Commit graph

69710 commits

Author SHA1 Message Date
Shawn Willden
b440e0c077 Configure Trusty KeyMint devices to use attest_keys.
Change-Id: If86133e7648b601a4a61ea5614e6971a2bb8d264
Bug: 197096139
Test: Manual
2021-11-22 16:52:30 +00:00
Armelle Laine
a3359bb3c9 Merge "storageproxyd: Retry RPMB request on UNIT ATTENTION" 2021-10-04 17:32:51 +00:00
Treehugger Robot
939353e1e3 Merge "init: introduce ro.kernel.version property" 2021-10-01 18:14:34 +00:00
Treehugger Robot
5294c3da33 Merge "init.rc: disable creation of bootreceiver tracing instance for kernels >=4.9 and <= 5.4" 2021-10-01 18:14:34 +00:00
Alexander Potapenko
1e966fa9f1 init: introduce ro.kernel.version property
This property will hold the major.minor part of the kernel version (e.g. "5.4"), allowing init scripts to act depending on that version, enabling and disabling certain features.

Bug: 194156700
Change-Id: Icec640b8a7150b344d9aa3bc0bdbcdae050c7c45
Test: manual on a Pixel device
Signed-off-by: Alexander Potapenko <glider@google.com>
2021-10-01 16:06:02 +00:00
Mohammad Islam
570451bbfe Merge "libbinder: split out PackageManagerNative aidl" 2021-10-01 12:52:23 +00:00
Treehugger Robot
0a671e24f5 Merge "Define ro.vendor.api_level" 2021-10-01 02:46:09 +00:00
Akilesh Kailash
ba097d2cd2 Merge "Revert "snapuserd: Handle real time signal 36"" 2021-09-30 16:52:10 +00:00
Akilesh Kailash
fec60563c4 Revert "snapuserd: Handle real time signal 36"
This reverts commit 8d3b31fe68.

Reason for revert: With https://r.android.com/1840754, bionic will handle the real time signal for statically linked binaries.

Change-Id: I81f0892f1734c7ecfb604820a8894506df8618b3
2021-09-30 07:24:11 +00:00
Treehugger Robot
19dc4d413f Merge "Add OWNERS for VTS module vts_libdm_test" 2021-09-30 03:46:00 +00:00
Treehugger Robot
9f2c62481f Merge changes Ie5e47d84,I3c5c9917,Ife48b163
* changes:
  Don't create vendor_init in microdroid
  Only run RebootTest under root
  Add reboot_test
2021-09-29 23:16:37 +00:00
Yiming Pan
47af156ee0 Add OWNERS for VTS module vts_libdm_test
Each VTS module is required to have OWNERS file. The ownership is based on
go/vts-owners. For more information about ownership policy, please visit
go/xts-owners-policy.

Test: Tree Hugger
Bug: 143903671
Change-Id: Id2911fd62841bf5622607f9deeb50c7cf1413b1b
2021-09-29 14:46:24 -07:00
Akilesh Kailash
7ec205920c Merge "snapuserd: Handle real time signal 36" 2021-09-29 21:04:41 +00:00
Yifan Hong
d6fc145473 Merge "libsnapshot_fuzzer: allow ENXIO." 2021-09-29 20:58:10 +00:00
Treehugger Robot
3ad79c8ff7 Merge "Add VerifyMergeOps to ISnapshotWriter" 2021-09-29 20:06:40 +00:00
Max Bires
9eb326c9c0 Merge "Make RemoteProvisioner required for KeyMint cc_bin" 2021-09-29 19:26:40 +00:00
Akilesh Kailash
8d3b31fe68 snapuserd: Handle real time signal 36
Add a signal handler for real time signal 36 which
is primarily used by profilers. Default action is to
terminate the daemon if there is no signal handler. We
don't want daemon to get terminated, hence just capture
the signal and ignore it.

Bug: 201497662
Test: cow_snapuserd_test, pkill -36 snapuserd
Signed-off-by: Akilesh Kailash <akailash@google.com>
Change-Id: Ife5a8bdb7344956076bc4223c19a126b90a00706
2021-09-29 17:35:49 +00:00
Stephen Crane
a9085181af storageproxyd: Retry RPMB request on UNIT ATTENTION
Attempts a retry of the intial write or read when an RPMB command
triggers a UNIT ATTENTION condition. This causes the UA status to be
reset and hopefully result in a successful command. This runs the risk
of retrying a successful write, but we wouldn't have been able to get
the RPMB response after that write anyway due to the UA condition.

Test: m storageproxyd
Bug: 200037389
Change-Id: Ib970e779365bb396756c114684c7f6e56a737ab1
2021-09-29 10:28:43 -07:00
Kelvin Zhang
8c77196a74 Add VerifyMergeOps to ISnapshotWriter
It turns out update_engine never gets a ICowReader instance... it only
gets a generic FileDescriptor. So bring this function all the way up to
ISnapshotWriter interface.

Test: th
Change-Id: I7d17b9537f97282c99203b5cc13892e5daa1be4c
2021-09-29 10:04:11 -07:00
Alexander Potapenko
53cd1e95e7 init.rc: disable creation of bootreceiver tracing instance for kernels >=4.9 and <= 5.4
The tracing instance takes extra RAM and is not needed on devices running older kernels.
Bug: 194156700
Test: manual on a Pixel device

Change-Id: I794062741688ebea0e4bc500723a966f8f646ee1
Signed-off-by: Alexander Potapenko <glider@google.com>
2021-09-29 15:01:55 +00:00
Jiyong Park
3b3d87de79 Don't create vendor_init in microdroid
vendor_init is a subcontext of init which is responsible for handling
the vendor-defined services and vendor-defined actions. This is mainly
to enforce the Treble architecture in which the vendor components are
provided with a less-privileged context than the system components
because they are less-trusted.

However, in case of microdroid, both the system and the vendor
partitions are from the same entity. As VMs don't have direct access to
any of the underlying hardware, the vendor partition is targeting the
virtual platform, not the real hw platform. There really is no need for
the discrimination.

This CL disables the creation of the vendor_init subcontext when init
runs in microdroid.

Bug: 201363575
Test: atest MicrodroidHostTestCases
Change-Id: Ie5e47d84e9e245565239b4f2159e8182b457699d
2021-09-29 21:35:08 +09:00
Nikita Ioffe
0a0e4793e3 Only run RebootTest under root
This test requires running test services, which causes test to crash
(and still incorrectly be reported as passing) when running on
non-rooted device.

Ignore-AOSP-First: reboot_test is not in AOSP yet
Bug: 190958734
Test: atest CtsInitTestCases
Merged-In: I3c5c9917d0a787d66272ccf4aefc57e6573841bc
Change-Id: I3c5c9917d0a787d66272ccf4aefc57e6573841bc
2021-09-29 21:34:59 +09:00
Nikita Ioffe
86b4324a0a Add reboot_test
This test spawns several services backed by /system/bin/yes executable,
and then stops them either while SIGTERM or SIGKILL.

Ideally we want to unit test more of reboot logic, but that requires a
bigger refactoring.

Test: atest CtsInitTestCases
Bug: 170315126
Bug: 174335499
Merged-In: Ife48b1636c6ca2d0aac73f4eb6f4737343a88e7a
Change-Id: Ife48b1636c6ca2d0aac73f4eb6f4737343a88e7a
2021-09-29 20:09:18 +09:00
Justin Yun
dfbdd93336 Define ro.vendor.api_level
ro.vendor.api_level will have the api_level that the vendor images
are required to implement based on the various api level properties.
ro.board.api_level and ro.board.first_api_level explicitly states
the api level of the vendor images for grf.
If these properties are not provided, it reads the device's launching
api level.
The rest of the properties may show the implemented api level of the
vendor images.

Bug: 200258600
Test: getprop ro.vendor.api_level
Change-Id: Id4131b53d6db00d5bbef3b048384d33c1736d681
2021-09-29 15:37:27 +09:00
Christopher Ferris
bc6317592a Merge "Add CHECK to verify assumptions in the code." 2021-09-29 03:58:07 +00:00
Yi-Yo Chiang
15ae358c71 Merge "init_first_stage: Remove unused srcs & static libs" 2021-09-29 03:56:11 +00:00
Yifan Hong
10e5e5979a libsnapshot_fuzzer: allow ENXIO.
This is an accepted error code.

Fixes: 170395454
Test: run fuzzer

Change-Id: I93862c44f434878a6e1a1ed15a94c92d4a60611b
2021-09-28 19:32:55 -07:00
Treehugger Robot
2d7301d235 Merge "Replace test_min_api_level with test_options.min_shipping_api_level" 2021-09-29 00:02:04 +00:00
Christopher Ferris
2b98c82f05 Add CHECK to verify assumptions in the code.
On the main thread, the siginfo pointer will never be nullptr.
Add a CHECK to make sure this is true.

Test: Unit tests pass both 32 bit and 64 bit.
Test: Ran with debug.debuggerd.translate_proto_to_text set to 0
Test: to exercise old path.
Change-Id: I9d5ed0de5d652de8a4f9cd85eb57cbb1ec676404
2021-09-28 16:15:51 -07:00
Treehugger Robot
bd69a74677 Merge "Add VerifyMergeOps() to CowReader interface" 2021-09-28 20:45:54 +00:00
Yi-Yo Chiang
bc35e823e9 init_first_stage: Remove unused srcs & static libs
Test: Build pass
Change-Id: Id79ad1cf1e66c34c9ef24776c417f40286941bc7
2021-09-28 20:22:45 +08:00
Justin Yun
43678b17a5 Replace test_min_api_level with test_options.min_shipping_api_level
Test options for the api levels are moved to test_options.
test_min_api_level property will be removed with this change.

Bug: 187258404
Test: build
Change-Id: Id943566de2ac693b5955bd84a8463e5013a8bb0f
2021-09-28 20:35:09 +09:00
Kelvin Zhang
f2e1f20fd7 Add VerifyMergeOps() to CowReader interface
update_engine only sees ICowReader, so in order for update_engine to
consume this API, it has to be in the base interface class.

Test: th
Change-Id: I9100b6aa1db6eb6a884752620098172bdd51f200
2021-09-27 18:26:23 -07:00
Christopher Ferris
be17619ccc Merge "Disable scudo when using svelte config." 2021-09-25 01:36:48 +00:00
Treehugger Robot
5125c62cf8 Merge "libsnapshot: Add function to verify merge sequence" 2021-09-25 00:50:49 +00:00
Daniel Rosenberg
1e3fa94657 libsnapshot: Add function to verify merge sequence
This adds a function that verifies that the merge sequence does not
attempt to use blocks that have already been overwritten. It prints the
first such conflict to the logs.

Additionally, this adds a forwards merge iterator, and the ability to
ignore current progress in a merge for the purposes of verifying the
whole sequence.

This can be accessed via the VerifyMergeOps Function in Cow Reader, or
by using inspect_cow -v [COWFILE]

Include merged ops in inspect_cow listing with -a, and view ops in merge
order with -n

Bug: 200076590
Test: cow_api_test.InvalidMergeOrderTets
Change-Id: I893b9f8a8803cb6dd53225ec34224167b9fe2fda
2021-09-24 16:03:17 -07:00
Marco Nelissen
d394f74700 Merge "tipc_test: allow connecting to arbitrary services" 2021-09-24 21:42:06 +00:00
Marco Nelissen
0aae5be54f tipc_test: allow connecting to arbitrary services
Add an option to specify a service name. Currently only the "connect"
test supports this, and will try to connect to the named service
instead of the echo and datasink services.
Also fix the built-in help text, as it was missing the "burst" option,
and didn't mention that the "connect" test connects to both the echo
and datasink services.

Bug: 200034376
Test: run

Change-Id: I3903f94c16320f8e07ac4bfb69e3bb45329138c0
2021-09-24 20:14:24 +00:00
Tri Vo
6aaac7cad9 Merge "storageproxyd: Fix inverted conditional in error checking" 2021-09-24 19:05:05 +00:00
Christopher Ferris
7aad2567ee Disable scudo when using svelte config.
This code was added, but a svelte config still tries to use scudo
related code that doesn't exist.

Bug: 201007100

Test: Ran unit tests on normal config.
Test: Ran unit tests on svelte config.
Change-Id: Ic84bae37717d213121aef182bac2f82dbee25213
2021-09-24 11:55:36 -07:00
Stephen Crane
bdb2eba4a4 storageproxyd: Fix inverted conditional in error checking
check_scci_sense (now renamed unexpected_scsi_sense) was supposed to
return false iff the sense data was valid and did not contain an error.
This return value was inverted. Invert the return values and rename the
function to clarify its role.

Test: m storageproxyd
Bug: 195544379
Change-Id: I3b84188aabe58345a83d2fd57bb8103e730cf365
2021-09-24 10:20:58 -07:00
Yi-Yo Chiang
711b56e2a0 Merge "Reland: Add /system_ext/etc/selinux/ to the debug policy search path for GSI" 2021-09-24 03:10:34 +00:00
David Anderson
5cd741583f Merge "libdm, libsnapshot: Add a virtual interface for DeviceMapper." 2021-09-23 22:25:46 +00:00
Elliott Hughes
c00bfdcc9a Merge "libdebuggerd: fix process uptime." 2021-09-23 15:16:10 +00:00
Yi-Yo Chiang
bb77c544e5 Reland: Add /system_ext/etc/selinux/ to the debug policy search path for GSI
This change only *adds* /system_ext/etc/selinux to the debug policy
search path, and does not change any preconditions to load the debug
policy. The device still needs to be bootloader-unlocked and has the
debug ramdisk flashed to be able to use the debug policy. The only thing
changed is that now the debug policy can be loaded from /system_ext or
/debug_ramdisk when system partition is compliance testing GSI.

The debug policy in the boot ramdisk may be outdated if the system
partition is flashed with a image built from a different revision.
This happens frequently when running the compliance testing VTS, where
the device is flashed with (A) GSI and (B) device vendor image & debug
boot image, and (A) and (B) are built from different git revisions.

To address this, we install a copy of the debug policy under
/system_ext, so that the version desync between (A) & (B) wouldn't be a
problem anymore because (A) no longer relies on the debug policy file
from (B).

Bug: 188067818
Test: Flash RQ2A.201207.001 bramble-user with debug ramdisk & flash
  gsi_arm64-user from master, device can boot and `adb root` works
Change-Id: Ibe17eb1ecb0e813309c9596d1f152b7455686b26
2021-09-23 14:26:27 +00:00
Santiago Seifert
2b324f5642 Merge "Revert "Add /system_ext/etc/selinux/ to the debug policy search ..."" 2021-09-23 13:25:55 +00:00
Santiago Seifert
be09a1e643 Revert "Add /system_ext/etc/selinux/ to the debug policy search ..."
Revert "Add a copy of debug policy to GSI system image"

Revert "Add PRODUCT_INSTALL_DEBUG_POLICY_TO_SYSTEM_EXT"

Revert "Add system_ext_userdebug_plat_sepolicy.cil for GSI"

Revert submission 1824717-gsi_debug_policy

Reason for revert: Breaks the build (see b/200933187).
Reverted Changes:
I37ef02628:Add a copy of debug policy to GSI system image
I9c3dad8bb:Add PRODUCT_INSTALL_DEBUG_POLICY_TO_SYSTEM_EXT
I43adc6ada:Add system_ext_userdebug_plat_sepolicy.cil for GSI...
I4d6235c73:Add /system_ext/etc/selinux/ to the debug policy s...

Change-Id: I2eb3b00abb981c25514b75b2e7b4b7b203653390
2021-09-23 13:07:25 +00:00
Yi-Yo Chiang
d7f8cf483b Merge "Add /system_ext/etc/selinux/ to the debug policy search path for GSI" 2021-09-23 10:07:10 +00:00
Marco Nelissen
e0e160c54b Merge "trusty_apploader: log to stderr" 2021-09-22 17:01:30 +00:00
Elliott Hughes
32d3cdda22 libdebuggerd: fix process uptime.
I was here because we have a case where timeout(1) kills logcat, but
debuggerd alleges that the process that was killed had started less than
a second ago. I'm not sure this is the problem there, but I did notice
that far too many tombstones were claiming improbably short process
uptimes. It turns out that the code was measuring the *thread* uptime,
not the *process* uptime.

Also simplify the code a bit by switching to sysinfo(2) rather than
reading a file.

Test: manual, plus the existing unit test
Change-Id: Ie2810b1d5777ad9182be92bfb3f60795dc978b24
2021-09-21 17:30:30 -07:00