Remove kOverlayMountPoints; add OverlayMountPoints().
Fix a regression where if host system didn't install a scratch_gsi
partition and physical /cache partition is mounted, then DSU guest
system could use /cache as its overlayfs backing storage. This is
generally unwanted as the /cache partition could be shared between host
and guest.
Dynamically return the list of overlayfs backing storage candidates, so
we don't accidentally fall back to use /cache storage within a DSU
system.
Bug: 165925766
Bug: 179980369
Test: 1. Prepare a DUT that have a physical cache partition, such as
cuttlefish.
2. Install a DSU system, and unsure that scratch_gsi is not installed.
3. Reboot into DSU, verify that adb remount fails and overlayfs
scratch is not created under /cache.
Change-Id: I1815ac5367c0aac8614aeaabebe0e2cb91cbe161
F2FS starts to give a hint, FIEMAP_EXTENT_MERGED, in fiemap, so please allow it.
Bug: 180137825
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Change-Id: Ic4e3f573e385d248627da1a2ad64fbbd4a74e679
Once the daemon is terminated, print merge completion
ops and the total ops present in the COW file. This
will help to know if the merge operation was interrupted
and how many pending operations were done during
each reboot until merge is completed
Bug: 167409187
Test: Incremental and full OTA
Signed-off-by: Akilesh Kailash <akailash@google.com>
Change-Id: Ie33c840e80aaeca86f51adc8085cb4e306dca110
Allow batch merge of copy operations during merge.
When metadata is read from COW device, assign
the chunk-id by validating there is no overlap
of copy operations. Furthermore, detect the blocks
which are contiguous and batch merge them.
No regression in merge time for full OTA (~35-40 seconds)
Merge time for incremental OTA of ~200M takes about 2 minutes
as compared to 15-20+ minutes without this change.
Add unit test to test ReadMetadata() functionality.
Multiple incremental OTA and full OTA test done on pixel.
adb reboot during merge and validate the merge resume operations.
Bug: 179629624
Test: incremental OTA and full OTA on pixel,
cow_snapuserd_test
Signed-off-by: Akilesh Kailash <akailash@google.com>
Change-Id: I4cd84e4923e42afacc796b8cec01738b1bb1f420
When there is a transition of daemon from selinux stage, we observe
intermittent hangs during OTA. This is a workaround wherein
we don't do the transition and allow the daemon to continue which
was spawned during selinux stage.
Bug: 179331261
Test: Incremental OTA, full OTA on pixel
Signed-off-by: Akilesh Kailash <akailash@google.com>
Change-Id: I622a0ed8afcd404bac4919b1de00728de2c12eaf
As we are just using it to generate gibberish, we might as well just
hardcode the gibberish in the script.
Also fix unhandled `grep` failure.
Bug: 179752308
Test: Forrest
Change-Id: I534c7cacdb12a104f26d380fe3a571332091490e
We should check FLAGS_VERIFICATION_DISABLED is set or not
after verifying the vbmeta digest against `androidboot.vbmeta.digest`
from bootloader. This is to ensure the /vbmeta content is not
changed since the bootloader has verified it.
We still allow vbmeta digest verification error if the device is
unlocked. Note that this change will introduce a limitation that
the device will not boot if:
1. The image is signed with FLAGS_VERIFICATION_DISABLED is set
2. The device state is locked
However, it should not be a concern as we shouldn't boot a locked
device without verification.
Bug: 179452884
Test: build image with BOARD_AVB_MAKE_VBMETA_IMAGE_ARGS += --flag 2,
boot the device, then `adb shell touch /metadata/gsi/dsu/avb_enforce`.
Reboot the device, checks the device does not boot because
`androidboot.vbmeta.digest` is empty but AVB is enforced.
Change-Id: Id15a25403d16b36d528dc3b8998910807e801ad2
SnapshotManager::New() is now preferred in recovery. Previously we used
NewForFirstStageMount(), which is technically incorrect as that enables
code paths specifically for first-stage init.
We also explicitly label the snapuserd context, since rootfs in recovery
has unlabelled files.
Finally, we add a timeout to internal calls to
CreateSnapshotsAndLogicalPartitions. Without this, WaitForDevice() calls
will terminate immediately, which breaks VABC given the more complex
device stacking that is created.
Bug: 168258606
Test: fastboot snapshot-update merge
Change-Id: I3a663b95c0b1eabaf14e6fde409c6902653c3c5e
I'm getting this error:
[ FAILED ] /cache/overlay wipe
If /cache is not mounted, in which case it would be RO and empty, then
don't try to do `rm -rf /cache/overlay` as it would fail.
If /cache is RO and /cache/overlay doesn't exist, then `rm -f` would
fail, albeit the "-f" flag, this is a toybox bug.
Check file path existence before `rm`-ing so we don't trigger this error.
Change `ls <type> <path>` to `test <type> <path>` for robust checking.
Bug: 178683776
Bug: 165925766
Bug: 178771232
Test: adb-remount-test.sh on GSI + Pixel
Change-Id: Ie95de690d96146892127ab11a461d80cb6cb56fa
By accident, this was mounting partitions as well, which caused
conflicts in partial updates where some partitions don't have snapshots.
Test: update_device.py with partial OTA
Change-Id: I2db0e6269f0a02cbe8164fa2a72b887c352f56d8
There more output lines of `avbtool` now, adjusts the expected
output of `avbtool info_image --image test.img` in the test
cases.
Bug: 178215452
Test: atest libfs_avb_test
Test: atest libfs_avb_internal_test
Change-Id: I924d6d97ef0a4c19c93017c2491bf251dfc51cae
Simulate merge interruption and merge restart and
validate the data once entire merge is completed.
Bug: 167409187
Test: cow_snapuserd_test
Signed-off-by: Akilesh Kailash <akailash@google.com>
Change-Id: Ia940d5fbd2426bdf13347ffb6637d753b2228de6
If executing `adb remount -R` and DSU is running but disabled, then
enable the DSU (one-shot mode) so that the reboot afterwards would stay
within the DSU guest system.
Normally reboot within a DSU guest system would bring the device back to
the host system. However when doing adb remount -R, we actually doesn't
want to exit DSU, but wish to reboot back into DSU guest system again
with remount machinery (overlayfs) properly set up.
Also sort the header include order.
Bug: 165925766
Test: Within a DSU guest system, DSU disabled, adb remount -R
=> After reboot, system is DSU and overlayfs is mounted
Test: adb-remount-test.sh within DSU guest system
Change-Id: I72a7a568e985b183d357ae6e1a7d0113e9921200
securityfs /sys/kernel/security securityfs rw,relatime 0 0
is causing the noatime check in adb-remount-test.sh to fail.
Bug: 165925766
Test: Create an aosp_cf_x86_phone-userdebug AVD && adb-remount-test.sh
Test: Use DSU to install GSI on the AVD && adb-remount-test.sh
Change-Id: Ibae0d4bbbbc78fb74f4ad82f2313251598c77f72
Snapuserd daemon parses the merge completion request based on
how the dm-snapshot merge is done. dm-snapshot marks the merge as
complete by zeroing out the metadata viz old-chunk and new-chunk id's.
If we have a sector 0 operation such as copy/replace op,
then old-chunk id will be 0 and new-chunk id will be a non-zero
pseudo number. Once the merge is complete, then old-chunk and new-chunk will be 0.
The problem is that daemon used to track the merge completion just by checking
if old-chunk was non-zero. This check is not sufficient and ends up
tripping the assert in the daemon.
Bug: 178061207
Test: Modify cow_snapuserd_test to test this case and validate the
IO path.
Reported-by: Kelvin Zhang <zhangkelvin@google.com>
Signed-off-by: Akilesh Kailash <akailash@google.com>
Change-Id: I6603af1c7b55e487dc3aec0c30c0a9dea0fedb56
