Now that update_engine is responsible for initiating the
merge, WaitForMerge function becomes useless.
Bug: 147696014
Test: compiles
Change-Id: I3779bdf9dd8d1716238e21d09acf0499e3fc90a3
Merged-In: I3779bdf9dd8d1716238e21d09acf0499e3fc90a3
In CheckMergeState / HandleCancelledUpdate, if removing update state
fails, just return the previous state. It used to return Cancelled,
and the error goes unnoticed.
Test: pass
Bug: 147696014
Change-Id: I9cb3d20c5c886afa1913740c903eaad08f0cc041
Merged-In: I9cb3d20c5c886afa1913740c903eaad08f0cc041
If updated then immediately flashed target slot at unverified
stage, update_engine attempts to call RemoveAllSnapshots, but
it used to fail because unmapping fails. In reality, these devices
are dm-linear targets, so unmapping them is optional.
- Introduce a GetSnapshotFlashingStatus function that expose more
information than AreAllSnapshotsCancelled. We can use the returned
map<string, bool> to determine whether a partition is flashed or
not.
- Introduce ShouldUnmapDeleteSnapshot which determines whether
unmapping / deleteting a snapshot is needed in RemoveAllSnapshots.
Test: apply OTA, flash target slot, then inspect logs
Bug: 147696014
Change-Id: I0853d1e213566af2a3401e46fac7d9586cee7aaf
Merged-In: I0853d1e213566af2a3401e46fac7d9586cee7aaf
If rollback is detected in ProcessUpdateState, call
RemoveUpdateState and return UpdateState::Cancelled. Now that
update_engine is reponsible for initiating the merge, it can react to
this state and clean up markers appropriately.
Test: libsnapshot_test
Test: apply OTA, manually rollback (by setting the active slot), then
inspect /metadata/ota as well as /data/misc/update_engine/prefs.
Bug: 147696014
Change-Id: Ibfee11fb50e4f4fb7c6cf02b4921b35e77b8f5a5
Merged-In: Ibfee11fb50e4f4fb7c6cf02b4921b35e77b8f5a5
Init skips first stage mount entirely in recovery, so
the check is useless. Also, __ANDROID_RECOVERY__ is always
set for first stage init.
Also add logs if rollback indicator is set.
Fixes: 149956852
Test: apply OTA, manually rollback, reboot, see rollback indicator
Change-Id: Iac967baf4b51ea5ce9f6eb962a33cb7ee5819c1d
Merged-In: Iac967baf4b51ea5ce9f6eb962a33cb7ee5819c1d
Change callback type of ProcessUpdateState to bool() so that, when callback
returns false, immediately returns Merging.
Test: libsnapshot_test
Bug: 147696014
Change-Id: I9dcb8e1658b95216c0f1991e2e4c1ea2e7e7b2e5
Merged-In: I9dcb8e1658b95216c0f1991e2e4c1ea2e7e7b2e5
These functions are used directly in update_engine now that
it is responsible for initiating the merge. update_engine has
its own message loop, so WaitForMerge / InitiateMergeAndWait
becomes useless and are deprecated.
Bug: 147696014
Test: compiles
Change-Id: Id8cb14f5f18b4893e2fc3d0d2b374a867a220e6f
Merged-In: Id8cb14f5f18b4893e2fc3d0d2b374a867a220e6f
Add an optional prolog arg (function<bool()>) that is invoked
before snapshots are deleted and update state set to none.
This allows update_engine to delete markers before deleting snapshots
to avoid depending on the erroneous markers. Otherwise, if update_engine
delete markers after libsnapshot deletes update states, the device could
technically get into a state where update_engine thinks the update has
been applied, but snapshots are gone.
Bug: 147696014
Test: libsnapshot_test
Change-Id: I71bfc04a81ea4f94b3072558be50d2f80565113e
Merged-In: I71bfc04a81ea4f94b3072558be50d2f80565113e
update_engine is now responsible for initiating the merge. snapshotctl
becomes a debugging tool for libsnapshot now.
Bug: 147696014
Test: libsnapshot_test
Change-Id: Ia2527a35e0c0f0789dbe5c477e174663ef406903
Merged-In: Ia2527a35e0c0f0789dbe5c477e174663ef406903
Enable the --report flag in init rc script to collect and send snapshot
merge statistics after OTA.
Bug: 138817833
Test: statsd_testdrive
Change-Id: Ie32a2c6d7d1671ca2b1846c6a8d33cea2ab22a4c
Signed-off-by: Alessio Balsini <balsini@google.com>
Merged-In: Ie32a2c6d7d1671ca2b1846c6a8d33cea2ab22a4c
Some tests were temporarily disabled due to errors in Cuttlefish.
Now that the issues were fixed, the tests can be put back in presubmit.
Bug: 148889015
Test: vts_libsnapshot_test (Cuttlefish + Pixel 4)
Signed-off-by: Alessio Balsini <balsini@google.com>
Change-Id: Idcb2b7831b2183b2d734bdf8821fd34746f2beee
Merged-In: Idcb2b7831b2183b2d734bdf8821fd34746f2beee
The symbols are provided by libfs_mgr_binder.
Bug: 149942628
Test: snapshotctl builds
Merged-In: Ie4313c7add5c71bb9614a4d97eec41329425f23d
Change-Id: Iac986bcaaf4a8738b2938c6f95569eb8f5154805
fs-verity is required for new devices launched with R. This change
remove a manual setup for vendors going forward. The original fs mgr
flag still allows old devices to opt in, which can only to be done
manually because of kernel dependency.
Test: build
Bug: 150034150
Change-Id: I152b63d7889153d41f29677f72074afb1881b65d
Merged-In: I152b63d7889153d41f29677f72074afb1881b65d
EXT4_FEATURE_INCOMPAT_CASEFOLD is a flag in s_feature_incompat, not in
s_feature_ro_compat.
Bug: 138322712
Test: Treehugger
Change-Id: I07bb1d2b818d423196d8ceebda8900a8adbb19e9
Merged-In: I07bb1d2b818d423196d8ceebda8900a8adbb19e9
The Resume() operation is supposed to increment the resume counter, but
the updated counter value was not written to the device.
Fix by adding the write operation and refactoring the code.
Bug: none
Test: m
Change-Id: I3fffd61cc779c59e2780900809f0ce0b84258e78
Signed-off-by: Alessio Balsini <balsini@google.com>
Change metadata_cipher fstab option to metadata_encryption
that includes encryption flags in addition to the cipher.
wrappedkey_v0 encryption flag is used to denote that the
inline encryption hardware supports wrapped keys. dm-default-key
device is created and a wrappedkey is provided along with the
optional wrappedkey_v0 argument.
Bug: 147733587
Test: FBE validation with Fscrypt v2 + inline crypt + wrapped
key changes kernel and metadata encryption with wrapped key.
Change-Id: Id1a18db175680dd6b0adb4594d06566eb1285785
This test was causing the failure of vts_libsnapshot_test.
Disable until a fix is found and tests are stable again.
Bug: 149738928
Test: atests vts_libsnapshot_test
Change-Id: Ibbe5cd72aad93d9ade4ac1542f08dec9cd926a3b
Signed-off-by: Alessio Balsini <balsini@google.com>
Add the --report flag to spshotctl to submit Android metrics on the final state
of the snapshot merge operation, the duration if the merge is completed in a
single session, or the number of reboots that happened before completing the
merge.
Bug: 138817833
Bug: 148138124
Test: m + OTA + statsd_testdrive
Change-Id: Id657f33963bb9926553fa6eeb1721a5229f11e87
Signed-off-by: Alessio Balsini <balsini@google.com>
The SnapshotMergeStats class is issued by SnapshotManager to track the
merge duration and possible reboots during the merge process.
Bug: 138817833
Test: m
Change-Id: I04e53bb8f6aa9e740c0dcc77c3a9566383954fba
Signed-off-by: Alessio Balsini <balsini@google.com>
With the Virtual A/B feature, when the device successfully boots after an OTA
update, a dm-snapshot merge operation is performed, which consolidates the
updated images to the base devices. This merge operation depends on the OTA
size and may affect the device performance until completed.
Create the SnapshotMergeStats class that takes care of measuring the duration
of a merge operation and manages the merge state file to continue tracking the
merge in the case of an interruption due to a reboot.
Bug: 138817833
Test: m
Change-Id: I9dcf1423716c89d8f9b4a0feb4e75bb7b9d18935
Signed-off-by: Alessio Balsini <balsini@google.com>
logs need to be printed at time when it is generated by the child
process which is very useful to understand the boottime impact of
those blocking commands.
Bug: 149418646
Test: boot
Change-Id: Ibee343af6088d57b2976bceb812abb58f3b3f610
/metadata/ota/snapshot_state is a temporary file that keeps track of
snapshot merge operations across reboots.
Bug: 138817833
Test: m
Change-Id: I9785db3f73e1575b8ac8a522d938d09f8948e1b0
Signed-off-by: Alessio Balsini <balsini@google.com>
To improve the test period for adb-remount-test.sh, if the device
fails to get to the launcher on the first try when wait_for_screen,
then print a warning to skip all later wait_for_screen conditions.
The wait_for_screen testing is really there to deal with first
confirming that the device is capable of getting to the launcher,
and that later tests that influence corners of adb remount behavior
do not result in a failure to get to the launcher screen. The
developer should look into ways to fix the failure to get to the
launcher on the first try, but failure to do so should have no
bearing on the remaining tests, so dropping the wait_for_screen
functionality is not an issue.
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Test: adb-remount-test.sh
Bug: 148881519
Change-Id: I5b4a87d6e1f545a304eb74f2114aadd1128f25b3
By default print only ERROR message, or messages without a source
(eg: [fs_mgr]) library. Print all messages to stderr if the -v
option is added. Always log all messages to the Android logger.
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Test: adb-remount-test.sh
Change-Id: I131315d4bae6ed29991043033811cf22e6032f8b
The metadata_csum can enhance ext4 stability, so this patch adds a way to
enable it.
Requiring "metadata_csum" in fsmgr flag of fstab.
Bug: 149039306
Change-Id: I618a65d7afc63a617f5f2582c93002af7f8e7234
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Yifan Hong