Add in replace ops to WriterV3 without compression support (will be
added in later). CowReader also has to be changed since we no longer
have a CowFooter (our checks need to be updated correspondingly).
We need next_data_pos_ to be pointed to after the operation buffer. This
section is appended to incrementally as we write replace + xor
operations
Test: cow_api_test
Change-Id: Ie979c72f842edd04337d900fd43dac8031207517
Add zero block operation to writer v3. We currently write this operation
to after the scratch space. Once resume point support is added we may
need to change this to write after the resume point. This CL only
supports zero blocks, so writeoperation does not take in data yet.
Bug: 307452468
Test: cow_api_test
Change-Id: I659b2e2e4f6e0d96e374ed29012318cc34b4158d
Also adds a test for CowWriterV3 + CowParserV3.
Bug: 307452468
Test: read a header written by v3 writer
Change-Id: I77cf048604c82a010cfdbfb38d0f8beef597d112
Add in Parser base class and refactor code to work with it. Base class
will have ops() method which returns a vector of v3 operations.
v2_parser translates it's v2 operations to v3 operations with this
method.
Bug: 307452468
Test: Test with critical OTA paths?
Change-Id: I52d0d0554973714189a6e1013d026f96503238b6
Add in Parser base class and refactor code to work with it. Base class
will have ops() method which returns a vector of v3 operations.
v2_parser translates it's v2 operations to v3 operations with this
method.
Bug: 307452468
Test: Test with critical OTA paths?
Change-Id: Iccc9755a892911a1638f5b62d7d6a2402c68ab20
After mapping COW device, wait for the device to appear
before initializing it.
Bug: 305829996
Test: OTA on Pixel
Change-Id: If9e0e1ce684aa15bc9f3fd5a01e4f0421de87e81
Signed-off-by: Akilesh Kailash <akailash@google.com>
Vendor overlay was introduced to enable system-only update with small
changes on the vendor, but this is no longer required with same reason
of VNDK deprecation - more frequent Vendor update than expected, and
makes system-vendor interface unstable. This change adds more comments
to explain that Vendor overlay will be deprecated along with VNDK, and
skip test if VNDK is deprecated.
Bug: 307925435
Bug: 307902290
Test: fs_mgr_vendor_overlay_test passed with CF trunk-staging device
Change-Id: I7b9359a5754e8740e749c48f6265a1b0f92f13af
There are a few places where an index is randomly generated, but the
max is incorrectly set to the size of the value not one less than
the size.
All of these occurrences have been fixed.
Bug: 306230574
Test: Ran fuzzer instance that failed, no longer fails.
Change-Id: I20dfbc19a0df9cb160f8c861e072f083e24a4fab
Instead of having the user to retry the `remount` command until success
(manual poll). Just block the remount command until checkpoint is
complete, and then continue.
Bug: 252989722
Test: adb remount on a cold device, remount command would block for a
few dozens of seconds and then continue.
Test: adb remount on a warm device, remount command would process
immediately. Do not show "force end checkpointing" instructions.
Change-Id: I65f3a5ade4c9538a55892345c75b45ac3a1755fd
When aborting from fs_mgr_overlayfs_mount, we should remove any temp dir
we created under /dev before aborting the program.
Bug: 306124139
Test: adb-remount-test
Change-Id: I6debf84935e39d884f2f5b3e9720fdfd4332465c
The move mount motions logic are built on top of heuristics and allow
non-fatal failures.
If the overlay was setup and mounted without reboot (this could happen
if AVB is disabled), the mount state (especially the MS_SHARED and
MS_PRIVATE flags) can still get skewed somehow, due to unforeseen errors
or resource race.
It is always advised to reboot after initial overlay setup, as the
overlay mount logic is less likely to require moving submounts when
executed by `init`, this provides the greatest chance of success.
Below is an example of the expected outcome of remounting submounts:
[precondition]
* AVB is already disabled, so overlay is setup and mounted w/o reboot
* No existing overlay; is initial overlay setup
0. /proc/self/mountinfo would contain something like:
<id> <parent id> <mountpoint> <shared/private> <filesystem>
2 1 /product shared:2 erofs
3 2 /product/app shared:3 erofs
1. adb remount /product/app
(note how the mount flag of <3> changes to private so <30> can be
MS_MOVE later)
2 1 /product shared:2 erofs
3 2 /product/app private erofs
30 3 /product/app shared:30 overlay
2. adb remount /product
(note how the parent of <30> changes to <40> as the result of MS_MOVE)
(note that <3> is _not_ moved)
2 1 /product private erofs
3 2 /product/app private erofs
30 40 /product/app shared:30 overlay
40 2 /product shared:40 overlay
Bug: 306124139
Test: adb-remount-test
Test: Verified with a remount submount scenario by editing the fstab.
Test: remount /system/bin then /system and verify the submount overlay
(/system/bin) is moved under the parent mount overlay (/system).
Change-Id: I6cdbe8c52d826a6f03fd363c909ebb0005446b96
Instead of using the basename(mounpoint) as partition scratch dir name,
which could lead to name collision, use the normalized and encoded
mountpoint as scratch dir name.
Bug: 243503963
Bug: 306124139
Test: adb-remount-test
Change-Id: I5a64f17bc3b88f0ce42bd0c5779c8dd23a07917f
Cow reader will store header v3 in memory. ReadCowHeader can remain
mostly unchanged since the cow prefix is the same.
header->prefix.header_size will then tell us if we're reading a v3 or v2
header. v3 header is strictly a superset of v2 header so we can read a
v2 header into a v3 struct.
Added a test case to test_v3 where we write a header using v2_writer and
ensure CowReader is able to read it.
Test: cow_api_test
Change-Id: I142f18d871322930b7dc341c342c8b63a481341c
V3 writer set up header. Anything related to cluster ops can be set to
zero, as V3 cow format will no longer support this. All footer related
code can also be dropped as the footer isn't being used.
Test: cow_api_test
Change-Id: I39ece8eaa0813c5991d53b5e0ff9271f27e0662a
Removing lseek call as writefully() should be sufficient in ensuring our
fd is moved to the correct spot
Test: cow_api_test
Change-Id: I404b192335ab1672ed61de426e17e63ab9d51ece
Adding gflags + some basic functionality to this binary. We should be
able to use this to write v2 or v3 cow, and then use inspect_cow to
inspect the contents
Test: write_cow
Change-Id: I44bf5a8c807c4c4759e54624c51e966f2ea18ce9
Gonna add to this binary options to write v2 + v3 cow, + some additional
configurations (for testing purposes). I think this binary can serve as
something to use in parallel with inspect_cow
Test: m write_cow
Change-Id: I93c703b246baa5b400044436a94b33a32e03ea68
Rather than split this into two binaries as we did for libsnapshot, this
uses test parameterization. I went this route because even for async
builds, the sync path must always work as a fallback.
Bug: N/A
Test: snapuserd_test
Change-Id: Ib68c8fd831c345f41a4e14a99fd0a0b8b1d47b6d
Merge thread will mark merge-completion after msync on header is
complete. This should be definitive enough to track the completion
status.
Bug: 305187301
Test: OTA on Pixel
Change-Id: I366dc5052fa91a6eacf394a1970200cdebc0e135
Signed-off-by: Akilesh Kailash <akailash@google.com>
We have seen multiple OTA failures with invalid geometry magic
signature. Make partition metadata write atomic by writing to a tmpfile
first and then do a rename.
Test: th
Bug: 303770065
Bug: 298149189
Change-Id: Id1d565de73439b95b665144c2f02fc97273d341c
* This results in a metric ton of denials on some devices and
eats up valuable resources on boot, plus there's 0 need for it,
so kill it.
Change-Id: Ic52d5b3f06724430e9505345024cf0041b37ca49
v2 writer and v3 writer will write different versions of the header.
It's better to have each writer hold it's own header.
Test: th
Change-Id: Ibe310d58b830950ad556aabcd0c1009483fc8d86
