From a9451a5db1445bcb05d2892458e30abec4a79b63 Mon Sep 17 00:00:00 2001
From: Mark Salyzyn <salyzyn@google.com>
Date: Tue, 26 Feb 2019 08:39:40 -0800
Subject: [PATCH] fs_mgr: overlayfs: requires override_creds patch for 4.4+
 kernels (taimen)

The original adb-remount-test.sh when certifying kernels allowed a
pass on 4.4 kernels because it added new content, and missed a test
for overriding existing content.  When the test was added to confirm
APEX control of libc.so, it serendipitously added a check for
overriding existing content, which the 4.4 kernel did not allow to
pass.  Update the tests and documentation to reflect this new state
of affairs.

Summary: 4.4 kernel overlayfs driver worked partially without the
patch for override_creds.

Test: adb-remount-test.sh
Bug: 126256072
Change-Id: I979ea59a12bc0b9926826b9b09a7893ab3b9ee7f
---
 fs_mgr/README.overlayfs.md       |  2 +-
 fs_mgr/fs_mgr_overlayfs.cpp      |  2 +-
 fs_mgr/tests/adb-remount-test.sh | 23 ++++++++++-------------
 3 files changed, 12 insertions(+), 15 deletions(-)

diff --git a/fs_mgr/README.overlayfs.md b/fs_mgr/README.overlayfs.md
index 2aac2601a..f89e598c6 100644
--- a/fs_mgr/README.overlayfs.md
+++ b/fs_mgr/README.overlayfs.md
@@ -94,7 +94,7 @@ Caveats
   and thus free dynamic partition space.
 - Kernel must have CONFIG_OVERLAY_FS=y and will need to be patched
   with "*overlayfs: override_creds=off option bypass creator_cred*"
-  if kernel is higher than 4.6.
+  if kernel is 4.4 or higher.
   The patch is available on the upstream mailing list and the latest as of
   Feb 8 2019 is https://lore.kernel.org/patchwork/patch/1009299/.
   This patch adds an override_creds _mount_ option to overlayfs that
diff --git a/fs_mgr/fs_mgr_overlayfs.cpp b/fs_mgr/fs_mgr_overlayfs.cpp
index 3d5062c4a..40da36d87 100644
--- a/fs_mgr/fs_mgr_overlayfs.cpp
+++ b/fs_mgr/fs_mgr_overlayfs.cpp
@@ -1031,7 +1031,7 @@ OverlayfsValidResult fs_mgr_overlayfs_valid() {
     if (major > 4) {
         return OverlayfsValidResult::kNotSupported;
     }
-    if (minor > 6) {
+    if (minor > 3) {
         return OverlayfsValidResult::kNotSupported;
     }
     return OverlayfsValidResult::kOk;
diff --git a/fs_mgr/tests/adb-remount-test.sh b/fs_mgr/tests/adb-remount-test.sh
index 8a1b6d6ea..fd53ed4b4 100755
--- a/fs_mgr/tests/adb-remount-test.sh
+++ b/fs_mgr/tests/adb-remount-test.sh
@@ -577,20 +577,17 @@ adb_sh ls -d /sys/module/overlay </dev/null >/dev/null 2>/dev/null ||
   ) ||
   overlayfs_supported=false
 if ${overlayfs_supported}; then
-  case `adb_sh uname -r </dev/null` in
-    4.[6789].* | 4.[1-9][0-9]* | [56789].*)
-      adb_su ls /sys/module/overlay/parameters/override_creds </dev/null >/dev/null &&
-        echo "${GREEN}[       OK ]${NORMAL} overlay module supports override_creds" >&2 ||
-        (
-          echo "${ORANGE}[  WARNING ]${NORMAL} overlay module does not support override_creds" >&2 &&
-          false
-        ) ||
+  adb_su ls /sys/module/overlay/parameters/override_creds </dev/null >/dev/null &&
+    echo "${GREEN}[       OK ]${NORMAL} overlay module supports override_creds" >&2 ||
+    case `adb_sh uname -r </dev/null` in
+      4.[456789].* | 4.[1-9][0-9]* | [56789].*)
+        echo "${ORANGE}[  WARNING ]${NORMAL} overlay module does not support override_creds" >&2 &&
         overlayfs_supported=false
-      ;;
-    *)
-      echo "${GREEN}[       OK ]${NORMAL} overlay module uses callers creds" >&2
-      ;;
-  esac
+        ;;
+      *)
+        echo "${GREEN}[       OK ]${NORMAL} overlay module uses caller's creds" >&2
+        ;;
+    esac
 fi
 
 adb_root ||