This entry is redundant, as system_shared_libs by default includes
libdl.
This should be a no-op change for the current build system, but avoids
an issue on the alternative (experimantal) build system, Bazel.
Test: md5sum libutils.so before/after on aosp_flame, verified no changes
Change-Id: I18f6e67c3e23299a0f1e0ef530a0a809b068dc03
rpmb_dev is a rpmb device stub used in emulation
as well as platform early bringup so we don't expect
any open source developer to be impacted by the migration
from MIT to Apache 2.0.
Note that with such a migration to Apache 2.0, recipients
won't receive lesser permissions, they just have updated
requirements for which license text to share along with the code.
Bug: 191508826
Test: None
Signed-off-by: Armelle Laine <armellel@google.com>
Change-Id: I0ae2bc66901344f8f9227e929a98946e52c50355
So libfsverity_init can be used in init to load fsverity keys in
early boot.
Bug: 199914227
Test: build
Change-Id: I514ab602ef03f4528cb013bd268fa6dfcb7eb5b2
* changes:
snapuserd: Add unit test for test merge code path
libsnapshot: Add vts_userspace_snapshot_test
libsnapshot: Integrate userspace snapshots APIs
fs-verity is required for new devices launched with R.
This allows files stored on /metadata to be protected by fsverity.
Bug: 199914227
Test: mini-keyctl padd asymmetric fsv-sepolicy .fs-verity \
< /system/etc/security/com.android.sepolicy.cert.der
cp /apex/com.android.sepolicy.apex/app/SEPolicy-33/SEPolicy-33.apk \
/metadata/sepolicy/
fsverity enable /metadata/sepolicy/SEPolicy-33.apk \
--signature=/apex/com.android.sepolicy.apex/etc/SEPolicy-33.apk.fsv_sig
Change-Id: I44434e3d026f1dbe6e261c365b3c70d3556a80b1
Vendor APEX section should not separate SPHAL in generic, and also
default namespace does not contain vendor libs in the scope. This change
updates libvndksupport to check 'vendor' namespace when there is no
sphal namespace for vendor APEX section case.
Bug: 193861508
Test: AOSP CF x86_64 boot succeeded
Change-Id: I04cefc12be4c8ec261efb1688a8307b7061bf068
In previous kernels, overlayfs stored its xattrs with a "trusted."
prefix. This requires CAP_SYS_ADMIN. As a workaround, we carried
out-of-tree kernel patches to bypass the security checks on these attrs.
The 5.15 kernel however has a new mount option "userxattr". When this is
set, the "trusted." prefix is replaced with "user.", which eliminates
the CAP_SYS_ADMIN requirement.
On kernels >= 5.15 we can use this feature and drop some of our
out-of-tree patches.
Bug: 204981027
Test: adb remount on cuttlefish with >=5.15
Change-Id: I3f0ca637a62c949fe481eea84f2c682f1ff4517a
Most of the test cases are similar to dm-snapshot-merge.
Additional test cases have been added primarily to test
I/O's in parallel with merge.
Bug: 193863397
Test: snapuserd_test
Signed-off-by: Akilesh Kailash <akailash@google.com>
Change-Id: I2764e6971989c121be873cc425cac464f31ce85f
dm-user block device will be the snapshot device; thus, no
more explicit call to MapSnapshot(). Additionally, block device
name for dm-user will be the snapshot name so that mount works
seamlessly.
API's to query the snapshot status, merge progress has been
integrated. Since daemon requires base device for merge, we pass
additional parameter during initialization.
Add a new virtual a/b property flag to enable/disable
user-snapshots feature. Propagate this flag to init layer
for first stage mount during boot process.
Some minor cleanup and renaming of variables.
Bug: 193863443
Test: 1: Full OTA on CF and pixel and verify the merge completion.
Tested merge-resume path by rebooting device during merge.
2: Incremental OTA on CF and pixel
Signed-off-by: Akilesh Kailash <akailash@google.com>
Change-Id: I5088f40a55807946cd044b3987678ead3696d996
It is expensive to keep the non-protobuf path around and it hasn't
been used for an entire release without anyone noticing, so remove it.
Create new end-to-end unit tests that cover tests of the non-proto
code paths that are being deleted.
Bug: 197981919
Test: Unit tests pass.
Change-Id: Ia1c45572300bd63e5f196ad61e5e5386830c8ece
ReadFstabFromFp() have two callers right now, ReadFstabFromFile() and
ReadFstabFromDt(). ReadFstabFromFile() opens a FILE* and pass it to
ReadFstabFromFp(), and ReadFstabFromDt() wraps a std::string::c_str()
buffer in a FILE* adaptor with fmemopen().
There's no need for such adaptor, just change ReadFstabFromFp() to
accept std::string and we're good.
Bug: 206740783
Bug: 204056804
Test: atest CtsFsMgrTestCases
Test: m libfstab_fuzzer
Change-Id: I3f56a83ec5baf7b0d97a618a2c2bb6e31b67b5d9
android::base::Tokenize() is like android::base::Split() but ignores
empty tokens. Think strtok_r() and strsep().
C++-ify parsing code by replacing strtok_r() with Tokenize(), which
results in more concise and readable code.
Bug: 204056804
Test: atest CtsFsMgrTestCases
(cherry picked from commit 3c1b581fd5)
Change-Id: Icce8c1b5ad074421052f68fa138d90adb85cca27
Revert "Demonstrate multi-installed APEXes."
Revert "Adds a new prop context for choosing between multi-insta..."
Revert "Adds multi_install_skip_symbol_files field (default fals..."
Revert submission 1869814-vapex-multi-config
Bug: 206551398
Reason for revert: DroidMonitor-triggered revert due to breakage https://android-build.googleplex.com/builds/tests/view?invocationId=I55600009996329947&testResultId=TR93527797572038984, bug b/206551398
Reverted Changes:
I0cd9d748d:Adds multi_install_skip_symbol_files field (defaul...
I5912a18e3:Demonstrate multi-installed APEXes.
I0e6881e3a:Load persist props before starting apexd.
I932442ade:Adds a new prop context for choosing between multi...
I754ecc3f7:Allow users to choose between multi-installed vend...
Change-Id: I27a4985061b112af7d0e9b95b6d42ccd9b846471
ReadFstabFromFp() have two callers right now, ReadFstabFromFile() and
ReadFstabFromDt(). ReadFstabFromFile() opens a FILE* and pass it to
ReadFstabFromFp(), and ReadFstabFromDt() wraps a std::string::c_str()
buffer in a FILE* adaptor with fmemopen().
There's no need for such adaptor, just change ReadFstabFromFp() to
accept std::string and we're good.
Bug: 204056804
Test: atest CtsFsMgrTestCases
Test: m libfstab_fuzzer
Change-Id: I71190c7356a354aa06d1be3fdc4ca76611b3896d
class_restart accidentally restarts disabled services. Changing this
behavior is risky as it could break compatibility. Instead, add an
"--only-enabled" argument to class_restart to opt-in to the new
functionality. This syntax is backward compatible, as previously only a
1-argument form was accepted.
Bug: 190065372
Bug: 198105685
Test: add a class_restart action and a disabled service, make sure
service is not restarted.
Change-Id: Idb08779de7ac7a21e23f8b8a3276bd5a66a43299
Unfortunately, some recovery fstabs still specify the FDE options, where
they never really did anything anyway. Allow them for now, since it
seems preferable to restrict any breakage to the case that really
matters (devices actually configured to use FDE in their main fstab).
Bug: 191796797
Bug: 206025578
Change-Id: I85e35af8f42d2aef91f08816a67a71bbf756b211
There are some fstab files that specify "encryptable=footer" for
adoptable storage volumes, which contradicts the documentation which
says that it should be "encryptable=userdata". However, the argument
was previously being ignored anyway. To avoid unnecessarily breaking
such devices, ignore the argument to "encryptable".
Note that we continue to only allow "encryptable" in combination with
"voldmanaged". So, fstabs that use "encryptable" for FDE (rather than
for adoptable storage) should continue to be rejected.
Bug: 191796797
Change-Id: Idc4d5f9c01098f997e12be0022bea992439cec9c
