Commit graph

5815 commits

Author SHA1 Message Date
Jooyung Han
64d727c503 Use /data/misc/apexdata for the list of APEXes
vold_prepare_subdirs should create apexdata directories for each APEX.
Previously, it gets the list by scanning /apex directory. However,
vold/vold_prepare_subdirs run in the bootstrap mount namespace, they can
see only bootstrap apexes in /apex. The reason why it worked was that
unintended side effects of how we managed /apex directory for both mount
namespace.

Instead, since apexdata directories are already populated by init in
/data/misc/apexdata, we can use that directory for the same purpose.

Bug: 295345486
Test: CtsPackageSettingHostTestCases
Change-Id: I453cd59f54ccbb140f73b5e8576b36fa49f9bc59
2023-08-12 01:05:53 +09:00
Jooyung Han
6d07925510 Revert "Use apexservice to get the list of apexes"
Revert submission 2685449-apexdata-dirs

Reason for revert: b/295345486 performance regression.

Reverted changes: /q/submissionid:2685449-apexdata-dirs

Bug: b/295345486
Test: n/a
Change-Id: I710a416398148b544635e32e6b8066fb0560171f
2023-08-12 00:45:30 +09:00
Jooyung Han
d54caf0598 Merge "Use apexservice to get the list of apexes" into main 2023-08-09 06:37:02 +00:00
David Anderson
1d0290c4fb Merge "vold: fix idlemaint abort may hold the wakelock" into main 2023-08-03 22:28:28 +00:00
Jooyung Han
443a73b100 Use apexservice to get the list of apexes
In this change, the logic to get the list of apexes is replaced with
the query to apexservice, which is the source of truth. This dedups
the manual scanning of /apex for the apex list, which should be
internal to apexd. (Note how vold_prepare_subdirs filtered out
directories with "@" character).

This also makes vold_prepare_subdirs immune to the upcoming changes:
/apex directory containing only bootstrap APEXes in the bootstrap NS.

Until now, getting the list of apexes by scanning /apex was okay
because of the accidental fact that /apex directory has directories
for all the apexes, not only bootstrap apexes.

Bug: 293949266
Bug: 293546778
Test: CtsPackageSettingHostTestCases
Change-Id: I3fe373ca6f4c2281439bb2449845a1a14357131e
2023-08-01 10:51:49 +00:00
Ryan Prichard
c2b3fefa01 Merge "Add a ZeroingAllocator::rebind<Other> for Other==char" into main 2023-07-25 23:32:50 +00:00
Ryan Prichard
4c513f2c7e Add a ZeroingAllocator::rebind<Other> for Other==char
Newer versions of libc++ check that an allocator can be rebound to the
same element type. We need to add a rebind member to ZeroingAllocator
to fix this compiler error:

prebuilts/clang/host/linux-x86/clang-r498229/include/c++/v1/vector:376:19: error: static assertion failed due to requirement 'is_same<android::vold::ZeroingAllocator, std::allocator<char>>::value': [allocator.requirements] states that rebinding an allocator to the same type should result in the original allocator
    static_assert(is_same<allocator_type, __rebind_alloc<__alloc_traits, value_type> >::value,
                  ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

It likely doesn't matter in practice because this allocator is only
used with std::vector, which probably doesn't use allocator rebinding,
because it won't allocate an internal node type (e.g. unlike std::map,
std::list, etc).

Alternatively, ZeroingAllocator could be changed to a
ZeroingAllocator<T> that can zero arbitrary types, but it doesn't seem
necessary currently, and types other than char wouldn't be used.

Bug: b/175635923
Test: treehugger
Change-Id: I42e9d8f02a18637fc67e94cc1358d2ed733a7268
2023-07-24 21:36:32 -07:00
Li Chong
5b224dc337 vold: fix idlemaint abort may hold the wakelock
when the idlemaint run is working, if two or more idlemaint abort concurrency are working.
all idlemaint abort will hold the wakelock, until idlemaint run finished,
but it just nofity one idlemaint abort thread to stop and release the wakelock.
Remaining idlemaint abort threads will hold the wakelock until next idlemaint run to notify them.

Bug: 292383791
Test: see the issue Description

Change-Id: I5312be2e0e92c41483cab26e627a4ae562e5aed8
2023-07-24 15:23:30 +08:00
Martijn Coenen
c7bed872c0 Merge "SM: Change volume mountUserId for new user" into main 2023-07-17 08:05:33 +00:00
Arnab Sen
f96d81f5cd SM: Change volume mountUserId for new user
When a volume is ejected from a user but not removed from the device
and mounted again by calling StorageManager#mount, the volume is
mounted for the user from which it was last ejected. This causes the
path of the mounted volume to be inaccessible to the current user.

Whenever StorageManager#mount is called, check if the
VolumeInfo#mountUserId is same as the current userId maintained by
StorageManagerService, if it is not, change the mountUserId for the
Volume to the current userId known to StorageManagerService if it
is not the primary volume and the volume is visible.
This change also fixes a bug where the volumes are unmounted for the
wrong user which causes StorageSessionController go out of sync
which would cause errors during mounting the volumes again as it
maintains sessions per user. The bug also caused volume event
broadcasts to be sent to wrong user handles. To solve the issue
add an extra paramter in IVoldListener#onVolumeStateChanged for userId
which will update the copy which is used for informing
StorageSessionController and also for sending broadcasts.

Test: Perform the following steps:
1. Format SD Card as portable storage in system user.
2. Eject the SD Card from Storage Settings.
3. Switch to a non-system user
4. Mount the SD Card again.
5. Check that the Storage Summary is shown correctly instead
   of 0B out of 0B.
Also, checked from the logs the volume state broadcasts are sent to
the correct user handles.

Change-Id: I60b8954cdaee4a54ea6a6299fe5ddda2006faf1c
2023-07-14 09:55:37 +00:00
Treehugger Robot
50d89e6351 Merge "Remove dead code from fs_mgr" 2023-06-23 20:07:09 +00:00
Paul Lawrence
997e9bbc18 Remove dead code from fs_mgr
Test: Compiles
Change-Id: I644cfe58fdf87fbb88a85953f1450efb8b99baab
2023-06-23 09:28:18 -07:00
Treehugger Robot
4bc9e2517b Merge "Don't Skip Checkpointing for F2fs" 2023-06-22 23:28:01 +00:00
Daniel Rosenberg
5d1d945b56 Don't Skip Checkpointing for F2fs
"Do not reboot with commit failure when ext4 userdata is wiped" has
caused a regression in cuttlefish on f2fs. Overlay.img rapidly grows to
the full userdata size. This updates that CL to only affect partitions
marked for block based checkpointing.

Test: Boot Cuttlefish, monitor overlay.img for 5 minutes
Bug: 285019395
Change-Id: I8aa37a97e847960afe8b368090a86c8835e6ca9e
2023-06-21 18:56:29 -07:00
Eric Biggers
55593258ac Merge "Remove write permission from file mode of top-level user dirs" am: c73150307a
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2617599

Change-Id: I05ddef6a233b326b44d1de36c1a3aeecba1c7b67
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-06-20 17:54:45 +00:00
Eric Biggers
c73150307a Merge "Remove write permission from file mode of top-level user dirs" 2023-06-20 17:15:24 +00:00
Eric Biggers
01ca68c4f8 Merge "Move encrypted directories into place already-encrypted" am: ec6e52aadc
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2620092

Change-Id: I0937a39d1b09ef4201b9c194543890685784fc77
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-06-13 22:40:35 +00:00
Eric Biggers
ec6e52aadc Merge "Move encrypted directories into place already-encrypted" 2023-06-13 22:11:39 +00:00
Eric Biggers
714b99d9da Remove write permission from file mode of top-level user dirs
https://r.android.com/2620458 is removing the write mode bit from the
top-level user directories on internal storage, in order to make the DAC
consistent with the SELinux policy.

This commit makes the corresponding change to adoptable storage.

Bug: 285239971
Test: sm set-virtual-disk true; sm partition disk:7,392 private
Change-Id: I17dfbe10909b34c2046a4d5b4ffd7764d5ae083b
2023-06-08 22:16:25 +00:00
Eric Biggers
c6f004a9c4 Move encrypted directories into place already-encrypted
Even after having changed the SELinux policy to remove system_server's
permission to create directories like /data/system_ce/10, there's still
a very small loophole where system_server can create a subdirectory
after vold creates the directory but before vold assigns an encryption
policy to it.  This isn't known to have actually happened (b/285239971
was a candidate, but it seems to have actually been caused by SELinux
being in permissive mode), but it's theoretically possible.

Close this loophole by making vold create encrypted directories under
temporary names and move them into place once they are fully prepared.

Bug: 156305599
Bug: 285239971
Test: Cuttlefish boots, and can be rebooted.
Change-Id: I53407c938bab02ab4b7e5bab8402f36eb47fb203
2023-06-08 22:08:09 +00:00
Treehugger Robot
f4ae30da97 Merge "vold: move some libs from shared to static" am: 39f11368a5
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2598907

Change-Id: I237a3145216534a9c2e601e5c5606bbc87ea68eb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-05-23 17:11:46 +00:00
Treehugger Robot
39f11368a5 Merge "vold: move some libs from shared to static" 2023-05-23 16:33:31 +00:00
Devin Moore
965d67ce6f vold: move some libs from shared to static
These libraries are only used by vold on a device and gain no
benifit from being included as shared libraries.

Moving them to static saves disk space, memory, and cpu cycles from the
dynamic linker.

Checking on cuttlefish accross 3 reboots:
This saves 613827 bytes of storage from the installed-files, 44KB of
private dirty memory, 172KB of PSS when only looking at the
libraries, and 155KB of PSS when looking at libraries and heap/stack
with shomap.

go/shared-to-static for more info on how this was determined.

Test: m
Bug: 280829178

Change-Id: I29af66dd66f4087ff1820ca661dc6dc2ace841fc
2023-05-23 00:37:02 +00:00
Pawan Wagh
b7792484f1 Merge "Disable leak detection in vold fuzzer" am: a3e128a868
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2577820

Change-Id: I6d93f475f686d817fc847cced4e8164a921bf32c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-05-08 23:06:22 +00:00
Pawan Wagh
a3e128a868 Merge "Disable leak detection in vold fuzzer" 2023-05-08 22:53:03 +00:00
Pawan Wagh
e7b16911cb Disable leak detection in vold fuzzer
Bug: 278100447
Bug: 277650211
Test: m vold_native_service_fuzzer
Change-Id: I90ecbdadde5bfcdc967d8b5b750f0e551f30acb0
2023-05-05 23:57:13 +00:00
Treehugger Robot
3741a1635b Merge "[vold] Add mount lazy if forcemount fail." am: 823898eca3
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1764385

Change-Id: If915976e128592cd93e0b7fdde4f9768f6155d1a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-04-25 11:09:13 +00:00
Treehugger Robot
823898eca3 Merge "[vold] Add mount lazy if forcemount fail." 2023-04-25 10:32:16 +00:00
Steven Moreland
e9eee2b50e Merge "Explicit init .rc user." am: 6c8b6e1651 am: 0b6dd2c641
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2530203

Change-Id: I323939dd2d50c62797603e2dc5c1848c61231bd8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-04-12 02:44:20 +00:00
Steven Moreland
0b6dd2c641 Merge "Explicit init .rc user." am: 6c8b6e1651
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2530203

Change-Id: I6a4938c8ea0918f8421d92e6d82d6b9d3c5dfeed
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-04-12 02:12:34 +00:00
Steven Moreland
6c8b6e1651 Merge "Explicit init .rc user." 2023-04-11 21:33:30 +00:00
Steven Moreland
0eff1d2890 Explicit init .rc user.
Set the user explicitly.

Bug: 276813155
Test: boot
Change-Id: I54c14c47a3435d72e00280cf663f23ffbb9659ee
2023-04-10 20:54:26 +00:00
Daeho Jeong
d4680bb584 Merge "vold: fix write kbytes handling" am: 13a57d2a26 am: 486c3507fb
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2507268

Change-Id: I697ba818c7399584b81c831eb14a8a4d55be7cee
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-03-28 21:11:18 +00:00
Daeho Jeong
486c3507fb Merge "vold: fix write kbytes handling" am: 13a57d2a26
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2507268

Change-Id: I0ea8d3eb6fe49612077a23b30a5fce5a7627a871
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-03-28 20:40:45 +00:00
Daeho Jeong
13a57d2a26 Merge "vold: fix write kbytes handling" 2023-03-28 20:15:53 +00:00
Daeho Jeong
dd08c52eb8 vold: fix write kbytes handling
Since Android platform codespace doesn't support exception handling, we
use strtoll() instead of stoll for direct error handling.

Bug: 274369737
Test: check smart idle maintenace service log
Change-Id: I57c709b1e329228790e0a883edb64dc023135a24
2023-03-27 18:19:18 -07:00
Nathan Huckleberry
e828c966e3 [automerger skipped] Clean up potential busy files after key eviction. am: 759ac5f87c -s ours
am skip reason: Merged-In I9e39e5bb0f5190284552bcd252b6213a22a51e91 with SHA-1 a21962b207 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/21649087

Change-Id: I16aa0e7cfe276c918affdbddc58e593e2f1c2eeb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-03-17 00:26:48 +00:00
Pawan Wagh
0d069ca15a Merge "Set sehandle in voldFuzzer" am: c1572fe8cf am: b43fe97e5a
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2492755

Change-Id: Ic386ce0bc09e0b0cafdce9c612a278aff6fccb36
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-03-16 08:47:39 +00:00
Pawan Wagh
b43fe97e5a Merge "Set sehandle in voldFuzzer" am: c1572fe8cf
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2492755

Change-Id: I60003de6b4df333663c168483acc5d967c16dd84
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-03-16 08:10:28 +00:00
Pawan Wagh
c1572fe8cf Merge "Set sehandle in voldFuzzer" 2023-03-16 07:28:40 +00:00
Pawan Wagh
25effc38ff Set sehandle in voldFuzzer
Bug: 271649747
Test: m vold_native_service_fuzzer && adb sync && adb shell data/fuzz/x86_64/vold_native_service_fuzzer/vold_native_service_fuzzer
Change-Id: I55a17ffd631b0b85e2fc049bffe9a91623699e64
2023-03-15 20:54:42 +00:00
Eric Biggers
2ef1832ac4 Merge "Avoid error message when destroying key w/o secdiscardable file" am: dc262c27f0 am: 60c71b9950
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2470460

Change-Id: I3c1ccbf5a48de8281db1244471f40831e32decbe
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-03-04 07:16:23 +00:00
Eric Biggers
60c71b9950 Merge "Avoid error message when destroying key w/o secdiscardable file" am: dc262c27f0
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2470460

Change-Id: I0259a28cc469a98149512f258751771f09112fda
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-03-04 06:30:21 +00:00
Eric Biggers
dc262c27f0 Merge "Avoid error message when destroying key w/o secdiscardable file" 2023-03-03 22:14:58 +00:00
Eric Biggers
73e2936fc2 Avoid error message when destroying key w/o secdiscardable file
Since commit 08f4bdfe98 ("Don't use a secdiscardable file for keys
encrypted by SP") (https://r.android.com/2242561), some keys don't use a
secdiscardable file.  Currently if such a key is destroyed, an ERROR
message like the following is logged:

    E secdiscard: Secure discard open failed for: /data/misc/vold/user_keys/ce/14/current/secdiscardable

This case is expected, so it should not be an ERROR.  Fix this by only
passing the secdiscardable file to the secdiscard program if it exists.

Bug: 232452368
Change-Id: I490289dfdaf0db6c3f4fb507509095e0033e2f69
2023-03-03 19:51:36 +00:00
Eric Biggers
44d3181bc5 Merge "Check for SELinux labelling errors" am: 826eef6b33 am: 0c7abb02e5
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2465051

Change-Id: I25c3b804e4e4814a357d8428231c42a33a5f01d8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-03-02 19:49:30 +00:00
Eric Biggers
0c7abb02e5 Merge "Check for SELinux labelling errors" am: 826eef6b33
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2465051

Change-Id: I55ae26d92455278fb9e687571392083c5859e4d9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-03-02 19:14:42 +00:00
Eric Biggers
826eef6b33 Merge "Check for SELinux labelling errors" 2023-03-02 18:35:16 +00:00
Eric Biggers
c7c4f5a902 Check for SELinux labelling errors
It's essential that files created by vold get the correct SELinux
labels, so make sure to check for errors when setting them.

ENOENT (no label defined) is expected on some files such as
/mnt/appfuse/*, so allow ENOENT but log a DEBUG message.

This will help debug b/269567270.  This is not a fix for b/269567270.

Bug: 269567270
Test: Created user and checked SELinux labels of user's directories
Test: atest CtsBlobStoreHostTestCases
Change-Id: Ife005bdd896952653943c57336deb33456f7c5d8
2023-03-01 22:11:29 +00:00
Austin Delgado
edb3220e2b Merge "Revert "Strictly check for SELinux labelling errors"" am: 545f0ab758 am: 9a4265cc20
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2461593

Change-Id: Ia7bd2386936b722f2c4effa3f2615caa11918353
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-02-28 23:41:28 +00:00