SW:Android11
HW:QCS6125
需求来源:
线上的设备进入recovery模式,正常缓存在data分区的日志无法获取:
1、此种情境下只能选择恢复出厂设置,但在恢复之后,data目录下的logcat日志也会被清理;2、recovery模式下无法屏蔽分区加密,处于用户数据安全考虑,无法在该模式挂载userdataimage;
鉴于此,决定重新创建一个分区,将logcat后台记录的日志文件全部移到此分区,由于此分区不参与recovery的双清操作,因此可保证系统再次启动后,该分区依然有recovery模式之前的日志文件,用来排查导致进入recovery模式的原因。我们这个分区的size定义为100M大小,这个可根据自己需要做调整。
具体操作流程如下:
1、修改common目录下的分区表文件,命名分区为jingang:
- diff --git a/config/ufs/partition.xml b/config/ufs/partition.xml
- index fafa0b5..f821818 100755
- --- a/config/ufs/partition.xml
- +++ b/config/ufs/partition.xml
- @@ -19,6 +19,7 @@
- <partition label="misc" size_in_kb="1024" type="82ACC91F-357C-4A68-9C8F-689E1B1A23A1" bootable="false" readonly="false" filename="" />
- <partition label="keystore" size_in_kb="512" type="DE7D4029-0F5B-41C8-AE7E-F6C023A02B33" bootable="false" readonly="false" filename="" />
- <partition label="frp" size_in_kb="512" type="91B72D4D-71E0-4CBF-9B8E-236381CFF17A" bootable="false" readonly="false" filename=""/>
- + <partition label="jingang" size_in_kb="102400" type="66b9d1c5-7881-4a82-8f79-22a768a52db2" bootable="false" readonly="false" filename="jingang.img" sparse="true"/>
- <partition label="super" size_in_kb="6291456" type="89A12DE1-5E41-4CB3-8B4C-B1441EB5DA38" bootable="false" readonly="false" filename="super.img" sparse="true"/>
- <partition label="recovery_a" size_in_kb="98304" type="D504D6DB-FA92-4853-B59E-C7F292E2EA19" bootable="false" readonly="true" filename="recovery.img" sparse="true"/>
- <partition label="recovery_b" size_in_kb="98304" type="352B8083-9C0C-4BED-9917-CB5EABD64D41" bootable="false" readonly="true" filename="recovery.img" sparse="true"/>
- diff --git a/config/ufs/partition_factory.xml b/config/ufs/partition_factory.xml
- index 043c6a1..e16842c 100755
- --- a/config/ufs/partition_factory.xml
- +++ b/config/ufs/partition_factory.xml
- @@ -19,6 +19,7 @@
- <partition label="misc" size_in_kb="1024" type="82ACC91F-357C-4A68-9C8F-689E1B1A23A1" bootable="false" readonly="false" filename="misc.img" />
- <partition label="keystore" size_in_kb="512" type="DE7D4029-0F5B-41C8-AE7E-F6C023A02B33" bootable="false" readonly="false" filename="" />
- <partition label="frp" size_in_kb="512" type="91B72D4D-71E0-4CBF-9B8E-236381CFF17A" bootable="false" readonly="false" filename=""/>
- + <partition label="jingang" size_in_kb="102400" type="66b9d1c5-7881-4a82-8f79-22a768a52db2" bootable="false" readonly="false" filename="jingang.img" sparse="true"/>
- <partition label="super" size_in_kb="6291456" type="89A12DE1-5E41-4CB3-8B4C-B1441EB5DA38" bootable="false" readonly="false" filename="super.img" sparse="true"/>
- <partition label="recovery_a" size_in_kb="98304" type="D504D6DB-FA92-4853-B59E-C7F292E2EA19" bootable="false" readonly="true" filename="recovery.img" sparse="true"/>
- <partition label="recovery_b" size_in_kb="98304" type="352B8083-9C0C-4BED-9917-CB5EABD64D41" bootable="false" readonly="true" filename="recovery.img" sparse="true"/>
2、相应的缩减data分区100M大小device/qcom/trinket:
- diff --git a/BoardConfig.mk b/BoardConfig.mk
- index 7ebc32a..965a83e 100755
- --- a/BoardConfig.mk
- +++ b/BoardConfig.mk
- @@ -153,7 +153,7 @@ BOARD_BOOTIMAGE_PARTITION_SIZE := 0x04000000
- # 64G userdata
- # BOARD_USERDATAIMAGE_PARTITION_SIZE := 52676079616
- # 128G userdata sumsung
- -BOARD_USERDATAIMAGE_PARTITION_SIZE := 116391936000
- +BOARD_USERDATAIMAGE_PARTITION_SIZE := 116255621120
- BOARD_PERSISTIMAGE_PARTITION_SIZE := 33554432
- BOARD_DTBOIMG_PARTITION_SIZE := 0x0800000
- BOARD_METADATAIMAGE_PARTITION_SIZE := 16777216
这个size的单位应该是byte。上边分区表是kb,因此就是第一步的大小*1024就是这个值。
3、该分区无需在AB升级中去升级,添加如下改动device/qcom/vendor-common/ota_merge_configs/dynamic_partition/non_ab:
- diff --git a/ota_merge_configs/dynamic_partition/non_ab/merge_config_other_item_list b/ota_merge_configs/dynamic_partition/non_ab/merge_config_other_item_list
- index d67f070..ec78e5d 100644
- --- a/ota_merge_configs/dynamic_partition/non_ab/merge_config_other_item_list
- +++ b/ota_merge_configs/dynamic_partition/non_ab/merge_config_other_item_list
- @@ -1,5 +1,6 @@
- IMAGES/cache.img
- IMAGES/vendor.img
- +IMAGES/jingang.img
- IMAGES/vendor.map
- IMAGES/odm.img
- IMAGES/odm.map
4、创建该分区的挂载目录system/core/rootdir:
- diff --git a/rootdir/Android.mk b/rootdir/Android.mk
- index a9d0ed08a..c6443fed0 100644
- --- a/rootdir/Android.mk
- +++ b/rootdir/Android.mk
- @@ -103,6 +103,9 @@ ifdef BOARD_USES_METADATA_PARTITION
- LOCAL_POST_INSTALL_CMD += ; mkdir -p $(TARGET_ROOT_OUT)/metadata
- endif
-
- +# unrecovery dir
- +LOCAL_POST_INSTALL_CMD += ; mkdir -p $(TARGET_ROOT_OUT)/jingang
- +
- # For /odm partition.
5、system/sepolicy添加上一步创建挂载目录的selinux相关定义:
- diff --git a/vendor/file.te b/vendor/file.te
- index 0b1fd7480..77e2ae8b2 100644
- --- a/vendor/file.te
- +++ b/vendor/file.te
- @@ -1,2 +1,3 @@
- type hostapd_data_file, file_type, data_file_type;
- type wpa_data_file, file_type, data_file_type;
- +type jingang_data_file, file_type;
- diff --git a/vendor/file_contexts b/vendor/file_contexts
- index 1b2bc2357..0d2ef214c 100644
- --- a/vendor/file_contexts
- +++ b/vendor/file_contexts
- @@ -94,6 +94,10 @@
- /(vendor|system/vendor)/lib(64)?/libhidltransport.so u:object_r:same_process_hal_file:s0
-
- #############################
- +
- +# for unrecovery partition
- +/jingang(/.*)? u:object_r:jingang_data_file:s0
- +
- # Data files
- #
不添加这一步会导致编译时报system大小不够的错误,这个是这里导致的,不用调整System分区大小。
6、android/device/qcom/trinket 添加fstab自动挂载的指令并修改文件系统节点权限:
- diff --git a/default/fstab_AB_dynamic_partition.qti b/default/fstab_AB_dynamic_partition.qti
- index 2557d59..a1733fe 100644
- --- a/default/fstab_AB_dynamic_partition.qti
- +++ b/default/fstab_AB_dynamic_partition.qti
- @@ -52,3 +52,4 @@ vendor /vendor
- # and fails if it does not find it.
- /dev/block/bootdevice/by-name/misc /misc emmc defaults defaults
- /dev/block/zram0 none swap defaults zramsize=1073741824
- +/dev/block/bootdevice/by-name/jingang /jingang ext4 defaults defaults
- diff --git a/emmc/fstab_AB_dynamic_partition.qti b/emmc/fstab_AB_dynamic_partition.qti
- index 84dd179..f1211c8 100644
- --- a/emmc/fstab_AB_dynamic_partition.qti
- +++ b/emmc/fstab_AB_dynamic_partition.qti
- @@ -52,3 +52,4 @@ vendor /vendor
- # and fails if it does not find it.
- /dev/block/bootdevice/by-name/misc /misc emmc defaults defaults
- /dev/block/zram0 none swap defaults zramsize=1073741824
- +/dev/block/bootdevice/by-name/jingang /jingang ext4 defaults defaults
- diff --git a/init.target.rc b/init.target.rc
- index 89d0fa2..ca7573b 100755
- --- a/init.target.rc
- +++ b/init.target.rc
- @@ -53,6 +53,10 @@ on fs
- restorecon_recursive /mnt/vendor/persist
- mkdir /mnt/vendor/persist/data 0700 system system
-
- + chown root root /jingang
- + chmod 0777 /jingang
- + restorecon_recursive /jingang
- +
- on post-fs
7、此分区涉及需要刷机的时候把image刷进去,我用的是一个空的ext4
格式的100M的image文件,也可以添加到build规则里去编译创建,我用的是命令手动创建然后cp到out目录,用来刷机。
制作命令如下:
make_ext4fs -s -l 100M test.ext4
需要注意的是,这个test.ext4文件此时为sparse ext4 image,它是将raw ext4进行稀疏描述,因此尺寸比较小(制作目录有多少文件就计算多少,没有全零填充)。不能直接挂载。
要再执行如下指令simg2img test.ext4 jingang.img
然后重命名为.img结尾的文件即可。
- diff --git a/trinket.mk b/trinket.mk
- index 9c59483..7fa8559 100644
- --- a/trinket.mk
- +++ b/trinket.mk
- @@ -340,6 +340,7 @@ PRODUCT_PROPERTY_OVERRIDES += \
- PRODUCT_PROPERTY_OVERRIDES += \
- ro.boot.wificountrycode=CN
-
- +PRODUCT_COPY_FILES += device/qcom/trinket/res/jingang.img:$(PRODUCT_OUT)/jingang.img
-
8、添加物理分区节点的权限device/qcom/common:
- diff --git a/rootdir/etc/init.qcom.rc b/rootdir/etc/init.qcom.rc
- index b2813214..5d543e2e 100755
- --- a/rootdir/etc/init.qcom.rc
- +++ b/rootdir/etc/init.qcom.rc
- @@ -202,6 +202,10 @@ on boot
- # bond0 used by FST Manager
- chown wifi wifi /sys/class/net/bond0/bonding/queue_id
-
- + # unrecoverable sysfs node
- + chown root system /dev/block/bootdevice/by-name/jingang
- + chmod 0777 /dev/block/bootdevice/by-name/jingang
- +
- # Allow access to emmc rawdump block partition and dload sysfs node
- chown root system /dev/block/bootdevice/by-name/rawdump
- chmod 0660 /dev/block/bootdevice/by-name/rawdump
9、修改刷机的内容xml,将该分区及image索引对应上:
- diff --git a/contents.xml b/contents.xml
- index f8ca08f..1b22391 100755
- --- a/contents.xml
- +++ b/contents.xml
- @@ -49,6 +49,10 @@
-
abl.elf -
LINUX/android/out/target/product/trinket/ -
- +
"true" minimized="true" fastboot="true"> - +
jingang.img - +
LINUX/android/out/target/product/trinket/ - +
-
"true" minimized="true" fastboot="true"> -
super.img -
LINUX/android/out/target/product/trinket/
后边就是一系列各种selinux规则添加:
10、这是在device目录下的sepolicy改动:
- diff --git a/generic/vendor/common/device.te b/generic/vendor/common/device.te
- index e80846f9..6e2fa80e 100644
- --- a/generic/vendor/common/device.te
- +++ b/generic/vendor/common/device.te
- @@ -67,3 +67,5 @@ type vendor_uefi_block_device, dev_type;
- type vendor_qce_device, dev_type;
- type vendor_npu_device, dev_type;
- type vendor_qmcs_block_device, dev_type;
- +
- +type jingang_block_device,dev_type;
- diff --git a/generic/vendor/common/file_contexts b/generic/vendor/common/file_contexts
- index a901d15d..db0062c3 100755
- --- a/generic/vendor/common/file_contexts
- +++ b/generic/vendor/common/file_contexts
- @@ -113,6 +113,8 @@
- # Block device for ZRAM
- /dev/block/zram0 u:object_r:swap_block_device:s0
-
- +/dev/block/bootdevice/by-name/jingang u:object_r:jingang_block_device:s0
- +
- # files in /vendor
- /vendor/firmware(/.*)? u:object_r:vendor_firmware_file:s0
- /vendor/bt_firmware(/.*)? u:object_r:vendor_firmware_file:s0
- diff --git a/generic/vendor/common/fsck.te b/generic/vendor/common/fsck.te
- index 488eff25..150d5be3 100644
- --- a/generic/vendor/common/fsck.te
- +++ b/generic/vendor/common/fsck.te
- @@ -29,3 +29,4 @@
- allow fsck vendor_persist_block_device:blk_file rw_file_perms;
- allow fsck vendor_qmcs_block_device:blk_file rw_file_perms;
- allowxperm fsck vendor_qmcs_block_device:blk_file ioctl { BLKGETSIZE };
- +allow fsck jingang_block_device:blk_file rw_file_perms;
- diff --git a/generic/vendor/common/init.te b/generic/vendor/common/init.te
- index 21268e50..b38c74ad 100644
- --- a/generic/vendor/common/init.te
- +++ b/generic/vendor/common/init.te
- @@ -52,6 +52,10 @@ allow init vendor_qmcs_file:filesystem { relabelfrom mount unmount relabelto };
-
- dontaudit init kernel:system module_request;
-
- +allow init jingang_block_device:blk_file rw_file_perms;
- +allow init jingang_block_device:blk_file relabelto;
- +allow init jingang_data_file:dir { mounton };
- +
- allow init sysfs_leds:lnk_file r_file_perms;
-
- allow init socket_device:sock_file create_file_perms;
- diff --git a/generic/vendor/common/shell.te b/generic/vendor/common/shell.te
- index 3c0918a8..597739ac 100644
- --- a/generic/vendor/common/shell.te
- +++ b/generic/vendor/common/shell.te
- @@ -28,4 +28,8 @@
- # allow any 3rd party shell app to be a client of DSP HAL
- hal_client_domain(shell, vendor_hal_dspmanager)
-
- -get_prop(shell, vendor_opengles_prop)
- \ No newline at end of file
- +get_prop(shell, vendor_opengles_prop)
- +
- +r_dir_file(shell, jingang_data_file)
- +allow shell jingang_data_file:dir { search open read write add_name create getattr setattr };
- +allow shell jingang_data_file:file { open read create write getattr setattr};
- diff --git a/generic/vendor/common/vold.te b/generic/vendor/common/vold.te
- index bd86659e..d8cd738c 100644
- --- a/generic/vendor/common/vold.te
- +++ b/generic/vendor/common/vold.te
- @@ -29,3 +29,6 @@ get_prop(vold, vendor_tee_listener_prop)
- # Based on the comment from b/111409607 FITRIM might
- # be needed
- allow vold mnt_vendor_file:dir { open read ioctl };
- +allow vold jingang_data_file:dir r_dir_perms;
- +allow vold jingang_block_device:blk_file { create setattr unlink rw_file_perms };
- +allow vold jingang_data_file:dir { read getattr open ioctl };
依次添加的为:生命device节点类型、添加到file上下文、添加开机阶段fsck的操作权限(否则挂载不上)、添加init进程访问节点权限、添加shell访问挂载目录的权限、添加vold挂载节点的权限。
12、整编源码,编译完成确认在out下是否有手动制作的image,然后用QF刷机工具先指定contents.xml打包刷机包,再用QF刷机验证。
13、系统启动后,shell进入,执行df -h可以看到分区是否挂载了;然后cd /jingang目录创建一些文件和目录,然后执行恢复出厂设置。
14、待恢复完成启动后,cd /jingang目录确认所创建的文件和目录是否还存在,若存在,则需求已实现。
15、具体的可能还需要添加systemapp或者platformapp的目录读写权限,在此不再赘述,可根据报错自行添加规则验证。
Mark 一下···