Commit graph

2887 commits

Author SHA1 Message Date
Elliott Hughes
c3a206ccda Revert "[LSC] Add LOCAL_LICENSE_KINDS to system/core"
This reverts commit 187b7d1950.

Reason for revert: system/core is multiple projects, not one.

Change-Id: I790ea41741f8cd9b8b6db2f59a49e71fb0958fd6
2021-02-16 20:01:20 +00:00
Bob Badour
187b7d1950 [LSC] Add LOCAL_LICENSE_KINDS to system/core
Added SPDX-license-identifier-Apache-2.0 to:
  bootstat/Android.bp
  cli-test/Android.bp
  code_coverage/Android.bp
  cpio/Android.bp
  debuggerd/crasher/Android.bp
  debuggerd/proto/Android.bp
  diagnose_usb/Android.bp
  fs_mgr/libdm/Android.bp
  fs_mgr/libfiemap/Android.bp
  fs_mgr/liblp/Android.bp
  fs_mgr/libsnapshot/Android.bp
  fs_mgr/libstorage_literals/Android.bp
  fs_mgr/libvbmeta/Android.bp
  fs_mgr/tests/Android.bp
  fs_mgr/tools/Android.bp
  gatekeeperd/Android.bp
  healthd/Android.bp
  healthd/testdata/Android.bp
  init/Android.bp
  init/Android.mk
  init/sysprop/Android.bp
  init/test_kill_services/Android.bp
  init/test_service/Android.bp
  libappfuse/Android.bp
  libasyncio/Android.bp
  libbinderwrapper/Android.bp
  libcrypto_utils/Android.bp
  libcrypto_utils/tests/Android.bp
  libdiskconfig/Android.bp
  libgrallocusage/Android.bp
  libkeyutils/mini_keyctl/Android.bp
  libmodprobe/Android.bp
  libnetutils/Android.bp
  libpackagelistparser/Android.bp
  libprocessgroup/Android.bp
  libprocessgroup/cgrouprc/Android.bp
  libprocessgroup/cgrouprc_format/Android.bp
  libprocessgroup/profiles/Android.bp
  libprocessgroup/setup/Android.bp
  libqtaguid/Android.bp
  libsparse/Android.bp
  libstats/push_compat/Android.bp
  libsuspend/Android.bp
  libsync/Android.bp
  libsystem/Android.bp
  libsysutils/Android.bp
  libusbhost/Android.bp
  libutils/Android.bp
  libvndksupport/Android.bp
  libvndksupport/tests/Android.bp
  llkd/Android.bp
  llkd/tests/Android.bp
  property_service/libpropertyinfoparser/Android.bp
  property_service/libpropertyinfoserializer/Android.bp
  property_service/property_info_checker/Android.bp
  qemu_pipe/Android.bp
  reboot/Android.bp
  rootdir/Android.bp
  rootdir/Android.mk
  rootdir/avb/Android.bp
  rootdir/avb/Android.mk
  run-as/Android.bp
  sdcard/Android.bp
  set-verity-state/Android.bp
  shell_and_utilities/Android.bp
  storaged/Android.bp
  toolbox/Android.bp
  trusty/apploader/Android.bp
  trusty/confirmationui/Android.bp
  trusty/confirmationui/fuzz/Android.bp
  trusty/coverage/Android.bp
  trusty/fuzz/Android.bp
  trusty/fuzz/test/Android.bp
  trusty/gatekeeper/Android.bp
  trusty/gatekeeper/fuzz/Android.bp
  trusty/keymaster/Android.bp
  trusty/keymaster/fuzz/Android.bp
  trusty/libtrusty/Android.bp
  trusty/libtrusty/tipc-test/Android.bp
  trusty/secure_dpu/Android.bp
  trusty/storage/interface/Android.bp
  trusty/storage/lib/Android.bp
  trusty/storage/proxy/Android.bp
  trusty/storage/tests/Android.bp
  trusty/utils/spiproxyd/Android.bp
  trusty/utils/trusty-ut-ctrl/Android.bp
  usbd/Android.bp
  watchdogd/Android.bp

Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD to:
  debuggerd/Android.bp
  fastboot/Android.bp
  libkeyutils/Android.bp

Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD
    SPDX-license-identifier-MIT
to:
  Android.bp
  libcutils/Android.bp

Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-MIT
to:
  fs_mgr/Android.bp
  fs_mgr/libfs_avb/Android.bp
  trusty/utils/rpmb_dev/Android.bp

Added SPDX-license-identifier-BSD
to:
  fastboot/fuzzy_fastboot/Android.bp

Bug: 68860345
Bug: 151177513
Bug: 151953481

Test: m all

Exempt-From-Owner-Approval: janitorial work
Change-Id: I5bd81adb5cdcf2b4dd4141b204eb430ff526af8f
2021-02-16 04:10:03 -08:00
Mohammad Islam
223902d81c Merge "Create an encrypted directory for decompressing compressed APEX" 2021-02-12 10:16:55 +00:00
Elliott Hughes
3e455e3ae1 Merge "Remove special config for /dev/hw_random." 2021-02-11 18:04:45 +00:00
Elliott Hughes
61fb3d0b69 Remove special config for /dev/hw_random.
There's no need for system_server to access this any more, so no need to
have weaker permissions than we'll get by default (ignoring the fact
that SELinux policy is our real protection here anyway).

Bug: http://b/179086242
Test: treehugger
Change-Id: I584e87f027f44e10190c2e5c2eb85785f61f8bd5
2021-02-10 15:13:46 -08:00
Hongming Jin
87f55fe2af Create /data/misc/a11ytrace folder to store accessibility trace data.
Bug: 157601519
Test: manual check
Change-Id: I0a12246c8b30e8c68e1dd1fa80135f8945f343dc
2021-02-09 11:54:46 -08:00
Andrei-Valentin Onea
2e2861dbd3 Merge "Create appcompat data dir" 2021-01-29 14:53:27 +00:00
Tom Cherry
71dd7064cc ueventd: deprecate paths without /etc/
ueventd.rc scripts belong in the /etc/ directory of their given
partition, not the root of the partition.  This can cause problems,
especially since Android.bp cannot write to the root directly, forcing
vendors to use Android.mk for these files.  Note that
/system/etc/ueventd.rc moved long ago.

Test: Tree-hugger
Change-Id: I2dcaafc3c3f687f76ab6bc38af979c8b43346db0
2021-01-26 12:26:09 -08:00
Seigo Nonaka
4356f6e98d Merge "Set up /data/fonts directory for updatable system fonts" 2021-01-25 05:47:03 +00:00
Linzhao Ye
5a9b8577c9 Merge "Allow system server to access sysfs node of led lights." 2021-01-23 17:08:46 +00:00
Andrei Onea
3c50588529 Create appcompat data dir
This is currently used for persisting the compat framework overrides
across reboots.

Test: atest CompatConfigTest
Bug: 145509340
Change-Id: I9205388b44a337a5b56b78cb6cc78f09494a623e
2021-01-22 17:12:27 +00:00
Martijn Coenen
c7a26dc263 Move restorecon of /data earlier in boot sequence.
A future early-boot daemon (on-device signing) needs to access
/data/misc before fs-verity keys are locked. Therefore, move the
restorecon of /data up a bit, to make sure the labels are correct. To be
safe, only run it after init_user0, since that function is responsible
for loading DE keys.

Also move early boot keys and fs-verity key locking a bit later, since
the on-device signing daemon needs to use both of these, but it also
needs the restorecon to function correctly.

Bug: 174740982
Test: manual
Change-Id: I9b6e44d9b547d420e1c6ba01fb3d3accc0625e20
2021-01-18 13:42:53 +01:00
Chris Ye
f41e334922 Allow system server to access sysfs node of led lights.
To support input device lights manager feature in frameworks, provide
sysfs node access to system server process.

Bug: 161633625
Test: atest LightsManagerTest, atest InputDeviceLightsManagerTest
Change-Id: Ic823539e9dd616b6ca4ae803756746e0f5349ec1
2021-01-17 06:58:39 +00:00
Mohammad Samiul Islam
96711052eb Create an encrypted directory for decompressing compressed APEX
We want to decompress into an encrypted directory so that it can later
be hard linked to other encrypted directories, such as /data/rollback.

Bug: 172911820
Test: atest ApexCompressionTests#testCompressedApexIsDecompressed
Change-Id: I98bc567ba7e8b1ea1b335830d71d1b1f38e6ea33
2021-01-14 20:07:05 +00:00
Hridya Valsaraju
0db7ccaf99 Merge "Setup ueventd to support DMA-BUF system-secure heap" 2021-01-13 16:23:52 +00:00
Treehugger Robot
8376d87e2d Merge "Let init mount/unmount debugfs for non-user builds" 2021-01-13 04:24:22 +00:00
Hridya Valsaraju
fb921a1c4e Let init mount/unmount debugfs for non-user builds
This change will help non-user builds with keeping debugfs
disabled during run time. Instead, debugfs will be mounted by init
to enable boot time initializations to set up vendor debug data
collection and unmounted after boot. It will be also be mounted by
dumpstate for bug report generation and unmounted after.

This change is only intended to help vendors (who depend on debugfs to
collect debug information from userdebug/eng builds) keep debugfs
disabled during runtime. Platform code must not depend on debugfs at all.

Test: manual
Bug: 176936478
Change-Id: I2e89d5b9540e3de094976563682d4b8c5c125876
2021-01-12 14:41:53 -08:00
Hridya Valsaraju
f7c0f3d830 Setup ueventd to support DMA-BUF system-secure heap
Memory allocated from this heap will be used for secure playback.

Test: manual
Bug: 175697666
Change-Id: I16275ef0cef39b7b56cdce7c3545622712d438dc
2021-01-12 12:49:24 -08:00
Gavin Corkery
09494764ae Merge "Add /metadata/watchdog" 2021-01-08 08:20:45 +00:00
Gavin Corkery
badf3962bc Add /metadata/watchdog
This directory will be used to store the mitigation count
from Package Watchdog in the case of a boot loop, in
order to persist the value across fs-checkpointing
rollbacks. One integer will be stored in a file in this
directory, which will be read and then deleted at the
next boot. No userdata is stored.

See go/rescue-party-reboot for more context.

Test: Manual test using debug.crash_sysui property
      and inspecting file
Bug: 171951174
Change-Id: I2bd5e1ebe14d7e9e4f0e0dbeb90cf76b8400752e
2021-01-07 19:41:07 +00:00
Nicolas Geoffray
5266e041ef Merge "Add boot animation progress system property." 2021-01-07 09:23:35 +00:00
Treehugger Robot
208cad671d Merge "Adding Car GSI public key" 2021-01-06 01:05:43 +00:00
Treehugger Robot
d3ba0e28cd Merge "Reland "Create a pool of 20 measurement files per library for coverage."" 2021-01-05 19:16:50 +00:00
Karthik Ramakrishnan
bb6cebb2ec Adding Car GSI public key
Bug: 140827657
Test: m qcar-gsi.avbpubkey
Change-Id: Ib493d17b9ca3859b8613de12fb8015d2ffb766f6
2020-12-21 17:07:59 -08:00
Kevin Brodsky
13d86ad6bf init.rc: start tombstoned before switching mount namespace
Unlike apexd, tombstoned uses the regular dynamic linker path
(/system/bin/linker64). As a result, starting it after we have
switched to the default mount namespace but before APEXes have been
activated fails, because /system/bin/linker64 does not exist between
those two events. Fix that by starting tombstoned even earlier,
before we have switched mount namespace.

To avoid reintroducing the bug fixed by 2c9c8eb5ff ("init.rc:
create /data/vendor* earlier"), also make sure that /data/vendor* is
still created before /data/vendor/tombstones.

While at it, move the creation of /data/anr before starting
tombstoned, because tombstoned assumes that /data/anr exists.

Fixes: 81c94cdce6 ("Start tombstoned early in post-fs-data.")
Test: boot fvp-eng and fvp_mini-eng, check that tombstoned starts
      succesfully on the first attempt
Change-Id: Ic52383c35fb39c61c2f0e0665fd10e795895d50d
2020-12-17 16:09:36 +00:00
Pirama Arumuga Nainar
4fc933cca4 Reland "Create a pool of 20 measurement files per library for coverage."
This reverts commit 0c4fb3dd4b.

Reason for revert: Permissions issue in b/173448692 are fixed.

Change-Id: Ic0382484c8e46470b4d7986681229fef0f0dcdfc
2020-12-17 01:43:07 +00:00
Youkichi Hosoi
63fdd1ba24 ueventd: Fix property variable for ro.hardware in ueventd.rc
Property variables should be written ${x.y} to be expanded.

Bug: 175645356
Test: The property ro.hardware is expanded properly.
Change-Id: Idf7ff7ecc002e6e4de4ccef70e89dcc1c10e63d0
2020-12-16 15:54:15 +09:00
Nicolas Geoffray
e106f0aaeb Add boot animation progress system property.
Test: m
Bug: 175686819
Change-Id: Ic2757054b908e2c7ff51e256e8683616df74fb33
2020-12-15 18:34:47 +00:00
John Stultz
efb6e07e0a ueventd.rc: Add /dev/dma_heap/system-uncached permissions
Add permissions for dev/dma_heap/system-uncached dmabuf heap.

This should match the dmabuf system heap.

Signed-off-by: John Stultz <john.stultz@linaro.org>
Change-Id: I9253d56c72d45e228539f709e76ba0862ae03d96
2020-12-14 23:29:55 +00:00
John Stultz
dc01a02a1a ueventd.rc: Reduce permissions for /dev/dma_heap/system to 444
Jeffrey Vander Stoep noted the permissions for the system dmabuf
heap should be 444 instead of 666, as we only need to open and
call ioctl on the device.

Signed-off-by: John Stultz <john.stultz@linaro.org>
Change-Id: I650c9fabfffd1eac5f59bbc7fa1e0ae1f5646bd9
2020-12-14 23:29:35 +00:00
Elliott Hughes
21de4e727e Add new owners to various sub-projects.
Test: treehugger
Change-Id: Ia2a99c0499633ccc5d23c37a1ec93867c876d637
2020-12-11 12:45:45 -08:00
Treehugger Robot
24adfede52 Merge "Add execute permission to /data/app-staging folder" 2020-12-10 17:04:42 +00:00
Mohammad Samiul Islam
64fe2c66e2 Add execute permission to /data/app-staging folder
Package verifiers (e.g, phonesky) needs to access the folders inside
/data/app-staging to be able to verify them. Without the execute
permission on app-staging folder, it cannot stat any of the sub-dirs
inside app-staging.

This also aligns with permission of /data/app folder.

Bug: 175163376
Test: manual
Test: installed a staged session and observed that Phonesky did not log
about not finding the apks in /data/app-staging folder

Change-Id: I9774ed800da9f15401d3cee653142a37bf54ef4a
2020-12-09 21:05:28 +00:00
Tom Cherry
5b271797de ueventd: add the import option from the init parser
Vendors have an interest in importing ueventd files based on certain
property values.  Instead of baking this logic in the ueventd binary,
add the import option from the init parser to the ueventd parser, to
allow vendors to expand as needed.

Test: imported files are parsed
Change-Id: I674987fd48f3218e4703528c6d905b1afb5fb366
2020-12-08 13:21:26 -08:00
Martijn Coenen
cd91f86618 Merge "Split fsverity_init in two phases." 2020-12-07 13:55:48 +00:00
Treehugger Robot
f38f0fdd2d Merge "Adding 'postinstall' root dir unconditionally." 2020-12-05 01:15:47 +00:00
Bowgo Tsai
2e228936f4 Adding 'postinstall' root dir unconditionally.
It is required to pass update_engine_unittests in GSI
compliance test. And it's clean to just add this mount
dir unconditionally.

Bug: 172696594
Test: `m init.environ.rc` and checks that $OUT/root/postinstall exists
Change-Id: Ib340a78af442ea66c45cecb373a9eb3c428f8dda
2020-12-04 17:07:26 +08:00
Kiyoung Kim
2f3e936f72 Merge "Use bootstrap linkerconfig from early init" 2020-12-04 01:00:33 +00:00
Wei Wang
673b6d47bc Merge changes I13c9660a,I41745e7b,I0e6722b8
* changes:
  init.rc: correct the obsolete comment
  Add system-background cpu group
  init.rc: create camera-deamon stune cgroup
2020-12-03 18:57:25 +00:00
Treehugger Robot
0029d3f6c0 Merge "Follow vdc naming convention: earlyBootEnded" 2020-12-02 07:49:38 +00:00
Wei Wang
aed52ef138 init.rc: correct the obsolete comment
system-background cpuset is mapped in tasks_profiles.json.

Bug: 170507876
Test: Build
Change-Id: I13c9660a1288e22382ced4dd31f079f31bf7c8dc
2020-12-01 19:46:02 -08:00
Wei Wang
ab87979a00 Add system-background cpu group
Add system-background cgroup hierarchy for uclamp and cpu bandwidth
tuning.

Bug: 170507876
Bug: 171740453
Test: boot and check cgroup
Change-Id: I41745e7b3ac5c1d7ea7dd77f5db39c6895047446
2020-12-01 19:46:02 -08:00
Wei Wang
6a28572648 init.rc: create camera-deamon stune cgroup
camera-daemon is referred in task-profiles.json so the hierarchy should
be created in aosp's init.rc.

Bug: 170507876
Bug: 171740453
Test: boot and check cgroup
Change-Id: I0e6722b88922abf4ccae3b19623d8b889a6e3cb6
2020-12-01 19:46:02 -08:00
Wei Wang
84719713c7 Merge "rootdir/init.rc: Create camera-daemon groups" 2020-12-02 03:38:01 +00:00
Kiyoung Kim
03b9bcabff Use bootstrap linkerconfig from early init
Linkerconfig will be moved into Runtime APEX, so
/system/bin/linkerconfig would not be available before APEX is mounted.
Use bootstrap linkerconfig instead during early init.

Bug: 165769179
Test: Cuttlefish boot succeeded
Change-Id: Iae41f325bbd5f5194aaf4613141860f913dfbff1
2020-12-02 11:41:06 +09:00
Paul Crowley
3fe1a8c76c Follow vdc naming convention: earlyBootEnded
vdc commands use camelCase, not kebab-case.

Test: EarlyBootKeyTest.CannotCreateEarlyBootKeys
Change-Id: I5bcc9c435c848f5054e81ffaf87ae32577548570
2020-12-01 14:37:48 -08:00
Martijn Coenen
3b68bf2d34 Split fsverity_init in two phases.
First load the verified keys, and then only lock the keyring after apexd
has run. This is in preperation for on-device signing, which will need
to add another key to the fs-verity keyring before it's locked.

Note that I've moved loading of the verified keys up a bit; fsverity_init
used to load keys from Keymaster, but it currently doesn't, so there's
no need to wait for it.

Bug: 165630556
Test: boot, cat /proc/keys
Change-Id: I077673575ae3dafcf3126d8c544fe7f8d34c0225
2020-12-01 14:39:22 +00:00
Rick Yiu
a983f8ab1e rootdir/init.rc: Create camera-daemon groups
In task_profiles.json, camera-daemon is referred for both cpu and
cpuset controller, so create them in init.rc officially.

Test: build pass
Bug: 170507876
Change-Id: I655154ab739ffde6fdfd2d499cbaa974597d3ee7
2020-12-01 15:45:01 +08:00
Kiyoung Kim
344b46a5b3 Remove provide libs from file
Remove provide libs of system image from file, and generate it at build
time instead

Bug: 172889962
Test: Build cuttlefish and confirmed list is generated in
/system/etc/linker.config.pb

Change-Id: I365252dcb2e8735fd8f6345c9ec2c985b0489d64
2020-12-01 10:41:09 +09:00
Rick Yiu
1848e5e69c rootdir/init.rc: Remove duplicated settings
Bug: 170507876
Test: build pass
Change-Id: I2cfa886eb84982f03df9bf0db95dc1aae2117418
2020-11-23 07:29:55 +00:00