ImageManager can map images in recovery, but not delete them, because
/data is not mounted. libsnapshot handles this by storing extra state
files, but this is complex to manage and inconvenient for
fs_mgr_overlayfs.
Instead, this patch introduces two new calls:
- DisableImage(), which indicates the image should not be used. This is
implemented by adding a new DISABLED attribute to
LpPartitionMetadata. CreateLogicalPartitions ignores this flag, and
thus recovery/fastbootd can disable the scratch partition and
communicate that it can be deleted. This cannot be called from binder
since it is intended for recovery/first-stage init only.
- RemoveDisabledImages(), which walks the images for a given folder on
/metadata and deletes any that are disabled. This can be called from
binder.
Note that there is no metadata version bump for this flag. It's
considered to be included in the flag list for minor version 1, and
currently is not used for the actual super partition.
Bug: 134949511
Test: adb remount, fastboot flash system
Test: fiemap_image_test
Change-Id: Iaeca2d1eddb5637dd9a20202cafd11ae60b4d0e3
A few times we have wanted to stash small bits of information in the
super header, but we haven't had any bits to do so. This patch addresses
future needs in two ways:
1. A "flags" field has been added for miscellanious bits that do not
need a version bump.
2. The header struct has been padded to 256 bytes to allow for future
expansion without complicating the struct-parsing code.
This is the first time we've materially changed the format, so this
patch needs some extra explanation.
In all the places we rely on sizeof(LpMetadataHeader), we now need to
use the |header_size| field instead. To make newer versions of liblp
compatible with older headers, we read the minimum required header size
and fill in the extra bytes as needed. To make the validation and
reading logic more clear, it is now combined into a single function,
ReadMetdataHeader.
MetadataBuilder will still emit 1.0-compatible headers, to avoid
changing the on-disk format of existing devices. The new header will
only be emitted as-needed.
Bug: 134949511
Test: liblp_test gtest
retrofit DAP device boots
launch DAP device boots
Change-Id: I6221123768ff0057a73967ecb2ff9b006c17af88
UpdatePartitionTable expects to be run on a device, which is a
reasonable assumption. However to implement lpadd (offline modification
of super images), it's useful to be able to run these methods, and
IPartitionOpener allows us to masquerade a flie as a block device.
The only catch is that we can't query partition information on the host.
Since this logic is a protection mechanism, just surround it with
an ifdef for __ANDROID__.
Bug: 144468779
Test: lpadd
Change-Id: I3c50e5677fa1dd59f2d4216038d3d4fbfb6edcc0
This exports an internal variant of WriteToImageFile, since lpadd needs
to call it on an open descriptor. While we're here, switch "int" to
"borrowed_fd".
Bug: 144468779
Test: m lpadd
Change-Id: I2dd35b8a872f8a72a704230d0382398b8982cb0b
When applying a downgrade package on a Virtual A/B device
(to a non-Virtual A/B build), source slot partitions must
be kept in the metadata.
Test: liblp_test
Bug: 138258570
Change-Id: I87afe68bcfa768bdc015f5966b593758b856c741
Remove the extra folder of vts_core for vts_core_liblp_test and
vts_libdm_test since we have a better auto-gen option of auto_gen_config.
Bug: 141684102
Test: 1. m -j vts_core_liblp_test
2. m -j vts_libdm_test
3. check out/.../vts_core_liblp_test.config
and
out/.../vts_libdm_test.config
Change-Id: Ibcdf96104205b50b3da522364199330ad0190c70
Add vts_core_liblp_test to vts-core suite and skip the test if the
first-api-level < 29.
Bug: 132702215
Test: atest vts_core_liblp_test
Change-Id: I09ea8ff923b5300bae513146f6d07dc029d36661
Replace libcrypto with libcrypto_static, which can be protected through
visibility to ensure only modules that don't affect FIPS certification
can use it.
Bug: 141248879
Test: m checkbuild
Change-Id: I5f0b9acfb57f68570f6f58f2395f2bb1bc015365
...so that it can be used by other tests.
Also, clean up the code before exposing it.
Test: libsnapshot_test
Test: liblp_test
Change-Id: I627326f696ea55b7113ff26b313f7dd04e341dc1
Add CreateCowForUpdate / MapSnapshotDevicesForUpdate
that update_engine and init can call them directly.
Bug: 134536978
Test: libsnapshot_test
Change-Id: If53c48855931db27454fd2893745915c77fd37f8
- Open up GetFreeRegions() API.
- Add a new argument, free_region_hint, to ResizePartitions(). It
indicates the regions that extents can be allocated to.
- Expose Interval::Intersect functions. libsnapshot needs the algorithm
to intersect extents to find out the free regions for COW partitions.
Test: liblp_test
Change-Id: I0c079c0e919aa7b0627eb76a071a7cc2a281d692
* changes:
libsnapshot: Improve how devices are collapsed after merging.
fastbootd: Cancel snapshots when modifying partitions.
Clean up update state when snapshots are interrupted or cancelled.
When flashing or resizing partitions, remove the
LP_PARTITION_ATTR_UPDATED flag. This will cause first-stage init to skip
any snapshots for that partition, and the backing storage (if any)
will later be reclaimed.
Bug: 139155473
Test: manual test
Change-Id: I3b185f68dfecb5a93636af0b5ae289ead1363fd0
When the bootloader (or fastbootd) flashes the super partition, we need
to make sure that init doesn't re-map any snapshot or snapshot-merge targets.
A simple way to do this is to introduce an attribute that is only added
by update_engine. When this flag is present, we know the partition has
not been flashed.
This bumps the minor version of LpMetadata. To make this as uninvasive
as possible, the new minor version is only used when MetadataBuilder
detects the new attribute. The new liblp can read older metadata, but will
reject it if it contains an illegal attribute set.
Bug: 139154795
Test: liblp_test gtest
Change-Id: I5ae15d11219b41575a9f71d7dbdb43cbf07a3529
Create a new test binary, liblp_test, that can run on presubmit.
Bug: 138328907
Test: TH
Test: atest liblp_test
Change-Id: I968ff84078524e5733da9b009d9a7222aad299bd
- Fix test so that it skips compliance test on non-DAP devices
and retrofit devices as well. Move these device-dependent tests
into the DeviceTest test suite and skip them on non-DAP devices.
- Also add "ResetPropertyFetcher" in some tests in io_test.cpp.
- Also change some ASSERT to EXPECT.
Note that VtsKernelLiblpTest runs this test. VtsKernelDynamicPartitionsTest
enforces ro.boot.dynamic_partitions to be set.
Bug: 138328907
Test: run it
Change-Id: Ic5cd3921033142f38aae071585f6c0fa563ae362
Before ImageManager was introduced, gsid avoided using PartitionOpener
when writing to external media. PartitionOpener couldn't interact with
non-boot devices, because it prepends /dev/block/by-name. We hacked
around this in both gsid and in first-stage init, which manually detects
the problem and prepends /dev/block instead.
After the ImageManager refactoring, sdcard support broke in gsid,
because it started relying on PartitionOpener. Let's fix this by allowing
/dev/block for mmcblk* names in PartitionOpener.
Bug: 139204329
Test: fiemap_image_test gtest
Change-Id: Ic1cbdbe0a18fc09522ee38cc62b35fd8193ce250
IPartitionOpener is useful for writing gtests, however, it can't easily
be used with CreateLogicalPartition. fs_mgr assumes the super partition
name will map to /dev/block/by-name/super whereas in tests we want to
redirect it to a different block device.
This CL makes two changes. First, it adds a new method to IPartitionOpener
to return a "device string" for a device name. The string must either be
an absolute path (for example /dev/block/by-name/super) or a major:minor
sequence, since device-mapper will accept either.
Second, CreateLogicalPartition now accepts an optional IPartitionOpener.
When converting block devices to paths, it uses the opener instead of
automatically prepending /dev/block/by-name.
Bug: 139204329
Test: liblp_test gtest
libsnapshot_test gtest
Change-Id: Id6b3120cc2ef5c0dd941b29ff96215ad3c8ec848
For Virtual A/B devices, rename partitions / groups ending in
source slot to target slot, so that the metadata can later
be written to target metadata slot.
Test: liblp_test_static
Bug: 135752105
Change-Id: I6a7b25e8da2808b1831f317760f4345df6b22689
For Virtual A/B devices, we snapshot the partitions. Hence
there is no need to prioritize using the second half of super
partition for _b partitions.
Test: liblp_test_static
Bug: 135752105
Change-Id: I8bd669e6ffa0a4d114a1b386133179bd2819099b
Allow to retrieve name of a block device partition at
a certain index. If the index is out of range, return
empty string.
This is needed for an hypothetical edge case when an
intersection of two LinearExtent needs to be computed,
and the two metadata have a different list of block
device names. In reality, Virtual A/B devices are always
launched with dynamic partitions, so it will always return
"super" for index 0 and "" otherwise.
Test: liblp_test_static
Bug: 135752105
Change-Id: I9ea59edefdc41d0e69e3644aa2452676372938b4
Converting all of them to string_view requires some
non-trivial amount of refactoring (because there is not
an implicit conversion from string_view to string), and
hence may be done later if necessary.
Test: builds
Bug: 135752105
Change-Id: I936ae7117500fadc7b34a5b91b279bc863d9919d
It helps to fix a compilation issue with host libc:
core/fs_mgr/liblp/reader.cpp:252:9: error: use of undeclared identifier 'memcpy'; did you mean 'wmemcpy'?
memcpy(&partition, cursor, sizeof(partition));
^~~~~~
wmemcpy
Change-Id: I68f9c5b815b09f846aeba67bce0290f6829c80cf
Move the logic for retrofit DAP to its new function. The new flow
in NewForUpdate is:
metadata = ReadMetadata();
if (retrofit dap) UpdateMetadataForOtherSuper(metadata)
return metadata;
Test: liblp_test_static
Change-Id: I6890fff3a7c44ebe2004de96b2ccbe1e8ce37546
kDefaultGroup is the 'default' group that is never deleted
and has no size constraints. During a virtual a/b update,
the following series of action happens:
- move partitions out of groups that will be shrunk / deleted
(into default)
- shrink / delete these groups
- grow / add other groups
- move those partitions to their destination group.
Otherwise, the metadata is inconsistent.
Bug: 138816109
Test: builds
Change-Id: I57cf4b44dda948377c6b3153756f469caa4652bc
Use dependency injection so that GetProperty / GetBoolProperty
can be mocked in tests.
Test: run liblp_test_static
Change-Id: I8efa85fbbd7aebce2541f748f840e512f3729c30
Changing the type of kDefaultGroup from std::string to std::string_view
allows us to make it a constexpr object. Since kDefaultGroup is the
only dirty object in liblp .bss at runtime, this change turns the .bss
page clean and thus saves 4KB per library load.
Bug: 138856262
Test: Boot cuttlefish and check liblp bss is clean for all 5 processes
that are using it.
Change-Id: I7d7c0992e0ab769f070807f24e1275ffed424b5b
From gtest doc:
Note that googletest takes ownership of the registered environment objects. Therefore do not delete them by yourself.
Test: run it
Change-Id: I275884ddd63a17097c3ea4d9d6bb2b5291dc8c90
Check the value of ro.boot.dynamic_partitions_retrofit instead of
checking the name of the super partition being 'super' is a more
reliable way of determining retrofit DAP devices.
Some devices launch with DAP (e.g. cuttlefish) doesn't have "super"
as the super partition name. When Virtual A/B is implemented on
cuttlefish, update_engine calls NewForUpdate for the current super
partition metadata. Hence, this code needs to check the retrofit
sysprop instead.
Also, renamed IsRetrofitDevice to IsRetrofitMetadata to avoid the
confusion.
Test: OTA on retrofit DAP device
Test: OTA on launch DAP device
Test: liblp_test_static
Change-Id: I4636de854734df1bb61779d9a955217e89fdb2fd
