Increase early boot logging to kernel log
Make vold log warnings and errors to the kernel log until both
init_user0 has run and /data is mounted. Previously it only logged
errors, and not warnings, to the kernel log until /data is mounted.
This is helpful to diagnose failures of init_user0, since adb still
isn't started by that point.
Also, error messages can be misleading without seeing related warning
messages, e.g. the following which is expected on many devices:
E vold : keystore2 Keystore generateKey returned service specific error: -67
W vold : Failed to generate rollback-resistant key. This is
expected if keystore doesn't support rollback
resistance. Falling back to non-rollback-resistant key.
Therefore, increase the log level to WARNING and above.
Test: Intentionally broke fscrypt_init_user0(), then verified that the
error and warning messages appear in the kernel log on Cuttlefish.
Bug: 205314634
Bug: 222540970
Change-Id: Ia751f7c88cbf28caf81e891a518953cc0cee911e
diff --git a/FsCrypt.cpp b/FsCrypt.cpp
index 49e7bd0..42df78b 100644
--- a/FsCrypt.cpp
+++ b/FsCrypt.cpp
@@ -470,6 +470,8 @@
return true;
}
+bool fscrypt_init_user0_done;
+
bool fscrypt_init_user0() {
LOG(DEBUG) << "fscrypt_init_user0";
if (fscrypt_is_native()) {
@@ -504,6 +506,7 @@
if (!try_reload_ce_keys()) return false;
}
+ fscrypt_init_user0_done = true;
return true;
}
diff --git a/FsCrypt.h b/FsCrypt.h
index 2946be5..e5af487 100644
--- a/FsCrypt.h
+++ b/FsCrypt.h
@@ -22,6 +22,7 @@
bool fscrypt_initialize_systemwide_keys();
bool fscrypt_init_user0();
+extern bool fscrypt_init_user0_done;
bool fscrypt_vold_create_user_key(userid_t user_id, int serial, bool ephemeral);
bool fscrypt_destroy_user_key(userid_t user_id);
bool fscrypt_add_user_key_auth(userid_t user_id, int serial, const std::string& secret);
diff --git a/main.cpp b/main.cpp
index 42789c9..b07ee68 100644
--- a/main.cpp
+++ b/main.cpp
@@ -16,6 +16,7 @@
#define ATRACE_TAG ATRACE_TAG_PACKAGE_MANAGER
+#include "FsCrypt.h"
#include "MetadataCrypt.h"
#include "NetlinkManager.h"
#include "VoldNativeService.h"
@@ -286,18 +287,24 @@
const char* tag, const char* file, unsigned int line, const char* message) {
logd_logger(log_buffer_id, severity, tag, file, line, message);
- if (severity >= android::base::ERROR) {
- static bool is_data_mounted = false;
+ if (severity >= android::base::WARNING) {
+ static bool early_boot_done = false;
- // When /data fails to mount, we don't have adb to get logcat. So until /data is
- // mounted we log errors to the kernel. This allows us to get failures via serial logs
- // and via last dmesg/"fastboot oem dmesg" on devices that support it.
+ // If metadata encryption setup (fscrypt_mount_metadata_encrypted) or
+ // basic FBE setup (fscrypt_init_user0) fails, then the boot will fail
+ // before adb can be started, so logcat won't be available. To allow
+ // debugging these early boot failures, log early errors and warnings to
+ // the kernel log. This allows diagnosing failures via the serial log,
+ // or via last dmesg/"fastboot oem dmesg" on devices that support it.
//
- // As a very quick-and-dirty test for /data, we check whether /data/misc/vold exists.
- if (is_data_mounted || access("/data/misc/vold", F_OK) == 0) {
- is_data_mounted = true;
- return;
+ // As a very quick-and-dirty test for whether /data has been mounted,
+ // check whether /data/misc/vold exists.
+ if (!early_boot_done) {
+ if (access("/data/misc/vold", F_OK) == 0 && fscrypt_init_user0_done) {
+ early_boot_done = true;
+ return;
+ }
+ android::base::KernelLogger(log_buffer_id, severity, tag, file, line, message);
}
- android::base::KernelLogger(log_buffer_id, severity, tag, file, line, message);
}
}