This will be used by payload_generator to estimate the COW size without
using extra storage space.
Bug: 168554689
Test: cow_api_test, ota_from_target_files
Change-Id: I095c809e7d81eff5321b86f4c6bdfb6e9467e84e
* changes:
libsnapshot: Implement MapAllSnapshots and UnmapAllSnapshots.
Start snapuserd if needed as soon as possible during second-stage init.
libsnapshot: Add support for first-to-second-stage transitions of snapuserd.
There may be some use cases that it needs to write string to a
file. This patch support write "Value" to "FilePath", where
both parameters could use special string "<uid>" and "<pid>" to
represent actual uid and pid.
Bug: 170507963
Test: function works
Change-Id: I543846f523518a9bcb3dd1b3437163a1b3157d95
This changes labels to belong at the end of the set of ops that they
refer to. We only sync after writing a label, or the footer, saving the
cost of syncing after ever op.
Change-Id: Iee9dd69132b8e3321eccfe1e43fa0c072a94d3bd
Bug: 172026020
Test: cow_api_test
A few values in the footer were being set inconsistently. We weren't
verifying them, so it didn't matter. This adds verification and sets
them properly.
Change-Id: I669a03a6e1e87ace31775aba5b67dde9b6e5ecf5
Bug: 168829493
Test: cow_api_test
A few minor issues snuck through code review.
Removed a debug line in cow_api_test to persist file.
Removed unused function declaration for cow writer
Switched PLOG to LOG where no errno exists.
Change-Id: Ibb774d6de518fc2a8746e4b9eefc3655c9973c30
Bug: 168554689
Test: cow_api_test
It turns out that I had originally written the test with a local
patch applied that forces TCF0 to SYNC, so it was testing for the
wrong tagged_addr_ctrl value. Fix it.
Bug: 135772972
Change-Id: Ibb9b25e5f5635372ad5de7825c31d7264ff02590
* changes:
trusty: fuzz: dump trusty kernel logs on crash
trusty: Add corpus for gatekeeper fuzzer
trusty: Fuzzer for Gatekeeper TA
trusty: fuzz: Helper library
When Virtual A/B Compression is enabled, the manifest contains the
predicted COW size. Use this instead of the algorithm based on the
kernel COW format.
Bug: 168554689
Test: vts_libsnapshot_test
Change-Id: I545679b4834957ff80a930d91cb44afbadebb66c
snapuserd is used as a user-space block device implementation during
Virtual A/B Compression-enabled updates. It has to be started in
first-stage init, so that updated partitions can be mounted.
Once init reaches second-stage, and sepolicy is loaded, we want to
re-launch snapuserd at the correct privilege level. We accomplish this
by rebuilding the device-mapper tables of each block device, which
allows us to re-bind the kernel driver to a new instance of snapuserd.
After this, the old daemon can be shut down.
Ideally this transition happens as soon as possible, before any .rc
scripts are run. This minimizes the amount of time the original
snapuserd is running, as well as any ambiguity about which instance of
snapuserd is the correct one.
The original daemon is sent a SIGTERM signal once the transition is
complete. The pid is stored in an environment variable to make this
possible (these details are implemented in libsnapshot).
Bug: 168259959
Test: manual test
Change-Id: Ife9518e502ce02f11ec54e7f3e6adc6f04d94133
This patch introduces the fundamentals needed to support booting off
dm-user. First, a method has been added to start snapuserd in
first-stage init. It simply forks and execs, creates a specially named
first-stage socket, then waits for requests.
Next, a new method has been added to SnapshotManager to perform a
second-stage handoff. This works by first launching a second copy of
snapuserd using init's normal service management functionality. The new
snapuserd runs alongside the original, but has correct privileges and a
correct selinux context. Next, we inspect each COW device, and if its
table uses dm-user, we replace the table with a renamed control
device. The new control device is bound to the new snapuserd.
device-mapper guarantees that such a table swap is safe. It flushes I/O
to the old table and then replaces it with the new table. Once the new
table is in place, the old dm-user control devices are automatically
destroyed. Thus, once all dm-user devices has been transitioned, the
first-stage daemon is idle and can gracefully exit.
This patch does not modify init. A few changes will be needed on top of
this patch:
(1) CreateLogicalAndSnapshotPartitions will need further changes to
start the first-stage daemon and track its pid. Additionally, it will
need to ensure the named socket file is deleted, so there is no further
IPC allowed after partitions are completed.
(2) init will need to propagate the pid to second-stage init so the
process can be killed (or signalled).
(3) first-stage snapuserd will need to gracefully exit once it has no
active handler threads.
(4) second-stage init will need to invoke the transition helper on
SnapshotMaanager, ideally as soon as feasible.
Bug: 168259959
Test: manual test
Change-Id: I54dec2edf85ed95f11ab4518eb3d7dbaf0bdcbfd
