Dedup fs_mgr_remount.cpp and set-verity-state.cpp by merging them
together and make '/system/bin/set-verity-state' a symlink to
'/system/bin/remount'.
Bug: 241688845
Test: adb-remount-test
Change-Id: I42a2344b9bdac112bf8767d428a99cb020267546
* Remove AVB 1.0 (fec).
* Assert device is bootloader unlocked in main().
* Since error is already logged to stderr and logd, there is no need to
return an opaque enum value as error code. Just return 1 if main()
encounters any error.
Bug: 241688845
Test: Presubmit
Test: adb-remount-test
Change-Id: I06df6f92a3d4adaca77061920736056c9051c112
* Categorize functions in fs_mgr_overlayfs.h into three classes:
- Type 1: common and non-critical utilities.
- Type 2: internal routines for facilitating remount.
- Type 3: external entry points for users of fs_mgr_overlayfs, like
fs_mgr_overlayfs_mount_all().
* Move type 1 to common utils header fs_mgr_priv.h & fs_mgr.cpp.
* Move type 2 to new private header fs_mgr_priv_overlayfs.h.
* Keep type 3 in fs_mgr_overlayfs.h.
* Move set-verity-state.cpp under fs_mgr so it can include
fs_mgr_priv_overlayfs.h. File is reformatted as a result. We should
eventually merge and dedup set-verity-state and fs_mgr_remount.
* Add myself to OWNERS for remount-related maintenance work.
Bug: 241179247
Bug: 241688845
Test: Full build -user and -userdebug build.
Test: Presubmit
Test: Treehugger run v2/android-gki/adb_remount
Change-Id: Id5fd0e2b12c693939d712a586dd553cc4d8bfeb1
clean_scratch_files.rc seems to never work as intended due to
missing domain transition rules.
Add a 'remount' domain to the platform policies to allow
remount-related operations, including clean_scratch_files.
Merge remount and clean_scratch_files binary to simplify the added
policies.
Bug: 204836146
Test: 1. Use a VAB device, for example bramble-userdebug
2. adb remount system
3. adb reboot fastboot && fastboot flash system system.img
4. recovery (fastbootd) should mark the remount scratch as disabled
5. fastboot reboot && adb shell mount | grep scratch => nothing
6. adb logcat | grep 'clean_scratch_files|gsid' => shows that
disabled image "scratch" is removed during boot
Change-Id: I18d543868d1f37d43b483eae7517b707e46df1bd
Bug: http://b/197965342
remount depends on libbinder.so which already depends on libutils.so.
When linking remount with libutils.a, the linker tries to fetch objects
from libutils.a to redefine undefined symbols in libbinder.so. This
causes linker failure with upstream LLD. Switching to shared
libutils.so instead doesn't increase the dependency closure for remount.
Test: build with aosp/1809741 which has lld with the above behavior.
Change-Id: I858042a08babe2c2db1fc8c7eeb5de62dda5f328
Make the queue depth of loop devices identical to that of the underlying
storage device. This patch reduces latency by lowering the queue depth.
With this patch applied I see the following:
# cat /sys/block/loop30/queue/nr_requests
32
Bug: 194450129
Test: Built Android images, installed these and verified that the queue depth of loop devices is 32 instead of 256.
Change-Id: Ifa16084c7df3a54d9559c2388abc4a8392ff88c6
Signed-off-by: Bart Van Assche <bvanassche@google.com>
Bug: 191369319
Test: Presubmit
Test: Verify libfs_mgr.recovery no longer depends on core variation
modules in the ninja graph.
Change-Id: I3c8b1f3d00ff9a67f4d9ea552052e308e550c403
adb_debug.prop is migrated too. And ramdisk_available is added to all
dependencies.
Bug: 187196593
Test: boot
Change-Id: I59cd149e0021211b8fd59c44b93bbf18dc8637bf
If executing `adb remount -R` and DSU is running but disabled, then
enable the DSU (one-shot mode) so that the reboot afterwards would stay
within the DSU guest system.
Normally reboot within a DSU guest system would bring the device back to
the host system. However when doing adb remount -R, we actually doesn't
want to exit DSU, but wish to reboot back into DSU guest system again
with remount machinery (overlayfs) properly set up.
Also sort the header include order.
Bug: 165925766
Test: Within a DSU guest system, DSU disabled, adb remount -R
=> After reboot, system is DSU and overlayfs is mounted
Test: adb-remount-test.sh within DSU guest system
Change-Id: I72a7a568e985b183d357ae6e1a7d0113e9921200
SkipMountingPartitions() should only be called from a system process
as the config file is in /system_ext.
Remove it from the vendor variant of libfstab.
Bug: 158301941
Test: build hardware/interfaces/boot/1.1/default/boot_control and check symbol
Change-Id: I834183a623c0711dd79b89486fc3fc80f9710801
Currently, this is only enabled for Virtual A/B devices. When /data uses
F2FS, then proper pinning support must be enabled.
Because /data cannot be mounted in recovery, we can't delete the scratch
image backed by /data while in fastbootd. Instead, we mark it as
disabled in /metadata. The remount command now has an init script that
checks for and removes a disabled scratch partition.
Bug: 134949511
Test: adb remount on V A/B device with patched F2FS
Change-Id: Ifc8720378259654472d3822e97059b6c366f601d
libfs_mgr_defaults uses the e2fsdroid binary, make this dependency
explicit.
Add also e2freefrag as a dependency in preparation for filesystem
fragmentation monitoring.
Bug: 146078546
Test: m + e2freefrag on device
Change-Id: I878d1b090809861c803f6b17fbb3813e03842a50
Signed-off-by: Alessio Balsini <balsini@google.com>
This eliminates libfiemap as a standalone library and instead bundles it
into libfs_mgr. All consumers of libfiemap need libfs_mgr, and having
them tightly coupled reduces linkage complexity.
When to use libfs_mgr: In recovery, first-stage-init, or when libfiemap
or overlayfs is not used.
When to use libfs_mgr_binder: When not in recovery/first-stage init, and
overlayfs or libfiemap is needed. In this case, IImageManager will proxy
over binder to gsid.
Bug: 134949511
Test: builds, fiemap_writer/image_test passes.
Change-Id: I4c1a5698afdbf9b3bf87accec98254c1fb6f4e0e
Also put libfscrypt into fs_mgr via whole_static_libs
since it's now a dependency.
Bug: 143307095
Test: we can use the inline policy on it
Change-Id: I82d7d5330abef76ce82accea25d2663748e87a8b
This fixes a race condition where WaitForFile() after
GetDmDevicePathByName appears to succeed, but a subsequent operation on
the path fails. This can happen when CreateDevice() is called
immediately after a call to DeleteDevice (from any process), and the
path is re-used, enqueuing udev events to remove and re-add the block
device.
The fix for this is to introduce a new variant of CreateDevice() that
has a timeout parameter. When the timeout is positive, CreateDevice()
will wait for a /dev/block/mapper/by-uuid symlink to be created, which
signals that ueventd has finished processing the operation.
ueventd will now create these by-uuid symlinks for device-mapper nodes.
Unfortunately, the uuid is only available during "change" events, so we
have to special case device-mapper symlink creation. And since the uuid
is not available during "remove" events, we simply find matching links
to remove them.
This ensures that callers of CreateDevice() can use the device path
knowing that no asynchronous removals are pending. Code that uses the
old CreateDevice+WaitForFile pattern will be transitioned to the new
method.
Note that it is safe to ignore the timeout, or to use the "unsafe"
CreateDevice, if the caller ensures the path by other means. For example
first-stage init has no device removal, and regenerates uevents until
it has acquired all the paths it needs.
Finally, since libdm now inspects sysfs unconditionally, libdm consumers
need r_dir_file perms for sysfs_dm in their sepolicy. Additionally
linking to libdm now requires linking to libext2_uuid.
Bug: 135771280
Test: libdm_test
device flashes, boots
Change-Id: If5a7383ea38f32a7fbbcf24842dce6a668050a70
If we do not have at least the minimum space to create a scratch
partition, let's resize the other partitions to zero to make the
space and try again.
Specify additional shared library dependencies for remount command.
margin_size could never be calculated because "scratch" partition
does not exist, so use super partition instead as argument to
GetBlockDeviceInfo.
Add a "Now reboot your device for settings to take effect" message
if the -R argument was not supplied. Adjust some of the messages
to be clearer.
Manual test: On a full DAP device, resize or flash both a and b side
for system, vendor and product with fastboot to duplicate failure
conditions of limited space and check remount command resizes other
side partitions to mitigate.
Test: manual and adb_remount_test.sh
Bug: 131390072
Change-Id: I34c4a973f88a5e1e06b64af9589a84721dd1bbbd
Deal with first version of verity for legacy products.
Test: system/core/fs_mgr/tests/adb-remount-test.sh
Bug: 120448575
Bug: 123079041
Change-Id: I7a2dd8309cbb19751fdbb05d4efc30c486615e04
The -R flag tells remount it can reboot to disable verity or to
run fsck on an ext4 deduped filesystem, or both.
Testing may include a manual component because adb-remount-test.sh
needs to run from a device in an enable-verity state to test this.
Only recognizes chained avb.
Test: adb-remount-test.sh
Bug: 122602260
Change-Id: I6ce4372532d9b933dcca9e2bec544d525b76c4d9
There is currently no good option for callers to setup overlayfs
on-device, it is automated as part of the adb services. Add a
remount command that does what is needed that simulates the salient
behaviors of the adb remount command.
Clean up some noise restoring device to original state when done.
Test: adb-remount-test.sh
Bug: 122602260
Change-Id: Idf213800a8182cb1c51600c8f574df8a8cd68d4a
This commit has the following changes:
1. Builds libfs_avb via "fs_mgr/libfs_avb/Android.bp" instead of
"fs_mgr/Android.bp", and removes the libfs_avb source
dependencies on "fs_mgr/fs_mgr_priv.h".
2. Moves static functions in fs_avb.cpp into util.cpp or
avb_util.cpp, depending on whether the function is related to
AVB or not.
3. Introduces two host unit tests: libfs_avb_test and
libfs_avb_internal_test, the former is to test public
<fs_avb/fs_avb.h> APIs, while the latter is to test libfs_avb
internal functions.
4. Splits fs_avb_unittest_util.* into:
- fs_avb_test_util.* (host static lib: libfs_avb_test_util),
- basic_test.cpp (host executable: libfs_avb_test)
Bug: 112103720
Bug: 117960205
Test: atest libfs_avb_test
Test: atest libfs_avb_internal_test
Test: boot a device
Change-Id: I11d6c9e9019e20b594d9321b9a28118d4806e5a7
The host builds for both libs are needed for libfs_avb host unit test.
Also replaces strlcat()/strlcpy() with snprintf() because the former
doesn't have a glibc version. Or switch char* to std::string*.
Bug: 112103720
Bug: 117960205
Test: m libdm ARCH=x86_64
Test: m libfstab ARCH=x86_64
Test: atest libdm_test
Test: atest fs_mgr_unit_test
Test: boot a device
Change-Id: Id9b92b5286b8ed9ab0d80f18ab5802dcfeb83dfa
Move some mounting functionalities from librecovery so that
other modules can also mount logical partitions correctly.
- Also, refactor to use C++ Fstab struct.
- Also, fixed CreateLogicalPartitions() to take full path of
super device.
Test: run recovery tests
Test: vintf_object_recovery_test
Bug: 118634720
Bug: 113182233
Bug: 62292478
Change-Id: Ie02c3a941ed801fdae5818099faf5f3863444296
Don't know why this was ever specified, but seems reasonable to remove
it now that we're so close.
Test: build
Change-Id: Ia8d056cd1c9660b3c22531317098ace78e661d6a
This CL also adds namespace android::fs_mgr and remove FsManager* prefix
for class names. Note that android::fs_mgr::FsManagerAvbOps will be removed
in later CLs when fs_mgr doesn't rely on libavb->avb_slot_verify() to
parse vbmeta structs.
Some lingering sources for by_name_symlink_map_ are also removed.
Bug: 112103720
Test: boot crosshatch_mainline-userdebug
Change-Id: I2d1a5cc39bcd5a699da8d5539f191d8c7737c4af
Using overlayfs, the system partition may provide files for older
version of vendor partitions by overlaying on the vendor partition.
Directories in /system/vendor_overlay will be overlaid on the
directories in /vendor to override existing files or provide new
files.
This feature works only if the kernel support overlayfs and has a
patch for override_creds. Otherwise, no-op.
Bug: 114679254
Test: Build and boot: nothing affected without overlayfs, or
vendor file is overrided with overlayfs
Change-Id: Iff3a308945299034123ba7bcb40dc787e102730e
The interface to fsmgr is subpar and while we haven't had time to
revisit it, we absolutely do not want to expose this to vendors in a
way that would force us to keep this interface in the future.
Test: n/a
Change-Id: I970048aa2e45d7f7eca357d052141e90d6e01123
libfs_mgr doesn't have direct dependencies on libfec_rs / libkeyutils /
libsquashfs_utils. They were only needed when libfec and libext4_utils
were statically linked into libfs_mgr.
Bug: 112494634
Test: `m -j installclean && m -j bootimage` with aosp_taimen-userdebug.
Check the installed files in recovery image.
Test: `mmma -j system/core/fs_mgr`
Change-Id: I4b12c2df344fabba4942b6db943cf43a031b591d
Logistics for adb remount on developer builds for readonly system
partitions using overlayfs to deal with not being able to remount
with read-write.
Conditions are that filesystem is squashfs, read-only, debug build,
kernel supports overlayfs. The default is a valid /cache/overlay/
directory, with .../<mount_point>/upper and .../<mount_point>/work,
associated with each system partition <mount_point>.
Will take the sepolicy of context of lowerdir as rootcontext= option.
Add fs_mgr_overlayfs_mount_all() to recurse through
fs_mgr_read_fstab_default(), and checking against /proc/mounts to
add any acceptable overlayfs mounts. The checking with /proc/mounts
makes sure we do not overlayfs overtop an overlayfs.
Add fs_mgr_overlayfs_setup(const char*, const char* bool*) and
fs_mgr_overlayfs_teardown(const char*, bool*) to respectively setup
or teardown the overlayfs support directories. Return value
includes success and optional supplied change booleans.
Test: compile
Bug: 109821005
Bug: 110985612
Change-Id: Ie9b4e9ca0f2bdd9275ac2e2e905431636948e131
This library has methods to build, read, and modify logical partition tables
based on device-mapper targets. Targets currently supported are
dm-linear and dm-zero.
Note: this is a revert of a revert, with changes to fix Mac build
bustage.
Bug: 79173901
Test: N/A
Change-Id: If89a788d1919ce8ddc6eedaecc9687a92f111dfa
This library has methods to build, read, and modify logical partition tables
based on device-mapper targets. Targets currently supported are
dm-linear and dm-zero.
Bug: 79173901
Test: N/A
Change-Id: I194c6832cb53f781c396016d961386d3ca833f87
libdm is small static library that is intended to be the one source to
control device mapper. It is intended to have APIs to create, control
and destroy device mapper targets. Eventually, all fs_mgr implementation
that talks to device mapper will be moved to using libdm APIs.
Added 'dmctl', a command line tool that lists the registered device
mapper targets and their corresponding version. The tool will continue
to get new features to exemplify new APIs implemented in libdm.
The library is intentionally static and folds into libfs_mgr. All
clients must link to libfs_mgr as a result.
Test: dmctl list
Bug: 110035986
Change-Id: I71e7146073a74e7523524bf3b20d0be6d06f9fad
Signed-off-by: Sandeep Patil <sspatil@google.com>
adbd (and its dependencies) are marked as recovery_available:true so
that recovery version of the binary is built separately from the one for
system partition. This allows us to stop copying the system version to
the recovery partition and also opens up the way to enable shared
libraries in the recovery partition. Then we can also build adbd as a
dynamic executable.
Bug: 79146551
Test: m -j adbd.recovery
Change-Id: Ib95614c7435f9d0afc02a0c7d5ae1a94e439e32a
