Some testcases assume that /dev/block/by-name/userdata is writable, but
mount_with_alternatives() will mark block device as RO if mount flag
includes MS_RDONLY. Fix it by marking the block device as RW again.
Test: th
Bug: 319156415
Change-Id: Ic04acd4b6175d3f0aeea88675da44309e8df15e8
According to aosp/1908136, the current flow is
1. factory reset formatted raw disk.
2. next boot tries to convert it to metadata encryption
2.a mount sda27
2.b umount sda27
2.c encrypt_inplace()
2.d fsck on dm-x
2.e mount dm-x
If there are some write file operations between 2.a and 2.b, encryption
might fail. To mitigate, change the mount in 2.a to readonly if we know
we are going to do encrypt_inplace.
Test: th
Bug: 313962438
Change-Id: I7f4bbd36e1e6c978dde84f5396ffb90bbbdcae87
Right now there is a bug in second-stage-init that screws up the
overlayfs overrides. This happens because:
1. second-stage-init mount_all might be executed in the "bootstrap"
mount namespace.
2. In order to move (MS_MOVE) submounts in fs_mgr_overlayfs_mount_all(),
we change the mount propagation type of overridden filesystems to
MS_PRIVATE.
3. This means that the "default" mount namespace would not receive the
mount events of the overlayfs overrides.
4. After /data is mounted, init would switch to the "default" namespace.
This means any new processes spawned after this period would not be
able to see the overlayfs overrides.
We fix this by changing the mount order of second-stage-init mount_all
to mount the overlayfs override of a partition immediately after the
partition is mounted. This way we don't need to move any submounts as
there can't be any, thus we don't need to set any mountpoint to
MS_PRIVATE so the mount event of the overlayfs would be propagated to
the "default" mount namespace, too.
Bug: 309407859
Bug: 306124139
Test: adb-remount-test
Test: verify that overlayfs tookover successfully from second-stage-init
Change-Id: If2ff4852516292ccbc7abdeebe0e9a7c1c7ba606
Framework or applications can try to find userdata dm target from "/proc/mounts"
which gives "/dev/block/mapper/userdata".
That causes breaking the assumption in all the places.
Bug: 311165039
Change-Id: I9ea1b4589cdd52021d9807f7240c2e4b6d6d05ef
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Trigger fsck on mount of /data if the value of ro.preventative_fsck is
not equal to the contents of /metadata/vold/preventative_fsck, then set
the file to the property to prevent future runs
See b/305658663 for context
Bug: 305658663
Test: Make sure fsck run after first boot and not after second
Ignore-AOSP-First: Critical UDC only bug
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:6c625e5d2e33bdaed7b9933b237502968c4b16e1)
Merged-In: I856c812d22363cc1d1e8aa88706d4d3b89044f52
Change-Id: I856c812d22363cc1d1e8aa88706d4d3b89044f52
The check result can just return the exact mount flags to use, this
reduces code duplication at the caller's side.
Bug: 293695109
Test: adb-remount-test
Change-Id: I9b5c918968f2494c0c1be3cb8d8e6b527a9c4eb2
"Do not reboot with commit failure when ext4 userdata is wiped" has
caused a regression in cuttlefish on f2fs. Overlay.img rapidly grows to
the full userdata size. This updates that CL to only affect partitions
marked for block based checkpointing.
Test: Boot Cuttlefish, monitor overlay.img for 5 minutes
Bug: 285019395
Change-Id: I7d8634e6535ee1531a0df9fb51c6f9c410cbfe92
BUG : 240098675
Skip Dm-Bow load incase size is not a Multiple of 4096.
Rounding down does not hurt, since ext4 will only use full blocks
Change-Id: Ie4e6634b2c49762e4669e66d94effc91d8e581ca
Signed-off-by: Swapneel Mashalkar <quic_smashalk@quicinc.com>
Allow us to check if check_at_most_once is set for any partitions.
This property should be false for any device with a reasonable amount of
RAM and a modern CPU. Enabling check_at_most_once violates AVB best
practices, it should only be allowed on performance limited devices.
Bug: 253033920
Test: Ensure that avbHashtreeNotUsingSha1 CTS test still passes
and that partition.system.verified.check_at_most_once is set.
Change-Id: I8174adf81111cc0df547ea01f81b0dfaca32631f
Signed-off-by: Nathan Huckleberry <nhuck@google.com>
* Categorize functions in fs_mgr_overlayfs.h into three classes:
- Type 1: common and non-critical utilities.
- Type 2: internal routines for facilitating remount.
- Type 3: external entry points for users of fs_mgr_overlayfs, like
fs_mgr_overlayfs_mount_all().
* Move type 1 to common utils header fs_mgr_priv.h & fs_mgr.cpp.
* Move type 2 to new private header fs_mgr_priv_overlayfs.h.
* Keep type 3 in fs_mgr_overlayfs.h.
* Move set-verity-state.cpp under fs_mgr so it can include
fs_mgr_priv_overlayfs.h. File is reformatted as a result. We should
eventually merge and dedup set-verity-state and fs_mgr_remount.
* Add myself to OWNERS for remount-related maintenance work.
Bug: 241179247
Bug: 241688845
Test: Full build -user and -userdebug build.
Test: Presubmit
Test: Treehugger run v2/android-gki/adb_remount
Change-Id: Id5fd0e2b12c693939d712a586dd553cc4d8bfeb1
mount_with_alternatives() supports mounting any of the
consecutive fstab entries. Some log messages shouldn't
be treated as error so changing log level to INFO instead.
Bug: 245468764
Test: TreeHugger
Change-Id: I94a18d4cf91ee5bb58cf5ba5f853a0e6599071d1
If next same mount point also is logical partition, but its blk_device
is not updated yet and still is logical partition name not a mapper
device (/dev/block/dm-X) to cause mount failed.
To support the below fstab configs in fstab.postinstall.
system /postinstall ext4 ro,nosuid,nodev,noexec slotselect_other,logical
system /postinstall erofs ro,nosuid,nodev,noexec slotselect_other,logical
Error logs:
system_b: Can't open blockdev
init: [libfs_mgr]__mount(source=system_b(missing),target=/postinstall,type=erofs)=-1: No such file or directory
Bug: b/241716684
Test: After factory device reset, ensure system_b is mounted as EROFS
Change-Id: I02f20f3dfd8c42be9981915eaff88a5948482724
Include EXT4_FEATURE_COMPAT_STABLE_INODES feature
flag from system/extra.
Test: m
Test: mmma system/core
Signed-off-by: jiajia tang <tangjiajia@xiaomi.com>
Change-Id: I85f4a1c66cdfb37246808d58ca6315861daafe83
Bug:231647359
Test:call ensure_path_mounted("/data") in WipeData function in recovery then factory reset
Change-Id: Ia5b669319776fae9478534484e3993c15fe4e6bf
We need to fix the below error happening in early stage.
[ 24.835617][ T1] init: [libfs_mgr]Running /system/bin/fsck.f2fs -a -c 10000 --debug-cache /dev/block/sda1
[ 24.843693][ T1] logwrapper: Cannot log to file /dev/fscklogs/log
Bug: 230637147
Bug: 230879192
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Change-Id: I19bc5f7154577e29414f855de6ce72172b281975
__mount gets called multiple times. Set the read-only property only upon
success since it can't be set multiple times. Selinux disallows modifying
read-only property and therefore the property holds a wrong value, the one
when __mount was called first even in case the call failed.
Bug: 224824099
Signed-off-by: Padmanabha V <padmanabha.v@sasken.com>
Change-Id: If2900fcf988b6225bb0f96586b00b97386ca8a81
If we fail to umount /data, device won't boot up at all.
Bug: 208161227
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Change-Id: I92d34a253039eb677d4df9fad8a0821fbc684f57
They are changed to template classes. s/Error/Error<>/g to reflect that.
In addition, the direct uses of ResultError for error reporting is
replaced with Error and Errorf.
Bug: 209929099
Test: m
Change-Id: I815526a8e6fa30e63fa3efcf5700b146bf70a507
FDE is no longer supported, so there's no longer any need to ever
reserve a crypto footer.
Bug: 191796797
Change-Id: I79121188b0bcb7b00c16fda03b68b20c40c1e240
Since Android 10, new devices have been required to use FBE instead of
FDE. Therefore, the FDE code is no longer needed.
Bug: 191796797
Change-Id: I2f29ce5fa61c67325d6eb6cf6693787f8fa8a011
Userdata spaces leak when zram writeback is enable and repeatedly kill
system_server(restart android).
The reason is that per_boot‘s inode is hold by loop device
although per_boot is deleted by user which become orphan inode in system.
Adds LO_FLAGS_AUTOCLEAR for loop device of zram backing device,
so loop device can release resouce.
Bug: 200904398
Change-Id: Ifeee9c0b58b10cdf7698077fbcaf54d5faccc3b1
Signed-off-by: Liangcai Fan <liangcai.fan@unisoc.com>
Signed-off-by: Hongyu Jin <hongyu.jin@unisoc.com>
Signed-off-by: Jing Xia <jing.xia@unisoc.com>
It's requested by the partner engineering team to uniquely
identify a partition.
Bug: 197973981
Test: boot the device and check props
Change-Id: I0f7aa34dd0087f0698fe90b9df6c0eae06fc4f5d
Make the queue depth of loop devices identical to that of the underlying
storage device. This patch reduces latency by lowering the queue depth.
With this patch applied I see the following:
# cat /sys/block/loop30/queue/nr_requests
32
Bug: 194450129
Test: Built Android images, installed these and verified that the queue depth of loop devices is 32 instead of 256.
Change-Id: Ifa16084c7df3a54d9559c2388abc4a8392ff88c6
Signed-off-by: Bart Van Assche <bvanassche@google.com>
The user interface of Android devices becomes very slow under memory
pressure. This is because Android uses the zram driver on top of the loop
driver for swapping, because under memory pressure the swap code alternates
reads and writes quickly, because mq-deadline is the default scheduler for
loop devices and because mq-deadline delays writes by five seconds for such
a workload with default settings. Fix this by selecting I/O scheduler 'none'
for loop devices.
Bug: 194450129
Test: Built Android images, installed these and verified that the I/O scheduler of all loop devices is 'none' instead of 'mq-deadline'.
Change-Id: Ia5f606504b663948ab56955cad5a71885a356430
Signed-off-by: Bart Van Assche <bvanassche@acm.org>
Improve code readability by renaming 'device' into 'loop_device' and
'device_fd' into 'loop_fd'.
Bug: 194894000
Test: Built Android images and installed these on an Android device.
Signed-off-by: Bart Van Assche <bvanassche@acm.org>
Change-Id: Ia9c2d7a525e727f8706e66631b97fc4678c6a4d9
If this flag is given, then fs_mgr_mount_overlayfs_fstab_entry() shall
filter out missing directories in the lowerdir= list.
For example,
test /mnt/vendor/overlay_test overlay \
ro,lowerdir=/dir1:/dir2:/missing_dir3 \
first_stage_mount,overlayfs_remove_missing_lowerdir
should mount the overlayfs device with "lowerdir=/dir1:/dir2".
Bug: 186342252
Test: Manual boot test with modified fstab on CF
Change-Id: Id06b37d0c236528cef981e495280b4f4e9c2b4bb
Enhanced the checkpoint=disable GC threshold fallback mechanism by first
dropping to checkpoint=disable before dropping the option completely for
kernel compatibility.
Test: atest vts_kernel_checkpoint_test
Bug: 193216993
Change-Id: I50ecdf3a82eb7bc677965e8fd3821227fd41bfc2
Signed-off-by: Jerry Wong <jerry.wong@broadcom.com>
Ban weird paths such as /../system or //vendor in first stage mount.
Add utility function fs_mgr_create_canonical_mount_point() that:
* mkdir(mount_point) to ensure mount_point's existence
* Test that realpath(mount_point) =?= mount_point
Bug: 188898525
Test: Presubmit
Test: Boot CF
Change-Id: Iaf2ec52701277f26cc81f3e15a47b6083a788334
Rename fs_mgr_overlayfs_mount_fstab_entry() to
fs_mgr_mount_overlayfs_fstab_entry() and move it out of
fs_mgr_overlayfs.cpp to make it available for user builds.
Add checks to unsure overlayfs mount point doesn't contain symbolic
link or /../.
Check the mount point with an allowlist if user build. The mount point
should either be /vendor, /product ... or their submounts, or strict
submounts of /mnt/vendor and /mnt/product.
Bug: 188862155
Test: Boot test with overlayfs mount entries on user build
Change-Id: I3b60dfa4b63cf2ae0754f53d1d08365aa7be1ee0
The parameters "--debug-cache" and path are close to each other, eg:
01-09 17:14:52.058 648 648 I vold : [libfs_mgr]Running
/system/bin/fsck.f2fs -a -c 10000 --debug-cache/dev/block/dm-10
Add a space between them to separate.
Signed-off-by: jiahao <jiahao@xiaomi.com>
Change-Id: Ie2929b541d5907a521c7b97aaed31fdca381fc1a
This patch adds an option, readahead_size_kb in fstab entry option. It supports
to set a proper readahead_size per block/dm devices before using them by mount,
which is useful for low/high-end devices when addressing memory pressure issue.
Bug: 181567573
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Change-Id: I549962e68f8488417d76bcfb283958bc33fd5d7a
As parameters are moved from kernel cmdline to bootconfig,
fs_mgr needs to be updated to handle the new location.
/proc/bootconfig should be checked first, if not present, then check
/proc/cmdline.
Test: atest CtsFsMgrTestCases
Test: launch_cvd
Test: launch_cvd with 4.19 kernel artifacts that do not support
bootconfig
Test: Both of the above configurations with --num_instances 0 or 4
Test: Both configurations with androidboot.boot_devices or
androidboot.boot_device set
Bug: 173815685
Change-Id: I23fb07a17c25c9459833cb931ced79d5ccc3e42a
This is used in cts tests to verify that algorithms in blocklist aren't
used to build the hashtree. The system properties are required to perform
the check on unrooted devices.
Bug: 175236047
Test: flash, getprop; atest CtsNativeVerifiedBootTestCases
Change-Id: I2dcfdb06f85dbe92cde45e836dd68e7bd835020f
