The sys.use_memfd property is set by default to false in Android
to temporarily disable memfd, till vendor and apps are ready for it.
The main issue: either apps or vendor processes can directly make ashmem
IOCTLs on FDs they receive by assuming they are ashmem, without going
through libcutils. Such fds could have very well be originally created with
libcutils hence they could be memfd. Thus the IOCTLs will break.
Set default value of sys.use_memfd property to true once the issue is
resolved, so that the code can then self-detect if kernel support is present
on the device. The property can also set to true from adb shell, for
debugging.
Bug: 113362644
Change-Id: I0f572ef36cac2a58fe308ddb90bbeffbecdaed3b
Signed-off-by: Joel Fernandes <joelaf@google.com>
This patch adds support to make libcutils create and use memfd where
possible, instead of ashmem.
The libcutils library is made dynamic, since apps are still sending over
ashmem FDs to processes and we are working on moving those apps away
from ashmem. The best we can do for that is make the library work, and
force apps in the long run to move away from directly using ashmem.
Due to further complications mentioned in the 'NOTE' section of the
patch, memfd is kept disabled for now, so nothing changes yet. To enable
it, set the sys.use_memfd property (check user_debug build).
Bug: 113362644
Change-Id: I491cb7841b664db5b1c26b3e07a440a14810e182
Signed-off-by: Joel Fernandes <joelaf@google.com>
When cgroup directory is created its user and ownership gets set, however
because previous code was storing getpwnam() return value the second
invocation would effectively override the previous ones result. Fix this
by copying necessary results. Also change getpwnam() to getgrnam() when
group name is converted into gid. getpwnam() works because of the way
Android uses these ids, however more generally this is incorrect and
getgrnam() should be used instead.
Bug: 111307099
Test: verified user/group membership of the cgroup directories
Change-Id: I78668bc1a36a74f53d8e9825e2d06e3e09501e7a
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
JSON supports only decimal values and therefore file mode which should
use octal values has to be represented as strings. Fix the implicit
octal-to-decimal conversion and convert from string to octal in the code.
Bug: 111307099
Test: confirmed by verifying correct file permissions
Change-Id: I3ef9de0aea259f93bf74efeffca72d37d4740e15
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
In particular, this allows services running as the root user to have
capabilities removed instead of always having full capabilities.
Test: boot device with a root service with an empty capabilities
option in init showing no capabilities in /proc/<pid>/status
Change-Id: I569a5573ed4bc5fab0eb37ce9224ab708e980451
- package manager needs to read from /data/apex/active, hence 0750
- both /data/apex/backups and /data/apex/sessions are internal to apexd,
hence 0700
Bug: 123927167
Fixes: 123927167
Test: apex_e2e_tests, flashall -w & checked folders were created
Change-Id: I06c28328afe4945d082acd890401651bd37fcb20
File descriptor caching breaks boot on Android Go and Svelte targets.
Disable it temporarily to fix the builds and investigate the root cause
further.
Bug: 123868658
Test: Android Go device boots after this change
Change-Id: Idd0209029cde8454ea99b9de030f7a317c2988d7
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
If a flag is empty (eg: reading /proc/mounts), skip instead of
reporting "unknown flag: ". Do the same for "defaults".
Test: compile
Change-Id: Ibc3dc7154bbef4bb5dc6522d3226b6ca1e60ec24
As of Id663c5f284e3b4fc65ed8cb8c2da6bcf6542e034, the asan libs
are in the TARGET_COPY_OUT_X subpath of the /data/asan/ dir, rather
than just 'x' unconditionally.
Test: presubmit
Change-Id: I3a515791e237ad10703415ea532c7a089660d8e9
TARGET_COPY_OUT_PRODUCT_SERVICES can be equal to
TARGET_COPY_OUT_PRODUCT, in which case the ld.config
lines containing PRODUCT_SERVICES are redundant.
Test: make and diff
Change-Id: I1dc24eb49d37f1ab0faa6eecdb0ccc974321f4ac
If libcutils is not a VNDK version and /dev/ashmem is not available,
then ask ashmemd for opened fd to /dev/ashmem.
We rely on SELinux policy to determine what's allowed to open
/dev/ashmem directly.
Bug: 113362644
Test: device boots (in selinux permissive mode)
Change-Id: I93c4fa6044b0bfa5282097c6c32139a8d8f67deb
We already know that "polling" must be non-zero at this point,
because it hasn't been modified since our check on line 1960.
So we remove this check for code clarity.
Test: TreeHugger
Change-Id: I069d9fd0eef70748a5333733dd0518d1ac8021b7
We want our default implementations to fail, but '-1' is implicitly
cast to 'true', since it's non-zero. We explicitly use 'false' to
fix this.
Test: TreeHugger
Change-Id: I369897b519601ce1a887cf6acd5f2cb9a6113a9a
This callback replaces getVendorNamespace(). Fix nativeloader
to use NativeBridgeGetExportedNamespace instead of
NativeBridgeGetVendorNamespace.
Bug: http://b/121248172
Bug: http://b/121372395
Test: make
Change-Id: I8fa2081e37815f6f65490c9536bed0687b7f1e77
Non-android targets should not mount cgroups described in cgroup map
file. When used on non-Android targets SetupCgroup will fail. When
SetupCgroup is called via SetupCgroups a warning will be generated for
each cgroup that fails to mount.
Bug: 111307099
Change-Id: I213a5f9b02f312ba1dd7dc91c89b67334fb939b9
Merged-In: I213a5f9b02f312ba1dd7dc91c89b67334fb939b9
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Non-Android build targets are missing sys/prctl.h header and functionality
should be disabled for them like it was done previously inside
sched_policy.cpp. Also make the set_sched_policy/get_sched_policy
functionality backward compatible by creating stubs for non-Android
targets.
Bug: 111307099
Test: built sdk_gphone_x86-sdk_addon_mac target using forrest
Change-Id: I1c195267e287a84a21c588bd61d7c452bff6cfbe
Merged-In: I1c195267e287a84a21c588bd61d7c452bff6cfbe
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Remove hardcoded cpuset path usage and replace it with a request to
get the path using new API.
Exempt-From-Owner-Approval: already approved in internal master
Bug: 111307099
Test: builds, boots
Change-Id: I211d093c24a682e2d1992c08e4c1d980379711a4
Merged-In: I211d093c24a682e2d1992c08e4c1d980379711a4
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Abstract usage of cgroups into task profiles that allows for changes
in cgroup hierarchy and version without affecting framework codebase.
Rework current processgroup and sched_policy API function implementations
to use task profiles instead of hardcoded paths and attributes.
Mount cgroups using information from cgroups.json rather than from init.rc
Exempt-From-Owner-Approval: already approved in internal master
Bug: 111307099
Test: builds, boots
Change-Id: If5532d6dc570add825cebd5b5148e00c7d688e32
Merged-In: If5532d6dc570add825cebd5b5148e00c7d688e32
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Add cgroups.json and task_profiles.json file to be places under /etc/ on
the device to describe cgroups to be mounted and task profiles that
processes can request. This adds additional layer of abstraction between
what a process wants to achieve and how system implements that request.
Bug: 111307099
test: builds, boots
Change-Id: If92f011230ef5d24750e184bad776f30ba226f86
Merged-In: If92f011230ef5d24750e184bad776f30ba226f86
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
