It runs a service with root privilege which can't be done on user
builds. Until the issue is resolved, skip the test on user builds.
Bug: 262090304
Test: N/A
Change-Id: I690ffbd7fdaef688a0c862e0c653e9b21e281ece
Current documentation is misleading: if a service runs as root and
doesn't specify any capabilities, then it will start with all the
capabilities (note that whether it can use them is controlled by
selinux).
Test: n/a
Bug: 249796710
Change-Id: I0d6a884127c6a6c5b651c1222fcf48322065daae
The availability of /dev/console varies across different devices and
even across different build variants (ex: userdebug/user). Instead of
relying on the device-specific condition, use the /dev/null as the
console device for the test.
Bug: 262090304
Test: atest CtsInitTestCases on raven-user
Change-Id: I3b12d66e94609328dfdd6f640d1adb88a773fa38
Say we have mount configurations as follows:
mount <dev> /mnt_point -t ext4 -o ro,context=<se_file_context>
mount overlay /mnt_point2 -t overlay -o lowerdir=/mnt_point,upperdir=...
Overlayfs driver doesn't forward the overridden file context from
/mnt_point to /mnt_point2, thus the same file (same inode) would have
different file context when accessed via /mnt_point and /mnt_point2.
This change makes adb remount to mount filesystem overlays with context=
option if the overlaid mountpoint has it too. This makes the files under
context= mountpoint to retain the same file context after remount.
Also run clang-format on the whole file to fix some formatting issues.
Bug: 243501054
Test: adb remount && check file context with "ls -Z"
Change-Id: Ie4815604c56f1ce81b755cd0569b6577bd5f575f
Early processes can't rely on APEXes anyway. We don't need to run
linkerconfig.
This helps to reduce the storage usage (no
/system/bin/bootstrap/linkerconfig) and the boottime (not running
linkerconfig).
If we need more complicated linker config even for early processes, then
we could generate it at build-time and use it like recovery version.
Bug: 262330207
Bug: 260982509
Test: MicrodroidAppTest
Test: device boots
Change-Id: Iceca5ffdb1655fd94e90b0091f439bd22130185e
Right now fs_mgr_overlayfs_setup() always reads the default fstab and
this makes the "-T" option of remount useless.
Change it so that the fstab is passed in by the caller.
Bug: 243501054
Test: adb remount -vT <path/to/fstab>
Test: and check that overlay is active after reboot
Change-Id: Ia4101938a50c305f105c57018b02aec01f862dec
Const version of GetEntryForMountPoint() accepts a pointer to const
Fstab and returns a pointer to const FstabEntry.
In order to refrain from adding more boilderplate, simplify the
implementation of GetEntryForMountPoint() to "return first entry of
GetEntriesForMountPoint()". The added overhead should be negligible as
fstab is usually small (around dozens of entries max), so iterating the
whole list is not computationally expensive.
Also templatize the implementation of GetEntriesByPred() to reduce the
amount of boilerplate.
Bug: 243501054
Test: Presubmit
Change-Id: I046d61d68385825656bb7bc7177c0d1d3e8b36e1
* changes:
libsnapshot: Test batch writes and threaded compression
libsnapshot: Batch write COW operations in a cluster
libsnapshot: Use two threads to run compression
process_cgroup_empty_ is used to indicate that a service is already
killed or not. If cgroup support lacks, services cannot be killed
because process_cgroup_empty_ is always true.
This change fixes it by not assigning process_cgroup_empty_ as true.
Instead, make KillProcessGroup send signals even when cgroup is
disabled. Also DoKillProcessGroupOnce() is updated so it returns a number of killed processes, excluding already dead processes. This behavior agrees with its name (DoKillProcessOnce), and it prevents regression upon missing cgroups, because kill(-pgid) will always
"succeed" so KillProcessGroup will loop even when all processes are
already dead.
Bug: 257264124
Test: boot microdroid, see services are terminated
Change-Id: I19abf19ff1b70c666cd6f12d0a12956765174aaa
COW operations are written in cluster. All the COW ops
and the COW data in this cluster are contiguous. Hence,
batch these writes and write them in one syscall.
Writes are done when the cluster is full or when
label ops are written.
OTA install time (without post-install) on Pixel 6 Pro:
Without-this-patch With-this-patch
Full OTA: 17 Minutes 13 Minutes
Following are the OTA install times with both the optimization.
viz - batch writes + 2 threads for compression.
OTA install (without post-install) on Pixel 6 Pro.
All numbers are in minutes.
Full ota - 2.2G
Compression Without-this-patch With-this-patch
=========================================================
gz 23 13
lz4 13 7
none 13 7
Incremental OTA - 376M
Compression Without-this-patch With-this-patch
=========================================================
gz 22 16
lz4 14 11
none 15 11
Bug: 254188450
Test: Full / Incremental OTA on Pixel
Change-Id: Ie3aba1ff28a6569d25a766377efab6cbe78d9277
Signed-off-by: Akilesh Kailash <akailash@google.com>
Compression is a hot function in the install path. Use
two threads for compression.
By default, number of thread is set to 1. If the property,
"ro.virtual_ab.compression.threads" is true, the number
of threads is increased to 2.
OTA install time (without post-install) on Pixel 6 Pro with 2 threads:
Without-this-patch With-this-patch
Full OTA: 23 Minutes 17 Minutes
Bug: 254188450
Test: Full/Incremental OTA on Pixel
Change-Id: I4a11dca3a5ebfe11dcc7f0d882332d491f2d7933
Signed-off-by: Akilesh Kailash <akailash@google.com>
This CL adds the capability to the HAL to process reponses from the TA
that are larger than the capacity of the channel from HAL to TA.
Bug: 253501976
Test: with Trusty KM which has a smaller limit than some responses
Change-Id: I2fe056143f18718eb10bdd2d0559f3d171b14c96
This handles the STORAGE_FILE_GET_MAX_SIZE. The new behavior will
return a max size of 0x10000000000 (former default value in Trusty)
for a regular file and the partition size for a block device.
Test: N/A
Bug: 247003431
Change-Id: Ib8b8504b63496d64487cf2f96a1c0758bfafdd97
Signed-off-by: Jay Monkman <jtmjtmjtmjtmjtmjtmjtm@gmail.com>
DM_DEV_CREATE no longer creates sysfs nodes. Note this in ueventd and
add some helper APIs to libdm, so devices can be created with a
placeholder table.
This also fixes a bug in dmctl where the detailed info on suspended
devices was wrong.
Bug: 259328366
Test: dmctl with "uevents" tool
Change-Id: I822f8010e48d32841aa0ee508822f76d03a3dd85
