I want to run a custom kernel build from ci.android.com on an avd. I downloaded the kernel files from here. I start the avd like so - ~/Library/Android/sdk/emulator/emulator -avd Pixel_6_Pro_API_32 -show-kernel -netspeed full -debug init -verbose -writable-system -kernel Image. However the boot fails with the following logs
[ 0.511774][ T1] input: gpio-keys as /devices/platform/gpio-keys/input/input0
[ 0.512810][ T1] ALSA device list:
[ 0.513168][ T1] No soundcards found.
[ 0.513800][ T1] uart-pl011 9000000.pl011: no DMA platform data
[ 0.517151][ T1] Freeing unused kernel memory: 1536K
[ 0.542181][ T1] Run /init as init process
[ 0.551684][ T1] init: init first stage started!
[ 0.552764][ T1] init: Loading module /lib/modules/ac97_bus.ko with args ''
[ 0.553928][ T1] ac97_bus: disagrees about version of symbol module_layout
[ 0.555305][ T1] init: Failed to insmod '/lib/modules/ac97_bus.ko' with args '': Exec format error
[ 0.556731][ T1] init: LoadWithAliases was unable to load ac97_bus
[ 0.557747][ T1] init: Copied ramdisk prop to /second_stage_resources/system/etc/ramdisk/build.prop
[ 0.558989][ T1] init: [libfs_mgr]ReadFstabFromDt(): failed to read fstab from dt
[ 0.560418][ T1] init: Using Android DT directory /proc/device-tree/firmware/android/
[ 0.569781][ T1] init: bool android::init::BlockDevInitializer::InitDevices(std::set<std::string>): partition(s) not found in /sys, waiting for their uevent(s): metadata, super
VER
I know this is because of the loaded kernel modules. I have the kernel modules as well. But I have no idea how to replace them. I pushed them to /vendor/lib/modules. That didn't help. Any ideas? Thanks!
I want to run a service on few tablets (VONINO NAVO P) that they will serve as a photo frame for digital ads.
What i'm trying to achieve is to run some commands at boot and i'm stuck.
I have created digitalads.rc in system/etc/init which will execute /system/bin/digitalads.sh from where i need to run some commands like:
svc power stayon true
settings put system screen_brightness 255
pm disable com.android.systemui
settings put system screen_off_timeout 999999999
settings put system accelerometer_rotation 0
settings put global airplane_mode_on 0
svc bluetooth disable
monkey -p my.app -c android.intent.category.LAUNCHER 1
and some other custom commands that they will update the contents of media files
my .rc file:
tulip-f708:/ # cat /system/etc/init/digitalads.rc
service digitalads /system/bin/digitalads.sh
disabled
user root
group root
u:object_r:system_file:s0
on property:sys.boot_completed=1
start digitalads
dmesg output
tulip-f708:/ # dmesg | grep digitalads
[ 6.512868] init: /system/etc/init/digitalads.rc: 5: invalid keyword 'u:object_r:system_file:s0'
[ 6.522694] init: (Parsing /system/etc/init/digitalads.rc took 0.01s.)
[ 44.546434] init: Service digitalads does not have a SELinux domain defined.
SElinux output
tulip-f708:/ # getenforce
Enforcing
tulip-f708:/ # setenforce 0
tulip-f708:/ # getenforce
Permissive
other services run under u:object_r:system_file:s0
tulip-f708:/ # ls -Z /system/bin/
u:object_r:system_file:s0 4d78d2ea-a631-70fb-aaa787c2b5773052.ta
u:object_r:system_file:s0 a98befed-d679-ce4a-a3c827dcd51d21ed.ta
u:object_r:system_file:s0 acpi
u:object_r:system_file:s0 am
u:object_r:system_file:s0 app_process
u:object_r:zygote_exec:s0 app_process32
u:object_r:zygote_exec:s0 app_process64
u:object_r:system_file:s0 applypatch
u:object_r:system_file:s0 appops
u:object_r:system_file:s0 appwidget
u:object_r:system_file:s0 arping
.............................
I also tried to unpack boot.img to modify init.rc but failed when put it back (bricked two of them). Not mention that to root them i had to contact the manufacturer directly...
Some hints would help me! Thx
It seems your .rc files misses the seclabel keyword. Your service declaration should look like this:
service digitalads /system/bin/digitalads.sh
disabled
user root
group root
seclabel u:object_r:system_file:s0
Edit regarding your SE Linux violation: The message says that init cannot start a program labelled with system_file. That means you have to modify the SE Linux rules. The best approach would be to add a new label specific to your service:
Identify the folder where you want to add your policy. This is somewhat specific to your setup, so I cannot give you a definite answer. Check for .te files in your source code. The core Android policies are in system/sepolicy/, but if your setup has special SE policies somewhere in devices/ or vendor/, these location would be better suited for your customization (because it makes it easier for your to update to a new Android version when your customizations are as isolated as possible).
In that folder, create a new policy file, e.g. digitalads.te. Add the following rules:
type digitalads_exec, system_file_type, exec_type, file_type;
type digitalads domain;
init_daemon_domain(digitalads)
In the same folder, there should be a file file_contexts: Add a line like
/system/bin/digitalads u:object_r:digitalads_exec:s0
(When you boot with this change, ls -Z /system/bin/digitalads should show this label.)
For the seclabel in your .rc file, replace system_file with digitalads.
(Check dmesg output and also ps -Z to verify your service has been labelled correctly.)
I am trying to compile goldfish android kernel and run it with emulator. I did everything as the Google told me.(Android kernel compile and test with Android Emulator, How to compile android goldfish 3.4 kernel and run on emulator)。
yesterday,I follow the tips, and lunch the android-emulator successfully. But today when I launch the emulator again, it does not work. the boot log shows it stuck in "QEMU Pipe Device:rw, wait_event error", who can help me ? thanks in advance sincerely.
environment: VMware10, ubuntu14.04,goldfish3.4,ASOP_arm,Android4.4
the part of boot log:
Freeing init memory: 148K
type=1403 audit(1445259070.600:2): policy loaded auid=4294967295 ses=4294967295
SELinux: Loaded policy from /sepolicy
type=1404 audit(1445259070.620:3): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295
init (1): /proc/1/oom_adj is deprecated, please use /proc/1/oom_score_adj instead.
init: /dev/hw_random not found
init: cannot open '/initlogo.rle'
EXT4-fs (mtdblock0): mounted filesystem with ordered data mode. Opts: barrier=1
EXT4-fs (mtdblock1): VFS: Can't find ext4 filesystem
fs_mgr: Running /system/bin/e2fsck on /dev/block/mtdblock1
e2fsck: executing /system/bin/e2fsck failed: No such file or directory
e2fsck: e2fsck terminated by exit(255)
EXT4-fs (mtdblock1): VFS: Can't find ext4 filesystem
fs_mgr: Cannot mount filesystem on /dev/block/mtdblock1 at /data
init: fs_mgr_mount_all returned an error
init: /dev/hw_random not found
init: Unable to open persistent property directory /data/property errno: 2
type=1400 audit(1445259074.030:4): avc: denied { entrypoint } for pid=36 comm="init" path="/sbin/healthd" dev="rootfs" ino=1232 scontext=u:r:healthd:s0 tcontext=u:object_r:rootfs:s0 tclass=file
healthd: wakealarm_init: timerfd_create failed
healthd: BatteryVoltagePath not found
healthd: BatteryTemperaturePath not found
binder: 36:36 transaction failed 29189, size 0-0
init: cannot find '/system/etc/install-recovery.sh', disabling 'flash_recovery'
type=1405 audit(1445259074.370:5): bool=in_qemu val=1 old_val=0 auid=4294967295 ses=4294967295
avc: received policyload notice (seqno=2)
init: property 'sys.powerctl' doesn't exist while expanding '${sys.powerctl}'
init: powerctl: cannot expand '${sys.powerctl}'
init: property 'sys.sysctl.extra_free_kbytes' doesn't exist while expanding '${sys.sysctl.extra_free_kbytes}'
init: cannot expand '${sys.sysctl.extra_free_kbytes}' while writing to '/proc/sys/vm/extra_free_kbytes'
type=1400 audit(1445259075.370:6): avc: denied { 0x10 } for pid=36 comm="healthd" capability=36 scontext=u:r:healthd:s0 tcontext=u:r:healthd:s0 tclass=capability2
eth0: link up
warning: `rild' uses 32-bit capabilities (legacy support in use)
shell#generic:/ $ QEMU Pipe Device:rw, wait_event error
QEMU Pipe Device:rw, wait_event error
QEMU Pipe Device:rw, wait_event error
QEMU Pipe Device:rw, wait_event error
QEMU Pipe Device:rw, wait_event error
I solved it by myself. the reason of this error is because of the switch parameter of android-emulator. so if you do like this:
root#virtual-machine:/work/android4.4/out/target/product/generic# mv userdata.img userdata.img.bak
and then restart the emulator, emulator can not use that the userdata.img.
all because of the userdata.img. the detail of this I do not know. maybe someone will tell us in future.
I'm trying to change a Nexus 5 to use dm-verity module. For that I need to:
invoke an utility called veritysetup during boot before /system is mounted;
(this utility will will create a new device called /dev/mapper/devname);
let /system be mounted on /dev/mapper/devname, not the actual partition.
It looks like the mountpoint is configured on fstab.hammerhead (device/lge/hammerhead). In fact I have another mod working by changing this file. So this seams like the easy part.
I know some filesystems are mounted by init.c (system/core/init), like /dev and /proc, and some are mounted on init.hammerhead (system/core/rootdir), like /acct. But I can find where the request to mount /system is.
Any ideas?
That's not the correct way to do it. To use dm-verity we need to:
build android using "user" build type (default is "eng");
change fstab to include "verify" keyword on fs_mgr_flags.
So, when Android the vold module will find the verity flag and will create the mapper device.
If the system image has a signed hash table and precomputed hash and the root image has the public key everything should just work. We should find that the system partition was mounted on /dev/block/dm-0 instead of /dev/block/platform/msm_sdcc.1/by-name/system and is being verified while being read.
I am having a similar inquiry and the posted answer here is closest related post I have found, certaintly my inquiry is relavant...
Does anyone know where the code that generates or places the fstab files into the stage1 and stage2 boots is, I think there is a bug or missing file somewhere. I can easily change and update things. What file in AOSP actually needs to be edited before building in order to modify or make changes in the fstab file before it is packed into he ramfs stage 1 or stage 2. Also where do I place kernel debug parameters like "pci=nocrs" ?
*Note: The answer accepted here is the correct answer per the aosp source documentation, but it leaves out the same valuable information the source documentation does. Where does the file need to be placed in the tree before running the build I can see the output does have vendor folder with a couple versions of fstab, but I am not sure where it was placed in the boot images.
I would like to boot this in qemu kvm with the cuttlefish build.
Full kernel.log file here: https://pastebin.com/9MKFKeyN
Intresting part below:
[ 1.702829] init: Switching root to '/first_stage_ramdisk'
[ 1.703038] init: [libfs_mgr]ReadFstabFromDt(): failed to read fstab from dt
[ 1.703574] init: Using Android DT directory /proc/device-tree/firmware/android/
[ 1.712562] init: [libfs_mgr]Invalid ext4 superblock on '/dev/block/by-name/metadata'
[ 1.712864] traps: init[1] trap invalid opcode ip:41a6eb sp:7ffff59c93e0 error:0 in init[2f7000+200000]
[ 1.713197] init: InitFatalReboot: signal 4
[ 1.713574] init: #00 pc 000000000031b86b /init
[ 1.713626] init: Reboot ending, jumping to kernel
[ 1.713718] kvm: exiting hardware virtualization
[ 1.788726] reboot: Restarting system with command 'bootloader'
[ 1.788872] reboot: machine restart
Latest AOSP build as of 4/2/2022
buildprops
aosp/out/target/product/vsoc_x86_64/ramdisk/system/etc/ramdisk/build.prop
####################################
# from generate-common-build-props
# These properties identify this partition image.
####################################
ro.product.bootimage.brand=generic
ro.product.bootimage.device=vsoc_x86_64
ro.product.bootimage.manufacturer=Google
ro.product.bootimage.model=Cuttlefish x86_64 tv
ro.product.bootimage.name=aosp_cf_x86_64_tv
ro.bootimage.build.date=Sat Apr 2 12:06:36 CDT 2022
ro.bootimage.build.date.utc=1648919196
ro.bootimage.build.fingerprint=generic/aosp_cf_x86_64_tv/vsoc_x86_64:Tiramisu/AOSP.MASTER/me04021206:userdebug/test-keys
ro.bootimage.build.id=AOSP.MASTER
ro.bootimage.build.tags=test-keys
ro.bootimage.build.type=userdebug
ro.bootimage.build.version.incremental=eng.me.20220402.120943
ro.bootimage.build.version.release=12
ro.bootimage.build.version.release_or_codename=Tiramisu
ro.bootimage.build.version.sdk=32
# end of file
fstab.ext4
/genvol/aosp/out/target/product/vsoc_x86_64/recovery/root/first_stage_ramdisk/fstab.ext4
# Non-dynamic, boot critical partitions
/dev/block/by-name/boot /boot emmc defaults recoveryonly,slotselect,first_stage_mount,avb=boot
/dev/block/by-name/init_boot /init_boot emmc defaults recoveryonly,slotselect,first_stage_mount,avb=init_boot
/dev/block/by-name/vendor_boot /vendor_boot emmc defaults recoveryonly,slotselect
system /system erofs ro wait,logical,first_stage_mount,slotselect,avb=vbmeta_system,avb_keys=/avb
system /system ext4 noatime,ro,errors=panic wait,logical,first_stage_mount,slotselect,avb=vbmeta_system,avb_keys=/avb
# Add all non-dynamic partitions except system, after this comment
/dev/block/by-name/userdata /data ext4 nodev,noatime,nosuid,errors=panic latemount,wait,check,quota,formattable,fileencryption=aes-256-xts:aes-256-cts,keydirectory=/metadata/vold/metadata_encryption,checkpoint=block
/dev/block/by-name/metadata /metadata ext4 nodev,noatime,nosuid,errors=panic wait,formattable,first_stage_mount,check
/dev/block/by-name/misc /misc emmc defaults defaults
# Add all dynamic partitions except system, after this comment
odm /odm erofs ro wait,logical,first_stage_mount,slotselect,avb
odm /odm ext4 noatime,ro,errors=panic wait,logical,first_stage_mount,slotselect,avb
product /product erofs ro wait,logical,first_stage_mount,slotselect,avb
product /product ext4 noatime,ro,errors=panic wait,logical,first_stage_mount,slotselect,avb
system_ext /system_ext erofs ro wait,logical,first_stage_mount,slotselect,avb=vbmeta_system
system_ext /system_ext ext4 noatime,ro,errors=panic wait,logical,first_stage_mount,slotselect,avb=vbmeta_system
vendor /vendor erofs ro wait,logical,first_stage_mount,slotselect,avb=vbmeta
vendor /vendor ext4 noatime,ro,errors=panic wait,logical,first_stage_mount,slotselect,avb=vbmeta
vendor_dlkm /vendor_dlkm erofs ro wait,logical,first_stage_mount,slotselect,avb
vendor_dlkm /vendor_dlkm ext4 noatime,ro,errors=panic wait,logical,first_stage_mount,slotselect,avb
odm_dlkm /odm_dlkm erofs ro wait,logical,first_stage_mount,slotselect,avb
odm_dlkm /odm_dlkm ext4 noatime,ro,errors=panic wait,logical,first_stage_mount,slotselect,avb
system_dlkm /system_dlkm erofs ro wait,logical,first_stage_mount,slotselect,avb=vbmeta
system_dlkm /system_dlkm ext4 noatime,ro,errors=panic wait,logical,first_stage_mount,slotselect,avb=vbmeta
# ZRAM, SD-Card and virtiofs shares
/dev/block/zram0 none swap defaults zramsize=75%
/dev/block/vdc1 /sdcard vfat defaults recoveryonly
/devices/*/block/vdc auto auto defaults voldmanaged=sdcard1:auto,encryptable=userdata
shared /mnt/vendor/shared virtiofs nosuid,nodev,noatime nofail
I also have full kernel log and other information if it will help, Vtd and Vtx are working and all of the pci show in the IOMMU Groups.
acloud create --local-instance 1 --local-image tells me how to start troubleshooting when it fails, only after you manually build the certfile as that part of the acloud setup for instance1 cannot complete, I found that error, but have not yet fixed the source for it, that one was simple - Manually created the cert allowed it to proceed but fails at the switchroot in the boot. All the hardware and qemu all showed good.
A few points of interest as cannot add full kernel.log
Waiting for AVD(s) to boot up ...stop_cvd I 04-02 17:33:50 137759 137759 main.cc:162] Successfully stopped device cvd-1: 0.0.0.0:6520
Fail! (453s)
Total time: (453s)
Device summary:
Fail in:
Cannot create cuttlefish instance: Device did not boot within 450 secs. Stderr:
The following files contain useful debugging information:
Serial console is disabled; use -console=true to enable it.
Kernel log: /tmp/acloud_cvd_temp/local-instance-1/cuttlefish_runtime/instances/cvd-1/kernel.log
Logcat output: /tmp/acloud_cvd_temp/local-instance-1/cuttlefish_runtime/instances/cvd-1/logs/logcat
Launcher log: /tmp/acloud_cvd_temp/local-instance-1/cuttlefish_runtime/instances/cvd-1/logs/launcher.log
Instance configuration: /tmp/acloud_cvd_temp/local-instance-1/cuttlefish_runtime/instances/cvd-1/cuttlefish_config.json
Instance environment: /tmp/acloud_cvd_temp/local-instance-1/.cuttlefish.sh
Failed to read a complete exit code, read 0 bytes only instead of the expected 4
VIRTUAL_DEVICE_BOOT_FAILED
launch_cvd E 04-02 17:33:50 115944 115944 main.cc:252] run_cvd returned 10
For more detail: /tmp/acloud_cvd_temp/local-instance-1/cuttlefish_runtime/launcher.log
Encountered the following errors:
Cannot create cuttlefish instance: Device did not boot within 450 secs. Stderr:
The following files contain useful debugging information:
Serial console is disabled; use -console=true to enable it.
Kernel log: /tmp/acloud_cvd_temp/local-instance-1/cuttlefish_runtime/instances/cvd-1/kernel.log
Logcat output: /tmp/acloud_cvd_temp/local-instance-1/cuttlefish_runtime/instances/cvd-1/logs/logcat
Launcher log: /tmp/acloud_cvd_temp/local-instance-1/cuttlefish_runtime/instances/cvd-1/logs/launcher.log
Instance configuration: /tmp/acloud_cvd_temp/local-instance-1/cuttlefish_runtime/instances/cvd-1/cuttlefish_config.json
Instance environment: /tmp/acloud_cvd_temp/local-instance-1/.cuttlefish.sh
Failed to read a complete exit code, read 0 bytes only instead of the expected 4
VIRTUAL_DEVICE_BOOT_FAILED
launch_cvd E 04-02 17:33:50 115944 115944 main.cc:252] run_cvd returned 10
For more detail: /tmp/acloud_cvd_temp/local-instance-1/cuttlefish_runtime/launcher.log
If you have any question or need acloud team support, please feel free to contact us by email at buganizer-system+419709#google.com.
Line 227 of kernel log: [ 0.318334] PCI: Using host bridge windows from ACPI; if necessary, use "pci=nocrs" and report a bug