Deal with first version of verity for legacy products.
Test: system/core/fs_mgr/tests/adb-remount-test.sh
Bug: 120448575
Bug: 123079041
Change-Id: I7a2dd8309cbb19751fdbb05d4efc30c486615e04
The -R flag tells remount it can reboot to disable verity or to
run fsck on an ext4 deduped filesystem, or both.
Testing may include a manual component because adb-remount-test.sh
needs to run from a device in an enable-verity state to test this.
Only recognizes chained avb.
Test: adb-remount-test.sh
Bug: 122602260
Change-Id: I6ce4372532d9b933dcca9e2bec544d525b76c4d9
Allow selection of an fstab file. This is to mirror the built-in
functionality associated with init mount_all <fstab> command.
Test: adb-remount-test.sh
Bug: 122602260
Change-Id: I5fc2f3707c1dafd687c826eaccbaab03a408035b
Logging normally goes to stderr, also send output redirected to the
Android Logger. Required if command is exec'd, useful if commanded
from shell.
Test: manual confirmation of both outputs.
Bug: 122602260
Change-Id: Ibc2e14bd4fad561514c0c33741da8ca6f00af3f3
There is currently no good option for callers to setup overlayfs
on-device, it is automated as part of the adb services. Add a
remount command that does what is needed that simulates the salient
behaviors of the adb remount command.
Clean up some noise restoring device to original state when done.
Test: adb-remount-test.sh
Bug: 122602260
Change-Id: Idf213800a8182cb1c51600c8f574df8a8cd68d4a
Handle a device in recovery mode gracefully. Handle a device
that fails to boot into a commanded state more gracefully.
Deal with regression where die() calls restore(), and we can not
have this under the conditions where we are ignoring the error
in a subshell.
Test: adb-remount-test.sh
Bug: 118225373
Bug: 123079041
Change-Id: Ie37beb245d0ec55eb00757cdb93da34ff9c42827
The FstabEntry.avb_key is renamed to FstabEntry.avb_keys, to
allow specifying multiple avb keys, separated by ':'
(because ',' is already used by fstab parsing).
Bug: 124013032
Test: boot live GSI with multiple allowed AVB keys
Change-Id: Iacd3472a1d5a659dfecf09ea6074d622658f4d0b
The original adb-remount-test.sh when certifying kernels allowed a
pass on 4.4 kernels because it added new content, and missed a test
for overriding existing content. When the test was added to confirm
APEX control of libc.so, it serendipitously added a check for
overriding existing content, which the 4.4 kernel did not allow to
pass. Update the tests and documentation to reflect this new state
of affairs.
Summary: 4.4 kernel overlayfs driver worked partially without the
patch for override_creds.
Test: adb-remount-test.sh
Bug: 126256072
Change-Id: I979ea59a12bc0b9926826b9b09a7893ab3b9ee7f
This allows fiemap_writer_test to be run on any read-write partition or
block device.
Bug: 126230649
Test: fiemap_writer_test
Change-Id: Ie002cb77c84c683e5f242695882ba78d510eca36
Make it easier to collect test execution time.
Clean up some noise restoring device to original state.
Test: adb-remount-test.sh --print-time
Bug: 123079041
Change-Id: I56f12698ff25362dcefcf8a6ddd8f96a23b37f34
init first stage manufactures a / mount pointing to /dev/root and
we can not use that for checking the filesystem. Result is /system
overlay is mounted in second stage.
This adjustment to special case /dev/root is safe for overlayfs
handling because we will also gate on content in
/mnt/scratch/overlay/system, which will not be set during runtime
setup because check will have the proper block device at that time.
Test: adb-remount-test.sh
Bug: 123079041
Change-Id: I9c6674163955155f26ad2b0c9b78e9ff6507a514
The copy of /data/* doesn't work now, so put the fstab content
into the unittest source instead.
Also replacing ReadFstabFromFd with ReadFstabFromFile, to prevent
race.
Finally, two test cases are temporarily disabled due to read
fstab file error (root cause is still unknown).
Bug: 124837435
Test: atest 124837435
Change-Id: Ib6a3d931a48bffd8be23bda23fa4492babafd166
This commit extracts the security patch level (SPL), e.g.,
com.android.build.system.security_patch = 2019-04-05 from AVB property
descriptors when attempting to mount a standalone image (e.g., live
GSI). Then compares the SPL between the old system.img and the new live
system.img for rollback protection.
Bug: 122705329
Test: boot an old Live GSI, checks rollback is detected
Change-Id: I7aae58c0b2062a3ff57ed932ad58e7b604453fed
Remove a superfluous check in fs_mgr, since those return values are
already impossible for a non-debuggable build. Replace a one time
call to __android_log_is_debuggable(), since there's no reason to
cache the value or use this symbol.
Test: build
Change-Id: Icd4bef7b616c49d304303747388d7e3018c6fcfc
In ReadFstabFromFile(), currently it always adds 'system_gsi' and
'userdata_gsi' fstab entries when running in Live GSI. As the API
might be used to load a fstab file without "/system" and/or "/data",
it's better to replace "/system" with 'system_gsi' and "/data" with
'userdata_gsi', instead of adding 'system_gsi' and 'userdata_gsi'
unconditionally.
Bug: 124640105
Test: boot a Live GSI, then `atest libfs_avb_device_test`
Change-Id: I52928f95b9ebd12ce09ffd538caf96a2de430dbc
Add a test that creates files in the appropriate vendor_overlay directory and
verifies that they are correctly overlaid (or not) onto /vendor after rebooting.
Test: locally running atest
Change-Id: I65860dbeb837f86ac030fa51b3af93844e82de96
Harden adb-remount-test.sh script. Add --no-color and --color
options. Allows --serial to be passed in. Add a recovery handler
that restores the device to verity enabled if possible. List the
partitions sizes as they may be relevant to triaging errors. Allow
for devices that have a mixed set of remounts, some direct, some
with overlayfs. Allow two scripts to run at the same time on a host
machine targetting different devices. Detect if wrong adb is used
for adb reboot-fastboot.
Add a build target for adb-remount-test.sh so that the script
is landed into the host tools bin for easy pickup.
Test: adb-remount-test.sh
Bug: 123079041
Change-Id: I6369a245a656419067ec4350a4dbdf78c9b0533e
Refactor fs_mgr_candidate_list into fs_mgr_overlayfs_candidate_list
that reports all the possible candidates. The caller is responsible
for filtering out any that have verity enabled.
Sundry improvements to the adb-remount-test.sh script to improve
stability and feedback.
Test: adb-remount-test.sh
Bug: 122602260
Change-Id: I2399f83d8ed77d8f3d2ad1405d0c187ccbace764
The client can include <fs_avb/fs_avb_util.h> to use the two new
functions to load vbmeta for a FstabEntry and extract the hash tree
descriptor from the loaded vbmeta, respectively.
// Given a FstabEntry, loads and verifies the vbmeta.
std::unique_ptr<VBMetaData> LoadAndVerifyVbmeta(...);
// Gets the hashtree descriptor with avb_partition_name from the vbmeta.
std::unique_ptr<FsAvbHashtreeDescriptor> GetHashtreeDescriptor(...);
Bug: 65470881
Test: atest libfs_avb_test
Test: atest libfs_avb_internal_test
Test: atest libfs_avb_device_test
Change-Id: I7d6619eb8140c14734ffb8f8a1b22cddd2f562f0
fs_mgr_update_verity_state() has two callers with generally different
intentions. One caller loops through all entries in the default fstab
to set partition.<mount_point>.verified properties. The other caller
is only interested in whether or a specific mount point has verity
enabled.
Given this, we refactor fs_mgr_update_verity_state() to
fs_mgr_get_verity_mount_point() which takes a single FstabEntry and
returns the mount point used for the dm-verity device or an empty
option if verity is not enabled on that mount point.
Test: adb-remount-test.sh test on blueline
Change-Id: Ic7dd8390509e95b2931b21e544c919a544138864
It is better to guarantee that a /system or / entry will be present in
first stage mount than it is to maintain the code to fake an entry if
its not present in the input fstab.
Test: adb-remount-test.sh on blueline
Change-Id: I8aa3e704903b8abf06b1c63be071913a9de58eb3
Rather than constructing a userdata fstab entry from scratch, this patch
will modify the vendor fstab to preserve the desired encryption
properties and filesystem type.
Bug: 123906417
Test: manual test
Change-Id: I338715fc62628169e8eafbf4a3125e4aadf0ff15
Confusion has occurred with respect to the kernel patch requirements,
added some clarity.
Corrected some spelling mistakes in other areas.
Test: inspect gitties and run spell
Bug: 118225373
Change-Id: I4ff9497aa5a584b20e9cb2028342aa4e7e4660c3
fs_mgr_overlayfs_setup return false second time around if all
are setup. It should report true if candidate list is all done.
Test: adb-remount-test.sh
Bug: 122602260
Change-Id: Ic9e16489e2c8ac4d3de91fcf8cfceedc23595e94
Expand the tests to deal with the boot environment for marlin.
Recognize that older overlayfs drivers do not report to /sys/module
and the parsing /proc/filesystem is another place to interrogate this.
Suppress adb push and pull noise during testing. Resolve APEX
failures. Add some cleanup to test script.
NB: Running test to completion is difficult because marlin's USB
driver is flakey enough through the multitude of reboots and
may not reconnect. The tester will have to notice when a reboot
is stalling and manually disconnect and reconnect the USB
connection to trigger discovery and to continue through the
test sequences. To make this easier, report when we are
waiting for the device to make it easier to babysit.
Test: system/core/fs_mgr/tests/adb-remount-test.sh
Bug: 120448575
Bug: 123079041
Change-Id: I5fc5f01b4e4788ac57541cb5235f7ac4e4284d71
If a flag is empty (eg: reading /proc/mounts), skip instead of
reporting "unknown flag: ". Do the same for "defaults".
Test: compile
Change-Id: Ibc3dc7154bbef4bb5dc6522d3226b6ca1e60ec24