Commit graph

1351 commits

Author SHA1 Message Date
Tom Cherry
766e878253 Merge "Add default executable permission in odm/bin" 2019-05-08 15:31:28 +00:00
Tom Cherry
6836c9a24b Merge "Remove sbin from fs_config.cpp" am: 26ec31ce8d
am: c6c4fbe805

Change-Id: I8a8d4742a03df2bf475c6a4a7c7350cff7638470
2019-05-07 23:59:51 -07:00
Tom Cherry
2f74a26a2d Remove sbin from fs_config.cpp
There is no longer a /sbin on Android.

Bug: 73660730
Test: build
Change-Id: I3f5ce292790392a02aa4a1c661f44b4c7e1570dc
2019-05-07 10:21:05 -07:00
Min Yun
a8eb00720c Add default executable permission in odm/bin
In odm's binary files can't have executable permission.
Add default executable permission in odm/bin and vendor/odm/bin.
Previously partitions that except system, only appeared in
system partition if product haven't separated partition.
After support ODM, vendor/odm should considered.

Bug : 124465978
Test : Check each file's permission.
system/vendor/bin/* -> 0755
system/product/bin/* -> 0755
system/product_services/bin/* -> 0644
system/oem/bin/* -> 0644

vendor/odm/bin/* -> 0755
vendor/product/bin/* -> 0644
vendor/product_services/bin/* -> 0644

Change-Id: I5cee48474fceaf73853b2013d58017bd64953d86
2019-05-07 14:04:23 +09:00
Tim Murray
41f261df25 Merge "cutils: add ashmem_init" am: 55ba959c13
am: 3d213c39e8

Change-Id: Ib9335109c0226c34dce479ee56a5f231d23f8d19
2019-04-05 03:02:02 -07:00
Tim Murray
8879ed7f2a cutils: add ashmem_init
Add a new ashmem_init function that only dlopens libashmemd_client.
This allows the library to be preloaded in the zygote.

Test: boots, works
Bug: 129543489

Change-Id: Ie106791edf381654f085203c266c9f9c0df35cfc
2019-04-04 17:30:25 -07:00
Tim Murray
943f1c1d4a cutils: add ashmem_init
Add a new ashmem_init function that only dlopens libashmemd_client.
This allows the library to be preloaded in the zygote.

Test: boots, works
Bug: 129543489

Change-Id: Ie106791edf381654f085203c266c9f9c0df35cfc
2019-04-05 00:28:05 +00:00
Yifan Hong
25d42eeaa6 Merge changes from topic "libprocessgroup_rc"
* changes:
  CgroupSetupCgroups -> CgroupSetup
  Add libcgrouprc to ld.config.*.txt.
  libprocessgroup: use libcgrouprc to read cgroup.rc
  libprocessgroup_setup: use libcgrouprc_format
  libprocessgroup: Move CgroupSetupCgroups() to libprocessgroup_setup
  libprocessgroup: Add libcgrouprc
  libprocessgroup: Add libcgrouprc_format
2019-04-03 19:08:51 +00:00
Yifan Hong
bd5853cb48 Merge changes from topic "libprocessgroup_rc"
* changes:
  CgroupSetupCgroups -> CgroupSetup
  Add libcgrouprc to ld.config.*.txt.
  libprocessgroup: use libcgrouprc to read cgroup.rc
  libprocessgroup_setup: use libcgrouprc_format
  libprocessgroup: Move CgroupSetupCgroups() to libprocessgroup_setup
  libprocessgroup: Add libcgrouprc
  libprocessgroup: Add libcgrouprc_format
2019-04-03 16:41:21 +00:00
Yifan Hong
53e0deb7b2 libprocessgroup: use libcgrouprc to read cgroup.rc
Use the LL-NDK library to read cgroup.rc.

As a side-effect, the CgroupController class is changed
to a wrapper of ACgroupController* from the library. The
class itself essentially becomes the pointer, and can be
trivially copied. Modify all client code for this change.

Test: builds and boots
Bug: 123664216

Change-Id: I635d9885db62e82f37421f6d20f59c84a6f4cbb2
Merged-In: I635d9885db62e82f37421f6d20f59c84a6f4cbb2
2019-04-02 22:31:57 -07:00
Elliott Hughes
15e370aced Merge "libcutils: android_reboot command should be unsigned." am: e3ec16b9c6 am: cf2f309cff
am: ba78d39cdc

Change-Id: I034c780c6c1166e4c6643ebcc607d3388246ebab
2019-04-02 19:52:28 -07:00
Treehugger Robot
e3ec16b9c6 Merge "libcutils: android_reboot command should be unsigned." 2019-04-03 01:19:06 +00:00
Yifan Hong
fad638c82d libprocessgroup: use libcgrouprc to read cgroup.rc
Use the LL-NDK library to read cgroup.rc.

As a side-effect, the CgroupController class is changed
to a wrapper of ACgroupController* from the library. The
class itself essentially becomes the pointer, and can be
trivially copied. Modify all client code for this change.

Test: builds and boots
Bug: 123664216

Change-Id: I635d9885db62e82f37421f6d20f59c84a6f4cbb2
2019-04-02 17:34:37 -07:00
Nick Kralevich
eed675688d Merge "Revert "relax /system/bin directory permissions"" am: 98880af580 am: 88b15b2b7c
am: 6b38459ee5

Change-Id: I44ec7363697f52ee55284343f4f4f473b34de9ab
2019-04-02 15:05:19 -07:00
Elliott Hughes
66e5ae0f5a libcutils: android_reboot command should be unsigned.
Hex literals have the type of the first type they fit in. The reboot
constants are large enough that that's `unsigned` rather than `int`.

Bug: http://b/76110968
Test: treehugger
Change-Id: Iac4fe61d1fe572297febf0b57e34d698942469f9
2019-04-02 09:19:46 -07:00
Nick Kralevich
8d1b43bbf4 Revert "relax /system/bin directory permissions"
It appears Chase has fixed their app, so we no longer need to keep these
permissions relaxed.

This reverts commit 53842f8a90.

Bug: 119605322
Test: compiles and boots
Change-Id: Iba5e9ecd685eb386997a5e92638b8a1b5943ad4b
2019-04-02 08:54:17 -07:00
Steven Moreland
6e10e67eaa Merge "libutils/libcutils: make host more like device" am: 43f29072a9 am: 02bb6c1b24
am: 775ed88ddd

Change-Id: I6d9a2c90499622ad61046b3c222f8cb9d688bd16
2019-03-29 17:49:56 -07:00
Steven Moreland
43f29072a9 Merge "libutils/libcutils: make host more like device" 2019-03-29 23:05:20 +00:00
Steven Moreland
e6132be529 libutils/libcutils: make host more like device
Having shared host libraries allows libraries depending on these to use
'shared_libs' for these. This simplifies configurations since these
libraries don't have to specify 'shared_libs' on all non-host targets.

Bug: 124524556
Test: build only

Change-Id: I09fb4a4fb66ea0a87cb76b1e6f400c537a11f082
2019-03-28 18:44:32 -07:00
Yifan Hong
82faf0949f libcutils: android_get_control_file uses realpath. am: dd6eefca30 am: 877436dd25
am: 353d08605d

Change-Id: Ia22a3af3de76eace5f8cb6e58ebc2a8c9d59437f
2019-03-26 16:37:24 -07:00
Elliott Hughes
ae2c2c5770 Merge "Clean up some mess by only building Android-specific code for the device." am: 443fdb2fdc am: 0fa7eddc31
am: 870413d411

Change-Id: I5ea2a7cf59c8ce5b7bc0a970237df17a69d08056
2019-03-25 09:43:43 -07:00
Yifan Hong
dd6eefca30 libcutils: android_get_control_file uses realpath.
If the path to android_get_control_file is a symlink, the final sanity
check will fail that the fd does not have the same path as the given
file. We can't expect callers to readlink() because this would change
the environment key. Instead, try to call realpath on both paths.

Bug: 126233777
Test: lpdump
Change-Id: I0df10d7dbe3e572b8335faad812e5cd80bff1733
2019-03-21 16:00:00 -07:00
Elliott Hughes
7acb0d39e8 Clean up some mess by only building Android-specific code for the device.
Test: treehugger
Change-Id: Id44721ccd1817d8c537b226f60a58b7cb691fb01
2019-03-21 14:59:45 -07:00
Roland Levillain
00c6d45ee9 Merge "Remove Valgrind entries from fs_config." am: e61d5ccf47 am: 710264b43b
am: 6ab844e1fe

Change-Id: I8ab7dcf37ed09045bfe9efe14a93048d6966c74e
2019-03-14 06:43:13 -07:00
Roland Levillain
3f3e2c678e Remove Valgrind entries from fs_config.
Valgrind has been removed from the Android tree in 2018.

Test: n/a
Bug: 77856586
Change-Id: I3b51d9b2290a4276299725cdd5a53a5bba00166e
2019-03-13 17:12:00 +00:00
The Android Open Source Project
4d916a1ece DO NOT MERGE - Merge PPRL.190305.001 into master
Bug: 127812889
Change-Id: I16a546dc24d3cf980ad7ab09895c0d97ee436224
2019-03-11 11:57:28 -07:00
Martijn Coenen
538e0b98c4 Update comments on native_handle_create.
To indicate limits.

Test: builds
Change-Id: Id5129a7f6a8f413911544dedeb02bb4e7a2f6e10
2019-03-06 14:22:10 +01:00
Elliott Hughes
1c8edfa5f3 Merge "__android_log_is_debuggable() shouldn't be an apex symbol" am: 69fc7b628d
am: 963633232e

Change-Id: Id4d53a791e8350be4bb91af4b20bc4a9715b464f
2019-02-20 22:51:49 -08:00
Tom Cherry
15800946e0 __android_log_is_debuggable() shouldn't be an apex symbol
Remove a superfluous check in fs_mgr, since those return values are
already impossible for a non-debuggable build.  Replace a one time
call to __android_log_is_debuggable(), since there's no reason to
cache the value or use this symbol.

Test: build
Change-Id: Icd4bef7b616c49d304303747388d7e3018c6fcfc
2019-02-20 12:52:02 -08:00
Elliott Hughes
661ce4047d Merge "Clean up libcutils/libutils tests." am: 57150963a3
am: f984d7a403

Change-Id: I9870edb8119ba3850b8f9863de439f3fa1fabaa8
2019-02-11 18:37:45 -08:00
Elliott Hughes
01705e4f1d Clean up libcutils/libutils tests.
Move tests in the same directory as the corresponding code, so it's
easier to see what is/isn't tested.

Fix naming of libcutils_tests (plural) to match the singular that's more
common (even though the plural makes more sense to me).

Add these two to system/core/'s TEST_MAPPING.

Remove obsolete AndroidTest.xml.

Fix a flaky (timing-dependent) libcutils test.

Test: ran tests
Change-Id: I7e0a31ff45c8a152562bf66fc97161594249366e
2019-02-11 13:15:56 -08:00
Jiyong Park
76a125bf4e Merge "Eliminate the APEX name in fs_config using wildcard" am: ea353cab91
am: 2e0f43c6ba

Change-Id: Id6e14d3e5d9c7e479ba2150804aa5f0f9c73469d
2019-02-08 17:45:37 -08:00
Jiyong Park
defdb18675 Eliminate the APEX name in fs_config using wildcard
Bug: 123743953
Test: Marlin/sailfish boots to the UI
Change-Id: If1669122be78255879ffb8c8c0a7408a34b5e617
2019-02-09 02:59:17 +09:00
Jiyong Park
6e1875ffea Merge "fs_config supports shell wildcard patterns" am: 2210f80e48
am: 4fe80fa336

Change-Id: I6dfdd5d8979a294bbe3c054f900e4f0f935edae4
2019-02-08 07:54:57 -08:00
Jiyong Park
a2159c493b fs_config supports shell wildcard patterns
It now supports shell wildcard pattern matching using fnmatch(3).

Bug: 123743953
Test: atest libcutils_test
Change-Id: Ib82ae3bf717cbdba267024e1c9d3da004274b95c
2019-02-08 03:53:52 +09:00
Jiyong Park
b97eeb34c4 Merge "Configure /system/apex/com.android.runtime.[debug|release]/bin/*" am: 186661d135
am: 6649f7447e

Change-Id: Iee6311ea1bdeae6e45a6863ee048ff229c0ca841
2019-02-07 08:26:34 -08:00
Jiyong Park
186661d135 Merge "Configure /system/apex/com.android.runtime.[debug|release]/bin/*" 2019-02-07 16:08:24 +00:00
Joel Fernandes
e3b45e5c31 Merge changes from topic "memfd-support" am: 3133b695e0
am: b03663ebdf

Change-Id: Idf18cb0a8eb9327f75d28018e9f0940cc32ae962
2019-02-07 06:27:43 -08:00
Joel Fernandes
519440468b Add support for memfd
This patch adds support to make libcutils create and use memfd where
possible, instead of ashmem.

The libcutils library is made dynamic, since apps are still sending over
ashmem FDs to processes and we are working on moving those apps away
from ashmem. The best we can do for that is make the library work, and
force apps in the long run to move away from directly using ashmem.

Due to further complications mentioned in the 'NOTE' section of the
patch, memfd is kept disabled for now, so nothing changes yet. To enable
it, set the sys.use_memfd property (check user_debug build).

Bug: 113362644
Change-Id: I491cb7841b664db5b1c26b3e07a440a14810e182
Signed-off-by: Joel Fernandes <joelaf@google.com>
2019-02-07 00:40:13 +00:00
Tri Vo
f60debf334 Merge "libcutils: route to ashmemd" am: 5bccd33e0b
am: 6604befa2e

Change-Id: I9511ecf61f9dd85bf2345eef0dd0138cf4f918b0
2019-02-05 13:58:27 -08:00
Suren Baghdasaryan
43a0b172f4 libprocessgroup: Add support for task profiles am: 82b72a5667
am: 953472f577

Change-Id: I5878ecc185f6c673bd18ef17769430e2df1ad71f
2019-02-04 20:58:31 -08:00
Tri Vo
2891ba09d5 libcutils: route to ashmemd
If libcutils is not a VNDK version and /dev/ashmem is not available,
then ask ashmemd for opened fd to /dev/ashmem.

We rely on SELinux policy to determine what's allowed to open
/dev/ashmem directly.

Bug: 113362644
Test: device boots (in selinux permissive mode)
Change-Id: I93c4fa6044b0bfa5282097c6c32139a8d8f67deb
2019-02-04 10:30:24 -08:00
Suren Baghdasaryan
82b72a5667 libprocessgroup: Add support for task profiles
Abstract usage of cgroups into task profiles that allows for changes
in cgroup hierarchy and version without affecting framework codebase.
Rework current processgroup and sched_policy API function implementations
to use task profiles instead of hardcoded paths and attributes.
Mount cgroups using information from cgroups.json rather than from init.rc

Exempt-From-Owner-Approval: already approved in internal master

Bug: 111307099
Test: builds, boots

Change-Id: If5532d6dc570add825cebd5b5148e00c7d688e32
Merged-In: If5532d6dc570add825cebd5b5148e00c7d688e32
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
2019-02-03 16:48:35 +00:00
Jiyong Park
3435c88b4a Configure /system/apex/com.android.runtime.[debug|release]/bin/*
When TARGET_FLATTEN_APEX is set to true, the APEXes are flattened
directly under /system/apex/<name>. Among them the runtime APEX carries
binaries such as linker, dex2oat and they need to be configured to be
executable.

Bug: 123684826
Test: Marlin/sailfish boots to the UI
Change-Id: I8ebe9dc4341410ff91ca2cb7cf95e21b0829c008
2019-02-01 22:05:46 +09:00
David Anderson
a174c6e5b5 Merge "Add user/group for gsid." am: 9747a65380
am: 520aa5bfa1

Change-Id: I244794b8aca62983bb600ca214aedb09ef23a50a
2019-01-30 09:37:30 -08:00
David Anderson
8bc2b89ae6 Add user/group for gsid.
Bug: 122556707
Test: manual test
Change-Id: I18e44ff1bbb3c43cfc8f6f2997f9358052ce249b
2019-01-29 17:48:12 -08:00
Suren Baghdasaryan
1bd127b72e DO NOT MERGE: Revert "Revert "libcutils: Move sched_policy functions into libprocessgroup""
This reverts commit b5394db682.

Reason for revert: AOSP is fixed with new vendor image

Change-Id: Ie1a2e0200600214a65f4fe2250c903c8e8ce0a29
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
2019-01-25 16:49:09 +00:00
Yabin Cui
f29284d53a Merge "Add setuid/setgid capabilities to simpleperf_app_runner." am: c87d1ed611
am: eb16021d1e

Change-Id: I4a723f71f1b7942db5124aa42ccb5e4008e2dde4
2019-01-24 11:17:50 -08:00
Yabin Cui
eb16021d1e Merge "Add setuid/setgid capabilities to simpleperf_app_runner."
am: c87d1ed611

Change-Id: I4d03b065dd379cffbe5ca9656c3294a7f3675887
2019-01-24 11:05:26 -08:00
Suren Baghdasaryan
6738419e09 Merge changes from topic "move sched_policy functions" am: ca50ee91b5
am: e8b2ac49bb

Change-Id: I9ba62bc4cce474b2a12af5a1035714ac9dd39703
2019-01-22 13:41:10 -08:00
Yabin Cui
af3e30d271 Add setuid/setgid capabilities to simpleperf_app_runner.
Also add simpleperf_app_runner in shell utilities.

Bug: 118835348
Test: build and boot.
Test: run simpleperf_app_runner manually.

Change-Id: I538503dabfa8ff192f4b3029206a62613eacdf32
2019-01-22 11:20:10 -08:00
Suren Baghdasaryan
facd40d0e1 libcutils: Move sched_policy functions into libprocessgroup
Move functions operating on cgroups from sched_policy.h in libcutils
into sched_policy_ctrl.h under libprocessgroup. This consolidates
cgroup-related functionality inside libprocessgroup.

Bug: 111307099
Test: builds, boots

Merged-In: Iba75f33281162b889989214d0325a5973d53ed2d
Change-Id: Iba75f33281162b889989214d0325a5973d53ed2d
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
2019-01-22 18:18:48 +00:00
Martijn Coenen
c3be3e8b2a Merge "Update AID_ISOLATED_START to include new range." am: 73992c7c00
am: 48ec9e7ce4

Change-Id: I4c95bf99639aeb3e22f6260f2905ba6f5ce592ad
2019-01-17 13:03:00 -08:00
Martijn Coenen
cb88bc95fc Update AID_ISOLATED_START to include new range.
The AppZygote allocates UIDs out of the [90000..98999] range.

Bug: 111434506
Test: builds
Change-Id: I7846a81077636f6f9aff2880f1c9ee01c6f98257
2019-01-17 11:48:58 +01:00
Martijn Coenen
20ac1203a3 Export maximum number of fds/ints in a native_handle.
So we can deserialize it consisently and safely.

Bug: 120084106
Test: builds
Change-Id: I0eafff70d3a7e4d732fe600a0052efb90108208d
2019-01-16 08:55:14 -08:00
Mårten Kongstad
79d59f0b79 Merge "Add systrace tag for RRO" am: 1c018862a0
am: 047ae05793

Change-Id: If1c6b6b4b3b7696dfcbd358aca2234edfc9f24ee
2019-01-09 16:14:02 -08:00
Mårten Kongstad
ee9534515e Add systrace tag for RRO
Introduce a new systrace tag, TRACE_TAG_RRO, for use with runtime
resource overlay.

Bug: 119761810
Test: builds
Merged-In: I7b883d107a9ae2b12bbda04b74001a68e2a904aa
Change-Id: I7b883d107a9ae2b12bbda04b74001a68e2a904aa
2019-01-08 14:17:47 -08:00
David Sehr
903789f132 Merge "Enable building ATRACE stubs on Windows" am: 8f5f643c57
am: 7373603f11

Change-Id: I1571ba36f08831d3bb74e683c8e79872981b67a3
2019-01-07 14:05:40 -08:00
Martijn Coenen
ad1fded66a Export maximum number of fds/ints in a native_handle. am: 02debfa2df am: 5fa5708025
am: 08ba9b1412

Change-Id: I8a4ebec9c608af10bcb1387fc5dfe9b0b6886f27
2019-01-04 10:58:38 -08:00
Martijn Coenen
08ba9b1412 Export maximum number of fds/ints in a native_handle. am: 02debfa2df
am: 5fa5708025

Change-Id: I7812acbfd43811e332513b9945432d23fba94187
2019-01-04 10:53:26 -08:00
Martijn Coenen
5fa5708025 Export maximum number of fds/ints in a native_handle.
am: 02debfa2df

Change-Id: I36da3de7dcad006ee647163a62b0d5c8819b994e
2019-01-04 10:46:21 -08:00
David Sehr
eb2dd20dc3 Enable building ATRACE stubs on Windows
The header contained inline functions that called unimplemented code on
Windows.  Enable building the implementations.

Bug: none
Test: make -j 50 checkbuild
Change-Id: I11b39e6f5c72fc000088182f3631a9f538474c42
2018-12-20 13:46:08 -08:00
Remi NGUYEN VAN
354d5f27ff Merge "Add UID for network stack app" 2018-12-19 02:01:23 +00:00
Nick Kralevich
53842f8a90 relax /system/bin directory permissions
In commit f4fc922f0b, we tightened the
permissions on various bin directories. Please see
https://android-review.googlesource.com/c/platform/system/core/+/822955
for details.

This change causes the Chase banking app to crash. This is because
the Chase app is using inotify_add_watch() on the /system/bin directory
and not checking the return value.

The Android Security model guarantees the immutability of files in
/system/bin, so the inotify watch is unnecessary.

Until the Chase app fixes their bug, we need to relax the permissions on
the /system/bin directory. Conceptually, this is a partial revert of
f4fc922f0b.

Bug: 119605322
Test: compiles
Change-Id: Ic72dd24cb27cff677093963bdfd0ae09bf132e08
2018-12-13 10:56:33 -08:00
Tom Cherry
23319ebebf Start using new C++ Fstab class widely
Bug: 62292478
Test: boot
Test: adb-remount-test.sh

Change-Id: Id4715af4c1f03e2cfc67de92d3ea58e933685e51
2018-12-12 17:08:09 +00:00
Remi NGUYEN VAN
1129243abe Add UID for network stack app
Test: built, booted, verified app is started and has proper uid
Bug: b/112869080
Change-Id: I8a21613de825ede8832918d0ffa08c537b30704b
2018-12-12 10:55:38 +09:00
Martijn Coenen
02debfa2df Export maximum number of fds/ints in a native_handle.
So we can deserialize it consisently and safely.

Bug: 120084106
Test: builds
Change-Id: I0eafff70d3a7e4d732fe600a0052efb90108208d
2018-12-11 11:38:41 +01:00
Mark Salyzyn
757658c78d fs_config: add product and product_services to the scanning.
Test: compile
Bug: 119310326
Change-Id: I67ba155e4a03731d402cdfcf06ca80ad0c4ab2ed
2018-12-06 22:14:14 +00:00
Daniel Mentz
41aa2c3703 Increase netlink uevent rcvbuf size to 16M
Increase size of the NETLINK_KOBJECT_UEVENT socket receive buffer to
16M.  Also, use SO_RCVBUFFORCE to override any limits set by
/proc/sys/net/core/rmem_max.

We had a couple of instances, where we lost critical uevent messages due
to receive buffer overflows.

Bug: 119933843
Change-Id: I6aab183aa0194e173f9175b47c6beb0835cf6675
2018-12-03 18:39:24 +00:00
Mark Salyzyn
9f1cf25332 switch to using android-base/file.h instead of android-base/test_utils.h
Test: compile
Bug: 119313545
Change-Id: I4f7ad84743e974b4b4d1d7256088f6c8b749a237
2018-11-14 09:35:34 -08:00
Nick Kralevich
f4fc922f0b Set bin directories to 0751
Currently, /system/bin, /system/xbin, /product/bin, and /vendor/bin
are 0755, which allows any process to iterate through those
directories and list out the contents. For the vast majority of
processes, this is unnecessary. They only need to know whether a
particular binary exists or doesn't exist, but they don't need to
know the other binaries within those directories.

Allowing this is particularly problematic for SELinux. In particular,
some third party Android applications try to examine every file in
the bin directories, generating SELinux audit noise along the
way. This audit noise makes it harder to see real bugs, and falsely
implies an architectural dependency between the application and random
files in directories like /system/bin.

This change removes the ability to list the contents of the various bin
directories, preventing random probing by such apps. The ability to
execute files, or to probe a specific file by name, remain unchanged.

Addresses SELinux denials similar to the following:
  avc: denied { getattr } for comm="Thread-11" path="/system/bin/atrace" dev="dm-0" ino=189 scontext=u:r:untrusted_app_27:s0:c512,c768 tcontext=u:object_r:atrace_exec:s0 tclass=file permissive=0 app=uk.co.santander.santanderUK
  avc: denied { getattr } for comm="Binder:26637_2" path="/system/bin/atrace" dev="dm-0" ino=168 scontext=u:r:untrusted_app_25:s0:c512,c768 tcontext=u:object_r:atrace_exec:s0 tclass=file permissive=0 app=com.tencent.mm
  avc: denied { getattr } for comm="Thread-12" path="/system/bin/apexd" dev="dm-0" ino=451 scontext=u:r:untrusted_app_27:s0:c512,c768 tcontext=u:object_r:apexd_exec:s0 tclass=file permissive=1 app=com.grppl.android.shell.CMBlloydsTSB73

Shell access to these directories continues to be allowed, to allow for
host-side CTS tests.

Also adjust the indentation of some clang directives, to make the
presubmit hooks happy.

Test: Device boots and no apparent problems.
Change-Id: Ibe75682fac1983d39f3f479a5850ab5a96f6627d
2018-11-11 11:29:10 -08:00
Peiyong Lin
126c19b6ec [GPU Service] Add independent AID for gpu service.
BUG: 118347356
Test: Build, flash and boot, `adb shell cmd gpuservice vkjson` to verify

Change-Id: Ic8c4154668d09b3dbfedf4a7c0dc376a01a9bde6
2018-11-06 12:52:01 -08:00
Elliott Hughes
396bf2109a libcutils: lose socket_peer_is_trusted to ART, the only user.
Bug: N/A
Test: builds
Change-Id: I599270729c2037b2c06d7906a5e5f7362fbbaf08
2018-10-25 13:24:08 -07:00
bohu
39ed7afe2b fs_mgr: fix incorrect parameter type
BUG: 117426573
Change-Id: Iffbdd3763dd19aa527bf805918a566477d122cfc
2018-10-09 10:49:44 -07:00
Igor Murashkin
4578129f86 android_filesystem_config add AID for iorapd
Add new AID for new binder native service (iorapd).

Bug: 72170747
Change-Id: I81facb3f22e1162dc49329b970532287833fcecd
2018-10-05 16:26:28 -07:00
David Pursell
6fd4b9b6b5 libcutils test: make set_sched_policy optional
set_sched_policy checks that operations related to the kernel config
CONFIG_CGROUP_SCHEDTUNE are working properly, but this config is not
required so devices without this were failing the test.

This CL splits set_sched_policy into two tests so that the policy and
timerslack tests can be skipped individually when devices don't support
them.

Bug: 113185515, 112550681
Test: libcutils_test{32,64} now pass on aosp_x86_64 emulator
Change-Id: I31638b61e033f0c96b63428a8d27d27dbc36bce3
2018-08-28 13:26:04 -07:00
Dario Freni
ab5583b585 s/product-services/product_services/g
Attempting to reduce the number of different spellings we have for
"product services" partition in the codebase.

Bug: 112431447
Test: m
Change-Id: I1a87d7e040a8b1f91f973ac7d90d6360b5b54f71
Merged-In: I1a87d7e040a8b1f91f973ac7d90d6360b5b54f71
2018-08-20 17:46:42 +00:00
Dario Freni
4fa866a467 Add support for /product-services partition.
This CL is largely and adaptation of
Ie996def20e25dc1afe0c74af2096af844934b2dc

Bug: 80741439
Test: Successfully built product-services.img with one module in it, and
flashed on device. Also successfully built image with
/system/product-services and no dedicated /product-services partition.
Change-Id: I1046dfe19bf874da929c9131b76a1f85422fbb80
2018-07-23 16:14:36 +01:00
Joel Fernandes
70aa2a3475 Merge "libcutils: ashmem: Avoid doing fd checks for ashmem calls"
am: 5fd5be33e6

Change-Id: Ieed029cda8a99e528c2297005122b898452ab3d9
2018-07-17 19:28:23 -07:00
Joel Fernandes
5fd5be33e6 Merge "libcutils: ashmem: Avoid doing fd checks for ashmem calls" 2018-07-18 02:14:54 +00:00
Joel Fernandes
56cd651e7a libcutils: ashmem: Avoid doing fd checks for ashmem calls
Callers already verify that they are calling ashmem API on a valid fd by
calling ashmem_valid first. Lets make the fstat syscall only if the
ioctl returns -ENOTTY. This means in the regular case, only 1 syscall is
needed (ioctl) vs the current 2 (fstat+ioctl).

Some data to show improvements in reduction of vfs_getattr calls in the
kernel by 10x when doing a camera.

Test: Boot and camera CTS
Bug: 111418894
Change-Id: I992620bbe44355e54ba19eeac81da586c5e5a6e0
Signed-off-by: Joel Fernandes <joelaf@google.com>
2018-07-17 17:02:44 -07:00
Yi Kong
f2b4259b93 Merge "libcutils: remove rather than fix the mutex."
am: 39e7a1c981

Change-Id: Ie1084574143f2d1e4b4995f7682948b77b5334b6
2018-07-14 14:27:25 -07:00
Yi Kong
39e7a1c981 Merge "libcutils: remove rather than fix the mutex." 2018-07-14 21:18:54 +00:00
Elliott Hughes
51a2cacbb9 libcutils: remove rather than fix the mutex.
Bug: 68236239
Test: ran tests
Change-Id: I53e47f99e6963bedcb0be30cf10c9187da8a047d
2018-07-13 14:53:51 -07:00
Elliott Hughes
1ecedeb0c1 Merge "cutils: move hashmap to <pthread.h>."
am: dda5fe46ac

Change-Id: I925212825eb6b91074bf519e532125953c5eb1f1
2018-07-13 13:10:57 -07:00
Elliott Hughes
9d12725cad cutils: move hashmap to <pthread.h>.
Bug: N/A
Test: builds
Change-Id: I16a470265a17ea5bd47ef76ec234907cf7ec3e4f
2018-07-13 10:54:49 -07:00
Elliott Hughes
0ba4aed7ec Merge "libcutils: remove unused open_memstream."
am: df398f2b67

Change-Id: I8b19f94b4c9e689dbd72d70fa6bd28d6c003a205
2018-07-12 09:14:25 -07:00
Elliott Hughes
bf7909a521 Merge "libcutils: remove some unused API."
am: fc567a9b95

Change-Id: I114ea3f267f240ae54668807e75d077cd09228fa
2018-07-12 09:13:53 -07:00
Elliott Hughes
df398f2b67 Merge "libcutils: remove unused open_memstream." 2018-07-12 16:07:04 +00:00
Elliott Hughes
c35d4a5213 libcutils: remove unused open_memstream.
Bug: N/A
Test: builds
Change-Id: I3c2d8acd4dfe42fbe883b14501cd47674d84f431
2018-07-11 14:28:21 -07:00
Elliott Hughes
721e3ebf55 libcutils: remove some unused API.
Bug: N/A
Test: builds
Change-Id: Iabe42353a708afde2611b5c642775849e2e45baa
2018-07-11 14:27:32 -07:00
Bernie Innocenti
d540d5630c Merge "libcutils: Simplify android_get_control_socket()"
am: 5f70ed6ee1

Change-Id: I2d4b953241ee3ba62f6bbac2edd6a3c589864a90
2018-06-28 04:15:14 -07:00
Treehugger Robot
5f70ed6ee1 Merge "libcutils: Simplify android_get_control_socket()" 2018-06-28 11:01:44 +00:00
Elliott Hughes
fdd7062e09 Merge "libcutils: add OWNERS."
am: cd7244100b

Change-Id: I76a7d21a1387cc3cab77dfe95c42674dd1c0bac0
2018-06-12 15:50:18 -07:00
Treehugger Robot
cd7244100b Merge "libcutils: add OWNERS." 2018-06-12 22:46:28 +00:00
Luis Hector Chavez
bfe1835d82 Merge "bootstat: Remove the CAP_SYSLOG capability"
am: cefd4e56ad

Change-Id: I0a0627228434d0284b4f535942c97121d9773e14
2018-06-12 15:00:42 -07:00
Luis Hector Chavez
3276b57542 Merge "logd: Move the capabilities from file based to ambient"
am: 28cd2a02b1

Change-Id: Iaef160d039cf995f8dae104f122208660cc27985
2018-06-12 14:59:57 -07:00
Elliott Hughes
796eb71e9c libcutils: add OWNERS.
Bug: N/A
Test: N/A
Change-Id: Ia147e1dc9511810cd86a463861db3d3d7fedab9b
2018-06-12 13:58:30 -07:00
Luis Hector Chavez
0becca32bc bootstat: Remove the CAP_SYSLOG capability
This change removes the CAP_SYSLOG file based capability from bootstat,
since the intention is that it should not be accessing the logs in the
long term. In order to avoid bitrot, the fallback code that depends on
CAP_SYSLOG has also been removed.

Bug: 62845925
Test: system/core/bootstat/boot_reason_test.sh
Change-Id: I899be44ef3ac1c4d81072f801d55c928ae09bb15
2018-06-11 12:41:24 -07:00
Luis Hector Chavez
d32c36c961 logd: Move the capabilities from file based to ambient
This change moves logd's capabilities from being file based to being set
by init through ambient capabilities.

Bug: 62845925
Test: sailfish:/ # grep Cap /proc/`pidof logd`/status
      CapInh: 0000000000000000
      CapPrm: 0000000440000000
      CapEff: 0000000440000000
      CapBnd: 0000000440000040
      CapAmb: 0000000000000000
      $ capsh --decode=0x440000040
      0x440000040=cap_setgid,cap_audit_control,cap_syslog
Test: liblog-unit-tests, logd-unit-tests, logcat-unit-tests
Change-Id: I28c7c4ad37ad5eafd399aef78c303ce31298a9ef
2018-06-11 10:04:11 -07:00
Inseob Kim
cf5e8f1575 Merge "Support /product/bin" am: 36b61f061d
am: 931e0f268a

Change-Id: If507c7206c6e1c43e0fe5a6af411250b7879e2e3
2018-05-31 20:09:45 -07:00
Inseob Kim
9bd3ee1c4f Support /product/bin
Bug: 80422611
Test: m -j succeeded and permissions of files under /product/bin are set
correctly

Change-Id: I83377d809c47c92da6b226d2853ea6a7462fb127
Merged-In: I83377d809c47c92da6b226d2853ea6a7462fb127
(cherry picked from commit 25195daaca)
2018-06-01 10:38:57 +09:00
Inseob Kim
25195daaca Support /product/bin
Bug: 80422611
Test: m -j succeeded and permissions of files under /product/bin are set
correctly

Change-Id: I83377d809c47c92da6b226d2853ea6a7462fb127
2018-06-01 08:33:04 +09:00
Bernie Innocenti
4351bb05ad libcutils: Simplify android_get_control_socket()
1. TEMP_FAILURE_RETRY() isn't necessary with getsockname() because
it's a synchronous syscall.

2. There's no need to allocate and free a temporary buffer for the
full pathname of the socket.

Test: Manually, as follows:
    - added temporary ALOG output
    - flashed and booted a device
    - checked expected output from all system daemons
    - removed log statements

Change-Id: I4550a2d67fdffe6aff3c1050f8eeeaca0f985fb3
2018-05-28 15:00:50 +09:00
Jiyong Park
dfe433db47 Merge "Mark as recovery_available: true" am: 9f6f8bf0dc
am: d7fece5d91

Change-Id: Id59445da13aeef13784f04daebc8a96a7d506cbb
2018-05-21 22:32:36 -07:00
Jiyong Park
612210c75b Mark as recovery_available: true
Libraries that are direct or indirect dependencies of modules installed
to recovery partition (e.g. toybox) are marked as recovery_available:
true. This allows a recovery variant of the lib is created when it is
depended by other recovery or recovery_available modules.

Bug: 67916654
Bug: 64960723
Test: m -j
Change-Id: Ie59155c08890e96ce1893fa3687afcf763d7aea3
2018-05-15 09:47:04 +09:00
Gwendal Grignou
b7f78ee89c Merge "allow config/sdcardfs directory to be seen for ARC++" into pi-dev
am: 232ce729f5

Change-Id: Idcd13df25a17e91b4395d3672ce52f9e24f400af
2018-05-10 18:41:50 -07:00
Gwendal Grignou
232ce729f5 Merge "allow config/sdcardfs directory to be seen for ARC++" into pi-dev 2018-05-11 01:36:14 +00:00
Logan Chien
94223374c8 libctuils: Exclude qtaguid.cpp from VNDK-SP variant
This commit excludes `qtaguid.cpp` from the VNDK-SP variant of
`libcutils.so` because the interface of `libnetd_client.so` may vary
between AOSP releases.

Besides, these functions don't work in vendor processes either because
VNDK-SP libraries are loaded in an isolated `vndk` linker namespace,
which cannot access `/system/lib[64]/libnetd_client.so` directly.  This
change makes it easier to spot the issue at build time and saves several
bytes.

Test: Build aosp_walleye-userdebug and
/system/lib[64]/vndk-sp-$VER/libctuils.so no longer exports qtaguid_*
functions.

Bug: 79329469
Change-Id: Idf6b60f6e58371ea320193641669d1e4412d62b8
Merged-In: Idf6b60f6e58371ea320193641669d1e4412d62b8
(cherry picked from commit 25b742c627)
2018-05-09 10:16:12 +08:00
Logan Chien
bb783998ce Merge "libctuils: Exclude qtaguid.cpp from VNDK-SP variant" 2018-05-09 01:56:00 +00:00
Gwendal Grignou
8526413941 allow config/sdcardfs directory to be seen for ARC++
Normally, the whole configfs is mounted on /config and /config will be
word readable:

sailfish:/ $ ls -ld /config/*
drwxrwx--- 258 system package_info 0 2018-05-08 16:08 /config/sdcardfs
sailfish:/ $ ls -ld /config/
drwxr-xr-x 3 root root 0 1969-12-31 16:00 /config/

On ARC++, we only mount-bind config/sdcardfs, so it is important that
/config is set properly.

It is actually 0500, so system could not see /config/sdcardfs, even if
/config/sdcardfs is set properly:
Although root can, as system uid, we can not reach /config/sdcardfs:
:/ $ ls -ld /config
dr-x------ 3 root root 31 2018-05-02 21:56 /config
:/ $ ls -ld /config/sdcardfs
ls: /config/sdcardfs: Permission denied

With this change, system (and systemservice) is able to reach
/config/sdcardfs:
:/ $ ls -ld /config
dr-xr-xr-x 3 root root 31 2018-05-02 21:56 /config
:/ $ ls -ld /config/sdcardfs
drwxrwx--- 109 system package_info 0 2018-05-08 15:29 /config/sdcardfs

Bug: 63876697
Test: After change, package service is able to create the bindings in
/config/sdcardfs.

Change-Id: I7e9b99d7af2ad001fbb1b95bee35d494e861be78
Signed-off-by: Gwendal Grignou <gwendal@google.com>
2018-05-08 16:18:48 -07:00
Elliott Hughes
23b98f492b Remove more bogus <stdbool.h> #includes from C++.
Bug: N/A
Test: builds
Change-Id: I794cd28667c6c65b38940d8f443315ad116b7ac3
2018-05-08 13:00:06 -07:00
Logan Chien
25b742c627 libctuils: Exclude qtaguid.cpp from VNDK-SP variant
This commit excludes `qtaguid.cpp` from the VNDK-SP variant of
`libcutils.so` because the interface of `libnetd_client.so` may vary
between AOSP releases.

Besides, these functions don't work in vendor processes either because
VNDK-SP libraries are loaded in an isolated `vndk` linker namespace,
which cannot access `/system/lib[64]/libnetd_client.so` directly.  This
change makes it easier to spot the issue at build time and saves several
bytes.

Test: Build aosp_walleye-userdebug and
/system/lib[64]/vndk-sp-$VER/libctuils.so no longer exports qtaguid_*
functions.

Bug: 79329469
Change-Id: Idf6b60f6e58371ea320193641669d1e4412d62b8
2018-05-08 17:41:21 +08:00
Mika Raento
2c2e3e89b0 Systrace support for NNAPI
Change-Id: I5abf283b5fb04725ec0b8ffbb8191fbddec1766b
Bug: 78137932
Test: mm
2018-04-26 09:34:22 +01:00
Elliott Hughes
9f49508f36 Rewrite get_sched_policy_name for safety.
This way you'll get a build time error if you make the usual mistake of
adding to the enum but not adding an entry to the array.

Also improve the unit tests, and fix get_sched_policy_name's incorrect
behavior on invalid inputs.

Bug: N/A
Test: ran tests
Change-Id: Iefcb1ec9ef66267837da7a576c8be3d0cfb16cd0
2018-04-25 14:55:48 -07:00
Tim Murray
419ba9e2aa cutils: add restricted cpuset
(cherrypick of 658ae90f69 without the init.rc change)

Bug: 78197570
Test: CTS
Change-Id: I6df972950b75a839caa463ae282ad000b959e8ae
2018-04-25 14:30:37 -07:00
Tim Murray
658ae90f69 cutils: add restricted cpuset
Bug 78197570
Test: CTS
Exempt-From-Owner-Approval: owner OOO, build cop says it's fine

Change-Id: I6df972950b75a839caa463ae282ad000b959e8ae
2018-04-18 16:42:12 -07:00
Mark Salyzyn
f089e1403b llkd: add live-lock daemon
Introduce a standalone live-lock daemon (llkd), to catch kernel
or native user space deadlocks and take mitigating actions.  Will
also configure [khungtaskd] to fortify the actions.

If a thread is in D or Z state with no forward progress for longer
than ro.llk.timeout_ms, or ro.llk.[D|Z].timeout_ms, kill the process
or parent process respectively.  If another scan shows the same
process continues to exist, then have a confirmed live-lock condition
and need to panic.  Panic the kernel in a manner to provide the
greatest bugreporting details as to the condition.  Add a alarm self
watchdog should llkd ever get locked up that is double the expected
time to flow through the mainloop.  Sampling is every
ro.llk_sample_ms.

Default will not monitor init, or [kthreadd] and all that [kthreadd]
spawns.  This reduces the effectiveness of llkd by limiting its
coverage.  If in the future, if value in covering kthreadd spawned
threads, the requirement will be to code drivers so that they do not
remain in a persistent 'D' state, or that they have mechanisms to
recover the thread should it be killed externally.  Then the
blacklists can be adjusted accordingly if these conditions are met.

An accompanying gTest set have been added, and will setup a persistent
D or Z process, with and without forward progress, but not in a
live-lock state because that would require a buggy kernel, or a module
or kernel modification to stimulate.

Android Properties llkd respond to (*_ms parms are in milliseconds):
- ro.config.low_ram default false, if true do not sysrq t (dump
  all threads).
- ro.llk.enable default false, allow live-lock daemon to be enabled.
- ro.khungtask.enable default false, allow [khungtaskd] to be enabled.
- ro.llk.mlockall default true, allow mlock'd live-lock daemon.
- ro.khungtask.timeout default 12 minutes.
- ro.llk.timeout_ms default 10 minutes, D or Z maximum timelimit,
  double this value and it sets the alarm watchdog for llkd.
- ro.llk.D.timeout_ms default ro.llk.timeout_ms, D maximum timelimit.
- ro.llk.Z.timeout_ms default ro.llk.timeout_ms, Z maximum timelimit.
- ro.llk.check_ms default 2 minutes sampling interval
  (ro.llk.timeout_ms / 5) for threads in D or Z state.
- ro.llk.blacklist.process default 0,1,2 (kernel, init and
  [kthreadd]), and process names (/comm or /cmdline) init,[kthreadd],
  lmkd,lmkd.llkd,llkd,[khungtaskd],watchdogd,[watchdogd],
  [watchdogd/0] ...
- ro.llk.blacklist.parent default 0,2 (kernel and [kthreadd]) and
  "[kthreadd]".  A comma separated lists of process ids, /comm names
  or /cmdline names.
- ro.llk.blacklist.uid default <empty>, comma separated list of
  uid numbers or names from getpwuid/getpwnam.

Test: llkd_unit_test
Bug: 33808187
Bug: 72838192
Change-Id: I32e8aa78aef10834e093265d0f3ed5b4199807c6
2018-04-18 14:01:56 -07:00
Mark Salyzyn
64d97d8761 lmkd: limit capability set to minimum
Set F() capability set and 'drop' lmkd from AID_ROOT to AID_LMKD uid
and from AID_ROOT to AID_LMKD and AID_SYSTEM gid.

/dev/memcg/memory.pressure defaults to root.root mode 0000, set it up
as root.system mode 0040 to allow lmkd read access.

Instrument failure to set SCHED_FIFO.

Annotate access points that require elevated capabilities.

Test: check /proc/`pidof lmkd`/status for capability set
Test: lmkd_unit_test
Bug: 77650566
Change-Id: I986081a0434cf6e842b63a55726380205b30a3ea
2018-04-16 14:51:56 -07:00
Tom Cherry
07aa2a6131 Remove vendor Wifi and BT entries from fs_config.cpp
Their capability bits are now specified in their associated init .rc
file, which is the proper place for this to be done.

A notice is added to guide developers away from using android_files to
give services Linux capabilities and to guide them away from adding
vendor/ entries.

Bug: 74554159
Test: BT, Wifi, Tethering work on walleye
Merged-In: I13c425d022b4f5c217587cdf601884ef44650ac7
Change-Id: I13c425d022b4f5c217587cdf601884ef44650ac7
(cherry picked from commit b5e5c56401)
2018-04-05 10:40:49 -07:00
Tom Cherry
b5e5c56401 Remove vendor Wifi and BT entries from fs_config.cpp
Their capability bits are now specified in their associated init .rc
file, which is the proper place for this to be done.

A notice is added to guide developers away from using android_files to
give services Linux capabilities and to guide them away from adding
vendor/ entries.

Bug: 74554159
Test: BT, Wifi, Tethering work on walleye
Change-Id: I13c425d022b4f5c217587cdf601884ef44650ac7
2018-03-29 14:10:12 -07:00
Treehugger Robot
61896fc0ee Merge "Enabled SYS_MODULE capability for wifi@1.0-service" 2018-03-29 20:57:42 +00:00
Ajit Kumar
b0fc2d743b Enabled SYS_MODULE capability for wifi@1.0-service
Add sys_module capability to enabled insmod operation.

Merged-In: I6436c3297e5318bd00ae3582549a11cb82ccbafd
Change-Id: I6436c3297e5318bd00ae3582549a11cb82ccbafd
(cherry picked from commit c2a059fbf0)
2018-03-29 19:34:06 +00:00
Tom Cherry
666464a180 Revert "fs_config: Move hostapd to /vendor/bin/hw"
This reverts commit 656b75c77c.

Capability bits are moving from fs_config.cpp to the associated init
scripts for daemons on /vendor.

Bug: 74554159
Test: wifi tethering works on walleye
2018-03-28 18:29:02 +00:00
Martijn Coenen
24426e96a5 Add new trace tag for AIDL.
So we can auto-generate tracing code for AIDL interfaces.

Bug: 74416314
Test: inspect atrace output
Change-Id: I91b14b3b16d8d7a29f531101b14ddf10dbc61a5a
Merged-In: I91b14b3b16d8d7a29f531101b14ddf10dbc61a5a
2018-03-26 09:59:21 +02:00
Martijn Coenen
07b98d9b97 Add new trace tag for AIDL.
So we can auto-generate tracing code for AIDL interfaces.

Bug: 74416314
Test: inspect atrace output
Change-Id: I91b14b3b16d8d7a29f531101b14ddf10dbc61a5a
2018-03-21 13:59:34 +01:00
Robert Sesek
f29ce0ff7c Merge "Remove fs_config entries for webview_zygote." am: 47354e76eb am: 19fafd1ae9
am: b13b9e0d55

Change-Id: I970fb49989763bde055922f8f6c59e89450a83ee
2018-02-23 17:55:05 +00:00
Alexey Kuzmin
8166a93899 Merge "Add tracing tags to vibrator" am: c415d00fbe am: 0f71d5fe53
am: f2b8913c4f

Change-Id: I2c90c90bfc08875b2cb58d8a8cc8bec414164438
2018-02-15 14:17:57 +00:00
Robert Sesek
84e8a3811f Remove fs_config entries for webview_zygote.
This process is now spawned from the main app_process zygote, rather
than being its own binary launched by init.

Bug: 63749735
Test: m
Change-Id: I87e00197e1ce64d77b4c306fcd702c6ad778b236
2018-02-14 17:42:03 -05:00
Alexey Kuzmin
3b5aebb046 Add tracing tags to vibrator
Now all somewhat time-consuming methods of the VibratorService
are surrounded by traceBegin/traceEnd blocks.
The vibration itself is surrounded with asyncTrace block.

Test: Run "systrace vibrator" and see the time consumption report.
Bug: 73000045
Merged-In: I94172e379354ec3418321b8151e6182cec2e886c
Change-Id: I94172e379354ec3418321b8151e6182cec2e886c
2018-02-13 18:29:40 +00:00
Daniel Colascione
d49fb1238d Merge "Support * as a wildcard for ATRACE_TAG_APP" am: 53c964f53b am: 2e50045f60
am: 34499aab21

Change-Id: Ie8e78dc2f85c513ba4ba8b4a355a7d4de1e1055d
2018-02-12 23:27:14 +00:00
Ajit Kumar
c2a059fbf0 Enabled SYS_MODULE capability for wifi@1.0-service
Add sys_module capability to enabled insmod operation.

Change-Id: I6436c3297e5318bd00ae3582549a11cb82ccbafd
2018-02-12 18:31:47 +00:00
Daniel Colascione
642ef98b3b Support * as a wildcard for ATRACE_TAG_APP
Test: strcmp
Change-Id: I33ec3ae071e3856538444663bbabb3c779ed8afa
2018-02-09 20:08:19 -08:00
Paul Crowley
c67fd14fd1 Merge "Revert "Don't initialize atrace if it's already disabled."" am: c50d19c0b0 am: 33d3758684
am: 006cd45c86

Change-Id: I1f9e10da302fdb6b0a427dae321551f8e3744f7a
2018-02-08 17:46:30 +00:00
Treehugger Robot
c50d19c0b0 Merge "Revert "Don't initialize atrace if it's already disabled."" 2018-02-08 17:27:41 +00:00
Paul Crowley
738adf7b46 Revert "Don't initialize atrace if it's already disabled."
This reverts commit e184423526.

Reason for revert: b/73081734
Bug: 73081734

Change-Id: I8ae835f5575292ebd3c4457ef26c2e8f98cfa11e
2018-02-08 00:49:37 +00:00
Mark Salyzyn
1e330b0376 Merge "libcutils: Add "daemon" and "bin" users for testing only" am: 718899b415 am: 2500e38093
am: 451ff596cf

Change-Id: Id2abde064963cbb68929c76ff5a47d4f52995190
2018-02-06 04:29:47 +00:00
Mark Salyzyn
8e8648463d libcutils: Add "daemon" and "bin" users for testing only
Multiple LTP tests require a "daemon" or "bin" user.  These user ids
have been defined since UNIX incept, and even up to the '80s remained
in many of the tools as hard coded values.  Add these two ids with
a cautionary note.

Test: compile
Bug: 31152327
Bug: 31226046
Bug: 32385889
Change-Id: Ida2fb6d817b8ada0624870439fcf848667b31fb3
2018-02-05 11:06:08 -08:00
Mark Salyzyn
eac8700cbb Merge "libcutils: test: increase use of ashmem_valid(fd)" am: dd218e6c84 am: 9f3a257536
am: 43f2c5cf38

Change-Id: I5e7b0994b76afbc60446518d08fe36dbf02f3fe5
2018-01-31 17:52:43 +00:00
Treehugger Robot
dd218e6c84 Merge "libcutils: test: increase use of ashmem_valid(fd)" 2018-01-31 17:35:29 +00:00
Paul Crowley
8645dd1204 Merge "Don't initialize atrace if it's already disabled." am: 0e239bbd8b am: 2fc40a6518
am: 65c685e204

Change-Id: I1ab9cff70cd461069f2db651ab96f449aae4666e
2018-01-30 22:14:34 +00:00
Paul Crowley
e184423526 Don't initialize atrace if it's already disabled.
For processes that start very early, atrace initialization can cause
an selinux denial, so make sure it's possible to disable it and avoid
the call to open "trace_marker".

Bug: 63927601
Test: disable atrace early in vold, ensure that selinux denial is
avoided.

Change-Id: I2422e6d0db323bc13c6d6ed1896435151fca21f7
2018-01-30 08:18:24 -08:00
Ruchi Kandoi
838c985416 Merge "Add AID for Secure Element Application" am: d3e7e31d28 am: 66c3eb0e45
am: f9ae0b10e0

Change-Id: I81e91a74c81a8e9854b1f4bab26ed03f033801c6
2018-01-26 20:02:54 +00:00
Mark Salyzyn
276758dab8 libcutils: test: increase use of ashmem_valid(fd)
There may be evidence of ashmem_valid(fd) reporting that the file
descriptor is an ashmem node.  Increase testing of ashmem_valid(fd),
reporting that the node _is_ ashmem, to inspire confidence in the
positive result.  Scan all file descriptors in the system, and for
those that pass ashmem_valid, get a non-zero size reference back.

Some clang-format-isms applied.

Test: libcutils-test --gtest_filter=AshmemTest.*
Bug: 72021458
Change-Id: I77d746b57a89a6afa1b829dddfdc4dd319f6b684
2018-01-26 09:50:57 -08:00
Ruchi Kandoi
d506c068d4 Add AID for Secure Element Application
Test: Test if the correct uid is assigned to the application
Change-Id: Ib0302a2e90ae89499ecbcebffa393bdd037adfbe
2018-01-25 18:21:53 +00:00
Jaekyun Seok
207a211804 Merge "Support /product partition" am: 8f324542a2 am: 10e1ec7de3
am: 83ffef2cb1

Change-Id: Ia1933bbede3db2489151e5ab8ead574582b87f7a
2018-01-25 04:17:36 +00:00
Jaekyun Seok
dff165d3a2 Support /product partition
This CL will enable reading /product/build.prop and add product paths
into ld.config.txt.in.

Bug: 64195575
Test: tested with 'PRODUCT_PRODUCT_PROPERTIES := ro.product.abc=abc' on
sailfish

Change-Id: Ie996def20e25dc1afe0c74af2096af844934b2dc
2018-01-25 09:37:20 +09:00
Roshan Pius
656b75c77c fs_config: Move hostapd to /vendor/bin/hw
Bug: 36646171
Test: Able to turn on softap
Change-Id: Ibd82581a12b4bd2e7d22825361706e35f292ce2b
2018-01-16 12:38:04 -08:00
Yi Jin
31b506679b Add AID_STATSD and AID_INCIDENTD for statsd/incidentd daemons.
Test: manual
Change-Id: Id798519c3b0116529fc698e6b316a1c6b1c293ca
2018-01-09 14:17:50 -08:00
Treehugger Robot
f008571a4f Merge "libcutils: Stop checking the uid of netlink messages" 2018-01-09 17:35:31 +00:00
Treehugger Robot
affd4e9bd9 Merge "Use override_export_include_dirs." 2018-01-08 22:15:51 +00:00
Luis Hector Chavez
84c99136fd libcutils: Stop checking the uid of netlink messages
This is a partial revert of
https://android-review.googlesource.com/c/platform/system/core/+/528619.
The uid-check was done before
https://patchwork.kernel.org/patch/1525551/ was available, and thus is
now unnecessary to perform such check, since we can just rely on the
kernel patch now.

Bug: 71632076
Test: aosp_sailfish-userdebug still works

Change-Id: I1d1319b774483d1714ecb4dd838a20e055acc2a3
2018-01-08 13:24:32 -08:00
Jeff Sharkey
354417a7fb Allocate GID to use reserved disk space.
Filesystems allow the setting of the "resgid" parameter to designate
a GID that is allowed to use the "reserved" disk space (in addition
to UID 0).  We'll be granting this GID to critical system processes,
so that the system is usable enough for the user to free up disk
space used by abusive apps.

Test: builds, boots
Bug: 62024591
Change-Id: I2d166f3b730f0a3e7279fb40f12db7413c1dadad
2018-01-07 19:21:51 -07:00
Steven Moreland
e1c834db04 Use override_export_include_dirs.
Bug: 62878521
Test: soong build system finds renamed attribute
Change-Id: I51e42f4378db366b8711cd373fb835fecda88416
2018-01-05 14:42:12 -08:00
Elliott Hughes
579e682628 Add std::string StartsWith*/EndsWith* overloads.
We should have done this from the beginning. Thanks to Windows, we're not
going to be able to switch libbase over to std::string_view any time soon.

Bug: N/A
Test: ran tests
Change-Id: Iff2f56986e39de53f3ac484415378af17dacf26b
2017-12-20 09:42:22 -08:00
Elliott Hughes
38d2567c9f Stop defining local "unused" macros now this is C++.
Bug: N/A
Test: builds, boots
Change-Id: I3eb075d5003fa7cdc6690f4af29a296e22be257c
2017-11-30 16:24:36 -08:00
Dan Willemsen
528f144e77 Fix / suppress new unused warnings for mingw+clang
Bug: 69933068
Test: mmma system/core
Change-Id: I089166a979d3d8c5ada38a7745d507b555048499
2017-11-29 21:37:28 -08:00
Jeff Sharkey
53d37ba23f Better, consistent definition of AID_SHARED_GID.
AID_SHARED_GID is a GID shared by a specific app across all users on
the same device.  Bring the UserHandle and multiuser.c implementations
into agreement, and copy/paste the unit tests that verify that both
behave identically.

This fixes a regression where multiuser_get_shared_gid() was applying
per-user isolation when it shouldn't have.

Test: adb shell /data/nativetest64/libcutils_test/libcutils_test64
Bug: 34151068, 64548938
Change-Id: I491dd79d23a214425a68865d1d0f8269916aad4c
2017-11-13 16:49:26 -07:00
Elliott Hughes
1412f5ffe3 Remove dead dlmalloc stubs.
Used to be used by ART, but long gone.

Bug: N/A
Test: ran tests
Change-Id: Id231d97b2b797562619e6fd90536b17dbe39f71e
2017-11-10 16:24:18 -08:00
Elliott Hughes
8e9aeb9053 Move libcutils source to C++.
Just the minimial changes to get this to actually build, because otherwise
we always bog down trying to rewrite everything (when the real answer
is usually "stop using libcutils, it's awful").

This doesn't move a handful of files: two are basically just BSD libc
source, a couple have outstanding code reviews, and one can be deleted
(but I'll do that in a separate change).

I'm also skipping the presubmit hooks because otherwise clang-format
wants to reformat everything. I'll follow up with that...

Bug: N/A
Test: builds
Change-Id: I06403f465b67c8e493bad466dd76b1151eed5993
2017-11-10 13:18:10 -08:00
Treehugger Robot
6707ef139d Merge changes from topic "qtaguidReplace"
* changes:
  Redirect qtaguid native call to netd fwmark client
  Move qtaguid API out of libcutils
2017-11-10 18:34:36 +00:00
Chenbo Feng
baede73bd9 Redirect qtaguid native call to netd fwmark client
In order to replace qtaguid module with new eBPF network monitoring
module. We firstly move the current qtaguid userspace implementation
into netd and hide the detail from other processes. The current API will
talk to netd fwmark client to pass down the qtaguid related request from
high level framework and netd will use the proper method to complete the
request.

Test: Current TrafficStats CTS tests should not fail.
Bug: 30950746
Change-Id: Ie90c28f3594ab2877746b2372a1b6944768bfb18
2017-11-09 18:02:22 -08:00
Chenbo Feng
5b11831aa1 Move qtaguid API out of libcutils
The qtaguid kernel module will be deprecated on devices running 4.9
kernel or above and we need to support both old and new module in
userspace. Netd is responsible for choosing which kernel module to use
and all the current qtaguid native implementation need to be hided
behind it. So the current qtaguid native API implementation will be
moved to a isolate library under system/core and only netd can access to
it. The libcutils qtaguid API will become a wrapper to send request to
netd module. This modification will make sure the apps that currently
using this native API will not be broken.

Bug: 30950746
Test: All cts and vts test related should not fail.
Change-Id: I9de98a25ed5dc71bbf520ee0aadd16d59025699a
2017-11-08 16:28:43 -08:00
Luis Hector Chavez
fae195b1e4 libcutils: Work around the lack of __mulodi4
The parent change ran into an issue where enabling UBSan on an i686
build caused it to use __mulodi4.

https://github.com/android-ndk/ndk/issues/184 documents linking against
libclang_rt.builtins-i686.a, but that's not available from soong either.

Bug: 62378620
Bug: 29412086
Test: x86 builds work again
Change-Id: I730d59558aa4ed28f8a11b5393e037111e320f29
2017-11-04 00:36:01 +00:00
Luis Hector Chavez
e97a4b9799 libcutils: Make uevent_kernel_* namespace-aware
This change adds user namespace-awareness to uevent_kernel_* in
libcutils. Instead of assuming that root is always uid 0, it detects
whether the uid 0 is mapped in the current user namespace and returns
the appropriately mapped uid (or the kernel's "overflowuid" in case it
is not mapped).

In older kernels, or those where user namespaces are not enabled, this
still uses uid 0 for root.

Bug: 62378620
Test: bullhead networking still works
Test: Android in Chrome OS can now receive netlink-related messages

Change-Id: I7ea3454e8f38b9c70c65294d6b2a99e5a88f9d70
2017-11-03 13:02:46 -07:00
Christopher N. Hesse
bdee15ef71 Merge "libcutils: Fix thread ID on macOS"
am: 6958506e82

Change-Id: If328ec31ff2d52b0852fb8e2eb2e061564504586
2017-10-23 20:32:47 +00:00
Christopher N. Hesse
684b442b9f libcutils: Fix thread ID on macOS
macOS 10.12 / Xcode 8 actively prohibit the syscall(2)
usage.

Change-Id: I91ff16600a76e97d0b9b5db7e8905b969fb3482f
2017-10-22 22:58:41 +02:00
Elliott Hughes
bb5ec4a926 resolve merge conflicts of 796987482 to stage-aosp-master
Test: I solemnly swear I tested this conflict resolution.
Change-Id: Ica884c137c5f21e261600b2b011ab963036c0cdb
2017-10-17 12:36:14 -07:00
Treehugger Robot
796987482f Merge "<stdbool.h> not necessary in C++." 2017-10-17 19:26:53 +00:00
Elliott Hughes
a0f73f9bff <stdbool.h> not necessary in C++.
Bug: N/A
Test: builds
Change-Id: I1f32b202e353414e74ace87a7d5b495b5deb5f99
Merged-In: I1f32b202e353414e74ace87a7d5b495b5deb5f99
2017-10-17 16:21:33 +00:00
Nick Kralevich
7e772f8194 Merge "set O_CLOEXEC on /dev/ashmem"
am: be729702ae

Change-Id: Ib308d27bd05d9d824772ab76564b2ed1487e09d3
2017-10-09 22:59:32 +00:00
Nick Kralevich
30046acdb2 set O_CLOEXEC on /dev/ashmem
Ensure FDs don't leak across exec() boundaries.

Test: builds and boots. No obvious issues.
Change-Id: I00347b489ddb146b9d33442626f0e89a6cf26551
2017-10-09 13:19:36 -07:00
Bowgo Tsai
d29ac08509 Merge "Removing $(PRODUCT_OUT)/root/root"
am: 8cbbacdc15

Change-Id: Ia671976f8d7d4b83478c58d566e309f36af125ab
2017-09-29 03:27:38 +00:00
Bowgo Tsai
144893e5ec Removing $(PRODUCT_OUT)/root/root
Bug: 65570851
Test: boot sailfish
Change-Id: I80c3c3de23c57343187fde207980731b5341bc1f
Merged-In: I80c3c3de23c57343187fde207980731b5341bc1f
(cherry picked from commit ededee3e40)
2017-09-28 18:10:58 +08:00
Mark Salyzyn
6818f80dbb Merge changes from topic "b/63736262"
am: 1f666a6be9

Change-Id: I2586aac3d6fe8252ee6728de64fb37102accf0da
2017-09-13 22:45:52 +00:00
Mark Salyzyn
b304f6d4e7 bootstat: introduce sys.boot.reason
Adding functionality to bootstat --record_boot_complete and
--record_boot_reason to initialize sys.boot.reason, the canonical
system boot reason.

Filter out ro.boot.bootreason oem noise into sys.boot.reason.  Add
heuristics to determine what the boot reason is, when otherwise would
be defaulting to the blunt and relatively devoid of detail catch-all
reboot reasons ("reboot", "shutdown", "cold", "warm", "hard").

boot_reason_test.sh is also a compliance test.

Test: boot_reason_test.sh all
Bug: 63736262
Change-Id: Ic9a42cccbcfc89a5c0e081ba66d577a97c8c8c76
2017-09-12 09:28:25 -07:00
Jiyong Park
5e73998997 Revert "libcutils_header exports liblog_headers"
This reverts commit 8f63b6cfca.

Reason for revert: the use of cutils/log.h is discouraged. clients should use log/log.h. aosp/420955

Bug: 37342627
Change-Id: I6605aa89b0ef2b9afd0fdd52c1dee1ee0021debd
2017-09-06 01:48:43 +00:00
Jiyong Park
8f63b6cfca libcutils_header exports liblog_headers
cutils/log.h includes log/log.h. Therefore, libcutils_headers needs to
export the liblog_headers so that the clients of libcutils don't have to
explicitly include liblog (or liblog_headers).

Bug: 37342627
Test: build sdk_gphone_x86 userdebug with BOARD_VNDK_VERSION=current
Change-Id: I8875855222b4d073fac4a22bff488c9d082d39df
2017-09-04 12:18:40 +09:00
Mark Salyzyn
37c6015d9d Merge "Switch /data/misc/reboot/last_reboot_reason to persistent property"
am: 13cb599536

Change-Id: Ib6c1b51668b892288db931b09b099bf5ed28fbae
2017-08-25 14:24:21 +00:00
Mark Salyzyn
73e6b49c0c Switch /data/misc/reboot/last_reboot_reason to persistent property
Switch from /data/misc/reboot/last_reboot_reason to persistent
Android property persist.sys.boot.reason for indicating why the
device is rebooted or shutdown.

persist.sys.boot.reason has a standard as outlined in b/63736262 and
the associated investigation. Made adjustments to the values so that
we did not create a problem even before we started. Compliance is
part of the tests in boot_reason_test.sh.

Test: system/core/bootstat/boot_reason_test.sh
Bug: 64687998
Change-Id: I812c55a12faf7cb7ff92101009be058ad9958d07
2017-08-24 15:13:48 -07:00
Justin Yun
028664fcd3 Merge "Mark the modules as VNDK-SP in Android.bp"
am: bc9924ed40

Change-Id: I5f4802a063a1184ab1d246b3e81211923ab83853
2017-08-23 23:23:26 +00:00
Justin Yun
9ca92458e2 Mark the modules as VNDK-SP in Android.bp
As a VNDK-SP module, Android.bp must have 'vndk' tag as well as
'vendor_available: true'.

The 'vndk' tag for VNDK-SP formated as follows:
vndk: {
    enabled: true,
    support_system_process: true,
},

VNDK-SP modules will be installed both in system/lib(64) as normal
and in system/lib(64)/vndk-sp as a vendor variant.

Bug: 63866913
Test: build and boot with BOARD_VNDK_VERSION=current
Merged-In: I51fe0859f63ad58b7b91909e7d7d4206443228cd
Change-Id: I51fe0859f63ad58b7b91909e7d7d4206443228cd
(cherry picked from commit aeb68e86e4)
2017-08-23 17:56:13 +09:00
Andrew Scull
e05c35a10b Merge "Add HSM AID." am: 4723d7c66d am: ef1dd0d279
am: a3f425950c

Change-Id: Iabda5247da9a91648772165eb24b5df5bf7e553d
2017-08-10 21:43:47 +00:00
Andrew Scull
a3f425950c Merge "Add HSM AID." am: 4723d7c66d
am: ef1dd0d279

Change-Id: I3b00e1fd0761e9d9daa439cf1ca5eedc0eab84fb
2017-08-10 21:39:47 +00:00
Andrew Scull
ef1dd0d279 Merge "Add HSM AID."
am: 4723d7c66d

Change-Id: If7075378ac5a13bbe79a02843d13d34c5f128d2a
2017-08-10 21:35:47 +00:00
Andrew Scull
f73c5e1f84 Add HSM AID.
This is used by resources related to a hardware security module (HSM).

Bug: 64569509
Change-Id: I30d47e1b275e3c4ae0a00f7ceb286a1096d84273
2017-08-10 20:25:11 +01:00
Robert Quattlebaum
228123a5c8 Merge "Add AID for LoWPAN subsystem" am: f602dd4ced am: 4ff32084d5
am: 91f952dda0

Change-Id: I49a6c9c9db980910a0d2d9289ca1a123f21f3eed
2017-08-08 00:00:55 +00:00
Robert Quattlebaum
91f952dda0 Merge "Add AID for LoWPAN subsystem" am: f602dd4ced
am: 4ff32084d5

Change-Id: Ib4ff4c6eee71e1bf189e5cb945405cd679d77112
2017-08-07 23:56:49 +00:00
Robert Quattlebaum
4ff32084d5 Merge "Add AID for LoWPAN subsystem"
am: f602dd4ced

Change-Id: Idd091e64fd9cab58f38da67e0b32e0aa9c98fb7d
2017-08-07 23:55:19 +00:00
Robert Quattlebaum
01f7576a3e Add AID for LoWPAN subsystem
Bug: b/64399805
Change-Id: Ida6aa60d8beee9151a723826d99c1e9044dc05be
2017-08-04 16:19:34 -07:00
Earl Ou
9435b3ed44 Merge "libcutils: write trace event into socket in container" am: 59b33cb01c am: 08d9cc3744
am: 6cc4df26d6

Change-Id: Ib4a23ef6f3644afe76e6615bdc1be0e4fd7f909c
2017-08-04 01:16:12 +00:00
Earl Ou
6cc4df26d6 Merge "libcutils: write trace event into socket in container" am: 59b33cb01c
am: 08d9cc3744

Change-Id: Ie6f05ca73b0391f6b739e43cf0920d5c52c0d882
2017-08-04 01:10:12 +00:00
Earl Ou
08d9cc3744 Merge "libcutils: write trace event into socket in container"
am: 59b33cb01c

Change-Id: Ie59769f5820a8bb5991ba3dca53df83c5e90f795
2017-08-04 01:04:15 +00:00
Treehugger Robot
59b33cb01c Merge "libcutils: write trace event into socket in container" 2017-08-04 00:50:59 +00:00
Yifan Hong
f004d8de4d Merge "Move android_filesystem_config.h => fs_config.h" into oc-mr1-dev 2017-08-03 22:53:07 +00:00
Yifan Hong
b3ecb59163 Merge "Remove private headers from libcutils.vendor" into oc-mr1-dev 2017-08-03 22:53:07 +00:00
Yifan Hong
8a05dd0472 Merge changes from topic 'libcutils_private_headers' am: 472808a570 am: 6c2d927c34
am: 2615527f08

Change-Id: I433589f4691d74f8fcd2a30ad34ab817e9b6a36d
2017-08-03 20:47:53 +00:00
Yifan Hong
2615527f08 Merge changes from topic 'libcutils_private_headers' am: 472808a570
am: 6c2d927c34

Change-Id: I0718ab31e074b716f9be50a25330ffa8bdaae47d
2017-08-03 20:41:40 +00:00
Yifan Hong
6c2d927c34 Merge changes from topic 'libcutils_private_headers'
am: 472808a570

Change-Id: Ia4963b1b2c50bdcc3d9ccc6a954a465cbf9b5de0
2017-08-03 20:34:31 +00:00
Yifan Hong
472808a570 Merge changes from topic 'libcutils_private_headers'
* changes:
  Remove private headers from libcutils.vendor
  Move android_filesystem_config.h => fs_config.h
2017-08-03 18:24:04 +00:00