Increase size of the NETLINK_KOBJECT_UEVENT socket receive buffer to
16M. Also, use SO_RCVBUFFORCE to override any limits set by
/proc/sys/net/core/rmem_max.
We had a couple of instances, where we lost critical uevent messages due
to receive buffer overflows.
Bug: 119933843
Change-Id: I6aab183aa0194e173f9175b47c6beb0835cf6675
init add support for picking up partitions if specified by
fs_mgr_overlayfs_required_devices() as /dev/block/by-name/<partition>
Test: adb-remount-test.sh
Bug: 119885423
Change-Id: I6a4c3d9b5c2b406178f0acf0a86c52ab17209537
When the update-super command is issued, we want overlayfs overrides
to disappear without a doubt, which includes non-A/B utilizing
/cache/overlay/ tree. Call fs_mgr_overlayfs_teardown() on successful
return.
Test: adb-remount-test.sh
Bug: 120034852
Change-Id: Ia5cdb797f7e8350b5591a51fc8ae5f323901aee4
Disable overrides if we are booting up in recovery or fastbootd.
Check for existence of /system/bin/recovery.
Test: adb-remount-test.sh
Bug: 120034852
Change-Id: I946eb605300226d31356ecac209d6367f4e13526
For specific teardown operations, if we mount scratch with the
intention of it being temporary to strike out content for a specific
partition, umount it. Otherwise it could interfer with fastboot.
Test: adb-remount-test.sh
Bug: 120034852
Change-Id: Ieff3f6ea0bcda5eb540e9acf6cab8a56d1453b3e
Mount flags prefixed with MS_ are intended for the 'flags' entry of
fstab_rec, not fs_mgr_flags.
Coincidentally, this probably has always worked since this maps to the
'wait' flag, which is almost always set for system in the first place.
Test: build
Change-Id: Id4862bc087aa98e1f0e17145dc3ed74b5d867596
We don't need to call fsck, if magic is not matched at all.
Bug: 111895882
Change-Id: Ie728b02ff2fc7d4a20fc011f66643583ea708f9d
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
I accidentally changed some _mode enums from unsigned int to off64_t
along with the rest changes. They probably shouldn't have been
unsigned anyway though, so let's make them plain 'int' while we fix
the original typo.
Test: boot
Change-Id: I0c6c51a1a8170056b99087d249539eb79026cffe
Test script assumes overlayfs takeup after disable-verity, although
that can happen if verity is already disabled, it is not the case
for devices that just had it disabled. Move takeup and first stage
init tests downwards to where the condition is guaranteed.
Differentiate the test for devices that support or have verity, and
those that do not.
Fortify test to also use /data mount to check init first stage limit.
Test: adb-remount-test.sh
Bug: 109821005
Change-Id: I5241d6c97bf374614e50aa0aa18a1b9d118be093
'off64_t' is the correct way to specify a size of a file system, so we
update the various fs_mgr fstab attributes accordingly.
Test: boot
Change-Id: I07ebe687b7c215a8d07ce49d6d32e81b798d1cd3
Bug 120032857 is seeing what appears to be allocations with incorrect
end addresses, leading to a much later crash when it tries to map
a zero page outside the valid virtual address space. Detect allocations
that extend outside the highest or lowest memory mapping and crash
immediately instead.
Test: memunreachable_test
Bug: 120032857
Change-Id: I9be670a025143e7078360a6bf7a83219279614d9
Even though it isn't strictly needed when not system-as-root, for
backwards compatibility, it is desired to keep this symlink.
Bug: 119851742
Test: tree-hugger
Change-Id: I47bc25ab257336f56ef09b5db6ebaf6b17daad35
This CL also adds namespace android::fs_mgr and remove FsManager* prefix
for class names. Note that android::fs_mgr::FsManagerAvbOps will be removed
in later CLs when fs_mgr doesn't rely on libavb->avb_slot_verify() to
parse vbmeta structs.
Some lingering sources for by_name_symlink_map_ are also removed.
Bug: 112103720
Test: boot crosshatch_mainline-userdebug
Change-Id: I2d1a5cc39bcd5a699da8d5539f191d8c7737c4af
The --fastdeploy switch caused errors when CRC collisions were present in the input apk and/or
an apk with a similar package name to the input apk was already installed on the device.
Test: mm -j 64
Test: adb install -r --fastdeploy --force-agent --local-agent /mnt/raid/boat-attack-apk/boat-attack-swappy.apk
Bug: 119934862
Change-Id: Ibfe0cec38bdbb7371803fc2f73b0ec1697cef624
On retrofit devices, if both slots contain dynamic partition builds,
then "flashall" will attempt to write secondary images to dynamic
partitions in the other slot. At worst, this can fail with an error. At
best, it will result in the "other" partition not being mounted on first
boot.
This patch therefore deletes logical partitions for secondary images, on
retrofit devices only. On a Pixel device on the "b" slot, this means
"system_a" and "vendor_a" will be deleted before flashing, and therefore
system_other and vendor_other will be flashed to physical partitions
instead.
Bug: 120034852
Test: fastboot set_active a
fastboot flashall
fastboot set_active b
fastboot flashall
Change-Id: I6affe9a6c639b0495bffc77fcf20f329b86ad159
Check if overlayfs is supplied in the kernel before proceeding to
determining if there is a disabled verity and an overlayfs filesystem
to deploy.
Test: adb-remount-test.sh
Bug: 119929969
Change-Id: I28116f0aa6959040bb9f38f46c058a221591f735
NIAP certification requires that all cryptographic functions
undergo a self-test during startup to demonstrate correct
operation. This change adds such a check.
If the check fails, it will prevent the device from booting
by rebooting into the bootloader.
Bug: 119826244
Test: Built for walleye. After device booted examined dmesg and
observed logs from init showing that the new task did
start. Further, when BoringSSL is built to fail its self
check the device did stop during a normal boot and enter
the bootloader, and did so before the boot animation stopped.
Change-Id: I07a5dc73a314502c87de566bb26f4d73499d2675
This reverts commit 055347e564.
Reason for revert:
init boots with XOM now. I think this was fixed when this boringssl patch got merged in earlier this week (init has a static dependency on libcrypto):
https://boringssl-review.googlesource.com/c/boringssl/+/33245
Change-Id: I70e15fad4a194c0d2087941bba70dfcd38abe8b5
Follow up to the change made for AVB2 devices in
I19371b05912240480dc50864a2c04131258a7103.
The same consideration must be made in the fall through case, which
is taken either if AVB is completely disabled, or the dm-verity / AVB1
mechanism is used.
Bug: 113175337
Test: boot test on cuttlefish
Change-Id: I99d46a2c2630c40f5f5c02279b11e423998a1e05
Some devices we want to test on, like cuttlefish, may not have a
partition table on any block device Android can see. The partitions are
simply exposed as separate block devices. This means we need to be able
to override the super_partition name to a regular block device name even
on non-A/B devices.
Bug: 113175337
Test: boot test on cuttlefish
Change-Id: I6ff460d0ba7b1e26cb5d60ba446737aa49549c18
When checking for existence of "super_empty.img" to determine if
flash image product set is meant for logical partitions, we die if
ANDROID_PRODUCT_OUT environment is unset or empty. This check
is done before we look at the flash image name to determine if it
is a candidate to look at the logical metadata.
Instead, allow this check to conservatively fail for now.
Test: export ANDROID_PRODUCT_OUT=
fastboot flash bootloader
Bug: 120041144
Change-Id: I43f124015f9d26c79a0feb9123522432fe937343
Merged-In: I43f124015f9d26c79a0feb9123522432fe937343
Non-treblized devices use ld.config.legacy.txt, which does not
support product partition, leading to access denial from/to product partition.
Declare directly /product since search paths are resolved in linker config.
Test: m -j with non-treblized device upgraded to P.
Change-Id: Ic142b807f5dbffdfa5c774b3df8d0903b9626b6a
There is a problem about tombstone, which it will fail to
generate tombstone file in some scenarios due to socket
communication exception.
Reproduce step:
step 1: reboot device
step 2: ps -ef |grep zygote , get the pid of zygote64
(Attention: zygote64 should never been killed or reboot,
otherwise we can get the tombstone file)
step 3: kill -5 pid of zygote64
step 4: cd data/tombstones/, and could not find the tombstone
file of zygote64.
[Cause Analysis]
1. There are following logs by logcat:
11-19 15:38:43.789 569 569 F libc : Fatal signal 5 (SIGTRAP),
code 0 (SI_USER) in tid 569 (main), pid 569 (main)
11-19 15:38:43.829 6115 6115 I crash_dump64: obtaining output
fd from tombstoned, type: kDebuggerdTombstone
11-19 15:38:43.830 569 5836 I Zygote : Process 6114 exited
cleanly (0)
11-19 15:38:43.830 777 777 I /system/bin/tombstoned: received
crash request for pid 569
11-19 15:38:43.831 6115 6115 I crash_dump64: performing dump of
process 569 (target tid = 569)
...
11-19 15:38:43.937 777 777 W /system/bin/tombstoned: crash
socket received short read of length 0 (expected 12)
2. The last log was print by function of crash_request_cb in
file of tombstoned.cpp, following related code:
rc = TEMP_FAILURE_RETRY(read(sockfd, &request, sizeof(request)));
if (rc == -1) {
PLOG(WARNING) << "failed to read from crash socket";
goto fail;
} else if (rc != sizeof(request)) {
LOG(WARNING) << "crash socket received short read of length " << rc << " (expected "
<< sizeof(request) << ")";
goto fail;
}
Tombstoned read message by socket, and now the message length is
zero. Some socket communication exception occurs at that time.
We try to let crash_dump resend the socket message when the
communication is abnormal. Just as this CL.
Test: 1 reboot device
2 ps -ef |grep zygote , get the pid of zygote64
(Attention: zygote64 should never been killed or reboot,
otherwise we can get the tombstone file)
3 kill -5 pid of zygote64
4 cd data/tombstones/, and could find the tombstone file of
zygote64.
Change-Id: Ic152b081024d6c12f757927079fd221b63445b18
