From a5db1d72cf2f97053f3a3baef0be62c92a6baace Mon Sep 17 00:00:00 2001 From: David Anderson Date: Wed, 21 Nov 2018 13:43:22 -0800 Subject: [PATCH] adbd: Automatically disable verity in adb remount. Before overlayfs, we supported deduplicated filesystems by undoing deduplication in recovery. This required an extra reboot cycle, so we changed "adb remount" to disable verity and boot to recovery in one command. After overlayfs, adb remount is still trying to undo deduplication, which leads to very confusing messages. This patch makes things a bit clearer. "adb remount" will disable verity, which installs overlayfs. "adb remount -R" will do the same except automatically reboot. Bug: N/A Test: adb remount on dynamic partitions device Change-Id: Id72f6b9e2297c2f4d5722d5679f6264fe660e631 --- adb/client/commandline.cpp | 4 +- adb/daemon/remount_service.cpp | 82 +++++++++++++++++----------------- 2 files changed, 43 insertions(+), 43 deletions(-) diff --git a/adb/client/commandline.cpp b/adb/client/commandline.cpp index 867621414..cd9831bcf 100644 --- a/adb/client/commandline.cpp +++ b/adb/client/commandline.cpp @@ -192,7 +192,9 @@ static void help() { " get-state print offline | bootloader | device\n" " get-serialno print \n" " get-devpath print \n" - " remount remount partitions read-write\n" + " remount [-R]\n" + " remount partitions read-write. if a reboot is required, -R will\n" + " will automatically reboot the device.\n" " reboot [bootloader|recovery|sideload|sideload-auto-reboot]\n" " reboot the device; defaults to booting system image but\n" " supports bootloader and recovery too. sideload reboots\n" diff --git a/adb/daemon/remount_service.cpp b/adb/daemon/remount_service.cpp index 1a923173d..3f8a97ce1 100644 --- a/adb/daemon/remount_service.cpp +++ b/adb/daemon/remount_service.cpp @@ -240,59 +240,57 @@ void remount_service(unique_fd fd, const std::string& cmd) { std::vector partitions{"/", "/odm", "/oem", "/product_services", "/product", "/vendor"}; - bool verity_enabled = (system_verified || vendor_verified); + if (system_verified || vendor_verified) { + // Disable verity automatically (reboot will be required). + set_verity_enabled_state_service(unique_fd(dup(fd.get())), false); - // If we can use overlayfs, lets get it in place first - // before we struggle with determining deduplication operations. - if (!verity_enabled && fs_mgr_overlayfs_setup()) { + // If overlayfs is not supported, we try and remount or set up + // un-deduplication. If it is supported, we can go ahead and wait for + // a reboot. + if (fs_mgr_overlayfs_valid() != OverlayfsValidResult::kNotSupported) { + if (user_requested_reboot) { + if (android::base::SetProperty(ANDROID_RB_PROPERTY, "reboot")) { + WriteFdExactly(fd.get(), "rebooting device\n"); + } else { + WriteFdExactly(fd.get(), "reboot failed\n"); + } + } + return; + } + } else if (fs_mgr_overlayfs_setup()) { + // If we can use overlayfs, lets get it in place first before we + // struggle with determining deduplication operations. Fstab fstab; if (ReadDefaultFstab(&fstab) && fs_mgr_overlayfs_mount_all(&fstab)) { WriteFdExactly(fd.get(), "overlayfs mounted\n"); } } - // Find partitions that are deduplicated, and can be un-deduplicated. + // If overlayfs is supported, we don't bother trying to un-deduplicate + // partitions. std::set dedup; - for (const auto& part : partitions) { - auto partition = part; - if ((part == "/") && !find_mount("/system", false).empty()) partition = "/system"; - std::string dev = find_mount(partition.c_str(), partition == "/"); - if (dev.empty() || !fs_mgr_has_shared_blocks(partition, dev)) { - continue; - } - if (can_unshare_blocks(fd.get(), dev.c_str())) { - dedup.emplace(partition); - } - } - - // Reboot now if the user requested it (and an operation needs a reboot). - if (user_requested_reboot) { - if (!dedup.empty() || verity_enabled) { - if (verity_enabled) { - set_verity_enabled_state_service(unique_fd(dup(fd.get())), false); + if (fs_mgr_overlayfs_valid() == OverlayfsValidResult::kNotSupported) { + // Find partitions that are deduplicated, and can be un-deduplicated. + for (const auto& part : partitions) { + auto partition = part; + if ((part == "/") && !find_mount("/system", false).empty()) partition = "/system"; + std::string dev = find_mount(partition.c_str(), partition == "/"); + if (dev.empty() || !fs_mgr_has_shared_blocks(partition, dev)) { + continue; + } + if (can_unshare_blocks(fd.get(), dev.c_str())) { + dedup.emplace(partition); } - reboot_for_remount(fd.get(), !dedup.empty()); - return; } - WriteFdExactly(fd.get(), "No reboot needed, skipping -R.\n"); - } - // If we need to disable-verity, but we also need to perform a recovery - // fsck for deduplicated partitions, hold off on warning about verity. We - // can handle both verity and the recovery fsck in the same reboot cycle. - if (verity_enabled && dedup.empty()) { - // Allow remount but warn of likely bad effects - bool both = system_verified && vendor_verified; - WriteFdFmt(fd.get(), "dm_verity is enabled on the %s%s%s partition%s.\n", - system_verified ? "system" : "", both ? " and " : "", - vendor_verified ? "vendor" : "", both ? "s" : ""); - WriteFdExactly(fd.get(), - "Use \"adb disable-verity\" to disable verity.\n" - "If you do not, remount may succeed, however, you will still " - "not be able to write to these volumes.\n"); - WriteFdExactly(fd.get(), - "Alternately, use \"adb remount -R\" to disable verity " - "and automatically reboot.\n"); + // Reboot now if the user requested it (and an operation needs a reboot). + if (user_requested_reboot) { + if (!dedup.empty()) { + reboot_for_remount(fd.get(), !dedup.empty()); + return; + } + WriteFdExactly(fd.get(), "No reboot needed, skipping -R.\n"); + } } bool success = true;