Commit graph

2600 commits

Author SHA1 Message Date
Jaegeuk Kim
05ca915431 fs_mgr: add readahead_size_kb in fstab
This patch adds an option, readahead_size_kb in fstab entry option. It supports
to set a proper readahead_size per block/dm devices before using them by mount,
which is useful for low/high-end devices when addressing memory pressure issue.

Bug: 181567573
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Change-Id: I549962e68f8488417d76bcfb283958bc33fd5d7a
2021-04-09 04:54:11 +00:00
Treehugger Robot
05e6076ceb Merge "Add MockSnapshotMergeStats" 2021-04-08 18:05:25 +00:00
Yo Chiang
b20e9a3606 Merge "fs_mgr: SkipMountingPartitions() support glob patterns" 2021-04-07 05:04:21 +00:00
Kelvin Zhang
7006048957 Add MockSnapshotMergeStats
Test: th
Change-Id: If4f43e132e9c482418d6a0adbd98ffca9576b39b
2021-04-06 15:47:43 -04:00
Akilesh Kailash
591edca44d Merge "libsnapshot:snapuserd: Terminate daemon after applying OTA." 2021-04-06 18:02:52 +00:00
Akilesh Kailash
e2883c1ea0 libsnapshot:snapuserd: Terminate daemon after applying OTA.
When all threads are terminated, dm-user handler's are removed
from the list. When the last handler is removed, daemon is
shutdown gracefully.

Bug: 183652708
Test: 1: Apply full OTA and verify daemon is terminated; reapply the OTA
      to verify daemon is restarted again.
      2:  vts_libsnapshot_test

Signed-off-by: Akilesh Kailash <akailash@google.com>
Change-Id: Ibd41223fc0eba884993a533fcc95661f72805db2
2021-04-05 21:50:46 +00:00
Yi-Yo Chiang
1a3c050a35 fs_mgr: Refactor ReadDefaultFstab() and ReadFstabFromFile()
* Eliminate redundant std::move() by transforming
    ReadFstabFromDt(&dt_fstab, false);
    *fstab = std::move(dt_fstab);
  to
    fstab->clear();
    ReadFstabFromDt(fstab, false);

* Don't modify output parameter if ReadFstabFromFile() failed.

Bug: 181110285
Test: Presubmit
Change-Id: I4e4d9852cc618a66d79e423780bf97773dca2a58
2021-04-02 05:26:01 +00:00
Yi-Yo Chiang
ea4369d141 fs_mgr: Strengthen ReadFstabFromFile() around gsi_public_metadata_file
ReadFstabFromFile() calls access() to check the existence of DSU
metadata files to determine if device is in DSU running state. This is
error prone because a failed access() can mean non-exsitent file as well
as the caller lacking the permission to path resolute the pathname.

Strengthen ReadFstabFromFile() to check the errno after a failed
access() or open(), if the errno is not ENOENT, then return with error,
as this may be indicating the caller doesn't have sufficient access
rights to call ReadFstabFromFile().

After this change, processes would need these policies to call
ReadFstabFromFile():
  allow scontext { metadata_file gsi_metadata_file_type }:dir search;
And these policies to call ReadFstabFromFile() within a DSU system:
  allow scontext gsi_public_metadata_file:file r_file_perms;

Bug: 181110285
Test: Presubmit
Change-Id: I1a6a796cb9b7b49af3aa5e7a5e8d99cde25e5857
2021-04-02 05:25:46 +00:00
Yi-Yo Chiang
2f2fe4afaf fs_mgr: SkipMountingPartitions() support glob patterns
Enhance skip_mount.cfg to be able to specify glob patterns.

Bug: 184132970
Test: GSI Boot test
Change-Id: I8e6528e4aff6ea176aa028c3c55d6cedaff3e181
2021-04-02 05:23:44 +00:00
Yi-Yo Chiang
20579011cf fs_mgr: Suppress SkipMountingPartitions log in ReadFstabFromFile
Minor refactoring and renaming, goal is to make the follow-up patch
easier to read.

Bug: 184132970
Test: Presubmit
Change-Id: I66416161b30ac310934d901cbaf11bc926e2cbf7
2021-04-02 05:23:02 +00:00
Akilesh Kailash
ef8d3c39b5 Merge "libsnapshot:snapuserd: Fix memory leak" 2021-04-02 05:13:11 +00:00
Akilesh Kailash
e722a1b169 libsnapshot:snapuserd: Fix memory leak
When worker threads were created, snapuserd was converted to a
shared_pointer. Earlier, memory was forcefully released
by setting snapuserd to nullptr which worked as it
was a unique pointer. Now, every worker thread holds
a reference. Clear the vector once all the worker
threads are terminated.

Test: Apply OTA and verify memory is released after OTA is applied
Bug: 183652708
Signed-off-by: Akilesh Kailash <akailash@google.com>
Change-Id: I256d26d98b02ad599aff49b92192226546c59b17
2021-04-02 00:49:18 +00:00
David Anderson
7ab8f2eeba Merge "libsnapshot: Ensure we can remove bad snapshots when beginning an update." 2021-03-30 18:48:28 +00:00
David Anderson
bcd19ed73e libsnapshot: Ensure we can remove bad snapshots when beginning an update.
If somehow we wind up with snapshots with a source suffix, we could wind
up trying to unmap an in-use partition. Detect this case and allow the
snapshot to be deleted without the unmap.

Bug: 183567503
Test: vts_libsnapshot_test
Change-Id: I87dd5bb3a7b9be59dede624924374ccc47b563c2
2021-03-24 13:25:27 -07:00
Julien Desprez
b0198cbca7 libfs_avb_internal_test & libfs_avb_test already run in presubmit
remove duplicate postsubmit setup, they already run in host-unit-tests presubmit

Change-Id: I4065d7a50729a14911ec64f10082987d3f9ddcfc
Test:presubmit
Bug: 183622274
2021-03-24 18:29:58 +00:00
Treehugger Robot
2af0504896 Merge "fastboot device: Disallow implicit conversion from unique_fd to int." 2021-03-23 06:48:02 +00:00
Yifan Hong
07e947fc5d fastboot device: Disallow implicit conversion from unique_fd to int.
Do not use the implicit cast from unique_fd to int so
that it is clearer to the reader what the ownership model
is.

Test: pass
Change-Id: I66563eb2bd06f6a712a5afd4c6009f9b25a55de6
2021-03-22 19:30:59 -07:00
Kelvin Zhang
a406c7e2a9 Add CLI entry point for map/unmap snapshot partitions
Test: apply OTA && snapshotctl map

Change-Id: I4d50a70f9b330e313034c6057d574f985d242475
2021-03-22 13:43:14 -04:00
Akilesh Kailash
3e807e9651 libsnapshot:snapuserd: Cut down memory usage
Use sorted std:vector instead of std:map to store
the mapping between chunk-id to COW operation.

Addtionally, use shrink_to_fit to cut down vector
capacity when COW operations are stored.

On a full OTA of 1.8G, Anon RSS usage is
reduced from 120MB to 68MB.  No variance observed
when merge was in progress.

Bug: 182960300
Test: Full and Incremental OTA - verified memory usage
Signed-off-by: Akilesh Kailash <akailash@google.com>
Change-Id: I50cacbe0d03837a830dedcf9bd0ac9663fc68fa7
2021-03-19 06:32:52 +00:00
Yifan Hong
4bf547af43 Merge changes from topic "fastboot_fetch"
* changes:
  fuzzy_fastboot: Add tests for fetch:vendor_boot
  fuzzy_fastboot: Add conformance test for getvar:max-fetch-size.
  fastboot driver: repack vendor boot ramdisk
  fastboot driver: Allow colon in partition name when flashing
  fastboot driver: add fetch command in driver
  fastboot driver: RunAndReadBuffer don't allocate too much mem
  fastboot driver: add RunAndReadBuffer helper
  fastboot driver: Fix ownership of fd in fastboot_buffer.
  fastboot driver: fix message
  fastbootd: add O_CLOEXEC/O_BINARY for OpenPartition
  fastbootd: add read arg to OpenPartition
  fastbootd: Add fetch command on device
  fastbootd: Add getvar max-fetch-size.
2021-03-18 23:33:56 +00:00
Yifan Hong
17d469bd57 fastboot driver: RunAndReadBuffer don't allocate too much mem
Instead of allocating the buffer for the whole
upload (which can be arbitrary number of bytes as
the device determines), read 1 MiB at a time.

Test: pass
Bug: 173654501
Change-Id: Ib601b0341b10b7dccbb429cd21aad86a2d3bfda8
2021-03-17 15:38:06 -07:00
David Anderson
102f7e4d7e Merge "libsnapshot: Add boot_complete metrics." 2021-03-16 00:30:46 +00:00
David Anderson
a0992300f2 libsnapshot: Add boot_complete metrics.
Bug: 180535575
Test: apply OTA
Change-Id: Ifea51c4c83ba03012f557927e8694e7c613335a7
2021-03-12 18:35:44 -08:00
David Anderson
bf3020b749 libsnapshot: Fix CowWriter::Finalize() not restoring footer correctly.
Bug: 173432386
Test: cow_api_test
Change-Id: If1b856fcdcd6b6ded5e00342037308c6b35d6fc0
2021-03-11 16:16:36 -08:00
Akilesh Kailash
bd83b72bc8 Merge "libsnapshot:snapuserd: Multithreading support" 2021-03-11 00:51:20 +00:00
Akilesh Kailash
8f0840940e libsnapshot:snapuserd: Multithreading support
Add worker threads per partition to serve the IO request.

Remove memset of buffer in IO path which was impacting
4k IO performance.

update_verifier performance:

1: ~10-12 seconds with this change (both on full OTA and incremental
OTA); ~70 seconds observed without this changeset

2: ~8 seconds without the daemon once merge is completed
and snapshot devices are removed.

Bug: 181293939
Test: update_verifier, full OTA, incremental OTA
Signed-off-by: Akilesh Kailash <akailash@google.com>
Change-Id: Id90887f3f4a664ee5d39433715d1c166acbd6c60
2021-03-10 07:53:16 +00:00
Devin Moore
0a799bdfd6 Handle "hardware" bootconfig parameter as "androidboot.hardware"
The parameter "androidboot.hardware" has been removed from bootconfig
and replaced by "hardware" parameter.

Test: launch_cvd with 4.19 and 5.10 kernels
Test: atest CtsFsMgrTestCases
Bug: 173815685
Change-Id: I627426ae1bd0a165b70b8f2584ec184abfb4236f
2021-03-09 14:10:48 -08:00
David Anderson
9865e47e1e Merge "libsnapshot: Collect more COW size data in snapshot merge stats." 2021-03-09 18:48:58 +00:00
David Anderson
bc3dec4e8c Merge "liblp: Remove uses of alignment_offset." 2021-03-08 22:24:47 +00:00
Devin Moore
20b74257a6 fs_mgr: handle more bootconfig parameters
As parameters are moved from kernel cmdline to bootconfig,
fs_mgr needs to be updated to handle the new location.
/proc/bootconfig should be checked first, if not present, then check
/proc/cmdline.

Test: atest CtsFsMgrTestCases
Test: launch_cvd
Test: launch_cvd with 4.19 kernel artifacts that do not support
bootconfig
Test: Both of the above configurations with --num_instances 0 or 4
Test: Both configurations with androidboot.boot_devices or
androidboot.boot_device set
Bug: 173815685

Change-Id: I23fb07a17c25c9459833cb931ced79d5ccc3e42a
2021-03-05 09:21:19 -08:00
David Anderson
cdf3b39840 libsnapshot: Collect more COW size data in snapshot merge stats.
Bug: 180535575
Test: manual test
Change-Id: Iea433aa5fd9390e462d5bf9841524ed345427af3
2021-03-03 21:46:24 -08:00
David Anderson
cbc204b39b libsnapshot: Use the compression algorithm specified in the DeltaArchiveManifest.
update_engine and libsnapshot must agree on CowOptions parameters,
otherwise the COW size estimation may be incorrect.

Bug: N/A
Test: vts_libsnapshot_test
      apply OTA, snapshotctl dump
Change-Id: I219ae458dfa19e4b3c96360d3b847edb2a01ebc8
2021-03-03 18:27:54 -08:00
George Burgess IV
c08abac855 Merge "snapuserd: fix a use of an uninitialized value" 2021-03-03 22:43:36 +00:00
David Anderson
5aa0527499 liblp: Remove uses of alignment_offset.
alignment_offset restrictions were removed in R and are no longer
needed.

Bug: 180571070
Test: liblp_test
Change-Id: I43fa4a929c20cc8c6ec2fece71d5400351c13dbe
2021-03-02 18:35:05 -08:00
Treehugger Robot
9539282751 Merge changes Ifcb52754,I29f79097
* changes:
  COW file size: better explain the exception size
  libsnapshot: COW size is computed within the container capability
2021-03-02 22:35:48 +00:00
David Anderson
04502383f6 Merge changes Idcb30151,I0f746870
* changes:
  libsnapshot: Harden merge-in-recovery for factory data resets.
  libsnapshot: Quell error spam during factory data resets.
2021-03-02 17:51:57 +00:00
Jiyong Park
7e7b7a156a Search fstab also from /first_stage_ramdisk
I828ce999be6d786bf46dd5655dfda81d046906ab made a slight behaviral change
that fstab is searched and read before /first_stage_ramdisk is mounted
as root. Without this change, the attempt to read fstab from / fails at
the moment, leaving an empty fstab object. But as a side effect of the
attempt, DoCreateDevices() is not called again even after
/first_stage_ramdisk is mounted as root and the fstab is found under /.

This change fixes the problem by adding /first_stage_ramdisk to the list
of places to find the fstab file.

Bug: N/A
Test: Watch TH
Change-Id: I9826610cce436ba706aaea14c9a991822d2bae96
2021-03-02 12:42:09 +09:00
David Anderson
2a55e81166 libsnapshot: Harden merge-in-recovery for factory data resets.
This addresses bugs where unexpected edge cases in the snapshot state
could prevent a merge or data wipe from completing in recovery.

Invalid snapshots (eg on the wrong slot) are now ignored in
CheckMergeState(). This prevents those snapshots from being detected as
"cancelled" and thus falling into RemoveAllUpdateState.

ProcessUpdateState will no longer call RemoveAllUpdateState in recovery.
Furthermore, when RemoveAllUpdateState fails, we will no longer return
the "old" state. If this state is Merging, ProcessUpdateState can
infinite loop.

Finally, HandleImminentDataWipe now guarantees the final state will be
either MergeFailed or None. For testing purposes, the old mechanism was
too susceptible to state machinery changes. And for practical purposes,
either we're going to wipe data (which removes the OTA), or a merge
failed and we can't. So the effective outcome is always no update or a
failed update.

Bug: 179006671
Test: vts_libsnapshot_test
Change-Id: Idcb30151e4d35cbeccf14369f09707ae94a57c66
2021-02-26 17:28:06 -08:00
David Anderson
4e936b4b6e libsnapshot: Quell error spam during factory data resets.
QuerySnapshotStatus assumes IsSnapshotDevice() would return true.

Additionally, recovery does not have access to /dev/loop-control, which
cannot be used by libfiemap anyway. Access it on-demand instead of
preemptively.

Bug: N/A
Test: manual test
Change-Id: I0f746870d7a8ec6d666f0bdd2fef3464b214928b
2021-02-26 17:27:42 -08:00
Christopher Di Bella
68c70b5884 follows the advice of -Wsign-compare
Bug: 181177782
Test: None
Change-Id: I6c53a243639d6b086dc676995d83286d034d1083
2021-02-25 02:20:17 +00:00
Devin Moore
a4ef15bebb Support bootconfig in first stage init and fs_mgr
Androidboot parameters are being moved from the kernel commandline to
bootconfig.
fs_mgr looks for these parameters in properties and falls back to
reading directly from /proc/cmdline. So both of these sources are
updated for bootconfig.
The androidboot parameters from /proc/bootconfig
are added as ro.boot properties, and fs_mgr will fall back to searching
/proc/bootconfig if it is too early.

Test: boot cuttlefish with androidboot.fstab_suffix and
androidboot.hardware in bootconfig and not in cmdline.
Test: atest CtsFsMgrTestCases
Bug: 173815685

Change-Id: Iea36a0da94c26e1aa37d97c576725e0ad77cd3ad
2021-02-23 07:42:06 -08:00
Jaegeuk Kim
5ad7b3cbc5 Try to remount mounted points only
If we don't mount a certain partition intentionally, should be okay to bypass
remounting the partition.

Bug: 180435772
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Change-Id: I7e4d420693f8ba35ec7881d39d0ca682688743c5
2021-02-22 20:46:41 +00:00
George Burgess IV
a263a88381 snapuserd: fix a use of an uninitialized value
`header` is only initialized in the `if` block of this condition. Hence,
its use in the `else` portion isn't correct. Refactor the code a bit to
make this kind of bug a bit harder to write in the future.

Caught by the static analyzer:
> system/core/fs_mgr/libsnapshot/snapuserd.cpp:457:9: warning: 1st
function call argument is an uninitialized value
[clang-analyzer-core.CallAndMessage]

Bug: None
Test: TreeHugger

Change-Id: Ie56578520acf3cc972efa3336e40698feed20200
2021-02-19 13:04:07 -08:00
Bob Badour
d69ad69a93 [LSC] Add LOCAL_LICENSE_KINDS to system/core
Added SPDX-license-identifier-Apache-2.0 to:
  bootstat/Android.bp
  cli-test/Android.bp
  code_coverage/Android.bp
  cpio/Android.bp
  debuggerd/crasher/Android.bp
  debuggerd/proto/Android.bp
  diagnose_usb/Android.bp
  fs_mgr/libdm/Android.bp
  fs_mgr/libfiemap/Android.bp
  fs_mgr/liblp/Android.bp
  fs_mgr/libsnapshot/Android.bp
  fs_mgr/libstorage_literals/Android.bp
  fs_mgr/libvbmeta/Android.bp
  fs_mgr/tests/Android.bp
  fs_mgr/tools/Android.bp
  gatekeeperd/Android.bp
  healthd/Android.bp
  healthd/testdata/Android.bp
  init/Android.bp
  init/Android.mk
  init/sysprop/Android.bp
  init/test_kill_services/Android.bp
  init/test_service/Android.bp
  libappfuse/Android.bp
  libasyncio/Android.bp
  libbinderwrapper/Android.bp
  libcrypto_utils/Android.bp
  libcrypto_utils/tests/Android.bp
  libdiskconfig/Android.bp
  libgrallocusage/Android.bp
  libkeyutils/mini_keyctl/Android.bp
  libmodprobe/Android.bp
  libnetutils/Android.bp
  libpackagelistparser/Android.bp
  libprocessgroup/Android.bp
  libprocessgroup/cgrouprc/Android.bp
  libprocessgroup/cgrouprc_format/Android.bp
  libprocessgroup/profiles/Android.bp
  libprocessgroup/setup/Android.bp
  libqtaguid/Android.bp
  libsparse/Android.bp
  libstats/push_compat/Android.bp
  libsuspend/Android.bp
  libsync/Android.bp
  libsystem/Android.bp
  libsysutils/Android.bp
  libusbhost/Android.bp
  libutils/Android.bp
  libvndksupport/Android.bp
  libvndksupport/tests/Android.bp
  llkd/Android.bp
  llkd/tests/Android.bp
  property_service/libpropertyinfoparser/Android.bp
  property_service/libpropertyinfoserializer/Android.bp
  property_service/property_info_checker/Android.bp
  qemu_pipe/Android.bp
  reboot/Android.bp
  rootdir/Android.bp
  rootdir/Android.mk
  rootdir/avb/Android.bp
  rootdir/avb/Android.mk
  run-as/Android.bp
  sdcard/Android.bp
  set-verity-state/Android.bp
  shell_and_utilities/Android.bp
  storaged/Android.bp
  toolbox/Android.bp
  trusty/apploader/Android.bp
  trusty/confirmationui/Android.bp
  trusty/confirmationui/fuzz/Android.bp
  trusty/coverage/Android.bp
  trusty/fuzz/Android.bp
  trusty/fuzz/test/Android.bp
  trusty/gatekeeper/Android.bp
  trusty/gatekeeper/fuzz/Android.bp
  trusty/keymaster/Android.bp
  trusty/keymaster/fuzz/Android.bp
  trusty/libtrusty/Android.bp
  trusty/libtrusty/tipc-test/Android.bp
  trusty/secure_dpu/Android.bp
  trusty/storage/interface/Android.bp
  trusty/storage/lib/Android.bp
  trusty/storage/proxy/Android.bp
  trusty/storage/tests/Android.bp
  trusty/utils/spiproxyd/Android.bp
  trusty/utils/trusty-ut-ctrl/Android.bp
  usbd/Android.bp
  watchdogd/Android.bp

Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD to:
  debuggerd/Android.bp
  fastboot/Android.bp
  libkeyutils/Android.bp

Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD
    SPDX-license-identifier-MIT
to:
  libcutils/Android.bp

Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-MIT
to:
  fs_mgr/Android.bp
  fs_mgr/libfs_avb/Android.bp
  trusty/Android.bp
  trusty/utils/rpmb_dev/Android.bp

Added SPDX-license-identifier-BSD
to:
  fastboot/fuzzy_fastboot/Android.bp

Bug: 68860345
Bug: 151177513
Bug: 151953481

Test: m all

Exempt-From-Owner-Approval: janitorial work
Change-Id: Id740a7d2884556081fdb68876584b25eb95e1bef
2021-02-19 12:59:05 -08:00
Yi-Yo Chiang
67e3bbc7f6 Explicitly cast to 64bit integer when calculating filesystem size
Else the result may overflow on platforms that have 32bit long.

Bug: 165925766
Test: Presubmit
Change-Id: I3018f0bd9846651848bd9b3645f2eeaa5b61c646
2021-02-18 08:24:51 +00:00
Yi-Yo Chiang
d1ff1bcfbc fs_mgr: Add OverlayMountPoints() to get the list of overlayfs backing storage
Remove kOverlayMountPoints; add OverlayMountPoints().

Fix a regression where if host system didn't install a scratch_gsi
partition and physical /cache partition is mounted, then DSU guest
system could use /cache as its overlayfs backing storage. This is
generally unwanted as the /cache partition could be shared between host
and guest.
Dynamically return the list of overlayfs backing storage candidates, so
we don't accidentally fall back to use /cache storage within a DSU
system.

Bug: 165925766
Bug: 179980369
Test: 1. Prepare a DUT that have a physical cache partition, such as
  cuttlefish.
  2. Install a DSU system, and unsure that scratch_gsi is not installed.
  3. Reboot into DSU, verify that adb remount fails and overlayfs
     scratch is not created under /cache.
Change-Id: I1815ac5367c0aac8614aeaabebe0e2cb91cbe161
2021-02-18 04:36:52 +00:00
Alessio Balsini
2f9a4ff57d COW file size: better explain the exception size
The exception size was hardcoded and its explanation hidden in one of
the comments.
Move it to a separate constant e better explain why that is 64 * 2 / 8.

Bug: 176972301
Test: m
Signed-off-by: Alessio Balsini <balsini@google.com>
Change-Id: Ifcb527540882222916ada07dacf3f76f87609539
2021-02-17 09:47:13 +00:00
Jaegeuk Kim
286e5aba63 Merge "fiemap: support FIEMAP_EXTENT_MERGED" 2021-02-17 01:42:23 +00:00
Treehugger Robot
ca474f994d Merge "Revert "[LSC] Add LOCAL_LICENSE_KINDS to system/core"" 2021-02-16 23:25:31 +00:00
Akilesh Kailash
51858a0494 Merge "libsnapshot: Print merge completion ops" 2021-02-16 22:03:30 +00:00