Adds support for partitions with checkpointing enabled. If the
checkpoint= fs_mgr flag is set, and the system has checkpointing on,
the partition will be mounted in checkpointing mode.
Test: Use vdc checkpoint commands, the checkpoint=fs fs_mgr flag
in the fstab, and a kernel containing the f2fs checkpoint
changes. https://lkml.org/lkml/2018/8/21/22
Change-Id: I3ea8da932de06fcfd2eed06b8640a8b1df837f1f
Note that in addition to waiting for the path to appear, we must also
wait for it to be unlinked. Otherwise, we could accidentally access an
older device when opening and closing the same partition twice in a row.
Bug: 114198005
Test: fastboot flashall works
Change-Id: Iddffc34e1ac8aa066c28e7b1a92b09b6dfd7945c
Security minded hardening, let's not depend on reboot and restorecon.
Test: manual, make sure all sepolicy context are as expected before reboot
Bug: 109821005
Change-Id: I9d3419ce57be072daa55f704f75df7775fbaf5fb
This is an optimization to limit us to an optimal set of overlay
mounts. If an entry is identical or more specific (eg: /vendor is
less specific than /vendor/firmware_file), then no need to craft an
override for it.
We do the check in the setup and mount_all paths.
Test: confirm on devices with more specific mounts they do not get override
Bug: 109821005
Change-Id: If34775455fc7989903f70bc4f075c948db91ce37
Decrease severity so that GetDmDevicePathByName can be used
as an API to check if |name| is mounted in device mapper.
Test: mount devices during OTA
Bug: 110717529
Change-Id: I6b28b6f8efe48f28819004490a037aba47b41ee1
With verity disabled, fs_mgr_update_verity_state spews some confusing
error messages from device-mapper. This change checks whether a device
exists and logs an explicit error.
Bug: N/A
Test: AVB properties are set correctly on AVB device
Messages are logged correctly with AVB disabled
Change-Id: If490c18cfec2d63ad784972c13ceef63d9aa3e4c
Failed to convert fstab entries from "/" to "/system" when setting
up directory tree. Introduce an internal fs_mgr_mount_point to
simplify conversion.
Test: manual
Bug: 109821005
Change-Id: Iadc1e967b92702cf01b6522f8f13b2cf3685f2af
This change enables reading metadata images from memory, for situations
where using file descriptors is not practical (such as fastbootd flash).
Bug: 78793464
Test: liblp_test gtest
Change-Id: I9ad08b0ddd4cbb96e87583237a90785e0f4befa4
This is in preparation for "fastboot flash super", where we want to
verify the validity of a super image before writing it. To do so, we
need to parse the image from the download buffer, and it is useful to do
this from memory rather than a file descriptor.
Bug: 78793464
Test: liblp_test gtest
Change-Id: I7fb1ef4fdf2e8f1d93aea38f75626157fcb4bfc1
Callers of ParseMetadata must manually copy geometry to the final
LpMetadata structure, which is error-prone. Instead, force callers to
pass geometry to ParseMetadata to ensure it is always propagated.
Bug: N/A
Test: liblp_test gtest
Change-Id: I5b24b9d94ab1857db600c40bf6d3c9d8aaa47368
Logical partition metadata has "slots" for AB purposes, but when
flashing or updating the partition table via fastboot, there is no
reason not to synchronize all copies of the metadata. It makes the state
of the super partition much more clear. It also makes the super
partition less likely to break on a slot change from the user, for
example if a "_b" partition is created before changing to the "b" slot.
Bug: 78793464
Test: liblp_test gtest
Change-Id: I3c44f0362f21f87d0bfc3a5c3394e26dc3dd38be
Add fs_mgr_has_shared_blocks in fs_mgr. Use it as a default decision
to utilize overlayfs if not overridden by the platform.
Test: compile
Bug: 109821005
Change-Id: Ifab22a4c9898966515e268349c24bb4c28a39368
If free space on the systems partition is less than 1%, then we may
use overlayfs to override the filesystem.
Test: manual
Bug: 109821005
Change-Id: I03eb9c7882cfd18db418a51e4964404f73f5ceb7
The interface to fsmgr is subpar and while we haven't had time to
revisit it, we absolutely do not want to expose this to vendors in a
way that would force us to keep this interface in the future.
Test: n/a
Change-Id: I970048aa2e45d7f7eca357d052141e90d6e01123
Fix a few areas that mismanage error return values, and can result in
confusing messaging from the adb commands.
Test: manual
Bug: 109821005
Change-Id: Ib00069c9605df453ac8f600c7906649deebfd626
Replace more complicated logic that determines that persistent
properties are now valid with a simple check of
ro.persistent_properties.ready.
Test: manual
Bug: 109821005
Change-Id: I3e43df8283cb97abbf5c0333e64db4ad11703798
libfs_mgr doesn't have direct dependencies on libfec_rs / libkeyutils /
libsquashfs_utils. They were only needed when libfec and libext4_utils
were statically linked into libfs_mgr.
Bug: 112494634
Test: `m -j installclean && m -j bootimage` with aosp_taimen-userdebug.
Check the installed files in recovery image.
Test: `mmma -j system/core/fs_mgr`
Change-Id: I4b12c2df344fabba4942b6db943cf43a031b591d
In user builds, we fix fs_mgr_overlayfs_{setup,teardown} to
properly set the optional 'change' boolean, if it was provided.
Test: TreeHugger
Change-Id: I91fc99d801f8fd782b21f0ecaecddfc7744f0c3e
After fs_mgr_mount_all has added the resources, let
fs_mgr_overlayfs_mount_all to read-only mount overlayfs over the
possible system partitions.
Test: compile
Bug: 109821005
Bug: 110985612
Change-Id: I7101a04c57de1a26283b1523636d07fa8e19ffc7
Logistics for adb remount on developer builds for readonly system
partitions using overlayfs to deal with not being able to remount
with read-write.
Conditions are that filesystem is squashfs, read-only, debug build,
kernel supports overlayfs. The default is a valid /cache/overlay/
directory, with .../<mount_point>/upper and .../<mount_point>/work,
associated with each system partition <mount_point>.
Will take the sepolicy of context of lowerdir as rootcontext= option.
Add fs_mgr_overlayfs_mount_all() to recurse through
fs_mgr_read_fstab_default(), and checking against /proc/mounts to
add any acceptable overlayfs mounts. The checking with /proc/mounts
makes sure we do not overlayfs overtop an overlayfs.
Add fs_mgr_overlayfs_setup(const char*, const char* bool*) and
fs_mgr_overlayfs_teardown(const char*, bool*) to respectively setup
or teardown the overlayfs support directories. Return value
includes success and optional supplied change booleans.
Test: compile
Bug: 109821005
Bug: 110985612
Change-Id: Ie9b4e9ca0f2bdd9275ac2e2e905431636948e131
This reverts commit 49c27c5cb2.
Remove the Speck encryption support. It was eventually
decided not to allow Speck in Android P, so this code
is no longer needed and wasn't used outside of testing.
Bug: 112009351
Test: Confirmed AES continues to work with FBE.
Change-Id: Ia5458143be5687fff8d541d8fa2c8ee24a369da4
If a logical partition is resized to 0 bytes, it will have no extents.
This is not allowed by device-mapper, but is useful for effectively
compacting partitions with "fastboot flashall". If all logical
partitions are resized to 0, then resized to their intended size, then
we will allocate extents more efficiently.
However, if a partition is left with a zero size (either intentionally
or not), this should not throw the device into a reboot loop due to
CreateLogicalPartitions failing. Instead we skip partitions with no
extents.
Bug: 78793464
Test: with fastbootd:
fastboot create-partition example 4096
fastboot resize-partition example 0
device reboots successfully
Change-Id: I572efa949176c8c3c493ef00438d8badd4d7cf4f
By default, logical partitions with the readonly flag are created with a
readonly device. This change allows callers of CreateLogicalPartition
to create writable devices so they can still be flashed.
Bug: 78793464
Test: fastboot flash product_services works with fastbootd
Change-Id: Ia8d2761a3067e3b62815acbf0b6fb7f033072ba2
When adding extents to partitions, if the previous extent and new extent
are contiguous, merge them together to avoid allocating unnecessary
device-mapper targets.
Bug: 79173901
Test: liblp_test gtest
Change-Id: I80087df9aea8141c5e16f8d4cdb3dd7da02aee8c
This logs when partition tables update, when partitions resize, and when
partitions are unmapped from device mapper.
Bug: N/A
Test: N/A
Change-Id: I1125332c79fccc3ebc556b3b48856901e2503c47
DM_TABLE_LOAD will reject dm-linear entries if their size is not a
multiple of the backing device's logical block size. For example, a
partition of 10GiB+512 bytes will fail to map in device-mapper if the
logical block size is 4096 bytes. To address this, this patch adds a
few changes to liblp:
The block size given to lpmake is now recorded in LpGeometryMetadata.
The block size must be a multiple of the sector size. In addition,
partiton sizes are now aligned to the block size, and the super
partition must have enough free space to allocate at least one block (in
addition to storing metadata).
GrowPartition now has multiple checks that the block-size invariant is not
violated, to ensure that no invalid partition tables will be created.
Bug: 79173901
Test: liblp_test gtest
Change-Id: I484aac1f9b90ebd92dc1c89ce1e09cd89bbb441e
