summaryrefslogtreecommitdiffstats
path: root/fs_mgr
Commit message (Collapse)AuthorAgeFilesLines
* fs_mgr: trigger dm-verity error handling for invalid signaturesSami Tolvanen2015-09-251-7/+47
| | | | | | | | | | | | Currently, the device doesn't mount verified partitions if the verity table signature is invalid, which usually means it fails to boot. This change instead sets up dm-verity with an invalid root hash and triggers device-specific error handling to recover from the corruption. Bug: 24256506 Change-Id: I6d693306fa0e7459c5500b028e433df61ecea6fb (cherry picked from commit 47caa5c386b436ba13de9f2ef356380f39afaf3f)
* Merge "fs_mgr: Error out if unable to determine slot_suffix"David Zeuthen2015-09-141-21/+14
|\
| * fs_mgr: Error out if unable to determine slot_suffixDavid Zeuthen2015-09-111-21/+14
| | | | | | | | | | | | | | | | Instead of falling back to suffix _a, we now error out if neither the kernel commandline nor the misc partition specifies the suffix. It's cleaner this way. Change-Id: I3f58928a664433504ebdf8d0ee05a319be5097cf
* | fs_mgr: Fix ENOMEM behavior when dealing with slotselect.David Zeuthen2015-09-091-0/+1
|/ | | | Change-Id: I5460a8d31baa0d4817ff5fcbd9aac272071937f4
* fs_mgr: Use slot_suffix field from bootloader_message.David Zeuthen2015-09-084-21/+155
| | | | | | | | This will make fs_mgr look in the misc partition for the A/B suffix to use if one of more fstab entries is using the slotselect option and the bootloader doesn't specify the suffix. Change-Id: I24233195f60dd352bf8e7ac32b0d95dcd3323156
* Merge "fs_mgr: Add support for A/B partitions"Daniel Rosenberg2015-09-012-0/+26
|\
| * fs_mgr: Add support for A/B partitionsDaniel Rosenberg2015-08-312-0/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | Allow partitions to be marked as A/B partitions using the slotselect flag in fstab. The partitions can be identified by appending the correct suffix to the block device listed in the fstab. The suffix is provided by the bootloader through a command line parameter or the device tree, and can be found in ro.boot.slot_suffix or read from the boot_control HAL. Change-Id: I6846d80e857f95bfb8f282f4ab81167394613bbe Signed-off-by: Daniel Rosenberg <drosen@google.com>
* | Add |opts| argument to android_fork_execvp_extYusuke Sato2015-08-191-4/+5
|/ | | | | | | to allow the caller to send data to the child's stdin. Bug: 21725996 Change-Id: I818f5cf61045286c8d64a91b6d50f05740329be1
* Skip mounting /, just mark block device as ro if needed.Daniel Rosenberg2015-08-041-0/+8
| | | | Change-Id: I7fbb636d296abc1caab6c7bf88017684c9df7759
* Merge "Use fsck.f2fs -a instead of -f for faster boot"Yusuke Sato2015-07-211-2/+2
|\
| * Use fsck.f2fs -a instead of -f for faster bootYusuke Sato2015-07-151-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | and run fsck with -f on clean shutdown instead. With -f, fsck.f2fs always performs a full scan of the /data partition regardless of whether the partition is clean or not. The full scan takes more than 2 seconds on volantis-userdebug and delays the OS boot. With -a, the command does almost nothing when the partition is clean and finishes within 20-30ms on volantis-userdebug. When the partition has an error or its check point has CP_FSCK_FLAG (aka "need_fsck"), the command does exactly the same full scan as -f to fix it. Bug: 21853106 Change-Id: I126263caf34c0f5bb8f5e6794454d4e72526ce38
* | Update partition.*.verified even with ro.boot.veritymode setSami Tolvanen2015-07-151-5/+11
|/ | | | | | | | | | | | | We need to have partition.*.verified properties even when bootloader is managing dm-verity mode, because we may have failed to set up the verified partition and need a property to indicate this. This means we still need to run fs_mgr_update_verity_state and walk through all the partitions to verify the device mapper status, just without updating verity mode. Bug: 22489805 Change-Id: Iaf28185adb8b80e5452447e54e1f4e4417a34168
* Merge "Only pass nomblk_io_submit option when mounting ext4"Elliott Hughes2015-06-111-1/+5
|\
| * Only pass nomblk_io_submit option when mounting ext4Oreste Salerno2015-06-091-1/+5
| | | | | | | | | | | | | | | | | | This option only exists for ext4 filesystems, so it shouldn't be used when mounting ext2/ext3. This bug would cause the mount system call in check_fs to always fail with ext2/ext3 filesystems. Change-Id: I3c8938029357a4a4170355118b6757f61ff4b227
* | fs_mgr: Use ro.boot.veritymodeSami Tolvanen2015-06-101-1/+24
|/ | | | | | | | | | | | If verity state is managed by bootloader, it will pass the verity mode to the kernel in the androidboot.veritymode command line parameter. Init copies the value to the ro.boot.veritymode property. Check for ro.boot.veritymode in fs_mgr and use the value to set dm-verity mode. If this property is not set, store verity state in metadata as before, if a storage location is specified in fstab. Change-Id: Ife3c978c133248432c302583d3b70e179605fe42
* Don't use TEMP_FAILURE_RETRY on close in system/core.Elliott Hughes2015-05-152-10/+10
| | | | | Bug: http://b/20501816 Change-Id: I1839b48ee4f891b8431ecb809e37a4566a5b3e50
* fs_mgr: remove some dead codeOleksiy Avramchenko2015-05-071-4/+0
| | | | | | | | Using logical op on unitialized memory is a bad thing. Good thing is that this bug is dead because the structure is completely cleared later via create_verity_device() -> verity_ioctl_init(). Change-Id: Idf5515a888bc6216eda0e23885a789f9b0320bac
* Securely encrypt the master keyPaul Lawrence2015-04-281-11/+1
| | | | | | | | | | | | | | | | | | | | Move all key management into vold Reuse vold's existing key management through the crypto footer to manage the device wide keys. Use ro.crypto.type flag to determine crypto type, which prevents any issues when running in block encrypted mode, as well as speeding up boot in block or no encryption. This is one of four changes to enable this functionality: https://android-review.googlesource.com/#/c/148586/ https://android-review.googlesource.com/#/c/148604/ https://android-review.googlesource.com/#/c/148606/ https://android-review.googlesource.com/#/c/148607/ Bug: 18151196 Change-Id: I6a8a18f43ae837e330e2785bd26c2c306ae1816b
* Merge "Revert "Securely encrypt the master key""Paul Lawrence2015-04-281-1/+11
|\
| * Revert "Securely encrypt the master key"Paul Lawrence2015-04-281-1/+11
| | | | | | | | | | | | This reverts commit 4bf1887c787a025aad2fbafe382e556e85ac73b0. Change-Id: Ie6d1f39de530b99b50a27ddc45bcc900a24e04b5
* | Merge "Securely encrypt the master key"Paul Lawrence2015-04-271-11/+1
|\|
| * Securely encrypt the master keyPaul Lawrence2015-04-231-11/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove unencrypted link since it is easier to manage directly Move creation of key to vold Start vold early so this is possible in a timely fashion This is one of four changes to enable this functionality: https://android-review.googlesource.com/#/c/144586/ https://android-review.googlesource.com/#/c/144663/ https://android-review.googlesource.com/#/c/144672/ https://android-review.googlesource.com/#/c/144673/ Bug: 18151196 Change-Id: Idb17d1f1a724c6ec509d181ae4427113e9d3b5e6
* | Improve bad error reporting seen in shamu SELinux boot failures.Elliott Hughes2015-04-241-1/+4
|/ | | | | | Explain why mount failed, and explicitly say that the umount fixed it. Change-Id: I13b0927a36517f2fc9f9580945ba6ebefc4882df
* Revert "Revert "fs_mgr_verity: Add support for squashfs""Mohamad Ayyash2015-04-082-27/+54
| | | | | | This reverts commit 7b97c7a3fa0f1bdae5b45a70f625ff48f9dab0c1. Change-Id: Id47e70479fe9247b7936f2e54d4dbfbb4f63f635
* Merge "Revert "fs_mgr_verity: Add support for squashfs""Mohamad Ayyash2015-04-082-39/+26
|\
| * Revert "fs_mgr_verity: Add support for squashfs"Mohamad Ayyash2015-04-082-39/+26
| | | | | | | | | | | | This reverts commit 807f47004f03653997edbe3c83d46350cb056cd4. Change-Id: I2d7972c0828c842b44747dd08fbe44668f2a55db
* | Merge "fs_mgr_verity: Add support for squashfs"Mohamad Ayyash2015-04-082-26/+39
|\|
| * fs_mgr_verity: Add support for squashfsMohamad Ayyash2015-04-062-26/+39
| | | | | | | | | | | | | | | | - Cleanup the code to get filesystem size in a block device - Add support to reading size of squashfs in a block device Change-Id: I3848a705ed4dc2fc9afad20331f0fdecfee545c5 Signed-off-by: Mohamad Ayyash <mkayyash@google.com>
* | Merge "Restore verity state when verified partition is reflashed"Sami Tolvanen2015-04-071-20/+117
|\ \
| * | Restore verity state when verified partition is reflashedSami Tolvanen2015-03-311-20/+117
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Store verity state separately for each verified partition, and store a hash of the last verity table signature for each partition. If the signature changes, assume the partition has been reflashed and reset verity state. Bug: 20006638 Change-Id: I1c85fb816bfec1a54b1033c938bf1fdaf572f849
* | | Merge "Set verity mode as the verified property value"Sami Tolvanen2015-04-072-31/+37
|\| | | |/ |/|
| * Set verity mode as the verified property valueSami Tolvanen2015-03-312-31/+37
| | | | | | | | | | | | | | Set the verity mode as the value for partition.%s.verified to make it easier for userspace to determine in which mode dm-verity was started. Change-Id: Icc635515f8a8ede941277aed196867351d8387cb
* | Link libc++_static into fs_mgr.Dan Albert2015-04-011-0/+1
| | | | | | | | Change-Id: Ic2461d3a30dbd8a22f9800a33fac27c658340b21
* | Revert "Revert "Adding e4crypt support""Paul Lawrence2015-03-314-27/+102
|/ | | | | | | | Fix build break caused by original change This reverts commit 84b0bab58fcc7f225e9a17a15c531b0c2fc509c5. Change-Id: I99fbd7c3d1ed92db1f546033c8493bb71a327924
* Fix buildSami Tolvanen2015-03-261-15/+14
| | | | | | | Fix build breakage in aosp_fugu-userdebug_clang (linux) caused by Id8711f7d51dc1e4e9a4d84f9951240f64528e69d Change-Id: Icd04aeaf131be045cf5788846ae9832e6cbbb944
* Use structured format for verity metadataSami Tolvanen2015-03-243-63/+197
| | | | | | | | Specify the location of verity metadata in fstab, and use a type-length-value format for the metadata that allows other data to be stored in the same location in an extensible way. Change-Id: Id8711f7d51dc1e4e9a4d84f9951240f64528e69d
* Add init command to set verified propertiesSami Tolvanen2015-03-192-7/+20
| | | | | | | | | | Add a command that updates dm-verity state and sets partition.%.verified properties used by adb remount. This is needed in init since fs_mgr cannot set properties: I6a28cccb1ccce960841af20a4b20c32d424b5524 Change-Id: I0fdf5bc29c56690dcadff9d0eb216d3c68483538
* Merge "Do not call libcutils property_set in init through libfs_mgr"Sami Tolvanen2015-03-111-27/+1
|\
| * Do not call libcutils property_set in init through libfs_mgrSami Tolvanen2015-03-051-27/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Both init and libcutils define a property_set function. The init version sets the property directly while libcutils simply calls __system_property_set, which sends a message to init to set the property. Since libfs_mgr is statically linked to libcutils, any calls to property_set end up sending a message to init and waiting for a response. When libfs_mgr is further statically linked to init, this leads to init sending a message to itself when property_set is called in fs_mgr. Because send_prop_msg in bionic only waits for a response for 250ms, this does not cause a deadlock. However, using libcutils to set a property in the init process is hardly a good idea. This change removes the property_set call from fs_mgr_verity.c. If this property is required later, it should be set elsewhere. Change-Id: I6a28cccb1ccce960841af20a4b20c32d424b5524
* | am 291ce5b8: Merge "Fs_mgr: Fix format code"Andreas Gampe2015-03-041-1/+1
|\| | | | | | | | | * commit '291ce5b82d8a504be69132f1827e20041833c488': Fs_mgr: Fix format code
| * Fs_mgr: Fix format codeAndreas Gampe2015-03-041-1/+1
| | | | | | | | | | | | | | | | Suggested printing for off_t is to cast to intmax_t and print that. Follow-up to https://android-review.googlesource.com/133111. Change-Id: Icff6844044c3d0fa6372c3f399453a526fd89954
* | am a88fb24a: Merge "Add fs_mgr support for dm-verity modes"Sami Tolvanen2015-03-042-10/+343
|\| | | | | | | | | * commit 'a88fb24ab43eec9710a0d4d15aedb6d4bc51a2ec': Add fs_mgr support for dm-verity modes
| * Merge "Add fs_mgr support for dm-verity modes"Sami Tolvanen2015-03-042-10/+343
| |\
| | * Add fs_mgr support for dm-verity modesSami Tolvanen2015-03-042-10/+343
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add support for dm-verity modes and storing persistent state in a location specified by the following properties: ro.verity.state.location ro.verity.state.offset If these properties do not exist, dm-verity is always loaded in EIO mode. If the properties do exist, but the location does not have valid state data, dm-verity is loaded in RESTART mode. The mode is updated to LOGGING if a dm-verity triggered restart has occurred. Change-Id: Ibb82953594d234f81ad21c40f524190b88e4ac8f
* | | am fbb3f8ca: Merge "Set underlying block device RO when enabling verity"Sami Tolvanen2015-02-283-6/+14
|\| | | | | | | | | | | | | | * commit 'fbb3f8ca499b04c82437155f87c8666cad607c6b': Set underlying block device RO when enabling verity
| * | Set underlying block device RO when enabling veritySami Tolvanen2015-02-273-6/+14
| |/ | | | | | | | | | | | | | | | | | | | | Currently, when verity is set up on a block device, the underlying device is still accessible directly. Change the existing function fs_set_blk_ro visible to other fs_mgr modules, change the behavior to match the comment above the function definition, and call it to disable write access to the block device when setting up verity. Bug: 18609347 Change-Id: I7884175df15f9161174788d74d20a08e4cd472ca
* | Merge commit '9c1bc6bbc82e3e4f005e9fcacfca94b2dd82ca31' into HEADBill Yi2015-02-194-11/+8
|\ \ | |/ |/|
| * am 317b4024: Revert "Make encryption configurable"Paul Lawrence2015-02-073-7/+3
| |\ | | | | | | | | | | | | * commit '317b4024a2a46b8c57abfa08f2a649df13572bd3': Revert "Make encryption configurable"
| | * Revert "Make encryption configurable"Paul Lawrence2015-02-063-7/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit bda6272446454886339841a62daaa1b66c07ad60. The original fix seems to have led to boot failures in QA. Rather than risk shipping, revert the change. Bug 18764230 reopened. Requires change https://googleplex-android-review.git.corp.google.com/#/c/629764/ Bug: 19278390 Bug: 19199624 Change-Id: I8b6ab585666f2b0f585ffb2a5f61ac2e3462e06e
| * | am 17b5b352: Merge "fs_mgr: error check umount calls / add retry logic"Nick Kralevich2015-02-062-3/+14
| |\ \ | | | | | | | | | | | | | | | | * commit '17b5b3520094de679c9e43a872c02d15758c83b8': fs_mgr: error check umount calls / add retry logic
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-10 03:56:18 +0000