flock may return EINTR. There are code using LockShared() to test
existance of the directory. Don't fail spuriously.
Test: pass
Bug: 160457903
Change-Id: I51628abe05599422eb3f344781d8f3acd653c822
Merged-In: I51628abe05599422eb3f344781d8f3acd653c822
In rescue mode, if /metadata is mounted but /metadata/ota does
not exist, immeidately unmount /metadata and fallback to the code
path when /metadata is not mounted; that is, old partitions are
overwritten.
Test: in recovery, select wipe then immediately sideload
Bug: 160457903
Change-Id: I412d62b7005c81a7126106edc471622e6a7ef813
Merged-In: I412d62b7005c81a7126106edc471622e6a7ef813
Now we have more things e.g. loading kernel modules, initialize
selinux. And before all these, system cannot make further progress. It
should be beneficial to boost this critical peroid in init.
Benchmark on a Pixel device shows this saves 100+ms on early boot
ToT release + This CL (P15538587)
D/BaseBootTest: init_stage_second_START_TIME_avg : 1563.4
D/BaseBootTest: ueventd_Coldboot_avg : 219.0
D/BaseBootTest: action_init_/system/etc/init/hw/init.rc:114_START_TIME_avg : 2103.7
ToT release (6654154)
D/BaseBootTest: init_stage_second_START_TIME_avg : 1639.0
D/BaseBootTest: ueventd_Coldboot_avg : 238.2
D/BaseBootTest: action_init_/system/etc/init/hw/init.rc:114_START_TIME_avg : 2226.0
Bug: 143857500
Bug: 147997403
Bug: 160271169
Bug: 160696502
Test: Boottime
Signed-off-by: Wei Wang <wvw@google.com>
Change-Id: I21c9e051f4ae3e953d991c031f151b2779702548
build.prop files under system_ext, product, and odm partitions are moved
to the ./etc subdirectory. This is to be in-line with the established
practice of having all configuration files under ./etc subdir.
build.prop doesn't need to be an exception.
However, system/build.prop and vendor/build.prop were not moved because
there are a lot of apps and tools that depend on the path.
Bug: 158735147
Test: device has build.prop under ./etc and is bootable
Change-Id: I26300574c23c78cc4e5bc20f98fc9702838465e1
For partial updates, the metadata for untouched dynamic partitions
are just copied over to the target slot. So, verifying the extents
of these partitions in the target metadata should be sufficient for
correctness. And we don't need to read & hash the bytes on these
partitions.
Bug: 151088567
Test: unit tests pass
Change-Id: I95836ee6f76d884c7a1f5537154ac7230563493a
Q liblp only supports 10.0 super partition metadata, so
forcefully downgrade the current metadata version too.
On retrofit Virtual A/B devices, the metadata version is
at most 10.1, because the new VIRTUAL_AB flag is not set
on retrofit devices.
In version 10.1, two per-partition flags: UPDATED and DISABLED
are introduced.
- The updated flag is set when the device undergoes a Virtual A/B
update before. Clear it.
- The disabled flag should only be set on metadata files used by
libfiemap ImageManager. It shouldn't be used on super partition metadata.
Hence, this CL should only clear UPDATED flag.
Test: R->R->Q OTA
Bug: 159590481
Change-Id: I8b548c8ce36a75197e7172a77f9207fd44fe4670
(cherry picked from commit ba5dfd76de)
Merged-In: I8b548c8ce36a75197e7172a77f9207fd44fe4670
If a device doesn't support unflattened APEXes, init activates flattened
APEXes instead of apexd.
Because apexd dumps apex-info-list.xml after it activates all APEXes,
init should do the same thing.
Bug: 159585065
Test: lunch aosp_cf_x86_phone_noapex & m & boot
adb more /apex/apex-info-list.xml
adb shell ls -lZ /apex/apex-info-list.xml
-> -rw-rw-rw- 1 root root u:object_r:apex_info_file:s0 ..
Change-Id: I74a4d0ee363761564225097c5949e5ce335ac6dc
SkipMountingPartitions() should only be called from a system process
as the config file is in /system_ext.
Remove it from the vendor variant of libfstab.
Bug: 158301941
Test: build hardware/interfaces/boot/1.1/default/boot_control and check symbol
Change-Id: I834183a623c0711dd79b89486fc3fc80f9710801
Adds a fuzzer for Unwinder. This will likely cover a large portion of the library, as it uses many of the library's features
in the process of setting up the Unwinder. Hopefully this, combined with the calls Unwinder makes internally, will provide
sufficient coverage.
Rough coverage estimate (this is drastically lower than the true number due to shared libraries): 6.6%
Test: Ran on device for a few hours
Signed-off-by: Dylan Katz <dylan.katz@leviathansecurity.com>
Change-Id: I813e204df595ff38dccfb73be7fff5c080aaa043
If std::remove_if is a no-op (no service name match), then
std::vector::erase would crash.
Bug: 160025305
Test: test_adb.py
Test: Manual.
1) Enable wireless debugging on multiple devices
2) Disable wireless debugging on all devices
Change-Id: If58b0dda0bb698fd3fd225d9b6a6726a88ae47e0
In the current implementation vendor profile attributes do not override
system ones and instead generate a warning. Fix that by overriding existing
attribute if a new definition is found.
Bug: 160318642
Test: add vendor attributes and confirm no warnings
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: I71a2ee4d4b3c585e7c9a01b791e973390d409cbc
AMBA specification from Arm is a freely available open
standard for the connection and management of functional
blocks in a system-on-chip.
AMBA devices create a device kernel object in /sys/devices/platform
and a kernel object of the bus for the respective device in
/sys/bus/amba. For e.g. for pl180 mmc:
device: /sys/devices/platform/1c050000.mmci
bus: /sys/bus/amba/devices/1c050000.mmci
In first stage init, android creates a symlink from /sys/devices/platform/...
to /dev/block/platform/... for all partitions and then to
/dev/block/by-name for the boot_device used. However this is only done
for devices that "attach" to bus/platform. This patch adds support for
platform devices that attach to bus/amba.
Signed-off-by: Usama Arif <usama.arif@arm.com>
Change-Id: I9da7456407c4f62335c959502d8b2d16026fddfc
modprobe command no longer uses EnableVerbose, opting to do the
associated operations directly.
Test: compile
Change-Id: Iffc8324f37f34de4eeb9a27e92fdf5524afa2220
dm-user is very much a WIP and while this may change (we need to figure out how
to get credentials to the dm-user daemon, for example) it seems like a somewhat
safe bet to assume that the behavior will at least include a start/end range.
Test: I just ran "dmctl create palmer user 0 1024", which created the device.
Signed-off-by: Palmer Dabbelt <palmerdabbelt@google.com>
Change-Id: Ic5f84de6a4f09bf906246035d450edd637cc38ed
There is a desire to ensure that modprobe as a service can log to
kmesg to help triage issues, so add support for the -s or --syslog
flag to do so.
SideEffects:
- help goes to stdout instead of stderr.
- verbose flag once, sets DEBUG, twice, sets VERBOSE minimum.
- quiet flag sets WARNING minimum.
Bug: 159424228
Bug: 151950334
Test: use modprobe as a service to load modules, check logs
Change-Id: I884995f364b0fc604861797eb90d7225a372f864
Add a means to specify the modules to load from a file, rather than
on the argument list by adding an optional argument to the --all flag.
This allows modprobe to be designated as a standalone service to load
a long series of modules in the background and be specified
separately. The specified (module.load) file contains a newline
separate list of module names, and supports line comments using '#'
since this file may be maintained by a human or scripting that
requires tagging for regions of the file.
Bug: 159424228
Bug: 151950334
Test: use modprobe as a service to load modules
Change-Id: Id32641c7244e65848fca3a4a82c8d08b2042bf2f
Add support for long options, and fit existing options to upstream
behaviors and extensions. Fix some missing std::endl and
android::base::Join() usage.
Bug: 159424228
Bug: 151950334
Test: manually test long options work
Change-Id: Id792d87d4407628e706aeccecb6e2bce22bcad10
Turns out std::vector::resize() and std::vector::clear() don't
actually deallocate any memory. std::vector::shrink_to_fit() can be
used for this but isn't a 'guarantee'. Instead of trying to get
std::vector to play nice, this change replaces std::vector<uint8_t>
with std::unique_ptr<uint8_t[]>, which is more accurate to how I'm
using this memory anyway.
Test: logging unit tests
Change-Id: I9638e90bbf50bcf316c5aa172c8278ea945d27e7
SerializedFlushToState::PopNextUnreadLog() was calling
AddMinHeapEntry() to replenish the element that was just popped off of
the heap, however AddMinHeapEntry() also manages reference counts for
the buffers, and this resulting in the following scenario:
PopNextUnreadLog() returns a pointer referencing log buffer #1
AddMinHeapEntry() sees that all logs from buffer #1 has been read, so
it decrements the reference count
The caller of PopNextUnreadLog() uses the result which references
invalid memory.
This calls CheckForNewLogs() within HasUnreadLogs() instead of
requiring a separate call, which fixes an additional issue where
continuing from the loop in SerializedLogBuffer::FlushTo() may not
pick up subsequent logs in a given log buffer, since CheckForNewLogs()
wouldn't be called. This was exacerbated by the above change.
This adds a test to check the reference counts for this case and fixes
an argument mismatch in SerializedFlushToStateTest.
This adds the corpus that surfaced the issue.
Bug: 159753229
Bug: 159783005
Test: these unit tests, run fuzzer without error
Change-Id: Ib2636dfc14293b7e2cd00876b9def6e9dbbff4ce
On some devices we see a weird in which /metadata/apex will have a wrong
selinux label. This will effectively prevent such devices from getting
any apex updates. Since we haven't figured out a root cause for this
bug, it's safer to explicitly call restorecon on /metadata/apex to make
sure it's correct.
This change shouldn't affect a normal boot flow, since /metadata/apex
will already have a correct label and restorecon_recursive will be a
no-op.
Test: rm -Rf /metadata/apex && \
mkdir /metadata/apex &&
mkdir /metadata/apex/sessions
Bug: 149317789
Merged-In: I971ffe35c93bb79d9e71106c24515ec0ee70333a
Change-Id: I971ffe35c93bb79d9e71106c24515ec0ee70333a
(cherry picked from commit cf7b6bad55)
1) Add fuzzer for SerializedLogBuffer
2) Enable fuzzing on host
3) Read logs after writing them
4) Silence log tags error on host
Test: run these fuzzers
Change-Id: Id5f0394546ecbccf5281e3d8855853be90dee3f0
Logd never deletes SerializedLogBuffer, so it seemed reasonable to
detach the deleter thread, however unit tests and fuzzers do delete
SerializedLogBuffer, so we must safely join the deleter thread in the
destructor.
This simplifies the deleter thread code and ensures that only one
deleter thread will be running at a time.
Test: fuzzing works
Change-Id: I69c7447109898a1bb7038a03337cadacb1213281
Fix a bug that was causing cap_set_flag() fail and logd to exit.
Bug: 159588327
Test: caps are set correctly and logd functions with both, one of, or
none of klogd and auditd enabled.
Change-Id: Ia51f078ad848535ce1ac29edd8a56a2b686a12cc
Tianjie Xu