There's no reason for SELinux policy compiler to be accessible by
anybode other than root.
Test: Device boots -- secilc isn't used yet anyway
Bug: 31363362
Change-Id: I26cf34f1412b8dd471f79271c491b473617a6df6
During early mount property area is not initialized, and as a result an
'eng' build will always incorrectly be detected as a 'secure' build by
early mount code path resulting into verity error and consequent boot
loop.
The change here makes sure the is_device_secure() check works with /
without properties based on the 'eng' build based build flag so the
early mount code works fine both ways.
Bug: 35791581
Bug: 27805372
Test: Boot sailfish-{eng,userdebug} builds successfully w/ early
mount enabled
Change-Id: Icd101ccad56b669f49b60bbb3005d5be9f53b02b
Signed-off-by: Sandeep Patil <sspatil@google.com>
Current early mount has some hard-coded paths that are not easy to extend
when we switch verified boot to AVB (external/avb/libavb). This CL uses some
C++ containers to replace those fixed paths.
Bug: 33254008
Test: early mount /vendor with dm-verity on sailfish
Test: early mount /vendor without dm-verity on sailfish
Test: early mount /vendor with dm-verity on bullhead
Change-Id: I32a22fe486d7649e33bb23c9018ddc0428df6069
Treblization requires to locate partner-specific modules in its own
partition. So their own init.rc file could be located in /odm or
/vendor.
This CL is to support those locations for the init.rc.
Additionally thic CL modified import parser to support importing a
relative path.
Test: building succeeded and tested on sailfish with enabling early
mount.
Bug: 35269867
Change-Id: I1bce924a32c8a2b53fb5d981d35d758cf9ddd9a6
Bionic has <sys/endian.h>, glibc <endian.h>, and macOS and Windows have
nothing. This has often been annoying.
Bug: N/A
Test: new tests
Change-Id: I2a40c570df6a9bb30607ace1af653265938cc4b8
If Device tree values are read for comparison, they produce false
negatives with std::strings due to trailing '\0'. This change
consolidates the triming of trailing null into a single helper function
to be used everywhere fs_mgr reads DT values for comparison or other
reasons where it wishes to have the trailing null trimmed.
b/27805372
Test: Boot sailfish w/ early mount /vendor
Change-Id: If71efc830dc440323df764c7461867e71ed6515b
Signed-off-by: Sandeep Patil <sspatil@google.com>
Fixes the compatible check in fs_mgr_boot_config by consolidating the
check in a single privately exported function within fs_mgr (i.e.
is_dt_compatible()).
b/27805372
Test: Boot sailfish w/ early mount
Change-Id: Ie2d1646b81cf9eba8d16828ca8cf2c75156c294c
Signed-off-by: Sandeep Patil <sspatil@google.com>
Reapply of Icd5f39ae71b57167e9b2fe7ec09c5400bcb90e78 with
RefBase_test.cpp and Looper_test.cpp removed from mac builds.
Test: out/host/linux-x86/nativetest64/libutils_tests/libutils_tests
Test: out/host/darwin-x86/nativetest64/libutils_tests/libutils_tests
Change-Id: I5979b296a8500b5697d94d64fc441363047adcea
StrongPointer_test.cpp's Foo was colliding with RefBase_test.cpp's
Foo.
Test: out/host/linux-x86/nativetest64/libutils_tests/libutils_tests
from later CL
Change-Id: I2a4e956c88a07cec72d7ce734cf06c58134a4235
I385a05a3ca01258e44fe3b37ef77e4aaff547b26 broke Singleton in the
same way that 544e3e3606 had already
fixed once. Fix it again, the next CL will add tests.
This affected cases where two libraries referenced the same singleton,
the one that was supposed to define the singleton was already loaded,
and then the second library was dlopen'd.
Bug: 35674422
Test: out/host/linux-x86/nativetest64/libutils_tests/libutils_tests
from later CL
Change-Id: I87c64f95ed294a887e67a6c11be3072299789f01
verity toggle through adb failed to work for early mount due to fstab
entries being moved into kernel/dt. This change fixes that by using the
new fs_mgr_read_fstab_default() api that will make sure all fstab
entries (from dt as well as from /fstab.{ro.hardware}) are combined
before returning the fstab object.
b/27805372
Test: early mount /system and /vendor on angler.
- test adb disable-verity && adb root to ensure rebooted instance
doesn't have 'partition.system.verified' property set. i.e. verity is
indeed disabled.
- test adb enable-verity && adb root to ensure rebooted instance does
have 'partition.system.verified' property set, i.e. verity is enabled.
also verified by trying to do 'adb remount' which correctly warns about
verity
Change-Id: Iffdcc0a0b959a65c326219bd4e9e41cba9ec7c88
Signed-off-by: Sandeep Patil <sspatil@google.com>
With init parsing fstab fragments from kernel separately, the fs_mgr
would completely miss the device tree entries. That leads to things like
'adb remount' to go through without warning for verity even if /system
is verified. This happens because 'verity_update_state' completely
misses the partitions passed to android through the device tree.
solution is to teach fs_mgr about device tree fstab entries and add 2
new public APIs.
1. fs_mgr_read_fstab_dt() - reads device tree and returns fstab
generated from it.
2. fs_mgr_read_fstab_default() - reads both device tree fstab and
/fstab.{ro.hardware} and returns the combined table.
This also reduces the hardcoded /fstab.{ro.hardware} occurence only to
fs_mgr and for eveyone who wants to read the "default" fstab must be
changed to call fs_mgr_read_fstab_default() instead. e.g. adb.
b/27805372
Test: Angler was used since it has 2 early mounted partitions instead of
one. 1 verified and 1 unverified.
- Boot angler successfully without early mount
- Boot angler successfully with /vendor early mount and test if 'adb
remount' warns us about verity
- Boot angler successfully with both /system and /vendor early mounted
and ensure 'adb remount' warns us about verity.
- check partitions.system.verified status after /system early mount ot
ensure it is set to VERITY_MODE_DEFAULT.
- 'adb disable-verity' with early mounted /system doesn't work due to
missing changes in adb
TODO:
change adb to use the new fs_mgr_read_fstab_default() API
Change-Id: I82038d87c7a44488e938acce2cc1082c08f6f73a
Signed-off-by: Sandeep Patil <sspatil@google.com>
Bowgo Tsai