Call earlyBootEnded from vdc.
This allows us to determine the place where early boot ends from init. It also allows fixing a bug where early boot wasn't ended previously on devices without metadata encryption. Bug: 168585635 Bug: 173005594 Test: inspect logs Change-Id: I78775672a7d3c140e007235a10fb1d1bc816fcee
This commit is contained in:
Martijn Coenen
parent
d5de2f22b7
commit
eed957f6a4
5 changed files with 14 additions and 4 deletions
|
|
@ -79,10 +79,6 @@ const KeyGeneration makeGen(const CryptoOptions& options) {
|
|||
}
|
||||
|
||||
static bool mount_via_fs_mgr(const char* mount_point, const char* blk_device) {
|
||||
// We're about to mount data not verified by verified boot. Tell Keymaster instances that early
|
||||
// boot has ended.
|
||||
::android::vold::Keymaster::earlyBootEnded();
|
||||
|
||||
// fs_mgr_do_mount runs fsck. Use setexeccon to run trusted
|
||||
// partitions in the fsck domain.
|
||||
if (setexeccon(android::vold::sFsckContext)) {
|
||||
|
|
|
|||
|
|
@ -33,6 +33,7 @@
|
|||
#include "Checkpoint.h"
|
||||
#include "FsCrypt.h"
|
||||
#include "IdleMaint.h"
|
||||
#include "Keymaster.h"
|
||||
#include "MetadataCrypt.h"
|
||||
#include "MoveStorage.h"
|
||||
#include "Process.h"
|
||||
|
|
@ -879,6 +880,14 @@ binder::Status VoldNativeService::resetCheckpoint() {
|
|||
return Ok();
|
||||
}
|
||||
|
||||
binder::Status VoldNativeService::earlyBootEnded() {
|
||||
ENFORCE_SYSTEM_OR_ROOT;
|
||||
ACQUIRE_LOCK;
|
||||
|
||||
Keymaster::earlyBootEnded();
|
||||
return Ok();
|
||||
}
|
||||
|
||||
binder::Status VoldNativeService::incFsEnabled(bool* _aidl_return) {
|
||||
ENFORCE_SYSTEM_OR_ROOT;
|
||||
|
||||
|
|
|
|||
|
|
@ -150,6 +150,8 @@ class VoldNativeService : public BinderService<VoldNativeService>, public os::Bn
|
|||
binder::Status supportsFileCheckpoint(bool* _aidl_return);
|
||||
binder::Status resetCheckpoint();
|
||||
|
||||
binder::Status earlyBootEnded();
|
||||
|
||||
binder::Status incFsEnabled(bool* _aidl_return) override;
|
||||
binder::Status mountIncFs(
|
||||
const std::string& backingPath, const std::string& targetDir, int32_t flags,
|
||||
|
|
|
|||
|
|
@ -126,6 +126,7 @@ interface IVold {
|
|||
boolean supportsFileCheckpoint();
|
||||
void resetCheckpoint();
|
||||
|
||||
void earlyBootEnded();
|
||||
@utf8InCpp String createStubVolume(@utf8InCpp String sourcePath,
|
||||
@utf8InCpp String mountPath, @utf8InCpp String fsType,
|
||||
@utf8InCpp String fsUuid, @utf8InCpp String fsLabel, int flags);
|
||||
|
|
|
|||
2
vdc.cpp
2
vdc.cpp
|
|
@ -152,6 +152,8 @@ int main(int argc, char** argv) {
|
|||
checkStatus(args, vold->abortChanges(args[2], retry != 0));
|
||||
} else if (args[0] == "checkpoint" && args[1] == "resetCheckpoint") {
|
||||
checkStatus(args, vold->resetCheckpoint());
|
||||
} else if (args[0] == "keymaster" && args[1] == "early-boot-ended") {
|
||||
checkStatus(args, vold->earlyBootEnded());
|
||||
} else {
|
||||
LOG(ERROR) << "Raw commands are no longer supported";
|
||||
exit(EINVAL);
|
||||
|
|
|
|||
Loading…
Reference in a new issue