Also simplify this code a bit.
There's only one consumer that removes the /devices/platform prefix,
so have them handle it instead of storing two copies of the string.
Remove an unneeded search for '/' in get_character_device_symlinks()
as a / will always be the next character after a parent path, by
nature of FindPlatformDevice().
Test: boot bullhead
Test: init unit tests
Change-Id: I9d0482d137b1342ae7509ae993ff99198be814f0
fs_mgr_update_verity_state() is invoked by 'verity_update_state' in
init.rc. It will then set property "partition.system.verified" and
"partition.vendor.verified" to verify_mode. We should support this for
AVB as well.
Also change the order of static libs in init to fix the build error
after this change:
system/extras/ext4_utils/ext4_crypt.cpp:69: error: undefined reference to 'property_get'
Bug: 35416769
Test: Mount /system and /vendor with vboot 2.0 (AVB), check the following properties exist.
- [partition.system.verified]: [2]
- [partition.vendor.verified]: [2]
Test: Mount /system and /vendor with vboot 1.0, check the following properties exist.
- [partition.system.verified]: [0]
- [partition.vendor.verified]: [0]
Change-Id: I4328d66a8cb93f26e7960e620a0b2292d5f15900
libavb requires verifying AVB metadata on all verified partitions at
once. For example, /vbmeta, /boot, /system and /vendor. We need to
invoke device_init() for those partitions even if we only want to early
mount some of them, like /vendor and /system.
This CL gets all AVB partitions and the early mount partitions from
device tree through "firmware/android/vbmeta" and "firmware/fstab",
respectively. The following is an example to early mount /vendor
partition on bullhead:
firmware {
android {
compatible = "android,firmware";
vbmeta {
compatible = "android,vbmeta";
parts = "boot,system,vendor";
by_name_prefix="/dev/block/platform/soc.0/f9824900.sdhci/by-name"
};
fstab {
compatible = "android,fstab";
vendor {
compatible = "android,vendor";
dev = "/dev/block/platform/soc.0/f9824900.sdhci/by-name/vendor";
type = "ext4";
mnt_flags = "ro,barrier=1,inode_readahead_blks=8";
fsmgr_flags = "wait,avb";
};
};
};
};
Bug: 33254008
Test: early mount /vendor with vboot 2.0 (AVB) on bullhead
Test: early mount /system without dm-verity on bullhead
Test: early mount /vendor with vboot 1.0 on sailfish
Change-Id: I89a1f77c97124f309346b33d9e700544b92ecf05
Default signature WriteStringToFile creates world-writeable files.
Set owner and group system and remove read/write for non-owner.
Bug: 37251463
Test: Manual: reboot, inspect
Change-Id: I6a29c678168dcae611b120dc52170f4eee7069a9
Default signature WriteStringToFile creates world-writeable files.
Set owner and group system and remove read/write for non-owner.
Bug: 37251463
Test: Manual: reboot, inspect
Change-Id: I6a29c678168dcae611b120dc52170f4eee7069a9
* changes:
ueventd: Fix up string handling in handle_*_device_event()
ueventd: convert mkdir_recursive() to std::string
ueventd: move subsystem logic from code to ueventd.rc
It's possible, in the event of a platform update, for the platform
SELinux policy to change from the policy on which the vendor SELinux
policy was originally based. In this case, a different mapping file
to bridge the differences between the new policy and the old needs to
be selected.
Make init choose which mapping policy file to use based on the version
reported in /vendor/etc/selinux/plat_sepolicy_vers.txt.
Bug: 36783775
Test: Force compilation of sepolicy on-device with mapping file changed
to new location and name, using the value reported on /vendor.
Change-Id: I63c883ccb79dd31c92dabe44a55c4ab50a3735e6
This was marked deprecated in 2014 and removed in 2015, let's remove
the uevent rule now too.
Test: see that logging still works on bullhead
Change-Id: Idaf3f49a1afe7046eba6c976628b9f1c8b3ec094
- umount operation is asynchronous except for root partition.
Returning from umount does not guarantee completion of
umount. Poll /proc/mounts to confirm completion of umount.
- Treat all devices mounting to /data as emulated devices. This is
future proof when fs other than sdcardfs is used.
- Drop quota sync from sync step. There is no differences in
frequencies of quota error.
- Run umount in reverse order from mounting order so that any
hidden dependency can be auto-resolved.
- Add dump of lsof and /proc/mounts when umount fails. lsof only runs
when selinux is toggled into permissive mode. The dump is enabled
only for non-user build.
- Keep logcat until vold shutdown in case vold has any error to report.
bug: 36551218
Test: python packages/services/Car/tools/bootanalyze/bootanalyze.py -r -c packages/services/Car/tools/bootanalyze/config.yaml -n 1000 -f -e 20 -w 30
Change-Id: I87b17b966d7004c205452d81460b02c6acf50d45
(cherry picked from commit 2ba5c8103d)
- umount operation is asynchronous except for root partition.
Returning from umount does not guarantee completion of
umount. Poll /proc/mounts to confirm completion of umount.
- Treat all devices mounting to /data as emulated devices. This is
future proof when fs other than sdcardfs is used.
- Drop quota sync from sync step. There is no differences in
frequencies of quota error.
- Run umount in reverse order from mounting order so that any
hidden dependency can be auto-resolved.
- Add dump of lsof and /proc/mounts when umount fails. lsof only runs
when selinux is toggled into permissive mode. The dump is enabled
only for non-user build.
- Keep logcat until vold shutdown in case vold has any error to report.
bug: 36551218
Test: python packages/services/Car/tools/bootanalyze/bootanalyze.py -r -c packages/services/Car/tools/bootanalyze/config.yaml -n 1000 -f -e 20 -w 30
Change-Id: I87b17b966d7004c205452d81460b02c6acf50d45
