Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a5db1d72 authored by David Anderson's avatar David Anderson
Browse files

adbd: Automatically disable verity in adb remount. 

Before overlayfs, we supported deduplicated filesystems by undoing
deduplication in recovery. This required an extra reboot cycle, so we
changed "adb remount" to disable verity and boot to recovery in one
command.

After overlayfs, adb remount is still trying to undo deduplication,
which leads to very confusing messages. This patch makes things a bit
clearer. "adb remount" will disable verity, which installs overlayfs.
"adb remount -R" will do the same except automatically reboot.

Bug: N/A
Test: adb remount on dynamic partitions device
Change-Id: Id72f6b9e2297c2f4d5722d5679f6264fe660e631
parent 17d41711

adb/client/commandline.cpp

+3 −1
Original line number Diff line number Diff line
@@ -192,7 +192,9 @@ static void help() { 
        " get-state                print offline | bootloader | device\n"

        " get-serialno             print <serial-number>\n"

        " get-devpath              print <device-path>\n"

        " remount                  remount partitions read-write\n"

        " remount [-R]\n"

        "      remount partitions read-write. if a reboot is required, -R will\n"

        "      will automatically reboot the device.\n"

        " reboot [bootloader|recovery|sideload|sideload-auto-reboot]\n"

        "     reboot the device; defaults to booting system image but\n"

        "     supports bootloader and recovery too. sideload reboots\n"

adb/daemon/remount_service.cpp

+40 −42
Original line number Diff line number Diff line
@@ -240,19 +240,37 @@ void remount_service(unique_fd fd, const std::string& cmd) { 
    std::vector<std::string> partitions{"/",        "/odm",   "/oem", "/product_services",

                                        "/product", "/vendor"};



    bool verity_enabled = (system_verified || vendor_verified);

    if (system_verified || vendor_verified) {

        // Disable verity automatically (reboot will be required).

        set_verity_enabled_state_service(unique_fd(dup(fd.get())), false);



    // If we can use overlayfs, lets get it in place first

    // before we struggle with determining deduplication operations.

    if (!verity_enabled && fs_mgr_overlayfs_setup()) {

        // If overlayfs is not supported, we try and remount or set up

        // un-deduplication. If it is supported, we can go ahead and wait for

        // a reboot.

        if (fs_mgr_overlayfs_valid() != OverlayfsValidResult::kNotSupported) {

            if (user_requested_reboot) {

                if (android::base::SetProperty(ANDROID_RB_PROPERTY, "reboot")) {

                    WriteFdExactly(fd.get(), "rebooting device\n");

                } else {

                    WriteFdExactly(fd.get(), "reboot failed\n");

                }

            }

            return;

        }

    } else if (fs_mgr_overlayfs_setup()) {

        // If we can use overlayfs, lets get it in place first before we

        // struggle with determining deduplication operations.

        Fstab fstab;

        if (ReadDefaultFstab(&fstab) && fs_mgr_overlayfs_mount_all(&fstab)) {

            WriteFdExactly(fd.get(), "overlayfs mounted\n");

        }

    }



    // Find partitions that are deduplicated, and can be un-deduplicated.

    // If overlayfs is supported, we don't bother trying to un-deduplicate

    // partitions.

    std::set<std::string> dedup;

    if (fs_mgr_overlayfs_valid() == OverlayfsValidResult::kNotSupported) {

        // Find partitions that are deduplicated, and can be un-deduplicated.

        for (const auto& part : partitions) {

            auto partition = part;

            if ((part == "/") && !find_mount("/system", false).empty()) partition = "/system";
@@ -267,32 +285,12 @@ void remount_service(unique_fd fd, const std::string& cmd) { 


        // Reboot now if the user requested it (and an operation needs a reboot).

        if (user_requested_reboot) {

        if (!dedup.empty() || verity_enabled) {

            if (verity_enabled) {

                set_verity_enabled_state_service(unique_fd(dup(fd.get())), false);

            }

            if (!dedup.empty()) {

                reboot_for_remount(fd.get(), !dedup.empty());

                return;

            }

            WriteFdExactly(fd.get(), "No reboot needed, skipping -R.\n");

        }



    // If we need to disable-verity, but we also need to perform a recovery

    // fsck for deduplicated partitions, hold off on warning about verity. We

    // can handle both verity and the recovery fsck in the same reboot cycle.

    if (verity_enabled && dedup.empty()) {

        // Allow remount but warn of likely bad effects

        bool both = system_verified && vendor_verified;

        WriteFdFmt(fd.get(), "dm_verity is enabled on the %s%s%s partition%s.\n",

                   system_verified ? "system" : "", both ? " and " : "",

                   vendor_verified ? "vendor" : "", both ? "s" : "");

        WriteFdExactly(fd.get(),

                       "Use \"adb disable-verity\" to disable verity.\n"

                       "If you do not, remount may succeed, however, you will still "

                       "not be able to write to these volumes.\n");

        WriteFdExactly(fd.get(),

                       "Alternately, use \"adb remount -R\" to disable verity "

                       "and automatically reboot.\n");

    }



    bool success = true;