Commit Graph

380 Commits

Author SHA1 Message Date
Bowgo Tsai aaf70e77dc fs_mgr: support AVB in fs_mgr_update_verity_state()
fs_mgr_update_verity_state() is invoked by 'verity_update_state' in
init.rc. It will then set property "partition.system.verified" and
"partition.vendor.verified" to verify_mode. We should support this for
AVB as well.

Also change the order of static libs in init to fix the build error
after this change:
  system/extras/ext4_utils/ext4_crypt.cpp:69: error: undefined reference to 'property_get'

Bug: 35416769
Test: Mount /system and /vendor with vboot 2.0 (AVB), check the following properties exist.
      - [partition.system.verified]: [2]
      - [partition.vendor.verified]: [2]
Test: Mount /system and /vendor with vboot 1.0, check the following properties exist.
      - [partition.system.verified]: [0]
      - [partition.vendor.verified]: [0]

Change-Id: I4328d66a8cb93f26e7960e620a0b2292d5f15900
2017-04-14 12:10:49 +08:00
Bowgo Tsai 80d1ad17ed fs_mgr: adds/changes some public APIs for early mount in init
Several changes in this CL:
  - Moves class FsManagerAvbHandle to public API
  - Adds a parameter 'wait_for_verity_dev' for FsManagerAvbHandle::SetUpAvb()
    to allow not to wait for verity device gets created
  - Adds FsManagerAvbHandle::AvbHashtreeDisabled() to query whether AVB is disabled
  - Adds fs_mgr_is_avb() to query whether a fstab_rec has MF_AVB flag

Bug: 33254008
Test: test AVB on bullhead
Change-Id: I89c43ca574ae632db8a700fc2590a1f80212c993
2017-04-13 18:29:10 +08:00
Bowgo Tsai 95c966a859 fs_mgr_avb: refactors how vbmeta is loaded
Adds two classes FsManagerAvbhandle and FsManagerAvbVerifier to replace the
following functions or struct:

    - fs_mgr_load_vbmeta_images() -> FsManagerAvbhandle::Open()
    - fs_mgr_unload_vbmeta_images() -> deleted
    - fs_mgr_setup_avb() -> FsManagerAvbhandle::SetUpAvb()

    - androidboot_vbmeta -> FsManagerAvbVerifier
    - load_vbmeta_prop() -> FsManagerAvbVerifier::Create()
    - verify_vbmeta_images() -> FsManagerAvbVerifier::VerifyVbmetaImages()

And only invokes FsManagerAvbhandle::Open() when there is a fstab entry having
'avb' flag (need HASHTREE descriptor). fs_mgr_is_avb_used() can be
removed as it only checks system property "ro.boot.vbmeta.hash_alg" to
decide whether vbmeta needs to be loaded, which might not be accurate.

For example, there are only HASH descriptors in the verified chain but
no HASHTREE descriptors. In this case, the fs_mgr doesn't have to do
anything because it only takes care of HASHTREE descriptors.

Also adds a new class FsManagerAvbOps to provide the C++ binding
FsManagerAvbOps::AvbSlotVerify() for libavb->avb_slot_verify().

Bug: 33254008
Test: test AVB on bullhead
Change-Id: I8fe15ba01c277152630a2a5c1c5c7f25fbf34030
2017-04-13 18:28:53 +08:00
Bowgo Tsai 87d0836cda fs_mgr: adding fs_mgr_get_slot_suffix() public API
The function returns "_a" or "_b" based on two possible values in
kernel cmdline:

  - androidboot.slot = a or b OR
  - androidboot.slot_suffix = _a or _b

Bug: 33254008
Bug: 36533366
Test: boot sailfish
Change-Id: Ia0a524e4145ebf61af5821f42ecad212c95ed748
2017-04-13 18:28:48 +08:00
Keun-young Park 95e233f9ff use s_max_mnt_count to detect mke2fs generated partition
- Old tool will set it to 10 while mke2fs will set it to -1.
- For now, only tag it.
- TODO: possibly add different policy per image tool version.

bug: 32246772
Test: check dmesg after reboot
Change-Id: Ib763f8ba64957412d2b02a9d6e3fc2bfcf55851e
2017-04-11 17:55:14 -07:00
Treehugger Robot 53108b269e Merge "fs_mgr: removing fs_mgr_read_fstab_with_dt()" 2017-04-01 03:05:25 +00:00
Bowgo Tsai f5bbfd64a9 fs_mgr_avb_ops: stores the by-name prefix of /misc instead of fstab struct
fs_mgr_avb_ops->read_from_partition() relies on the by-name prefix to
get the device file when reading a partition. Previously we store the
fstab struct and use fs_mgr_get_entry_for_mount_point() for every read.

It's better to do that once and store the by-name prefix for later use.

Bug: 33254008
Test: test AVB on bullhead
Change-Id: Ie999851b529f984e29ccbf39fb52a8220056fe0c
2017-03-31 10:25:04 +08:00
Bowgo Tsai 37a0b318ef fs_mgr_avb: allow top-level vbmeta struct to be in 'boot' partition
get_hashtree_descriptor() currently restricts HASHTREE descriptor to be
either in /vbmeta or in the same partition for dm-verity setup.

Also allows it to be from /boot partition because the top-level vbmeta
might be appended at /boot in legacy devices without /vbmeta.

Bug: 35880930
Test: test AVB on bullhead with top-level vbmeta being at /boot
Change-Id: I1ebd16a3c9f17bced6055146e8843b5918a737eb
2017-03-30 20:37:12 +08:00
Bowgo Tsai acc1c3c792 fs_mgr: removing fs_mgr_read_fstab_with_dt()
Currently there is no client requires fs_mgr_read_fstab_with_dt() so
remove this API. Devices with fstab entries in device tree should use
fs_mgr_read_fstab_default() to get default fstab, or just use
fs_mgr_read_fstab_dt() to get those in device tree.

Bug: 35811655
Test: normal boot sailfish
Test: run factory data reset in sailfish
Test: recovery boot sailfish
Test: adb sideload in sailfish

Change-Id: I1579d81cea7366cf3867cfe5ad56feb36cbb7246
2017-03-29 16:25:03 +08:00
Bowgo Tsai 0f34094a17 fs_mgr: change the log level in fs_mgr_get_boot_config()
fs_mgr might try to get a non-existing config through fs_mgr_get_boot_config()
on a device (e.g., for backward compatibility). Lower the log level to INFO
so it won't appear on the recovery screen.

Bug: 35811655
Test: recovery boot sailfish
Change-Id: I81497259aff3691740170abeef932d363b52be35
2017-03-28 18:52:04 +08:00
Treehugger Robot ea057b46e0 Merge "fs_mgr_avb: allow top-level vbmeta struct to be in 'boot' partition" 2017-03-28 00:28:33 +00:00
Tao Bao 9c59029add Merge "fs_mgr: use different fstab paths for normal/recovery boot" 2017-03-27 19:23:12 +00:00
Bowgo Tsai d05a2f7dcb fs_mgr: use different fstab paths for normal/recovery boot
recovery boot: /etc/recovery.fstab
  normal boot: use the first one found by the order:
               /odm/etc/fstab.{hardware} ->
               /vendor/etc/fstab.{hardware} ->
               /fstab.{hardware}

Bug: 35811655
Bug: 36637553

Test: Sideload OTA installation in sailfish
Change-Id: I3e260e077afa5a37fb65246246c824e9379e68c8
2017-03-28 01:34:28 +08:00
Bowgo Tsai 97db0809f4 fs_mgr_avb: fix return value check of fs_mgr_get_boot_config()
fs_mgr_get_boot_config() returns true/false but the return value check
in current fs_mgr_avb is for 0/1. This was introduced during a refactoring.

Check true/false for the return value.

Bug: 33254008
Test: manual test AVB on bullhead
Change-Id: I72c366627214df4a99c4d9cf1eb577e94f7afb31
2017-03-27 22:33:21 +08:00
Bowgo Tsai b016896c98 fs_mgr_avb: allow top-level vbmeta struct to be in 'boot' partition
avb_ops->read_from_partition() should return
AVB_IO_RESULT_ERROR_NO_SUCH_PARTITION if the requested partition does
not exist. Then libavb will try to load top-level vbmeta from /boot partition.

Two related changes in external/avb:

  https://android-review.googlesource.com/#/c/344907/
  https://android-review.googlesource.com/#/c/348731/

Bug: 35880930
Test: test AVB on bullhead with top-level vbmeta being at /boot
Change-Id: I80355ba5ae4d29a6f102714cd2f7c2550b238f27
2017-03-27 21:35:06 +08:00
Fernando Lugo 9c7ae587c2 fs_mgr: update to new androidboot.slot param
androidboot.slot_suffix is being deprecated for a androidboot.slot.
Bootloader must pass slot used to boot into the androidboot.slot which
does not include the '_' character

Test: boot android
Bug: 36533366
Change-Id: I6137bd08418f67a88120c8609eda10b2ada4607d
Signed-off-by: Fernando Lugo <flugo@google.com>
2017-03-24 23:28:55 +00:00
Fernando Lugo ce9d7db979 fs_mgr: allow using legacy A/B suffix
Right now all platforms supporting A/B have not fixed
androidboot.slot_suffix kernel command line parameter. To avoid breaking
all those platform allow using legacy support bootloaders get fixed.

Bug: 36533366
Test: boot
Change-Id: I0ad349f262d0b7f4897f3e184cb053b1440b2d5b
Signed-off-by: Fernando Lugo <flugo@google.com>
2017-03-22 19:22:25 -07:00
Fernando Lugo d1dcedd3fb fs_mgr: adapt to new A/B support
In the new A/B partition support suffixes don't have "_". So, fix fs_mgr
code that assumes it has "_"

Bug: 36533366
Test: boot
Change-Id: I0f528cf1e8fecacb1b4ae34f6dc42e18ebe777bb
Signed-off-by: Fernando Lugo <flugo@google.com>
2017-03-22 19:21:56 -07:00
Mark Salyzyn e989a22553 fs_mgr: remove private/android_filesystem_config.h
Test: compile
Bug: 33241851
Change-Id: I3807871dcdfe5c751b1eea6e57c1ff5aac15806e
2017-03-20 14:30:48 -07:00
bowgotsai 172c1d8b6e fs_mgr: change the log level in fs_mgr_read_fstab_dt()
Devices having no early mount enabled won't have fstab in device tree.
Lower the log level to INFO when fstab is absent there.

Bug: 35811655
Test: boot into recovery mode in a device without fstab in dt
Change-Id: I4b1e0e6554f50b8118770d00aa8f54be86aca858
2017-03-16 10:25:39 +09:00
Treehugger Robot 488525b47b Merge "fs_mgr: fix errno setted by mount_with_alternatives" 2017-03-12 03:27:14 +00:00
NIEJuhu 5c31ffe9cd fs_mgr: fix errno setted by mount_with_alternatives
mount_with_alternatives should set errno to match the 1st mount failure.

Bug: N/A
Test: run `fs_mgr -a <fake_fstab>` and check dmesg log
Change-Id: If4148d327f75c659b843e95f85568ea49c5d0180
Signed-off-by: NIEJuhu <niejuhu@xiaomi.com>
2017-03-10 08:36:11 +00:00
Bowgo Tsai 46c6dc1a6f fs_mgr: support reading fstab file from /odm or /vendor partition
fstab contains device- and soc- specific content that should reside in
/odm or /vendor partition. This change searches the fstab.${ro.hardware}
file from /odm/etc, /vendor/etc and /, then use the first one found.

Bug: 35811655
Test: boot sailfish
Change-Id: I82f89b41a849faedb64072a7cfc52d7424e1aaa1
2017-03-09 22:35:54 +08:00
Bowgo Tsai 47d342739a fs_mgr: add fs_mgr_read_fstab_with_dt() API
With the early mount support in init, fstab entries of verified partitions
(e.g., /system, /vendor) will be moved into device tree in kernel image.

Those early mount fstab entries will be removed from the fstab file to
prevent duplicated and/or inconsistent settings.

This change adds a new function: fs_mgr_read_fstab_with_dt(), to return
the combined results from both places. It also removes
fs_mgr_read_fstab_file() from the public APIs and makes it as an
internal function.

Bug: 35811655
Test: early mount /vendor with dm-verity on sailfish

Change-Id: I2fba3614685bf9f852a789cda6f53013e2164e60
2017-03-09 21:15:08 +08:00
Keun-young Park 3fbf94e19a collect fs stat for ext4
- This is to collect data to understand if e2fsck -f option
  can be dropped wholly based on information from fs.
- Ideally e2fsck should not fix fs if it was clean shutdown
  or if it is not enabling quota.
- The log is added to /dev/fscklogs/log and other system components
  can collect it later.

TODO: add mechanism to distinguish old vs new fs generation tool.

bug: 32246772
Test: reboot and check saved logs under different shutdown conditions (clean, non-clean)

Change-Id: Id00fad4c5f8ebbb9f9908164a1026e415df06721
2017-03-06 19:39:58 -08:00
Bowgo Tsai 7ad3159db9 fs_mgr: allow disable dm-verity when the device is unlocked without metadata
To start Treble VTS test, a single AOSP system.img will be flashed onto
the device. The size of AOSP system.img might be different than the
system partition size on device, making locating verity metadata fail
(at the last fixed size of the partition).

This change allows disabling dm-verity on system partition when the
device is unlocked (orange device state) with invalid metadata.

BUG: 35603549

Test: Boot bullhead with a different-sized system.img, checks verity is
      not enabled via:

          "adb shell getprop | grep partition.system.verified"

Change-Id: Id89d023e82c78ff1902ab7a528431cf7f65e49ad
2017-03-06 16:04:03 +08:00
Sandeep Patil e7a1b3757f fs_mgr: make is_device_secure() work even in the absence of properties.
During early mount property area is not initialized, and as a result an
'eng' build will always incorrectly be detected as a 'secure' build by
early mount code path resulting into verity error and consequent boot
loop.

The change here makes sure the is_device_secure() check works with /
without properties based on the 'eng' build based build flag so the
early mount code works fine both ways.

Bug: 35791581
Bug: 27805372

Test: Boot sailfish-{eng,userdebug} builds successfully w/ early
mount enabled

Change-Id: Icd101ccad56b669f49b60bbb3005d5be9f53b02b
Signed-off-by: Sandeep Patil <sspatil@google.com>
2017-02-27 12:46:18 -08:00
Wei Wang 4d71bc5350 fs_mgr: fix const parameter in fs_mgr_do_tmpfs_mount
Bug: 35425974
Test: mma, marlin/angler boot
Change-Id: Ibadd04ad3a7c4ea184a6344d566302d577d8fee3
2017-02-24 19:33:53 -08:00
Sandeep Patil 4cd9a46916 fs_mgr: refactor: consolidate device tree file reading in one place
If Device tree values are read for comparison, they produce false
negatives with std::strings due to trailing '\0'. This change
consolidates the triming of trailing null into a single helper function
to be used everywhere fs_mgr reads DT values for comparison or other
reasons where it wishes to have the trailing null trimmed.

b/27805372

Test: Boot sailfish w/ early mount /vendor

Change-Id: If71efc830dc440323df764c7461867e71ed6515b
Signed-off-by: Sandeep Patil <sspatil@google.com>
2017-02-24 13:29:33 -08:00
Sandeep Patil e396c607ff fs_mgr: consolidate DT compatible check
Fixes the compatible check in fs_mgr_boot_config by consolidating the
check in a single privately exported function within fs_mgr (i.e.
is_dt_compatible()).

b/27805372

Test: Boot sailfish w/ early mount

Change-Id: Ie2d1646b81cf9eba8d16828ca8cf2c75156c294c
Signed-off-by: Sandeep Patil <sspatil@google.com>
2017-02-24 13:29:26 -08:00
Sandeep Patil c20c0c2cdd early_mount: fs_mgr: move all fstab logic into fs_mgr
With init parsing fstab fragments from kernel separately, the fs_mgr
would completely miss the device tree entries. That leads to things like
'adb remount' to go through without warning for verity even if /system
is verified. This happens because 'verity_update_state' completely
misses the partitions passed to android through the device tree.

solution is to teach fs_mgr about device tree fstab entries and add 2
new public APIs.

1. fs_mgr_read_fstab_dt() - reads device tree and returns fstab
generated from it.

2. fs_mgr_read_fstab_default() - reads both device tree fstab and
/fstab.{ro.hardware} and returns the combined table.

This also reduces the hardcoded /fstab.{ro.hardware} occurence only to
fs_mgr and for eveyone who wants to read the "default" fstab must be
changed to call fs_mgr_read_fstab_default() instead. e.g. adb.

b/27805372

Test: Angler was used since it has 2 early mounted partitions instead of
one. 1 verified and 1 unverified.
- Boot angler successfully without early mount
- Boot angler successfully with /vendor early mount and test if 'adb
remount' warns us about verity
- Boot angler successfully with both /system and /vendor early mounted
and ensure 'adb remount' warns us about verity.
- check partitions.system.verified status after /system early mount ot
ensure it is set to VERITY_MODE_DEFAULT.
- 'adb disable-verity' with early mounted /system doesn't work due to
missing changes in adb

TODO:
change adb to use the new fs_mgr_read_fstab_default() API

Change-Id: I82038d87c7a44488e938acce2cc1082c08f6f73a
Signed-off-by: Sandeep Patil <sspatil@google.com>
2017-02-23 16:48:43 -08:00
Sandeep Patil 9de748f745 fs_mgr: add a generic fs_mgr_get_boot_config internal API
depending on when fs_mgr is trying to read the configuration passed into
the kernel commandline, it may be able to read it successfully.
Specially in the case when init has not initialized properties.

This change adds a new fs_mgr_get_boot_config() API to be used by all
fs_mgr code in order to get filesystem parameters specified in kernel
command line or device tree. This way the fs_mgr code doesn't have to
handle the "early" cases separately anywhere.

Test:
Tested angler boot with both /system and /vendor mounted in init
first stage.
Tested sailfish to make sure /vendor can be continued to be
mounted early without verity

Change-Id: I9a44cdfc32681f714c5d73ae55c3deda95c02545
2017-02-22 12:58:15 -08:00
Sandeep Patil 05ff38ba43 init: early_mount: disallow partitions to be verified at boot
While technically possible, the verification at boot basically will
block init for as long as the entire partition is read while nothing
else is running. Disallow that as this is not going to be used anywhere.

Bug: 27805372
Test: boot angler with verifyatboot fs_mgr option for early mounted
vendor partition. That resulted in a panic() as expected.

Change-Id: I9da5caa163cae8bce6dbfb630f0ed5605ea044a0
Signed-off-by: Sandeep Patil <sspatil@google.com>
2017-02-22 11:22:53 -08:00
Sandeep Patil 4129f20aaf fs_mgr: make fs_mgr_setup_verity public API
Consequently this removes the 'early' version of the exact same API.
This is to be used by early mount code where we need to do
1. setup verity
2. create verity device
3. mount partition
as separate steps since that happens during init first stage.

b/27805372

Test: Boot sailfish successfully

Change-Id: I01abecfdfa210d3e240a291ddcb3d2e9ed39ede6
Signed-off-by: Sandeep Patil <sspatil@google.com>
2017-02-22 11:22:53 -08:00
Sandeep Patil d2462570b8 fs_mgr: fix the fs_mgr_setup_verity param name
The 'verify_dev' parameter for fs_mgr_setup_verity is confusing, since
it doesn't necessarily control the "verification" part of the function.
Instead, it merely allows the caller to skip the
wait_for_dm_verity_device part of the function. So, rename that
parameter for what it is.

b/27805372

Test: Boot sailfish

Change-Id: I024e02fd728f5cd5bb333d9c3b512861731fa215
Signed-off-by: Sandeep Patil <sspatil@google.com>
2017-02-22 11:22:53 -08:00
Sandeep Patil 56f9ada93d fs_mgr: add fs_mgr_do_mount_one() API
This is to be used in early mount case where we will have a fully
prepared fstab_rec. fs_mgr_do_mount() does a lot more checks and
spends time preparing verity / avb devices before it does the actual
mount.

b/33254008

Test: Boot sailfish

Change-Id: I4481b5af8d900c8b7e3355b7513c325d8f2ecff2
Signed-off-by: Sandeep Patil <sspatil@google.com>
2017-02-20 09:04:33 -08:00
Bowgo Tsai 4caf4c03c1 Fix-up coding style
The .clang-format is a symlink to ../init/.clang-format, which is merged
recently. As init is the major user of fs_mgr, it's better to keep the
style consistent.

Only recent newly-added files written by me are formatted. For other
files, let's format them gradually to keep 'git blame' intact.

Bug: None
Test: Device can boot with AVB

Change-Id: I5c72f23b38534d5bcef3e4f9f0f477fa40496433
2017-02-18 12:33:36 +08:00
Sandeep Patil d529d9d358 fs_mgr: remove code that gets slot_suffix from misc partition
'slot_suffix' for A/B devices *must* be provided in kernel command line
or in device tree. The removed code was unnecessarily looking it up in
the 'misc' partition.

b/33254008

Test: Boot sailfish

Change-Id: I329af2d9a98c34a941596779eb78d14337b864e5
Signed-off-by: Sandeep Patil <sspatil@google.com>
2017-02-15 16:00:03 -08:00
Keun-young Park 2517da9f97 Revert "e2fsck: drop -f when TARGET_USES_MKE2FS is enabled"
This reverts commit 22e8199175.

- revert for now. will collect more data to check safety.

bug: 32246772
Test: reboots

Change-Id: Ibbb39005c64b26e9990c271b0b949feafae17773
2017-02-15 11:02:59 -08:00
Treehugger Robot 1549257ff5 Merge changes from topic 'pre-early-mount'
* changes:
  init: fstab: add support to read fstab entries from device tree
  init: early_mount: add support to mount non-verity partitions early
  init: remove the existing early_mount code
  init: refactor: add support for doing early coldboot
  ueventd: make selinux labeling optional for device creation
2017-02-14 20:34:35 +00:00
Sandeep Patil 35403ebaf8 init: early_mount: add support to mount non-verity partitions early
This is done by parsing 'androidboot.fstab=<fstab>' kernel cmdline
option to get the fstab file that *only* specifies partitions to be
mounted early (i.e. in init's first stage).

Note that, the same fstab file may not be used as an argument to
mount_all later in the boot as that will cause fs_mgr to fail with
EBUSY.

TODO:
- Possibly add a new mount_mode so the same fstab can be used for
early_mount, 'mount_all --early/--late' etc.
- Add support for dm-verity enabled partitions to mount early.
- Add support for getting fstab arguments through DT instead of kernel
cmdline.

Bug: 27805372

Test:
Boot angler by passing a seperate fstab file using the kernel
cmdline option to mount vendor partition early, remove the vendor
partition entry from the main fstab file for the test.

Boot sailfish by passing a seperate fstab entry via device tree
to mount vendor partition early. Remove vendor partition entry from
the main fstab file for the test

Change-Id: I18785b893c54c8cee960ab44d5e8f83e5d624aa8
Signed-off-by: Sandeep Patil <sspatil@google.com>
2017-02-13 11:17:51 -08:00
bowgotsai 72ffff70fc fs_mgr: removing the dependency of requiring /vbmeta in fstab for AVB
Remove polling_vbmeta_blk_device() as it tries to get /vbmeta entry
from fstab. Also move the polling of a partition inside read_from_partition()
in fs_mgr_avb_ops.cpp as it's where the reads happen.

Bug: 31264231
Test: Device can boot with AVB

Change-Id: Id717e160b085eca42eb9bc5eb2fa7e658bea3ad6
2017-02-10 02:20:22 +08:00
Treehugger Robot 183ca56ce2 Merge "fs_mgr: Switch to LOG()/PLOG() defined in <android-base/logging.h>" 2017-01-28 01:37:22 +00:00
bowgotsai 47878de7d1 fs_mgr: Switch to LOG()/PLOG() defined in <android-base/logging.h>
This is the minimal change just to replace KLOG_{INFO, WARNING, ERROR}
defined in <cutils/klog.h> to LOG()/PLOG() defined in
<android-base/logging.h>.

The logging.h uses program invocation name as the tag when logging.
e.g., init logs will have "init: ..." at the beginning in each line.
To facilitate debugging, this commit adds [libfs_mgr] after the tag,
and the resulting output will like this:

  [   11.278002] init: [libfs_mgr]Enabling dm-verity for system (mode 2)
  [   11.283309] init: [libfs_mgr]loading verity table: '1 /dev/block/platform/soc.0/f9824900.sdhci/by-name/system ...'
  [   11.337884] init: [libfs_mgr]Not running /system/bin/tune2fs on /dev/block/dm-0 (executable not in system image)
  [   11.362281] init: [libfs_mgr]__mount(source=/dev/block/dm-0,target=/system,type=ext4)=0
  [   11.376331] init: [libfs_mgr]Requested quota status is match on /dev/block/platform/soc.0/f9824900.sdhci/by-name/vendor
  [   11.398237] init: [libfs_mgr]__mount(source=/dev/block/platform/soc.0/f9824900.sdhci/by-name/vendor,target=/vendor,type=ext4)=0
  [   11.410735] init: [libfs_mgr]Requested quota status is match on /dev/block/platform/soc.0/f9824900.sdhci/by-name/userdata
  [   11.426783] init: [libfs_mgr]check_fs(): mount(/dev/block/platform/soc.0/f9824900.sdhci/by-name/userdata,/data,ext4)=-1: Invalid argument
  [   11.439154] init: [libfs_mgr]Running /system/bin/e2fsck on /dev/block/platform/soc.0/f9824900.sdhci/by-name/userdata

Bug: 34336098
Test: check device can boot

Change-Id: Idcbaca1050e2d8eabe1e4510a0af03aa0312d03a
2017-01-26 21:47:55 +08:00
bowgotsai ce25baf06f fs_mgr_verity: correct dm_target_spec->next
dm_target_spec->next should be set to the next multiple of 8.
It doesn't matter before because dm_ioctl->target_count is set to 1 so
only the first dm_target_spec will be processed.

Bug: None
Test: check device can boot with dm-verity
Change-Id: I96b9b0307a40b05640db06d1c614c16d8144bb47
2017-01-26 11:34:06 +08:00
bowgotsai cea7ea7825 Switch fs_mgr/*.c to C++.
This is the minimal change just to keep it building, and doesn't
attempt to clean up the code.

Bug: 34336098
Test: check device can boot

Change-Id: I5ff897874f1f14a9a5d1f14fedf1b0749e86dbb3
2017-01-26 07:49:41 +08:00
bowgotsai b51722b4e2 fs_mgr: support using libavb to enable dm-verity
external/avb/libavb provides the new Android Verified Boot (AVB) flow.
It has different verity metadata format than previous formats in
fs_mgr_verity.cpp fs_mgr should support using libavb to read the metadata
(a.k.a. HASHTREE descriptor in AVB) to enable dm-verity in kernel.

Two important files in this commit:

 - fs_mgr_avb_ops.c: an implementation of struct AvbOps* for libavb to do
   platform dependent I/O operations, e.g., read_from_partition.

 - fs_mgr_avb.cpp: it reads the metadata (a.k.a. vbmeta images in AVB) from
   all partitions, verifies its integrity against the values of
   androidboot.vbmeta.{hash_alg, size, digest} passed from bootloader in
   kernel command line. Then enable dm-verity for partitions having the
   corresponding HASHTREE descriptor and with an 'avb' fstab flag.

Bug: 31264231
Test: Enable dm-verity on /system partition
Test: Enable dm-verity with FEC on /system partition

Change-Id: I4652806984fe5a30c61be0839135b5ca78323d38
2017-01-25 18:03:20 +08:00
Connor O'Brien 46fec487a9 Add eraseblk and logicalblk fs_mgr flags
When doing a factory reset in recovery, flash erase & logical block
sizes are needed for tuning the parameters of the new userdata image.
Add flags to allow this information to be stored in recovery.fstab

Test: Factory reset marlin & confirm userdata is rebuilt correctly
Bug: 33243520
Change-Id: I6c4414d4e9026be4a3646523656ac151e93015e7
Signed-off-by: Connor O'Brien <connoro@google.com>
2017-01-24 18:43:39 -08:00
Treehugger Robot d945f27cd6 Merge "fs_mgr: fix clang static analyzer warning" 2017-01-24 20:58:19 +00:00
Jin Qian 8b7eb7bb2a fs_mgr: fix clang static analyzer warning
Pointer from strdup is lost hence triggers mem leak warning from
clang, since ptr returned from basename may not point to start of
duplicated string any more.

Switch to use gnu version of basename which doesn't modify input
string so that strdup is no longer necessary.

Bug: 27126348
Test: compile

Change-Id: I937a68c01c223230932c932bffdd35da6503c3c4
2017-01-20 18:01:49 +08:00