Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
The vbmeta partition might have additional prefix
(e.g., guest_vbmeta_a) on some virtual machine
environment. Allowing rewriting the disable-verity/
disable-verification bits in the vbmeta image upon
flash under such use case.
Bug: https://partnerissuetracker.corp.google.com/u/1/issues/181791553
Test: manual tests with different names of vbmeta partition
Change-Id: Iacadaf587fce1e1e7fef946f56bbfc7f4e8233d8
|
|
With our recent change 0455a2c39c781a8153c1090a4638193b4181379d,
there's some logic that can be simplified to make this slightly
easier to read.
This CL does not change the behavior of this code.
Bug: 208895940
Test: TreeHugger
Change-Id: I4de2dbaf4406cbb7785df8839bb3ae453186ea69
|
|
|
|
This reverts commit 5638fcc22bc6d5e31a3e0a7fcf436c8379b1ae48.
Reason for revert: Root cause of b/217252559 fixed.
Change-Id: I8d2fbf0cab23a56dbea1f422608097c48d9288c0
|
|
|
|
|
|
|
|
Bug: 200082547
Test: Verification of overlayfs entries with below
1. adb root && adb remount && adb reboot
2. adb shell mount | grep system_dlkm
Signed-off-by: Ramji Jiyani <ramjiyani@google.com>
Change-Id: I3fae1fcc6bba81795d6646c10d9fb9552ead8370
|
|
:)
This pulls in quite a few things into a lot of processes. Removing it
separately, in case the use of SetTaskProfiles needs to be reverted,
removing this as well might cause that revert to have linker errors
if new static users of libutils are introduced in the meantime.
Bug: 208895940
Test: build
Change-Id: Iaf5b5d41328c1b1f50bb32be8a6a1bd3a0c3f22f
|
|
Threads should always be in the same state as their parents. This also
implies that the additional SetTaskProfiles is unnecessary when
creating a new thread.
Test: boots, TH
Bug: 208895940
Change-Id: Id971c6e87d342a695bea106cdd258bc0ef6f7ecb
|
|
|
|
|
|
Bug: 215095687
Test: m -j dmesgd
Change-Id: Iee3a1a644115c7808ca545ca8d22cd783a2be114
|
|
Revert "Add a core configuration that disables the zygote."
Revert submission 1964759-master-I4f918502e611e950fa039e4e2ed817c97b928ba2
Reason for revert: b/217993447
Reverted Changes:
I4f918502e:Add a core configuration that disables the zygote....
I4f918502e:Add a core configuration that disables the zygote....
I4f918502e:Add a core configuration that disables the zygote....
Change-Id: I9dc73c6338ed158bd712324b99ae9e3cd4a36424
|
|
|
|
Bug: 211775434
Test: vts_fs_test
Change-Id: I438efe110bb388c28b47753501168449fcb8fbe5
|
|
|
|
Always create system_dlkm mountpoint like
vendor_dlkm and odm_dlkm; as some CF mixed
tests are using the dynamic partition to boot
with builds with no system_dlkm which causes
avd boot failures.
Bug: 217511547
Test: TH
Signed-off-by: Ramji Jiyani <ramjiyani@google.com>
Change-Id: Ibf32127df22898706db02400addaa0f1193c105c
|
|
* changes:
system_dlkm: Fix flag for mount point guard
system_dlkm: load property for dynamic partition
|
|
Replace /system_dlkm mount guard flga from
BOARD_USES_SYSTEM_DLKM_PARTITION to
BOARD_USES_SYSTEM_DLKMIMAGE. board_config.mk
and other tools are using this format of image
name to auto generate code to prevent duplication.
Bug: 200082547
Test: TH
Signed-off-by: Ramji Jiyani <ramjiyani@google.com>
Change-Id: Ie4dc899509cf42afb553936e6dbf69d5ce234d01
|
|
Load from: /system_dlkm/etc/build.prop
Bug: 200082547
Test: TH
Signed-off-by: Ramji Jiyani <ramjiyani@google.com>
Change-Id: I9c34c44fc969107b215c05ed9b0ed779683a30b6
|
|
|
|
|
|
Revert "Build precompiled_sepolicy.apex_sepolicy.sha256"
Revert submission 1965099-precompiled-apex-sepolicy
Reason for revert: Boot regression b/217252559
Reverted Changes:
I2dbe43e32:Use Apex sepolicy if it's available
Bug: 217252559
Change-Id: I1cca3a1ae833c21619de26b2610736170ec5463c
|
|
|
|
|
|
|
|
Change use of new_ to old_ to save the old sigaction data. This hasn't
caused any issues, but it's obviously wrong.
Test: Ran unit tests on coral.
Change-Id: I96be5b0980c323c3aeafb422fbc06202577604a2
|
|
I think this was left in by accident?
Test: treehugger
Change-Id: Ie954efe33f1f811f58c9df4934d50caf0f79e0ea
|
|
|
|
|
|
[reland aosp/1910032]
Updatable sepolicy is shipped within an zip within an APEX. Because
it needs to be available before Apexes are mounted, apexd copies
the zip from the APEX and stores it in /metadata/sepolicy. If there is
not updatable sepolicy in /metadata/sepolicy, then updatable policy is
loaded from /system/etc/selinux/apex. Init performs the following
steps on boot:
1. Validates the zip by checking its signature against a public key
that is stored in /system/etc/selinux.
2. Extracts files from zip and stores them in /dev/selinux.
3. Checks if the apex_sepolicy.sha256 matches the sha256 of
precompiled_sepolicy. if so, the precompiled sepolicy is used.
Otherwise, an on-device compile of the policy is used. This is the
same flow as on-device compilation of policy for Treble.
4. Cleans up files in /dev/selinux which are no longer needed.
5. Restorecons the remaining files in /dev/selinux.
6. Sets selinux into enforcing mode and continues normal booting.
Bug: 199914227
Test: adb root
adb shell cp /apex/com.android.sepolicy.apex/etc/SEPolicy-33.zip \
/metadata/sepolicy/SEPolicy.zip
adb shell cp /apex/com.android.sepolicy.apex/etc/SEPolicy-33.zip.sig \
/metadata/sepolicy/SEPolicy.apk.sig
adb shell cp /apex/com.android.sepolicy.apex/etc/SEPolicy-33.zip.fsv_sig \
/metadata/sepolicy/SEPolicy.zip.fsv_sig
adb reboot
ls -laZ /dev/selinux/
Verify that files exist and that the labels are expected.
Change-Id: I2dbe43e329e91f46abedc7e44f7d24b220e19173
|
|
* changes:
libsparse: Add "hole" mode to sparse_file_read
libsparse: Split off most of sparse_file_read_normal into a helper function
|
|
In targets that do not include a zygote binary, attempting to start the
zygote service will result in repeated service restarts. Avoid this by
providing a way for targets to opt out of declaring a zygote service.
The fvp_mini target does not have a zygote, so apply this opt-out to
that target.
Change-Id: I4f918502e611e950fa039e4e2ed817c97b928ba2
|
|
This adds support for filesystem-level sparse files. These files have
holes which are not stored in the filesystem and when read are full of
zeros. While these zeros may be significant in some types of files,
other types of files may not care about the contents of holes. For
example, most filesystem creation tools write to all the blocks they
care about. Those blocks not written to will remain holes, and can be
safely represented by "don't care" chunks. Using "don't care" chunks
instead of fill chunks can result in a substantial reduction of the time
it takes to program a sparse image.
To accomplish this, we extend the existing "sparse" boolean parameter to
be an enum of mode types. This enum represents the strategy we take when
reading in a file. For the most part the implementation is
straightforward. We use lseek to determine where the holes in the file
are, and then use do_sparse_file_read_normal to create chunks for the
data section. Note that every file has an implicit hole at its end.
Change-Id: I0cfbf08886fca9a91cb753ec8734c84fcbe52c9f
|
|
|
|
This reverts commit 97ff3ab852bdff91b13fd5878abe794d9815a3bd.
Reason for revert: b/216491364 boot time regression
Bug: 216491364
Change-Id: I6c9af0887affa130cc61edf70506e79453dbd228
|
|
|
|
Bug: 191831427
Test: charging animation can show in display correctly
Signed-off-by: Jack Wu <wjack@google.com>
Change-Id: Iedcd7d6c3cd841c44bdf1116701abcbd12a26959
|
|
|
|
|
|
|
|
|
|
|
|
Bug: 191831427
Test: charging animation can show in display correctly
Signed-off-by: Jack Wu <wjack@google.com>
Change-Id: Id99a7401f53f647790e179e995dad9841f8284bb
|
|
set first connector as default
Test: charging animation can show in correct display
Bug: 191831427
Signed-off-by: Jack Wu <wjack@google.com>
Change-Id: Ia79981569e799f01db0036f0ecbdaca36a539ac6
|
|
Updatable sepolicy is shipped within an zip within an APEX. Because
it needs to be available before Apexes are mounted, apexd copies
the zip from the APEX and stores it in /metadata/sepolicy. If there is
not updatable sepolicy in /metadata/sepolicy, then updatable policy is
loaded from /system/etc/selinux/apex. Init performs the following
steps on boot:
1. Validates the zip by checking its signature against a public key
that is stored in /system/etc/selinux.
2. Extracts files from zip and stores them in /dev/selinux.
3. Checks if the apex_sepolicy.sha256 matches the sha256 of
precompiled_sepolicy. if so, the precompiled sepolicy is used.
Otherwise, an on-device compile of the policy is used. This is the
same flow as on-device compilation of policy for Treble.
4. Cleans up files in /dev/selinux which are no longer needed.
5. Restorecons the remaining files in /dev/selinux.
6. Sets selinux into enforcing mode and continues normal booting.
Bug: 199914227
Test: adb root
adb shell cp /apex/com.android.sepolicy.apex/etc/SEPolicy-33.zip \
/metadata/sepolicy/SEPolicy.zip
adb shell cp /apex/com.android.sepolicy.apex/etc/SEPolicy-33.zip.sig \
/metadata/sepolicy/SEPolicy.apk.sig
adb shell cp /apex/com.android.sepolicy.apex/etc/SEPolicy-33.zip.fsv_sig \
/metadata/sepolicy/SEPolicy.zip.fsv_sig
adb reboot
ls -laZ /dev/selinux/
Verify that files exist and that the labels are expected.
Change-Id: I614e8d84892693ecc663b17eebd204096367693d
|