From c90627420b42bd54a791813ee1a5b10906c2f17b Mon Sep 17 00:00:00 2001 From: Ocean Chen Date: Tue, 21 Dec 2021 06:48:00 +0000 Subject: [PATCH] gs101: new Android.bp for non-modem projects Separating fstab to avoid boottime regression Bug: 210551190 Test: reboot and compare TotalBootTime Change-Id: I2ad92d8640b2cc25383c5cf5755001f73a5f8861 --- conf/Android.bp | 11 ++++++ conf/fstab.gs101.in | 4 ++ conf/fstab.modem | 7 ---- conf/init.gs101.rc | 1 - conf/nomodem/Android.bp | 81 +++++++++++++++++++++++++++++++++++++++++ device.mk | 10 +++-- 6 files changed, 102 insertions(+), 12 deletions(-) delete mode 100644 conf/fstab.modem create mode 100644 conf/nomodem/Android.bp diff --git a/conf/Android.bp b/conf/Android.bp index 5e586785..45e6b6fa 100644 --- a/conf/Android.bp +++ b/conf/Android.bp @@ -24,6 +24,12 @@ // identical with the exception of the encryption settings, so to keep them in // sync the rules below generate them from a template file. +soong_namespace { + imports: [ + "device/google/gs101", + ], +} + package { // See: http://go/android-license-faq // A large-scale-change added 'default_applicable_licenses' to import @@ -33,6 +39,11 @@ package { default_applicable_licenses: ["device_google_gs101_license"], } +filegroup { + name: "gs101_srcs", + srcs: ["fstab.gs101.in"], +} + genrule { name: "gen_fstab.gs101", srcs: ["fstab.gs101.in"], diff --git a/conf/fstab.gs101.in b/conf/fstab.gs101.in index 014c047f..a88d1cc1 100644 --- a/conf/fstab.gs101.in +++ b/conf/fstab.gs101.in @@ -10,6 +10,10 @@ product /product vendor /vendor ext4 ro,barrier=1 wait,slotselect,avb=vbmeta_vendor,logical,first_stage_mount vendor_dlkm /vendor_dlkm ext4 ro,barrier=1 wait,slotselect,avb=vbmeta,logical,first_stage_mount /dev/block/platform/14700000.ufs/by-name/boot /boot emmc defaults slotselect,avb=boot,first_stage_mount +/dev/block/platform/14700000.ufs/by-name/efs /mnt/vendor/efs ext4 defaults,noatime,rw wait,check,formattable +/dev/block/platform/14700000.ufs/by-name/efs_backup /mnt/vendor/efs_backup ext4 defaults,noatime,rw wait,check,formattable +/dev/block/platform/14700000.ufs/by-name/modem_userdata /mnt/vendor/modem_userdata ext4 defaults,noatime,rw wait,check,formattable +/dev/block/platform/14700000.ufs/by-name/modem /mnt/vendor/modem_img ext4 ro,defaults,context=u:object_r:modem_img_file:s0,barrier=1 wait,slotselect /dev/block/platform/14700000.ufs/by-name/misc /misc emmc defaults wait /dev/block/platform/14700000.ufs/by-name/metadata /metadata ext4 noatime,nosuid,nodev,data=journal,commit=1 wait,check,formattable,first_stage_mount,metadata_csum /dev/block/platform/14700000.ufs/by-name/pvmfw /pvmfw emmc defaults wait,slotselect,avb=pvmfw,first_stage_mount diff --git a/conf/fstab.modem b/conf/fstab.modem deleted file mode 100644 index 44a936c1..00000000 --- a/conf/fstab.modem +++ /dev/null @@ -1,7 +0,0 @@ -# Android fstab file. -# -# Keep persist in an fstab file, since we need to run fsck on it after abnormal shutdown. -/dev/block/platform/14700000.ufs/by-name/efs /mnt/vendor/efs ext4 defaults,noatime,rw wait,check,formattable -/dev/block/platform/14700000.ufs/by-name/efs_backup /mnt/vendor/efs_backup ext4 defaults,noatime,rw wait,check,formattable -/dev/block/platform/14700000.ufs/by-name/modem_userdata /mnt/vendor/modem_userdata ext4 defaults,noatime,rw wait,check,formattable -/dev/block/platform/14700000.ufs/by-name/modem /mnt/vendor/modem_img ext4 ro,defaults,context=u:object_r:modem_img_file:s0,barrier=1 wait,slotselect diff --git a/conf/init.gs101.rc b/conf/init.gs101.rc index e6bff4ca..62caa97d 100644 --- a/conf/init.gs101.rc +++ b/conf/init.gs101.rc @@ -16,7 +16,6 @@ service vendor.charger /system/bin/charger on early-init mount_all /vendor/etc/fstab.persist --early - mount_all /vendor/etc/fstab.modem --early on init # CPU0 cannot be offline diff --git a/conf/nomodem/Android.bp b/conf/nomodem/Android.bp new file mode 100644 index 00000000..1b1ae24e --- /dev/null +++ b/conf/nomodem/Android.bp @@ -0,0 +1,81 @@ +/* + * Copyright (C) 2021 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +// By default this device uses hardware-wrapped keys for storage encryption, +// which is intended to offer increased security over the traditional method +// (software keys). However, hardware-wrapped keys aren't compatible with +// FIPS-140 certification of the encryption hardware, and hence we have to +// disable the use of them in FIPS mode. This requires having two fstab files: +// one for the default mode, and one for FIPS mode selectable via +// androidboot.fstab_suffix on the kernel command line. These fstabs should be +// identical with the exception of the encryption settings, so to keep them in +// sync the rules below generate them from a template file. + +soong_namespace { + imports: [ + "device/google/gs101", + "device/google/gs101/conf", + ], +} + +package { + // See: http://go/android-license-faq + // A large-scale-change added 'default_applicable_licenses' to import + // all of the 'license_kinds' from "device_google_gs101_license" + // to get the below license kinds: + // SPDX-license-identifier-Apache-2.0 + default_applicable_licenses: ["device_google_gs101_license"], +} + +genrule { + name: "gen_fstab.gs101", + srcs: [ + "fstab.gs101.in*", + ":gs101_srcs", + ], + out: ["fstab.gs101"], + cmd: "sed -e s/@fileencryption@/::inlinecrypt_optimized+wrappedkey_v0/" + + " -e s/@metadata_encryption@/:wrappedkey_v0/" + + " -e /modem/d " + + " -e /efs/d $(in) > $(out)", +} + +genrule { + name: "gen_fstab.gs101-fips", + srcs: [ + "fstab.gs101.in*", + ":gs101_srcs", + ], + out: ["fstab.gs101-fips"], + cmd: "sed -e s/@fileencryption@/aes-256-xts/" + + " -e s/@metadata_encryption@/aes-256-xts/" + + " -e /modem/d " + + " -e /efs/d $(in) > $(out)", +} + +prebuilt_etc { + name: "fstab.gs101", + src: ":gen_fstab.gs101", + vendor: true, + vendor_ramdisk_available: true, +} + +prebuilt_etc { + name: "fstab.gs101-fips", + src: ":gen_fstab.gs101-fips", + vendor: true, + vendor_ramdisk_available: true, +} \ No newline at end of file diff --git a/device.mk b/device.mk index 97aee6cb..dc47041b 100644 --- a/device.mk +++ b/device.mk @@ -244,6 +244,12 @@ endif PRODUCT_COPY_FILES += \ device/google/gs101/conf/init.recovery.device.rc:$(TARGET_COPY_OUT_RECOVERY)/root/init.recovery.gs101.rc +ifneq ($(BOARD_WITHOUT_RADIO),true) +PRODUCT_SOONG_NAMESPACES += device/google/gs101/conf +else +PRODUCT_SOONG_NAMESPACES += device/google/gs101/conf/nomodem +endif + # Fstab files PRODUCT_PACKAGES += \ fstab.gs101 \ @@ -252,10 +258,6 @@ PRODUCT_PACKAGES += \ fstab.gs101-fips.vendor_ramdisk PRODUCT_COPY_FILES += \ device/google/gs101/conf/fstab.persist:$(TARGET_COPY_OUT_VENDOR)/etc/fstab.persist -ifneq ($(BOARD_WITHOUT_RADIO),true) -PRODUCT_COPY_FILES += \ - device/google/gs101/conf/fstab.modem:$(TARGET_COPY_OUT_VENDOR)/etc/fstab.modem -endif # Shell scripts PRODUCT_COPY_FILES += \