Previously we have CHECK in WriteInternal function to observe short
writing. However it turns out short write can happen according to the
bug report.
To prevent app from crashing due to CHECK failure, the CL removes the
CHECK and let WriteInternal return a failure value.
Bug: 37561460
Test: libappfuse_tests, manually re-wrote the return value of write()
and checked logcat.
Change-Id: I6a1e233c3ddb8eb68f59e7c606ad0459b5ca2c6e
Current first stage mount for AVB requires specifying a common prefix of
by-name symlink for all AVB partitions. It limits all AVB partitions to be on
the same block device.
firmware {
android {
compatible = "android,firmware";
vbmeta {
compatible = "android,vbmeta";
parts = "vbmeta,boot,system,vendor";
by_name_prefix="/dev/block/platform/soc.0/f9824900.sdhci/by-name" <-- *removing this*
};
fstab {
compatible = "android,fstab";
vendor {
compatible = "android,vendor";
dev = "/dev/block/platform/soc.0/f9824900.sdhci/by-name/vendor";
type = "ext4";
mnt_flags = "ro,barrier=1,inode_readahead_blks=8";
fsmgr_flags = "wait,avb";
};
};
};
};
For normal mount with AVB, it extracts the by-name prefix of /misc
partition and use it as the prefix for all other partitions:
- /dev/block/platform/soc.0/f9824900.sdhci/by-name/misc ->
- /dev/block/platform/soc.0/f9824900.sdhci/by-name/vendor_a
Fix this by adding an internal map in FsManagerAvbOps to record the mapping
from partition name to its by-name symlink:
ByNameSymlinkMap["vendor_a"] = "/dev/block/platform/soc.0/f9824900.sdhci/by-name/vendor_a"
Two overloaded factory methods are then provided for FsManagerAvbUniquePtr:
- FsManagerAvbUniquePtr Open(ByNameSymlinkMap&& by_name_symlink_map):
for first stage mount, where the by-name symlink map will be
constructed externally, from the uevents processed by init, before
invoking this factory method.
- FsManagerAvbUniquePtr Open(const fstab& fstab): for normal mount,
where the by-name symlink map will be constructed from the input fstab
internally.
Bug: 37552224
Test: first stage mount /vendor with vboot 1.0
Test: first stage mount /vendor with vboot 2.0 (AVB)
Test: normal mount /vendor with vboot 2.0 (AVB)
Change-Id: Id17e8566da87ea22b8923fcd6e47db8d45bc7d6a
Merged-In: Id17e8566da87ea22b8923fcd6e47db8d45bc7d6a
(cherry picked from commit 20651f62d0)
This is required for init to get by-name symlinks in the first stage
mount with AVB.
Bug: 37552224
Test: first stage mount /vendor with vboot 2.0 (AVB)
Change-Id: Ib067753f651ecea4d4d26215da9294f1c607d95e
Merged-In: Ia0f290542eb1cffce5ae876dfedb453dde960253
libvndksupport.so is a new member of ll-ndk.
Bug: 37323945
Test: sailfish builds and boots
Merged-In: Ic5db48292a30a6face7f263d939f27a0760240b1
Change-Id: Ic5db48292a30a6face7f263d939f27a0760240b1
(cherry picked from commit 7000859b7c)
libbacktrace and its dependents are now VNDK-SP. Since they are in
/vendor/lib/vndk-sp directory, they are accessible directly from the
vndk namespace. Therefore, libbacktrace is removed from the exported
shared libs list of the default namespace.
Bug: 37413104
Test: sailfish builds and boots
Merged-In: I137c17d55940b783eab6d0125bc4d26b96bcc2f2
Change-Id: I137c17d55940b783eab6d0125bc4d26b96bcc2f2
(cherry picked from commit b2a4b8cd18)
libvndksupport is a new LL-NDK library that provides vendor-visible APIs
for platform-only functionalities of other LL-NDK libraries. Currently,
it provides android_(load|unload)_sphal_library which abstracts the
platform-only APIs of libdl (android_get_exported_namespace, etc.)
Bug: 37323945
Test: sailfish builds and boots
Test: libvndksupport-tests passes
Merged-In: I6d2911b57e009d0c842554933aac87d6573ffcbf
Change-Id: I6d2911b57e009d0c842554933aac87d6573ffcbf
(cherry picked from commit 7130e13262)
bionic's cached values for getpid/gettid can be invalid if the crashing
process manually invoked clone to create a thread or process, which
will lead the crash_dump refusing to do anything, because it sees the
actual values.
Use the getpid/gettid syscalls directly to ensure correct values on
this end.
Bug: http://b/37769298
Test: debuggerd_test
Change-Id: I0b1e652beb1a66e564a48b88ed7fa971d61c6ff9
(cherry picked from commit 2e7b8e2d1a)
This reverts commit 6ed19d1675.
Allow devices to decide for themselves whether to allow
module loading after boot.
Bug: 38204366
Test: boot sailfish, load a kernel module
Change-Id: Ib9e77381de9003fb5160463664015a95316ddfc5
The linker no longer enables greylist by default, it
needs to be explicitly enabled by specifying corresponding
flag.
Bug: https://issuetracker.google.com/38146125
Test: builds
Change-Id: Ib593f2d9a35dbadffb436f5fbc9a2a7a8f64ada0
Current AVB flow in fs_mgr doesn't allow verification error even if the
device is unlocked. This makes first stage mount fail when the device
is flashed with a different-sized boot.img because there is verification
error (HASH_MISMATCH) for the boot partition.
Fix this by allowing verification error only when the device is
unlocked. Whether to enable dm-verity for HASHTREE partitions is still
controlled by the HASHTREE_DISABLED flag in the top-level vbmeta.
Bug: 37985430
Test: First stage mount /vendor with AVB on a device.
Check dm-verity is enabled on /vendor.
Test: Unlock device, flash a different-sized boot.img. Boot device and check
dm-verity is still enabled on /vendor.
Test: First stage mount /vendor with AVB on a device with HASHTREE_DISABLED
is set on the top-level vbmeta, check dm-verity is not enable on /vendor.
Change-Id: I709431bc1c37e4f86133d171cee8e90621cdb857
Merged-In: I709431bc1c37e4f86133d171cee8e90621cdb857
(cherry picked from commit 1140954877)
- It was using blk dev name from fstab and quota / super block check was always
failing for FDE
bug: 37913441
Test: reboot and confirm quota
(cherry picked from commit 9519688411)
Change-Id: Id5613387924d3a8d9ed4486113654aed89184af9
`buffer` may not be correctly aligned here. Assignment assumes correct
alignment and so then blows up on arm32.
Bug: b/37920153
Test: build, boot device
Change-Id: I23ef7c7f1d1511fd912b9485bba955db59e33832
(cherry pick from commit 4599627492)
Invent keyutils.h to supply capability to set session keyring.
The keyring will hold things like the FBE encryption keys.
Test: gTest logd-unit-tests --gtest_filter=logd.statistics (from master)
Bug: 37751120
Bug: 36645158
Change-Id: Ieb44fa8f53dda6cf506a6243498c72d7f7f3cde7
It has been reported that fs_mgr failed to open /dev/device-mapper
during the first stage mount. It's because other uevent (e.g., i2c
charger device) happens to be sent at the same time we're triggering
the device-mapper uevent to be sent. Current implementation returns
COLDBOOT_STOP unconditionally so it will only process the first received
uevent, leaving device-mapper uevent unhandled when the race happens.
Fix this by only returning COLDBOOT_STOP when the received uevent->path
matches that of device mapper.
Bug: 37745254
Test: first stage mount /vendor with vboot 2.0 (avb) on bullhead
Test: first stage mount /vendor with vboot 1.0 on sailfish
Change-Id: I4a77093ec8f90a5ca981a088f34d082d0270533b
Merged-In: I4a77093ec8f90a5ca981a088f34d082d0270533b
(cherry picked from commit ea5fca4cd0)
"libcutils: fs_config.c mark vendor, odm and oem partitions in duplicate"
Revert just the wifi hardware part.
This partially wqreverts commit fde19425f3.
b/37921982
Test: netflix, play movies, youtube
Change-Id: I1a47b66dbc2a74270eb4ef75c3a5b55624c2013d
The previous fix was taking account just the progress reported by dumpstate,
not progress/percentage. As such, it was not detecting the cases where the
percentage decreased but the progress didn't.
Bug: 37878670
Test: m -j32 adb_test && ./out/host/linux-x86/nativetest64/adb_test/adb_test --gtest_filter=BugreportTest.*
Change-Id: I5830028f3191a9b17f63aeed5c049b29fa7d1179
(cherry picked from commit 4cc03611cd)
In a A/B device, system partition is mounted by kernel as root.
In vboot 1.0, the dm device name of system partition is "system" with
the following configuration in kernel command line:
- dm="system none ro,0 1 android-verity /dev/sda34"
In AVB, the dm device name is switched to vroot as:
- dm="1 vroot none ro 1,0 5201456 verity 1 ..."
When sending ioctl DM_TABLE_STATUS to query status, we should use "vroot" as the
dm device name for AVB. But still pass "system" for the callback function to set
property [partition.system.verified] instead of [partition.vroot.verified].
Bug: 36900078
Test: Use AVB to mount system in a A/B device, checks the property exists
[partition.system.verified]
Test: Use vboot 1.0 to mount system in a A/B device, checks the property exists
[partition.system.verified]
Test: Checks 'adb remount' will output warning message:
- dm_verity is enabled on the system and vendor partitions.
- Use "adb disable-verity" to disable verity.
Change-Id: Iaee7eb2b00b03729bc07fa24f1b449488716d2ea
Merged-In: Iaee7eb2b00b03729bc07fa24f1b449488716d2ea
(cherry picked from commit 48fdc292f9)
In N we moved some code from C to C++ without realizing that EVP_EncodedLength
includes space for a terminating NUL and EVP_EncodeBlock writes one. Because
our key reading code copes with the NUL, we never noticed.
Distinguish between the required space returned by EVP_EncodedLength and the
actual number of bytes (not including NUL) used return by EVP_EncodeBlock.
Bug: http://b/36187819
Test: hexdump of ~/.android/adbkey.pub
(cherry picked from commit 0b771b33fd)
Change-Id: I6e16b8d48d097b4054417c1d1a225bf7ece985b9
(cherry picked from commit f0b53d0726)
(added "system/vendor/bin/hostapd" to list)
Cover both direct and symlink indirect paths to the referenced
files in the vendor, odm and oem partitions.
Test: compile and hand-verify properties
Bug: 37703469
Change-Id: I5b3a887e904baee2ac193ac4a73aaaee0bbfdb9f
Add unit test to ensure all POD types of Service are initialized.
Bug: 37855222
Test: Ensure bugreport is triggered via keychord properly.
Test: New unit tests
Merged-In: If2cfea15a74ab417a7b909a60c264cb8eb990de7
Change-Id: If2cfea15a74ab417a7b909a60c264cb8eb990de7
(cherry picked from commit 7da548578c)
The enum is being introduced into libnativewindow, but back ported here
since window-deprecated.h is still being depended by other system
componenets.
Bug: 35726763
Test: videoplayer-nodrm-protected.apk and videoplayer-drm-protected.apk
both works.
Change-Id: I9298ff9b1ddd7f868e59db41e1a84e2cdd3d02b5
* changes:
init: fix first stage mount failure when two fstab entries have verity_loc
init: set ro.boot.avb_version in recovery mode
init: moving early mount logic into init_first_stage.cpp
See build/soong/README.md for more information.
Test: m -j checkbuild
Bug: 37567578
cherry picked from cafe889aa8
Merged-In: Ia11dffde6fc4d89be6ee651be06b48131c877dc0
Change-Id: Ia11dffde6fc4d89be6ee651be06b48131c877dc0
- allows easier tracking of wait time from monitoring tools
- this change also reduces unnecessary log spam
- service exit log looks like this:
init: Service 'exec 4 (/system/bin/otapreopt_slot)' (pid 611) exited with status 0 waiting took 0.060771 seconds
bug: 37752410
Test: reboot and check log
(cherry picked from commit 4de31e1481)
Change-Id: Icb83a6a23b45ebd9b4c9d86ee37df8ee3d6e790a
When /proc/sys/net/core/wmem_max is smaller than kMaxMessageSize, we
need to override the limitation.
Bug: 37561460
Test: libappfuse_tests
Change-Id: Ibaac8db61290d661459fdc46f0ae8416f7db1d9e
Applications can set abort messages via android_set_abort_message
without actually aborting. This leads to following non-fatal dumps
printing their output to logcat in the same format as a regular crash.
Bug: http://b/37754992
Test: debuggerd_test
Change-Id: I9c5e942984dfda36448860202b0ff1c2950bdd07
(cherry picked from commit e06f2a4886)
This got moved when refactoring the reboot commands.
Bug: 37540660
Test: verify bullhead's last_reboot_reason is correct
Change-Id: I3b86496fc469ca41645df7e7ba8bb51dd25b6b38
(cherry picked from commit 47336cebc3)
