Add support for checkpointing

Checkpointing uses a combination of files on the meta partition
and the checkpoint= fs_mgr flag. Checkpointed partitions will
revert to their starting state on reboot unless checkpoint commit
is called.

Test: Run vdc commands, check file on metadata
Change-Id: Icba16578608a6cbf922472e9d4ae5b8cf5f016c6
This commit is contained in:
Daniel Rosenberg 2018-08-28 01:58:49 -07:00 committed by Paul Lawrence
parent bece484748
commit 4f68471119
9 changed files with 250 additions and 2 deletions

View file

@ -95,6 +95,7 @@ cc_library_static {
srcs: [
"Benchmark.cpp",
"CheckEncryption.cpp",
"Checkpoint.cpp",
"Devmapper.cpp",
"EncryptInplace.cpp",
"Ext4Crypt.cpp",

109
Checkpoint.cpp Normal file
View file

@ -0,0 +1,109 @@
/*
* Copyright (C) 2018 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#define LOG_TAG "Checkpoint"
#include "Checkpoint.h"
#include <android-base/file.h>
#include <android-base/parseint.h>
#include <cutils/android_reboot.h>
#include <fs_mgr.h>
#include <mntent.h>
#include <sys/mount.h>
#include <list>
#include <string>
namespace android {
namespace vold {
static const std::string kMetadataCPFile = "/metadata/vold/checkpoint";
bool cp_startCheckpoint(int retry) {
if (retry < -1) return false;
std::string content = std::to_string(retry);
return android::base::WriteStringToFile(content, kMetadataCPFile);
}
bool cp_commitChanges() {
struct fstab* fstab = fs_mgr_read_fstab_default();
if (!fstab) return false;
FILE* fp = setmntent("/proc/mounts", "r");
mntent* mentry;
if (fp == NULL) return false;
while ((mentry = getmntent(fp)) != NULL) {
auto test = std::string(mentry->mnt_dir) + "/";
for (int i = 0; i < fstab->num_entries; i++) {
if (!fs_mgr_is_checkpoint(&fstab->recs[i])) continue;
if (!strcmp(fstab->recs[i].mount_point, mentry->mnt_dir) &&
!strcmp(fstab->recs[i].fs_type, mentry->mnt_type)) {
if (!strcmp(fstab->recs[i].fs_type, "f2fs")) {
mount(mentry->mnt_fsname, mentry->mnt_dir, "none",
MS_REMOUNT | fstab->recs[i].flags, "checkpoint=enable");
}
}
}
}
endmntent(fp);
fs_mgr_free_fstab(fstab);
return android::base::RemoveFileIfExists(kMetadataCPFile);
}
void cp_abortChanges() {
android_reboot(ANDROID_RB_RESTART2, 0, nullptr);
}
bool cp_needRollback(const std::string& id) {
std::string content;
bool ret;
ret = android::base::ReadFileToString(kMetadataCPFile, &content);
if (ret) return content == "0";
return false;
}
bool cp_needsCheckpoint(void) {
bool ret;
std::string content;
ret = android::base::ReadFileToString(kMetadataCPFile, &content);
if (ret) return content != "0";
return false;
}
bool cp_prepareDriveForCheckpoint(const std::string& mountPoint) {
return false;
}
bool cp_markBootAttempt() {
std::string oldContent, newContent;
int retry = 0;
if (!android::base::ReadFileToString(kMetadataCPFile, &oldContent)) return false;
if (!android::base::ParseInt(oldContent, &retry)) return false;
if (retry > 0) retry--;
newContent = std::to_string(retry);
return android::base::WriteStringToFile(newContent, kMetadataCPFile);
}
} // namespace vold
} // namespace android

42
Checkpoint.h Normal file
View file

@ -0,0 +1,42 @@
/*
* Copyright (C) 2018 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef _CHECKPOINT_H
#define _CHECKPOINT_H
#include <string>
namespace android {
namespace vold {
bool cp_startCheckpoint(int retry);
bool cp_commitChanges();
void cp_abortChanges();
bool cp_needRollback(const std::string& id);
bool cp_needsCheckpoint();
bool cp_prepareDriveForCheckpoint(const std::string& mountPoint);
bool cp_markBootAttempt();
} // namespace vold
} // namespace android
#endif

View file

@ -36,6 +36,7 @@
#include <cutils/fs.h>
#include <fs_mgr.h>
#include "Checkpoint.h"
#include "EncryptInplace.h"
#include "KeyStorage.h"
#include "KeyUtil.h"
@ -59,7 +60,8 @@ static bool mount_via_fs_mgr(const char* mount_point, const char* blk_device) {
return false;
}
auto mount_rc = fs_mgr_do_mount(fstab_default, const_cast<char*>(mount_point),
const_cast<char*>(blk_device), nullptr);
const_cast<char*>(blk_device), nullptr,
android::vold::cp_needsCheckpoint());
if (setexeccon(nullptr)) {
PLOG(ERROR) << "Failed to clear setexeccon";
return false;

View file

@ -24,6 +24,7 @@
#include "Process.h"
#include "VolumeManager.h"
#include "Checkpoint.h"
#include "Ext4Crypt.h"
#include "MetadataCrypt.h"
#include "cryptfs.h"
@ -892,5 +893,55 @@ binder::Status VoldNativeService::mountExternalStorageForApp(const std::string&
sandboxId, userId));
}
binder::Status VoldNativeService::startCheckpoint(int32_t retry, bool* _aidl_return) {
ENFORCE_UID(AID_SYSTEM);
ACQUIRE_LOCK;
*_aidl_return = cp_startCheckpoint(retry);
return ok();
}
binder::Status VoldNativeService::needsCheckpoint(bool* _aidl_return) {
ENFORCE_UID(AID_SYSTEM);
ACQUIRE_LOCK;
*_aidl_return = cp_needsCheckpoint();
return ok();
}
binder::Status VoldNativeService::commitChanges(bool* _aidl_return) {
ENFORCE_UID(AID_SYSTEM);
ACQUIRE_LOCK;
*_aidl_return = cp_commitChanges();
return ok();
}
binder::Status VoldNativeService::prepareDriveForCheckpoint(const std::string& mountPoint,
bool* _aidl_return) {
ENFORCE_UID(AID_SYSTEM);
CHECK_ARGUMENT_PATH(mountPoint);
ACQUIRE_LOCK;
*_aidl_return = cp_prepareDriveForCheckpoint(mountPoint);
return ok();
}
binder::Status VoldNativeService::markBootAttempt(bool* _aidl_return) {
ENFORCE_UID(AID_SYSTEM);
ACQUIRE_LOCK;
*_aidl_return = cp_markBootAttempt();
return ok();
}
binder::Status VoldNativeService::abortChanges() {
ENFORCE_UID(AID_SYSTEM);
ACQUIRE_LOCK;
cp_abortChanges();
return ok();
}
} // namespace vold
} // namespace android

View file

@ -118,6 +118,13 @@ class VoldNativeService : public BinderService<VoldNativeService>, public os::Bn
binder::Status mountExternalStorageForApp(const std::string& packageName, int32_t appId,
const std::string& sandboxId, int32_t userId);
binder::Status startCheckpoint(int32_t retry, bool* _aidl_return);
binder::Status needsCheckpoint(bool* _aidl_return);
binder::Status commitChanges(bool* _aidl_return);
binder::Status prepareDriveForCheckpoint(const std::string& mountPoint, bool* _aidl_return);
binder::Status markBootAttempt(bool* __aidl_return);
binder::Status abortChanges();
};
} // namespace vold

View file

@ -102,6 +102,13 @@ interface IVold {
void mountExternalStorageForApp(in @utf8InCpp String packageName, int appId,
in @utf8InCpp String sandboxId, int userId);
boolean startCheckpoint(int retry);
boolean needsCheckpoint();
void abortChanges();
boolean commitChanges();
boolean prepareDriveForCheckpoint(@utf8InCpp String mountPoint);
boolean markBootAttempt();
const int ENCRYPTION_FLAG_NO_UI = 4;
const int ENCRYPTION_STATE_NONE = 1;

View file

@ -24,6 +24,7 @@
#include "cryptfs.h"
#include "Checkpoint.h"
#include "EncryptInplace.h"
#include "Ext4Crypt.h"
#include "Keymaster.h"
@ -1562,7 +1563,9 @@ static int cryptfs_restart_internal(int restart_main) {
SLOGE("Failed to setexeccon");
return -1;
}
while ((mount_rc = fs_mgr_do_mount(fstab_default, DATA_MNT_POINT, crypto_blkdev, 0)) != 0) {
bool needs_cp = android::vold::cp_needsCheckpoint();
while ((mount_rc = fs_mgr_do_mount(fstab_default, DATA_MNT_POINT, crypto_blkdev, 0,
needs_cp)) != 0) {
if (mount_rc == FS_MGR_DOMNT_BUSY) {
/* TODO: invoke something similar to
Process::killProcessWithOpenFiles(DATA_MNT_POINT,

26
vdc.cpp
View file

@ -31,6 +31,7 @@
#include "android/os/IVold.h"
#include <android-base/logging.h>
#include <android-base/parseint.h>
#include <android-base/stringprintf.h>
#include <binder/IServiceManager.h>
#include <binder/Status.h>
@ -104,6 +105,31 @@ int main(int argc, char** argv) {
checkStatus(vold->mountFstab(args[2]));
} else if (args[0] == "cryptfs" && args[1] == "encryptFstab" && args.size() == 3) {
checkStatus(vold->encryptFstab(args[2]));
} else if (args[0] == "checkpoint" && args[1] == "startCheckpoint" && args.size() == 3) {
int retry;
bool success = false;
if (!android::base::ParseInt(args[2], &retry)) exit(EINVAL);
checkStatus(vold->startCheckpoint(retry, &success));
return success ? 1 : 0;
} else if (args[0] == "checkpoint" && args[1] == "needsCheckpoint" && args.size() == 2) {
bool enabled = false;
checkStatus(vold->needsCheckpoint(&enabled));
return enabled ? 1 : 0;
} else if (args[0] == "checkpoint" && args[1] == "commitChanges" && args.size() == 2) {
bool success = false;
checkStatus(vold->commitChanges(&success));
return success ? 1 : 0;
} else if (args[0] == "checkpoint" && args[1] == "prepareDriveForCheckpoint" &&
args.size() == 3) {
bool success = false;
checkStatus(vold->prepareDriveForCheckpoint(args[2], &success));
return success ? 1 : 0;
} else if (args[0] == "checkpoint" && args[1] == "markBootAttempt" && args.size() == 2) {
bool success = false;
checkStatus(vold->markBootAttempt(&success));
return success ? 1 : 0;
} else if (args[0] == "checkpoint" && args[1] == "abortChanges" && args.size() == 2) {
checkStatus(vold->abortChanges());
} else {
LOG(ERROR) << "Raw commands are no longer supported";
exit(EINVAL);