Can supply a specific partition to remount. Partitions can be
specified by name or mount point. Some extra work to differentiate
an unknown partition, invalid partition, or one that is covered by
overlayfs.
Test: adb-remount-test.sh
Bug: 122602260
Change-Id: Iab6f51c2b5ebe01f1cea3fb235445d5e2f495365
This introduces a new SplitFiemap class that will divide an allocation
request across multiple FiemapWriters. This is primarily useful on
filesystems that have onerous restrictions on maximum file sizes. Vfat,
for example, supports a maximum of 4GiB, which is too small to satisfy
larger userdata size requests.
Bug: 126230649
Test: fiemap_writer_test gtest
Change-Id: I3c95d341e4e94e0c44bbf0e8553c34ccfdcd155b
When flashing in fastbootd, we create a new MetadataBuilder using the
given super_empty.img and attempt to import the existing partition
table. This will fail if there is some incompatibility in the partition
layout or partition quotas.
This import code was accidentally double-accounting partitions when
determining if they could fit within the group quota, preventing
"fastboot flashall" once partitions reached a certain size.
Bug: 126930319
Test: liblp_test gtest
Change-Id: I89a69cba110b62719197c9a4885cfc5bcf8f009f
Rather than require block-size alignment, instead bump the requested
file size to the necessary alignment. This ensures that the final block
is usable without placing onerous restrictions on the caller to figure
out the file system's block size.
This will require callers (namely, gsid) to track the actual desired
image size separately from the flie size.
This patch also updates tests to use the actual filesize of the
filesystem, rather than hardcoded 4096.
Bug: 126230649
Test: fiemap_writer_test gtest
Change-Id: I000cca274718c3ceac526d7c3392fe3a23bb42bc
We should check if the fs_mgr option starts with "avb_keys" before
"avb". Otherwise, it will treat "avb_keys" as "avb" fs_mgr option.
Bug: 112103720
Test: atest fs_mgr_unit_test
Change-Id: I88446222fa88e8ecfcd6f96d30ad4336ebe146a8
Deal with first version of verity for legacy products.
Test: system/core/fs_mgr/tests/adb-remount-test.sh
Bug: 120448575
Bug: 123079041
Change-Id: I7a2dd8309cbb19751fdbb05d4efc30c486615e04
The -R flag tells remount it can reboot to disable verity or to
run fsck on an ext4 deduped filesystem, or both.
Testing may include a manual component because adb-remount-test.sh
needs to run from a device in an enable-verity state to test this.
Only recognizes chained avb.
Test: adb-remount-test.sh
Bug: 122602260
Change-Id: I6ce4372532d9b933dcca9e2bec544d525b76c4d9
Allow selection of an fstab file. This is to mirror the built-in
functionality associated with init mount_all <fstab> command.
Test: adb-remount-test.sh
Bug: 122602260
Change-Id: I5fc2f3707c1dafd687c826eaccbaab03a408035b
Logging normally goes to stderr, also send output redirected to the
Android Logger. Required if command is exec'd, useful if commanded
from shell.
Test: manual confirmation of both outputs.
Bug: 122602260
Change-Id: Ibc2e14bd4fad561514c0c33741da8ca6f00af3f3
There is currently no good option for callers to setup overlayfs
on-device, it is automated as part of the adb services. Add a
remount command that does what is needed that simulates the salient
behaviors of the adb remount command.
Clean up some noise restoring device to original state when done.
Test: adb-remount-test.sh
Bug: 122602260
Change-Id: Idf213800a8182cb1c51600c8f574df8a8cd68d4a
Handle a device in recovery mode gracefully. Handle a device
that fails to boot into a commanded state more gracefully.
Deal with regression where die() calls restore(), and we can not
have this under the conditions where we are ignoring the error
in a subshell.
Test: adb-remount-test.sh
Bug: 118225373
Bug: 123079041
Change-Id: Ie37beb245d0ec55eb00757cdb93da34ff9c42827
The FstabEntry.avb_key is renamed to FstabEntry.avb_keys, to
allow specifying multiple avb keys, separated by ':'
(because ',' is already used by fstab parsing).
Bug: 124013032
Test: boot live GSI with multiple allowed AVB keys
Change-Id: Iacd3472a1d5a659dfecf09ea6074d622658f4d0b
The original adb-remount-test.sh when certifying kernels allowed a
pass on 4.4 kernels because it added new content, and missed a test
for overriding existing content. When the test was added to confirm
APEX control of libc.so, it serendipitously added a check for
overriding existing content, which the 4.4 kernel did not allow to
pass. Update the tests and documentation to reflect this new state
of affairs.
Summary: 4.4 kernel overlayfs driver worked partially without the
patch for override_creds.
Test: adb-remount-test.sh
Bug: 126256072
Change-Id: I979ea59a12bc0b9926826b9b09a7893ab3b9ee7f
This allows fiemap_writer_test to be run on any read-write partition or
block device.
Bug: 126230649
Test: fiemap_writer_test
Change-Id: Ie002cb77c84c683e5f242695882ba78d510eca36
Make it easier to collect test execution time.
Clean up some noise restoring device to original state.
Test: adb-remount-test.sh --print-time
Bug: 123079041
Change-Id: I56f12698ff25362dcefcf8a6ddd8f96a23b37f34
init first stage manufactures a / mount pointing to /dev/root and
we can not use that for checking the filesystem. Result is /system
overlay is mounted in second stage.
This adjustment to special case /dev/root is safe for overlayfs
handling because we will also gate on content in
/mnt/scratch/overlay/system, which will not be set during runtime
setup because check will have the proper block device at that time.
Test: adb-remount-test.sh
Bug: 123079041
Change-Id: I9c6674163955155f26ad2b0c9b78e9ff6507a514
The copy of /data/* doesn't work now, so put the fstab content
into the unittest source instead.
Also replacing ReadFstabFromFd with ReadFstabFromFile, to prevent
race.
Finally, two test cases are temporarily disabled due to read
fstab file error (root cause is still unknown).
Bug: 124837435
Test: atest 124837435
Change-Id: Ib6a3d931a48bffd8be23bda23fa4492babafd166
This commit extracts the security patch level (SPL), e.g.,
com.android.build.system.security_patch = 2019-04-05 from AVB property
descriptors when attempting to mount a standalone image (e.g., live
GSI). Then compares the SPL between the old system.img and the new live
system.img for rollback protection.
Bug: 122705329
Test: boot an old Live GSI, checks rollback is detected
Change-Id: I7aae58c0b2062a3ff57ed932ad58e7b604453fed
Remove a superfluous check in fs_mgr, since those return values are
already impossible for a non-debuggable build. Replace a one time
call to __android_log_is_debuggable(), since there's no reason to
cache the value or use this symbol.
Test: build
Change-Id: Icd4bef7b616c49d304303747388d7e3018c6fcfc
In ReadFstabFromFile(), currently it always adds 'system_gsi' and
'userdata_gsi' fstab entries when running in Live GSI. As the API
might be used to load a fstab file without "/system" and/or "/data",
it's better to replace "/system" with 'system_gsi' and "/data" with
'userdata_gsi', instead of adding 'system_gsi' and 'userdata_gsi'
unconditionally.
Bug: 124640105
Test: boot a Live GSI, then `atest libfs_avb_device_test`
Change-Id: I52928f95b9ebd12ce09ffd538caf96a2de430dbc
Add a test that creates files in the appropriate vendor_overlay directory and
verifies that they are correctly overlaid (or not) onto /vendor after rebooting.
Test: locally running atest
Change-Id: I65860dbeb837f86ac030fa51b3af93844e82de96
Harden adb-remount-test.sh script. Add --no-color and --color
options. Allows --serial to be passed in. Add a recovery handler
that restores the device to verity enabled if possible. List the
partitions sizes as they may be relevant to triaging errors. Allow
for devices that have a mixed set of remounts, some direct, some
with overlayfs. Allow two scripts to run at the same time on a host
machine targetting different devices. Detect if wrong adb is used
for adb reboot-fastboot.
Add a build target for adb-remount-test.sh so that the script
is landed into the host tools bin for easy pickup.
Test: adb-remount-test.sh
Bug: 123079041
Change-Id: I6369a245a656419067ec4350a4dbdf78c9b0533e
Refactor fs_mgr_candidate_list into fs_mgr_overlayfs_candidate_list
that reports all the possible candidates. The caller is responsible
for filtering out any that have verity enabled.
Sundry improvements to the adb-remount-test.sh script to improve
stability and feedback.
Test: adb-remount-test.sh
Bug: 122602260
Change-Id: I2399f83d8ed77d8f3d2ad1405d0c187ccbace764
The client can include <fs_avb/fs_avb_util.h> to use the two new
functions to load vbmeta for a FstabEntry and extract the hash tree
descriptor from the loaded vbmeta, respectively.
// Given a FstabEntry, loads and verifies the vbmeta.
std::unique_ptr<VBMetaData> LoadAndVerifyVbmeta(...);
// Gets the hashtree descriptor with avb_partition_name from the vbmeta.
std::unique_ptr<FsAvbHashtreeDescriptor> GetHashtreeDescriptor(...);
Bug: 65470881
Test: atest libfs_avb_test
Test: atest libfs_avb_internal_test
Test: atest libfs_avb_device_test
Change-Id: I7d6619eb8140c14734ffb8f8a1b22cddd2f562f0
fs_mgr_update_verity_state() has two callers with generally different
intentions. One caller loops through all entries in the default fstab
to set partition.<mount_point>.verified properties. The other caller
is only interested in whether or a specific mount point has verity
enabled.
Given this, we refactor fs_mgr_update_verity_state() to
fs_mgr_get_verity_mount_point() which takes a single FstabEntry and
returns the mount point used for the dm-verity device or an empty
option if verity is not enabled on that mount point.
Test: adb-remount-test.sh test on blueline
Change-Id: Ic7dd8390509e95b2931b21e544c919a544138864
It is better to guarantee that a /system or / entry will be present in
first stage mount than it is to maintain the code to fake an entry if
its not present in the input fstab.
Test: adb-remount-test.sh on blueline
Change-Id: I8aa3e704903b8abf06b1c63be071913a9de58eb3
Rather than constructing a userdata fstab entry from scratch, this patch
will modify the vendor fstab to preserve the desired encryption
properties and filesystem type.
Bug: 123906417
Test: manual test
Change-Id: I338715fc62628169e8eafbf4a3125e4aadf0ff15
