Commit graph

78667 commits

Author SHA1 Message Date
Bart Van Assche
3afd63273a Merge "init: Document which class Service members are not modified" 2022-11-21 03:18:19 +00:00
Bart Van Assche
208f93042b Merge "init: Add a unit test for the "start console" action" 2022-11-21 03:18:06 +00:00
Tri Vo
e49eb79e07 Merge "trusty: IRPC supportedNumKeysInCsr support" 2022-11-18 19:03:28 +00:00
Bart Van Assche
987391656f init: Introduce RequiresConsole()
Prepare for adding more code in the parent process that depends on
whether or not a console is required.

Bug: 213617178
Change-Id: I066ede32fcd4ce09d06be23158f3c1970064a697
Signed-off-by: Bart Van Assche <bvanassche@google.com>
2022-11-18 09:49:43 -08:00
Bart Van Assche
c8f34254b8 init: Introduce symbolic names for certain constants
Make the code easier to read by introducing symbolic names for the
constants used by Service::Start() for communication between the parent
and child processes.

Bug: 213617178
Change-Id: I3e735e149682fa9df2ed57f75eb5a67d7c68bd92
Signed-off-by: Bart Van Assche <bvanassche@google.com>
2022-11-18 09:49:01 -08:00
Bart Van Assche
d394f74365 init: Reduce the number of system calls
Change setpgid(0, getpid()) into setpgid(0, 0). This patch removes one
system call but does not change the behavior of the code. From the
setpgid() man page: "If pgid is zero, then the PGID of the process
specified by pid is made the same as its process ID."

Bug: 213617178
Change-Id: I7031d9eb3711f526751da495c07a8927f9386d97
Signed-off-by: Bart Van Assche <bvanassche@google.com>
2022-11-18 09:45:33 -08:00
Bart Van Assche
41787239ec Revert "init: Rename 'cgroups_activated' into 'fifo'"
Revert commit 9c61dad67e in preparation of
introducing a second interprocess communication channel.

Bug: 213617178
Change-Id: I2959a3902a1b994cca2ac99855be1fc60d63bcbb
Signed-off-by: Bart Van Assche <bvanassche@google.com>
2022-11-18 09:42:14 -08:00
Bart Van Assche
bfcf4374ed init: Document which class Service members are not modified
It is nontrivial to derive from the implementation of class Service
which members are not modified. Hence this CL that documents this by
declaring these members 'const'.

Change-Id: I27b907a1c7044376d5c5393a29050c66cbdab7bf
Signed-off-by: Bart Van Assche <bvanassche@google.com>
2022-11-18 09:42:14 -08:00
Bart Van Assche
5d18891e60 init: Add a unit test for the "start console" action
Treehugger starts Cuttlefish with the console disabled. Add a test that
enables the console. The purpose of this test is to trigger the code paths
in Service::Start() that are unique to processes associated with a
console.

Bug: 213617178
Change-Id: I834632ce6ec5c237c9c2c3f5b1aa7bc98c3ef260
Signed-off-by: Bart Van Assche <bvanassche@google.com>
2022-11-18 09:42:05 -08:00
Yi-yo Chiang
a6844e4c62 Merge "remount: Check device mapper to see if verity is already disabled" 2022-11-18 03:11:57 +00:00
Tri Vo
ed1f13f62b trusty: IRPC supportedNumKeysInCsr support
Bug: 254137722
Test: atest VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: Ic76c27b8c65274f76adca6b83614eac73964ea20
2022-11-17 17:15:21 -08:00
Yi-Yo Chiang
f48d5778a1 remount: Check device mapper to see if verity is already disabled
No matter verity is enabled or disabled, androidboot.veritymode is
always "enforcing" on emulator kernel cmdline.

This is a violation of the AVB contract:
https://cs.android.com/android/platform/superproject/+/master:external/avb/README.md#handling-dm-verity-errors

Before emulator can fix this, workaround this by checking the device
mapper table to see if verity is disabled or not.
If no "<partition>-verity" device is present, than assume verity is
already disabled.

Also log mountpoints that are successfully remounted.

Bug: 241688845
Bug: 259207493
Test: adb-remount-test
Test: Run adb remount on emulator
Change-Id: Id5767b05cbfb48adf2a8c372dfdad4d15b98e091
2022-11-18 00:35:45 +08:00
Treehugger Robot
4cdb6cf415 Merge "Revert "init: Fix a race condition in KillProcessGroup()"" 2022-11-15 02:07:02 +00:00
Bart Van Assche
f26e59ebba Revert "init: Fix a race condition in KillProcessGroup()"
This reverts commit 15e5ecdcd7.

Reason for revert: breaks console support.
Bug: 213617178
Bug: 258754901
Change-Id: Iffe213e2cd295461a427621f2b84933f1bebd39f
2022-11-15 00:55:45 +00:00
Treehugger Robot
0d681e1f96 Merge "riscv64 doesn't require a 32-bit crash dump policy." 2022-11-14 21:37:42 +00:00
Elliott Hughes
2f883314b9 riscv64 doesn't require a 32-bit crash dump policy.
Test: `mm -j` in bionic
Change-Id: I6c2e91b540f544b1ca428692ebfb25697b0cb6e4
2022-11-14 20:06:16 +00:00
Yi-yo Chiang
4b507bcdf3 Merge changes Iba86a814,If5d702ab
* changes:
  remount: Remove all remaining opaque exit code (RemountStatus enum)
  remount: Don't assert ro.boot.vbmeta.* properties
2022-11-14 08:16:45 +00:00
Yi-yo Chiang
d1b270abb2 Merge "remount: Simplify disable verity logic" 2022-11-14 07:13:27 +00:00
Yi-yo Chiang
d40fd73e62 Merge "set-verity-state: Use ro.boot.veritymode to determine current verity state" 2022-11-14 07:00:48 +00:00
Jooyung Han
d9d3a5cb2b Merge "Revert "add apex-ready event after post-fs-data"" 2022-11-14 06:51:14 +00:00
Treehugger Robot
c14cda00a8 Merge "Remove a file we haven't built since 2013." 2022-11-11 23:28:50 +00:00
Elliott Hughes
8a9495aba6 Remove a file we haven't built since 2013.
It was only added in 2012, so it's been dead for 10 times longer than it
was ever built for at this point... YAGNI.

Test: treehugger
Change-Id: I6f31a3d1354f4d3304da463322cd1d9eff9e0597
2022-11-11 21:56:34 +00:00
Treehugger Robot
1dcc32555e Merge "Replace exit codes with EXIT_SUCCESS and EXIT_FAILURE." 2022-11-11 17:37:25 +00:00
Treehugger Robot
e231eed81c Merge "Fix clang error about incompatible assignment in simg2simg.cpp" 2022-11-11 17:33:25 +00:00
Victor Chang
f6a35e2c5f Merge "Revert "Add ::1 to localhost in etc/hosts"" 2022-11-11 15:36:13 +00:00
Victor Chang
1498382581 Revert "Add ::1 to localhost in etc/hosts"
Revert submission 2291455-localhost_v6

Reason for revert: b/258627476
Reverted Changes:
Icd11fab47:[Test] Update test to comply with etc/hosts change...
Ibcee52a14:Add ::1 to localhost in etc/hosts

Bug: 258627476
Change-Id: I42c8b0aebdbd8b73a90606c0a999f25d8d071cd1
2022-11-11 12:26:49 +00:00
rapperskull
c91d1a6b17 Replace exit codes with EXIT_SUCCESS and EXIT_FAILURE.
Change-Id: I6777420892629ea6705806ba624ffb200d395114
2022-11-10 21:24:40 +01:00
rapperskull
9cc8a29e33 Fix clang error about incompatible assignment in simg2simg.cpp
Change-Id: Ibb5c9431e51525c083e2981979e831d7f0b8ea1d
2022-11-10 20:42:10 +01:00
Seth Moore
7e17f702e4 Merge "Add dependency on split out RKP HAL" 2022-11-10 19:32:31 +00:00
Treehugger Robot
7f046419f8 Merge "init: Fix a race condition in KillProcessGroup()" 2022-11-10 18:58:04 +00:00
Sandeep Dhavale
7a866d5ac2 Merge "Fastbootd: Use Fastboot AIDL with the help of fastbootshim for legacy fastboot HAL" 2022-11-10 18:29:00 +00:00
Bart Van Assche
15e5ecdcd7 init: Fix a race condition in KillProcessGroup()
Multiple tests in CtsInitTestCases, e.g. RebootTest#StopServicesSIGKILL,
can trigger the following race condition:
* A service is started. This involves calling fork() and also to call
  RunService() in the child process. RunService() calls setpgid().
* Service::Stop() is called and calls KillProcessGroup().
  KillProcessGroup() calls kill(-pgid, SIGKILL) before the child process
  has called setpgid(). pgid is the process ID of the child process. The
  kill() call fails because setpgid() has not yet been called.

Fix this race condition by adding a setpgid() call in the parent process
and by waiting from the parent until the child has called setsid() if a
console is attached.

Bug: 213617178
Test: Cuttlefish + atest 'CtsInitTestCases'
Change-Id: I6931cd579e607c247b4f79a5b375455ca3d52e29
Signed-off-by: Bart Van Assche <bvanassche@google.com>
2022-11-10 09:08:21 -08:00
Ken Chen
f7a95c879e Merge "Add ::1 to localhost in etc/hosts" 2022-11-10 08:19:07 +00:00
Seth Moore
8fbbf06f0c Add dependency on split out RKP HAL
Bug: 254112961
Test: vts_treble_vintf_vendor_test
Merged-In: I9dcb9b94b0e22466cd42592f4921eec3e4fcb13d
Change-Id: I9dcb9b94b0e22466cd42592f4921eec3e4fcb13d
2022-11-09 10:54:51 -08:00
Inseob Kim
cb4c7d56e8 Merge "Don't unmount APEXes in microdroid" 2022-11-09 09:57:09 +00:00
Yi-Yo Chiang
dea063b65d remount: Remove all remaining opaque exit code (RemountStatus enum)
All errors are already logged and the exit code is not used anywhere by
anyone.
Functions should instead return (true/false) or
(EXIT_SUCCESS/EXIT_FAILURE) to indicate error state, and log error
reasons to logd and stderr.

Bug: 241688845
Test: adb-remount-test
Change-Id: Iba86a814a75f81ed0f6e43659d1aca72813824bc
2022-11-09 17:12:39 +08:00
Yi-Yo Chiang
99ec013d58 remount: Simplify disable verity logic
We are calling avb_user_verity_set() _for each_ fstab entry in order to
disable verity. This is an artifact from back when each partition has
its own verity flag (VB1.0). Since AVB, the verity flag in vbmeta
affects all dm-verity device, thus we only need to call
avb_user_verity_set() once.

Bug: 241688845
Test: adb-remount-test
Change-Id: Ie5b788e2d34f83152228db62f84d26a32e2b26e0
2022-11-09 17:12:39 +08:00
Yi-Yo Chiang
6be7351bab remount: Don't assert ro.boot.vbmeta.* properties
ro.boot.vbmeta.* properties could be missing if device is verification
disabled.
Instead use ro.boot.verifiedbootstate to check device locked state.
No need to check ro.boot.vbmeta.digest, as we no longer support VB1.0.
In other words, all device running this piece of code must be using AVB.

Bug: 241688845
Test: adb-remount-test
Change-Id: If5d702ab3a6f12deef8204dba698e6c62eaae46f
2022-11-09 17:12:39 +08:00
Yi-Yo Chiang
ab4dd01395 set-verity-state: Use ro.boot.veritymode to determine current verity state
On a device that don't use overlayfs remount (e.g. no EXT4 dup blocks;
this can be simulated by patching fs_mgr_wants_overlayfs()), if we run
disable-verity or enable-verity twice in a row then the second
invocation would not suggest a reboot:

  adb disable-verity
  > Successfully disabled verity
  > Reboot to take effect...
  adb disable-verity
  > Verity is already disabled
              ^^^ this is WRONG! verity is disabled only after a reboot

It behaves like this because it suggest a reboot only if the vbmeta
verity (HASHTREE) flag is changed.
Read the ro.boot.veritymode property instead to determine the current
dm-verity state and suggest a reboot by comparing current and future
verity state:
* If AVB verification is disabled, then ro.boot.veritymode is undefined
  (probably empty), don't suggest reboot in this case as it's pointless.
* Otherwise suggest a reboot if the new state (which would take effect
  after reboot) differs from the current verity state.
* Reference:
  https://android.googlesource.com/platform/external/avb/+/master/README.md#handling-dm_verity-errors

Bug: 241688845
Test: adb-remount-test
Test: Run "adb enable-verity" & "adb disable-verity" multiple times
Change-Id: If1df5bee6e5dcbda580b3dff6c32da93d08bbb46
2022-11-09 17:12:38 +08:00
Ken Chen
7e6f2a44db Add ::1 to localhost in etc/hosts
::1 is IPv6 loopback address.

Bug: 256507503
Test: $ adb shell /data/dnschk localhost
      # localhost (via nethandle 0):
      127.0.0.1
      ::1
Change-Id: Ibcee52a14143856db50fca301c48ea9e2591914b
2022-11-09 17:05:35 +08:00
Yi-yo Chiang
2a501a11dc Merge changes from topic "merge_set-verity-state_with_remount"
* changes:
  remount: Merge 'remount' and 'set-verity-state'
  remount: Use MyLogger class and sundry improvements
2022-11-09 09:02:38 +00:00
Jooyung Han
8fbd79e689 Revert "add apex-ready event after post-fs-data"
This reverts commit 1eb3394e9c.

Reason for revert: b/244406239, we've migrated to a sysprop(apex.all.ready) instead of an event.

Change-Id: Iae54df241257e3a3dcad4e54fdbf9dd14e9814de
2022-11-09 07:55:58 +00:00
Inseob Kim
0fbc1d7e31 Don't unmount APEXes in microdroid
In microdroid, APEXes are passed as block devices from host, and then
mounted directly, without using /data. Unmounting APEXes on reboot is
for clean unmount of /data, so it's not needed in microdroid.

This skips unmounting in microdroid to remove unnecessary SELinux
denials.

Bug: 256793087
Test: run microdroid and reboot, see no denials happen
Change-Id: Iaf737876f5ab5de5e8f76ed8bb0963cc25d73a80
2022-11-09 12:50:14 +09:00
Sandeep Dhavale
2534d485d8 Fastbootd: Use Fastboot AIDL with the help of fastbootshim for legacy fastboot HAL
Bug: 205760652
Test: build & flash & reboot fastboot
Change-Id: I79617a396f536258655bdc28006ac2d0a7ab1912
Signed-off-by: Sandeep Dhavale <dhavale@google.com>
2022-11-09 00:38:34 +00:00
Kelvin Zhang
3c163eca84 Merge "Store lz4 blocks as uncompressed if compression makes data larger" 2022-11-08 20:54:33 +00:00
Kelvin Zhang
b3c89fa6a0 Merge "Fsync on directory after rename() call" 2022-11-08 20:53:59 +00:00
Kelvin Zhang
0b8c4ebfa8 Store lz4 blocks as uncompressed if compression makes data larger
This will change cow size estimation. But since we haven't put lz4 on
SAC website yet, we can still change it.

Bug: 228478555
Test: th
Change-Id: Ifba7107954622ea04cbd25115700dfba50cec9c6
2022-11-08 10:17:26 -08:00
Kelvin Zhang
149fa74db5 Fsync on directory after rename() call
rename() isn't necessarily atomic, call fsync() on the directory to
ensure that changes in fs structure hit the disk.

Test: th
Bug: 254211456
Change-Id: I2de842f03766a1108e0f54581738fb964989658a
2022-11-08 10:02:12 -08:00
Kelvin Zhang
b190f3cbe1 Merge "Check for COW space before writing to COW" 2022-11-07 23:52:22 +00:00
Bart Van Assche
7b96179404 Merge "init: Rename 'cgroups_activated' into 'fifo'" 2022-11-07 17:53:27 +00:00