This reverts commit bda6272446.
The original fix seems to have led to boot failures in QA. Rather than
risk shipping, revert the change. Bug 18764230 reopened.
Requires change
https://googleplex-android-review.git.corp.google.com/#/c/629764/
Bug: 19278390
Bug: 19199624
Change-Id: I8b6ab585666f2b0f585ffb2a5f61ac2e3462e06e
Don't silently ignore umount errors. At a minimum, log them.
Add strerror(errno) to another umount call, to make sure we get
some actionable data.
check_fs: try 5 times umounting the filesystem. It appears that
the umount is failing, perhaps because some service is opening
the file on the device or other error. Try unmounting it multiple
times in case it's a transient problem and we can recover.
Bug: 19199624
Bug: 19156134
Change-Id: I7213eb52d55116fb2419a36494d26d5e159981a7
Delay mounting encryptable but unencrypted volumes until we can
check the ro.vold.forceencrypt flag, then optionally encrypt.
Requires matching vold change from
https://googleplex-android-review.git.corp.google.com/#/c/615309/
Bug: 18764230
Change-Id: If22008be8de6a4f3216b349f81ace49be1730314
This allows a vendor to force encryption on devices via a vendor
partition flag:
ro.vold.forceencryption 1
Bug: 18764230
Change-Id: Id0049ce64e34e4f6f96e593aadd70c277ac131c8
When mounting fstab entries it is practical to be able to specify
for example LABEL=data instead of a specific block device.
This is particularly important for the new Android Emulator code base,
which uses virtio block devices for the various partitions
(system,data,cache), because there is no defined ordering between the
way the filesystems are specified to the emulator and how they are
enumerated by the android kernel as /dev/vdX.
Change-Id: I7aef95f12e8f7b02ac2e33804ba7897fdcb9ad7f
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
Delay mounting encryptable but unencrypted volumes until we can
check the ro.vold.forceencrypt flag, then optionally encrypt.
Requires matching vold change from
https://googleplex-android-review.git.corp.google.com/#/c/615309/
Bug: 18764230
Change-Id: If22008be8de6a4f3216b349f81ace49be1730314
When mounting fstab entries it is practical to be able to specify
for example LABEL=data instead of a specific block device.
This is particularly important for the new Android Emulator code base,
which uses virtio block devices for the various partitions
(system,data,cache), because there is no defined ordering between the
way the filesystems are specified to the emulator and how they are
enumerated by the android kernel as /dev/vdX.
Change-Id: I12c3db0ba6a515dc8e917e0349afd257888d3aef
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
This allows a vendor to force encryption on devices via a vendor
partition flag:
ro.vold.forceencryption 1
Bug: 18764230
Change-Id: Id0049ce64e34e4f6f96e593aadd70c277ac131c8
If the system partition is larger than 2G, the device fails to read
verity metadata, because fseek accepts only a 32-bit signed offset.
Switch from fseek to lseek64 to allow seeking using a 64-bit offset,
which solves the problem. At the same time, move away from stdio in
the function.
(cherry-pick of 4cafe2ff89b49329e0e880900195d8e061bd3750.)
Bug: 17705619
Change-Id: I226320498dcb750ec6cde84411c7fe0774c9cab7
This reverts commit 152d2d4234.
Fixed build error, and also fixed memory leak spotted from warning.
(cherry-pick of bbb36319119edde9377fb80015235893c30d2bc9.)
Bug: 17691572
Change-Id: I23b5ba537f7b557432041d4338b38b9be434e981
The return value of read_verity_metadata is propagated to caller
even if the verity metadata is invalid, provided that it can be
read from the device. This results in devices with invalid verity
metadata signatures to be mounted normally, which is not desirable.
This change fixes the bug by changing the return value in case of
verification failure to FS_MGR_SETUP_VERITY_FAIL.
Bug: 15984840
Bug: 18120110
Change-Id: Ic29f37a23cb417c2538d60fb05de9dd310d50f4a
(cherry picked from commit c95e9da396)
If the system partition is larger than 2G, the device fails to read
verity metadata, because fseek accepts only a 32-bit signed offset.
Switch from fseek to lseek64 to allow seeking using a 64-bit offset,
which solves the problem. At the same time, move away from stdio in
the function.
Bug: 17705619
Change-Id: I226320498dcb750ec6cde84411c7fe0774c9cab7
This reverts commit 152d2d4234.
Fixed build error, and also fixed memory leak spotted from warning.
Bug: 17691572
Change-Id: I23b5ba537f7b557432041d4338b38b9be434e981
Build is broken.
system/core/fs_mgr/fs_mgr_verity.c: In function 'fs_mgr_setup_verity':
system/core/fs_mgr/fs_mgr_verity.c:103:20: error: 'verity_table_signature' may be used uninitialized in this function [-Werror=maybe-uninitialized]
if (!RSA_verify(key,
^
system/core/fs_mgr/fs_mgr_verity.c:374:11: note: 'verity_table_signature' was declared here
char *verity_table_signature;
^
cc1: all warnings being treated as errors
make: *** [out/target/product/minnow/obj/STATIC_LIBRARIES/libfs_mgr_intermediates/fs_mgr_verity.o] Error 1
make: *** Waiting for unfinished jobs....
This reverts commit d4cea0bc16.
Change-Id: I6862cc79ef9d944a2472b6fb2e46dae514cea8ce
Clang compiler is picky about partial initialization and
here we only need to initialize the 'len' field.
BUG: 17410010
Change-Id: I718582cef96d5f4076b5ff1c7b8162327e7809b6
If the encryptable partition is wiped (4KB worth of 0 or 0xff),
then reboot into recovery to format /data+/cache
This is while waiting for the Mac OS support to format f2fs.
The flashstation running on Mac OS will currently just erase userdata
and not format it with f2fs.
Bug: 15720406
Bug: 15747366
Change-Id: Ib7cca3e1701483a09573457a835750f34da71ee0
Bill Yi