| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
During encryption and decryption, art is pumping out data via
dex2oat into the /data that is actually a tmpfs.
It currently needs ~195MB.
So we increase the tmpfs from 128MB to 256MB.
Bug: 15909689
Change-Id: I5d518a87d7b4eccf32fcd77f61980646ee8a3d35
Signed-off-by: JP Abgrall <jpa@google.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
Moving the vendor symlink down was causing issues with some devices.
Moved it back up, and adjusted mount to remove symlinks if necessary.
Change-Id: I77126d77cfbef32250012bea3960c99b55db4cbb
Signed-off-by: Daniel Rosenberg <drosen@google.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When looking for partitions to encrypt, it would setup a tmpfs
onto the mount point. But with multi-type mount points it would
repeat the mount.
This would lead to having and extra tmpfs mounted on /data, as
only one would get removed.
Change-Id: I28f2c2c4955906f1172342ea07e0795d6880986b
Signed-off-by: JP Abgrall <jpa@google.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
Modified fastboot to flash vendor.img as well. Moved symlink
for /vendor to occur after mounting partitions. Changed mount
to also create the mount point.
Change-Id: I78e1ba24e6bb8b4af96a67ee0569af579439e682
Signed-off-by: Daniel Rosenberg <drosen@google.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We do the recovery+wipe if
- the mount fails and
- the partition is forceencrypt
- the partition seems wiped (== the 1st 4KB are all 0x00 or 0xFF).
This is a hack until we get the flashstation up and running with f2fs.
Bug: 15731906
The alternative would be for the user to manually enter
recovery and wipe his device.
Bug: 15747366
Change-Id: Ic8f3ef59f3d7d01d5d93d8e4c01502080f422157
Signed-off-by: JP Abgrall <jpa@google.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previous attempt was broken.
It would incorrectly be affected by mount failures.
This changes allows an fstab to contain multiple lines for a given
mount point.
The lines sharing a mount MUST be after each other.
The 1st matching line is the primary when it comes to mounting
and look ups for wiping.
Mounting based on a mount_point will attempt each dup in turn
until one succeeds.
The reported error will be that of the last failed attempt.
This is to allow quick experimentation between different FSes.
Bug: 15702546
Change-Id: I378d68ad13eb0098ec1ccb8dcf108b82acbe9ebb
Signed-off-by: JP Abgrall <jpa@google.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is apparently breaking N5, so reverting for now.
This reverts commit a794f86522f9125f2547c94ebc7c74d1e7ace013.
Bug: 15709256
Change-Id: I37a5160eead17e153e2c83fa94632ffa5d8553c2
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This changes allows an fstab to contain multiple lines for a given
mount point.
The lines sharing a mount MUST be after each other.
The 1st matching line is the primary when it comes to mounting
and look ups for wiping.
Mounting based on a mount_point will attempt each dup in turn
until one succeeds.
This is to allow quick experimentations between different FSes.
It does not deal with checkfs yet, because the underlying invocation
of fs-type appropriate fsck does not handle the error code.
Only the primary FS (1st in the dups) is checked.
Change-Id: I8329737454b53e2681436fe85cd00a9bc522676b
Signed-off-by: JP Abgrall <jpa@google.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- Enables fsck.f2fs for partitions with type F2FS.
- Adds support for f2fs as format fs-type.
- f2fs is optional and support is dlopen()d when needed.
Needs changes in
system/extras/f2fs_utils
external/f2fs-tools
Change-Id: I8d141a0d4d14df9fe84d3b131484e9696fcd8870
Signed-off-by: JP Abgrall <jpa@google.com>
|
|\ \
| |/
| |
| |
| | |
* commit 'af0df46d74368bb98edaadb3c09ddbc7252d3110':
fs_mgr: turn on -Werror
|
| |
| |
| |
| |
| |
| | |
- deal with some -Wunused-variable issues
Change-Id: Ie0140d4777ddf862e4bbed76142a1dbb8320c1b0
|
|\ \
| |/
| |
| |
| | |
* commit '43cb7ae6c31ced8cd518eab59dfea31ab1ade812':
Cleanup: warning fixit.
|
| |
| |
| |
| |
| |
| |
| | |
bootable/recovery has a dependent commit: I9adb470b04e4301989d128c9c3097b21b4dea431
Change-Id: Icf23e659265d71d5226d527c2b40cfbc132320ee
Signed-off-by: Sasha Levitskiy <sanek@google.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
forceencrypt= will encrypt the drive at boot if it is not encrypted. This change
will not have an impact until we set this flag in appropirate fstabs.
Bug: 11985952
Change-Id: I6c65eda7f109e4936aa160da50f871703aefb351
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This checks ro.debuggable to determine whether a device is in the
debuggable state or not, disabling verification if it is.
Eventually we'd like to narrow this down to only devices which
need to disable it, but we aren't there yet.
Change-Id: I06a329fe5449deab6bae595877dbb1f200850241
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Modify fs_mgr to unmount encryptable drives after test mounting them and
then trigger an auto-encrypt via the init script
Needs matching vold changes from
https://googleplex-android-review.googlesource.com/#/c/414200/
Feature is limited to list of serial numbers with this change
Bug: 11985952
Change-Id: I84f85a258b6a7e9809467c9149249302e203c41b
|
|\ \
| | |
| | |
| | |
| | |
| | | |
* changes:
init: Add "partition.*.verified" properties to the property service.
fs_mgr: Set the 'partition.*.verified' property for verified partitions.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This modifies fs_mgr to set the partition.*.verified properties.
Each of these should be used as a weak indicator that a given partition
is verified. For instance, if the 'partition.system.verified' property
is set to '1', this could indicate that the system partition is verified
and therefore should not be modified by, e.g., adb sync.
Note that these properties can be mutated by the system, and so
should not be used as the basis for security decisions.
Change-Id: I27215a3d3628a1b1e184df9eaad90541b9d8b841
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Since 38afe5f4ba5fd834a221a636e63d311fa5a17c8a
fs_mgr_mount_all() will try to behave more like "mount -a"
So prevent inaccessible or busy (already mounted) encryptable filesystems
from mounting tmpfs in their mount points.
Change-Id: I32e5b3e26f2138d1e4d9ef8ba01c1466f8051d39
|
|/
|
|
| |
Change-Id: I0d58dd17d979b749a9ac03567cf2d395f9782f10
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These images do not have GPL-ed binaries like /system/bin/e2fsck so
avoid running the program when we detect that we're running inside
one of them.
Note that this does not affect other emulator-based build products
(e..g full-eng instead of sdk-eng), which do have the binaries.
BUG=13057123
Change-Id: Ia42f1d02a3845fbf4b2f9d95818f35d760711a12
|
|
|
|
|
|
|
|
| |
Move fstab parsing into fs_mgr_fstab.c so that it compiles into a
separate compilation unit. uncrypt links against it but doesn't
need to pull in the rest of the dependencies on fs_mgr.c.
Change-Id: I6bffe1cd42720151533e958028259d1931aaa4bf
|
|
|
|
|
|
|
| |
ext4_parse_sb now takes the struct fs_info to fill out to avoid
using the global info from external callers.
Change-Id: I0984ba01c0dbdd5b68b825817faf0c5cf5aa5510
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This cleans up most of the size-related problems in system/core.
There are still a few changes needed for a clean 64-bit build,
but they look like they might require changes to things like the
fastboot protocol.
Change-Id: I1560425a289fa158e13e2e3173cc3e71976f92c0
|
|/
|
|
|
|
|
|
|
|
| |
While debugging a mount error, the dmesg output was less
than ideal. The error would be declared but why the mount
failed, and what options were passed was not present. This
patch ensures that the mount options and underlying
errno are printed.
Change-Id: I2b3a2c113149df878c0a8a10ef86fd9e4f909658
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The build is broken.
system/core/fs_mgr/fs_mgr.c:824:77: error: expected '(' before 'unused'
const char *blk_device, long long length __attribute__(unused))
^
system/core/fs_mgr/fs_mgr.c: In function 'fs_mgr_add_entry':
system/core/fs_mgr/fs_mgr.c:824:56: warning: unused parameter 'length' [-Wunused-parameter]
const char *blk_device, long long length __attribute__(unused))
^
make: *** [out/target/product/generic_x86/obj/STATIC_LIBRARIES/libfs_mgr_intermediates/fs_mgr.o] Error 1
make: *** Waiting for unfinished jobs....
This reverts commit 21095d0cae64c70b4ac7e90af7a6787019cc317a.
Change-Id: I64f8c4d9c17c0e3bbf2eb427a2c0b81bbe66ec3a
|
|
|
|
|
|
|
|
|
| |
target thumb C: libfs_mgr <= system/core/fs_mgr/fs_mgr.c
system/core/fs_mgr/fs_mgr.c: In function 'fs_mgr_add_entry':
system/core/fs_mgr/fs_mgr.c:828:56: warning: unused parameter 'length' [-Wunused-parameter]
const char *blk_device, long long length)
Change-Id: Ide1bfa120c4f8d8e2f643929cb84c1be065e3310
|
|
|
|
|
| |
Bug: 9336527
Change-Id: I77e2b05cefbfb4eebda39b4079107833f4160563
|
|\
| |
| |
| |
| | |
* commit '397a3642145dbd0919f8148ff24f0cafe1714b55':
fs_mgr: check that fstab is not NULL in fs_mgr_free_fstab
|
| |
| |
| |
| |
| |
| |
| | |
Make sure fstab is not NULL before freeing it
Bug: 10911605
Change-Id: I549c0a470dd183fb15a2f3c5cf4f3dd393b6e307
|
|\ \
| |/
| |
| |
| | |
* commit '6b1a027239689a817aa5ca44a2bcbfe48ed21408':
Create a separate copy of the fsck logs
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The log_target parameter of android_fork_execvp_ext() is now a
bit field, and multiple targets can be set to log to multiple
places at the same time.
The new target LOG_FILE will log to a file specified by the new
parameter file_path.
Set LOG_FILE and log to a file in /dev (the only writable filesystem
avilable when e2fsck runs) when invoking e2fsck in fs_mgr.
Bug: 10021342
Change-Id: I63baf644cc8c3afccc8345df27a74203b44d0400
|
|\ \
| |/
| |
| |
| |
| |
| | |
permissions" into klp-dev
* commit '777a00e3d193e45d928b1a26de85ae5a238271c4':
New fstab flags to support more expressive SD card permissions
|
| |
| |
| |
| |
| |
| | |
Bug: 10330128
Change-Id: I41fb178b839487b604762fbc1ccba097d25c7aa0
|
|\ \
| | |
| | |
| | |
| | | |
* commit 'c67bd8d7cd9b43a5a5ef249ea787ac9786359d22':
Fix fstab memory leak
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When reading the fstab config file fails, fstab memory is not freed.
When fstab structure is no longer needed, only half of it is freed.
Free fstab memory in all cases (error or when it is no longer needed).
Change-Id: Ib0758a5aaa69505285bf64143632986a2dbbdccb
Signed-off-by: Irina Tirdea <irina.tirdea@intel.com>
|
|\ \ \
| |/ /
| | /
| |/
|/| |
* commit 'c4295d9b72812afbaebd7f2512c7a5bba9e7d5fa':
Cleanup fs_getline from fs_mgr
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Since getline is included in bionic, fs_mgr can use this version instead of
the one defined internally by fs_getline.
Replace fs_getline with getline.
Change-Id: I49b53d639bd995f051256fb7573ff6ab45d9c36d
Signed-off-by: Irina Tirdea <irina.tirdea@intel.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This change adds a "verify" fs_mgr flag specifying that
the device in question should be verified.
Devices marked with this flag are expected to have a
footer immediately after their data containing all
the information needed to set up a verity instance.
Change-Id: I10101f2c3240228ee0932e3767fe35e673d2e720
|
|\ \
| |/
| |
| |
| |
| |
| | |
132b7d750e6f3e835676dfc5edbb94978f9370f8 harder.
* commit '6b78fad147c772075eae5cfc25f5a50748bc4015':
Fix my incorrect merge resolution for 132b7d750e6f3e835676dfc5edbb94978f9370f8 harder.
|
| |
| |
| |
| |
| |
| | |
132b7d750e6f3e835676dfc5edbb94978f9370f8 harder.
Change-Id: I3f8bc955f035b49407540053462e53b3f262d381
|
|\ \
| |/
| |
| |
| |
| |
| | |
132b7d750e6f3e835676dfc5edbb94978f9370f8.
* commit '435640312ce48dab201d6f26a6258143a82f551e':
Fix my incorrect merge resolution for 132b7d750e6f3e835676dfc5edbb94978f9370f8.
|
| |
| |
| |
| |
| |
| | |
The conflict was the actual intended change.
Change-Id: Icc9493e4b24b7b53a18e2c7406ef24a81e4d4a7b
|
|\ \
| |/
| |
| |
| |
| |
| | |
stage-aosp-master
* commit 'dccd77730754b681f3517308359a34f86aecd99f':
fs_mgr_priv: Extend fs wait timeout to 20 seconds
|
| |\
| | |
| | |
| | | |
Change-Id: I3e6337c258b3e7fb6eee4ed8e3664a69ae219fd6
|
| | |\ |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
In practice 5 seconds is too short to wait for a disk device node to
show up if the disk is USB; 20 seconds is a much more comfortable
window.
Change-Id: Iaf2c1f46b41a44fc1240d52d8498ca9cb639ea80
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Swap entries can optionally specify a swapprio= or zramsize= flag
in the fs_mgr flags field.
Change-Id: I30530501efd4112af4e158898a9f65f6443c4fdb
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When a filesystem is mounted read-only, make the underlying
block device read-only too. This helps prevent an attacker
who is able to change permissions on the files in /dev
(for example, symlink attack) from modifying the block device.
In particular, this change would have stopped the LG Thrill / Optimus
3D rooting exploit
(http://vulnfactory.org/blog/2012/02/26/rooting-the-lg-thrill-optimus-3d/)
as that exploit modified the raw block device corresponding to /system.
This change also makes UID=0 less powerful. Block devices cannot
be made writable again without CAP_SYS_ADMIN, so an escalation
to UID=0 by itself doesn't give full root access.
adb/mount: Prior to mounting something read-write, remove the
read-only restrictions on the underlying block device. This avoids
messing up developer workflows.
Change-Id: I135098a8fe06f327336f045aab0d48ed9de33807
|