When delivering single-stage, non-AB OTAs, the updater binary is built
on a newer OS than recovery is compiled with. libdm relies on newer ueventd
behavior which therefore breaks this model. As a workaround, we allow
libdm to fallback to the old ueventd logic if the following conditions
hold true: (1) we're in recovery, (2) the device is not an AB device,
and (3) the release is <= 10.
Since the old ueventd behavior can lead to races in libdm, this fallback
should stay as narrow as possible.
Bug: 156536673
Bug: 155202260
Test: manual test
Change-Id: I7f9da49e4ba8dfe165e0923d9918827d51d090cd
Currently the ReadDefaultFstab function, which calls GetFstabPath,
makes some assumptions about what the fstab will be called and where
it is located. This is being used by vold to set up userdata encryption
and for gsid, and is even used in the default boot control HAL, so it
has become quite baked.
The original way for a board to specify things to mount was to use the
"mount_all /path/to/fstab" command in init.rc. However, due to the
above functionality, the path after mount_all is no longer very useful,
as it cannot differ from the inferred path, or userdata encryption and
other features will be broken.
On Cuttlefish, we have an interest in being able to test alternative
userdata configurations (ext4 vs f2fs, encryption on/off, etc.) and
currently the only way to achieve this is to either a) modify the
ro.hardware or ro.hardware.platform properties, which breaks a bunch
of things like default HAL filenames, or regenerate our odm.img or
vendor.img filesystems. We can't simply install another fstab and
point to it with "mount_all".
This change allows the fstab path to be omitted from "mount_all", and
adds another property which overrides the existing checks for
fstab.${ro.hardware} and fstab.${ro.hardware.platform}. Specifying
${ro.boot.fstab_suffix} will cause fstab.${ro.boot.fstab_suffix}
to be checked first.
Bug: 142424832
Test: booted cuttlefish with 'mount_all ${ro.hardware} --late'
Test: booted cuttlefish with 'mount_all --late'
Test: booted cuttlefish with 'mount_all --late' and fstab_suffix=f2fs
Test: partially booted cuttlefish with 'mount_all ${ro.hardware}'
Test: partially booted cuttlefish with 'mount_all'
Change-Id: I3e10f66aecfcd48bdb9ebf1d304b7aae745cbd3c
Merged-In: I3e10f66aecfcd48bdb9ebf1d304b7aae745cbd3c
If the emmc_optimized filesystem flag is set, then like
inlinecrypt_optimized, we have to ensure that stable_inodes is set
on the filesystem.
Bug: 144046242
Test: Cuttlefish, ext4: set the flag in fstab, check for the
stable_inodes flag using tunefs -l
Cherry-Picked-From: c2f37683bc
Merged-In: Id7f906564457c240ddf6677dd536698881385385
Change-Id: Id7f906564457c240ddf6677dd536698881385385
Because DSUs mount userdata via a fiemap, libfiemap has trouble creating
additional fiemaps on top of it. The complex stacking of dm-linear is
not supported. For other libfiemap tests we've hacked around this
limitation. If LpMetadata is in a folder named "test", we allow the
backing device search to stop at a dm node, whereas otherwise it would
need to stop at a physical device.
However this was not quite enough for vts_libsnapshot_test, because (1)
the test folder was not included in the pattern match, and (2)
CreateLogicalPartition() could not handle device-mapper names, as it
expects a named physical partition. Addressing both of these allows the
tests to pass on DSUs.
Bug: 156713441
Test: vts_libsnapshot_test on DSU
Change-Id: Ie7ee70e31dff0809a5f0c402ed132d80dd03d9b1
Merged-In: Ie7ee70e31dff0809a5f0c402ed132d80dd03d9b1
The GKI verification VTS test will need to examine the boot partition's
hash descriptor, so add support to access this descriptor.
Bug: 148800209
Test: atest AvbTest#Boot
Change-Id: I92e32f61a265671ae0940c44147391f73776e66a
Merged-In: I92e32f61a265671ae0940c44147391f73776e66a
libsnapshot used to assume CoW images are always mapped
with device mapper, and call GetDeviceString directly.
However, in tests, it is possible that it is mapped as loop
devices. Fix the incorrect assumption and calls
IImageManager::GetMappedImageDevice instead.
Test: libsnapshot_fuzzer with corpus
Bug: 154633114
Change-Id: I1ec39744480e514ae7a7902643ed863e0ca0a340
(cherry picked from commit e6c1a84276)
Merged-In: I1ec39744480e514ae7a7902643ed863e0ca0a340
libfiemap functionality is extensively tested via libsnapshot, gsid, and
fiemap_writer_test. However those tests rely on the configuration of the
device, and libfiemap has fairly different behavior based on whether FBE
or metadata encryption is in use. (The former will use loop devices, the
latter uses dm-linear).
To expand coverage, we added tests with very complicated nesting,
creating fiemaps on a rw partition mounted off a device backed by a
fiemap. Unsurprisingly, this was brittle to begin with, and now
consistently fails due to the intermediate partition not having
sepolicy.
Given the preference toward metadata encryption, and the fact that the
FBE mode will still be properly tested via VTS, let's just remove these
tests.
Bug: 148874852
Test: fiemap_image_test
Change-Id: I7be7d44dea81508505c050ed995b3b78086ad35f
Merged-In: I7be7d44dea81508505c050ed995b3b78086ad35f
When merging in recovery, the "imminent data wipe" code was used, which
made the assumption the /metadata and /data state would be zapped. This
caused future OTAs to error because the old snapshots were detected.
This CL allows OTAs to proceed even if unexpected snapshots are present.
It also forces the state to "MergeCompleted" after a merge in recovery,
so that the next normal boot can perform cleanup.
Bug: 155339165
Test: fastboot snapshot-update merge, then take another OTA
vts_libsnapshot_test
Change-Id: Ief6dea3ba76323044e61307272dda320a4494aea
Merged-In: Ief6dea3ba76323044e61307272dda320a4494aea
This won't happen in practice because device size is never
zero. Hypothetically, if it is, PartitionCowCreator still
suggests that a CoW size of 8192 bytes needs to be created. In
reality, it is not necessary.
Test: libsnapshot_fuzzer
Bug: 155484992
Change-Id: I6c69f54820522d50c699384eec90c474ca3a9402
(cherry picked from commit bc84824e21acfdc83590d6d0d4827bd9854fc0f5)
Merged-In: I6c69f54820522d50c699384eec90c474ca3a9402
Operations on (unsigned long) f_bsize and f_bfree are correctly handled
on 64 bit architectures, but when switching to 32 bit, the
multiplication between the two could result in an overflow, causing the
test to crash.
Fix by using a uint64_t operand, hinting the compiler to handle the
whole multiplication with 64 bit operands.
Bug: 154355449
Bug: 148889015
Test: vts_libsnapshot_test (32 bit)
Signed-off-by: Alessio Balsini <balsini@google.com>
Change-Id: Ief5c03ff7954c4a3e8597ef6e7df467f59428877
Merged-In: Ief5c03ff7954c4a3e8597ef6e7df467f59428877
The test is guaranteed to fail because userdata is itself a fiemap-backed device.
Bug: 154447105
Test: fiemap_writer_test on DSU
Change-Id: Ied35da0eb7aba3daca7ed430f006bf1e90e21dca
Merged-In: Ied35da0eb7aba3daca7ed430f006bf1e90e21dca
These shared_libs are missing from /system/lib/ on 64-bit devices.
Test: Build, install, and run 32bit vts_libsnapshot_test.
Bug: 154115505
Change-Id: Iaf2014748546a055d35e4fe0e24969eef13db7fa
The "OwnsSector" tests did not work if one range fit completely inside
another range. The new OverlapsWith() methods address this case.
Bug: 154277287
Bug: 154646936
Test: liblp_test gtests
Change-Id: I1a59069db4ffe4f13c45963c4847cff7b3dd3dfc
loop_control.h already provides loop device management APIs that we need
here. In addition, this change fixes a subtle race condition between
uevented creating a loop device node in userspace and
PrepareZramBackingDevice accessing it without waiting for it to be
created.
Test: device boots
Test: adb reboot userspace
Bug: 154500256
Change-Id: If80f18c8c337210030a6caf2aec6f7a47472b6fb
In vts_libsnapshot_test, liblp was explicitly imported as static
library, but due to the importing of libsnapshot_defaults, it also
inherited the shared importing.
The import in libsnapshot_default, is not required, drop it.
Test: manual inspection with ldd
Bug: 148889015
Signed-off-by: Alessio Balsini <balsini@google.com>
Change-Id: I12ba0516a482dc917848b5f34cccc659a60a4803
Merged-in: I12ba0516a482dc917848b5f34cccc659a60a4803
To make it easier to support disk formats created using old versions
of dm-default-key with new kernels, stop checking the kernel module
version; instead, the caller decides whether to use the old or new
options format.
Bug: 150761030
Test: crosshatch and cuttlefish boot normally; cuttlefish
fails with "default-key: Not enough arguments" as expected when
option is set to 1
Cherry-Picked-From: 539b98fb58
Merged-In: I810bb7e085b9b8648858de1a02165162d1fd163e
Change-Id: I810bb7e085b9b8648858de1a02165162d1fd163e
Use realpath as a canonical representation of block devices. This makes
it easier to reason about block devices. This also fixes a bug, in which
fs_mgr_get_mounted_entry_for_userdata didn't properly work on devices
that don't support metadata encryption.
Test: atest CtsFsMgrTestCases
Test: atest CtsUserspaceRebootHostSideTestCases
Bug: 153363818
Change-Id: I139c2be46336a632bbaee86667019c075d7de814
Merged-In: I139c2be46336a632bbaee86667019c075d7de814
(cherry picked from commit 7aa37f1f21)
Bug: 151896491
Test: presubmit check
Exempt-From-Owner-Approval: This CL renames suite name vts-core to vts.
It won't change test logic or behavior.
Change-Id: I24779951257ce37fc18929f214d3cf5f76c23a19
The tests are only needed in vts10 suite, as they are part of CTS
package and no longer needed in vts 11.
Bug: 151896491
Test: local build
Exempt-From-Owner-Approval: This CL removes vts10 tests from vts suite.
It won't change test logic or behavior.
Change-Id: I4d468be075b54213b56c7e1aa94af94f2bdce9ff
Merged-In: I4d468be075b54213b56c7e1aa94af94f2bdce9ff
Add VTS10 variant of vts_libsnapshot_test so that
it can be added to vts-kernel test.
Bug: 142513589
Test: vts10-tradefed run vts-kernel -m VtsLibnsapshotTest
Change-Id: I4e2516b94d84acb16f595aab87dd3c0cadad6166
(cherry picked from commit 405da5a9a6)
Merged-In: I4e2516b94d84acb16f595aab87dd3c0cadad6166
Vendors may add additional functionfs mounts. Since these
will never be remounted, we can safely filter these out.
Bug: 153008210
Test: Test device with previously unfiltered entries.
Change-Id: I7f384b8a0ce93dd6701fe3c4d9dd2557370b31e1
Merged-In: I7f384b8a0ce93dd6701fe3c4d9dd2557370b31e1
If forward merge indicator exists at unverified state during FDR,
we are allowed to initiate merge and finish it before wiping userdata.
Test: downgrades
Test: update with data wipe
Test: vts_libsnapshot_test
Bug: 152094219
Change-Id: I151f1af4aca446cc52e669c5c3ea2b2e55acb468
(cherry picked from commit 973b8c10d1)
Merged-In: I151f1af4aca446cc52e669c5c3ea2b2e55acb468
If the device applies a package with FDR, place forward merge indicator
so that on FDR, the snapshots aren't abandoned, and we forward merge
the update.
Test: apply downgrade
Test: apply update with data wipe
Test: vts_libsnapshot_test
Bug: 152094219
Change-Id: Id32aeca380db797cd777321837f146333ae6b33c
(cherry picked from commit 6b0251232a)
Merged-In: Id32aeca380db797cd777321837f146333ae6b33c
The indicator signals that on factory data reset, initiating
merge is allowed.
Test: vts_libsnapshot_test
Test: apply downgrade update
Test: apply update with FDR
Bug: 152094219
Change-Id: Ieecddd198136571dd652ca62c27fe65a12b7b15f
(cherry picked from commit f9e1e16377)
Merged-In: Ieecddd198136571dd652ca62c27fe65a12b7b15f
Test: run it
Bug: 152094219
Change-Id: I06852d7a0514481cbeed3ef66192ba49a24cb54b
(cherry picked from commit a4f9b07490)
Merged-In: I06852d7a0514481cbeed3ef66192ba49a24cb54b
This steps up our garbage collection threshold over time when mounting
userdata with checkpointing=disable for f2fs. With this scheme, we step
up the percent of disk we will tolerate being unusable during
checkpointing. At 100%, the filesystem will be able to always mount.
This means we will attempt to mount at most 10 times, for a max time of
about 50 seconds.
Also logs mount time under ro.boottime.init.mount.[target]
If the device does not support checkpoint=disable:[n%], it will mount
with checkpoint=disable, which is equivalent to checkpoint=disable:0%
Test: Boot in checkpointing mode
Bug: 150506496
Change-Id: I047ff98513f4ea832e1216b91e454a57fd2e8bf6
... so that an operation can be skipped partially. For example, if
an operation contains blocks:
563412 -> 123456
... then optimized operation is:
5612 -> 1256
Test: update_engine_unittests
Test: apply incremental OTA
Bug: 148623880
In an experiment, this reduces CoW size of an incremental update
package by 200MB (out of 700MB).
Change-Id: I86ca23fd589ddbc84c81318283b5f4e71782a759
Merged-In: I86ca23fd589ddbc84c81318283b5f4e71782a759
David Anderson