earlyBootEnded signals to keystore2 to read the database for the first
time, and start the MAX_BOOT_LEVEL system. It must therefore run
after /data is mounted and /data/misc/keystore is created, but before
apexd or odsign starts.
Bug: 176450483
Test: cuttlefish: check keystore2 logs to ensure all looks well.
Change-Id: Ia3b968afc38edf95712480e99e545ba88ea309c3
When all threads are terminated, dm-user handler's are removed
from the list. When the last handler is removed, daemon is
shutdown gracefully.
Bug: 183652708
Test: 1: Apply full OTA and verify daemon is terminated; reapply the OTA
to verify daemon is restarted again.
2: vts_libsnapshot_test
Signed-off-by: Akilesh Kailash <akailash@google.com>
Change-Id: Ibd41223fc0eba884993a533fcc95661f72805db2
In form, inspired by ANDROID_BASE_UNIQUE_FD_DISABLE_IMPLICIT_CONVERSION.
We get occasional bugs about sp double-ownership. When this flag is
enabled, we have:
- you must construct RefBase objects using sp<>::make
- you must construct wp<> objects by converting them to sp<>
- if you want to convert a raw pointer to an sp<> object (this is
possible since the refcount is used internally, and is used commonly
on this*), then you must use 'assertStrongRefExists' semantics which
aborts if there is no strong ref held. That is, if a client uses
std::make_shared and then calls a function which internally used to
call `sp<T>(this)`, you would now call
`sp<T>::assertStrongRefExists(this)`, and the double ownership
problem would become a runtime error.
Bug: 184190315
Test: libutils_test
Change-Id: Ie18d3146420df1808e3733027070ec234dda4e9d
Keystore uses this as the user ID for keys that it creates for its
own use.
Bug: 176450483
Test: keystore2_test
Change-Id: Ia698912917cd209eebcfc007a8badce7a39159d6
ReadFstabFromFile() calls access() to check the existence of DSU
metadata files to determine if device is in DSU running state. This is
error prone because a failed access() can mean non-exsitent file as well
as the caller lacking the permission to path resolute the pathname.
Strengthen ReadFstabFromFile() to check the errno after a failed
access() or open(), if the errno is not ENOENT, then return with error,
as this may be indicating the caller doesn't have sufficient access
rights to call ReadFstabFromFile().
After this change, processes would need these policies to call
ReadFstabFromFile():
allow scontext { metadata_file gsi_metadata_file_type }:dir search;
And these policies to call ReadFstabFromFile() within a DSU system:
allow scontext gsi_public_metadata_file:file r_file_perms;
Bug: 181110285
Test: Presubmit
Change-Id: I1a6a796cb9b7b49af3aa5e7a5e8d99cde25e5857
Minor refactoring and renaming, goal is to make the follow-up patch
easier to read.
Bug: 184132970
Test: Presubmit
Change-Id: I66416161b30ac310934d901cbaf11bc926e2cbf7
When worker threads were created, snapuserd was converted to a
shared_pointer. Earlier, memory was forcefully released
by setting snapuserd to nullptr which worked as it
was a unique pointer. Now, every worker thread holds
a reference. Clear the vector once all the worker
threads are terminated.
Test: Apply OTA and verify memory is released after OTA is applied
Bug: 183652708
Signed-off-by: Akilesh Kailash <akailash@google.com>
Change-Id: I256d26d98b02ad599aff49b92192226546c59b17
Revert "Merge libdexfile_external into libdexfile."
Revert "libdexfile_external is replaced by libdexfile."
Revert "Rename libdexfile_external_static to libdexfile_static."
Revert "Rename libdexfile_external_static to libdexfile_static."
Revert "Allow dependencies from platform variants to APEX modules."
Revert submission 1658000
Reason for revert: Breaks full-eng build: b/184239856
Reverted Changes:
I4f8ead785:Avoid internal APEX stubs for libsigchain and clea...
I68affdf69:Allow dependencies from platform variants to APEX ...
I54b33784e:Rename libdexfile_external_static to libdexfile_st...
Id68ae9438:libdexfile_external is being replaced by libdexfil...
I12ac84eb4:libdexfile_external is replaced by libdexfile.
If05dbffc8:Rename libdexfile_external_static to libdexfile_st...
Ia011fa3a8:Merge libdexfile_external into libdexfile.
Change-Id: I2448810c9a863cde32b6ed98d9ed0a99cf260d34
Otherwise, these error logs don't end up in bugreports, making it very
difficult to debug.
When using locally, users will have to check logcat instead of stderr.
Bug: 183919392
Bug: 115420908
Test: m
Change-Id: I3b829347971d05968b851e11ce784829d12ef098
Remove the function EnableBlocklist() and add a constructor argument to
enable/disable the use of modules.blocklist. In all cases, the
enabling/disabling of the blocklist happens immediately after creating
the Modprobe object. So this simplies libmodprobe.
Additionally, the use of the blocklist by libmodprobe should be enabled
by default unless explicitly disabled during creation of the Modprobe
object. Currently, only modprobe(8) defaults to not using the blocklist
and includes the argument -b BLOCKLIST for enabling it. That
functionality remains.
This refactor allows us to use the blocklist during first stage init.
However, additional logic is needed to not return an error for the
blocked non-aliased modules during first stage init; otherwise, the
error would result in an init crash leading to a device reboot. So fixup
LoadListedModules() to allow blocking modules without returning an
error.
Bug: 182582036
Test: boot test on pixel 5 with a module in modules.blocklist
Change-Id: I394b5aa98fa98821011982cfe693749010c381f7
It must run before odsign; and now runs after restorecon on /data as well.
Bug: 183861600
Bug: 180105615
Test: presubmit && cuttlefish boots
Change-Id: Iefe59d94a7a40ed1e526c189cbc2baf69156f334
We shall rely on Android property instead of parsing kernel
command line directly: parameters could be originated from
kernel command line or bootconfig.
Bug: 183237066
Bug: 183719613
Signed-off-by: Oleg Matcovschi <omatcovschi@google.com>
Change-Id: Ia70d286646a83a95967ca4293168a6550ffff7f0
Change mkbootimg() to return void, as we already have a |out| parameter.
Bug: 183455415
Test: Presubmit
Change-Id: I51439e273752ab9e21f8d7138e900ea55bdfdfc0
Boot v4 is mostly compatible with boot v3, so these minimal changes
should be sufficient.
The newly introduced field of v4, signature_size, is left zero because
this field is only meant to be read by VTS testcases, so the value
doesn't matter for the debugging purposes of boot and flash:raw.
Bug: 183455415
Test: Manual
Change-Id: I5c2737ce35dd25f318b19a429de805ea16c46607
If somehow we wind up with snapshots with a source suffix, we could wind
up trying to unmap an in-use partition. Detect this case and allow the
snapshot to be deleted without the unmap.
Bug: 183567503
Test: vts_libsnapshot_test
Change-Id: I87dd5bb3a7b9be59dede624924374ccc47b563c2
