SnapshotManager::New() is now preferred in recovery. Previously we used
NewForFirstStageMount(), which is technically incorrect as that enables
code paths specifically for first-stage init.
We also explicitly label the snapuserd context, since rootfs in recovery
has unlabelled files.
Finally, we add a timeout to internal calls to
CreateSnapshotsAndLogicalPartitions. Without this, WaitForDevice() calls
will terminate immediately, which breaks VABC given the more complex
device stacking that is created.
Bug: 168258606
Test: fastboot snapshot-update merge
Change-Id: I3a663b95c0b1eabaf14e6fde409c6902653c3c5e
The pvmfw partition holds the protected VM firmware that is used by
Protected KVM to bootstrap the trust in protected VMs. Teach fastboot
about the partition so it gets flashed with flashall.
pvmfw is an AVB chained partition so is marked as BootCritical to allow
ABL's AVB verification to pass.
Test: tab complete and flashall
Bug: 171280178
Change-Id: Ie4cc478de25a945bc510488d87c2bee3aa5031f2
Right now fs_mgr_overlayfs_teardown() does slightly different things
when called from the userspace or recovery. This is accomplished by many
runtime checks, runtime assumptions and conditional execution of code.
This makes the control flow of the function very hard to follow, and
assumptions becomes more fragile as the function becomes more complex.
This CL forks fs_mgr_overlayfs_teardown() and removes "recovery" bits
from it. A new entry point TeardownAllOverlayForMountPoint() is added
for recovery.
Recovery (fastbootd) should call TeardownAllOverlayForMountPoint() to
teardown overlays of all sources (cache dir, scratch device or DSU).
While fs_mgr_overlayfs_teardown() should only be called from the
userspace.
Also apply some linter suggestions.
Bug: 165925766
Test: adb-remount-test.sh
Change-Id: I7ff7e3409c910782e1ec207fcd02b967a9762bc1
This is a re-landing of the original CL, with a few changes:
- The correct device is now returned in MapUpdateSnapshot.
- The old API is used for tests, and the new API is only tested when
used on a VABC device.
- A sync() call has been added to ensure that writes to the base and
target snapshot devices have been fully flushed. This makes
IsPartitionUnchanged detect the MapUpdateSnapshot bug.
Implement OpenSnapshotWriter for non-compressed Virtual A/B. This is
done by adding an OnlineKernelSnapshotWriter class, which forwards all
writes to a dm-snapshot block device.
This also introduces a new ISnapshotWriter class which extends
ICowWriter, and adds features specific to libsnapshot (versus ICowWriter
which is intended only for the new COW format). The OpenSnapshotReader
call has been moved here since the writer retains all the information
needed to create the reader.
To test the new call, vts_libsnapshot_test has been modified to use
OpenSnapshotWriter.
As part of this change, all consumers of libsnapshot must now link to
libsnapshot_cow.
Bug: 168554689
Test: vts_libsnapshot_test
Test: full OTA with update_device.py
Test: incremental OTA with update_device.py
Change-Id: I90364a58902a4406a37cb14a816642c57a72bec2
Revert "Link to libsnapshot_cow everywhere libsnapshot is linked."
Revert submission 1433573-vab-libsnapshot-linkage
Reason for revert: b/169981170, update crash for droidfooders.
Reverted Changes:
Ie75bba98c:Link to libsnapshot_cow where libsnapshot is linke...
Ieedfadc55:libsnapshot: Partially implement OpenSnapshotWrite...
I28a5d4a88:Link to libsnapshot_cow everywhere libsnapshot is ...
Exempt-From-Owner-Approval: Revert to unblock dogfood
Change-Id: I0677df77672aca9fd54d94e009ac0be7c88a1a9d
When Android userdata partition has been erased in fastbootd, call
oem specific API doOemSpecificErase() to wipe other userdata in
device.
If oem doesn't implement this specific API in fastboot_hal lib,
fastbootd will receive 'NOT_SUPPORTED' return status.
Bug: 169173873
Change-Id: I9b6a5a4aaed31d1168e633418b189f9bb6d34d01
Implement OpenSnapshotWriter for non-compressed Virtual A/B. This is
done by adding an OnlineKernelSnapshotWriter class, which forwards all
writes to a dm-snapshot block device.
This also introduces a new ISnapshotWriter class which extends
ICowWriter, and adds features specific to libsnapshot (versus ICowWriter
which is intended only for the new COW format). The OpenSnapshotReader
call has been moved here since the writer retains all the information
needed to create the reader.
To test the new call, vts_libsnapshot_test has been modified to use
OpenSnapshotWriter.
As part of this change, all consumers of libsnapshot must now link to
libsnapshot_cow.
Bug: 168554689
Test: vts_libsnapshot_test
Change-Id: Ieedfadc557833c1e0540922aabc6e95c80266a64
When user input fastboot erase userdata, need a follow
up oem command to wipe other user data in device.
We support this new postwipedata command in
"fastboot erase userdata" only.
Bug: 150929955
Change-Id: I9b6a5a4aaed31d1168e633418b189f9bb6d34d01
Ignore-AOSP-First: I9b6a5a4aaed31d1168e633418b189f9bb6d34d01
The build system has added the new target named 'linux_cross' which is
the cross-compiled (i.e. arm on x86) host target. libfastboot is now
configured to use usb_linux.cpp not only for linux_glibc (which is the
native host target using glibc), but for all Linux-based host targets
including linux_glibc, linux_bionic, and the new linux_cross.
Note that the device target 'android' is also included in the 'linux'
target. But that doesn't cause a problem because libfastboot is a host
library which is not enabled for the device target.
Bug: 159685774
Test: HOST_CROSS_OS=linux_cross m
out/soong/host/linux_cross-arm64/bin/fastboot
Change-Id: I3a2191b0878a26914cb0282ecf41a45296827c04
The fastbootd over ethernet was implemented with IPv6 link-local
address. An IPv6 address may include many ':'. It will break this fuzzy
test. This new solution uses "tcp:" prefix to identify the fastboot
protocol, like the host fastboot command.
BUG: 157887327
Test: fuzzy_fastboot --serial=tcp:fe80::230:1bff:feba:8128%wlan0 \
--gtest_filter=*Logical*
Bug: http://b/166279510
Change-Id: I8fe7e6e3ade94a26e05a31ac20ed9ab3839dd342
Merged-In: I971fd9e25741e18bf7f5907d562556b09db1d624
Updating language to comply with Android’s inclusive language guidance.
See https://source.android.com/setup/contribute/respectful-code for reference.
Bug: 161896447
Test: Trivial changes
Change-Id: Ia84d47930b5d9ca4a5f7c809777c886bece4f512
If the flashed boot image is smaller than the block device, the AVB
footer will not be at the end of the partition. Although images are
normally created to match the partition size the GKI boot.img must work
on all devices, and the size of the boot partition will vary.
Copy the AVB footer to the end of the partition before flashing, if it
is not there already.
Bug: 159377163
Change-Id: I5a5e25fb54dc9d6a2930fda63434968808ffa1f0
Merged-In: I5a5e25fb54dc9d6a2930fda63434968808ffa1f0
If the flashed boot image is smaller than the block device, the AVB
footer will not be at the end of the partition. Although images are
normally created to match the partition size the GKI boot.img must work
on all devices, and the size of the boot partition will vary.
Copy the AVB footer to the end of the partition before flashing, if it
is not there already.
Bug: 159377163
Change-Id: I5a5e25fb54dc9d6a2930fda63434968808ffa1f0
Status() is called with an empty string to handle `fastboot oem`
commands. This currently emits a set of spaces and sets
last_start_time such that the epilog can track the time spent in this
command. Emitting the spaces is problematic however, since it results
in the follow:
$ fastboot oem device-info
(bootloader) Verity mode: false
(bootloader) Device unlocked: true
(bootloader) Device critical unlocked: true
(bootloader) Charger screen enabled: true
OKAY [ 0.000s]
Finished. Total time: 0.000s
If we skip emitting the spaces, then we get the correct result:
$ fastboot oem device-info
(bootloader) Verity mode: false
(bootloader) Device unlocked: true
(bootloader) Device critical unlocked: true
(bootloader) Charger screen enabled: true
OKAY [ 0.001s]
Finished. Total time: 0.001s
There are no other uses of Status() with an empty string, so this
changes won't impact other commands.
Bug: 158310284
Test: fastboot formats this and other commands correctly.
Change-Id: I6294acefc65a8399160c0944b3fbc2f2ace919ed
The Nexus 7 bootloader just returns the empty string for unknown
variables, which confused the new snapshot code.
Bug: https://issuetracker.google.com/158232468
Test: no Nexus 7 available during covid-19 :-(
Change-Id: I35ff8889b27944e8b7426eca4f513d9fa562c6d4
The fastbootd over ethernet was implemented with IPv6 link-local
address. An IPv6 address may include many ':'. It will break this fuzzy
test. This new solution uses "tcp:" prefix to identify the fastboot
protocol, like the host fastboot command.
BUG: 158040108
Test: fuzzy_fastboot --serial=tcp:fe80::230:1bff:feba:8128%wlan0 \
--gtest_filter=*Logical*
Change-Id: I971fd9e25741e18bf7f5907d562556b09db1d624
It's not possible to programmatically determine which fastboot mode a
device is in, without sending a getvar:is-userspace query. Unfortunately
this is not possible asynchronously, and may interrupt other queries
being processed.
This patch changes fastbootd's USB interface name to "fastbootd". Note
that tools use the protocol number/class and not this string, so it
should be safe to extend. When using "fastboot devices", the interface
name is now listed if set. Note that currently only the Linux version of
the fastboot tool is capable of reading the interface name.
Bug: 156966319
Test: fastboot devices on Linux
Change-Id: I57ccf2bec1dda573fe3ac628a646624b76f45905
The current fastbootd only supports USB protocol. But some Android TV
devices are built without USB port. The fastbootd cannot be used on
those ATV devices due to it.
This change adds TCP protocol for such devices and fastbootd.protocol
property is added to control which protocol to use.
BUG: 152544169
BUG: 155198345
Test: manual test.
Change-Id: Idc391e677eb6a1880036419ba5f6c4160e8dbcbc
Merged-In: Idc391e677eb6a1880036419ba5f6c4160e8dbcbc
If the flashed boot image is smaller than the block device, the AVB
footer will not be at the end of the partition. Although images are
normally created to match the partition size the GKI boot.img must work
on all devices, and the size of the boot partition will vary.
Copy the AVB footer to the end of the partition before flashing, if it
is not there already.
Bug: 156036850
Change-Id: I11f0c7d32d1b6c74edd4f84f815d175605280cb8
Merged-In: I11f0c7d32d1b6c74edd4f84f815d175605280cb8
The current fastbootd only supports USB protocol. But some Android TV
devices are built without USB port. The fastbootd cannot be used on
those ATV devices due to it.
This change adds TCP protocol for such devices and fastbootd.protocol
property is added to control which protocol to use.
BUG: 152544169
Test: manual test.
Change-Id: Idc391e677eb6a1880036419ba5f6c4160e8dbcbc
If the flashed boot image is smaller than the block device, the AVB
footer will not be at the end of the partition. Although images are
normally created to match the partition size the GKI boot.img must work
on all devices, and the size of the boot partition will vary.
Copy the AVB footer to the end of the partition before flashing, if it
is not there already.
Bug: 156036850
Change-Id: I11f0c7d32d1b6c74edd4f84f815d175605280cb8
When merging in recovery, the "imminent data wipe" code was used, which
made the assumption the /metadata and /data state would be zapped. This
caused future OTAs to error because the old snapshots were detected.
This CL allows OTAs to proceed even if unexpected snapshots are present.
It also forces the state to "MergeCompleted" after a merge in recovery,
so that the next normal boot can perform cleanup.
Bug: 155339165
Test: fastboot snapshot-update merge, then take another OTA
vts_libsnapshot_test
Change-Id: Ief6dea3ba76323044e61307272dda320a4494aea
Merged-In: Ief6dea3ba76323044e61307272dda320a4494aea
When merging in recovery, the "imminent data wipe" code was used, which
made the assumption the /metadata and /data state would be zapped. This
caused future OTAs to error because the old snapshots were detected.
This CL allows OTAs to proceed even if unexpected snapshots are present.
It also forces the state to "MergeCompleted" after a merge in recovery,
so that the next normal boot can perform cleanup.
Bug: 155339165
Test: fastboot snapshot-update merge, then take another OTA
vts_libsnapshot_test
Change-Id: Ief6dea3ba76323044e61307272dda320a4494aea
1. delete-logical-partition was deleted
- After merge "Don't require bootloader fastboot for VTS compliance." commit, delete-logical-partition sequence was deleted in LogicalPartitionCompliance test. "create-logical-partition failed" is occurred when run vts fastbootverification module. So restore this sequence.
Test: run vts -m VtsFastbootVerification
Bug: 153913610
Signed-off-by: Yongcheol LEE <yongcheol09.lee@lge.com>
Change-Id: I00366b281eafa5677b0941419a86f2702fb3484b
Merged-In: I00366b281eafa5677b0941419a86f2702fb3484b
libsnapshot* uses update_metadata-protos. This
used to be optimized out, but now that SnapshotManager is
virtual, CreateUpdateSnapshots can no longer be optimized out.
Bug: 148956645
Test: compiles
Change-Id: Ib67cafd156308bf5a477996ec32eb786f8e896db