Combine some cases that are handled identically, and remove the
'userdata_remount' parameter which is unused. No change in behavior.
Test: presubmit
Change-Id: I0567e47d02942af7865c155dab76e6d0e9d71a1f
Until the verification of the /vendor partition we restrict the usage of
the feature to only debuggable VMs. If a non-debuggable Microdroid VM
is requested to mount /vendor, first_stage_init will crash and the VM
won't boot.
Bug: 285855436
Test: vm run-microdroid --debug none --vendor test_vendor.img
Change-Id: I9d44ad5c1d971bac1a9173c291ce61b628f2f8e9
first_stage_init will only mount the /vendor partition in Microdroid if
the androidboot.microdroid.mount_vendor=1 is provided in the kernel
cmdline.
Bug: 285855433
Test: atest MicrodroidTestApp
Change-Id: I5b840b5474bc52ec2696a0ba6ead0476acddfb1a
The existing approach in first_stage_init/first_stage_mount makes it
harder to add conditional logic that should only be applied for
Microdroid. Additionally, it forces the FirstStageMount object to be
created twice.
This change refactors the control flow to make first_stage_init take the
ownership of the FirstStageMount object. It will help with the follow up
change (which will add logic to conditionally mount /vendor partition
while booting Microdroid). As a nice side effect, this refactoring also
fixes the problem of the FirstStageMount being created twice.
This change also merges the FirstStageMount and FirstStageMountVBootV2
in a single class, since nobody actually uses FirstStageMount.
Bug: 285855433
Test: device boots
Test: atest MicrodroidTestApp
Change-Id: I38a72c0f20e7c1ac70031498aeeca22b091fa827
Remove the code that "locked" the .fs-verity keyring at a certain point
in the boot. It probably was thought that this achieved some useful
security property, which is a bit questionable. Regardless, Android no
longer uses fsverity builtin signatures. The only code that is still
being kept around is enough to access existing files on old kernels, and
for this "locking" the keyring is definitely not essential.
Bug: 290064770
Test: presubmit and booting Cuttlefish
Change-Id: Ide5729aeac5772658b2a3f0abe835988b8842b02
The APEX sepolicy feature has unfinished support for verifying the
sepolicy file using fsverity with a builtin signature. However, this
was never finished and doesn't really make sense, since the
already-implemented scheme that uses a full-file hash combined with a
userspace signature check is better suited to the problem. Therefore,
remove this unfinished code.
Bug: 290064770
Test: presubmit and booting Cuttlefish
Change-Id: I3403a3303bcea32c7340642b843cd1541fe1fd2f
base::Callback comes from libchrome which is undermaintained. Since
C++11 there's standard library support for function objects. Migrate to
a more well knowned solution for function objects.
Test: th
Change-Id: Id19bcd7e92691f57d97520f8f1f4909ca9c25b33
Only write to dm_user_header in the functions which explicitly need to
marshal it. This avoids leakage of dm-user specifics into core logic.
This also simplifies the existing control flow by allowing us to set an
error anywhere, or nowhere, as any "return false" from ProcessIORequest
will automatically set an error header.
Bug: 288273605
Test: snapuserd_test
Change-Id: I85f67208197d7ecc49e348ab3013827a38e84761
RespondIOError could return "true" which is not the correct value for
its callers, usually. However since RespondIOError is not specifically
needed anymore, we can also avoid calling it in most places.
This also fixes a bug where ReadUnalignedSector's return value was
implicitly converted to boolean.
Bug: 288273605
Test: snapuserd_test
Change-Id: I62140b2b05d0f9f53cb669c5c0d7e0ffc7f4c9a1
header_response is meant to only be true for the first call to
WriteDmUserPayload. Codify this by making it a member variable and
resetting it on each request.
Bug: 288273605
Test: snapuserd_test
Change-Id: Ic92f5932391a607b63345d579f379d12e78e8f6c
It could never have gotten much coverage.
Bug: 288741501
Test: libutils_fuzz_vector (2,000,000 iterations)
(~60k-100k iterations/s)
Change-Id: I6f442642b5a3246dd08784f735db5aad5fd4d398
The variant excludes the code that is not for /proc/mounts, and
therefore saves code size when being called.
Also, after this change, the call to `SkipMountingPartitions` is skipped
for /proc/mounts because it is not needed.
Bug: 287958783
Test: atest CtsFsMgrTestCases
Change-Id: Ie243257fa2e87e666be7decf97ec36c806bc4524
Based on experiments, we fount out 128 (128 x global readahead window
size = 16mb) is the optimal multiple to boost up read speeds for the
sequentially accessed files with POSIX_FADV_SEQUENTIAL.
Bug: 195311558
Test: check the /sys/fs/f2fs/<userdata partition>/seq_file_ra_mul value
Change-Id: I7563ad6e47b9ab76ae7fe36978d0e5970a7490e8
Signed-off-by: Daeho Jeong <daehojeong@google.com>
OptimizedFlashSuper makes more sense and is more consistent with
should-optimize-super
Test: m fastboot
Change-Id: I6ceb31144dce591e0a53faec68b932112d9cd360
The flag has been a default, and now is not accepted.
Test: Treehugger, m rust
Bug: 279198502
Bug: 276464273
Change-Id: Ifdf9968bfcdb278f73cf31ab68bc6b488b39436b
We are now conditionally compiling init binaries & libinit for
Microdroid (adding -DMICRODROID=1 cflag), so instead of checking for the
presence of the /system/etc/selinux/microdroid_precompiled_sepolicy we
can check if the code is compiled for Microdroid.
In a follow-up changes we can split the sepolicy loading logic into 2
separate headers (one for Android and one for Microdroid) and include
the necessary one depending on the target we compile for.
Bug: 287206497
Test: atest MicrodroidTestApp
Change-Id: Id9c837d03a96ff9564688d33955ec85094eee487
The ART module needs this library to determine whether to put dexopt
artifacts in dalvik-cache.
Bug: 287958783
Test: m
Change-Id: Idf338702d4f54e9c40c0692ea29e7d83e91aca38
