Implement OpenSnapshotWriter for non-compressed Virtual A/B. This is
done by adding an OnlineKernelSnapshotWriter class, which forwards all
writes to a dm-snapshot block device.
This also introduces a new ISnapshotWriter class which extends
ICowWriter, and adds features specific to libsnapshot (versus ICowWriter
which is intended only for the new COW format). The OpenSnapshotReader
call has been moved here since the writer retains all the information
needed to create the reader.
To test the new call, vts_libsnapshot_test has been modified to use
OpenSnapshotWriter.
As part of this change, all consumers of libsnapshot must now link to
libsnapshot_cow.
Bug: 168554689
Test: vts_libsnapshot_test
Change-Id: Ieedfadc557833c1e0540922aabc6e95c80266a64
Once COWs are allocated, their size is fixed, and we don't want to
write beyond the end. To make this validation less tedious, the virtual
methods of ICowWriter have been made internal. The user-facing API calls
do validation before calling the internal variants.
Bug: 168554689
Test: cow_writer_test
Change-Id: Ic9ebb5bc4b601180d35d915c47cd9c537bc423fa
To make the transition to these new calls easier, give them a very
similar signature to MapUpdateSnapshot. Also, allow them to work in
non-compression mode.
Bug: 168554689
Test: builds
Change-Id: I2eb6b41ba8a294dbde1763aabd7701a80c0789f3
Since we can't provide a single device or fd anymore, we need to expose
a CowWriter directly. Additionally, we expose an API for reading
snapshots through the FileDescriptor abstraction.
Bug: 168554689
Test: builds
Change-Id: If7e8adbfe69c2a84d34c63d4b0adff2b3365fd82
Add basic support for daemon creation and handle signals
Test: Add test case to test system and product COW partitions
Bug: 162790322
Signed-off-by: Akilesh Kailash <akailash@google.com>
Change-Id: Icf8dbe49d2237cec6f7dbcdd84256eb6c5afa1cd
When in append mode, CowWriter will re-open the existing COW and resume
writing at the end of the old data position. All existing operations
will be reimported and buffered in memory.
The size calculation has been simplified to make this work. We now
advance ops_offset and no longer track the number of bytes written.
Additionally, a "header_size" field has been added to the header. This
was missing from the original format and is useful for introducing
forward compatibility later.
Finally, Finalize has been renamed to Flush. It's still mandatory, but
it can be called multiple times to continue appending data without
reopening.
Bug: 168554689
Test: cow_api_test gtest
Change-Id: I637e99ae08a4db5b273c06318e6db523ea8ec7c5
This makes looking up device UUIDs a bit easier, as rather than depending on
the device mapper's sysfs layout we can depend on dmctl. There's some
associated libdm plumbing, but the UUID was already pretty much availiable.
Test: I just ran this by hand.
Signed-off-by: Palmer Dabbelt <palmerdabbelt@google.com>
Change-Id: I7028eec6ab04601308047b67057e51a0ff44c0a7
Integrate Snapuserd daemon with libsnapshot library and handle
IO requests from dm-snap and dm-snap-persistent.
Tested all the 3 COW operations on a compressed
cow-device file generated through vab_converter_payload.
BUG: 163046732
Test: Added test case to independently test snapuserd IO path.
Manual test on compressed cow file generated and verifying
md5sum.
Signed-off-by: Akilesh Kailash <akailash@google.com>
Change-Id: I9d017ac671733a93c3bc21344228260224640c78
[Palmer: clean up some build issues]
Signed-off-by: Palmer Dabbelt <palmerdabbelt@google.com>
During boot sequence there can be multiple calls to mount_all. For the
userspace reboot to correctly remount userdata, we need to store the
return code of the one that was responsible in mounting userdata.
Test: adb root
Test: adb shell setprop init.userspace_reboot.is_supported 1
Test: adb reboot userspace
Test: checked dmsg
Bug: 166353152
Change-Id: Id0ae15f3bcf65fa54e4e72b76f64716c053af7fb
This tool allows users to estimate the COW size for a non-A/B update.
It works by scanning the partitions of two target-files packages, and
identifying moved or copied blocks, and simulating the impact in the new
COW format.
It has two modes:
estimate_cow_from_non_ab_ota -ota_tf <path>
Will estimate the COW size for a full OTA. For an incremental OTA, you
need two target files packages:
estimate_cow_from_non_ab_ota -source_tf <path> -ota_tf <path>
There is an optional -compression argument which accepts either "none"
or "gz".
Bug: 161497962
Test: manual test
Change-Id: I335059cd870a464f34c5d644eefefdc76775386e
delta_generator in update_engine needs to know number of bytes written
to estimate cow image sizes. This change modifies CowWriter::Finalize to
return relevant information.
Test: unnitest
Change-Id: I7cf6b9124b90f089a7c5f3850c38200f82da18e6
We fix two separate instances of classes not initializing members
in their constructors.
Test: TreeHugger
Change-Id: If1b7a7625572c9b005f9b8331b282ed11ceb6e97
The A/B version of this tool takes in a payload.bin file (from an OTA
package), and converts it into COWs in the new format. It uses the
CowWriter API to do this. This tool can be used to precisely see the
size of a COW relative to an OTA. Since there is one COW per partition,
it also takes an output folder:
make_cow_from_ab_ota payload.bin ./ota-cows/
If the payload is incremental, a source target-files package is needed.
It must be the exact package used to build the OTA, otherwise, the
conversion is likely to fail. Example:
make_cow_from_ab_ota -source_tf target-files-XYZ.zip \
payload.bin ./ota-cows/
Bug: 162274240
Test: manual tests
Change-Id: I8cb1554e71384625c8073f1c351a976b5ae00a36
The A/B version of this tool takes in a payload.bin file (from an OTA
package), and converts it into COWs in the new format. It uses the
CowWriter API to do this. This tool can be used to precisely see the
size of a COW relative to an OTA. Since there is one COW per partition,
it also takes an output folder:
make_cow_from_ab_ota payload.bin ./ota-cows/
If the payload is incremental, a source target-files package is needed.
It must be the exact package used to build the OTA, otherwise, the
conversion is likely to fail. Example:
make_cow_from_ab_ota -source_tf target-files-XYZ.zip \
payload.bin ./ota-cows/
Bug: 162274240
Test: manual tests
Change-Id: I22c86546f4166ee9df99165399646b7daa3519d5
This is an initial prototype of the new COW format. It does not have
support for merge sequencing or merge state tracking.
The reader and writer APIs have pure virtual interfaces to support
mocking. The writer implementation performs compression, but the reader
interface does not (yet), it only supports iterating over metadata and
performing basic validation.
Bug: 162274240
Test: manual tests
cow_api_test gtest
Change-Id: Ib9fddc1f210700688e6786917b023dfabd5fb3d9
Fix odd bug that TranformFstabForDsu doesn't emplace entry to fstab.
.avb_keys should be set to "/avb", the directory that stores all DSU
avbpubkeys, instead of appending.
Bug: 165471299
Test: Boot a multipartition DSU package
Change-Id: I62ee2f8bf7113f6d2af8cc34ef19c9743029ea0a
Move responsibility for setting ro.crypto.type into fs_mgr_mount_all,
so that even if setting up the filesystem fails, the type is set
correctly and so errors are appropriately handled.
Bug: 162289984
Test: simulate a failure and check that it's set.
Change-Id: Ib061a454e7e21d7206c3c1fa8e88e16618099581
The name "pre_gki_level" is causing some confusion because not all
devices launching with Android R are subject to the GKI requirement.
(See b/161563110#comment11.) E.g., devices that use a 4.14-based kernel
are exempt from GKI. However, the encryption requirements still apply.
Just use __ANDROID_API_Q__ directly instead.
No change in behavior.
Change-Id: I4242745ccc9f88e084a1adfab5796daa9bc59b6e
On non-VAB devices, fake super image creation may fail because it
may not support f2fs file pinning.
Also changes global setup to a testing::Environment object because it is
the recommended way in gtest's guide. SnapshotTestEnvironement::TearDown
is automatically executed before RUN_ALL_TEST returns.
Test: vts_libsnapshot_test
Test: make IsVirtualAbEnabled() return false, then all tests are
skipped.
Bug: 162557082
Change-Id: I1382f9a4ddec146fa2d8cfb21ac66ca22a2e110f
When checking IsUnreliablePinningAllowed, the existing code calls
IsTestDir on a value starts with "/data", but IsTestDir expects
metadata_dir_. Fix it.
Also, make subdir checks more robust and add test cases for IsSubdir.
Fixes: 162557082
Test: vts_libsnapshot_test
Test: fiemap_image_test
Change-Id: I495cfae3da11d1e0800b8abf520df10dd9a29dce
This reverts commit 72abd7b246
(change Ia39af3340c0e241f62557b7c2cc8b800443342f9).
When vold enables either FDE or metadata encryption, it encrypts the
filesystem in-place. Unfortunately, due to a bug, for ext4 filesystems
it hasn't been encrypting the backup superblocks.
Also, in read_ext4_superblock(), the check for
StartsWith(blk_device, "/dev/block/dm-") can return true even if the
encryption mapping hasn't been added yet, since when a GSI image is
booted the userdata block device is a logical volume using dm-linear.
The result is that read_ext4_superblock() can recognize a backup
superblock when the encryption mapping hasn't been added yet, causing
e2fsck to run without the encryption mapping and corrupt the filesystem.
https://android-review.googlesource.com/c/platform/system/vold/+/1385029
will fix this for new or factory-reset devices. However, there probably
are many existing devices that already have their backup superblocks
unencrypted. Therefore, the EncryptInPlace fix isn't enough and we have
to revert the change that started using the backup superblocks too.
Bug: 161871210
Bug: 162479411
Change-Id: I279f84c072bc6c8d3e251a5e95c78f8d6c0d50ba
On GKI updates, has_dynamic_partition_metadata() may be false. Even if
it is the case, partial_update_ should be set properly.
Test: apply GKI update
Bug: 162616968
Change-Id: Icf055d8eb3060e36b3e977541a24f62f9fe11a6f