Process profiles operating on paths that do not depend on pid or uid of
the process can cache the fd of the file they are operating on. Add
support for fd caching similar to how SetTaskProfiles caches the fd
of the file it needs to write to.
Bug: 215557553
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: Ie73ebcbbf1919d90409f40c1f6b08743f4edf97c
Refactor file descriptor caching code and move it into FdCacheHelper
because later on when we introduce fd caching for SetProcessProfiles
the children of CachedFdProfileAction become different enough that
sharing the same parent becomes a hindrance.
Bug: 215557553
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: If3812a0090c81a29e25f0888b0511cfaf48edea3
Using WriteStringToFile will hold kernfs_mutex which is a big lock,
so use WriteStringToFd instead. Besides, also support fd cache for it.
Bug: 206970384
Test: build pass
Change-Id: Id79f9e1095f52079393c58edb9a4d526f4cc6b5e
UserLifecycleTests test disables all Little cores in the course of the
test, which causes attempts to add a process into /dev/cpuset/restricted
cpuset cgroup to fail with ENOSPC error code, indicating that a process
is joining a cpuset cgroup with no online cpus. Current libprocessgroup
implementation will log an error on each such occurrence, which spams
the logs and makes it hard to analyze test results. Because this
situation does not happen in production environment (we do not offline
cpus), we can prevent flooding the logs by identifying this case,
logging an appropriate error one time and ignore all later similar errors.
Bug: 158766131
Test: adb shell "echo 0 > /sys/devices/system/cpu/cpu[0-3]/online"
Test: start some apps, observe libprocessgroup errors in the logcat
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: Ia91d8839d86787569c255481bde077be51c43d93
If there are known fail pattern, we could disable printing logs to
reduce log spam. Use "LogFailures": true or "LogFailures": false.
Default will be true if not specified.
Bug: 178070122
Test: function works
Change-Id: Ia4081a10daf738294937f459f006fbcc3171481b
There may be some use cases that it needs to write string to a
file. This patch support write "Value" to "FilePath", where
both parameters could use special string "<uid>" and "<pid>" to
represent actual uid and pid.
Bug: 170507963
Test: function works
Change-Id: I543846f523518a9bcb3dd1b3437163a1b3157d95
In the current implementation vendor profile attributes do not override
system ones and instead generate a warning. Fix that by overriding existing
attribute if a new definition is found.
Bug: 160318642
Test: add vendor attributes and confirm no warnings
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: I71a2ee4d4b3c585e7c9a01b791e973390d409cbc
Because we cache file descriptors associated with cgroup "tasks" file it
should not be used with SetProcessProfiles API which operates on entire
processes rather than tasks. Change SetProcessProfiles API to prevent
cache fd usage, modify ExecuteForProcess to not attempt to use cached
fd. Also fix unconditional calls to EnableResourceCaching from
ExecuteForTask which should be called only when SetTaskProfiles is used
with use_fd_cache set to true.
Bug: 149524788
Change-Id: I880efaf8217a4dd7ccfbb4fb167b2295cefc057a
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Currently when vendor overrides a profile the profile object is being
replaced with a new one. However the old profile might have been
referenced by an aggregate profile and with such profile replacement
the aggregate profile is left referencing a stale object. Fix this by
replacing the content of the old profile with the content from the new
one instead of replacing the object itself.
Bug: 148311066
Test: override profiles referenced in aggregate profile and verify
Test: correct replacement
Change-Id: Iabddbf3580455e5263fedad6665cf52fb323e50a
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
To support setting multiple profiles with one call. The json format
is as below example.
"AggregateProfiles": [
...
{
"Name": "SCHED_SP_BACKGROUND",
"Profiles": [ "HighEnergySaving", "LowIoPriority", "TimerSlackHigh" ]
},
...
}
Bug: 139521784
Test: SetProfile works as expected
Change-Id: Ibe14ed57d5169cafcbcbbdb054df3ed171a2f6a2
A process can give up the permission to set cgroup. If we still
keep the fd that was cached before losing the permission, when
the process sets scheduling group, it will write to the cached
fd without checking if is accessible and lead to sepolicy denied.
Bug: 123043091
Test: Build and boot.
Test: A new process from zygote set cgroup and drop fd cache, and
then specializes to app domain. There is no sepolicy denied
when the process creates new thread.
(android::thread_data_t::trampoline)
Change-Id: I285ee91424ea965ea9c670fc0f6662948e3e2ce5
while enable fdsan (file descriptor sanitizer),
fdsan report use-after-close error after boot complete (sedom).
Because, in SetCgroupAction::EnableResourceCaching() currently has a data race against all the
use fd_ functions like SetCgroupAction::ExecuteForProcess(uid_t uid, pid_t pid) etc.
ThreadA | ThreadB
-------------------------------------------------------------------------------------------------
in SetCgroupAction::EnableResourceCaching() | in SetCgroupAction::ExecuteForProcess(...)
-------------------------------------------------------------------------------------------------
| in SetCgroupAction::AddTidToCgroup(int tid, int fd)
-------------------------------------------------------------------------------------------------
fd_ = std::move(fd); /*modified fd_ value*/ |
-------------------------------------------------------------------------------------------------
| write(fd) /* crash here, fd is closed by ThreadA*/
-------------------------------------------------------------------------------------------------
So, add mutex lock to protect fd_ data race.
Bug: 134120826
Test: auto test, run the adb reboot test 100 times and no fdsan error report on libprocessgroup
Change-Id: Iccf2f705e030f79324f1164509e715dc5be825de
This reverts commit bee9f5718b
"libprocessgroup: Disable file descriptor caching temporarily" and adds
option to use SetTaskProfiles and SetProcessProfiles without file caching.
This option is used from JNI to avoid access denials because cached files
are not whitelisted for JNI usage.
Bug: 123868658
Bug: 123043091
Test: boot using svelte target
Change-Id: I76b9d6af8a1dd4464cb3cf3e6dc327980efdf361
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Use the LL-NDK library to read cgroup.rc.
As a side-effect, the CgroupController class is changed
to a wrapper of ACgroupController* from the library. The
class itself essentially becomes the pointer, and can be
trivially copied. Modify all client code for this change.
Test: builds and boots
Bug: 123664216
Change-Id: I635d9885db62e82f37421f6d20f59c84a6f4cbb2
Merged-In: I635d9885db62e82f37421f6d20f59c84a6f4cbb2
Vendors should be able to specify additional cgroups and task profiles
without changing system files. Add support for /vendor/etc/cgroups.json
and /vendor/etc/task_profiles.json files which will augment cgroups and
task profiles specified in /etc/cgroups.json and /etc/task_profiles.json
system files.
Bug: 124960615
Change-Id: I548c2e866b65c19856a3617d75b75dcd06f7d5b7
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
File descriptor caching breaks boot on Android Go and Svelte targets.
Disable it temporarily to fix the builds and investigate the root cause
further.
Bug: 123868658
Test: Android Go device boots after this change
Change-Id: Idd0209029cde8454ea99b9de030f7a317c2988d7
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
We want our default implementations to fail, but '-1' is implicitly
cast to 'true', since it's non-zero. We explicitly use 'false' to
fix this.
Test: TreeHugger
Change-Id: I369897b519601ce1a887cf6acd5f2cb9a6113a9a
Non-Android build targets are missing sys/prctl.h header and functionality
should be disabled for them like it was done previously inside
sched_policy.cpp. Also make the set_sched_policy/get_sched_policy
functionality backward compatible by creating stubs for non-Android
targets.
Bug: 111307099
Test: built sdk_gphone_x86-sdk_addon_mac target using forrest
Change-Id: I1c195267e287a84a21c588bd61d7c452bff6cfbe
Merged-In: I1c195267e287a84a21c588bd61d7c452bff6cfbe
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Abstract usage of cgroups into task profiles that allows for changes
in cgroup hierarchy and version without affecting framework codebase.
Rework current processgroup and sched_policy API function implementations
to use task profiles instead of hardcoded paths and attributes.
Mount cgroups using information from cgroups.json rather than from init.rc
Exempt-From-Owner-Approval: already approved in internal master
Bug: 111307099
Test: builds, boots
Change-Id: If5532d6dc570add825cebd5b5148e00c7d688e32
Merged-In: If5532d6dc570add825cebd5b5148e00c7d688e32
Signed-off-by: Suren Baghdasaryan <surenb@google.com>