diff options
| author | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2022-10-03 23:31:46 +0000 |
|---|---|---|
| committer | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2022-10-03 23:31:46 +0000 |
| commit | 058a53542a9a4cc10e713e052f5318fc5c3afe0f (patch) | |
| tree | 08dd67897bbab89673f47e1582ef6eccc760daba | |
| parent | 6e48a1e5797a91a170ad898239c788b03e39c039 (diff) | |
| parent | c3bda9f3edb1aefea44a3fe4d741aca63c57c9bc (diff) | |
| download | core-058a53542a9a4cc10e713e052f5318fc5c3afe0f.tar.gz | |
Snap for 9133013 from c3bda9f3edb1aefea44a3fe4d741aca63c57c9bc to tm-qpr2-release
Change-Id: Ifc957ef40124629b210d0ae5626992368be1590b
| -rw-r--r-- | fs_mgr/libsnapshot/cow_reader.cpp | 70 | ||||
| -rw-r--r-- | fs_mgr/libsnapshot/include/libsnapshot/cow_reader.h | 3 | ||||
| -rw-r--r-- | rootdir/init.rc | 5 | ||||
| -rw-r--r-- | trusty/apploader/apploader.cpp | 3 | ||||
| -rw-r--r-- | trusty/apploader/apploader_ipc.h | 5 |
5 files changed, 44 insertions, 42 deletions
diff --git a/fs_mgr/libsnapshot/cow_reader.cpp b/fs_mgr/libsnapshot/cow_reader.cpp index 746feeb8d..75a58a6fc 100644 --- a/fs_mgr/libsnapshot/cow_reader.cpp +++ b/fs_mgr/libsnapshot/cow_reader.cpp @@ -38,7 +38,7 @@ CowReader::CowReader(ReaderFlags reader_flag) : fd_(-1), header_(), fd_size_(0), - merge_op_blocks_(std::make_shared<std::vector<uint32_t>>()), + block_pos_index_(std::make_shared<std::vector<int>>()), reader_flag_(reader_flag) {} static void SHA256(const void*, size_t, uint8_t[]) { @@ -58,13 +58,12 @@ std::unique_ptr<CowReader> CowReader::CloneCowReader() { cow->fd_size_ = fd_size_; cow->last_label_ = last_label_; cow->ops_ = ops_; - cow->merge_op_blocks_ = merge_op_blocks_; cow->merge_op_start_ = merge_op_start_; - cow->block_map_ = block_map_; cow->num_total_data_ops_ = num_total_data_ops_; cow->num_ordered_ops_to_merge_ = num_ordered_ops_to_merge_; cow->has_seq_ops_ = has_seq_ops_; cow->data_loc_ = data_loc_; + cow->block_pos_index_ = block_pos_index_; return cow; } @@ -415,10 +414,10 @@ bool CowReader::ParseOps(std::optional<uint64_t> label) { // Replace-op-4, Zero-op-9, Replace-op-5 } //============================================================== bool CowReader::PrepMergeOps() { - auto merge_op_blocks = std::make_shared<std::vector<uint32_t>>(); + auto merge_op_blocks = std::make_unique<std::vector<uint32_t>>(); std::vector<int> other_ops; auto seq_ops_set = std::unordered_set<uint32_t>(); - auto block_map = std::make_shared<std::unordered_map<uint32_t, int>>(); + auto block_map = std::make_unique<std::unordered_map<uint32_t, int>>(); size_t num_seqs = 0; size_t read; @@ -477,13 +476,18 @@ bool CowReader::PrepMergeOps() { merge_op_blocks->insert(merge_op_blocks->end(), other_ops.begin(), other_ops.end()); + for (auto block : *merge_op_blocks) { + block_pos_index_->push_back(block_map->at(block)); + } + num_total_data_ops_ = merge_op_blocks->size(); if (header_.num_merge_ops > 0) { merge_op_start_ = header_.num_merge_ops; } - block_map_ = block_map; - merge_op_blocks_ = merge_op_blocks; + block_map->clear(); + merge_op_blocks->clear(); + return true; } @@ -589,9 +593,7 @@ const CowOperation& CowOpIter::Get() { class CowRevMergeOpIter final : public ICowOpIter { public: explicit CowRevMergeOpIter(std::shared_ptr<std::vector<CowOperation>> ops, - std::shared_ptr<std::vector<uint32_t>> merge_op_blocks, - std::shared_ptr<std::unordered_map<uint32_t, int>> map, - uint64_t start); + std::shared_ptr<std::vector<int>> block_pos_index, uint64_t start); bool Done() override; const CowOperation& Get() override; @@ -602,17 +604,15 @@ class CowRevMergeOpIter final : public ICowOpIter { private: std::shared_ptr<std::vector<CowOperation>> ops_; - std::shared_ptr<std::vector<uint32_t>> merge_op_blocks_; - std::shared_ptr<std::unordered_map<uint32_t, int>> map_; - std::vector<uint32_t>::reverse_iterator block_riter_; + std::vector<int>::reverse_iterator block_riter_; + std::shared_ptr<std::vector<int>> cow_op_index_vec_; uint64_t start_; }; class CowMergeOpIter final : public ICowOpIter { public: explicit CowMergeOpIter(std::shared_ptr<std::vector<CowOperation>> ops, - std::shared_ptr<std::vector<uint32_t>> merge_op_blocks, - std::shared_ptr<std::unordered_map<uint32_t, int>> map, uint64_t start); + std::shared_ptr<std::vector<int>> block_pos_index, uint64_t start); bool Done() override; const CowOperation& Get() override; @@ -623,26 +623,21 @@ class CowMergeOpIter final : public ICowOpIter { private: std::shared_ptr<std::vector<CowOperation>> ops_; - std::shared_ptr<std::vector<uint32_t>> merge_op_blocks_; - std::shared_ptr<std::unordered_map<uint32_t, int>> map_; - std::vector<uint32_t>::iterator block_iter_; + std::vector<int>::iterator block_iter_; + std::shared_ptr<std::vector<int>> cow_op_index_vec_; uint64_t start_; }; CowMergeOpIter::CowMergeOpIter(std::shared_ptr<std::vector<CowOperation>> ops, - std::shared_ptr<std::vector<uint32_t>> merge_op_blocks, - std::shared_ptr<std::unordered_map<uint32_t, int>> map, - uint64_t start) { + std::shared_ptr<std::vector<int>> block_pos_index, uint64_t start) { ops_ = ops; - merge_op_blocks_ = merge_op_blocks; - map_ = map; start_ = start; - - block_iter_ = merge_op_blocks->begin() + start; + cow_op_index_vec_ = block_pos_index; + block_iter_ = cow_op_index_vec_->begin() + start; } bool CowMergeOpIter::RDone() { - return block_iter_ == merge_op_blocks_->begin(); + return block_iter_ == cow_op_index_vec_->begin(); } void CowMergeOpIter::Prev() { @@ -651,7 +646,7 @@ void CowMergeOpIter::Prev() { } bool CowMergeOpIter::Done() { - return block_iter_ == merge_op_blocks_->end(); + return block_iter_ == cow_op_index_vec_->end(); } void CowMergeOpIter::Next() { @@ -661,23 +656,20 @@ void CowMergeOpIter::Next() { const CowOperation& CowMergeOpIter::Get() { CHECK(!Done()); - return ops_->data()[map_->at(*block_iter_)]; + return ops_->data()[*block_iter_]; } CowRevMergeOpIter::CowRevMergeOpIter(std::shared_ptr<std::vector<CowOperation>> ops, - std::shared_ptr<std::vector<uint32_t>> merge_op_blocks, - std::shared_ptr<std::unordered_map<uint32_t, int>> map, + std::shared_ptr<std::vector<int>> block_pos_index, uint64_t start) { ops_ = ops; - merge_op_blocks_ = merge_op_blocks; - map_ = map; start_ = start; - - block_riter_ = merge_op_blocks->rbegin(); + cow_op_index_vec_ = block_pos_index; + block_riter_ = cow_op_index_vec_->rbegin(); } bool CowRevMergeOpIter::RDone() { - return block_riter_ == merge_op_blocks_->rbegin(); + return block_riter_ == cow_op_index_vec_->rbegin(); } void CowRevMergeOpIter::Prev() { @@ -686,7 +678,7 @@ void CowRevMergeOpIter::Prev() { } bool CowRevMergeOpIter::Done() { - return block_riter_ == merge_op_blocks_->rend() - start_; + return block_riter_ == cow_op_index_vec_->rend() - start_; } void CowRevMergeOpIter::Next() { @@ -696,7 +688,7 @@ void CowRevMergeOpIter::Next() { const CowOperation& CowRevMergeOpIter::Get() { CHECK(!Done()); - return ops_->data()[map_->at(*block_riter_)]; + return ops_->data()[*block_riter_]; } std::unique_ptr<ICowOpIter> CowReader::GetOpIter() { @@ -704,12 +696,12 @@ std::unique_ptr<ICowOpIter> CowReader::GetOpIter() { } std::unique_ptr<ICowOpIter> CowReader::GetRevMergeOpIter(bool ignore_progress) { - return std::make_unique<CowRevMergeOpIter>(ops_, merge_op_blocks_, block_map_, + return std::make_unique<CowRevMergeOpIter>(ops_, block_pos_index_, ignore_progress ? 0 : merge_op_start_); } std::unique_ptr<ICowOpIter> CowReader::GetMergeOpIter(bool ignore_progress) { - return std::make_unique<CowMergeOpIter>(ops_, merge_op_blocks_, block_map_, + return std::make_unique<CowMergeOpIter>(ops_, block_pos_index_, ignore_progress ? 0 : merge_op_start_); } diff --git a/fs_mgr/libsnapshot/include/libsnapshot/cow_reader.h b/fs_mgr/libsnapshot/include/libsnapshot/cow_reader.h index f4d5c72f3..fbdd6b98b 100644 --- a/fs_mgr/libsnapshot/include/libsnapshot/cow_reader.h +++ b/fs_mgr/libsnapshot/include/libsnapshot/cow_reader.h @@ -170,9 +170,8 @@ class CowReader final : public ICowReader { uint64_t fd_size_; std::optional<uint64_t> last_label_; std::shared_ptr<std::vector<CowOperation>> ops_; - std::shared_ptr<std::vector<uint32_t>> merge_op_blocks_; uint64_t merge_op_start_{}; - std::shared_ptr<std::unordered_map<uint32_t, int>> block_map_; + std::shared_ptr<std::vector<int>> block_pos_index_; uint64_t num_total_data_ops_{}; uint64_t num_ordered_ops_to_merge_{}; bool has_seq_ops_{}; diff --git a/rootdir/init.rc b/rootdir/init.rc index cd71aa8aa..c56f86089 100644 --- a/rootdir/init.rc +++ b/rootdir/init.rc @@ -720,9 +720,13 @@ on post-fs-data # Multi-installed APEXes are selected using persist props. # Load persist properties and override properties (if enabled) from /data, # before starting apexd. + # /data/property should be created before `load_persist_props` + mkdir /data/property 0700 root root encryption=Require load_persist_props + start logd start logd-reinit + # Some existing vendor rc files use 'on load_persist_props_action' to know # when persist props are ready. These are difficult to change due to GRF, # so continue triggering this action here even though props are already loaded @@ -842,7 +846,6 @@ on post-fs-data mkdir /data/app-asec 0700 root root encryption=Require mkdir /data/app-lib 0771 system system encryption=Require mkdir /data/app 0771 system system encryption=Require - mkdir /data/property 0700 root root encryption=Require # create directory for updated font files. mkdir /data/fonts/ 0771 root root encryption=Require diff --git a/trusty/apploader/apploader.cpp b/trusty/apploader/apploader.cpp index 278499f17..17d083c73 100644 --- a/trusty/apploader/apploader.cpp +++ b/trusty/apploader/apploader.cpp @@ -226,6 +226,9 @@ static ssize_t read_response(int tipc_fd) { case APPLOADER_ERR_POLICY_VIOLATION: LOG(ERROR) << "Error: loading denied by policy engine"; break; + case APPLOADER_ERR_NOT_ENCRYPTED: + LOG(ERROR) << "Error: unmet application encryption requirement"; + break; default: LOG(ERROR) << "Unrecognized error: " << resp.error; break; diff --git a/trusty/apploader/apploader_ipc.h b/trusty/apploader/apploader_ipc.h index 306596eba..f0376929c 100644 --- a/trusty/apploader/apploader_ipc.h +++ b/trusty/apploader/apploader_ipc.h @@ -45,6 +45,10 @@ enum apploader_command : uint32_t { * @APPLOADER_ERR_INTERNAL: miscellaneous or internal apploader * error not covered by the above * @APPLOADER_ERR_INVALID_VERSION: invalid application version + * @APPLOADER_ERR_POLICY_VIOLATION: signature verification succeeded but + * key+manifest combination not allowed + * by app loader policy engine + * @APPLOADER_ERR_NOT_ENCRYPTED: unmet application encryption requirement */ enum apploader_error : uint32_t { APPLOADER_NO_ERROR = 0, @@ -57,6 +61,7 @@ enum apploader_error : uint32_t { APPLOADER_ERR_INTERNAL, APPLOADER_ERR_INVALID_VERSION, APPLOADER_ERR_POLICY_VIOLATION, + APPLOADER_ERR_NOT_ENCRYPTED, }; /** |