If the system partition is larger than 2G, the device fails to read
verity metadata, because fseek accepts only a 32-bit signed offset.
Switch from fseek to lseek64 to allow seeking using a 64-bit offset,
which solves the problem. At the same time, move away from stdio in
the function.
(cherry-pick of 4cafe2ff89b49329e0e880900195d8e061bd3750.)
Bug: 17705619
Change-Id: I226320498dcb750ec6cde84411c7fe0774c9cab7
This reverts commit 152d2d4234.
Fixed build error, and also fixed memory leak spotted from warning.
(cherry-pick of bbb36319119edde9377fb80015235893c30d2bc9.)
Bug: 17691572
Change-Id: I23b5ba537f7b557432041d4338b38b9be434e981
Clang compiler is picky about partial initialization and
here we only need to initialize the 'len' field.
BUG: 17410010
Change-Id: I718582cef96d5f4076b5ff1c7b8162327e7809b6
If the encryptable partition is wiped (4KB worth of 0 or 0xff),
then reboot into recovery to format /data+/cache
This is while waiting for the Mac OS support to format f2fs.
The flashstation running on Mac OS will currently just erase userdata
and not format it with f2fs.
Bug: 15720406
Bug: 15747366
Change-Id: Ib7cca3e1701483a09573457a835750f34da71ee0
Move the code that attempts to mount alternative fstab entries
into its own function.
Clarify return codes.
Suggest wipe via recovery in error messages.
Bug: 15747366
Change-Id: I3634477cd4d1d73f974f3e906c53285f0d9e0eac
Signed-off-by: JP Abgrall <jpa@google.com>
MF_FORCECRYPT claimed same flag value as existing MF_NOEMULATEDSD.
MF_FORCECRYPT also crashes if no "=" in the option.
Modify MF_NOEMULATEDSD flag value to unique, and reformat comment to keep
the definition near the other defines.
Change-Id: Iec86f40ff43eea14b791d3d19c0ae11fd4b5f784
Without this, the wrong mount point is flagged as being mounted.
Which leads to:
<6>[ 3.278040] fs_mgr: __mount(source=/dev/block/platform/msm_sdcc.1/by-name/userdata,target=/data,type=ext4)=-1
<7>[ 3.278834] SELinux: initialized (dev tmpfs, type tmpfs), uses transition SIDs
<6>[ 3.278925] fs_mgr: fs_mgr_mount_all(): skipping fstab dup mountpoint=/persist rec[3].fs_type=ext4 already mounted.
Bug: 15925030
Bug: 15976144
Change-Id: I0bc617f11dfc97c32bb2d0e52b94ec19282568eb
During encryption and decryption, art is pumping out data via
dex2oat into the /data that is actually a tmpfs.
It currently needs ~195MB.
So we increase the tmpfs from 128MB to 256MB.
Bug: 15909689
Change-Id: I5d518a87d7b4eccf32fcd77f61980646ee8a3d35
Signed-off-by: JP Abgrall <jpa@google.com>
Moving the vendor symlink down was causing issues with some devices.
Moved it back up, and adjusted mount to remove symlinks if necessary.
Change-Id: I77126d77cfbef32250012bea3960c99b55db4cbb
Signed-off-by: Daniel Rosenberg <drosen@google.com>
When looking for partitions to encrypt, it would setup a tmpfs
onto the mount point. But with multi-type mount points it would
repeat the mount.
This would lead to having and extra tmpfs mounted on /data, as
only one would get removed.
Change-Id: I28f2c2c4955906f1172342ea07e0795d6880986b
Signed-off-by: JP Abgrall <jpa@google.com>
Modified fastboot to flash vendor.img as well. Moved symlink
for /vendor to occur after mounting partitions. Changed mount
to also create the mount point.
Change-Id: I78e1ba24e6bb8b4af96a67ee0569af579439e682
Signed-off-by: Daniel Rosenberg <drosen@google.com>
We do the recovery+wipe if
- the mount fails and
- the partition is forceencrypt
- the partition seems wiped (== the 1st 4KB are all 0x00 or 0xFF).
This is a hack until we get the flashstation up and running with f2fs.
Bug: 15731906
The alternative would be for the user to manually enter
recovery and wipe his device.
Bug: 15747366
Change-Id: Ic8f3ef59f3d7d01d5d93d8e4c01502080f422157
Signed-off-by: JP Abgrall <jpa@google.com>
Previous attempt was broken.
It would incorrectly be affected by mount failures.
This changes allows an fstab to contain multiple lines for a given
mount point.
The lines sharing a mount MUST be after each other.
The 1st matching line is the primary when it comes to mounting
and look ups for wiping.
Mounting based on a mount_point will attempt each dup in turn
until one succeeds.
The reported error will be that of the last failed attempt.
This is to allow quick experimentation between different FSes.
Bug: 15702546
Change-Id: I378d68ad13eb0098ec1ccb8dcf108b82acbe9ebb
Signed-off-by: JP Abgrall <jpa@google.com>
This is apparently breaking N5, so reverting for now.
This reverts commit a794f86522.
Bug: 15709256
Change-Id: I37a5160eead17e153e2c83fa94632ffa5d8553c2
This changes allows an fstab to contain multiple lines for a given
mount point.
The lines sharing a mount MUST be after each other.
The 1st matching line is the primary when it comes to mounting
and look ups for wiping.
Mounting based on a mount_point will attempt each dup in turn
until one succeeds.
This is to allow quick experimentations between different FSes.
It does not deal with checkfs yet, because the underlying invocation
of fs-type appropriate fsck does not handle the error code.
Only the primary FS (1st in the dups) is checked.
Change-Id: I8329737454b53e2681436fe85cd00a9bc522676b
Signed-off-by: JP Abgrall <jpa@google.com>
- Enables fsck.f2fs for partitions with type F2FS.
- Adds support for f2fs as format fs-type.
- f2fs is optional and support is dlopen()d when needed.
Needs changes in
system/extras/f2fs_utils
external/f2fs-tools
Change-Id: I8d141a0d4d14df9fe84d3b131484e9696fcd8870
Signed-off-by: JP Abgrall <jpa@google.com>
forceencrypt= will encrypt the drive at boot if it is not encrypted. This change
will not have an impact until we set this flag in appropirate fstabs.
Bug: 11985952
Change-Id: I6c65eda7f109e4936aa160da50f871703aefb351
This checks ro.debuggable to determine whether a device is in the
debuggable state or not, disabling verification if it is.
Eventually we'd like to narrow this down to only devices which
need to disable it, but we aren't there yet.
Change-Id: I06a329fe5449deab6bae595877dbb1f200850241
Modify fs_mgr to unmount encryptable drives after test mounting them and
then trigger an auto-encrypt via the init script
Needs matching vold changes from
https://googleplex-android-review.googlesource.com/#/c/414200/
Feature is limited to list of serial numbers with this change
Bug: 11985952
Change-Id: I84f85a258b6a7e9809467c9149249302e203c41b
* changes:
init: Add "partition.*.verified" properties to the property service.
fs_mgr: Set the 'partition.*.verified' property for verified partitions.
This modifies fs_mgr to set the partition.*.verified properties.
Each of these should be used as a weak indicator that a given partition
is verified. For instance, if the 'partition.system.verified' property
is set to '1', this could indicate that the system partition is verified
and therefore should not be modified by, e.g., adb sync.
Note that these properties can be mutated by the system, and so
should not be used as the basis for security decisions.
Change-Id: I27215a3d3628a1b1e184df9eaad90541b9d8b841
Since 38afe5f4ba
fs_mgr_mount_all() will try to behave more like "mount -a"
So prevent inaccessible or busy (already mounted) encryptable filesystems
from mounting tmpfs in their mount points.
Change-Id: I32e5b3e26f2138d1e4d9ef8ba01c1466f8051d39
These images do not have GPL-ed binaries like /system/bin/e2fsck so
avoid running the program when we detect that we're running inside
one of them.
Note that this does not affect other emulator-based build products
(e..g full-eng instead of sdk-eng), which do have the binaries.
BUG=13057123
Change-Id: Ia42f1d02a3845fbf4b2f9d95818f35d760711a12
Move fstab parsing into fs_mgr_fstab.c so that it compiles into a
separate compilation unit. uncrypt links against it but doesn't
need to pull in the rest of the dependencies on fs_mgr.c.
Change-Id: I6bffe1cd42720151533e958028259d1931aaa4bf
ext4_parse_sb now takes the struct fs_info to fill out to avoid
using the global info from external callers.
Change-Id: I0984ba01c0dbdd5b68b825817faf0c5cf5aa5510
This cleans up most of the size-related problems in system/core.
There are still a few changes needed for a clean 64-bit build,
but they look like they might require changes to things like the
fastboot protocol.
Change-Id: I1560425a289fa158e13e2e3173cc3e71976f92c0
While debugging a mount error, the dmesg output was less
than ideal. The error would be declared but why the mount
failed, and what options were passed was not present. This
patch ensures that the mount options and underlying
errno are printed.
Change-Id: I2b3a2c113149df878c0a8a10ef86fd9e4f909658
The build is broken.
system/core/fs_mgr/fs_mgr.c:824:77: error: expected '(' before 'unused'
const char *blk_device, long long length __attribute__(unused))
^
system/core/fs_mgr/fs_mgr.c: In function 'fs_mgr_add_entry':
system/core/fs_mgr/fs_mgr.c:824:56: warning: unused parameter 'length' [-Wunused-parameter]
const char *blk_device, long long length __attribute__(unused))
^
make: *** [out/target/product/generic_x86/obj/STATIC_LIBRARIES/libfs_mgr_intermediates/fs_mgr.o] Error 1
make: *** Waiting for unfinished jobs....
This reverts commit 21095d0cae.
Change-Id: I64f8c4d9c17c0e3bbf2eb427a2c0b81bbe66ec3a
target thumb C: libfs_mgr <= system/core/fs_mgr/fs_mgr.c
system/core/fs_mgr/fs_mgr.c: In function 'fs_mgr_add_entry':
system/core/fs_mgr/fs_mgr.c:828:56: warning: unused parameter 'length' [-Wunused-parameter]
const char *blk_device, long long length)
Change-Id: Ide1bfa120c4f8d8e2f643929cb84c1be065e3310
The log_target parameter of android_fork_execvp_ext() is now a
bit field, and multiple targets can be set to log to multiple
places at the same time.
The new target LOG_FILE will log to a file specified by the new
parameter file_path.
Set LOG_FILE and log to a file in /dev (the only writable filesystem
avilable when e2fsck runs) when invoking e2fsck in fs_mgr.
Bug: 10021342
Change-Id: I63baf644cc8c3afccc8345df27a74203b44d0400