Increase early boot logging to kernel log

Make vold log warnings and errors to the kernel log until both
init_user0 has run and /data is mounted.  Previously it only logged
errors, and not warnings, to the kernel log until /data is mounted.

This is helpful to diagnose failures of init_user0, since adb still
isn't started by that point.

Also, error messages can be misleading without seeing related warning
messages, e.g. the following which is expected on many devices:

    E vold    : keystore2 Keystore generateKey returned service specific error: -67
    W vold    : Failed to generate rollback-resistant key.  This is
                expected if keystore doesn't support rollback
                resistance.  Falling back to non-rollback-resistant key.

Therefore, increase the log level to WARNING and above.

Test: Intentionally broke fscrypt_init_user0(), then verified that the
      error and warning messages appear in the kernel log on Cuttlefish.
Bug: 205314634
Bug: 222540970
Change-Id: Ia751f7c88cbf28caf81e891a518953cc0cee911e

FsCrypt.cpp

@@ -470,6 +470,8 @@ bool fscrypt_initialize_systemwide_keys() {
     return true;
 }
 
+bool fscrypt_init_user0_done;
+
 bool fscrypt_init_user0() {
     LOG(DEBUG) << "fscrypt_init_user0";
     if (fscrypt_is_native()) {
@@ -504,6 +506,7 @@ bool fscrypt_init_user0() {
         if (!try_reload_ce_keys()) return false;
     }
 
+    fscrypt_init_user0_done = true;
     return true;
 }
 

FsCrypt.h

@@ -22,6 +22,7 @@
 bool fscrypt_initialize_systemwide_keys();
 
 bool fscrypt_init_user0();
+extern bool fscrypt_init_user0_done;
 bool fscrypt_vold_create_user_key(userid_t user_id, int serial, bool ephemeral);
 bool fscrypt_destroy_user_key(userid_t user_id);
 bool fscrypt_add_user_key_auth(userid_t user_id, int serial, const std::string& secret);

main.cpp

@@ -16,6 +16,7 @@
 
 #define ATRACE_TAG ATRACE_TAG_PACKAGE_MANAGER
 
+#include "FsCrypt.h"
 #include "MetadataCrypt.h"
 #include "NetlinkManager.h"
 #include "VoldNativeService.h"
@@ -286,18 +287,24 @@ static void VoldLogger(android::base::LogId log_buffer_id, android::base::LogSev
                        const char* tag, const char* file, unsigned int line, const char* message) {
     logd_logger(log_buffer_id, severity, tag, file, line, message);
 
-    if (severity >= android::base::ERROR) {
+    if (severity >= android::base::WARNING) {
-        static bool is_data_mounted = false;
+        static bool early_boot_done = false;
 
-        // When /data fails to mount, we don't have adb to get logcat. So until /data is
+        // If metadata encryption setup (fscrypt_mount_metadata_encrypted) or
-        // mounted we log errors to the kernel. This allows us to get failures via serial logs
+        // basic FBE setup (fscrypt_init_user0) fails, then the boot will fail
-        // and via last dmesg/"fastboot oem dmesg" on devices that support it.
+        // before adb can be started, so logcat won't be available.  To allow
+        // debugging these early boot failures, log early errors and warnings to
+        // the kernel log.  This allows diagnosing failures via the serial log,
+        // or via last dmesg/"fastboot oem dmesg" on devices that support it.
         //
-        // As a very quick-and-dirty test for /data, we check whether /data/misc/vold exists.
+        // As a very quick-and-dirty test for whether /data has been mounted,
-        if (is_data_mounted || access("/data/misc/vold", F_OK) == 0) {
+        // check whether /data/misc/vold exists.
-            is_data_mounted = true;
+        if (!early_boot_done) {
-            return;
+            if (access("/data/misc/vold", F_OK) == 0 && fscrypt_init_user0_done) {
+                early_boot_done = true;
+                return;
+            }
+            android::base::KernelLogger(log_buffer_id, severity, tag, file, line, message);
         }
-        android::base::KernelLogger(log_buffer_id, severity, tag, file, line, message);
     }
 }