PD#SWPL-45884
BUG:187441275
Problem:
ueventd: coldboot took too much time
Solution:
1.The parallel restorecon dirs can be configured in ueventd.rc
2.Add 'parallel_restorecon_dir' keywords
parallel_restorecon_dir <directory>
Verify:
redi
Change-Id: Id5b13f18d36afb894891697f21ac63e78b3fe130
Signed-off-by: yuehu mi <yuehu.mi@amlogic.com>
Ban weird paths such as /../system or //vendor in first stage mount.
Add utility function fs_mgr_create_canonical_mount_point() that:
* mkdir(mount_point) to ensure mount_point's existence
* Test that realpath(mount_point) =?= mount_point
Bug: 188898525
Test: Presubmit
Test: Boot CF
Change-Id: Iaf2ec52701277f26cc81f3e15a47b6083a788334
Rename fs_mgr_overlayfs_mount_fstab_entry() to
fs_mgr_mount_overlayfs_fstab_entry() and move it out of
fs_mgr_overlayfs.cpp to make it available for user builds.
Add checks to unsure overlayfs mount point doesn't contain symbolic
link or /../.
Check the mount point with an allowlist if user build. The mount point
should either be /vendor, /product ... or their submounts, or strict
submounts of /mnt/vendor and /mnt/product.
Bug: 188862155
Test: Boot test with overlayfs mount entries on user build
Change-Id: I3b60dfa4b63cf2ae0754f53d1d08365aa7be1ee0
* Add logs.
* Append "override_creds=off" overlayfs mount flag only if
fs_mgr_overlayfs_valid() returns kOverrideCredsRequired.
Pre-4.6 kernels or kernels without the override_creds patch don't
need or don't recognize the override_creds mount flag.
(Background: I832c8ca3fce0269bdef4ce988541adb7ba9662ed)
* mkdir(mount_point) before mount() to ensure the mount point exists.
This could happen if the mount point is in a tmpfs, such as /mnt.
Bug: 186342252
Test: Boot to normal with overlayfs mount entries in first stage fstab
Change-Id: I1a05696346610d7fd61de6d25c379520fd58ca9b
GetDmVerityDevices() should filter out overlayfs fstab entries in the
first place, so InitRequiredDevices() don't need to filter out overlayfs
pseudo device names.
Bug: 186342252
Test: Boot to normal with overlayfs mount entries in first stage fstab
Change-Id: I0ac8b7ac0f21daa0c191580d9349adf217854864
It's possible that CONFIG_ZRAM_WRITEBACK is y,
but userspace doesn't set the /sys/block/zram0/backing_dev,
so its value is 'none'.
It's the same with "CONFIG_ZRAM_WRITEBACK is not set".
Change-Id: I2df89ceee68e4685deef5113bada21be96779e9b
Signed-off-by: shisiyuan <shisiyuan@xiaomi.com>
The external firmware handler always has root group privileges because
it is forked/executed without setgid() by ueventd which has root
privileges. This patch calls setgid() with group ID specified in
ueventd.rc before execv().
Test: atest CtsInitTestCases
Signed-off-by: Suchang Woo <suchang.woo@samsung.com>
Change-Id: Id1430e783b0e409d55ac80fe213e81ba099729e2
Add a test to check the build fingerprint when the dynamic build
id is in use.
Bug: 186786987
Test: th
Change-Id: I44d6be0c18552f319bcb8d19cca5659ce580d26c
Background in http://go/compatible-build-fingerprint. To uniquely
identify the mixed build, we plan to append the unique vbmeta digest
to ro.build.id.
If BOARD_USE_VBMETA_DIGTEST_IN_FINGERPRINT is true, the build system
will not set ro.build.id. Instead, init will set it at runtime, by
appending the digest to the legacy build id.
Bug: 186786987
Test: build and boot a device with new build id
Change-Id: Idea57df599bfd6eede760671e2555541f7dc3f21
emulator migrated to bootconfig, we don't use
the kernel command line to pass userspace properties.
Bug: 182291166
Test: boot
Signed-off-by: Roman Kiryanov <rkir@google.com>
Change-Id: Iff2f627aec64b7ba2240444639acedc76a1aa806
This reverts commit 6cb4311f4d.
Reason for revert: no need to keep the compatibility now
Bug: 186485355
Change-Id: Iffdf3abebc17f32e36f3b3fe2b4f9c2592da9653
Test: TreeHugger
Add a new service flag SVC_STOPPING which tracks whether a service is
being manually stopped by init, and make the "reboot_on_failure" service
setting not apply when SVC_STOPPING is set.
This is needed for devices that use FDE, because otherwise the device
reboots during the following init script fragment:
on property:vold.decrypt=trigger_shutdown_framework
class_reset late_start
class_reset main
class_reset_post_data core
class_reset_post_data hal
... because that stops all services, including apexd which has been
marked with reboot_on_failure since
https://android-review.googlesource.com/c/platform/system/apex/+/1325212.
So init was killing apexd, then rebooting the device because apexd
"failed" due to having been killed. Making reboot_on_failure not apply
when init stops a service itself fixes the problem.
This is one of a set of changes that is needed to get FDE working again
so that devices that launched with FDE can be upgraded to Android 12.
Bug: 186165644
Test: Tested FDE on Cuttlefish
Change-Id: I599f7ba107e6c126e8f31d0ae659f0ae672a25e4
If precompiled vendor policy has system_ext hash, system_ext also has to
have its hash, to use precompiled sepolicy.
Bug: 186727553
Test: remove system_ext's hash and see sepolicy compiled in runtime
Change-Id: I4af3418d614156b5e9cd0b0116c2814ba994ee81
The existing code has a lot of references to the
`ro.boot.qemu` and `ro.boot.qemu.something` properties
which is not supported by the bootconfig if we place
everything under `androidboot.qemu`.
Bug: 182291166
Test: getprop | grep qemu
Signed-off-by: Roman Kiryanov <rkir@google.com>
Change-Id: Icb9d29c8dc39e1fa52a6f2ce43b4f42182b7995d
Currently the gki_4_19_pixel5 presubmit test uses an old
vendor_boot-debug.img from a release branch. Adding fallback
paths to load debug resources from /first_stage_ramdisk dir to
pass the presubmit.
This CL should be reverted later once the vendor_boot-debug.img
gets updated to store the debug resources on the root dir.
Bug: 186082603
Test: boot a device with boot-debug.img
Test: boot a device with vendor_boot-debug.img
Change-Id: I9fcd77fc5a60a15cff254e432e05f1c9122ad80d
Currently the debug resources might under /first_stage_ramdisk/*
of the ramdisk, if there is androidboot.force_normal_boot=1 in the
kernel cmdline to request init chroot into /first_stage_ramdisk dir.
To make a generic boot-debug.img works on devices with and without
this chroot, moving the debug resources to the root of the ramdisk.
And copy them for later use before the chroot.
Bug: 186082603
Test: boot a device with boot-debug.img
Test: boot a device with vendor_boot-debug.img
Change-Id: I052a92b2d26c7fdf749991fc55015ff68743efc2
init starts services in "bootstrap" mount namespace until the "default"
mount namespace is ready even when init's current mount namespace is
"default".
apexd and linkerconfig are those processes to set up the mount
namespaces: apexd activates apexes and linkerconfig generates linker
configs.
Previously apexd is allowed to be started in the "current" namespace by
checking its "service name"(it should be "apexd"). But there can be a
certain environment apexd is started in a different way. For example, in
microdroid, apexd is started using "exec -- /system/bin/apexd --vm"
because it wants to run in a different execution mode.
So, instead of checking the service name, its executable's path is
checked against to allow apexd to be started in the current mount
namespace.
Bug: 179342589
Test: MicrodroidTestCase (microdroid boots)
Test: cuttlefish boots
Change-Id: I7c2490e15d481c28ddf382d2d3fdf58a78e467ec
Only the exact same devpath uevent can launch external handler specified
in ueventd.rc. So, you should specify all possible devpaths, even
firmware with different filenames on the same device. Pattern mactching
can be used to simplify this.
Test: atest CtsInitTestCases
Signed-off-by: Suchang Woo <suchang.woo@samsung.com>
Change-Id: If3b7a2cabb8055bf4b768d928f0fc0012da3c177
'/sys/block/zram0/backing_dev' will exist even if zram is not swapped on in some devices. And there is no reason to ensure that zram is swapped on if '/sys/block/zram0/backing_dev' exists. So, if we want to kill backing_dev during userspace reboot, we should check if zram is swapped on first.
TEST: as follow
- adb root
- adb shell swapoff /dev/block/zram0
- adb shell echo 1 > /sys/block/zram0/reset
- adb shell setprop test.userspace.reboot.flag 1
- adb reboot userspace
- (wait reboot ending) adb shell getprop test.userspace.reboot.flag (1 will be show if successful)
Signed-off-by: luwei9 <luwei9@xiaomi.com>
Change-Id: Icca569cf8d64bc024b867dae2ab789fc9e76445a
emulator passes `android.checkjni` in the kernel
command which we want to use in
frameworks/base/core/jni/AndroidRuntime.cpp
Bug: 182291166
Test: getprop ro.boot.dalvik.vm.checkjni
Signed-off-by: Roman Kiryanov <rkir@google.com>
Change-Id: If9473aa9492fa09d8de7cc8fb08614380e4e15f3
emulator passes `android.bootanim=0` in the kernel
command line to disable boot animation.
Bug: 182336906
Test: boot emulator with -np-boot-anim
Signed-off-by: Roman Kiryanov <rkir@google.com>
Change-Id: Id89a6c92dd4724cac414ffbf8ee731b2bfcc7195
args[2](user name to run as) is used instead of args[1](devpath).
Test: atest CtsInitTestCases
Signed-off-by: Suchang Woo <suchang.woo@samsung.com>
Change-Id: Id271755993d55e332bad54d0414e2232071e5e8e
restrictions
Use the property ro.product.enforce_debugfs_restrictions to enable
debugfs restrictions instead of checking the launch API level. Vendors
can enable build-time as well as run-time debugfs restrictions by
setting the build flag PRODUCT_SET_DEBUGFS_RESTRICTIONS true which in
turn sets ro.product.enforce_debugfs_restrictions true as well enables
sepolicy neverallow restrictions that prevent debugfs access. The
intention of the build flag is to prevent debugfs dependencies from
creeping in during development on userdebug/eng builds.
Test: build and boot
Bug: 184381659
Change-Id: If555037f973e6e4f35eb7312637f58e8360c3013
Minor refactoring and renaming, goal is to make the follow-up patch
easier to read.
Bug: 184132970
Test: Presubmit
Change-Id: I66416161b30ac310934d901cbaf11bc926e2cbf7
So we can extend platform policies with target specific compat rules.
This use case surface in the context of system only upgrade, when the
vendor policy cannot be updated, then the system_ext partition can
contain target specific compat policies.
Bug: 183362912
Test: Presubmit
Change-Id: Ic6436eb8a269f07f932331dedf7dbaa629538ade
The emulator migrated to `ro.boot.qemu`.
Bug: 182291166
Test: presubmit
Signed-off-by: Roman Kiryanov <rkir@google.com>
Change-Id: Iaa3bdff5cc1efa79c21ae2dc2bdf7ec74731f66c
Since recovery mode doesn't switch root to /first_stage_ramdisk, we need
to update the debuggable file paths for recovery mode. Without this,
adb needs to be authorized in recovery mode even with a debug
vendor_ramdisk.
Bug: 182612208
Test: verify adb is authorized on pixel 5
Signed-off-by: Will McVicker <willmcvicker@google.com>
Change-Id: I557429e1834efcdd92ba0e135377055ffa677137
