Treble allows framework-only (system.img) OTA. To libavb statically
linked in init/fs_mgr cannot parse the AVB metadata of system.img, add
this property for the Treble OTA match process.
Bug: 35236019
Test: Normal boots, use 'adb shell getprop' to check the property is set.
Test: Recovery boots, press 'Mount system' and use 'adb shell getprop'
to check the property is set
Change-Id: I552be229c4efd45088d93252ac67176606f75d4d
* changes:
init: fstab: add support to read fstab entries from device tree
init: early_mount: add support to mount non-verity partitions early
init: remove the existing early_mount code
init: refactor: add support for doing early coldboot
ueventd: make selinux labeling optional for device creation
Use this for bootstat and init. This replaces the custom uptime parser in
bootstat.
This is a reland of aosp/332854 with a fix for Darwin.
Bug: 34352037
Test: chrono_utils_test
Change-Id: Ib2567d8df0e460ab59753ac1c053dd7f9f1008a7
for early mount, we need a way to tell init where to find vendor,
odm partitions (also system in case of non-A/B devices). Also, that
needs to be independent of kernel cmdline since the cmdline will likely
exceed its limit.
The change adds support for parse and create fstab entries that can be
directly sent to the fs_mgr for mounting partitions early in init first
stage.
Sample DT entry to mount vendor partition early on angler-
firmware {
android {
compatible = "android,firmware";
fstab {
compatible = "android,fstab";
vendor {
compatible = "android,vendor";
dev = "/dev/block/platform/soc.0/f9824900.sdhci/by-name/vendor";
type = "ext4";
mnt_flags = "ro,barrier=1,inode_readahead_blks=8";
fsmgr_flags = "wait";
};
};
};
};
b/27805372
Test: Boot angler and sailfish with early "vendor" partition mount by
adding aforementioned DT node and enable CONFIG_PROC_DEVICETREE in kernel
Change-Id: I669013e3fdb157e88719436534f63989dec95d60
Signed-off-by: Sandeep Patil <sspatil@google.com>
This is done by parsing 'androidboot.fstab=<fstab>' kernel cmdline
option to get the fstab file that *only* specifies partitions to be
mounted early (i.e. in init's first stage).
Note that, the same fstab file may not be used as an argument to
mount_all later in the boot as that will cause fs_mgr to fail with
EBUSY.
TODO:
- Possibly add a new mount_mode so the same fstab can be used for
early_mount, 'mount_all --early/--late' etc.
- Add support for dm-verity enabled partitions to mount early.
- Add support for getting fstab arguments through DT instead of kernel
cmdline.
Bug: 27805372
Test:
Boot angler by passing a seperate fstab file using the kernel
cmdline option to mount vendor partition early, remove the vendor
partition entry from the main fstab file for the test.
Boot sailfish by passing a seperate fstab entry via device tree
to mount vendor partition early. Remove vendor partition entry from
the main fstab file for the test
Change-Id: I18785b893c54c8cee960ab44d5e8f83e5d624aa8
Signed-off-by: Sandeep Patil <sspatil@google.com>
keeps parts of the code that are still needed for the fs_mgr
+ dt based implementation
b/27805372
Test: boot angler, sailfish without regressions
Change-Id: I1b08f8b7b4f2e67118d328443a5011c0f5ead919
Signed-off-by: Sandeep Patil <sspatil@google.com>
We don't want to spend time creating devices that are unncessesary
during early (init first-stage) mount. So, refactor the devices code
tha allows us to call into coldboot and has the
- ability to only create devices that are specified by the caller
- ability to stop coldboot cycle when all devices that the caller is
interested in
- ability to run coldboot for a specific syspath
- ability to run ueventd code unmodified
Test: Tested boot on angler, sailfish
Change-Id: Id8f3492380696760414eadc20d624d300c904f8e
Signed-off-by: Sandeep Patil <sspatil@google.com>
I find myself using something like this every time I add functionality
to init. I cannot possibly be the only one doing this. On the other
hand, if this hasn't been added for so long, maybe there's a reason
for that.
The advantage of using a test service versus modifying an existing
service is that the test service doesn't *require* any permissions or
privileges, so you can add and/or remove whatever you need to test
without breaking the service.
I found it useful to have the service check its own /proc/<pid>/status
from command-line arguments, so that's what the service does.
This CL also adds a .clang-format file for init.
Bug: None
Test: Service runs and exits successfully.
Change-Id: I3e7841a7283158e10c0bf55e0103c03902afb1f0
This is to setup a way for us to run coldboot during init first stage
and also at ueventd startup. We do not have all of the file context
during the first stage, so the "early" coldboot needs to proceed without
labelling the device nodes. However, the follow up in ueventd must label
these nodes. This change allows us to do both.
b/27805372
Test: Boot angler successfully and compare do before/after comparison of
the output of 'ls -AclpqRZ /dev' to ensure there are no differences.
Change-Id: I5e88bd7da8a1d2cc41e3abba30dda463ecbde32e
Signed-off-by: Sandeep Patil <sspatil@google.com>
While keeping the old /ueventd.$ro.hardware.rc configuration for devices
without early mount or vendor,odm split
b/34967636
Test: Boot angler and sailfish without regressions
Change-Id: I8d671911fd23fb1c0b5624ae209bad86137c88b7
Signed-off-by: Sandeep Patil <sspatil@google.com>
Add wait time log for exec service execution time
Fix memory leak when exec service failed to start
Test: on marlin
Bug: 34518530
Change-Id: I01736bd9b1429414f3dc91dd5d02d88a681f0985
This reverts commit db929bf9b7.
Seccomp is now inserted at the zygote level, not in init
Bug: 34710876
Test: Boots, seccomp policy in zygote & zygote64 but not init
Change-Id: I9075a79793171a4eaccf6228e9ff3398c791f8bd
Add syscalls required by sanitizers.
Bug: 34606909
Test: Make sure Android boots when built with SANITIZE_TARGET='address'
Change-Id: Ifa223fb663a4ff43c8b8df9b7bf9452e41079e2e
There are many use cases from vendors to exec service in background and then
use a shell scriprt to wait for the command done.
This CL is to add a wait_for_prop command to suppor those use cases.
Bug: 34746108
Test: on marlin
Change-Id: Ia81290b0928f9d375710d2daa546714f0cd65b72
Bug: 34813887
Bug: 34809883
Bug: 34767389
Bug: 34719286
Test: Device boots, the app in b/34719286 runs when it didn't before
Change-Id: Iad198e3ca620e7a07464b0d182f969bb807bd948
* Nanosecond precision ended up being harder to grok.
* This change modifies the Timer class to have duration_ms instead of
duration_ns.
Bug: 34466121
Test: adb logcat | grep bootstat
Change-Id: Ibd1c27dc3cb29d838a956e342281b2fb98d752a6
Bug: 33746484
Test: Successfully boot with original service and property contexts.
Test: Successfully boot with split serivce and property contexts.
Test: 'getprop -Z'
Change-Id: Ib9c087115040c1609aa64a3ed66d4e67e937e33d
Signed-off-by: Sandeep Patil <sspatil@google.com>
Used by 32-bit debuggers
Bug: 34716063
Test: Make sure a Chrome crash produces a valid stack trace in logcat
Change-Id: Ie42f035da7f19ace403eb2111524f02c0bbfd0d5
When handling a property control message to start a service, the
connection socket was being left open. The child socket FD would then be
inherited by the service from init as "/null".
Bug: 34698883
Test: adb shell start webview_zygote32; adb shell ls -l /proc/<pid>/fd,
no "/null" FD open.
Change-Id: I25f34e1bfc1414e6143acf23414b05f5a241cace
external/avb/libavb provides the new Android Verified Boot (AVB) flow.
It has different verity metadata format than previous formats in
fs_mgr_verity.cpp fs_mgr should support using libavb to read the metadata
(a.k.a. HASHTREE descriptor in AVB) to enable dm-verity in kernel.
Two important files in this commit:
- fs_mgr_avb_ops.c: an implementation of struct AvbOps* for libavb to do
platform dependent I/O operations, e.g., read_from_partition.
- fs_mgr_avb.cpp: it reads the metadata (a.k.a. vbmeta images in AVB) from
all partitions, verifies its integrity against the values of
androidboot.vbmeta.{hash_alg, size, digest} passed from bootloader in
kernel command line. Then enable dm-verity for partitions having the
corresponding HASHTREE descriptor and with an 'avb' fstab flag.
Bug: 31264231
Test: Enable dm-verity on /system partition
Test: Enable dm-verity with FEC on /system partition
Change-Id: I4652806984fe5a30c61be0839135b5ca78323d38
