Current first stage mount only allows three mount points: system, vendor
and/or odm. This was introduced by project Treble to mount those
verified partitions early. However, there might be some other custom
partitions needs to be mounted early as well. This CL removes the
restriction and does first stage mount for whatever specified in
fstab-dt.
Bug: 62423887
Test: first stage mount /vendor with vboot 1.0
Test: first stage mount /vendor with vboot 2.0 (AVB)
Change-Id: I6c146c64e673c35c2823523ccbde193590430c48
Merged-In: I6c146c64e673c35c2823523ccbde193590430c48
(cherry picked from commit 06ed613e73)
Because the zram_size type is unsigned int.so if ZRAM size great
than 2^31 -1, zram_fp will receive a negtive integer, while the
ZRAM driver only accept natural number.We need to use printf
formatting %u instand of %d.
Test: 1. Config the zramdisk size 2348810240 and build a ramdisk
2. Reflash device and check below command:
$adb shell dumpsys meminfo
$ adb shell cat /sys/block/zram0/disksize
ZRAM info display will be abnormal
3. Config the zramdisk size 2348810240 and apply with this
patch.
4. Retest to step 2 and the ZRAM info will be ok.
Change-Id: I473de33fbd0b66cf13eac3172684e9fef11b6ef0
For an fstab entry in device tree, fs_mgr now honors the status property
as done by linux. i.e. the node (in this case, the fstab entry) is
enabled if status is not set, "ok" or "okay". For every other value, the
node is considered as disabled.
Merged-In: I5ff8f710de2c54afc76b4af28108ca9075357ad1
Bug: 62127741
Test: Test sailfish w/ no status property, result: boots
Test: Test with status = "disabled", result: skips mounting /vendor
Test: Test with status = "ok", result: boots
Change-Id: I5ff8f710de2c54afc76b4af28108ca9075357ad1
Signed-off-by: Sandeep Patil <sspatil@google.com>
(cherry picked from commit be4302bf58)
For an fstab entry in device tree, fs_mgr now honors the status property
as done by linux. i.e. the node (in this case, the fstab entry) is
enabled if status is not set, "ok" or "okay". For every other value, the
node is considered as disabled.
Bug: 62127741
Test: Test sailfish w/ no status property, result: boots
Test: Test with status = "disabled", result: skips mounting /vendor
Test: Test with status = "ok", result: boots
Change-Id: I5ff8f710de2c54afc76b4af28108ca9075357ad1
Signed-off-by: Sandeep Patil <sspatil@google.com>
fstab_rec.fs_options might be nullptr when printing error message.
Use android::base::StringPrintf() to '(null)' when needed.
Bug: 37759782
Test: Boot device and manaully trigger the output
Change-Id: I1bdf4ba57331aaea9dd5e790f6bf9d9b8bdc8b53
Merged-In: I1bdf4ba57331aaea9dd5e790f6bf9d9b8bdc8b53
(cherry picked from commit 59af33c9ed)
fstab_rec.fs_options might be nullptr when printing error message.
Use android::base::StringPrintf() to '(null)' when needed.
Bug: 37759782
Test: Boot device and manaully trigger the output
Change-Id: I1bdf4ba57331aaea9dd5e790f6bf9d9b8bdc8b53
In https://android-review.googlesource.com/#/c/392873/ we slightly
changed the libavb API. This CL updates fs_mgr to use the new API.
Bug: 38157502
Test: Manually tested.
Change-Id: I90484a3d045c9d51946c14e8136258d2f940da81
Current first stage mount for AVB requires specifying a common prefix of
by-name symlink for all AVB partitions. It limits all AVB partitions to be on
the same block device.
firmware {
android {
compatible = "android,firmware";
vbmeta {
compatible = "android,vbmeta";
parts = "vbmeta,boot,system,vendor";
by_name_prefix="/dev/block/platform/soc.0/f9824900.sdhci/by-name" <-- *removing this*
};
fstab {
compatible = "android,fstab";
vendor {
compatible = "android,vendor";
dev = "/dev/block/platform/soc.0/f9824900.sdhci/by-name/vendor";
type = "ext4";
mnt_flags = "ro,barrier=1,inode_readahead_blks=8";
fsmgr_flags = "wait,avb";
};
};
};
};
For normal mount with AVB, it extracts the by-name prefix of /misc
partition and use it as the prefix for all other partitions:
- /dev/block/platform/soc.0/f9824900.sdhci/by-name/misc ->
- /dev/block/platform/soc.0/f9824900.sdhci/by-name/vendor_a
Fix this by adding an internal map in FsManagerAvbOps to record the mapping
from partition name to its by-name symlink:
ByNameSymlinkMap["vendor_a"] = "/dev/block/platform/soc.0/f9824900.sdhci/by-name/vendor_a"
Two overloaded factory methods are then provided for FsManagerAvbUniquePtr:
- FsManagerAvbUniquePtr Open(ByNameSymlinkMap&& by_name_symlink_map):
for first stage mount, where the by-name symlink map will be
constructed externally, from the uevents processed by init, before
invoking this factory method.
- FsManagerAvbUniquePtr Open(const fstab& fstab): for normal mount,
where the by-name symlink map will be constructed from the input fstab
internally.
Bug: 37552224
Test: first stage mount /vendor with vboot 1.0
Test: first stage mount /vendor with vboot 2.0 (AVB)
Test: normal mount /vendor with vboot 2.0 (AVB)
Change-Id: Id17e8566da87ea22b8923fcd6e47db8d45bc7d6a
Merged-In: Id17e8566da87ea22b8923fcd6e47db8d45bc7d6a
(cherry picked from commit 20651f62d0)
AVB is going to support different modes to handle dm-verity errors.
See the following CL for more details:
- https://android-review.googlesource.com/#/c/392873/
The verity mode is controlled by bootloader through androidboot.veritymode in
kernel command line. fs_mgr should read the value from there and specify the
corresponding flag when loading dm-verity table into kernel.
Also removes some unused #include libraries.
Bug: 38157502
Test: Manually tested different dm verity modes:
- "restart_on_corruption" (androidboot.veritymode=enforcing)
- "ignore_corruption" (androidboot.veritymode=logging)
- None, default mode is EIO in kernel (androidboot.veritymode=eio)
Change-Id: I80e1e817a148b54fb67ba58112d376dc2cf37c98
In https://android-review.googlesource.com/#/c/392873/ we slightly
changed the libavb API. This CL updates fs_mgr to use the new API.
Bug: 38157502
Test: Manually tested.
Change-Id: Ia3371e11fcd81fcc1d147f030cd62af67943aad5
Current first stage mount for AVB requires specifying a common prefix of
by-name symlink for all AVB partitions. It limits all AVB partitions to be on
the same block device.
firmware {
android {
compatible = "android,firmware";
vbmeta {
compatible = "android,vbmeta";
parts = "vbmeta,boot,system,vendor";
by_name_prefix="/dev/block/platform/soc.0/f9824900.sdhci/by-name" <-- *removing this*
};
fstab {
compatible = "android,fstab";
vendor {
compatible = "android,vendor";
dev = "/dev/block/platform/soc.0/f9824900.sdhci/by-name/vendor";
type = "ext4";
mnt_flags = "ro,barrier=1,inode_readahead_blks=8";
fsmgr_flags = "wait,avb";
};
};
};
};
For normal mount with AVB, it extracts the by-name prefix of /misc
partition and use it as the prefix for all other partitions:
- /dev/block/platform/soc.0/f9824900.sdhci/by-name/misc ->
- /dev/block/platform/soc.0/f9824900.sdhci/by-name/vendor_a
Fix this by adding an internal map in FsManagerAvbOps to record the mapping
from partition name to its by-name symlink:
ByNameSymlinkMap["vendor_a"] = "/dev/block/platform/soc.0/f9824900.sdhci/by-name/vendor_a"
Two overloaded factory methods are then provided for FsManagerAvbUniquePtr:
- FsManagerAvbUniquePtr Open(ByNameSymlinkMap&& by_name_symlink_map):
for first stage mount, where the by-name symlink map will be
constructed externally, from the uevents processed by init, before
invoking this factory method.
- FsManagerAvbUniquePtr Open(const fstab& fstab): for normal mount,
where the by-name symlink map will be constructed from the input fstab
internally.
Bug: 37552224
Test: first stage mount /vendor with vboot 1.0
Test: first stage mount /vendor with vboot 2.0 (AVB)
Test: normal mount /vendor with vboot 2.0 (AVB)
Change-Id: Id17e8566da87ea22b8923fcd6e47db8d45bc7d6a
Should set verity mode to VERITY_MODE_DEFAULT when
androidboot.veritymode=enforcing.
Bug: 38103331
Test: `adb shell getprop partition.system.verified` returns 2 when veritymode=enforcing
Test: `adb shell getprop partition.vendor.verified` returns 2 when veritymode=enforcing
Change-Id: I2f34eb6509f91989ce726e540cf2c0d353347ede
Current AVB flow in fs_mgr doesn't allow verification error even if the
device is unlocked. This makes first stage mount fail when the device
is flashed with a different-sized boot.img because there is verification
error (HASH_MISMATCH) for the boot partition.
Fix this by allowing verification error only when the device is
unlocked. Whether to enable dm-verity for HASHTREE partitions is still
controlled by the HASHTREE_DISABLED flag in the top-level vbmeta.
Bug: 37985430
Test: First stage mount /vendor with AVB on a device.
Check dm-verity is enabled on /vendor.
Test: Unlock device, flash a different-sized boot.img. Boot device and check
dm-verity is still enabled on /vendor.
Test: First stage mount /vendor with AVB on a device with HASHTREE_DISABLED
is set on the top-level vbmeta, check dm-verity is not enable on /vendor.
Change-Id: I709431bc1c37e4f86133d171cee8e90621cdb857
Merged-In: I709431bc1c37e4f86133d171cee8e90621cdb857
(cherry picked from commit 1140954877)
Current AVB flow in fs_mgr doesn't allow verification error even if the
device is unlocked. This makes first stage mount fail when the device
is flashed with a different-sized boot.img because there is verification
error (HASH_MISMATCH) for the boot partition.
Fix this by allowing verification error only when the device is
unlocked. Whether to enable dm-verity for HASHTREE partitions is still
controlled by the HASHTREE_DISABLED flag in the top-level vbmeta.
Bug: 37985430
Test: First stage mount /vendor with AVB on a device.
Check dm-verity is enabled on /vendor.
Test: Unlock device, flash a different-sized boot.img. Boot device and check
dm-verity is still enabled on /vendor.
Test: First stage mount /vendor with AVB on a device with HASHTREE_DISABLED
is set on the top-level vbmeta, check dm-verity is not enable on /vendor.
Change-Id: I709431bc1c37e4f86133d171cee8e90621cdb857
- It was using blk dev name from fstab and quota / super block check was always
failing for FDE
bug: 37913441
Test: reboot and confirm quota
(cherry picked from commit 9519688411)
Change-Id: Id5613387924d3a8d9ed4486113654aed89184af9
- It was using blk dev name from fstab and quota / super block check was always
failing for FDE
bug: 37913441
Test: reboot and confirm quota
Change-Id: I8a9e890ef2787f2959e6a0225c6b21d35602f19e
In a A/B device, system partition is mounted by kernel as root.
In vboot 1.0, the dm device name of system partition is "system" with
the following configuration in kernel command line:
- dm="system none ro,0 1 android-verity /dev/sda34"
In AVB, the dm device name is switched to vroot as:
- dm="1 vroot none ro 1,0 5201456 verity 1 ..."
When sending ioctl DM_TABLE_STATUS to query status, we should use "vroot" as the
dm device name for AVB. But still pass "system" for the callback function to set
property [partition.system.verified] instead of [partition.vroot.verified].
Bug: 36900078
Test: Use AVB to mount system in a A/B device, checks the property exists
[partition.system.verified]
Test: Use vboot 1.0 to mount system in a A/B device, checks the property exists
[partition.system.verified]
Test: Checks 'adb remount' will output warning message:
- dm_verity is enabled on the system and vendor partitions.
- Use "adb disable-verity" to disable verity.
Change-Id: Iaee7eb2b00b03729bc07fa24f1b449488716d2ea
Merged-In: Iaee7eb2b00b03729bc07fa24f1b449488716d2ea
(cherry picked from commit 48fdc292f9)
This ensures that future operations (e.g. function pointers in the
AvbOps struct) added to AvbOps are set to NULL.
Bug: 37709309
Test: Manually tested on UEFI-based bootloader.
Change-Id: If83ea57b7abad94e472768c594efa210e3351a4d
Bowgo Tsai