ACPR/android_system_core
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge changes I2360314c,I51bd32c6,Icb136327,Id8425488 am: 10b691284c

Browse source 
Original change: https://android-review.googlesource.com/c/platform/system/core/+/2200439

Change-Id: I4248b909181be6cf1d150a92b4716f403494d63b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
This commit is contained in:
Yi-yo Chiang 2022-09-05 06:30:47 +00:00 committed by Automerger Merge Worker
commit 5676d384ef
1 changed files with 109 additions and 114 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

223
fs_mgr/tests/adb-remount-test.sh
View file

@ -50,12 +50,15 @@ TAB="`echo | tr '\n' '\t'`"
ESCAPE="`echo | tr '\n' '\033'`" ESCAPE="`echo | tr '\n' '\033'`"
# A _real_ embedded carriage return character # A _real_ embedded carriage return character
CR="`echo | tr '\n' '\r'`" CR="`echo | tr '\n' '\r'`"
GREEN="${ESCAPE}[32m" RED=
RED="${ESCAPE}[31m" GREEN=
YELLOW="${ESCAPE}[33m" YELLOW=
BLUE="${ESCAPE}[34m" BLUE=
NORMAL="${ESCAPE}[0m" NORMAL=
print_time=false color=false
# Assume support color if stdout is terminal.
[ -t 1 ] && color=true
print_time=true
start_time=`date +%s` start_time=`date +%s`
ACTIVE_SLOT= ACTIVE_SLOT=
OVERLAYFS_BACKING="cache mnt/scratch" OVERLAYFS_BACKING="cache mnt/scratch"
@ -70,6 +73,9 @@ screen_wait=true
[ "USAGE: LOG [RUN|OK|PASSED|WARNING|ERROR|FAILED|INFO] [message]..." ] [ "USAGE: LOG [RUN|OK|PASSED|WARNING|ERROR|FAILED|INFO] [message]..." ]
LOG() { LOG() {
if ${print_time}; then
echo -n "$(date '+%m-%d %T') "
fi >&2
case "${1}" in case "${1}" in
R*) R*)
shift shift
@ -191,7 +197,7 @@ adb_logcat() {
Returns: worrisome avc violations" ] Returns: worrisome avc violations" ]
avc_check() { avc_check() {
if ! ${overlayfs_supported:-false}; then if ! ${overlayfs_needed:-false}; then
return return
fi fi
local L=`adb_logcat -b all -v brief -d \ local L=`adb_logcat -b all -v brief -d \
@ -793,7 +799,7 @@ GETOPTS="--alternative --unquoted
--longoptions wait-adb:,wait-fastboot: --longoptions wait-adb:,wait-fastboot:
--longoptions wait-screen,wait-display --longoptions wait-screen,wait-display
--longoptions no-wait-screen,no-wait-display --longoptions no-wait-screen,no-wait-display
--longoptions gtest_print_time,print-time --longoptions gtest_print_time,print-time,no-print-time
--" --"
if [ "Darwin" = "${HOSTOS}" ]; then if [ "Darwin" = "${HOSTOS}" ]; then
GETOPTS= GETOPTS=
@ -808,12 +814,11 @@ if [ "Darwin" = "${HOSTOS}" ]; then
s/--wait-adb/ /g s/--wait-adb/ /g
s/--wait-fastboot/ /g'`" s/--wait-fastboot/ /g'`"
fi fi
OPTIONS=`getopt ${GETOPTS} "?a:cCdDf:hs:t" ${*}` || OPTIONS=`getopt ${GETOPTS} "?a:cCdDf:hs:tT" ${*}` ||
( echo "${USAGE}" >&2 ; false ) || ( echo "${USAGE}" >&2 ; false ) ||
die "getopt failure" die "getopt failure"
set -- ${OPTIONS} set -- ${OPTIONS}
color=false
while [ ${#} -gt 0 ]; do while [ ${#} -gt 0 ]; do
case ${1} in case ${1} in
-h | --help | -\?) -h | --help | -\?)
@ -839,6 +844,9 @@ while [ ${#} -gt 0 ]; do
-t | --print-time | --gtest_print_time) -t | --print-time | --gtest_print_time)
print_time=true print_time=true
;; ;;
-T | --no-print-time)
print_time=false
;;
-a | --wait-adb) -a | --wait-adb)
ADB_WAIT=${2} ADB_WAIT=${2}
shift shift
@ -861,12 +869,13 @@ while [ ${#} -gt 0 ]; do
esac esac
shift shift
done done
if ! ${color}; then
GREEN="" if ${color}; then
RED="" RED="${ESCAPE}[31m"
YELLOW="" GREEN="${ESCAPE}[32m"
BLUE="" YELLOW="${ESCAPE}[33m"
NORMAL="" BLUE="${ESCAPE}[34m"
NORMAL="${ESCAPE}[0m"
fi fi
TMPDIR= TMPDIR=
@ -908,6 +917,9 @@ fi
inAdb || die "specified device not in adb mode" inAdb || die "specified device not in adb mode"
[ "1" = "$(get_property ro.debuggable)" ] || die "device not a debug build" [ "1" = "$(get_property ro.debuggable)" ] || die "device not a debug build"
[ "orange" = "$(get_property ro.boot.verifiedbootstate)" ] || die "device not bootloader unlocked" [ "orange" = "$(get_property ro.boot.verifiedbootstate)" ] || die "device not bootloader unlocked"
################################################################################
# Collect characteristics of the device and report.
can_restore_verity=true can_restore_verity=true
if [ "2" != "$(get_property partition.system.verified)" ]; then if [ "2" != "$(get_property partition.system.verified)" ]; then
LOG WARNING "device might not support verity" LOG WARNING "device might not support verity"
@ -919,10 +931,6 @@ if ! adb_su getenforce </dev/null | grep 'Enforcing' >/dev/null; then
enforcing=false enforcing=false
fi fi
# Do something.
# Collect characteristics of the device and report.
USB_SERIAL= USB_SERIAL=
if [ -n "${ANDROID_SERIAL}" -a "Darwin" != "${HOSTOS}" ]; then if [ -n "${ANDROID_SERIAL}" -a "Darwin" != "${HOSTOS}" ]; then
USB_SERIAL="`find /sys/devices -name serial | grep usb || true`" USB_SERIAL="`find /sys/devices -name serial | grep usb || true`"
@ -961,18 +969,21 @@ FSTAB_FILE=$(adb_su ls -1 '/vendor/etc/fstab*' </dev/null |
head -1) head -1)
# KISS (assume system partition mount point is "/<partition name>") # KISS (assume system partition mount point is "/<partition name>")
[ -n "${FSTAB_FILE}" ] && if [ -n "${FSTAB_FILE}" ]; then
PARTITIONS=$(adb_su grep -v "^[#${SPACE}${TAB}]" "${FSTAB_FILE}" | PARTITIONS=$(adb_su grep -v "^[#${SPACE}${TAB}]" "${FSTAB_FILE}" |
skip_administrative_mounts | skip_administrative_mounts |
awk '$1 ~ /^[^\/]+$/ && "/"$1 == $2 && $4 ~ /(^|,)ro(,|$)/ { print $1 }' | awk '$1 ~ /^[^\/]+$/ && "/"$1 == $2 && $4 ~ /(^|,)ro(,|$)/ { print $1 }' |
sort -u | sort -u |
tr '\n' ' ') tr '\n' ' ')
PARTITIONS="${PARTITIONS:-system vendor}" else
PARTITIONS="system vendor"
fi
# KISS (we do not support sub-mounts for system partitions currently) # KISS (we do not support sub-mounts for system partitions currently)
MOUNTS="`for i in ${PARTITIONS}; do # Ensure /system and /vendor mountpoints are in mounts list
echo /${i} MOUNTS=$(for i in system vendor ${PARTITIONS}; do
done | echo "/${i}"
tr '\n' ' '`" done | sort -u | tr '\n' ' ')
LOG INFO "System Partitions list: ${PARTITIONS}" LOG INFO "System Partitions list: ${PARTITIONS}"
# Report existing partition sizes # Report existing partition sizes
@ -998,37 +1009,8 @@ adb_sh ls -l /dev/block/by-name/ /dev/block/mapper/ </dev/null 2>/dev/null |
LOG INFO "partition ${name} device ${device} size ${size}K" LOG INFO "partition ${name} device ${device} size ${size}K"
done done
LOG RUN "Checking kernel support for overlayfs"
overlayfs_supported=true
adb_root || die "becoming root to mine kernel information"
if ! adb_test -d /sys/module/overlay; then
if adb_sh grep -q "nodev${TAB}overlay" /proc/filesystems; then
LOG OK "overlay module present"
else
LOG WARNING "overlay module not present"
overlayfs_supported=false
fi
fi >&2
if ${overlayfs_supported}; then
if adb_test -f /sys/module/overlay/parameters/override_creds; then
LOG OK "overlay module supports override_creds"
else
case "$(adb_sh uname -r </dev/null)" in
4.[456789].* | 4.[1-9][0-9]* | [56789].*)
LOG WARNING "overlay module does not support override_creds"
overlayfs_supported=false
;;
*)
LOG OK "overlay module uses caller's creds"
;;
esac
fi
fi
restore() { restore() {
LOG INFO "restoring device" LOG INFO "restoring device"
${overlayfs_supported} || return 0
inFastboot && inFastboot &&
fastboot reboot && fastboot reboot &&
adb_wait "${ADB_WAIT}" || adb_wait "${ADB_WAIT}" ||
@ -1106,8 +1088,6 @@ if [ X"${D}" = X"${D##* 100[%] }" ] && ${no_dedupe} ; then
overlayfs_needed=false overlayfs_needed=false
# if device does not need overlays, then adb enable-verity will brick device # if device does not need overlays, then adb enable-verity will brick device
can_restore_verity=false can_restore_verity=false
elif ! ${overlayfs_supported}; then
die "need overlayfs, but do not have it"
fi fi
LOG OK "no overlay present before setup" LOG OK "no overlay present before setup"
@ -1133,6 +1113,31 @@ if ${overlayfs_needed}; then
fi fi
LOG OK "adb disable-verity -R" LOG OK "adb disable-verity -R"
################################################################################
LOG RUN "Checking kernel has overlayfs required patches"
adb_root || die "adb root"
if adb_test -d /sys/module/overlay ||
adb_sh grep -q "nodev${TAB}overlay" /proc/filesystems; then
LOG OK "overlay module present"
else
LOG INFO "overlay module not present"
fi
if is_overlayfs_mounted 2>/dev/null; then
if adb_test -f /sys/module/overlay/parameters/override_creds; then
LOG OK "overlay module supports override_creds"
else
case "$(adb_sh uname -r </dev/null)" in
4.[456789].* | 4.[1-9][0-9]* | [56789].*)
die "overlay module does not support override_creds"
;;
*)
LOG OK "overlay module uses caller's creds"
;;
esac
fi
fi
################################################################################ ################################################################################
# Precondition is a verity-disabled device with overlayfs already setup. # Precondition is a verity-disabled device with overlayfs already setup.
LOG RUN "Testing raw remount commands" LOG RUN "Testing raw remount commands"
@ -1335,38 +1340,41 @@ fi
LOG OK "adb remount RW" LOG OK "adb remount RW"
# Check something. ################################################################################
LOG RUN "push content to ${MOUNTS}" LOG RUN "push content to ${MOUNTS}"
adb_root || die "adb root"
A="Hello World! $(date)" A="Hello World! $(date)"
for i in ${MOUNTS}; do for i in ${MOUNTS} /system/priv-app; do
echo "${A}" | adb_sh cat - ">${i}/hello" echo "${A}" | adb_sh cat - ">${i}/hello"
B="`adb_cat ${i}/hello`" || B="`adb_cat ${i}/hello`" ||
die "${i#/} hello" die "${i#/} hello"
check_eq "${A}" "${B}" ${i} before reboot check_eq "${A}" "${B}" ${i} before reboot
done done
echo "${A}" | adb_sh cat - ">/system/priv-app/hello"
B="`adb_cat /system/priv-app/hello`" ||
die "system priv-app hello"
check_eq "${A}" "${B}" /system/priv-app before reboot
SYSTEM_INO=`adb_sh stat --format=%i /system/hello </dev/null` SYSTEM_INO=`adb_sh stat --format=%i /system/hello </dev/null`
VENDOR_INO=`adb_sh stat --format=%i /vendor/hello </dev/null` VENDOR_INO=`adb_sh stat --format=%i /vendor/hello </dev/null`
check_ne "${SYSTEM_INO}" "${VENDOR_INO}" vendor and system inode check_ne "${SYSTEM_INO}" "${VENDOR_INO}" vendor and system inode
# Download libc.so, append some garbage, push back, and check if the file # Edit build.prop and check if properties are updated.
# is updated. system_build_prop_original="${TMPDIR}/system_build.prop.original"
adb pull /system/lib/bootstrap/libc.so "${TMPDIR}/libc.so" >/dev/null || system_build_prop_modified="${TMPDIR}/system_build.prop.modified"
die "pull libc.so from device" system_build_prop_fromdevice="${TMPDIR}/system_build.prop.fromdevice"
garbage="D105225BBFCB1EB8AB8EBDB7094646F0" adb pull /system/build.prop "${system_build_prop_original}" >/dev/null ||
echo "${garbage}" >>"${TMPDIR}/libc.so" die "adb pull /system/build.prop"
adb push "${TMPDIR}/libc.so" /system/lib/bootstrap/libc.so >/dev/null || # Prepend with extra newline in case the original file doesn't end with a newline.
die "push libc.so to device" cat "${system_build_prop_original}" - <<EOF >"${system_build_prop_modified}"
adb pull /system/lib/bootstrap/libc.so "${TMPDIR}/libc.so.fromdevice" >/dev/null ||
die "pull libc.so from device"
diff "${TMPDIR}/libc.so" "${TMPDIR}/libc.so.fromdevice" > /dev/null ||
die "libc.so differ"
# Properties added by adb remount test
test.adb.remount.system.build.prop=true
EOF
adb push "${system_build_prop_modified}" /system/build.prop >/dev/null ||
die "adb push /system/build.prop"
adb pull /system/build.prop "${system_build_prop_fromdevice}" >/dev/null ||
die "adb pull /system/build.prop"
diff "${system_build_prop_modified}" "${system_build_prop_fromdevice}" >/dev/null ||
die "/system/build.prop differs from pushed content"
################################################################################
LOG RUN "reboot to confirm content persistent" LOG RUN "reboot to confirm content persistent"
fixup_from_recovery() { fixup_from_recovery() {
@ -1407,9 +1415,9 @@ adb_sh ls /system >/dev/null || die "ls /system"
adb_test -d /system/priv-app || die "[ -d /system/priv-app ]" adb_test -d /system/priv-app || die "[ -d /system/priv-app ]"
B="`adb_cat /system/priv-app/hello`" B="`adb_cat /system/priv-app/hello`"
check_eq "${A}" "${B}" /system/priv-app after reboot check_eq "${A}" "${B}" /system/priv-app after reboot
# Only root can read vendor if sepolicy permissions are as expected. # Only root can read vendor if sepolicy permissions are as expected.
adb_root || adb_root || die "adb root"
die "adb root"
for i in ${MOUNTS}; do for i in ${MOUNTS}; do
B="`adb_cat ${i}/hello`" B="`adb_cat ${i}/hello`"
check_eq "${A}" "${B}" ${i#/} after reboot check_eq "${A}" "${B}" ${i#/} after reboot
@ -1422,12 +1430,13 @@ check_eq "${VENDOR_INO}" "`adb_sh stat --format=%i /vendor/hello </dev/null`" ve
# Feed log with selinux denials as a result of overlays # Feed log with selinux denials as a result of overlays
adb_sh find ${MOUNTS} </dev/null >/dev/null 2>/dev/null || true adb_sh find ${MOUNTS} </dev/null >/dev/null 2>/dev/null || true
# Check if the updated libc.so is persistent after reboot. # Check if the updated build.prop is persistent after reboot.
adb_root && check_eq "true" "$(get_property 'test.adb.remount.system.build.prop')" "load modified build.prop"
adb pull /system/lib/bootstrap/libc.so "${TMPDIR}/libc.so.fromdevice" >/dev/null || adb pull /system/build.prop "${system_build_prop_fromdevice}" >/dev/null ||
die "pull libc.so from device" die "adb pull /system/build.prop"
diff "${TMPDIR}/libc.so" "${TMPDIR}/libc.so.fromdevice" > /dev/null || die "libc.so differ" diff "${system_build_prop_modified}" "${system_build_prop_fromdevice}" >/dev/null ||
LOG OK "/system/lib/bootstrap/libc.so content remains after reboot" die "/system/build.prop differs from pushed content"
LOG OK "/system/build.prop content remains after reboot"
################################################################################ ################################################################################
LOG RUN "flash vendor, and confirm vendor override disappears" LOG RUN "flash vendor, and confirm vendor override disappears"
@ -1535,40 +1544,26 @@ fi >&2
wait_for_screen wait_for_screen
################################################################################ ################################################################################
LOG RUN "remove test content (cleanup)" LOG RUN "Clean up test content"
T=`adb_date` adb_root || die "adb root"
H=`adb remount 2>&1` T=$(adb_date)
err=${?} D=$(adb remount 2>&1) ||
L= die -t "${T}" "adb remount"
D="${H%?Now reboot your device for settings to take effect*}" echo "${D}" >&2
if [ X"${H}" != X"${D}" ]; then if [[ "${D}" =~ [Rr]eboot ]]; then
LOG WARNING "adb remount requires a reboot after partial flash (legacy avb)" LOG OK "adb remount calls for a reboot after partial flash"
L=`adb_logcat -b all -v nsec -t ${T} 2>&1` # but we don't really want to, since rebooting just recreates the already tore
adb_reboot && # down vendor overlay.
adb_wait ${ADB_WAIT} &&
adb_root ||
die "failed to reboot"
T=`adb_date`
H=`adb remount 2>&1`
err=${?}
fi fi
echo "${H}" >&2
[ ${err} = 0 ] && for i in ${MOUNTS} /system/priv-app; do
( adb_sh rm /vendor/hello </dev/null 2>/dev/null || true ) && adb_sh rm "${i}/hello" 2>/dev/null || true
adb_sh rm /system/hello /system/priv-app/hello </dev/null || adb_test -e "${i}/hello" &&
( [ -n "${L}" ] && echo "${L}" && false ) >&2 || die -t "${T}" "/${i}/hello lingers after rm"
die -t ${T} "cleanup hello"
adb_test -e /system/hello &&
die "/system/hello lingers after rm"
adb_test -e /system/priv-app/hello &&
die "/system/priv-app/hello lingers after rm"
adb_test -e /vendor/hello &&
die "/vendor/hello lingers after rm"
for i in ${MOUNTS}; do
adb_sh rm ${i}/hello </dev/null 2>/dev/null || true
done done
################################################################################
if ${is_bootloader_fastboot} && [ -n "${scratch_partition}" ]; then if ${is_bootloader_fastboot} && [ -n "${scratch_partition}" ]; then
LOG RUN "test fastboot flash to ${scratch_partition} recovery" LOG RUN "test fastboot flash to ${scratch_partition} recovery"