Create classes for dev and sys permissions and store these permissions
in std::vector instead of the C list.
Test: boot bullhead
Test: init unit tests
Change-Id: I874039a3db29b4c70149506da8e407123ab7eca2
Adding methods to queue and download flashable images by fd instead of
by pointer, so that we can deal with sending large (up to 4GB) files
on windows and linux. This gets past limitations on linux to read
more than 2GB from a file at a time, as well as memory limitations
on win32, in order to download up to 4GB in a single transfer.
Test: fastboot -w
Test: "flash-all" from nexus factory images site (incl. fastboot -w update)
Test: fastboot flash with large and small image, large and small max-download-size
Test: Sanity check flashing on win32, darwin, linux.
Test: Sanity check 3GB image download (with 3GB max-download-size)
on win32, darwin, linux.
Bug: 36810152
Change-Id: I528d739d344eb080d59d721dadf3b3b34d4b375e
Set ro.boot.avb_version to "AVB_VERSION_MAJOR.AVB_VERSION_MINOR".
During Treble OTA match, the major version must be the same as that in
the avb metadata on disk, while the minor version can be equal or
greater to that in the avb metadata on disk.
See how avb versioning work on the following link:
https://android-review.googlesource.com/#/c/342757/
Also renames AvbHashtreeDisabled() -> hashtree_disabled().
Bug: 35322304
Test: Early mount with AVB, checks [ro.boot.avb_version]: [1.0] exists.
Test: Not enable AVB, checks [ro.boot.avb_version] doesn't exists.
Change-Id: I5aaf476ca53c4fe817779518ba14b68ebcfdc6d6
This is definitely a FAQ, and it doesn't make sense for me to maintain
this on Google+ when I have the power to just check it in (and now have
a sensible place to do so).
Bug: N/A
Test: N/A
Change-Id: I649803ac846917a45f4b7b89cffe5b450179c479
Starting zygote early requires cpuset to be initialized to all cores for
foreground cpuset. Change to expolit all cores by default at boot and
let device manufacturers override to proper values in device specific
init script.
Bug: 36576280
Test: marlin boot fast and checked cpuset during early boot
Change-Id: I2c1ce0630e58a7b04d1a453c6740d3f0bce9de9f
* changes:
liblog: allow event tags to include some punctuations
liblog: logprint supports number of seconds time event field
logcat: test: standardize rest() to let logs land when injecting
This is required for large (>INT_MAX) sparse limit reported by
the target.
Also, patch up return chains of "int" that need to deal with sizes
bigger than 2GB as well as return negative error codes.
Test: -S works with large max-download-size
Test: Flash 3GB system.img with max-download-size 2.5GB
Bug: 36810152
Change-Id: I562a50eabd706bd5b97c71a1aef07c1ffd1a2e5c
fastboot uses AdbWinUsbApi on Windows, let's keep it required.
Test: rm -rf out/host; mma fastboot and confirm AdbWinUsbApi is in out/
Bug: 36810152
Change-Id: Ica8b27cb1d0bca260f716dc61fdcea2ccc282623
event_log_tag parser complains about a period (.) in the name,
we would consider such an enhancement to the tag names possible.
I expect we would want to be able to support alphanumerics,
underscore (_), period (.), minus (-), at (@) and comma (,) for
starters as they are present in the other text log buffer tags.
We introduce a local endOfTag function that is used during parsing and
during android_lookupEventTagNum for submitting new tags. This
function caused us to enforce const char more closely. By filtering
in both places we resolve an issue that could have plagued us if
garbage requests were made.
Test: gTest liblog-unit-tests, logd-unit-tests & logcat-unit-tests
Bug: 31456426
Change-Id: I596b8706e843719ddac07ec40e1cd2875c214bed
Add s to report time in seconds. The time could be a period, duration
or monotonic, expanded to seconds, minutes, hours and days. gTest has
to acquire a dynamic tag allocation as there are no users of this
feature yet.
Looking to the future, audio media logging has binary content similar
to the binary events structures Android logging uses and they have
a definition of a duration field in their internal binary logging, so
may be of use when we unify the logs.
Test: gTest logcat-unit-tests --gtest_filter=*.descriptive
Bug: 31456426
Change-Id: I262c03775983b3bc7b1b00227ce2bb2b0f357bec
Add an internal rest() function to set the standard for how long we
should wait for a log message to land end to end into the logs. Add
a retry on -EBUSY for all descriptive tests along with a rest() after
log injection so the tests can try to survive heavy Denial Of Service
(DOS) loads. Some of the resting was done at a coarse 1 second, when
200ms will do just fine.
Fix a few pesky issues surrounding test reliability and correctness:
- stdint.h include missing.
- missing a logcat_executable, means logcatd.descriptive testing was
testing logcat instead.
- count of interfering tests is 3 now: logcat, liblogcat and logcatd, if
they all run in the same PID, we have to not fail.
- Added a missed opportunity to add uniqueness to logcat.descriptive sync
test.
Test: gTest logcat-unit-tests
Bug: 31456426
Change-Id: Iaf2bee97878957f654613bb2e78e32379bb8d1b7
Also simplify this code a bit.
There's only one consumer that removes the /devices/platform prefix,
so have them handle it instead of storing two copies of the string.
Remove an unneeded search for '/' in get_character_device_symlinks()
as a / will always be the next character after a parent path, by
nature of FindPlatformDevice().
Test: boot bullhead
Test: init unit tests
Change-Id: I9d0482d137b1342ae7509ae993ff99198be814f0
fs_mgr_update_verity_state() is invoked by 'verity_update_state' in
init.rc. It will then set property "partition.system.verified" and
"partition.vendor.verified" to verify_mode. We should support this for
AVB as well.
Also change the order of static libs in init to fix the build error
after this change:
system/extras/ext4_utils/ext4_crypt.cpp:69: error: undefined reference to 'property_get'
Bug: 35416769
Test: Mount /system and /vendor with vboot 2.0 (AVB), check the following properties exist.
- [partition.system.verified]: [2]
- [partition.vendor.verified]: [2]
Test: Mount /system and /vendor with vboot 1.0, check the following properties exist.
- [partition.system.verified]: [0]
- [partition.vendor.verified]: [0]
Change-Id: I4328d66a8cb93f26e7960e620a0b2292d5f15900
libavb requires verifying AVB metadata on all verified partitions at
once. For example, /vbmeta, /boot, /system and /vendor. We need to
invoke device_init() for those partitions even if we only want to early
mount some of them, like /vendor and /system.
This CL gets all AVB partitions and the early mount partitions from
device tree through "firmware/android/vbmeta" and "firmware/fstab",
respectively. The following is an example to early mount /vendor
partition on bullhead:
firmware {
android {
compatible = "android,firmware";
vbmeta {
compatible = "android,vbmeta";
parts = "boot,system,vendor";
by_name_prefix="/dev/block/platform/soc.0/f9824900.sdhci/by-name"
};
fstab {
compatible = "android,fstab";
vendor {
compatible = "android,vendor";
dev = "/dev/block/platform/soc.0/f9824900.sdhci/by-name/vendor";
type = "ext4";
mnt_flags = "ro,barrier=1,inode_readahead_blks=8";
fsmgr_flags = "wait,avb";
};
};
};
};
Bug: 33254008
Test: early mount /vendor with vboot 2.0 (AVB) on bullhead
Test: early mount /system without dm-verity on bullhead
Test: early mount /vendor with vboot 1.0 on sailfish
Change-Id: I89a1f77c97124f309346b33d9e700544b92ecf05
Default signature WriteStringToFile creates world-writeable files.
Set owner and group system and remove read/write for non-owner.
Bug: 37251463
Test: Manual: reboot, inspect
Change-Id: I6a29c678168dcae611b120dc52170f4eee7069a9
- mount, e2fsck, tune2fs will all fail if magic number does not match.
- mismatch always happen for FDE and is wasting boot-up time to try
all and fail always.
- skip mount steps if it has invalid magic number and do not record
fs_stat either.
- For ext4 fs with corrupt superblock, e2fsck refuses to do anything if
superblock magic is invalid. So simply running e2fsck does not help
anyway.
bug: 36231950
Test: reboot ane check fs_mgr log from dmesg
Change-Id: I9ad9e0cd30fd074b3bbf8f450bd401b133d5771a
