Right now these two partitions are mounted in the fs stage of the init
process. As a result, many vendor/ODM files needed earlier in the boot
process (e.g., init.<hardware>.rc, fstab.<hardware>.rc,
uevent.<hardware>.rc, SELinux policy files etc) can only live on the root
partition.
To prevent vendors/ODMs from polluting the root partition, this patch makes
it possible to mount the vendor and ODM partitions in the first stage of the
init process. The fstab info of both partitions to be mounted early is
composed from new kernel cmdline arguments android.early.prefix and
android.early.fstab.
For example, with:
android.early.prefix=/sys/devices/1010000.msdc0/mmc_host/mmc0/mmc0:0001/block/mmcblk0/
android.early.fstab=mmcblk0p10+/odm+ext4+ro+verify\nmmcblk0p09+/vendor+ext4+ro+verify
the final fstab string will be:
/sys/devices/1010000.msdc0/mmc_host/mmc0/mmc0:0001/block/mmcblk0/mmcblk0p10 /odm ext4 ro verify
/sys/devices/1010000.msdc0/mmc_host/mmc0/mmc0:0001/block/mmcblk0/mmcblk0p09 /vendor ext4 ro verify
The android.early.prefix is optional. When it is missing, the final fstab
string will be directly converted from android.early.fstab.
This patch also makes sure that the early mounted partitions are dm-verity
enabled so that they are trust worthy to store system files.
BUG=27805372
Change-Id: I3cf32482a5ec65445ba3aedab2164c7ba8f12694
* Use const reference type for for-loop index variables
to avoid unnecessary copy.
Bug: 30413223
Change-Id: I5514384ef3af77c00aa3e8417acd8d70981e0afb
Test: build with WITH_TIDY=1
I'll come back and remove klog_init when I've removed other calls to it.
Change-Id: Iad7fd26d853b4ddc54e9abd44516b6f138cbbfcb
Test: booted N9, looked at "adb shell dmesg" output.
If signature verification fails and we have an error corrected
signature available, attempt to verify that instead.
Needs changes from
Ie913c21ba1d07d6df4c6feeb7226b2ec963f4d19
Bug: 28943429
Change-Id: I7d48701916fe430b17aa05acb120f22a1802733d
(cherry picked from commit 830126637a)
This fixes a bug introduced by
https://android-review.googlesource.com/#/c/212781/ which would make
fs_mgr crash when hitting one of the error paths.
Bug: 28585197
Change-Id: I40e6612e2eb3e6f584e70c608afc6d4378d73c4f
If signature verification fails and we have an error corrected
signature available, attempt to verify that instead.
Needs changes from
Ie913c21ba1d07d6df4c6feeb7226b2ec963f4d19
Bug: 28943429
Change-Id: I7d48701916fe430b17aa05acb120f22a1802733d
The dm-verity metadata contains the block device path that is given to
the dm-android-verity driver. If the device is using slot A/B, this
path is missing the slot suffix.
This patch makes fs_mgr replace all the block device path reference
with the one including the active slot suffix.
Change-Id: Ib624d0d18b12a8a287cac7f15605a2e0fb7c97c6
Signed-off-by: Jeremy Compostella <jeremy.compostella@intel.com>
When fs_mgr_do_format() is executed, fs_mgr creates a new
blank data file system. However, that filesystem is not
labeled and causes some unlabeled denials on early boot.
Example Denial:
avc: denied { search } for pid=2535 comm="logd" name="/" dev="mmcblk0p9" ino=2 scontext=u:r:logd:s0 tcontext=u:object_r:unlabeled:s0 tclass=dir permissive=1
To correct this, pass sehandle to the internal ext4 routine.
This way the ext4 filesystem will be labeled at creation and
the root inode will have a label.
Change-Id: Ieeecaa8bbc258e6d743d281dd956bdaca98b365f
Signed-off-by: William Roberts <william.c.roberts@intel.com>
am: 6846d22629
* commit '6846d22629e7bf9d53006d4f40c9c5f81b2b45f0':
If we fail to format a blank partition, try recovery
Change-Id: I6879f99f6901b24a3a51a35c3fc629c49bb64091
This option allows fs_mgr to ignore mount errors on an optional
partition to allow booting to continue.
Bug: 28071890
Change-Id: I71a2b3c1c573297cab18884b4c4bd7c27ced2901
This option allows fs_mgr to ignore mount errors on an optional
partition to allow booting to continue.
Bug: 28071890
Change-Id: I71a2b3c1c573297cab18884b4c4bd7c27ced2901
This reverts commit 2cd762d932.
This change adds 12 seconds or so to boot times - we need to revert it
and see if we can find a proper fix to the original problem if it is
still occurring.
Bug: 27849759
Change-Id: Ib3692e436c08468a51529f256f2ce5e9ccd2d35d
If the userdata partition has the encryptable=footer fstab option,
fs_mgr must leave room for the crypt footer.
Change-Id: Id07818c5d93aafc27577f72fb0a780f26db51b16
Signed-off-by: Chuanxiao Dong <chuanxiao.dong@intel.com>
Signed-off-by: Jeremy Compostella <jeremy.compostella@intel.com>
Also cleans up two instances of open() with useless mode params, and
changes a few uses of snprintf to use sizeof(buffer) instead of
hardcoded buffer sizes.
Change-Id: If11591003d910c995e72ad8f75afd072c255a3c5
am: 5dac46ac94
* commit '5dac46ac944da477c1abcba70cf424064ca233fe':
Revert "Revert "Update make_ext4fs_internal param-list to match new implementation""