Also, make sure snapuserd has closed its references. This is preventing
the merge from completing until a reboot.
Bug: N/A
Test: vts_libsnapshot_test
Change-Id: Iba18f887bdb262c630ec44461871e19fe64dbf3c
These tests are failing due to a missing WaitForFile call. Simplify
setting this up by adding a helper.
Bug: N/A
Test: vts_libsnapshot_test
Change-Id: Ic2afa74f72c7e364695233120b2327bae904882a
After Treblized, AOSP do not handle /factory folder. Also, AOSP
does not mount any partition to /factory. /factory has no possibility
to have any content. For factory purpose, it can be implemented in
vendor.
Bug: 177280838
Test: na
Change-Id: I0a2537336c2ef1efbad3e4f9e876aeaa607bc737
If the requested IO is not 4k aligned and spans
between two COW Operations, then we will have
to split the IO as we need to read the partial
buffers from two COW operations.
BUG: 176918488
Test: cow_snapuserd_test - Data verification with unaligned IO
Full OTA on cuttlefish
Signed-off-by: Akilesh Kailash <akailash@google.com>
Change-Id: Icf6801e1767112b92cb7991808860f119adebda2
It is replaced by health HIDL HAL 2.0. Devices launching
with Android P and above must always have health HAL 2.0,
so health HAL is no longer needed for Android S.
Test: TH
Bug: 171260613
Change-Id: I7d94af36a880d7c658e879a3986924a786e58de9
Now that the feature guarded by this flag has landed in Linux 5.10
we no longer need the flag, so we can remove it.
Bug: 135772972
Change-Id: I02fa50848cbd0486c23c8a229bb8f1ab5dd5a56f
With compressed VAB updates, it is not possible to mount /system without
first running snapuserd, which is the userspace component to the dm-user
kernel module. This poses a problem because as soon as selinux
enforcement is enabled, snapuserd (running in a kernel context) does not
have access to read and decompress the underlying system partition.
To account for this, we split SelinuxInitialize into multiple steps:
First, sepolicy is read into an in-memory string.
Second, the device-mapper tables for all snapshots are rebuilt. This
flushes any pending reads and creates new dm-user devices. The original
kernel-privileged snapuserd is then killed.
Third, sepolicy is loaded from the in-memory string.
Fourth, we re-launch snapuserd and connect it to the newly created
dm-user devices. As part of this step we restorecon device-mapper
devices and /dev/block/by-name/super, since the new snapuserd is in a
limited context.
Finally, we set enforcing mode.
This sequence ensures that snapuserd has appropriate privileges with a
minimal number of permissive audits.
Bug: 173476209
Test: full OTA with VABC applies and boots
Change-Id: Ie4e0f5166b01c31a6f337afc26fc58b96217604e
Basically, ro.product.cpu.abilist* are defined by
ro.vendor.cpu.abilist*. And they can be overried by
ro.odm.cpu.abilist* and ro.product.cpu.abilist*.
ro.system.cpu.abilist* are for fallback if others are no defined.
Bug: 176520383
Test: check the result by flashing aosp_arm64-userdebug on
Test: aosp_blueline-user and aosp_blueline-user hacked by
Test: 64-bits-only
Change-Id: I01ae01af099a4ec8fe3d4525edecc233a477ff60
This directory will be used to store the mitigation count
from Package Watchdog in the case of a boot loop, in
order to persist the value across fs-checkpointing
rollbacks. One integer will be stored in a file in this
directory, which will be read and then deleted at the
next boot. No userdata is stored.
See go/rescue-party-reboot for more context.
Test: Manual test using debug.crash_sysui property
and inspecting file
Bug: 171951174
Change-Id: I2bd5e1ebe14d7e9e4f0e0dbeb90cf76b8400752e
This reverts commit 1414a0d4d8.
Reason for revert: reversions of CLs from http://b/174776875 removed dependencies for this CL, and made the freezer non-functional. This CL has to be reverted as well
Bug:174776875
Change-Id: Idbd9532374bb661330b3c7546bbdf086a046aba3
assemble_cvd directly or indirectly depends on these modules. To add
assemble_cvd to the com.anroid.virt APEX, these modules are marked as
being available to the APEX.
Bug: 174639526
Test: m com.android.virt
Change-Id: Id3b2989a9f038a1cdc769a2021a116cf09ab1b15
* In 'ActivateFlattenedApexesFrom', the 'readdir' detects
the APEX folders in a random way that depends on filesystems,
built packages and order of the build chain
* In normal cases, this is not an issue, however when building
with Go configurations, we have a case where the package
'com.android.tethering.inprocess' is built along the
'com.android.tethering' overriden binary, and depending on
the 'readdir' output, the mounts break the Tethering service
Change-Id: I8ac4a0284d8d885f732c71e846933869cf16a0bd
Signed-off-by: Adrian DC <radian.dc@gmail.com>
This adds the -d option to Inspect_Cow, which will cause it to attempt
to decompress all data blocks, reporting any errors it encounters.
Useful for detecting corruption in Cow files.
Bug: 172026020
Test: Inspect_Cow -d [cow_file]
Change-Id: Iebf5f7f485b33b36daab4ab07005ca37e51d692f
Previously, we'd check if a new cluster was needed before we added a Cow
Operation. This would cause an op's associated data to go to the wrong
location, so instead we check if we'll need a new cluster after writing
each op.
Bug: 172026020
Test: cow_api_test (ClusterCompressGz)
Change-Id: Ia43afedcfd430961b34f5914da4265b89e6fadb9
We want to add coverage statistics to the trusty-ut-ctrl tool, which is
a vendor binary. Thus we need a vendor variant of libtrusty_coverage.
Merges system libtrusty_test and vendor libtrusty into a single
vendor_available library so that we can add vendor_available to
libtrusty_coverage and make it accessible from vendor tools.
Bug: 175221942
Test: make libtrusty_coverage
Change-Id: I68cc8f1c1580bda8591dbe744e9751474811576d
