Commit graph

72905 commits

Author SHA1 Message Date
Yifan Hong
ecbf9e4f7a Merge "storaged: test do not crash on cuttlefish." 2021-12-07 19:09:04 +00:00
David Drysdale
93f4b0afe7 Merge "Depend on KeyMint HAL via default" 2021-12-07 11:08:42 +00:00
Yifan Hong
e8474c2a10 storaged: test do not crash on cuttlefish.
If device does not have disk stats, do not crash the
test. Check for null C strings before converting it
to std::string.

Test: storaged-unit-tests
Change-Id: I46c87b6b6876fb0fbdb403c0015886d6d4cca0c6
2021-12-06 23:09:37 -08:00
David Anderson
6c31ab7a13 Merge changes I350c8c88,I1e462fad
* changes:
  libsnapshot: Fix unmapping getting skipped for userspace snapshots.
  libsnapshot: Don't map "b" partitions during testing.
2021-12-07 02:58:45 +00:00
David Anderson
d2f8d51444 libsnapshot: Fix unmapping getting skipped for userspace snapshots.
When the dm-user device isn't shut down, COW files cannot be deleted.

Bug: 208944665
Test: vts_libsnapshot_test
Change-Id: I350c8c88c69f9b151032635b0229d281a4bb47ce
2021-12-05 22:39:50 -08:00
David Anderson
266f57d672 libsnapshot: Don't map "b" partitions during testing.
This is testing behavior that no longer exists. We never perform an OTA
while system_other is mapped, since it would collide with the snapshot
for system.

Bug: 208944665
Test: vts_libsnapshot_test
Change-Id: I1e462fad3fd59b8b881d98da982a7c22408b837b
2021-12-05 22:39:49 -08:00
Treehugger Robot
4bf3c13dc5 Merge "Explain why snapuserd is a static binary." 2021-12-03 23:54:20 +00:00
Elliott Hughes
17572ca9e7 Explain why snapuserd is a static binary.
Static binaries are pretty rare (and usually a bad idea) but there's a
rationale for this one, so we should record it.

Test: treehugger
Change-Id: I7fc5c32bbbec1ccf195d94eaedfb1bd718a364e1
2021-12-03 13:57:10 -08:00
David Anderson
f7da22dfe5 Merge "libsnapshot: Fix test failure in CancelOnTargetSlot." 2021-12-03 20:02:09 +00:00
David Anderson
35cbd4d472 Merge "libsnapshot: Fix crash in MakeXorBlockString test." 2021-12-03 19:28:41 +00:00
David Anderson
ce474ea501 libsnapshot: Fix test failure in CancelOnTargetSlot.
This test fails because CreateLogicalPartitions is effectively called
twice without unmapping anything.

Bug: 208944665
Test: run_snapshot_tests.sh
Change-Id: I7e79f43e8de2f79bb72888c4198a95d9bd76bcdd
2021-12-02 23:51:40 -08:00
David Anderson
8875abd9ab libsnapshot: Fix crash in MakeXorBlockString test.
std::string doesn't like being initialized with negative values, so use
memset() instead.

Bug: 208944665
Test: vts_libsnapshot_test
Change-Id: I42a1a01fd9e59ffc9913c9df9f4bb8ab85113356
2021-12-02 23:51:39 -08:00
David Drysdale
c5b7d179c2 Depend on KeyMint HAL via default
This allows for easier bumping of the KeyMint version level.

At the moment this change should have no effect: the same dependency
is used, just reached via a default rather than explicitly.

However, when the KeyMint version increases in the near future, using
this default should mean that no change is needed here: the default
definition will change to -V2 and this will be referenced here.

Test: TreeHugger
Change-Id: Ic250e5b91ee2b48cd7a05783ce21af16ae330ed1
2021-12-02 08:16:25 +00:00
Jooyung Han
e8e5b5bb28 Merge "Set min_sdk_version" 2021-12-02 02:27:20 +00:00
Jooyung Han
b1ac9b4275 Set min_sdk_version
Many modules requiring min_sdk_version have been used without setting
it, but hard-coded as "30" in allowlist.

Bug: 158059172
Test: m
Change-Id: I0b461c28077584f2db2d2f688423f2227c0a2d1a
2021-12-02 09:23:42 +09:00
Akilesh Kailash
cddf0f75cf Merge "snapuserd: Address alignment fault on 32-bit systems" 2021-12-01 20:36:24 +00:00
Akilesh Kailash
14e9504d2e snapuserd: Address alignment fault on 32-bit systems
When the scratch space is mmap'ed, the metadata buffer
will be un-aligned. This may lead to alignment fault
on 32-bit systems. Address this by temporarily copying
it to buffer.

No perf impact as this code path is not in I/O path
and the copy is a for the size of metadata buffer which
is 8k.

Bug: 206426215
Test: Full and Incremental OTA on pixel
1: Compile snapuserd as 32 bit and reproduced the bug on pixel.
2: With fix - OTA applied successfully.
3: Reboot the device when merge was in-flight as the fix is primarily
in that path.
4: Verify merge completion and data integrity post merge.

Signed-off-by: Akilesh Kailash <akailash@google.com>
Change-Id: I63c0d862057ebf138c9d1696a942030e30598739
2021-12-01 20:23:58 +00:00
Armelle Laine
904cae37ce Merge "trusty: update default_applicable_licenses "Android-Apache-2.0"" 2021-11-30 23:41:46 +00:00
David Anderson
437fb62cf6 Merge "init: Remove first_stage_mount support for AVB 1.0." 2021-11-30 23:03:14 +00:00
David Anderson
36ba349e8f init: Remove first_stage_mount support for AVB 1.0.
Bug: 204598884
Test: treehugger
Change-Id: I6927198b706136de9721df86e24e5828c9f4f1c2
2021-11-30 00:57:48 -08:00
Christopher Parsons
aa6964861a Merge "Remove libdl from shared_libs" 2021-11-29 22:48:53 +00:00
Chris Parsons
820da65897 Remove libdl from shared_libs
This entry is redundant, as system_shared_libs by default includes
libdl.

This should be a no-op change for the current build system, but avoids
an issue on the alternative (experimantal) build system, Bazel.

Test: md5sum libutils.so before/after on aosp_flame, verified no changes
Change-Id: I18f6e67c3e23299a0f1e0ef530a0a809b068dc03
2021-11-29 17:43:04 -05:00
Armelle Laine
c2cc120d60 trusty: update default_applicable_licenses "Android-Apache-2.0"
rpmb_dev is a rpmb device stub used in emulation
as well as platform early bringup so we don't expect
any open source developer to be impacted by the migration
from MIT to Apache 2.0.
Note that with such a migration to Apache 2.0, recipients
won't receive lesser permissions, they just have updated
requirements for which license text to share along with the code.

Bug: 191508826
Test: None
Signed-off-by: Armelle Laine <armellel@google.com>
Change-Id: I0ae2bc66901344f8f9227e929a98946e52c50355
2021-11-29 19:53:54 +00:00
Treehugger Robot
4bbf1c9d24 Merge "Make libmini_keyctl_static available in recovery" 2021-11-23 17:54:31 +00:00
Treehugger Robot
a927f51846 Merge "mini_keyctl: add OWNERS" 2021-11-23 12:23:49 +00:00
Jeff Vander Stoep
26083e88e5 mini_keyctl: add OWNERS
Test: n/a
Change-Id: Ib068ec6658779b2baa0772b5ae3a2e4665caa260
2021-11-23 11:16:05 +00:00
Jeff Vander Stoep
3bada5cbcd Make libmini_keyctl_static available in recovery
So libfsverity_init can be used in init to load fsverity keys in
early boot.

Bug: 199914227
Test: build
Change-Id: I514ab602ef03f4528cb013bd268fa6dfcb7eb5b2
2021-11-22 21:35:04 +01:00
Treehugger Robot
e33c0e547d Merge "Mark fs-verity support for /metadata if first_api_level >= R" 2021-11-22 20:23:44 +00:00
Akilesh Kailash
04eecd441c Merge changes from topic "vabc-user-snapshots"
* changes:
  snapuserd: Add unit test for test merge code path
  libsnapshot: Add vts_userspace_snapshot_test
  libsnapshot: Integrate userspace snapshots APIs
2021-11-22 20:16:06 +00:00
Treehugger Robot
1d02ce9ad4 Merge "Configure Trusty KeyMint devices to use attest_keys." 2021-11-22 18:21:09 +00:00
David Anderson
92b3b3fff6 Merge "overlayfs: Use userxattrs on supporting kernels." 2021-11-22 18:16:10 +00:00
Shawn Willden
b440e0c077 Configure Trusty KeyMint devices to use attest_keys.
Change-Id: If86133e7648b601a4a61ea5614e6971a2bb8d264
Bug: 197096139
Test: Manual
2021-11-22 16:52:30 +00:00
Jeff Vander Stoep
eb74938269 Mark fs-verity support for /metadata if first_api_level >= R
fs-verity is required for new devices launched with R.

This allows files stored on /metadata to be protected by fsverity.

Bug: 199914227
Test: mini-keyctl padd asymmetric fsv-sepolicy .fs-verity \
< /system/etc/security/com.android.sepolicy.cert.der
cp /apex/com.android.sepolicy.apex/app/SEPolicy-33/SEPolicy-33.apk \
/metadata/sepolicy/
fsverity enable /metadata/sepolicy/SEPolicy-33.apk \
--signature=/apex/com.android.sepolicy.apex/etc/SEPolicy-33.apk.fsv_sig

Change-Id: I44434e3d026f1dbe6e261c365b3c70d3556a80b1
2021-11-22 10:26:51 +01:00
Treehugger Robot
ba3ae06a15 Merge "Check vendor namespace for SPHAL namespace" 2021-11-22 08:47:18 +00:00
Kiyoung Kim
b77377e62f Check vendor namespace for SPHAL namespace
Vendor APEX section should not separate SPHAL in generic, and also
default namespace does not contain vendor libs in the scope. This change
updates libvndksupport to check 'vendor' namespace when there is no
sphal namespace for vendor APEX section case.

Bug: 193861508
Test: AOSP CF x86_64 boot succeeded
Change-Id: I04cefc12be4c8ec261efb1688a8307b7061bf068
2021-11-22 10:57:44 +09:00
David Anderson
4993168f9c Merge "init: Add a way to class_restart only enabled services." 2021-11-20 03:16:22 +00:00
David Anderson
70d057448d overlayfs: Use userxattrs on supporting kernels.
In previous kernels, overlayfs stored its xattrs with a "trusted."
prefix. This requires CAP_SYS_ADMIN. As a workaround, we carried
out-of-tree kernel patches to bypass the security checks on these attrs.

The 5.15 kernel however has a new mount option "userxattr". When this is
set, the "trusted." prefix is replaced with "user.", which eliminates
the CAP_SYS_ADMIN requirement.

On kernels >= 5.15 we can use this feature and drop some of our
out-of-tree patches.

Bug: 204981027
Test: adb remount on cuttlefish with >=5.15
Change-Id: I3f0ca637a62c949fe481eea84f2c682f1ff4517a
2021-11-19 16:03:52 -08:00
Akilesh Kailash
a781512188 snapuserd: Add unit test for test merge code path
Most of the test cases are similar to dm-snapshot-merge.

Additional test cases have been added primarily to test
I/O's in parallel with merge.

Bug: 193863397
Test: snapuserd_test
Signed-off-by: Akilesh Kailash <akailash@google.com>
Change-Id: I2764e6971989c121be873cc425cac464f31ce85f
2021-11-19 23:47:26 +00:00
Akilesh Kailash
6e35cb89ff libsnapshot: Add vts_userspace_snapshot_test
Toggle virtual_ab.userspace.snapshots.enabled to test
both:

1: vts_libsnapshot_test - testing kernel dm-snapshot
2: vts_userspace_snapshot_test - testing user-space snapshot

Bug: 193863443
Test: vts_userspace_snapshot_test
Signed-off-by: Akilesh Kailash <akailash@google.com>
Change-Id: I873e7476d71feb9a2e12054e968443bd22ee817c
2021-11-19 23:47:04 +00:00
Akilesh Kailash
3b874456fc libsnapshot: Integrate userspace snapshots APIs
dm-user block device will be the snapshot device; thus, no
more explicit call to MapSnapshot(). Additionally, block device
name for dm-user will be the snapshot name so that mount works
seamlessly.

API's to query the snapshot status, merge progress has been
integrated. Since daemon requires base device for merge, we pass
additional parameter during initialization.

Add a new virtual a/b property flag to enable/disable
user-snapshots feature. Propagate this flag to init layer
for first stage mount during boot process.

Some minor cleanup and renaming of variables.

Bug: 193863443
Test: 1: Full OTA on CF and pixel and verify the merge completion.
Tested merge-resume path by rebooting device during merge.
2: Incremental OTA on CF and pixel

Signed-off-by: Akilesh Kailash <akailash@google.com>
Change-Id: I5088f40a55807946cd044b3987678ead3696d996
2021-11-19 23:45:43 +00:00
Christopher Ferris
bad9f5fd89 Merge "Remove non-protobuf path." 2021-11-19 18:22:46 +00:00
Christopher Ferris
bdea3bb56b Remove non-protobuf path.
It is expensive to keep the non-protobuf path around and it hasn't
been used for an entire release without anyone noticing, so remove it.

Create new end-to-end unit tests that cover tests of the non-proto
code paths that are being deleted.

Bug: 197981919

Test: Unit tests pass.
Change-Id: Ia1c45572300bd63e5f196ad61e5e5386830c8ece
2021-11-19 02:07:30 +00:00
Yi-Yo Chiang
adae766986 Merge changes I3f56a83e,Icce8c1b5
* changes:
  Reland "Add ParseFstabFromString(), remove ReadFstabFromFp()"
  Reland "Replace strtok_r() with C++-style android::base::Tokenize()"
2021-11-18 08:24:41 +00:00
Daniel Norman
9eeffa42e6 Merge "Revert^2 "Load persist props before starting apexd."" 2021-11-17 21:24:28 +00:00
Yi-Yo Chiang
97f2fdff68 Reland "Add ParseFstabFromString(), remove ReadFstabFromFp()"
ReadFstabFromFp() have two callers right now, ReadFstabFromFile() and
ReadFstabFromDt(). ReadFstabFromFile() opens a FILE* and pass it to
ReadFstabFromFp(), and ReadFstabFromDt() wraps a std::string::c_str()
buffer in a FILE* adaptor with fmemopen().

There's no need for such adaptor, just change ReadFstabFromFp() to
accept std::string and we're good.

Bug: 206740783
Bug: 204056804
Test: atest CtsFsMgrTestCases
Test: m libfstab_fuzzer
Change-Id: I3f56a83ec5baf7b0d97a618a2c2bb6e31b67b5d9
2021-11-17 16:52:17 +00:00
Yi-Yo Chiang
b8837396df Reland "Replace strtok_r() with C++-style android::base::Tokenize()"
android::base::Tokenize() is like android::base::Split() but ignores
empty tokens. Think strtok_r() and strsep().
C++-ify parsing code by replacing strtok_r() with Tokenize(), which
results in more concise and readable code.

Bug: 204056804
Test: atest CtsFsMgrTestCases
(cherry picked from commit 3c1b581fd5)

Change-Id: Icce8c1b5ad074421052f68fa138d90adb85cca27
2021-11-17 16:40:01 +00:00
Martin Stjernholm
fec41dda67 Merge changes from topic "revert-1890098-KOOTTLPTTT"
* changes:
  Revert "Replace strtok_r() with C++-style android::base::Tokenize()"
  Revert "Add ParseFstabFromString(), remove ReadFstabFromFp()"
2021-11-17 16:22:28 +00:00
Martin Stjernholm
867916e8b5 Revert "Replace strtok_r() with C++-style android::base::Tokenize()"
Revert submission 1890098

Reason for revert: Breaks tests, b/206740783
Reverted Changes:
I71190c735:Add ParseFstabFromString(), remove ReadFstabFromFp...
Ic1dd0eb97:Replace strtok_r() with C++-style android::base::T...

Change-Id: I1eecdc43d504385b00caec17db626eb1d623c8ef
2021-11-17 15:51:01 +00:00
Martin Stjernholm
62291bfd5c Revert "Add ParseFstabFromString(), remove ReadFstabFromFp()"
Revert submission 1890098

Reason for revert: Breaks tests, b/206740783
Reverted Changes:
I71190c735:Add ParseFstabFromString(), remove ReadFstabFromFp...
Ic1dd0eb97:Replace strtok_r() with C++-style android::base::T...

Change-Id: I1ded0217670a9bf3f2485120ee0dddf3e854a6fb
2021-11-17 15:51:01 +00:00
Alan Stokes
82d6d124f3 Merge "mkdir /metadata/sepolicy" 2021-11-17 14:11:14 +00:00