Commit graph

43459 commits

Author SHA1 Message Date
Josh Gao
919b70cde1 Enable the APEX support on the device side.
Test: on device
Merged-In: Ic6e237556fa059e02cf9c55d1c034947b7dfb405
Change-Id: Ic6e237556fa059e02cf9c55d1c034947b7dfb405
2018-12-03 22:29:52 +09:00
Tom Cherry
7f5a2d3c8f Merge "fs_mgr: fix typo from off64_t change." 2018-11-30 23:33:50 +00:00
Mark Salyzyn
4115c2caf6 Merge "fs_mgr: overlay: test assumption wrong if verity is enabled" 2018-11-30 20:36:27 +00:00
Tom Cherry
2c25796aa0 fs_mgr: fix typo from off64_t change.
I accidentally changed some _mode enums from unsigned int to off64_t
along with the rest changes.  They probably shouldn't have been
unsigned anyway though, so let's make them plain 'int' while we fix
the original typo.

Test: boot
Change-Id: I0c6c51a1a8170056b99087d249539eb79026cffe
2018-11-30 11:29:46 -08:00
Tom Cherry
9d24734b5c Merge "fs_mgr: fixup 'size' attributes of fstab." 2018-11-30 16:33:54 +00:00
Mark Salyzyn
03d6f9a176 fs_mgr: overlay: test assumption wrong if verity is enabled
Test script assumes overlayfs takeup after disable-verity, although
that can happen if verity is already disabled, it is not the case
for devices that just had it disabled.  Move takeup and first stage
init tests downwards to where the condition is guaranteed.

Differentiate the test for devices that support or have verity, and
those that do not.

Fortify test to also use /data mount to check init first stage limit.

Test: adb-remount-test.sh
Bug: 109821005
Change-Id: I5241d6c97bf374614e50aa0aa18a1b9d118be093
2018-11-30 07:49:32 -08:00
Idries Hamadi
fafd21159c Merge "Fix fastdeploy issues when testing Boat Attack Unity3D demo" 2018-11-30 08:43:05 +00:00
Treehugger Robot
e43c146eb4 Merge "fs_mgr: move AVB related source into libfs_avb" 2018-11-30 06:59:38 +00:00
Treehugger Robot
79bd67bb2f Merge "Support product partition for non-treblized devices" 2018-11-30 02:12:15 +00:00
Treehugger Robot
9b52891918 Merge "Validate allocations against mappings" 2018-11-30 01:33:27 +00:00
Treehugger Robot
7472cf6c53 Merge "fs_mgr: add README.overlayfs.md" 2018-11-29 23:39:38 +00:00
Tom Cherry
ac3c7740ad Merge "init: always create a symlink from /init to /system/bin/init" 2018-11-29 23:22:58 +00:00
Tom Cherry
fafbb648e0 fs_mgr: fixup 'size' attributes of fstab.
'off64_t' is the correct way to specify a size of a file system, so we
update the various fs_mgr fstab attributes accordingly.

Test: boot
Change-Id: I07ebe687b7c215a8d07ce49d6d32e81b798d1cd3
2018-11-29 13:32:35 -08:00
Mark Salyzyn
a9a3b73163 fs_mgr: add README.overlayfs.md
Add documentation regarding overlayfs logistics.

Test: none
Bug: 109821005
Change-Id: I8092fdd548a28f8c860b5dd6175b657728a48801
2018-11-29 12:22:53 -08:00
David Anderson
d57025dc46 Merge "fastboot: Delete logical "other" partitions on retrofit devices." 2018-11-29 19:52:12 +00:00
Colin Cross
3ca1976fa7 Validate allocations against mappings
Bug 120032857 is seeing what appears to be allocations with incorrect
end addresses, leading to a much later crash when it tries to map
a zero page outside the valid virtual address space.  Detect allocations
that extend outside the highest or lowest memory mapping and crash
immediately instead.

Test: memunreachable_test
Bug: 120032857
Change-Id: I9be670a025143e7078360a6bf7a83219279614d9
2018-11-29 11:02:56 -08:00
Tom Cherry
9843007327 init: always create a symlink from /init to /system/bin/init
Even though it isn't strictly needed when not system-as-root, for
backwards compatibility, it is desired to keep this symlink.

Bug: 119851742
Test: tree-hugger
Change-Id: I47bc25ab257336f56ef09b5db6ebaf6b17daad35
2018-11-29 09:39:30 -08:00
Treehugger Robot
044e02764d Merge "Run BoringSSL self test during startup" 2018-11-29 16:56:19 +00:00
Tom Cherry
3ecaf2e7f5 Merge "init: clean up the 1st/2nd stage init split" 2018-11-29 16:50:37 +00:00
Ivan Lozano
4cafb54481 Merge "Revert "Disable XOM in init."" 2018-11-29 15:58:11 +00:00
Bowgo Tsai
c1bc2813c9 fs_mgr: move AVB related source into libfs_avb
This CL also adds namespace android::fs_mgr and remove FsManager* prefix
for class names. Note that android::fs_mgr::FsManagerAvbOps will be removed
in later CLs when fs_mgr doesn't rely on libavb->avb_slot_verify() to
parse vbmeta structs.

Some lingering sources for by_name_symlink_map_ are also removed.

Bug: 112103720
Test: boot crosshatch_mainline-userdebug
Change-Id: I2d1a5cc39bcd5a699da8d5539f191d8c7737c4af
2018-11-29 22:21:33 +08:00
Idries Hamadi
49cdcfd3f3 Fix fastdeploy issues when testing Boat Attack Unity3D demo
The --fastdeploy switch caused errors when CRC collisions were present in the input apk and/or
an apk with a similar package name to the input apk was already installed on the device.

Test: mm -j 64
Test: adb install -r --fastdeploy --force-agent --local-agent /mnt/raid/boat-attack-apk/boat-attack-swappy.apk

Bug: 119934862
Change-Id: Ibfe0cec38bdbb7371803fc2f73b0ec1697cef624
2018-11-29 14:16:04 +00:00
Idries Hamadi
01011fee14 Merge "Add OWNERS file to fastdeploy so idries@ can approve changes" 2018-11-29 11:37:51 +00:00
Treehugger Robot
cbc4116352 Merge "fs_mgr: skip fs_mgr_overlayfs_required_devices w/o overlayfs in kernel" 2018-11-29 03:37:37 +00:00
Elliott Hughes
894da4e0fd Merge "tombstoned: fixed tombstones failed issue" 2018-11-29 01:48:29 +00:00
David Anderson
0c73234fe0 fastboot: Delete logical "other" partitions on retrofit devices.
On retrofit devices, if both slots contain dynamic partition builds,
then "flashall" will attempt to write secondary images to dynamic
partitions in the other slot. At worst, this can fail with an error. At
best, it will result in the "other" partition not being mounted on first
boot.

This patch therefore deletes logical partitions for secondary images, on
retrofit devices only. On a Pixel device on the "b" slot, this means
"system_a" and "vendor_a" will be deleted before flashing, and therefore
system_other and vendor_other will be flashed to physical partitions
instead.

Bug: 120034852
Test: fastboot set_active a
      fastboot flashall
      fastboot set_active b
      fastboot flashall

Change-Id: I6affe9a6c639b0495bffc77fcf20f329b86ad159
2018-11-28 17:47:21 -08:00
Christopher Ferris
e2e519ea2f Merge "Add support for caching small reads." 2018-11-29 01:10:24 +00:00
Mark Salyzyn
3a08c73ae0 fs_mgr: skip fs_mgr_overlayfs_required_devices w/o overlayfs in kernel
Check if overlayfs is supplied in the kernel before proceeding to
determining if there is a disabled verity and an overlayfs filesystem
to deploy.

Test: adb-remount-test.sh
Bug: 119929969
Change-Id: I28116f0aa6959040bb9f38f46c058a221591f735
2018-11-28 16:20:00 -08:00
Treehugger Robot
4055587ddd Merge changes Ic4e1a1de,Icfceaa46
* changes:
  fastboot: propagate error for format command
  fs_mgr: overlayfs: resize scratch should it be too small
2018-11-28 23:34:29 +00:00
Hridya Valsaraju
a7b0b3ba27 Merge "fastboot: do not die if ANDROID_PRODUCT_OUT undefined" 2018-11-28 21:21:48 +00:00
Christopher Ferris
ef6401091f Add support for caching small reads.
Add benchmarking to verify this is faster.

Test: Ran unit tests.
Change-Id: I1487114331f4581ec2368e56c4f18c6e3e6bcc7d
2018-11-28 13:04:58 -08:00
Branden Archer
d052118702 Run BoringSSL self test during startup
NIAP certification requires that all cryptographic functions
undergo a self-test during startup to demonstrate correct
operation. This change adds such a check.

If the check fails, it will prevent the device from booting
by rebooting into the bootloader.

Bug: 119826244
Test: Built for walleye. After device booted examined dmesg and
      observed logs from init showing that the new task did
      start. Further, when BoringSSL is built to fail its self
      check the device did stop during a normal boot and enter
      the bootloader, and did so before the boot animation stopped.

Change-Id: I07a5dc73a314502c87de566bb26f4d73499d2675
2018-11-28 20:57:00 +00:00
Ivan Lozano
741fe84d56 Revert "Disable XOM in init."
This reverts commit 055347e564.

Reason for revert:
init boots with XOM now. I think this was fixed when this boringssl patch got merged in earlier this week (init has a static dependency on libcrypto):
https://boringssl-review.googlesource.com/c/boringssl/+/33245

Change-Id: I70e15fad4a194c0d2087941bba70dfcd38abe8b5
2018-11-28 19:07:59 +00:00
Alistair Strachan
ef9835967a Merge changes I99d46a2c,I6ff460d0
* changes:
  Skip logical partitions in non-AVB2 case too
  Allow non-A/B, non-retrofit devices to override super_partition
2018-11-28 19:07:13 +00:00
Alistair Strachan
53c5c623c0 Skip logical partitions in non-AVB2 case too
Follow up to the change made for AVB2 devices in
I19371b05912240480dc50864a2c04131258a7103.

The same consideration must be made in the fall through case, which
is taken either if AVB is completely disabled, or the dm-verity / AVB1
mechanism is used.

Bug: 113175337
Test: boot test on cuttlefish
Change-Id: I99d46a2c2630c40f5f5c02279b11e423998a1e05
2018-11-28 19:06:54 +00:00
Alistair Strachan
0685af0fd7 Allow non-A/B, non-retrofit devices to override super_partition
Some devices we want to test on, like cuttlefish, may not have a
partition table on any block device Android can see. The partitions are
simply exposed as separate block devices. This means we need to be able
to override the super_partition name to a regular block device name even
on non-A/B devices.

Bug: 113175337
Test: boot test on cuttlefish
Change-Id: I6ff460d0ba7b1e26cb5d60ba446737aa49549c18
2018-11-28 19:05:58 +00:00
David Anderson
e0e693c32f fastboot: do not die if ANDROID_PRODUCT_OUT undefined
When checking for existence of "super_empty.img" to determine if
flash image product set is meant for logical partitions, we die if
ANDROID_PRODUCT_OUT environment is unset or empty.  This check
is done before we look at the flash image name to determine if it
is a candidate to look at the logical metadata.

Instead, allow this check to conservatively fail for now.

Test: export ANDROID_PRODUCT_OUT=
      fastboot flash bootloader
Bug: 120041144
Change-Id: I43f124015f9d26c79a0feb9123522432fe937343
Merged-In: I43f124015f9d26c79a0feb9123522432fe937343
2018-11-28 18:54:28 +00:00
Idries Hamadi
484f88bcef Add OWNERS file to fastdeploy so idries@ can approve changes
Test: None
Change-Id: If04c5cadd04b0b866b3e5b73e9e2d5d70db20881
2018-11-28 16:55:00 +00:00
changho.shin
715b1aab50 Support product partition for non-treblized devices
Non-treblized devices use ld.config.legacy.txt, which does not
support product partition, leading to access denial from/to product partition.
Declare directly /product since search paths are resolved in linker config.

Test: m -j with non-treblized device upgraded to P.
Change-Id: Ic142b807f5dbffdfa5c774b3df8d0903b9626b6a
2018-11-28 17:17:05 +09:00
Jinguang Dong
8ac2f27cc2 tombstoned: fixed tombstones failed issue
There is a problem about tombstone, which it will fail to
generate tombstone file in some scenarios due to socket
communication exception.

Reproduce step:
step 1: reboot device
step 2: ps -ef |grep zygote , get the pid of zygote64
(Attention: zygote64 should never been killed or reboot,
otherwise we can get the tombstone file)
step 3: kill -5 pid of zygote64
step 4: cd data/tombstones/, and could not find the tombstone
file of zygote64.

[Cause Analysis]
1. There are following logs by logcat:
11-19 15:38:43.789   569   569 F libc : Fatal signal 5 (SIGTRAP),
code 0 (SI_USER) in tid 569 (main), pid 569 (main)
11-19 15:38:43.829  6115  6115 I crash_dump64: obtaining output
fd from tombstoned, type: kDebuggerdTombstone
11-19 15:38:43.830   569  5836 I Zygote  : Process 6114 exited
cleanly (0)
11-19 15:38:43.830   777   777 I /system/bin/tombstoned: received
crash request for pid 569
11-19 15:38:43.831  6115  6115 I crash_dump64: performing dump of
process 569 (target tid = 569)
...
11-19 15:38:43.937   777   777 W /system/bin/tombstoned: crash
socket received short read of length 0 (expected 12)
2. The last log was print by function of crash_request_cb in
file of tombstoned.cpp, following related code:
  rc = TEMP_FAILURE_RETRY(read(sockfd, &request, sizeof(request)));
  if (rc == -1) {
    PLOG(WARNING) << "failed to read from crash socket";
    goto fail;
  } else if (rc != sizeof(request)) {
    LOG(WARNING) << "crash socket received short read of length " << rc << " (expected "
                 << sizeof(request) << ")";
    goto fail;
  }

Tombstoned read message by socket, and now the message length is
zero. Some socket communication exception occurs at that time.
We try to let crash_dump resend the socket message when the
communication is abnormal. Just as this CL.

Test: 1 reboot device
      2 ps -ef |grep zygote , get the pid of zygote64
       (Attention: zygote64 should never been killed or reboot,
       otherwise we can get the tombstone file)
      3 kill -5 pid of zygote64
      4 cd data/tombstones/, and could find the tombstone file of
       zygote64.

Change-Id: Ic152b081024d6c12f757927079fd221b63445b18
2018-11-28 14:00:27 +08:00
Treehugger Robot
9392718950 Merge "Reduce logging around segfaults" 2018-11-28 04:00:12 +00:00
Treehugger Robot
4380215033 Merge "Fix null pointer dereference in auditParse" 2018-11-28 01:01:43 +00:00
Colin Cross
d780dcbaa5 Reduce logging around segfaults
The excessive logging of pages with segfaults is making it hard to
see what caused the problem, only log the first page that segfaults,
the range that was being walked when the first segfault happened,
and the total number of pages that segfaulted.

Bug: 120032857
Test: memunreachable_test --gtest_filter=HeapWalkerTest.segv
Change-Id: I71821a3f5be65f2fbcb36afc4b7b1ffa4a48e660
2018-11-27 17:00:56 -08:00
Jaegeuk Kim
9c4ae20f0e Merge "make_f2fs: use -g android by default" 2018-11-28 00:57:25 +00:00
Elliott Hughes
f2228e0cc5 Merge "TEST_MAPPING: add the rest of our actively maintained tests." 2018-11-28 00:56:36 +00:00
Treehugger Robot
9f96cc20a2 Merge "Permissions for /dev/uinput" 2018-11-27 23:52:29 +00:00
Treehugger Robot
69f174a488 Merge "Allow product partition to have vendor_overlay" 2018-11-27 23:34:25 +00:00
Justin Yun
dc5a32797e Allow product partition to have vendor_overlay
Most vendor_overlay files are product specific that are not allowed
to be installed on system partition.
To install those files on product partition, product/vendor_overlay
is added to the vendor_overlay source directory list.
If the same files are provided from both partitions, files on product
partition will be used.

Bug: 119850553
Test: Build and boot to check if the vendor_overlay works
Change-Id: I1ae97cb5c9dd66d1da5c9eaa3133426d2ba77471
2018-11-27 23:34:00 +00:00
Dan Austin
b43eb943ae Fix null pointer dereference in auditParse
There is an issue in LogAudit::auditParse where
android::uidToName(uid) crashes with a null pointer dereference.
Include a null check on the value before passing it on.

Bug: 120043607
Test: End-to-end test with syzkaller as per instructions in bug.
Change-Id: Ic0ac5c3003fcd289ec156ce63fbd668413763429
2018-11-27 14:01:29 -08:00
Mark Salyzyn
a30b6964d6 fastboot: propagate error for format command
If fastboot format command fails, return error.

Test: adb-remount-test.sh
Bug: 109821005
Change-Id: Ic4e1a1dea8861028f19ac7f9c834d26e8adba56c
2018-11-27 13:51:42 -08:00