!android::gsi::CanBootIntoGsi(&metadata_file, &error)) {
+ if (!android::gsi::CanBootIntoGsi(&error)) {
LOG(INFO) << "GSI " << error << ", proceeding with normal boot";
return;
}
- auto metadata = android::fs_mgr::ReadFromImageFile(metadata_file.c_str());
+ auto metadata = android::fs_mgr::ReadFromImageFile(gsi::kDsuLpMetadataFile);
if (!metadata) {
LOG(ERROR) << "GSI partition layout could not be read";
return;
@@ -630,18 +628,20 @@
return;
}
- // Replace the existing system fstab entry.
- auto system_partition = std::find_if(fstab_.begin(), fstab_.end(), [](const auto& entry) {
- return entry.mount_point == "/system";
- });
- if (system_partition != fstab_.end()) {
- fstab_.erase(system_partition);
+ std::string lp_names = "";
+ std::vector<std::string> dsu_partitions;
+ for (auto&& partition : metadata->partitions) {
+ auto name = fs_mgr::GetPartitionName(partition);
+ dsu_partitions.push_back(name);
+ lp_names += name + ",";
}
- fstab_.emplace_back(BuildGsiSystemFstabEntry());
+ // Publish the logical partition names for TransformFstabForDsu
+ WriteFile(gsi::kGsiLpNamesFile, lp_names);
+ TransformFstabForDsu(&fstab_, dsu_partitions);
gsi_not_on_userdata_ = (super_name != "userdata");
}
-bool FirstStageMountVBootV1::GetDmVerityDevices() {
+bool FirstStageMountVBootV1::GetDmVerityDevices(std::set<std::string>* devices) {
need_dm_verity_ = false;
for (const auto& fstab_entry : fstab_) {
@@ -660,7 +660,7 @@
// Notes that fstab_rec->blk_device has A/B suffix updated by fs_mgr when A/B is used.
for (const auto& fstab_entry : fstab_) {
if (!fstab_entry.fs_mgr_flags.logical) {
- required_devices_partition_names_.emplace(basename(fstab_entry.blk_device.c_str()));
+ devices->emplace(basename(fstab_entry.blk_device.c_str()));
}
}
@@ -711,7 +711,7 @@
}
}
-bool FirstStageMountVBootV2::GetDmVerityDevices() {
+bool FirstStageMountVBootV2::GetDmVerityDevices(std::set<std::string>* devices) {
need_dm_verity_ = false;
std::set<std::string> logical_partitions;
@@ -725,7 +725,7 @@
// Don't try to find logical partitions via uevent regeneration.
logical_partitions.emplace(basename(fstab_entry.blk_device.c_str()));
} else {
- required_devices_partition_names_.emplace(basename(fstab_entry.blk_device.c_str()));
+ devices->emplace(basename(fstab_entry.blk_device.c_str()));
}
}
@@ -742,11 +742,11 @@
if (logical_partitions.count(partition_name)) {
continue;
}
- // required_devices_partition_names_ is of type std::set so it's not an issue
- // to emplace a partition twice. e.g., /vendor might be in both places:
+ // devices is of type std::set so it's not an issue to emplace a
+ // partition twice. e.g., /vendor might be in both places:
// - device_tree_vbmeta_parts_ = "vbmeta,boot,system,vendor"
// - mount_fstab_recs_: /vendor_a
- required_devices_partition_names_.emplace(partition_name);
+ devices->emplace(partition_name);
}
}
return true;
diff --git a/init/fscrypt_init_extensions.cpp b/init/fscrypt_init_extensions.cpp
index 9c2ca75..bd23e31 100644
--- a/init/fscrypt_init_extensions.cpp
+++ b/init/fscrypt_init_extensions.cpp
@@ -38,7 +38,7 @@
#define TAG "fscrypt"
-static int set_system_de_policy_on(const std::string& dir);
+static int set_policy_on(const std::string& ref_basename, const std::string& dir);
int fscrypt_install_keyring() {
key_serial_t device_keyring = add_key("keyring", "fscrypt", 0, 0, KEY_SPEC_SESSION_KEYRING);
@@ -104,7 +104,7 @@
// Special-case /data/media/obb per b/64566063
if (dir == "/data/media/obb") {
// Try to set policy on this directory, but if it is non-empty this may fail.
- set_system_de_policy_on(dir);
+ set_policy_on(fscrypt_key_ref, dir);
return 0;
}
@@ -135,7 +135,16 @@
return 0;
}
}
- int err = set_system_de_policy_on(dir);
+ std::vector<std::string> per_boot_directories = {
+ "per_boot",
+ };
+ for (const auto& d : per_boot_directories) {
+ if ((prefix + d) == dir) {
+ LOG(INFO) << "Setting per_boot key on " << dir;
+ return set_policy_on(fscrypt_key_per_boot_ref, dir);
+ }
+ }
+ int err = set_policy_on(fscrypt_key_ref, dir);
if (err == 0) {
return 0;
}
@@ -147,15 +156,15 @@
if ((prefix + d) == dir) {
LOG(ERROR) << "Setting policy failed, deleting: " << dir;
delete_dir_contents(dir);
- err = set_system_de_policy_on(dir);
+ err = set_policy_on(fscrypt_key_ref, dir);
break;
}
}
return err;
}
-static int set_system_de_policy_on(const std::string& dir) {
- std::string ref_filename = std::string("/data") + fscrypt_key_ref;
+static int set_policy_on(const std::string& ref_basename, const std::string& dir) {
+ std::string ref_filename = std::string("/data") + ref_basename;
std::string policy;
if (!android::base::ReadFileToString(ref_filename, &policy)) {
LOG(ERROR) << "Unable to read system policy to set on " << dir;
diff --git a/init/host_init_stubs.h b/init/host_init_stubs.h
index f9a08a5..e3068b2 100644
--- a/init/host_init_stubs.h
+++ b/init/host_init_stubs.h
@@ -34,6 +34,11 @@
namespace android {
namespace init {
+// init.h
+inline void EnterShutdown(const std::string&) {
+ abort();
+}
+
// property_service.h
inline bool CanReadProperty(const std::string&, const std::string&) {
return true;
diff --git a/init/init.cpp b/init/init.cpp
index 1f74ab6..ad31fa0 100644
--- a/init/init.cpp
+++ b/init/init.cpp
@@ -19,7 +19,6 @@
#include <dirent.h>
#include <fcntl.h>
#include <pthread.h>
-#include <seccomp_policy.h>
#include <signal.h>
#include <stdlib.h>
#include <string.h>
@@ -28,6 +27,9 @@
#include <sys/types.h>
#include <unistd.h>
+#define _REALLY_INCLUDE_SYS__SYSTEM_PROPERTIES_H_
+#include <sys/_system_properties.h>
+
#include <functional>
#include <map>
#include <memory>
@@ -60,6 +62,7 @@
#include "mount_handler.h"
#include "mount_namespace.h"
#include "property_service.h"
+#include "proto_utils.h"
#include "reboot.h"
#include "reboot_utils.h"
#include "security.h"
@@ -68,6 +71,7 @@
#include "service.h"
#include "service_parser.h"
#include "sigchld_handler.h"
+#include "system/core/init/property_service.pb.h"
#include "util.h"
using namespace std::chrono_literals;
@@ -89,6 +93,7 @@
static char qemu[32];
static int signal_fd = -1;
+static int property_fd = -1;
static std::unique_ptr<Timer> waiting_for_prop(nullptr);
static std::string wait_prop_name;
@@ -98,7 +103,7 @@
static bool do_shutdown = false;
static bool load_debug_prop = false;
-static std::vector<Subcontext>* subcontexts;
+static std::unique_ptr<Subcontext> subcontext;
void DumpState() {
ServiceList::GetInstance().DumpState();
@@ -108,9 +113,10 @@
Parser CreateParser(ActionManager& action_manager, ServiceList& service_list) {
Parser parser;
- parser.AddSectionParser(
- "service", std::make_unique<ServiceParser>(&service_list, subcontexts, std::nullopt));
- parser.AddSectionParser("on", std::make_unique<ActionParser>(&action_manager, subcontexts));
+ parser.AddSectionParser("service", std::make_unique<ServiceParser>(
+ &service_list, subcontext.get(), std::nullopt));
+ parser.AddSectionParser("on",
+ std::make_unique<ActionParser>(&action_manager, subcontext.get()));
parser.AddSectionParser("import", std::make_unique<ImportParser>(&parser));
return parser;
@@ -120,8 +126,8 @@
Parser CreateServiceOnlyParser(ServiceList& service_list) {
Parser parser;
- parser.AddSectionParser(
- "service", std::make_unique<ServiceParser>(&service_list, subcontexts, std::nullopt));
+ parser.AddSectionParser("service", std::make_unique<ServiceParser>(
+ &service_list, subcontext.get(), std::nullopt));
return parser;
}
@@ -174,6 +180,16 @@
waiting_for_prop.reset();
}
+void EnterShutdown(const std::string& command) {
+ // We can't call HandlePowerctlMessage() directly in this function,
+ // because it modifies the contents of the action queue, which can cause the action queue
+ // to get into a bad state if this function is called from a command being executed by the
+ // action queue. Instead we set this flag and ensure that shutdown happens before the next
+ // command is run in the main init loop.
+ shutdown_command = command;
+ do_shutdown = true;
+}
+
void property_changed(const std::string& name, const std::string& value) {
// If the property is sys.powerctl, we bypass the event queue and immediately handle it.
// This is to ensure that init will always and immediately shutdown/reboot, regardless of
@@ -182,16 +198,7 @@
// In non-thermal-shutdown case, 'shutdown' trigger will be fired to let device specific
// commands to be executed.
if (name == "sys.powerctl") {
- // Despite the above comment, we can't call HandlePowerctlMessage() in this function,
- // because it modifies the contents of the action queue, which can cause the action queue
- // to get into a bad state if this function is called from a command being executed by the
- // action queue. Instead we set this flag and ensure that shutdown happens before the next
- // command is run in the main init loop.
- // TODO: once property service is removed from init, this will never happen from a builtin,
- // but rather from a callback from the property service socket, in which case this hack can
- // go away.
- shutdown_command = value;
- do_shutdown = true;
+ EnterShutdown(value);
}
if (property_triggers_enabled) ActionManager::GetInstance().QueuePropertyChange(name, value);
@@ -574,15 +581,6 @@
}
}
-static void GlobalSeccomp() {
- import_kernel_cmdline(false, [](const std::string& key, const std::string& value,
- bool in_qemu) {
- if (key == "androidboot.seccomp" && value == "global" && !set_global_seccomp_filter()) {
- LOG(FATAL) << "Failed to globally enable seccomp!";
- }
- });
-}
-
static void UmountDebugRamdisk() {
if (umount("/debug_ramdisk") != 0) {
LOG(ERROR) << "Failed to umount /debug_ramdisk";
@@ -614,6 +612,60 @@
selinux_start_time_ns));
}
+void SendLoadPersistentPropertiesMessage() {
+ auto init_message = InitMessage{};
+ init_message.set_load_persistent_properties(true);
+ if (auto result = SendMessage(property_fd, init_message); !result) {
+ LOG(ERROR) << "Failed to send load persistent properties message: " << result.error();
+ }
+}
+
+void SendStopSendingMessagesMessage() {
+ auto init_message = InitMessage{};
+ init_message.set_stop_sending_messages(true);
+ if (auto result = SendMessage(property_fd, init_message); !result) {
+ LOG(ERROR) << "Failed to send load persistent properties message: " << result.error();
+ }
+}
+
+static void HandlePropertyFd() {
+ auto message = ReadMessage(property_fd);
+ if (!message) {
+ LOG(ERROR) << "Could not read message from property service: " << message.error();
+ return;
+ }
+
+ auto property_message = PropertyMessage{};
+ if (!property_message.ParseFromString(*message)) {
+ LOG(ERROR) << "Could not parse message from property service";
+ return;
+ }
+
+ switch (property_message.msg_case()) {
+ case PropertyMessage::kControlMessage: {
+ auto& control_message = property_message.control_message();
+ bool success = HandleControlMessage(control_message.msg(), control_message.name(),
+ control_message.pid());
+
+ uint32_t response = success ? PROP_SUCCESS : PROP_ERROR_HANDLE_CONTROL_MESSAGE;
+ if (control_message.has_fd()) {
+ int fd = control_message.fd();
+ TEMP_FAILURE_RETRY(send(fd, &response, sizeof(response), 0));
+ close(fd);
+ }
+ break;
+ }
+ case PropertyMessage::kChangedMessage: {
+ auto& changed_message = property_message.changed_message();
+ property_changed(changed_message.name(), changed_message.value());
+ break;
+ }
+ default:
+ LOG(ERROR) << "Unknown message type from property service: "
+ << property_message.msg_case();
+ }
+}
+
int SecondStageMain(int argc, char** argv) {
if (REBOOT_BOOTLOADER_ON_PANIC) {
InstallRebootSignalHandlers();
@@ -630,9 +682,6 @@
LOG(ERROR) << "Unable to write -1000 to /proc/1/oom_score_adj: " << result.error();
}
- // Enable seccomp if global boot option was passed (otherwise it is enabled in zygote).
- GlobalSeccomp();
-
// Set up a session keyring that all processes will have access to. It
// will hold things like FBE encryption keys. No process should override
// its session keyring.
@@ -685,7 +734,12 @@
UmountDebugRamdisk();
fs_mgr_vendor_overlay_mount_all();
export_oem_lock_status();
- StartPropertyService(&epoll);
+
+ StartPropertyService(&property_fd);
+ if (auto result = epoll.RegisterHandler(property_fd, HandlePropertyFd); !result) {
+ LOG(FATAL) << "Could not register epoll handler for property fd: " << result.error();
+ }
+
MountHandler mount_handler(&epoll);
set_usb_controller();
@@ -696,7 +750,7 @@
PLOG(FATAL) << "SetupMountNamespaces failed";
}
- subcontexts = InitializeSubcontexts();
+ subcontext = InitializeSubcontext();
ActionManager& am = ActionManager::GetInstance();
ServiceList& sm = ServiceList::GetInstance();
diff --git a/init/init.h b/init/init.h
index cfc28f1..61fb110 100644
--- a/init/init.h
+++ b/init/init.h
@@ -31,9 +31,7 @@
Parser CreateParser(ActionManager& action_manager, ServiceList& service_list);
Parser CreateServiceOnlyParser(ServiceList& service_list);
-bool HandleControlMessage(const std::string& msg, const std::string& arg, pid_t pid);
-
-void property_changed(const std::string& name, const std::string& value);
+void EnterShutdown(const std::string& command);
bool start_waiting_for_property(const char *name, const char *value);
@@ -41,6 +39,9 @@
void ResetWaitForProp();
+void SendLoadPersistentPropertiesMessage();
+void SendStopSendingMessagesMessage();
+
int SecondStageMain(int argc, char** argv);
} // namespace init
diff --git a/init/init_test.cpp b/init/init_test.cpp
index 0411214..315d584 100644
--- a/init/init_test.cpp
+++ b/init/init_test.cpp
@@ -221,3 +221,19 @@
} // namespace init
} // namespace android
+
+int SubcontextTestChildMain(int, char**);
+int FirmwareTestChildMain(int, char**);
+
+int main(int argc, char** argv) {
+ if (argc > 1 && !strcmp(argv[1], "subcontext")) {
+ return SubcontextTestChildMain(argc, argv);
+ }
+
+ if (argc > 1 && !strcmp(argv[1], "firmware")) {
+ return FirmwareTestChildMain(argc, argv);
+ }
+
+ testing::InitGoogleTest(&argc, argv);
+ return RUN_ALL_TESTS();
+}
diff --git a/init/interface_utils.cpp b/init/interface_utils.cpp
index a54860f..ddbacd7 100644
--- a/init/interface_utils.cpp
+++ b/init/interface_utils.cpp
@@ -77,6 +77,12 @@
const InterfaceInheritanceHierarchyMap& hierarchy) {
std::set<FQName> interface_fqnames;
for (const std::string& instance : instances) {
+ // There is insufficient build-time information on AIDL interfaces to check them here
+ // TODO(b/139307527): Rework how services store interfaces to avoid excess string parsing
+ if (base::Split(instance, "/")[0] == "aidl") {
+ continue;
+ }
+
FqInstance fqinstance;
if (!fqinstance.setTo(instance)) {
return Error() << "Unable to parse interface instance '" << instance << "'";
diff --git a/init/property_service.cpp b/init/property_service.cpp
index 3408ff3..f5d1143 100644
--- a/init/property_service.cpp
+++ b/init/property_service.cpp
@@ -42,6 +42,7 @@
#include <map>
#include <memory>
#include <mutex>
+#include <optional>
#include <queue>
#include <thread>
#include <vector>
@@ -63,8 +64,10 @@
#include "init.h"
#include "persistent_properties.h"
#include "property_type.h"
+#include "proto_utils.h"
#include "selinux.h"
#include "subcontext.h"
+#include "system/core/init/property_service.pb.h"
#include "util.h"
using namespace std::literals;
@@ -76,6 +79,7 @@
using android::base::StringPrintf;
using android::base::Timer;
using android::base::Trim;
+using android::base::unique_fd;
using android::base::WriteStringToFile;
using android::properties::BuildTrie;
using android::properties::ParsePropertyInfoFile;
@@ -85,18 +89,13 @@
namespace android {
namespace init {
-static constexpr const char kRestoreconProperty[] = "selinux.restorecon_recursive";
-
static bool persistent_properties_loaded = false;
static int property_set_fd = -1;
+static int init_socket = -1;
static PropertyInfoAreaFile property_info_area;
-uint32_t InitPropertySet(const std::string& name, const std::string& value);
-
-uint32_t (*property_set)(const std::string& name, const std::string& value) = InitPropertySet;
-
void CreateSerializedPropertyInfo();
struct PropertyAuditData {
@@ -164,6 +163,17 @@
return has_access;
}
+static void SendPropertyChanged(const std::string& name, const std::string& value) {
+ auto property_msg = PropertyMessage{};
+ auto* changed_message = property_msg.mutable_changed_message();
+ changed_message->set_name(name);
+ changed_message->set_value(value);
+
+ if (auto result = SendMessage(init_socket, property_msg); !result) {
+ LOG(ERROR) << "Failed to send property changed message: " << result.error();
+ }
+}
+
static uint32_t PropertySet(const std::string& name, const std::string& value, std::string* error) {
size_t valuelen = value.size();
@@ -199,7 +209,11 @@
if (persistent_properties_loaded && StartsWith(name, "persist.")) {
WritePersistentProperty(name, value);
}
- property_changed(name, value);
+ // If init hasn't started its main loop, then it won't be handling property changed messages
+ // anyway, so there's no need to try to send them.
+ if (init_socket != -1) {
+ SendPropertyChanged(name, value);
+ }
return PROP_SUCCESS;
}
@@ -239,35 +253,10 @@
bool thread_started_ = false;
};
-uint32_t InitPropertySet(const std::string& name, const std::string& value) {
- if (StartsWith(name, "ctl.")) {
- LOG(ERROR) << "InitPropertySet: Do not set ctl. properties from init; call the Service "
- "functions directly";
- return PROP_ERROR_INVALID_NAME;
- }
- if (name == kRestoreconProperty) {
- LOG(ERROR) << "InitPropertySet: Do not set '" << kRestoreconProperty
- << "' from init; use the restorecon builtin directly";
- return PROP_ERROR_INVALID_NAME;
- }
-
- uint32_t result = 0;
- ucred cr = {.pid = 1, .uid = 0, .gid = 0};
- std::string error;
- result = HandlePropertySet(name, value, kInitContext.c_str(), cr, &error);
- if (result != PROP_SUCCESS) {
- LOG(ERROR) << "Init cannot set '" << name << "' to '" << value << "': " << error;
- }
-
- return result;
-}
-
class SocketConnection {
public:
SocketConnection(int socket, const ucred& cred) : socket_(socket), cred_(cred) {}
- ~SocketConnection() { close(socket_); }
-
bool RecvUint32(uint32_t* value, uint32_t* timeout_ms) {
return RecvFully(value, sizeof(*value), timeout_ms);
}
@@ -304,6 +293,9 @@
}
bool SendUint32(uint32_t value) {
+ if (!socket_.ok()) {
+ return true;
+ }
int result = TEMP_FAILURE_RETRY(send(socket_, &value, sizeof(value), 0));
return result == sizeof(value);
}
@@ -318,7 +310,7 @@
return true;
}
- int socket() { return socket_; }
+ [[nodiscard]] int Release() { return socket_.release(); }
const ucred& cred() { return cred_; }
@@ -389,12 +381,46 @@
return bytes_left == 0;
}
- int socket_;
+ unique_fd socket_;
ucred cred_;
DISALLOW_IMPLICIT_CONSTRUCTORS(SocketConnection);
};
+static uint32_t SendControlMessage(const std::string& msg, const std::string& name, pid_t pid,
+ SocketConnection* socket, std::string* error) {
+ if (init_socket == -1) {
+ *error = "Received control message after shutdown, ignoring";
+ return PROP_ERROR_HANDLE_CONTROL_MESSAGE;
+ }
+
+ auto property_msg = PropertyMessage{};
+ auto* control_message = property_msg.mutable_control_message();
+ control_message->set_msg(msg);
+ control_message->set_name(name);
+ control_message->set_pid(pid);
+
+ // We must release the fd before sending it to init, otherwise there will be a race with init.
+ // If init calls close() before Release(), then fdsan will see the wrong tag and abort().
+ int fd = -1;
+ if (socket != nullptr) {
+ fd = socket->Release();
+ control_message->set_fd(fd);
+ }
+
+ if (auto result = SendMessage(init_socket, property_msg); !result) {
+ // We've already released the fd above, so if we fail to send the message to init, we need
+ // to manually free it here.
+ if (fd != -1) {
+ close(fd);
+ }
+ *error = "Failed to send control message: " + result.error().message();
+ return PROP_ERROR_HANDLE_CONTROL_MESSAGE;
+ }
+
+ return PROP_SUCCESS;
+}
+
bool CheckControlPropertyPerms(const std::string& name, const std::string& value,
const std::string& source_context, const ucred& cr) {
// We check the legacy method first but these properties are dontaudit, so we only log an audit
@@ -462,15 +488,14 @@
// This returns one of the enum of PROP_SUCCESS or PROP_ERROR*.
uint32_t HandlePropertySet(const std::string& name, const std::string& value,
- const std::string& source_context, const ucred& cr, std::string* error) {
+ const std::string& source_context, const ucred& cr,
+ SocketConnection* socket, std::string* error) {
if (auto ret = CheckPermissions(name, value, source_context, cr, error); ret != PROP_SUCCESS) {
return ret;
}
if (StartsWith(name, "ctl.")) {
- return HandleControlMessage(name.c_str() + 4, value, cr.pid)
- ? PROP_SUCCESS
- : PROP_ERROR_HANDLE_CONTROL_MESSAGE;
+ return SendControlMessage(name.c_str() + 4, value, cr.pid, socket, error);
}
// sys.powerctl is a special property that is used to make the device reboot. We want to log
@@ -501,6 +526,20 @@
return PropertySet(name, value, error);
}
+uint32_t InitPropertySet(const std::string& name, const std::string& value) {
+ uint32_t result = 0;
+ ucred cr = {.pid = 1, .uid = 0, .gid = 0};
+ std::string error;
+ result = HandlePropertySet(name, value, kInitContext, cr, nullptr, &error);
+ if (result != PROP_SUCCESS) {
+ LOG(ERROR) << "Init cannot set '" << name << "' to '" << value << "': " << error;
+ }
+
+ return result;
+}
+
+uint32_t (*property_set)(const std::string& name, const std::string& value) = InitPropertySet;
+
static void handle_property_set_fd() {
static constexpr uint32_t kDefaultSocketTimeout = 2000; /* ms */
@@ -549,7 +588,8 @@
const auto& cr = socket.cred();
std::string error;
- uint32_t result = HandlePropertySet(prop_name, prop_value, source_context, cr, &error);
+ uint32_t result =
+ HandlePropertySet(prop_name, prop_value, source_context, cr, nullptr, &error);
if (result != PROP_SUCCESS) {
LOG(ERROR) << "Unable to set property '" << prop_name << "' from uid:" << cr.uid
<< " gid:" << cr.gid << " pid:" << cr.pid << ": " << error;
@@ -577,7 +617,7 @@
const auto& cr = socket.cred();
std::string error;
- uint32_t result = HandlePropertySet(name, value, source_context, cr, &error);
+ uint32_t result = HandlePropertySet(name, value, source_context, cr, &socket, &error);
if (result != PROP_SUCCESS) {
LOG(ERROR) << "Unable to set property '" << name << "' from uid:" << cr.uid
<< " gid:" << cr.gid << " pid:" << cr.pid << ": " << error;
@@ -605,11 +645,16 @@
char *key, *value, *eol, *sol, *tmp, *fn;
size_t flen = 0;
- const char* context = kInitContext.c_str();
+ static constexpr const char* const kVendorPathPrefixes[2] = {
+ "/vendor",
+ "/odm",
+ };
+
+ const char* context = kInitContext;
if (SelinuxGetVendorAndroidVersion() >= __ANDROID_API_P__) {
- for (const auto& [path_prefix, secontext] : paths_and_secontexts) {
- if (StartsWith(filename, path_prefix)) {
- context = secontext;
+ for (const auto& vendor_path_prefix : kVendorPathPrefixes) {
+ if (StartsWith(filename, vendor_path_prefix)) {
+ context = kVendorContext;
}
}
}
@@ -741,33 +786,6 @@
}
}
-/* When booting an encrypted system, /data is not mounted when the
- * property service is started, so any properties stored there are
- * not loaded. Vold triggers init to load these properties once it
- * has mounted /data.
- */
-void load_persist_props(void) {
- // Devices with FDE have load_persist_props called twice; the first time when the temporary
- // /data partition is mounted and then again once /data is truly mounted. We do not want to
- // read persistent properties from the temporary /data partition or mark persistent properties
- // as having been loaded during the first call, so we return in that case.
- std::string crypto_state = android::base::GetProperty("ro.crypto.state", "");
- std::string crypto_type = android::base::GetProperty("ro.crypto.type", "");
- if (crypto_state == "encrypted" && crypto_type == "block") {
- static size_t num_calls = 0;
- if (++num_calls == 1) return;
- }
-
- load_override_properties();
- /* Read persistent properties after all default values have been loaded. */
- auto persistent_properties = LoadPersistentProperties();
- for (const auto& persistent_property_record : persistent_properties.properties()) {
- property_set(persistent_property_record.name(), persistent_property_record.value());
- }
- persistent_properties_loaded = true;
- property_set("ro.persistent_properties.ready", "true");
-}
-
// If the ro.product.[brand|device|manufacturer|model|name] properties have not been explicitly
// set, derive them from ro.product.${partition}.* properties
static void property_initialize_ro_product_props() {
@@ -985,21 +1003,92 @@
selinux_android_restorecon(kPropertyInfosPath, 0);
}
-void StartPropertyService(Epoll* epoll) {
+static void HandleInitSocket() {
+ auto message = ReadMessage(init_socket);
+ if (!message) {
+ LOG(ERROR) << "Could not read message from init_dedicated_recv_socket: " << message.error();
+ return;
+ }
+
+ auto init_message = InitMessage{};
+ if (!init_message.ParseFromString(*message)) {
+ LOG(ERROR) << "Could not parse message from init";
+ return;
+ }
+
+ switch (init_message.msg_case()) {
+ case InitMessage::kLoadPersistentProperties: {
+ load_override_properties();
+ // Read persistent properties after all default values have been loaded.
+ auto persistent_properties = LoadPersistentProperties();
+ for (const auto& persistent_property_record : persistent_properties.properties()) {
+ InitPropertySet(persistent_property_record.name(),
+ persistent_property_record.value());
+ }
+ InitPropertySet("ro.persistent_properties.ready", "true");
+ persistent_properties_loaded = true;
+ break;
+ }
+ case InitMessage::kStopSendingMessages: {
+ init_socket = -1;
+ break;
+ }
+ default:
+ LOG(ERROR) << "Unknown message type from init: " << init_message.msg_case();
+ }
+}
+
+static void PropertyServiceThread() {
+ Epoll epoll;
+ if (auto result = epoll.Open(); !result) {
+ LOG(FATAL) << result.error();
+ }
+
+ if (auto result = epoll.RegisterHandler(property_set_fd, handle_property_set_fd); !result) {
+ LOG(FATAL) << result.error();
+ }
+
+ if (auto result = epoll.RegisterHandler(init_socket, HandleInitSocket); !result) {
+ LOG(FATAL) << result.error();
+ }
+
+ while (true) {
+ auto pending_functions = epoll.Wait(std::nullopt);
+ if (!pending_functions) {
+ LOG(ERROR) << pending_functions.error();
+ } else {
+ for (const auto& function : *pending_functions) {
+ (*function)();
+ }
+ }
+ }
+}
+
+void StartPropertyService(int* epoll_socket) {
property_set("ro.property_service.version", "2");
+ int sockets[2];
+ if (socketpair(AF_UNIX, SOCK_SEQPACKET | SOCK_CLOEXEC, 0, sockets) != 0) {
+ PLOG(FATAL) << "Failed to socketpair() between property_service and init";
+ }
+ *epoll_socket = sockets[0];
+ init_socket = sockets[1];
+
if (auto result = CreateSocket(PROP_SERVICE_NAME, SOCK_STREAM | SOCK_CLOEXEC | SOCK_NONBLOCK,
false, 0666, 0, 0, {})) {
property_set_fd = *result;
} else {
- PLOG(FATAL) << "start_property_service socket creation failed: " << result.error();
+ LOG(FATAL) << "start_property_service socket creation failed: " << result.error();
}
listen(property_set_fd, 8);
- if (auto result = epoll->RegisterHandler(property_set_fd, handle_property_set_fd); !result) {
- PLOG(FATAL) << result.error();
- }
+ std::thread{PropertyServiceThread}.detach();
+
+ property_set = [](const std::string& key, const std::string& value) -> uint32_t {
+ android::base::SetProperty(key, value);
+ return 0;
+ };
}
} // namespace init
diff --git a/init/property_service.h b/init/property_service.h
index 7f9f844..8f7d8d9 100644
--- a/init/property_service.h
+++ b/init/property_service.h
@@ -25,17 +25,15 @@
namespace android {
namespace init {
+static constexpr const char kRestoreconProperty[] = "selinux.restorecon_recursive";
+
bool CanReadProperty(const std::string& source_context, const std::string& name);
extern uint32_t (*property_set)(const std::string& name, const std::string& value);
-uint32_t HandlePropertySet(const std::string& name, const std::string& value,
- const std::string& source_context, const ucred& cr, std::string* error);
-
void property_init();
void property_load_boot_defaults(bool load_debug_prop);
-void load_persist_props();
-void StartPropertyService(Epoll* epoll);
+void StartPropertyService(int* epoll_socket);
} // namespace init
} // namespace android
diff --git a/init/property_service.proto b/init/property_service.proto
new file mode 100644
index 0000000..ea454d4
--- /dev/null
+++ b/init/property_service.proto
@@ -0,0 +1,44 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+syntax = "proto2";
+option optimize_for = LITE_RUNTIME;
+
+message PropertyMessage {
+ message ControlMessage {
+ optional string msg = 1;
+ optional string name = 2;
+ optional int32 pid = 3;
+ optional int32 fd = 4;
+ }
+
+ message ChangedMessage {
+ optional string name = 1;
+ optional string value = 2;
+ }
+
+ oneof msg {
+ ControlMessage control_message = 1;
+ ChangedMessage changed_message = 2;
+ };
+}
+
+message InitMessage {
+ oneof msg {
+ bool load_persistent_properties = 1;
+ bool stop_sending_messages = 2;
+ };
+}
diff --git a/init/proto_utils.h b/init/proto_utils.h
new file mode 100644
index 0000000..93a7d57
--- /dev/null
+++ b/init/proto_utils.h
@@ -0,0 +1,62 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include <sys/socket.h>
+#include <unistd.h>
+
+#include <string>
+
+#include "result.h"
+
+namespace android {
+namespace init {
+
+constexpr size_t kBufferSize = 4096;
+
+inline Result<std::string> ReadMessage(int socket) {
+ char buffer[kBufferSize] = {};
+ auto result = TEMP_FAILURE_RETRY(recv(socket, buffer, sizeof(buffer), 0));
+ if (result == 0) {
+ return Error();
+ } else if (result < 0) {
+ return ErrnoError();
+ }
+ return std::string(buffer, result);
+}
+
+template <typename T>
+Result<void> SendMessage(int socket, const T& message) {
+ std::string message_string;
+ if (!message.SerializeToString(&message_string)) {
+ return Error() << "Unable to serialize message";
+ }
+
+ if (message_string.size() > kBufferSize) {
+ return Error() << "Serialized message too long to send";
+ }
+
+ if (auto result =
+ TEMP_FAILURE_RETRY(send(socket, message_string.c_str(), message_string.size(), 0));
+ result != static_cast<long>(message_string.size())) {
+ return ErrnoError() << "send() failed to send message contents";
+ }
+ return {};
+}
+
+} // namespace init
+} // namespace android
diff --git a/init/reboot.cpp b/init/reboot.cpp
index b0b5b54..2cf0f5c 100644
--- a/init/reboot.cpp
+++ b/init/reboot.cpp
@@ -60,6 +60,8 @@
#define PROC_SYSRQ "/proc/sysrq-trigger"
+using namespace std::literals;
+
using android::base::GetBoolProperty;
using android::base::Split;
using android::base::Timer;
@@ -170,9 +172,23 @@
<< stat;
}
-/* Find all read+write block devices and emulated devices in /proc/mounts
- * and add them to correpsponding list.
- */
+static bool IsDataMounted() {
+ std::unique_ptr<std::FILE, int (*)(std::FILE*)> fp(setmntent("/proc/mounts", "re"), endmntent);
+ if (fp == nullptr) {
+ PLOG(ERROR) << "Failed to open /proc/mounts";
+ return false;
+ }
+ mntent* mentry;
+ while ((mentry = getmntent(fp.get())) != nullptr) {
+ if (mentry->mnt_dir == "/data"s) {
+ return true;
+ }
+ }
+ return false;
+}
+
+// Find all read+write block devices and emulated devices in /proc/mounts and add them to
+// the correpsponding list.
static bool FindPartitionsToUmount(std::vector<MountEntry>* blockDevPartitions,
std::vector<MountEntry>* emulatedPartitions, bool dump) {
std::unique_ptr<std::FILE, int (*)(std::FILE*)> fp(setmntent("/proc/mounts", "re"), endmntent);
@@ -295,12 +311,15 @@
LOG(ERROR) << "Reboot thread timed out";
if (android::base::GetBoolProperty("ro.debuggable", false) == true) {
- LOG(INFO) << "Try to dump init process call trace:";
- const char* vdc_argv[] = {"/system/bin/debuggerd", "-b", "1"};
- int status;
- android_fork_execvp_ext(arraysize(vdc_argv), (char**)vdc_argv, &status, true,
- LOG_KLOG, true, nullptr, nullptr, 0);
-
+ if (false) {
+ // SEPolicy will block debuggerd from running and this is intentional.
+ // But these lines are left to be enabled during debugging.
+ LOG(INFO) << "Try to dump init process call trace:";
+ const char* vdc_argv[] = {"/system/bin/debuggerd", "-b", "1"};
+ int status;
+ android_fork_execvp_ext(arraysize(vdc_argv), (char**)vdc_argv, &status, true,
+ LOG_KLOG, true, nullptr, nullptr, 0);
+ }
LOG(INFO) << "Show stack for all active CPU:";
WriteStringToFile("l", PROC_SYSRQ);
@@ -436,6 +455,14 @@
Timer t;
LOG(INFO) << "Reboot start, reason: " << reason << ", rebootTarget: " << rebootTarget;
+ // If /data isn't mounted then we can skip the extra reboot steps below, since we don't need to
+ // worry about unmounting it.
+ if (!IsDataMounted()) {
+ sync();
+ RebootSystem(cmd, rebootTarget);
+ abort();
+ }
+
// Ensure last reboot reason is reduced to canonical
// alias reported in bootloader or system boot reason.
size_t skip = 0;
@@ -730,6 +757,12 @@
s->UnSetExec();
}
+ // We no longer process messages about properties changing coming from property service, so we
+ // need to tell property service to stop sending us these messages, otherwise it'll fill the
+ // buffers and block indefinitely, causing future property sets, including those that init makes
+ // during shutdown in Service::NotifyStateChange() to also block indefinitely.
+ SendStopSendingMessagesMessage();
+
return true;
}
diff --git a/init/service.cpp b/init/service.cpp
index 7a20966..e8b75d4 100644
--- a/init/service.cpp
+++ b/init/service.cpp
@@ -29,6 +29,7 @@
#include <android-base/file.h>
#include <android-base/logging.h>
#include <android-base/properties.h>
+#include <android-base/scopeguard.h>
#include <android-base/stringprintf.h>
#include <android-base/strings.h>
#include <cutils/sockets.h>
@@ -41,6 +42,7 @@
#if defined(__ANDROID__)
#include <ApexProperties.sysprop.h>
+#include "init.h"
#include "mount_namespace.h"
#include "property_service.h"
#else
@@ -50,6 +52,7 @@
using android::base::boot_clock;
using android::base::GetProperty;
using android::base::Join;
+using android::base::make_scope_guard;
using android::base::StartsWith;
using android::base::StringPrintf;
using android::base::WriteStringToFile;
@@ -250,6 +253,11 @@
f(siginfo);
}
+ if ((siginfo.si_code != CLD_EXITED || siginfo.si_status != 0) && on_failure_reboot_target_) {
+ LOG(ERROR) << "Service with 'reboot_on_failure' option failed, shutting down system.";
+ EnterShutdown(*on_failure_reboot_target_);
+ }
+
if (flags_ & SVC_EXEC) UnSetExec();
if (flags_ & SVC_TEMPORARY) return;
@@ -325,6 +333,12 @@
Result<void> Service::ExecStart() {
+ auto reboot_on_failure = make_scope_guard([this] {
+ if (on_failure_reboot_target_) {
+ EnterShutdown(*on_failure_reboot_target_);
+ }
+ });
+
if (is_updatable() && !ServiceList::GetInstance().IsServicesUpdated()) {
// Don't delay the service for ExecStart() as the semantic is that
// the caller might depend on the side effect of the execution.
@@ -345,10 +359,17 @@
<< " gid " << proc_attr_.gid << "+" << proc_attr_.supp_gids.size() << " context "
<< (!seclabel_.empty() ? seclabel_ : "default") << ") started; waiting...";
+ reboot_on_failure.Disable();
return {};
}
Result<void> Service::Start() {
+ auto reboot_on_failure = make_scope_guard([this] {
+ if (on_failure_reboot_target_) {
+ EnterShutdown(*on_failure_reboot_target_);
+ }
+ });
+
if (is_updatable() && !ServiceList::GetInstance().IsServicesUpdated()) {
ServiceList::GetInstance().DelayService(*this);
return Error() << "Cannot start an updatable service '" << name_
@@ -371,6 +392,7 @@
flags_ |= SVC_RESTART;
}
// It is not an error to try to start a service that is already running.
+ reboot_on_failure.Disable();
return {};
}
@@ -419,6 +441,23 @@
LOG(INFO) << "starting service '" << name_ << "'...";
+ std::vector<Descriptor> descriptors;
+ for (const auto& socket : sockets_) {
+ if (auto result = socket.Create(scon)) {
+ descriptors.emplace_back(std::move(*result));
+ } else {
+ LOG(INFO) << "Could not create socket '" << socket.name << "': " << result.error();
+ }
+ }
+
+ for (const auto& file : files_) {
+ if (auto result = file.Create()) {
+ descriptors.emplace_back(std::move(*result));
+ } else {
+ LOG(INFO) << "Could not open file '" << file.name << "': " << result.error();
+ }
+ }
+
pid_t pid = -1;
if (namespaces_.flags) {
pid = clone(nullptr, nullptr, namespaces_.flags | SIGCHLD, nullptr);
@@ -438,16 +477,8 @@
setenv(key.c_str(), value.c_str(), 1);
}
- for (const auto& socket : sockets_) {
- if (auto result = socket.CreateAndPublish(scon); !result) {
- LOG(INFO) << "Could not create socket '" << socket.name << "': " << result.error();
- }
- }
-
- for (const auto& file : files_) {
- if (auto result = file.CreateAndPublish(); !result) {
- LOG(INFO) << "Could not open file '" << file.name << "': " << result.error();
- }
+ for (const auto& descriptor : descriptors) {
+ descriptor.Publish();
}
if (auto result = WritePidToFiles(&writepid_files_); !result) {
@@ -532,6 +563,7 @@
}
NotifyStateChange("running");
+ reboot_on_failure.Disable();
return {};
}
diff --git a/init/service.h b/init/service.h
index ccefc8e..788f792 100644
--- a/init/service.h
+++ b/init/service.h
@@ -196,6 +196,8 @@
bool post_data_ = false;
bool running_at_post_data_reset_ = false;
+
+ std::optional<std::string> on_failure_reboot_target_;
};
} // namespace init
diff --git a/init/service_parser.cpp b/init/service_parser.cpp
index dd552fb..e7808a9 100644
--- a/init/service_parser.cpp
+++ b/init/service_parser.cpp
@@ -83,6 +83,9 @@
}
Result<void> ServiceParser::ParseConsole(std::vector<std::string>&& args) {
+ if (service_->proc_attr_.stdio_to_kmsg) {
+ return Error() << "'console' and 'stdio_to_kmsg' are mutually exclusive";
+ }
service_->flags_ |= SVC_CONSOLE;
service_->proc_attr_.console = args.size() > 1 ? "/dev/" + args[1] : "";
return {};
@@ -145,17 +148,21 @@
const std::string& interface_name = args[1];
const std::string& instance_name = args[2];
- FQName fq_name;
- if (!FQName::parse(interface_name, &fq_name)) {
- return Error() << "Invalid fully-qualified name for interface '" << interface_name << "'";
- }
+ // AIDL services don't use fully qualified names and instead just use "interface aidl <name>"
+ if (interface_name != "aidl") {
+ FQName fq_name;
+ if (!FQName::parse(interface_name, &fq_name)) {
+ return Error() << "Invalid fully-qualified name for interface '" << interface_name
+ << "'";
+ }
- if (!fq_name.isFullyQualified()) {
- return Error() << "Interface name not fully-qualified '" << interface_name << "'";
- }
+ if (!fq_name.isFullyQualified()) {
+ return Error() << "Interface name not fully-qualified '" << interface_name << "'";
+ }
- if (fq_name.isValidValueName()) {
- return Error() << "Interface name must not be a value name '" << interface_name << "'";
+ if (fq_name.isValidValueName()) {
+ return Error() << "Interface name must not be a value name '" << interface_name << "'";
+ }
}
const std::string fullname = interface_name + "/" + instance_name;
@@ -306,6 +313,18 @@
return {};
}
+Result<void> ServiceParser::ParseRebootOnFailure(std::vector<std::string>&& args) {
+ if (service_->on_failure_reboot_target_) {
+ return Error() << "Only one reboot_on_failure command may be specified";
+ }
+ if (!StartsWith(args[1], "shutdown") && !StartsWith(args[1], "reboot")) {
+ return Error()
+ << "reboot_on_failure commands must begin with either 'shutdown' or 'reboot'";
+ }
+ service_->on_failure_reboot_target_ = std::move(args[1]);
+ return {};
+}
+
Result<void> ServiceParser::ParseRestartPeriod(std::vector<std::string>&& args) {
int period;
if (!ParseInt(args[1], &period, 5)) {
@@ -413,6 +432,14 @@
return {};
}
+Result<void> ServiceParser::ParseStdioToKmsg(std::vector<std::string>&& args) {
+ if (service_->flags_ & SVC_CONSOLE) {
+ return Error() << "'stdio_to_kmsg' and 'console' are mutually exclusive";
+ }
+ service_->proc_attr_.stdio_to_kmsg = true;
+ return {};
+}
+
// name type
Result<void> ServiceParser::ParseFile(std::vector<std::string>&& args) {
if (args[2] != "r" && args[2] != "w" && args[2] != "rw") {
@@ -467,49 +494,42 @@
constexpr std::size_t kMax = std::numeric_limits<std::size_t>::max();
// clang-format off
static const KeywordMap<ServiceParser::OptionParser> parser_map = {
- {"capabilities",
- {0, kMax, &ServiceParser::ParseCapabilities}},
- {"class", {1, kMax, &ServiceParser::ParseClass}},
- {"console", {0, 1, &ServiceParser::ParseConsole}},
- {"critical", {0, 0, &ServiceParser::ParseCritical}},
- {"disabled", {0, 0, &ServiceParser::ParseDisabled}},
- {"enter_namespace",
- {2, 2, &ServiceParser::ParseEnterNamespace}},
- {"file", {2, 2, &ServiceParser::ParseFile}},
- {"group", {1, NR_SVC_SUPP_GIDS + 1, &ServiceParser::ParseGroup}},
- {"interface", {2, 2, &ServiceParser::ParseInterface}},
- {"ioprio", {2, 2, &ServiceParser::ParseIoprio}},
- {"keycodes", {1, kMax, &ServiceParser::ParseKeycodes}},
- {"memcg.limit_in_bytes",
- {1, 1, &ServiceParser::ParseMemcgLimitInBytes}},
- {"memcg.limit_percent",
- {1, 1, &ServiceParser::ParseMemcgLimitPercent}},
- {"memcg.limit_property",
- {1, 1, &ServiceParser::ParseMemcgLimitProperty}},
+ {"capabilities", {0, kMax, &ServiceParser::ParseCapabilities}},
+ {"class", {1, kMax, &ServiceParser::ParseClass}},
+ {"console", {0, 1, &ServiceParser::ParseConsole}},
+ {"critical", {0, 0, &ServiceParser::ParseCritical}},
+ {"disabled", {0, 0, &ServiceParser::ParseDisabled}},
+ {"enter_namespace", {2, 2, &ServiceParser::ParseEnterNamespace}},
+ {"file", {2, 2, &ServiceParser::ParseFile}},
+ {"group", {1, NR_SVC_SUPP_GIDS + 1, &ServiceParser::ParseGroup}},
+ {"interface", {2, 2, &ServiceParser::ParseInterface}},
+ {"ioprio", {2, 2, &ServiceParser::ParseIoprio}},
+ {"keycodes", {1, kMax, &ServiceParser::ParseKeycodes}},
+ {"memcg.limit_in_bytes", {1, 1, &ServiceParser::ParseMemcgLimitInBytes}},
+ {"memcg.limit_percent", {1, 1, &ServiceParser::ParseMemcgLimitPercent}},
+ {"memcg.limit_property", {1, 1, &ServiceParser::ParseMemcgLimitProperty}},
{"memcg.soft_limit_in_bytes",
- {1, 1, &ServiceParser::ParseMemcgSoftLimitInBytes}},
- {"memcg.swappiness",
- {1, 1, &ServiceParser::ParseMemcgSwappiness}},
- {"namespace", {1, 2, &ServiceParser::ParseNamespace}},
- {"oneshot", {0, 0, &ServiceParser::ParseOneshot}},
- {"onrestart", {1, kMax, &ServiceParser::ParseOnrestart}},
- {"oom_score_adjust",
- {1, 1, &ServiceParser::ParseOomScoreAdjust}},
- {"override", {0, 0, &ServiceParser::ParseOverride}},
- {"priority", {1, 1, &ServiceParser::ParsePriority}},
- {"restart_period",
- {1, 1, &ServiceParser::ParseRestartPeriod}},
- {"rlimit", {3, 3, &ServiceParser::ParseProcessRlimit}},
- {"seclabel", {1, 1, &ServiceParser::ParseSeclabel}},
- {"setenv", {2, 2, &ServiceParser::ParseSetenv}},
- {"shutdown", {1, 1, &ServiceParser::ParseShutdown}},
- {"sigstop", {0, 0, &ServiceParser::ParseSigstop}},
- {"socket", {3, 6, &ServiceParser::ParseSocket}},
- {"timeout_period",
- {1, 1, &ServiceParser::ParseTimeoutPeriod}},
- {"updatable", {0, 0, &ServiceParser::ParseUpdatable}},
- {"user", {1, 1, &ServiceParser::ParseUser}},
- {"writepid", {1, kMax, &ServiceParser::ParseWritepid}},
+ {1, 1, &ServiceParser::ParseMemcgSoftLimitInBytes}},
+ {"memcg.swappiness", {1, 1, &ServiceParser::ParseMemcgSwappiness}},
+ {"namespace", {1, 2, &ServiceParser::ParseNamespace}},
+ {"oneshot", {0, 0, &ServiceParser::ParseOneshot}},
+ {"onrestart", {1, kMax, &ServiceParser::ParseOnrestart}},
+ {"oom_score_adjust", {1, 1, &ServiceParser::ParseOomScoreAdjust}},
+ {"override", {0, 0, &ServiceParser::ParseOverride}},
+ {"priority", {1, 1, &ServiceParser::ParsePriority}},
+ {"reboot_on_failure", {1, 1, &ServiceParser::ParseRebootOnFailure}},
+ {"restart_period", {1, 1, &ServiceParser::ParseRestartPeriod}},
+ {"rlimit", {3, 3, &ServiceParser::ParseProcessRlimit}},
+ {"seclabel", {1, 1, &ServiceParser::ParseSeclabel}},
+ {"setenv", {2, 2, &ServiceParser::ParseSetenv}},
+ {"shutdown", {1, 1, &ServiceParser::ParseShutdown}},
+ {"sigstop", {0, 0, &ServiceParser::ParseSigstop}},
+ {"socket", {3, 6, &ServiceParser::ParseSocket}},
+ {"stdio_to_kmsg", {0, 0, &ServiceParser::ParseStdioToKmsg}},
+ {"timeout_period", {1, 1, &ServiceParser::ParseTimeoutPeriod}},
+ {"updatable", {0, 0, &ServiceParser::ParseUpdatable}},
+ {"user", {1, 1, &ServiceParser::ParseUser}},
+ {"writepid", {1, kMax, &ServiceParser::ParseWritepid}},
};
// clang-format on
return parser_map;
@@ -529,13 +549,8 @@
filename_ = filename;
Subcontext* restart_action_subcontext = nullptr;
- if (subcontexts_) {
- for (auto& subcontext : *subcontexts_) {
- if (StartsWith(filename, subcontext.path_prefix())) {
- restart_action_subcontext = &subcontext;
- break;
- }
- }
+ if (subcontext_ && subcontext_->PathMatchesSubcontext(filename)) {
+ restart_action_subcontext = subcontext_;
}
std::vector<std::string> str_args(args.begin() + 2, args.end());
diff --git a/init/service_parser.h b/init/service_parser.h
index 4729874..b1281f5 100644
--- a/init/service_parser.h
+++ b/init/service_parser.h
@@ -30,10 +30,10 @@
class ServiceParser : public SectionParser {
public:
ServiceParser(
- ServiceList* service_list, std::vector<Subcontext>* subcontexts,
+ ServiceList* service_list, Subcontext* subcontext,
const std::optional<InterfaceInheritanceHierarchyMap>& interface_inheritance_hierarchy)
: service_list_(service_list),
- subcontexts_(subcontexts),
+ subcontext_(subcontext),
interface_inheritance_hierarchy_(interface_inheritance_hierarchy),
service_(nullptr) {}
Result<void> ParseSection(std::vector<std::string>&& args, const std::string& filename,
@@ -68,12 +68,14 @@
Result<void> ParseMemcgSwappiness(std::vector<std::string>&& args);
Result<void> ParseNamespace(std::vector<std::string>&& args);
Result<void> ParseProcessRlimit(std::vector<std::string>&& args);
+ Result<void> ParseRebootOnFailure(std::vector<std::string>&& args);
Result<void> ParseRestartPeriod(std::vector<std::string>&& args);
Result<void> ParseSeclabel(std::vector<std::string>&& args);
Result<void> ParseSetenv(std::vector<std::string>&& args);
Result<void> ParseShutdown(std::vector<std::string>&& args);
Result<void> ParseSigstop(std::vector<std::string>&& args);
Result<void> ParseSocket(std::vector<std::string>&& args);
+ Result<void> ParseStdioToKmsg(std::vector<std::string>&& args);
Result<void> ParseTimeoutPeriod(std::vector<std::string>&& args);
Result<void> ParseFile(std::vector<std::string>&& args);
Result<void> ParseUser(std::vector<std::string>&& args);
@@ -83,7 +85,7 @@
bool IsValidName(const std::string& name) const;
ServiceList* service_list_;
- std::vector<Subcontext>* subcontexts_;
+ Subcontext* subcontext_;
std::optional<InterfaceInheritanceHierarchyMap> interface_inheritance_hierarchy_;
std::unique_ptr<Service> service_;
std::string filename_;
diff --git a/init/service_utils.cpp b/init/service_utils.cpp
index 836145d..93cffd8 100644
--- a/init/service_utils.cpp
+++ b/init/service_utils.cpp
@@ -16,17 +16,18 @@
#include "service_utils.h"
+#include <fcntl.h>
#include <grp.h>
#include <sys/mount.h>
#include <sys/prctl.h>
#include <sys/wait.h>
+#include <unistd.h>
#include <android-base/file.h>
#include <android-base/logging.h>
#include <android-base/properties.h>
#include <android-base/stringprintf.h>
#include <android-base/strings.h>
-#include <android-base/unique_fd.h>
#include <cutils/android_get_control_file.h>
#include <cutils/sockets.h>
#include <processgroup/processgroup.h>
@@ -122,11 +123,15 @@
return {};
}
-void ZapStdio() {
+void SetupStdio(bool stdio_to_kmsg) {
auto fd = unique_fd{open("/dev/null", O_RDWR | O_CLOEXEC)};
- dup2(fd, 0);
- dup2(fd, 1);
- dup2(fd, 2);
+ dup2(fd, STDIN_FILENO);
+ if (stdio_to_kmsg) {
+ fd.reset(open("/dev/kmsg_debug", O_WRONLY | O_CLOEXEC));
+ if (fd == -1) fd.reset(open("/dev/null", O_WRONLY | O_CLOEXEC));
+ }
+ dup2(fd, STDOUT_FILENO);
+ dup2(fd, STDERR_FILENO);
}
void OpenConsole(const std::string& console) {
@@ -138,37 +143,44 @@
dup2(fd, 2);
}
-void PublishDescriptor(const std::string& key, const std::string& name, int fd) {
- std::string published_name = key + name;
+} // namespace
+
+void Descriptor::Publish() const {
+ auto published_name = name_;
+
for (auto& c : published_name) {
c = isalnum(c) ? c : '_';
}
+ int fd = fd_.get();
+ // For safety, the FD is created as CLOEXEC, so that must be removed before publishing.
+ auto fd_flags = fcntl(fd, F_GETFD);
+ fd_flags &= ~FD_CLOEXEC;
+ if (fcntl(fd, F_SETFD, fd_flags) != 0) {
+ PLOG(ERROR) << "Failed to remove CLOEXEC from '" << published_name << "'";
+ }
+
std::string val = std::to_string(fd);
setenv(published_name.c_str(), val.c_str(), 1);
}
-} // namespace
-
-Result<void> SocketDescriptor::CreateAndPublish(const std::string& global_context) const {
+Result<Descriptor> SocketDescriptor::Create(const std::string& global_context) const {
const auto& socket_context = context.empty() ? global_context : context;
- auto result = CreateSocket(name, type, passcred, perm, uid, gid, socket_context);
+ auto result = CreateSocket(name, type | SOCK_CLOEXEC, passcred, perm, uid, gid, socket_context);
if (!result) {
return result.error();
}
- PublishDescriptor(ANDROID_SOCKET_ENV_PREFIX, name, *result);
-
- return {};
+ return Descriptor(ANDROID_SOCKET_ENV_PREFIX + name, unique_fd(*result));
}
-Result<void> FileDescriptor::CreateAndPublish() const {
+Result<Descriptor> FileDescriptor::Create() const {
int flags = (type == "r") ? O_RDONLY : (type == "w") ? O_WRONLY : O_RDWR;
// Make sure we do not block on open (eg: devices can chose to block on carrier detect). Our
// intention is never to delay launch of a service for such a condition. The service can
// perform its own blocking on carrier detect.
- android::base::unique_fd fd(TEMP_FAILURE_RETRY(open(name.c_str(), flags | O_NONBLOCK)));
+ unique_fd fd(TEMP_FAILURE_RETRY(open(name.c_str(), flags | O_NONBLOCK | O_CLOEXEC)));
if (fd < 0) {
return ErrnoError() << "Failed to open file '" << name << "'";
@@ -179,9 +191,7 @@
LOG(INFO) << "Opened file '" << name << "', flags " << flags;
- PublishDescriptor(ANDROID_FILE_ENV_PREFIX, name, fd.release());
-
- return {};
+ return Descriptor(ANDROID_FILE_ENV_PREFIX + name, std::move(fd));
}
Result<void> EnterNamespaces(const NamespaceInfo& info, const std::string& name, bool pre_apexd) {
@@ -234,7 +244,7 @@
if (setpgid(0, getpid()) == -1) {
return ErrnoError() << "setpgid failed";
}
- ZapStdio();
+ SetupStdio(attr.stdio_to_kmsg);
}
for (const auto& rlimit : attr.rlimits) {
diff --git a/init/service_utils.h b/init/service_utils.h
index befce25..3f1071e 100644
--- a/init/service_utils.h
+++ b/init/service_utils.h
@@ -22,6 +22,7 @@
#include <string>
#include <vector>
+#include <android-base/unique_fd.h>
#include <cutils/iosched_policy.h>
#include "result.h"
@@ -29,6 +30,18 @@
namespace android {
namespace init {
+class Descriptor {
+ public:
+ Descriptor(const std::string& name, android::base::unique_fd fd)
+ : name_(name), fd_(std::move(fd)){};
+
+ void Publish() const;
+
+ private:
+ std::string name_;
+ android::base::unique_fd fd_;
+};
+
struct SocketDescriptor {
std::string name;
int type = 0;
@@ -38,14 +51,14 @@
std::string context;
bool passcred = false;
- Result<void> CreateAndPublish(const std::string& global_context) const;
+ Result<Descriptor> Create(const std::string& global_context) const;
};
struct FileDescriptor {
std::string name;
std::string type;
- Result<void> CreateAndPublish() const;
+ Result<Descriptor> Create() const;
};
struct NamespaceInfo {
@@ -64,6 +77,7 @@
gid_t gid;
std::vector<gid_t> supp_gids;
int priority;
+ bool stdio_to_kmsg;
};
Result<void> SetProcessAttributes(const ProcessAttributes& attr);
diff --git a/init/subcontext.cpp b/init/subcontext.cpp
index 00f91d8..79fc372 100644
--- a/init/subcontext.cpp
+++ b/init/subcontext.cpp
@@ -18,16 +18,17 @@
#include <fcntl.h>
#include <poll.h>
-#include <sys/socket.h>
#include <unistd.h>
#include <android-base/file.h>
#include <android-base/logging.h>
+#include <android-base/properties.h>
#include <android-base/strings.h>
#include <selinux/android.h>
#include "action.h"
#include "builtins.h"
+#include "proto_utils.h"
#include "util.h"
#if defined(__ANDROID__)
@@ -48,56 +49,8 @@
namespace android {
namespace init {
-
-const std::string kInitContext = "u:r:init:s0";
-const std::string kVendorContext = "u:r:vendor_init:s0";
-
-const char* const paths_and_secontexts[2][2] = {
- {"/vendor", kVendorContext.c_str()},
- {"/odm", kVendorContext.c_str()},
-};
-
namespace {
-constexpr size_t kBufferSize = 4096;
-
-Result<std::string> ReadMessage(int socket) {
- char buffer[kBufferSize] = {};
- auto result = TEMP_FAILURE_RETRY(recv(socket, buffer, sizeof(buffer), 0));
- if (result == 0) {
- return Error();
- } else if (result < 0) {
- return ErrnoError();
- }
- return std::string(buffer, result);
-}
-
-template <typename T>
-Result<void> SendMessage(int socket, const T& message) {
- std::string message_string;
- if (!message.SerializeToString(&message_string)) {
- return Error() << "Unable to serialize message";
- }
-
- if (message_string.size() > kBufferSize) {
- return Error() << "Serialized message too long to send";
- }
-
- if (auto result =
- TEMP_FAILURE_RETRY(send(socket, message_string.c_str(), message_string.size(), 0));
- result != static_cast<long>(message_string.size())) {
- return ErrnoError() << "send() failed to send message contents";
- }
- return {};
-}
-
-std::vector<std::pair<std::string, std::string>> properties_to_set;
-
-uint32_t SubcontextPropertySet(const std::string& name, const std::string& value) {
- properties_to_set.emplace_back(name, value);
- return 0;
-}
-
class SubcontextProcess {
public:
SubcontextProcess(const BuiltinFunctionMap* function_map, std::string context, int init_fd)
@@ -131,14 +84,6 @@
result = RunBuiltinFunction(map_result->function, args, context_);
}
- for (const auto& [name, value] : properties_to_set) {
- auto property = reply->add_properties_to_set();
- property->set_name(name);
- property->set_value(value);
- }
-
- properties_to_set.clear();
-
if (result) {
reply->set_success(true);
} else {
@@ -224,7 +169,10 @@
SelabelInitialize();
- property_set = SubcontextPropertySet;
+ property_set = [](const std::string& key, const std::string& value) -> uint32_t {
+ android::base::SetProperty(key, value);
+ return 0;
+ };
auto subcontext_process = SubcontextProcess(function_map, context, init_fd);
subcontext_process.MainLoop();
@@ -280,6 +228,15 @@
Fork();
}
+bool Subcontext::PathMatchesSubcontext(const std::string& path) {
+ for (const auto& prefix : path_prefixes_) {
+ if (StartsWith(path, prefix)) {
+ return true;
+ }
+ }
+ return false;
+}
+
Result<SubcontextReply> Subcontext::TransmitMessage(const SubcontextCommand& subcontext_command) {
if (auto result = SendMessage(socket_, subcontext_command); !result) {
Restart();
@@ -311,15 +268,6 @@
return subcontext_reply.error();
}
- for (const auto& property : subcontext_reply->properties_to_set()) {
- ucred cr = {.pid = pid_, .uid = 0, .gid = 0};
- std::string error;
- if (HandlePropertySet(property.name(), property.value(), context_, cr, &error) != 0) {
- LOG(ERROR) << "Subcontext init could not set '" << property.name() << "' to '"
- << property.value() << "': " << error;
- }
- }
-
if (subcontext_reply->reply_case() == SubcontextReply::kFailure) {
auto& failure = subcontext_reply->failure();
return ResultError(failure.error_string(), failure.error_errno());
@@ -365,13 +313,12 @@
static std::vector<Subcontext> subcontexts;
static bool shutting_down;
-std::vector<Subcontext>* InitializeSubcontexts() {
+std::unique_ptr<Subcontext> InitializeSubcontext() {
if (SelinuxGetVendorAndroidVersion() >= __ANDROID_API_P__) {
- for (const auto& [path_prefix, secontext] : paths_and_secontexts) {
- subcontexts.emplace_back(path_prefix, secontext);
- }
+ return std::make_unique<Subcontext>(std::vector<std::string>{"/vendor", "/odm"},
+ kVendorContext);
}
- return &subcontexts;
+ return nullptr;
}
bool SubcontextChildReap(pid_t pid) {
diff --git a/init/subcontext.h b/init/subcontext.h
index 591521f..bcaad29 100644
--- a/init/subcontext.h
+++ b/init/subcontext.h
@@ -14,8 +14,7 @@
* limitations under the License.
*/
-#ifndef _INIT_SUBCONTEXT_H
-#define _INIT_SUBCONTEXT_H
+#pragma once
#include <signal.h>
@@ -31,22 +30,21 @@
namespace android {
namespace init {
-extern const std::string kInitContext;
-extern const std::string kVendorContext;
-extern const char* const paths_and_secontexts[2][2];
+static constexpr const char kInitContext[] = "u:r:init:s0";
+static constexpr const char kVendorContext[] = "u:r:vendor_init:s0";
class Subcontext {
public:
- Subcontext(std::string path_prefix, std::string context)
- : path_prefix_(std::move(path_prefix)), context_(std::move(context)), pid_(0) {
+ Subcontext(std::vector<std::string> path_prefixes, std::string context)
+ : path_prefixes_(std::move(path_prefixes)), context_(std::move(context)), pid_(0) {
Fork();
}
Result<void> Execute(const std::vector<std::string>& args);
Result<std::vector<std::string>> ExpandArgs(const std::vector<std::string>& args);
void Restart();
+ bool PathMatchesSubcontext(const std::string& path);
- const std::string& path_prefix() const { return path_prefix_; }
const std::string& context() const { return context_; }
pid_t pid() const { return pid_; }
@@ -54,18 +52,16 @@
void Fork();
Result<SubcontextReply> TransmitMessage(const SubcontextCommand& subcontext_command);
- std::string path_prefix_;
+ std::vector<std::string> path_prefixes_;
std::string context_;
pid_t pid_;
android::base::unique_fd socket_;
};
int SubcontextMain(int argc, char** argv, const BuiltinFunctionMap* function_map);
-std::vector<Subcontext>* InitializeSubcontexts();
+std::unique_ptr<Subcontext> InitializeSubcontext();
bool SubcontextChildReap(pid_t pid);
void SubcontextTerminate();
} // namespace init
} // namespace android
-
-#endif
diff --git a/init/subcontext.proto b/init/subcontext.proto
index c31f4fb..e68115e 100644
--- a/init/subcontext.proto
+++ b/init/subcontext.proto
@@ -38,10 +38,4 @@
Failure failure = 2;
ExpandArgsReply expand_args_reply = 3;
}
-
- message PropertyToSet {
- optional string name = 1;
- optional string value = 2;
- }
- repeated PropertyToSet properties_to_set = 4;
}
\ No newline at end of file
diff --git a/init/subcontext_benchmark.cpp b/init/subcontext_benchmark.cpp
index f6fee8a..ccef2f3 100644
--- a/init/subcontext_benchmark.cpp
+++ b/init/subcontext_benchmark.cpp
@@ -33,7 +33,7 @@
return;
}
- auto subcontext = Subcontext("path", context);
+ auto subcontext = Subcontext({"path"}, context);
free(context);
while (state.KeepRunning()) {
diff --git a/init/subcontext_test.cpp b/init/subcontext_test.cpp
index dcbff82..9cac35e 100644
--- a/init/subcontext_test.cpp
+++ b/init/subcontext_test.cpp
@@ -52,7 +52,7 @@
auto context_string = std::string(context);
free(context);
- auto subcontext = Subcontext("dummy_path", context_string);
+ auto subcontext = Subcontext({"dummy_path"}, context_string);
ASSERT_NE(0, subcontext.pid());
test_function(subcontext, context_string);
@@ -224,12 +224,8 @@
} // namespace init
} // namespace android
-int main(int argc, char** argv) {
- if (argc > 1 && !strcmp(basename(argv[1]), "subcontext")) {
- auto test_function_map = android::init::BuildTestFunctionMap();
- return android::init::SubcontextMain(argc, argv, &test_function_map);
- }
-
- testing::InitGoogleTest(&argc, argv);
- return RUN_ALL_TESTS();
+// init_test.cpp contains the main entry point for all init tests.
+int SubcontextTestChildMain(int argc, char** argv) {
+ auto test_function_map = android::init::BuildTestFunctionMap();
+ return android::init::SubcontextMain(argc, argv, &test_function_map);
}
diff --git a/init/uevent_listener.cpp b/init/uevent_listener.cpp
index ac633776..416d942 100644
--- a/init/uevent_listener.cpp
+++ b/init/uevent_listener.cpp
@@ -171,7 +171,7 @@
return RegenerateUeventsForDir(d.get(), callback);
}
-static const char* kRegenerationPaths[] = {"/sys/class", "/sys/block", "/sys/devices"};
+static const char* kRegenerationPaths[] = {"/sys/devices"};
void UeventListener::RegenerateUevents(const ListenerCallback& callback) const {
for (const auto path : kRegenerationPaths) {
diff --git a/init/ueventd.cpp b/init/ueventd.cpp
index cffc1b9..59f91ee 100644
--- a/init/ueventd.cpp
+++ b/init/ueventd.cpp
@@ -113,10 +113,12 @@
class ColdBoot {
public:
ColdBoot(UeventListener& uevent_listener,
- std::vector<std::unique_ptr<UeventHandler>>& uevent_handlers)
+ std::vector<std::unique_ptr<UeventHandler>>& uevent_handlers,
+ bool enable_parallel_restorecon)
: uevent_listener_(uevent_listener),
uevent_handlers_(uevent_handlers),
- num_handler_subprocesses_(std::thread::hardware_concurrency() ?: 4) {}
+ num_handler_subprocesses_(std::thread::hardware_concurrency() ?: 4),
+ enable_parallel_restorecon_(enable_parallel_restorecon) {}
void Run();
@@ -132,6 +134,8 @@
std::vector<std::unique_ptr<UeventHandler>>& uevent_handlers_;
unsigned int num_handler_subprocesses_;
+ bool enable_parallel_restorecon_;
+
std::vector<Uevent> uevent_queue_;
std::set<pid_t> subprocess_pids_;
@@ -155,7 +159,6 @@
selinux_android_restorecon(dir.c_str(), SELINUX_ANDROID_RESTORECON_RECURSE);
}
- _exit(EXIT_SUCCESS);
}
void ColdBoot::GenerateRestoreCon(const std::string& directory) {
@@ -195,7 +198,10 @@
if (pid == 0) {
UeventHandlerMain(i, num_handler_subprocesses_);
- RestoreConHandler(i, num_handler_subprocesses_);
+ if (enable_parallel_restorecon_) {
+ RestoreConHandler(i, num_handler_subprocesses_);
+ }
+ _exit(EXIT_SUCCESS);
}
subprocess_pids_.emplace(pid);
@@ -240,14 +246,20 @@
RegenerateUevents();
- selinux_android_restorecon("/sys", 0);
- selinux_android_restorecon("/sys/devices", 0);
- GenerateRestoreCon("/sys");
- // takes long time for /sys/devices, parallelize it
- GenerateRestoreCon("/sys/devices");
+ if (enable_parallel_restorecon_) {
+ selinux_android_restorecon("/sys", 0);
+ selinux_android_restorecon("/sys/devices", 0);
+ GenerateRestoreCon("/sys");
+ // takes long time for /sys/devices, parallelize it
+ GenerateRestoreCon("/sys/devices");
+ }
ForkSubProcesses();
+ if (!enable_parallel_restorecon_) {
+ selinux_android_restorecon("/sys", SELINUX_ANDROID_RESTORECON_RECURSE);
+ }
+
WaitForSubProcesses();
android::base::SetProperty(kColdBootDoneProp, "true");
@@ -284,7 +296,8 @@
std::move(ueventd_configuration.sysfs_permissions),
std::move(ueventd_configuration.subsystems), android::fs_mgr::GetBootDevices(), true));
uevent_handlers.emplace_back(std::make_unique<FirmwareHandler>(
- std::move(ueventd_configuration.firmware_directories)));
+ std::move(ueventd_configuration.firmware_directories),
+ std::move(ueventd_configuration.external_firmware_handlers)));
if (ueventd_configuration.enable_modalias_handling) {
std::vector<std::string> base_paths = {"/odm/lib/modules", "/vendor/lib/modules"};
@@ -293,7 +306,8 @@
UeventListener uevent_listener(ueventd_configuration.uevent_socket_rcvbuf_size);
if (!android::base::GetBoolProperty(kColdBootDoneProp, false)) {
- ColdBoot cold_boot(uevent_listener, uevent_handlers);
+ ColdBoot cold_boot(uevent_listener, uevent_handlers,
+ ueventd_configuration.enable_parallel_restorecon);
cold_boot.Run();
}
diff --git a/init/ueventd_parser.cpp b/init/ueventd_parser.cpp
index 8ee0cce..a74b247 100644
--- a/init/ueventd_parser.cpp
+++ b/init/ueventd_parser.cpp
@@ -88,18 +88,42 @@
return {};
}
-Result<void> ParseModaliasHandlingLine(std::vector<std::string>&& args,
- bool* enable_modalias_handling) {
+Result<void> ParseExternalFirmwareHandlerLine(
+ std::vector<std::string>&& args,
+ std::vector<ExternalFirmwareHandler>* external_firmware_handlers) {
+ if (args.size() != 4) {
+ return Error() << "external_firmware_handler lines must have exactly 3 parameters";
+ }
+
+ if (std::find_if(external_firmware_handlers->begin(), external_firmware_handlers->end(),
+ [&args](const auto& other) { return other.devpath == args[2]; }) !=
+ external_firmware_handlers->end()) {
+ return Error() << "found a previous external_firmware_handler with the same devpath, '"
+ << args[2] << "'";
+ }
+
+ passwd* pwd = getpwnam(args[2].c_str());
+ if (!pwd) {
+ return ErrnoError() << "invalid handler uid'" << args[2] << "'";
+ }
+
+ ExternalFirmwareHandler handler(std::move(args[1]), pwd->pw_uid, std::move(args[3]));
+ external_firmware_handlers->emplace_back(std::move(handler));
+
+ return {};
+}
+
+Result<void> ParseEnabledDisabledLine(std::vector<std::string>&& args, bool* feature) {
if (args.size() != 2) {
- return Error() << "modalias_handling lines take exactly one parameter";
+ return Error() << args[0] << " lines take exactly one parameter";
}
if (args[1] == "enabled") {
- *enable_modalias_handling = true;
+ *feature = true;
} else if (args[1] == "disabled") {
- *enable_modalias_handling = false;
+ *feature = false;
} else {
- return Error() << "modalias_handling takes either 'enabled' or 'disabled' as a parameter";
+ return Error() << args[0] << " takes either 'enabled' or 'disabled' as a parameter";
}
return {};
@@ -212,12 +236,18 @@
parser.AddSingleLineParser("firmware_directories",
std::bind(ParseFirmwareDirectoriesLine, _1,
&ueventd_configuration.firmware_directories));
+ parser.AddSingleLineParser("external_firmware_handler",
+ std::bind(ParseExternalFirmwareHandlerLine, _1,
+ &ueventd_configuration.external_firmware_handlers));
parser.AddSingleLineParser("modalias_handling",
- std::bind(ParseModaliasHandlingLine, _1,
+ std::bind(ParseEnabledDisabledLine, _1,
&ueventd_configuration.enable_modalias_handling));
parser.AddSingleLineParser("uevent_socket_rcvbuf_size",
std::bind(ParseUeventSocketRcvbufSizeLine, _1,
&ueventd_configuration.uevent_socket_rcvbuf_size));
+ parser.AddSingleLineParser("parallel_restorecon",
+ std::bind(ParseEnabledDisabledLine, _1,
+ &ueventd_configuration.enable_parallel_restorecon));
for (const auto& config : configs) {
parser.ParseConfig(config);
diff --git a/init/ueventd_parser.h b/init/ueventd_parser.h
index d476dec..eaafa5a 100644
--- a/init/ueventd_parser.h
+++ b/init/ueventd_parser.h
@@ -14,13 +14,13 @@
* limitations under the License.
*/
-#ifndef _INIT_UEVENTD_PARSER_H
-#define _INIT_UEVENTD_PARSER_H
+#pragma once
#include <string>
#include <vector>
#include "devices.h"
+#include "firmware_handler.h"
namespace android {
namespace init {
@@ -30,13 +30,13 @@
std::vector<SysfsPermissions> sysfs_permissions;
std::vector<Permissions> dev_permissions;
std::vector<std::string> firmware_directories;
+ std::vector<ExternalFirmwareHandler> external_firmware_handlers;
bool enable_modalias_handling = false;
size_t uevent_socket_rcvbuf_size = 0;
+ bool enable_parallel_restorecon = false;
};
UeventdConfiguration ParseConfig(const std::vector<std::string>& configs);
} // namespace init
} // namespace android
-
-#endif
diff --git a/init/ueventd_parser_test.cpp b/init/ueventd_parser_test.cpp
index 9c1cedf..172ba0b 100644
--- a/init/ueventd_parser_test.cpp
+++ b/init/ueventd_parser_test.cpp
@@ -20,6 +20,8 @@
#include <gtest/gtest.h>
#include <private/android_filesystem_config.h>
+#include "firmware_handler.h"
+
namespace android {
namespace init {
@@ -93,7 +95,7 @@
{"test_devname2", Subsystem::DEVNAME_UEVENT_DEVNAME, "/dev"},
{"test_devpath_dirname", Subsystem::DEVNAME_UEVENT_DEVPATH, "/dev/graphics"}};
- TestUeventdFile(ueventd_file, {subsystems, {}, {}, {}});
+ TestUeventdFile(ueventd_file, {subsystems, {}, {}, {}, {}});
}
TEST(ueventd_parser, Permissions) {
@@ -119,7 +121,7 @@
{"/sys/devices/virtual/*/input", "poll_delay", 0660, AID_ROOT, AID_INPUT},
};
- TestUeventdFile(ueventd_file, {{}, sysfs_permissions, permissions, {}});
+ TestUeventdFile(ueventd_file, {{}, sysfs_permissions, permissions, {}, {}});
}
TEST(ueventd_parser, FirmwareDirectories) {
@@ -135,7 +137,52 @@
"/more",
};
- TestUeventdFile(ueventd_file, {{}, {}, {}, firmware_directories});
+ TestUeventdFile(ueventd_file, {{}, {}, {}, firmware_directories, {}});
+}
+
+TEST(ueventd_parser, ExternalFirmwareHandlers) {
+ auto ueventd_file = R"(
+external_firmware_handler devpath root handler_path
+external_firmware_handler /devices/path/firmware/something001.bin system /vendor/bin/firmware_handler.sh
+external_firmware_handler /devices/path/firmware/something001.bin radio "/vendor/bin/firmware_handler.sh --has --arguments"
+)";
+
+ auto external_firmware_handlers = std::vector<ExternalFirmwareHandler>{
+ {
+ "devpath",
+ AID_ROOT,
+ "handler_path",
+ },
+ {
+ "/devices/path/firmware/something001.bin",
+ AID_SYSTEM,
+ "/vendor/bin/firmware_handler.sh",
+ },
+ {
+ "/devices/path/firmware/something001.bin",
+ AID_RADIO,
+ "/vendor/bin/firmware_handler.sh --has --arguments",
+ },
+ };
+
+ TestUeventdFile(ueventd_file, {{}, {}, {}, {}, external_firmware_handlers});
+}
+
+TEST(ueventd_parser, ExternalFirmwareHandlersDuplicate) {
+ auto ueventd_file = R"(
+external_firmware_handler devpath root handler_path
+external_firmware_handler devpath root handler_path2
+)";
+
+ auto external_firmware_handlers = std::vector<ExternalFirmwareHandler>{
+ {
+ "devpath",
+ AID_ROOT,
+ "handler_path",
+ },
+ };
+
+ TestUeventdFile(ueventd_file, {{}, {}, {}, {}, external_firmware_handlers});
}
TEST(ueventd_parser, UeventSocketRcvbufSize) {
@@ -144,7 +191,25 @@
uevent_socket_rcvbuf_size 8M
)";
- TestUeventdFile(ueventd_file, {{}, {}, {}, {}, false, 8 * 1024 * 1024});
+ TestUeventdFile(ueventd_file, {{}, {}, {}, {}, {}, false, 8 * 1024 * 1024});
+}
+
+TEST(ueventd_parser, EnabledDisabledLines) {
+ auto ueventd_file = R"(
+modalias_handling enabled
+parallel_restorecon enabled
+modalias_handling disabled
+)";
+
+ TestUeventdFile(ueventd_file, {{}, {}, {}, {}, {}, false, 0, true});
+
+ auto ueventd_file2 = R"(
+parallel_restorecon enabled
+modalias_handling enabled
+parallel_restorecon disabled
+)";
+
+ TestUeventdFile(ueventd_file2, {{}, {}, {}, {}, {}, true, 0, false});
}
TEST(ueventd_parser, AllTogether) {
@@ -178,7 +243,11 @@
/sys/devices/virtual/*/input poll_delay 0660 root input
firmware_directories /more
+external_firmware_handler /devices/path/firmware/firmware001.bin root /vendor/bin/touch.sh
+
uevent_socket_rcvbuf_size 6M
+modalias_handling enabled
+parallel_restorecon enabled
#ending comment
)";
@@ -208,10 +277,15 @@
"/more",
};
+ auto external_firmware_handlers = std::vector<ExternalFirmwareHandler>{
+ {"/devices/path/firmware/firmware001.bin", AID_ROOT, "/vendor/bin/touch.sh"},
+ };
+
size_t uevent_socket_rcvbuf_size = 6 * 1024 * 1024;
- TestUeventdFile(ueventd_file, {subsystems, sysfs_permissions, permissions, firmware_directories,
- false, uevent_socket_rcvbuf_size});
+ TestUeventdFile(ueventd_file,
+ {subsystems, sysfs_permissions, permissions, firmware_directories,
+ external_firmware_handlers, true, uevent_socket_rcvbuf_size, true});
}
// All of these lines are ill-formed, so test that there is 0 output.
@@ -230,6 +304,18 @@
subsystem #no name
+modalias_handling
+modalias_handling enabled enabled
+modalias_handling blah
+
+parallel_restorecon
+parallel_restorecon enabled enabled
+parallel_restorecon blah
+
+external_firmware_handler
+external_firmware_handler blah blah
+external_firmware_handler blah blah blah blah
+
)";
TestUeventdFile(ueventd_file, {});
diff --git a/libbacktrace/include/backtrace/BacktraceMap.h b/libbacktrace/include/backtrace/BacktraceMap.h
index f8d5058..e000a00 100644
--- a/libbacktrace/include/backtrace/BacktraceMap.h
+++ b/libbacktrace/include/backtrace/BacktraceMap.h
@@ -79,7 +79,7 @@
index_++;
return *this;
}
- iterator& operator++(int increment) {
+ const iterator operator++(int increment) {
index_ += increment;
return *this;
}
@@ -87,7 +87,7 @@
index_--;
return *this;
}
- iterator& operator--(int decrement) {
+ const iterator operator--(int decrement) {
index_ -= decrement;
return *this;
}
diff --git a/libcutils/fs_config.cpp b/libcutils/fs_config.cpp
index b29638c..d0d83de 100644
--- a/libcutils/fs_config.cpp
+++ b/libcutils/fs_config.cpp
@@ -84,7 +84,7 @@
{ 00755, AID_ROOT, AID_ROOT, 0, "system/etc/ppp" },
{ 00755, AID_ROOT, AID_SHELL, 0, "system/vendor" },
{ 00751, AID_ROOT, AID_SHELL, 0, "system/xbin" },
- { 00755, AID_ROOT, AID_SHELL, 0, "system/apex/*/bin" },
+ { 00751, AID_ROOT, AID_SHELL, 0, "system/apex/*/bin" },
{ 00751, AID_ROOT, AID_SHELL, 0, "vendor/bin" },
{ 00755, AID_ROOT, AID_SHELL, 0, "vendor" },
{ 00755, AID_ROOT, AID_ROOT, 0, 0 },
diff --git a/libcutils/include/private/android_filesystem_config.h b/libcutils/include/private/android_filesystem_config.h
index ae9dab5..e1e8230 100644
--- a/libcutils/include/private/android_filesystem_config.h
+++ b/libcutils/include/private/android_filesystem_config.h
@@ -128,6 +128,7 @@
#define AID_GPU_SERVICE 1072 /* GPU service daemon */
#define AID_NETWORK_STACK 1073 /* network stack service */
#define AID_GSID 1074 /* GSI service daemon */
+#define AID_FSVERITY_CERT 1075 /* fs-verity key ownership in keystore */
/* Changes to this file must be made in AOSP, *not* in internal branches. */
#define AID_SHELL 2000 /* adb and debug shell user */
diff --git a/libion/tests/Android.bp b/libion/tests/Android.bp
index d3b4688..5600702 100644
--- a/libion/tests/Android.bp
+++ b/libion/tests/Android.bp
@@ -24,7 +24,8 @@
srcs: [
"allocate_test.cpp",
"exit_test.cpp",
- "heap_query.cpp",
+ "heap_query.cpp",
+ "system_heap.cpp",
"invalid_values_test.cpp",
"ion_test_fixture.cpp",
"map_test.cpp",
diff --git a/libion/tests/heap_query.cpp b/libion/tests/heap_query.cpp
index bad3bbf..fed8030 100644
--- a/libion/tests/heap_query.cpp
+++ b/libion/tests/heap_query.cpp
@@ -15,6 +15,8 @@
*/
#include <gtest/gtest.h>
+
+#include <ion/ion.h>
#include "ion_test_fixture.h"
class HeapQuery : public IonTest {};
@@ -23,5 +25,24 @@
ASSERT_GT(ion_heaps.size(), 0);
}
-// TODO: Check if we expect some of the default
-// heap types to be present on all devices.
+// TODO: Adjust this test to account for the range of valid carveout and DMA heap ids.
+TEST_F(HeapQuery, HeapIdVerify) {
+ for (const auto& heap : ion_heaps) {
+ SCOPED_TRACE(::testing::Message() << "Invalid id for heap:" << heap.name << ":" << heap.type
+ << ":" << heap.heap_id);
+ switch (heap.type) {
+ case ION_HEAP_TYPE_SYSTEM:
+ ASSERT_TRUE((1 << heap.heap_id) & ION_HEAP_SYSTEM_MASK);
+ break;
+ case ION_HEAP_TYPE_SYSTEM_CONTIG:
+ ASSERT_TRUE((1 << heap.heap_id) & ION_HEAP_SYSTEM_CONTIG_MASK);
+ break;
+ case ION_HEAP_TYPE_CARVEOUT:
+ ASSERT_TRUE((1 << heap.heap_id) & ION_HEAP_CARVEOUT_MASK);
+ break;
+ case ION_HEAP_TYPE_DMA:
+ ASSERT_TRUE((1 << heap.heap_id) & ION_HEAP_TYPE_DMA_MASK);
+ break;
+ }
+ }
+}
diff --git a/libion/tests/system_heap.cpp b/libion/tests/system_heap.cpp
new file mode 100644
index 0000000..fb63888
--- /dev/null
+++ b/libion/tests/system_heap.cpp
@@ -0,0 +1,44 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <unistd.h>
+
+#include <gtest/gtest.h>
+#include <iostream>
+
+#include <ion/ion.h>
+#include "ion_test_fixture.h"
+
+class SystemHeap : public IonTest {};
+
+TEST_F(SystemHeap, Presence) {
+ bool system_heap_found = false;
+ for (const auto& heap : ion_heaps) {
+ if (heap.type == ION_HEAP_TYPE_SYSTEM) {
+ system_heap_found = true;
+ EXPECT_TRUE((1 << heap.heap_id) & ION_HEAP_SYSTEM_MASK);
+ }
+ }
+ // We now expect the system heap to exist from Android
+ ASSERT_TRUE(system_heap_found);
+}
+
+TEST_F(SystemHeap, Allocate) {
+ int fd;
+ ASSERT_EQ(0, ion_alloc_fd(ionfd, getpagesize(), 0, ION_HEAP_SYSTEM_MASK, 0, &fd));
+ ASSERT_TRUE(fd != 0);
+ ASSERT_EQ(close(fd), 0); // free the buffer
+}
diff --git a/libmeminfo/libmeminfo_test.cpp b/libmeminfo/libmeminfo_test.cpp
index 4c2be91..cf5341d 100644
--- a/libmeminfo/libmeminfo_test.cpp
+++ b/libmeminfo/libmeminfo_test.cpp
@@ -31,6 +31,7 @@
#include <android-base/file.h>
#include <android-base/logging.h>
#include <android-base/stringprintf.h>
+#include <android-base/strings.h>
using namespace std;
using namespace android::meminfo;
@@ -334,7 +335,9 @@
// Check for names
EXPECT_EQ(vmas[0].name, "[anon:dalvik-zygote-jit-code-cache]");
EXPECT_EQ(vmas[1].name, "/system/framework/x86_64/boot-framework.art");
- EXPECT_EQ(vmas[2].name, "[anon:libc_malloc]");
+ EXPECT_TRUE(vmas[2].name == "[anon:libc_malloc]" ||
+ android::base::StartsWith(vmas[2].name, "[anon:scudo:"))
+ << "Unknown map name " << vmas[2].name;
EXPECT_EQ(vmas[3].name, "/system/priv-app/SettingsProvider/oat/x86_64/SettingsProvider.odex");
EXPECT_EQ(vmas[4].name, "/system/lib64/libhwui.so");
EXPECT_EQ(vmas[5].name, "[vsyscall]");
@@ -432,7 +435,9 @@
// Check for names
EXPECT_EQ(vmas[0].name, "[anon:dalvik-zygote-jit-code-cache]");
EXPECT_EQ(vmas[1].name, "/system/framework/x86_64/boot-framework.art");
- EXPECT_EQ(vmas[2].name, "[anon:libc_malloc]");
+ EXPECT_TRUE(vmas[2].name == "[anon:libc_malloc]" ||
+ android::base::StartsWith(vmas[2].name, "[anon:scudo:"))
+ << "Unknown map name " << vmas[2].name;
EXPECT_EQ(vmas[3].name, "/system/priv-app/SettingsProvider/oat/x86_64/SettingsProvider.odex");
EXPECT_EQ(vmas[4].name, "/system/lib64/libhwui.so");
EXPECT_EQ(vmas[5].name, "[vsyscall]");
diff --git a/libmemunreachable/MemUnreachable.cpp b/libmemunreachable/MemUnreachable.cpp
index ce937fd..c4add19 100644
--- a/libmemunreachable/MemUnreachable.cpp
+++ b/libmemunreachable/MemUnreachable.cpp
@@ -25,6 +25,7 @@
#include <unordered_map>
#include <android-base/macros.h>
+#include <android-base/strings.h>
#include <backtrace.h>
#include "Allocator.h"
@@ -250,7 +251,8 @@
} else if (mapping_name == current_lib) {
// .rodata or .data section
globals_mappings.emplace_back(*it);
- } else if (mapping_name == "[anon:libc_malloc]") {
+ } else if (mapping_name == "[anon:libc_malloc]" ||
+ android::base::StartsWith(mapping_name, "[anon:scudo:")) {
// named malloc mapping
heap_mappings.emplace_back(*it);
} else if (has_prefix(mapping_name, "[anon:dalvik-")) {
diff --git a/libmemunreachable/ScopedDisableMalloc.h b/libmemunreachable/ScopedDisableMalloc.h
index 655e826..dc863c9 100644
--- a/libmemunreachable/ScopedDisableMalloc.h
+++ b/libmemunreachable/ScopedDisableMalloc.h
@@ -34,8 +34,8 @@
void Disable() {
if (!disabled_) {
- malloc_disable();
disabled_ = true;
+ malloc_disable();
}
}
@@ -71,8 +71,7 @@
class ScopedDisableMallocTimeout {
public:
- explicit ScopedDisableMallocTimeout(
- std::chrono::milliseconds timeout = std::chrono::milliseconds(2000))
+ explicit ScopedDisableMallocTimeout(std::chrono::milliseconds timeout = std::chrono::seconds(10))
: timeout_(timeout), timed_out_(false), disable_malloc_() {
Disable();
}
diff --git a/libnativeloader/Android.bp b/libnativeloader/Android.bp
index b860db9..939bdd7 100644
--- a/libnativeloader/Android.bp
+++ b/libnativeloader/Android.bp
@@ -63,14 +63,6 @@
export_include_dirs: ["include"],
}
-// TODO(jiyong) Remove this when its use in the internal master is
-// switched to libnativeloader-headers
-cc_library_headers {
- name: "libnativeloader-dummy-headers",
- host_supported: true,
- export_include_dirs: ["include"],
-}
-
cc_test {
name: "libnativeloader_test",
srcs: [
diff --git a/libpackagelistparser/Android.bp b/libpackagelistparser/Android.bp
index 0740e7d..b56dcdb 100644
--- a/libpackagelistparser/Android.bp
+++ b/libpackagelistparser/Android.bp
@@ -19,4 +19,5 @@
"libpackagelistparser",
],
test_suites: ["device-tests"],
+ require_root: true,
}
diff --git a/libprocessgroup/OWNERS b/libprocessgroup/OWNERS
index bfa730a..27b9a03 100644
--- a/libprocessgroup/OWNERS
+++ b/libprocessgroup/OWNERS
@@ -1,2 +1,3 @@
ccross@google.com
+surenb@google.com
tomcherry@google.com
diff --git a/libunwindstack/Android.bp b/libunwindstack/Android.bp
index da18af6..8d2299f 100644
--- a/libunwindstack/Android.bp
+++ b/libunwindstack/Android.bp
@@ -183,6 +183,7 @@
"tests/ElfTestUtils.cpp",
"tests/IsolatedSettings.cpp",
"tests/JitDebugTest.cpp",
+ "tests/LocalUpdatableMapsTest.cpp",
"tests/LogFake.cpp",
"tests/MapInfoCreateMemoryTest.cpp",
"tests/MapInfoGetBuildIDTest.cpp",
diff --git a/libunwindstack/Maps.cpp b/libunwindstack/Maps.cpp
index 5da73e4..250e600 100644
--- a/libunwindstack/Maps.cpp
+++ b/libunwindstack/Maps.cpp
@@ -149,9 +149,10 @@
}
// Never delete these maps, they may be in use. The assumption is
- // that there will only every be a handfull of these so waiting
+ // that there will only every be a handful of these so waiting
// to destroy them is not too expensive.
saved_maps_.emplace_back(std::move(info));
+ search_map_idx = old_map_idx + 1;
maps_[old_map_idx] = nullptr;
total_entries--;
}
diff --git a/libunwindstack/include/unwindstack/Maps.h b/libunwindstack/include/unwindstack/Maps.h
index 1784394..e53f367 100644
--- a/libunwindstack/include/unwindstack/Maps.h
+++ b/libunwindstack/include/unwindstack/Maps.h
@@ -105,7 +105,7 @@
const std::string GetMapsFile() const override;
- private:
+ protected:
std::vector<std::unique_ptr<MapInfo>> saved_maps_;
};
diff --git a/libunwindstack/tests/LocalUpdatableMapsTest.cpp b/libunwindstack/tests/LocalUpdatableMapsTest.cpp
new file mode 100644
index 0000000..b816b9a
--- /dev/null
+++ b/libunwindstack/tests/LocalUpdatableMapsTest.cpp
@@ -0,0 +1,274 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <stdint.h>
+#include <sys/mman.h>
+
+#include <string>
+#include <vector>
+
+#include <gtest/gtest.h>
+
+#include <android-base/file.h>
+#include <unwindstack/Maps.h>
+
+namespace unwindstack {
+
+class TestUpdatableMaps : public LocalUpdatableMaps {
+ public:
+ TestUpdatableMaps() : LocalUpdatableMaps() {}
+ virtual ~TestUpdatableMaps() = default;
+
+ const std::string GetMapsFile() const override { return maps_file_; }
+
+ void TestSetMapsFile(const std::string& maps_file) { maps_file_ = maps_file; }
+
+ const std::vector<std::unique_ptr<MapInfo>>& TestGetSavedMaps() { return saved_maps_; }
+
+ private:
+ std::string maps_file_;
+};
+
+class LocalUpdatableMapsTest : public ::testing::Test {
+ protected:
+ static const std::string GetDefaultMapString() {
+ return "3000-4000 r-xp 00000 00:00 0\n8000-9000 r-xp 00000 00:00 0\n";
+ }
+
+ void SetUp() override {
+ TemporaryFile tf;
+ ASSERT_TRUE(android::base::WriteStringToFile(GetDefaultMapString(), tf.path));
+
+ maps_.TestSetMapsFile(tf.path);
+ ASSERT_TRUE(maps_.Parse());
+ ASSERT_EQ(2U, maps_.Total());
+
+ MapInfo* map_info = maps_.Get(0);
+ ASSERT_TRUE(map_info != nullptr);
+ EXPECT_EQ(0x3000U, map_info->start);
+ EXPECT_EQ(0x4000U, map_info->end);
+ EXPECT_EQ(0U, map_info->offset);
+ EXPECT_EQ(PROT_READ | PROT_EXEC, map_info->flags);
+ EXPECT_TRUE(map_info->name.empty());
+
+ map_info = maps_.Get(1);
+ ASSERT_TRUE(map_info != nullptr);
+ EXPECT_EQ(0x8000U, map_info->start);
+ EXPECT_EQ(0x9000U, map_info->end);
+ EXPECT_EQ(0U, map_info->offset);
+ EXPECT_EQ(PROT_READ | PROT_EXEC, map_info->flags);
+ EXPECT_TRUE(map_info->name.empty());
+ }
+
+ TestUpdatableMaps maps_;
+};
+
+TEST_F(LocalUpdatableMapsTest, same_map) {
+ TemporaryFile tf;
+ ASSERT_TRUE(android::base::WriteStringToFile(GetDefaultMapString(), tf.path));
+
+ maps_.TestSetMapsFile(tf.path);
+ ASSERT_TRUE(maps_.Reparse());
+ ASSERT_EQ(2U, maps_.Total());
+ EXPECT_EQ(0U, maps_.TestGetSavedMaps().size());
+
+ MapInfo* map_info = maps_.Get(0);
+ ASSERT_TRUE(map_info != nullptr);
+ EXPECT_EQ(0x3000U, map_info->start);
+ EXPECT_EQ(0x4000U, map_info->end);
+ EXPECT_EQ(0U, map_info->offset);
+ EXPECT_EQ(PROT_READ | PROT_EXEC, map_info->flags);
+ EXPECT_TRUE(map_info->name.empty());
+
+ map_info = maps_.Get(1);
+ ASSERT_TRUE(map_info != nullptr);
+ EXPECT_EQ(0x8000U, map_info->start);
+ EXPECT_EQ(0x9000U, map_info->end);
+ EXPECT_EQ(0U, map_info->offset);
+ EXPECT_EQ(PROT_READ | PROT_EXEC, map_info->flags);
+ EXPECT_TRUE(map_info->name.empty());
+}
+
+TEST_F(LocalUpdatableMapsTest, same_map_new_perms) {
+ TemporaryFile tf;
+ ASSERT_TRUE(
+ android::base::WriteStringToFile("3000-4000 rwxp 00000 00:00 0\n"
+ "8000-9000 r-xp 00000 00:00 0\n",
+ tf.path));
+
+ maps_.TestSetMapsFile(tf.path);
+ ASSERT_TRUE(maps_.Reparse());
+ ASSERT_EQ(2U, maps_.Total());
+
+ MapInfo* map_info = maps_.Get(0);
+ ASSERT_TRUE(map_info != nullptr);
+ EXPECT_EQ(0x3000U, map_info->start);
+ EXPECT_EQ(0x4000U, map_info->end);
+ EXPECT_EQ(0U, map_info->offset);
+ EXPECT_EQ(PROT_READ | PROT_WRITE | PROT_EXEC, map_info->flags);
+ EXPECT_TRUE(map_info->name.empty());
+
+ map_info = maps_.Get(1);
+ ASSERT_TRUE(map_info != nullptr);
+ EXPECT_EQ(0x8000U, map_info->start);
+ EXPECT_EQ(0x9000U, map_info->end);
+ EXPECT_EQ(0U, map_info->offset);
+ EXPECT_EQ(PROT_READ | PROT_EXEC, map_info->flags);
+ EXPECT_TRUE(map_info->name.empty());
+
+ auto& saved_maps = maps_.TestGetSavedMaps();
+ ASSERT_EQ(1U, saved_maps.size());
+ map_info = saved_maps[0].get();
+ ASSERT_TRUE(map_info != nullptr);
+ EXPECT_EQ(0x3000U, map_info->start);
+ EXPECT_EQ(0x4000U, map_info->end);
+ EXPECT_EQ(0U, map_info->offset);
+ EXPECT_EQ(PROT_READ | PROT_EXEC, map_info->flags);
+ EXPECT_TRUE(map_info->name.empty());
+}
+
+TEST_F(LocalUpdatableMapsTest, same_map_new_name) {
+ TemporaryFile tf;
+ ASSERT_TRUE(
+ android::base::WriteStringToFile("3000-4000 r-xp 00000 00:00 0 /fake/lib.so\n"
+ "8000-9000 r-xp 00000 00:00 0\n",
+ tf.path));
+
+ maps_.TestSetMapsFile(tf.path);
+ ASSERT_TRUE(maps_.Reparse());
+ ASSERT_EQ(2U, maps_.Total());
+
+ MapInfo* map_info = maps_.Get(0);
+ ASSERT_TRUE(map_info != nullptr);
+ EXPECT_EQ(0x3000U, map_info->start);
+ EXPECT_EQ(0x4000U, map_info->end);
+ EXPECT_EQ(0U, map_info->offset);
+ EXPECT_EQ(PROT_READ | PROT_EXEC, map_info->flags);
+ EXPECT_EQ("/fake/lib.so", map_info->name);
+
+ map_info = maps_.Get(1);
+ ASSERT_TRUE(map_info != nullptr);
+ EXPECT_EQ(0x8000U, map_info->start);
+ EXPECT_EQ(0x9000U, map_info->end);
+ EXPECT_EQ(0U, map_info->offset);
+ EXPECT_EQ(PROT_READ | PROT_EXEC, map_info->flags);
+ EXPECT_TRUE(map_info->name.empty());
+
+ auto& saved_maps = maps_.TestGetSavedMaps();
+ ASSERT_EQ(1U, saved_maps.size());
+ map_info = saved_maps[0].get();
+ ASSERT_TRUE(map_info != nullptr);
+ EXPECT_EQ(0x3000U, map_info->start);
+ EXPECT_EQ(0x4000U, map_info->end);
+ EXPECT_EQ(0U, map_info->offset);
+ EXPECT_EQ(PROT_READ | PROT_EXEC, map_info->flags);
+ EXPECT_TRUE(map_info->name.empty());
+}
+
+TEST_F(LocalUpdatableMapsTest, only_add_maps) {
+ TemporaryFile tf;
+ ASSERT_TRUE(
+ android::base::WriteStringToFile("1000-2000 r-xp 00000 00:00 0\n"
+ "3000-4000 r-xp 00000 00:00 0\n"
+ "8000-9000 r-xp 00000 00:00 0\n"
+ "a000-f000 r-xp 00000 00:00 0\n",
+ tf.path));
+
+ maps_.TestSetMapsFile(tf.path);
+ ASSERT_TRUE(maps_.Reparse());
+ ASSERT_EQ(4U, maps_.Total());
+ EXPECT_EQ(0U, maps_.TestGetSavedMaps().size());
+
+ MapInfo* map_info = maps_.Get(0);
+ ASSERT_TRUE(map_info != nullptr);
+ EXPECT_EQ(0x1000U, map_info->start);
+ EXPECT_EQ(0x2000U, map_info->end);
+ EXPECT_EQ(0U, map_info->offset);
+ EXPECT_EQ(PROT_READ | PROT_EXEC, map_info->flags);
+ EXPECT_TRUE(map_info->name.empty());
+
+ map_info = maps_.Get(1);
+ ASSERT_TRUE(map_info != nullptr);
+ EXPECT_EQ(0x3000U, map_info->start);
+ EXPECT_EQ(0x4000U, map_info->end);
+ EXPECT_EQ(0U, map_info->offset);
+ EXPECT_EQ(PROT_READ | PROT_EXEC, map_info->flags);
+ EXPECT_TRUE(map_info->name.empty());
+
+ map_info = maps_.Get(2);
+ ASSERT_TRUE(map_info != nullptr);
+ EXPECT_EQ(0x8000U, map_info->start);
+ EXPECT_EQ(0x9000U, map_info->end);
+ EXPECT_EQ(0U, map_info->offset);
+ EXPECT_EQ(PROT_READ | PROT_EXEC, map_info->flags);
+ EXPECT_TRUE(map_info->name.empty());
+
+ map_info = maps_.Get(3);
+ ASSERT_TRUE(map_info != nullptr);
+ EXPECT_EQ(0xa000U, map_info->start);
+ EXPECT_EQ(0xf000U, map_info->end);
+ EXPECT_EQ(0U, map_info->offset);
+ EXPECT_EQ(PROT_READ | PROT_EXEC, map_info->flags);
+ EXPECT_TRUE(map_info->name.empty());
+}
+
+TEST_F(LocalUpdatableMapsTest, all_new_maps) {
+ TemporaryFile tf;
+ ASSERT_TRUE(
+ android::base::WriteStringToFile("1000-2000 r-xp 00000 00:00 0\n"
+ "a000-f000 r-xp 00000 00:00 0\n",
+ tf.path));
+
+ maps_.TestSetMapsFile(tf.path);
+ ASSERT_TRUE(maps_.Reparse());
+ ASSERT_EQ(2U, maps_.Total());
+
+ MapInfo* map_info = maps_.Get(0);
+ ASSERT_TRUE(map_info != nullptr);
+ EXPECT_EQ(0x1000U, map_info->start);
+ EXPECT_EQ(0x2000U, map_info->end);
+ EXPECT_EQ(0U, map_info->offset);
+ EXPECT_EQ(PROT_READ | PROT_EXEC, map_info->flags);
+ EXPECT_TRUE(map_info->name.empty());
+
+ map_info = maps_.Get(1);
+ ASSERT_TRUE(map_info != nullptr);
+ EXPECT_EQ(0xa000U, map_info->start);
+ EXPECT_EQ(0xf000U, map_info->end);
+ EXPECT_EQ(0U, map_info->offset);
+ EXPECT_EQ(PROT_READ | PROT_EXEC, map_info->flags);
+ EXPECT_TRUE(map_info->name.empty());
+
+ auto& saved_maps = maps_.TestGetSavedMaps();
+ ASSERT_EQ(2U, saved_maps.size());
+ map_info = saved_maps[0].get();
+ ASSERT_TRUE(map_info != nullptr);
+ EXPECT_EQ(0x3000U, map_info->start);
+ EXPECT_EQ(0x4000U, map_info->end);
+ EXPECT_EQ(0U, map_info->offset);
+ EXPECT_EQ(PROT_READ | PROT_EXEC, map_info->flags);
+ EXPECT_TRUE(map_info->name.empty());
+
+ map_info = saved_maps[1].get();
+ ASSERT_TRUE(map_info != nullptr);
+ EXPECT_EQ(0x8000U, map_info->start);
+ EXPECT_EQ(0x9000U, map_info->end);
+ EXPECT_EQ(0U, map_info->offset);
+ EXPECT_EQ(PROT_READ | PROT_EXEC, map_info->flags);
+ EXPECT_TRUE(map_info->name.empty());
+}
+
+} // namespace unwindstack
diff --git a/libutils/Looper_test.cpp b/libutils/Looper_test.cpp
index 6fdc0ed..37bdf05 100644
--- a/libutils/Looper_test.cpp
+++ b/libutils/Looper_test.cpp
@@ -11,8 +11,9 @@
#include <utils/threads.h>
+// b/141212746 - increased for virtual platforms with higher volatility
// # of milliseconds to fudge stopwatch measurements
-#define TIMING_TOLERANCE_MS 25
+#define TIMING_TOLERANCE_MS 100
namespace android {
diff --git a/libutils/Timers.cpp b/libutils/Timers.cpp
index c3641ef..1172ae7 100644
--- a/libutils/Timers.cpp
+++ b/libutils/Timers.cpp
@@ -22,7 +22,8 @@
#include <limits.h>
#include <time.h>
-#if defined(__ANDROID__)
+// host linux support requires Linux 2.6.39+
+#if defined(__linux__)
nsecs_t systemTime(int clock)
{
static const clockid_t clocks[] = {
@@ -41,8 +42,7 @@
nsecs_t systemTime(int /*clock*/)
{
// Clock support varies widely across hosts. Mac OS doesn't support
- // posix clocks, older glibcs don't support CLOCK_BOOTTIME and Windows
- // is windows.
+ // CLOCK_BOOTTIME, and Windows is windows.
struct timeval t;
t.tv_sec = t.tv_usec = 0;
gettimeofday(&t, nullptr);
diff --git a/libutils/include/utils/ByteOrder.h b/libutils/include/utils/ByteOrder.h
index 44ea13d..9b940e6 100644
--- a/libutils/include/utils/ByteOrder.h
+++ b/libutils/include/utils/ByteOrder.h
@@ -14,10 +14,17 @@
* limitations under the License.
*/
-//
+#pragma once
-#ifndef _LIBS_UTILS_BYTE_ORDER_H
-#define _LIBS_UTILS_BYTE_ORDER_H
+/*
+ * If you're looking for a portable <endian.h> that's available on Android,
+ * Linux, macOS, and Windows, see <android-base/endian.h> instead.
+ *
+ * Nothing in this file is useful because all supported Android ABIs are
+ * little-endian and all our code that runs on the host assumes that the host is
+ * also little-endian. What pretense at big-endian support exists is completely
+ * untested and unlikely to actually work.
+ */
#include <stdint.h>
#include <sys/types.h>
@@ -27,55 +34,12 @@
#include <netinet/in.h>
#endif
-/*
- * These macros are like the hton/ntoh byte swapping macros,
- * except they allow you to swap to and from the "device" byte
- * order. The device byte order is the endianness of the target
- * device -- for the ARM CPUs we use today, this is little endian.
- *
- * Note that the byte swapping functions have not been optimized
- * much; performance is currently not an issue for them since the
- * intent is to allow us to avoid byte swapping on the device.
- */
+/* TODO: move this cruft to frameworks/. */
-static inline uint32_t android_swap_long(uint32_t v)
-{
- return (v<<24) | ((v<<8)&0x00FF0000) | ((v>>8)&0x0000FF00) | (v>>24);
-}
+#define dtohl(x) (x)
+#define dtohs(x) (x)
+#define htodl(x) (x)
+#define htods(x) (x)
-static inline uint16_t android_swap_short(uint16_t v)
-{
- return (v<<8) | (v>>8);
-}
-
-#define DEVICE_BYTE_ORDER LITTLE_ENDIAN
-
-#if BYTE_ORDER == DEVICE_BYTE_ORDER
-
-#define dtohl(x) (x)
-#define dtohs(x) (x)
-#define htodl(x) (x)
-#define htods(x) (x)
-
-#else
-
-#define dtohl(x) (android_swap_long(x))
-#define dtohs(x) (android_swap_short(x))
-#define htodl(x) (android_swap_long(x))
-#define htods(x) (android_swap_short(x))
-
-#endif
-
-#if BYTE_ORDER == LITTLE_ENDIAN
#define fromlel(x) (x)
-#define fromles(x) (x)
#define tolel(x) (x)
-#define toles(x) (x)
-#else
-#define fromlel(x) (android_swap_long(x))
-#define fromles(x) (android_swap_short(x))
-#define tolel(x) (android_swap_long(x))
-#define toles(x) (android_swap_short(x))
-#endif
-
-#endif // _LIBS_UTILS_BYTE_ORDER_H
diff --git a/libutils/include/utils/Trace.h b/libutils/include/utils/Trace.h
index 4b9c91e..fec0ffa 100644
--- a/libutils/include/utils/Trace.h
+++ b/libutils/include/utils/Trace.h
@@ -17,7 +17,12 @@
#ifndef ANDROID_TRACE_H
#define ANDROID_TRACE_H
-#if defined(__ANDROID__)
+#if defined(_WIN32)
+
+#define ATRACE_NAME(...)
+#define ATRACE_CALL()
+
+#else // !_WIN32
#include <stdint.h>
@@ -51,11 +56,6 @@
} // namespace android
-#else // !__ANDROID__
-
-#define ATRACE_NAME(...)
-#define ATRACE_CALL()
-
-#endif // __ANDROID__
+#endif // _WIN32
#endif // ANDROID_TRACE_H
diff --git a/logcat/logcat.cpp b/logcat/logcat.cpp
index e2711af..4dcb338 100644
--- a/logcat/logcat.cpp
+++ b/logcat/logcat.cpp
@@ -32,6 +32,7 @@
#include <stdlib.h>
#include <string.h>
#include <sys/cdefs.h>
+#include <sys/ioctl.h>
#include <sys/resource.h>
#include <sys/socket.h>
#include <sys/stat.h>
@@ -158,8 +159,22 @@
enum helpType showHelp, const char* fmt, ...)
__printflike(3, 4);
-static int openLogFile(const char* pathname) {
- return open(pathname, O_WRONLY | O_APPEND | O_CREAT, S_IRUSR | S_IWUSR);
+#ifndef F2FS_IOC_SET_PIN_FILE
+#define F2FS_IOCTL_MAGIC 0xf5
+#define F2FS_IOC_SET_PIN_FILE _IOW(F2FS_IOCTL_MAGIC, 13, __u32)
+#endif
+
+static int openLogFile(const char* pathname, size_t sizeKB) {
+ int fd = open(pathname, O_WRONLY | O_APPEND | O_CREAT, S_IRUSR | S_IWUSR);
+ if (fd < 0) {
+ return fd;
+ }
+
+ // no need to check errors
+ __u32 set = 1;
+ ioctl(fd, F2FS_IOC_SET_PIN_FILE, &set);
+ fallocate(fd, FALLOC_FL_KEEP_SIZE, 0, (sizeKB << 10));
+ return fd;
}
static void close_output(android_logcat_context_internal* context) {
@@ -192,6 +207,7 @@
if (context->fds[1] == context->output_fd) {
context->fds[1] = -1;
}
+ posix_fadvise(context->output_fd, 0, 0, POSIX_FADV_DONTNEED);
close(context->output_fd);
}
context->output_fd = -1;
@@ -276,7 +292,7 @@
}
}
- context->output_fd = openLogFile(context->outputFileName);
+ context->output_fd = openLogFile(context->outputFileName, context->logRotateSizeKBytes);
if (context->output_fd < 0) {
logcat_panic(context, HELP_FALSE, "couldn't open output file");
@@ -398,7 +414,7 @@
close_output(context);
- context->output_fd = openLogFile(context->outputFileName);
+ context->output_fd = openLogFile(context->outputFileName, context->logRotateSizeKBytes);
if (context->output_fd < 0) {
logcat_panic(context, HELP_FALSE, "couldn't open output file");
diff --git a/logcat/logcatd.rc b/logcat/logcatd.rc
index 26c9de3..e986184 100644
--- a/logcat/logcatd.rc
+++ b/logcat/logcatd.rc
@@ -52,7 +52,7 @@
stop logcatd
# logcatd service
-service logcatd /system/bin/logcatd -L -b ${logd.logpersistd.buffer:-all} -v threadtime -v usec -v printable -D -f /data/misc/logd/logcat -r ${logd.logpersistd.rotate_kbytes:-1024} -n ${logd.logpersistd.size:-256} --id=${ro.build.id}
+service logcatd /system/bin/logcatd -L -b ${logd.logpersistd.buffer:-all} -v threadtime -v usec -v printable -D -f /data/misc/logd/logcat -r ${logd.logpersistd.rotate_kbytes:-2048} -n ${logd.logpersistd.size:-256} --id=${ro.build.id}
class late_start
disabled
# logd for write to /data/misc/logd, log group for read from log daemon
diff --git a/logd/LogAudit.cpp b/logd/LogAudit.cpp
index 5a375ec..665bd38 100644
--- a/logd/LogAudit.cpp
+++ b/logd/LogAudit.cpp
@@ -160,7 +160,7 @@
}
auto search = denial_to_bug.find(scontext + tcontext + tclass);
if (search != denial_to_bug.end()) {
- bug_num->assign(" b/" + search->second);
+ bug_num->assign(" " + search->second);
} else {
bug_num->assign("");
}
diff --git a/property_service/libpropertyinfoserializer/Android.bp b/property_service/libpropertyinfoserializer/Android.bp
index 51c1226..aa02a3a 100644
--- a/property_service/libpropertyinfoserializer/Android.bp
+++ b/property_service/libpropertyinfoserializer/Android.bp
@@ -1,7 +1,6 @@
cc_defaults {
name: "propertyinfoserializer_defaults",
host_supported: true,
- vendor_available: true,
cpp_std: "experimental",
cppflags: [
"-Wall",
@@ -9,8 +8,8 @@
"-Werror",
],
static_libs: [
- "libpropertyinfoparser",
"libbase",
+ "libpropertyinfoparser",
],
}
diff --git a/rootdir/avb/Android.bp b/rootdir/avb/Android.bp
new file mode 100644
index 0000000..85d2786
--- /dev/null
+++ b/rootdir/avb/Android.bp
@@ -0,0 +1,20 @@
+filegroup {
+ name: "q-gsi_avbpubkey",
+ srcs: [
+ "q-gsi.avbpubkey",
+ ],
+}
+
+filegroup {
+ name: "r-gsi_avbpubkey",
+ srcs: [
+ "r-gsi.avbpubkey",
+ ],
+}
+
+filegroup {
+ name: "s-gsi_avbpubkey",
+ srcs: [
+ "s-gsi.avbpubkey",
+ ],
+}
diff --git a/rootdir/etc/ld.config.legacy.txt b/rootdir/etc/ld.config.legacy.txt
index e598f05..bb8d4d0 100644
--- a/rootdir/etc/ld.config.legacy.txt
+++ b/rootdir/etc/ld.config.legacy.txt
@@ -80,16 +80,14 @@
# This namespace exposes externally accessible libraries from the Runtime APEX.
# Keep in sync with the "runtime" namespace in art/build/apex/ld.config.txt.
###############################################################################
+# TODO(b/139408016): Rename this namespace to "art".
namespace.runtime.isolated = true
# Visible to allow links to be created at runtime, e.g. through
# android_link_namespaces in libnativeloader.
namespace.runtime.visible = true
-# TODO(b/139408016): Split the namespaces for the ART and Runtime APEXes
-namespace.runtime.search.paths = /apex/com.android.art/${LIB}
-namespace.runtime.search.paths += /apex/com.android.runtime/${LIB}
-namespace.runtime.asan.search.paths = /apex/com.android.art/${LIB}
-namespace.runtime.asan.search.paths += /apex/com.android.runtime/${LIB}
+namespace.runtime.search.paths = /apex/com.android.art/${LIB}
+namespace.runtime.asan.search.paths = /apex/com.android.art/${LIB}
namespace.runtime.links = default
# Need allow_all_shared_libs because libart.so can dlopen oat files in
# /system/framework and /data.
@@ -181,6 +179,7 @@
namespace.neuralnetworks.link.default.shared_libs += liblog.so
namespace.neuralnetworks.link.default.shared_libs += libm.so
namespace.neuralnetworks.link.default.shared_libs += libnativewindow.so
+namespace.neuralnetworks.link.default.shared_libs += libneuralnetworks_packageinfo.so
namespace.neuralnetworks.link.default.shared_libs += libsync.so
namespace.neuralnetworks.link.default.shared_libs += libvndksupport.so
diff --git a/rootdir/etc/ld.config.txt b/rootdir/etc/ld.config.txt
index e1da587..60035aa 100644
--- a/rootdir/etc/ld.config.txt
+++ b/rootdir/etc/ld.config.txt
@@ -161,16 +161,14 @@
# This namespace exposes externally accessible libraries from the Runtime APEX.
# Keep in sync with the "runtime" namespace in art/build/apex/ld.config.txt.
###############################################################################
+# TODO(b/139408016): Rename this namespace to "art".
namespace.runtime.isolated = true
# Visible to allow links to be created at runtime, e.g. through
# android_link_namespaces in libnativeloader.
namespace.runtime.visible = true
-# TODO(b/139408016): Split the namespaces for the ART and Runtime APEXes
-namespace.runtime.search.paths = /apex/com.android.art/${LIB}
-namespace.runtime.search.paths += /apex/com.android.runtime/${LIB}
-namespace.runtime.asan.search.paths = /apex/com.android.art/${LIB}
-namespace.runtime.asan.search.paths += /apex/com.android.runtime/${LIB}
+namespace.runtime.search.paths = /apex/com.android.art/${LIB}
+namespace.runtime.asan.search.paths = /apex/com.android.art/${LIB}
namespace.runtime.links = default
# Need allow_all_shared_libs because libart.so can dlopen oat files in
# /system/framework and /data.
@@ -422,6 +420,7 @@
namespace.neuralnetworks.link.default.shared_libs += liblog.so
namespace.neuralnetworks.link.default.shared_libs += libm.so
namespace.neuralnetworks.link.default.shared_libs += libnativewindow.so
+namespace.neuralnetworks.link.default.shared_libs += libneuralnetworks_packageinfo.so
namespace.neuralnetworks.link.default.shared_libs += libsync.so
namespace.neuralnetworks.link.default.shared_libs += libvndksupport.so
@@ -490,13 +489,11 @@
# This namespace exposes externally accessible libraries from the Runtime APEX.
# Keep in sync with the "runtime" namespace in art/build/apex/ld.config.txt.
###############################################################################
+# TODO(b/139408016): Rename this namespace to "art".
namespace.runtime.isolated = true
-# TODO(b/139408016): Split the namespaces for the ART and Runtime APEXes
-namespace.runtime.search.paths = /apex/com.android.art/${LIB}
-namespace.runtime.search.paths += /apex/com.android.runtime/${LIB}
-namespace.runtime.asan.search.paths = /apex/com.android.art/${LIB}
-namespace.runtime.asan.search.paths += /apex/com.android.runtime/${LIB}
+namespace.runtime.search.paths = /apex/com.android.art/${LIB}
+namespace.runtime.asan.search.paths = /apex/com.android.art/${LIB}
namespace.runtime.links = system
# TODO(b/130340935): Use a dynamically created linker namespace similar to
# classloader-namespace for oat files, and tighten this up.
@@ -645,6 +642,7 @@
namespace.neuralnetworks.link.system.shared_libs += liblog.so
namespace.neuralnetworks.link.system.shared_libs += libm.so
namespace.neuralnetworks.link.system.shared_libs += libnativewindow.so
+namespace.neuralnetworks.link.system.shared_libs += libneuralnetworks_packageinfo.so
namespace.neuralnetworks.link.system.shared_libs += libsync.so
namespace.neuralnetworks.link.system.shared_libs += libvndksupport.so
@@ -697,16 +695,14 @@
# This namespace exposes externally accessible libraries from the Runtime APEX.
# Keep in sync with the "runtime" namespace in art/build/apex/ld.config.txt.
###############################################################################
+# TODO(b/139408016): Rename this namespace to "art".
namespace.runtime.isolated = true
# Visible to allow links to be created at runtime, e.g. through
# android_link_namespaces in libnativeloader.
namespace.runtime.visible = true
-# TODO(b/139408016): Split the namespaces for the ART and Runtime APEXes
-namespace.runtime.search.paths = /apex/com.android.art/${LIB}
-namespace.runtime.search.paths += /apex/com.android.runtime/${LIB}
-namespace.runtime.asan.search.paths = /apex/com.android.art/${LIB}
-namespace.runtime.asan.search.paths += /apex/com.android.runtime/${LIB}
+namespace.runtime.search.paths = /apex/com.android.art/${LIB}
+namespace.runtime.asan.search.paths = /apex/com.android.art/${LIB}
namespace.runtime.links = default
# TODO(b/130340935): Use a dynamically created linker namespace similar to
# classloader-namespace for oat files, and tighten this up.
@@ -788,6 +784,7 @@
namespace.neuralnetworks.link.default.shared_libs += liblog.so
namespace.neuralnetworks.link.default.shared_libs += libm.so
namespace.neuralnetworks.link.default.shared_libs += libnativewindow.so
+namespace.neuralnetworks.link.default.shared_libs += libneuralnetworks_packageinfo.so
namespace.neuralnetworks.link.default.shared_libs += libsync.so
namespace.neuralnetworks.link.default.shared_libs += libvndksupport.so
diff --git a/rootdir/etc/ld.config.vndk_lite.txt b/rootdir/etc/ld.config.vndk_lite.txt
index 4beabd6..b9b95a6 100644
--- a/rootdir/etc/ld.config.vndk_lite.txt
+++ b/rootdir/etc/ld.config.vndk_lite.txt
@@ -100,16 +100,14 @@
# This namespace pulls in externally accessible libs from the Runtime APEX.
# Keep in sync with the "runtime" namespace in art/build/apex/ld.config.txt.
###############################################################################
+# TODO(b/139408016): Rename this namespace to "art".
namespace.runtime.isolated = true
# Visible to allow links to be created at runtime, e.g. through
# android_link_namespaces in libnativeloader.
namespace.runtime.visible = true
-# TODO(b/139408016): Split the namespaces for the ART and Runtime APEXes
-namespace.runtime.search.paths = /apex/com.android.art/${LIB}
-namespace.runtime.search.paths += /apex/com.android.runtime/${LIB}
-namespace.runtime.asan.search.paths = /apex/com.android.art/${LIB}
-namespace.runtime.asan.search.paths += /apex/com.android.runtime/${LIB}
+namespace.runtime.search.paths = /apex/com.android.art/${LIB}
+namespace.runtime.asan.search.paths = /apex/com.android.art/${LIB}
namespace.runtime.links = default
# Need allow_all_shared_libs because libart.so can dlopen oat files in
# /system/framework and /data.
@@ -346,6 +344,7 @@
namespace.neuralnetworks.link.default.shared_libs += liblog.so
namespace.neuralnetworks.link.default.shared_libs += libm.so
namespace.neuralnetworks.link.default.shared_libs += libnativewindow.so
+namespace.neuralnetworks.link.default.shared_libs += libneuralnetworks_packageinfo.so
namespace.neuralnetworks.link.default.shared_libs += libsync.so
namespace.neuralnetworks.link.default.shared_libs += libvndksupport.so
@@ -420,13 +419,11 @@
# This namespace exposes externally accessible libraries from the Runtime APEX.
# Keep in sync with the "runtime" namespace in art/build/apex/ld.config.txt.
###############################################################################
+# TODO(b/139408016): Rename this namespace to "art".
namespace.runtime.isolated = true
-# TODO(b/139408016): Split the namespaces for the ART and Runtime APEXes
-namespace.runtime.search.paths = /apex/com.android.art/${LIB}
-namespace.runtime.search.paths += /apex/com.android.runtime/${LIB}
-namespace.runtime.asan.search.paths = /apex/com.android.art/${LIB}
-namespace.runtime.asan.search.paths += /apex/com.android.runtime/${LIB}
+namespace.runtime.search.paths = /apex/com.android.art/${LIB}
+namespace.runtime.asan.search.paths = /apex/com.android.art/${LIB}
namespace.runtime.links = default
# TODO(b/130340935): Use a dynamically created linker namespace similar to
# classloader-namespace for oat files, and tighten this up.
@@ -449,6 +446,7 @@
namespace.neuralnetworks.link.default.shared_libs += liblog.so
namespace.neuralnetworks.link.default.shared_libs += libm.so
namespace.neuralnetworks.link.default.shared_libs += libnativewindow.so
+namespace.neuralnetworks.link.default.shared_libs += libneuralnetworks_packageinfo.so
namespace.neuralnetworks.link.default.shared_libs += libsync.so
namespace.neuralnetworks.link.default.shared_libs += libvndksupport.so
@@ -504,16 +502,14 @@
# This namespace exposes externally accessible libraries from the Runtime APEX.
# Keep in sync with the "runtime" namespace in art/build/apex/ld.config.txt.
###############################################################################
+# TODO(b/139408016): Rename this namespace to "art".
namespace.runtime.isolated = true
# Visible to allow links to be created at runtime, e.g. through
# android_link_namespaces in libnativeloader.
namespace.runtime.visible = true
-# TODO(b/139408016): Split the namespaces for the ART and Runtime APEXes
-namespace.runtime.search.paths = /apex/com.android.art/${LIB}
-namespace.runtime.search.paths += /apex/com.android.runtime/${LIB}
-namespace.runtime.asan.search.paths = /apex/com.android.art/${LIB}
-namespace.runtime.asan.search.paths += /apex/com.android.runtime/${LIB}
+namespace.runtime.search.paths = /apex/com.android.art/${LIB}
+namespace.runtime.asan.search.paths = /apex/com.android.art/${LIB}
namespace.runtime.links = default
# TODO(b/130340935): Use a dynamically created linker namespace similar to
# classloader-namespace for oat files, and tighten this up.
@@ -591,6 +587,7 @@
namespace.neuralnetworks.link.default.shared_libs += liblog.so
namespace.neuralnetworks.link.default.shared_libs += libm.so
namespace.neuralnetworks.link.default.shared_libs += libnativewindow.so
+namespace.neuralnetworks.link.default.shared_libs += libneuralnetworks_packageinfo.so
namespace.neuralnetworks.link.default.shared_libs += libsync.so
namespace.neuralnetworks.link.default.shared_libs += libvndksupport.so
diff --git a/rootdir/init.environ.rc.in b/rootdir/init.environ.rc.in
index 17f6596..50005d9 100644
--- a/rootdir/init.environ.rc.in
+++ b/rootdir/init.environ.rc.in
@@ -5,7 +5,7 @@
export ANDROID_ASSETS /system/app
export ANDROID_DATA /data
export ANDROID_STORAGE /storage
- export ANDROID_RUNTIME_ROOT /apex/com.android.art
+ export ANDROID_ART_ROOT /apex/com.android.art
export ANDROID_I18N_ROOT /apex/com.android.i18n
export ANDROID_TZDATA_ROOT /apex/com.android.tzdata
export EXTERNAL_STORAGE /sdcard
diff --git a/rootdir/init.rc b/rootdir/init.rc
index 0d3d4db..c61fd90 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -52,6 +52,40 @@
# the libraries are available to the processes started after this statement.
exec_start apexd-bootstrap
+ # These must already exist by the time boringssl_self_test32 / boringssl_self_test64 run.
+ mkdir /dev/boringssl 0755 root root
+ mkdir /dev/boringssl/selftest 0755 root root
+
+# Run boringssl self test for each ABI so that later processes can skip it. http://b/139348610
+on early-init && property:ro.product.cpu.abilist32=*
+ exec_start boringssl_self_test32
+on early-init && property:ro.product.cpu.abilist64=*
+ exec_start boringssl_self_test64
+on property:apexd.status=ready && property:ro.product.cpu.abilist32=*
+ exec_start boringssl_self_test_apex32
+on property:apexd.status=ready && property:ro.product.cpu.abilist64=*
+ exec_start boringssl_self_test_apex64
+
+service boringssl_self_test32 /system/bin/boringssl_self_test32
+ setenv BORINGSSL_SELF_TEST_CREATE_FLAG true # Any nonempty value counts as true
+ reboot_on_failure reboot,boringssl-self-check-failed
+ stdio_to_kmsg
+
+service boringssl_self_test64 /system/bin/boringssl_self_test64
+ setenv BORINGSSL_SELF_TEST_CREATE_FLAG true # Any nonempty value counts as true
+ reboot_on_failure reboot,boringssl-self-check-failed
+ stdio_to_kmsg
+
+service boringssl_self_test_apex32 /apex/com.android.conscrypt/bin/boringssl_self_test32
+ setenv BORINGSSL_SELF_TEST_CREATE_FLAG true # Any nonempty value counts as true
+ reboot_on_failure reboot,boringssl-self-check-failed
+ stdio_to_kmsg
+
+service boringssl_self_test_apex64 /apex/com.android.conscrypt/bin/boringssl_self_test64
+ setenv BORINGSSL_SELF_TEST_CREATE_FLAG true # Any nonempty value counts as true
+ reboot_on_failure reboot,boringssl-self-check-failed
+ stdio_to_kmsg
+
on init
sysclktz 0
@@ -124,13 +158,17 @@
mkdir /mnt/user/0/self 0755 root root
mkdir /mnt/user/0/emulated 0755 root root
mkdir /mnt/user/0/emulated/0 0755 root root
+
+ # Prepare directories for pass through processes
+ mkdir /mnt/pass_through 0755 root root
+ mkdir /mnt/pass_through/0 0755 root root
+ mkdir /mnt/pass_through/0/self 0755 root root
+ mkdir /mnt/pass_through/0/emulated 0755 root root
+ mkdir /mnt/pass_through/0/emulated/0 0755 root root
+
mkdir /mnt/expand 0771 system system
mkdir /mnt/appfuse 0711 root root
- # These must already exist by the time boringssl_self_test32 / boringssl_self_test64 run.
- mkdir /dev/boringssl 0755 root root
- mkdir /dev/boringssl/selftest 0755 root root
-
# Storage views to support runtime permissions
mkdir /mnt/runtime 0700 root root
mkdir /mnt/runtime/default 0755 root root
@@ -315,16 +353,6 @@
start hwservicemanager
start vndservicemanager
-# Run boringssl self test for each ABI so that later processes can skip it. http://b/139348610
-on init && property:ro.product.cpu.abilist32=*:
- exec_reboot_on_failure boringssl-self-check-failed /system/bin/boringssl_self_test32
-on init && property:ro.product.cpu.abilist64=*
- exec_reboot_on_failure boringssl-self-check-failed /system/bin/boringssl_self_test64
-on property:apexd.status=ready && property:ro.product.cpu.abilist64=*
- exec_reboot_on_failure boringssl-self-check-failed /apex/com.android.conscrypt/bin/boringssl_self_test64
-on property:apexd.status=ready && property:ro.product.cpu.abilist32=*
- exec_reboot_on_failure boringssl-self-check-failed /apex/com.android.conscrypt/bin/boringssl_self_test32
-
# Healthd can trigger a full boot from charger mode by signaling this
# property when the power button is held.
on property:sys.boot_from_charger_mode=1
@@ -445,7 +473,6 @@
mark_post_data
# Start checkpoint before we touch data
- start vold
exec - system system -- /system/bin/vdc checkpoint prepareCheckpoint
# We chown/chmod /data again so because mount is run as root + defaults
@@ -663,6 +690,8 @@
# Mount default storage into root namespace
mount none /mnt/user/0 /storage bind rec
mount none none /storage slave rec
+ # Bootstrap the emulated volume for the pass_through directory for user 0
+ mount none /data/media /mnt/pass_through/0/emulated bind rec
on zygote-start && property:persist.sys.fuse=false
# Mount default storage into root namespace
mount none /mnt/runtime/default /storage bind rec
@@ -841,6 +870,9 @@
on property:sys.boot_completed=1
bootchart stop
+ # Setup per_boot directory so other .rc could start to use it on boot_completed
+ exec - system system -- /bin/rm -rf /data/per_boot
+ mkdir /data/per_boot 0700 system system
# system server cannot write to /proc/sys files,
# and chown/chmod does not work for /proc/sys/ entries.
diff --git a/rootdir/update_and_install_ld_config.mk b/rootdir/update_and_install_ld_config.mk
index dbe60e5..c4b8e4e 100644
--- a/rootdir/update_and_install_ld_config.mk
+++ b/rootdir/update_and_install_ld_config.mk
@@ -70,19 +70,30 @@
# /system image.
llndk_libraries_moved_to_apex_list:=$(LLNDK_MOVED_TO_APEX_LIBRARIES)
+# Returns the unique installed basenames of a module, or module.so if there are
+# none. The guess is to handle cases like libc, where the module itself is
+# marked uninstallable but a symlink is installed with the name libc.so.
# $(1): list of libraries
-# $(2): output file to write the list of libraries to
-define write-libs-to-file
-$(2): PRIVATE_LIBRARIES := $(1)
-$(2):
- echo -n > $$@ && $$(foreach lib,$$(PRIVATE_LIBRARIES),echo $$(lib).so >> $$@;)
+# $(2): suffix to to add to each library (not used for guess)
+define module-installed-files-or-guess
+$(foreach lib,$(1),$(or $(strip $(sort $(notdir $(call module-installed-files,$(lib)$(2))))),$(lib).so))
endef
-$(eval $(call write-libs-to-file,$(llndk_libraries_list),$(llndk_libraries_file)))
-$(eval $(call write-libs-to-file,$(vndksp_libraries_list),$(vndksp_libraries_file)))
-$(eval $(call write-libs-to-file,$(VNDK_CORE_LIBRARIES),$(vndkcore_libraries_file)))
-$(eval $(call write-libs-to-file,$(VNDK_PRIVATE_LIBRARIES),$(vndkprivate_libraries_file)))
+
+# $(1): list of libraries
+# $(2): suffix to add to each library
+# $(3): output file to write the list of libraries to
+define write-libs-to-file
+$(3): PRIVATE_LIBRARIES := $(1)
+$(3): PRIVATE_SUFFIX := $(2)
+$(3):
+ echo -n > $$@ && $$(foreach so,$$(call module-installed-files-or-guess,$$(PRIVATE_LIBRARIES),$$(PRIVATE_SUFFIX)),echo $$(so) >> $$@;)
+endef
+$(eval $(call write-libs-to-file,$(llndk_libraries_list),,$(llndk_libraries_file)))
+$(eval $(call write-libs-to-file,$(vndksp_libraries_list),.vendor,$(vndksp_libraries_file)))
+$(eval $(call write-libs-to-file,$(VNDK_CORE_LIBRARIES),.vendor,$(vndkcore_libraries_file)))
+$(eval $(call write-libs-to-file,$(VNDK_PRIVATE_LIBRARIES),.vendor,$(vndkprivate_libraries_file)))
ifeq ($(my_vndk_use_core_variant),true)
-$(eval $(call write-libs-to-file,$(VNDK_USING_CORE_VARIANT_LIBRARIES),$(vndk_using_core_variant_libraries_file)))
+$(eval $(call write-libs-to-file,$(VNDK_USING_CORE_VARIANT_LIBRARIES),,$(vndk_using_core_variant_libraries_file)))
endif
endif # ifneq ($(lib_list_from_prebuilts),true)
@@ -117,7 +128,7 @@
deps := $(llndk_libraries_file) $(vndksp_libraries_file) $(vndkcore_libraries_file) \
$(vndkprivate_libraries_file)
ifeq ($(check_backward_compatibility),true)
-deps += $(compatibility_check_script)
+deps += $(compatibility_check_script) $(wildcard prebuilts/vndk/*/*/configs/ld.config.*.txt)
endif
ifeq ($(my_vndk_use_core_variant),true)
$(LOCAL_BUILT_MODULE): PRIVATE_VNDK_USING_CORE_VARIANT_LIBRARIES_FILE := $(vndk_using_core_variant_libraries_file)
diff --git a/trusty/keymaster/4.0/TrustyKeymaster4Device.cpp b/trusty/keymaster/4.0/TrustyKeymaster4Device.cpp
index b5fc6bf..ec2ba12 100644
--- a/trusty/keymaster/4.0/TrustyKeymaster4Device.cpp
+++ b/trusty/keymaster/4.0/TrustyKeymaster4Device.cpp
@@ -17,6 +17,7 @@
#define LOG_TAG "android.hardware.keymaster@4.0-impl.trusty"
+#include <android/hardware/keymaster/3.0/IKeymasterDevice.h>
#include <authorization_set.h>
#include <cutils/log.h>
#include <keymaster/android_keymaster_messages.h>
@@ -46,6 +47,9 @@
using ::keymaster::UpdateOperationResponse;
using ::keymaster::ng::Tag;
+typedef ::android::hardware::keymaster::V3_0::Tag Tag3;
+using ::android::hardware::keymaster::V4_0::Constants;
+
namespace keymaster {
namespace V4_0 {
namespace {
@@ -79,6 +83,45 @@
return keymaster_tag_get_type(tag);
}
+/*
+ * injectAuthToken translates a KM4 authToken into a legacy AUTH_TOKEN tag
+ *
+ * Currently, system/keymaster's reference implementation only accepts this
+ * method for passing an auth token, so until that changes we need to
+ * translate to the old format.
+ */
+inline hidl_vec<KeyParameter> injectAuthToken(const hidl_vec<KeyParameter>& keyParamsBase,
+ const HardwareAuthToken& authToken) {
+ std::vector<KeyParameter> keyParams(keyParamsBase);
+ const size_t mac_len = static_cast<size_t>(Constants::AUTH_TOKEN_MAC_LENGTH);
+ /*
+ * mac.size() == 0 indicates no token provided, so we should not copy.
+ * mac.size() != mac_len means it is incompatible with the old
+ * hw_auth_token_t structure. This is forbidden by spec, but to be safe
+ * we only copy if mac.size() == mac_len, e.g. there is an authToken
+ * with a hw_auth_token_t compatible MAC.
+ */
+ if (authToken.mac.size() == mac_len) {
+ KeyParameter p;
+ p.tag = static_cast<Tag>(Tag3::AUTH_TOKEN);
+ p.blob.resize(sizeof(hw_auth_token_t));
+
+ hw_auth_token_t* auth_token = reinterpret_cast<hw_auth_token_t*>(p.blob.data());
+ auth_token->version = 0;
+ auth_token->challenge = authToken.challenge;
+ auth_token->user_id = authToken.userId;
+ auth_token->authenticator_id = authToken.authenticatorId;
+ auth_token->authenticator_type =
+ htobe32(static_cast<uint32_t>(authToken.authenticatorType));
+ auth_token->timestamp = htobe64(authToken.timestamp);
+ static_assert(mac_len == sizeof(auth_token->hmac));
+ memcpy(auth_token->hmac, authToken.mac.data(), mac_len);
+ keyParams.push_back(p);
+ }
+
+ return hidl_vec<KeyParameter>(std::move(keyParams));
+}
+
class KmParamSet : public keymaster_key_param_set_t {
public:
KmParamSet(const hidl_vec<KeyParameter>& keyParams) {
@@ -472,11 +515,11 @@
Return<void> TrustyKeymaster4Device::begin(KeyPurpose purpose, const hidl_vec<uint8_t>& key,
const hidl_vec<KeyParameter>& inParams,
const HardwareAuthToken& authToken, begin_cb _hidl_cb) {
- (void)authToken;
+ hidl_vec<KeyParameter> extendedParams = injectAuthToken(inParams, authToken);
BeginOperationRequest request;
request.purpose = legacy_enum_conversion(purpose);
request.SetKeyMaterial(key.data(), key.size());
- request.additional_params.Reinitialize(KmParamSet(inParams));
+ request.additional_params.Reinitialize(KmParamSet(extendedParams));
BeginOperationResponse response;
impl_->BeginOperation(request, &response);
@@ -496,16 +539,16 @@
const HardwareAuthToken& authToken,
const VerificationToken& verificationToken,
update_cb _hidl_cb) {
- (void)authToken;
(void)verificationToken;
UpdateOperationRequest request;
UpdateOperationResponse response;
hidl_vec<KeyParameter> resultParams;
hidl_vec<uint8_t> resultBlob;
+ hidl_vec<KeyParameter> extendedParams = injectAuthToken(inParams, authToken);
uint32_t resultConsumed = 0;
request.op_handle = operationHandle;
- request.additional_params.Reinitialize(KmParamSet(inParams));
+ request.additional_params.Reinitialize(KmParamSet(extendedParams));
size_t inp_size = input.size();
size_t ser_size = request.SerializedSize();
@@ -537,13 +580,13 @@
const HardwareAuthToken& authToken,
const VerificationToken& verificationToken,
finish_cb _hidl_cb) {
- (void)authToken;
(void)verificationToken;
FinishOperationRequest request;
+ hidl_vec<KeyParameter> extendedParams = injectAuthToken(inParams, authToken);
request.op_handle = operationHandle;
request.input.Reinitialize(input.data(), input.size());
request.signature.Reinitialize(signature.data(), signature.size());
- request.additional_params.Reinitialize(KmParamSet(inParams));
+ request.additional_params.Reinitialize(KmParamSet(extendedParams));
FinishOperationResponse response;
impl_->FinishOperation(request, &response);
diff --git a/trusty/keymaster/4.0/android.hardware.keymaster@4.0-service.trusty.xml b/trusty/keymaster/4.0/android.hardware.keymaster@4.0-service.trusty.xml
new file mode 100644
index 0000000..aa30707
--- /dev/null
+++ b/trusty/keymaster/4.0/android.hardware.keymaster@4.0-service.trusty.xml
@@ -0,0 +1,11 @@
+<manifest version="1.0" type="device">
+ <hal format="hidl">
+ <name>android.hardware.keymaster</name>
+ <transport>hwbinder</transport>
+ <version>4.0</version>
+ <interface>
+ <name>IKeymasterDevice</name>
+ <instance>default</instance>
+ </interface>
+ </hal>
+</manifest>
diff --git a/trusty/keymaster/Android.bp b/trusty/keymaster/Android.bp
index 3a9beaf..f32a69e 100644
--- a/trusty/keymaster/Android.bp
+++ b/trusty/keymaster/Android.bp
@@ -136,4 +136,6 @@
"libkeymaster4",
"android.hardware.keymaster@4.0"
],
+
+ vintf_fragments: ["4.0/android.hardware.keymaster@4.0-service.trusty.xml"],
}