We still don't really have a clue what went wrong, but "Failed to write"
made it sound like we did.
Change-Id: Ic58b13202e2d8ea6b095f7046db9d0771d77ce65
By using Minijail we avoid writing the same priv-dropping code over
and over again. This also enables future hardening opportunities.
We're already using Minijail for priv-dropping on Brillo.
Minijail is unit- and integration-tested on the
Chrome OS CI infrastructure (pulling from the same repo, see
https://wmatrix.googleplex.com/security?tests=security_Minijail0).
Once CI comes to Android, it will be continuously tested there as well.
Both 'adb root' and 'adb unroot' still work.
Bug: 26099611
Change-Id: I52c456ea272d27bd6fbc71200f4fdd928a592158
The current implementation of the host commands "adb wait-for-*" allows
to specify only the transport layer (local, usb or any).
This patch allows the specification of the expected device state
(bootloader, recovery, device or sideload), this is usefull for
scripting purposes.
Use case:
$ adb reboot sideload-auto-reboot
$ adb wait-for-usb-sideload && adb sideload package.zip
Change-Id: I276a6be4d82f8b7901f74e1e5395b86d16548e8f
Signed-off-by: Leo Sartre <leox.sartre@intel.com>
This CL creates a UdpSocket class that provides a simple unified
interface to send and receive UDP packets for all platforms. Nothing
uses this interface yet except for tests.
The eventual goal is to implement a UDP protocol for fastboot, but it
makes the code much simpler and more modular if we handle the low-level
networking here independently of our custom fastboot protocol.
Some of the Windows code is similar to adb. I'd like to create a
library to hold the common functionality, but it is going to be a
little delicate to separate out the features unique to adb (e.g. the
custom file descriptor system), and I don't want to risk breaking
something in adb before the holiday break, so I'm hoping to get this in
for now and merge them early next year.
Tests are included in this CL to exercise this functionality using a
loopback connection.
Bug: http://b/26154763.
Tests: `fastboot_test` loopback tests on Linux, Mac, and Windows 7.
Change-Id: I81d1b7ace8d864246b99f6c80b8e29f64b8aa375
This test tells us that scatter-gather (writev instead of write)
carries a small ~2% penalty. Unaligned buffer carry a similar
additional penalty. On N9 it takes 3us to 22us _just_ to write
the pmsg logs, depending on size. Some assumptions about the
socket read and write performance for the main logging can be made
from tracking these results and should improve design decisions.
Bug: 18771697
Bug: 23685592
Change-Id: Id4d64c449140e4f39078c62b0097e403df91fe0c
The new server push enabled component/trait validation rules. This
allows us to use the new schema that does not require vendor commands,
parameters and state to start with underscore ("_").
Also fixed a few minor errors in schema definition.
Change-Id: I184dd8e4c69c05e0dd1b0dddb1f9a7b0aef78841
When packages change, existing package-specific directories may have
gained/lost a UID mapping, so we need to update the permissions for
any in-memory nodes.
This allows an app to deliver data for another package before that
package is installed, which is the typical pattern of how OBB files
are delivered.
Also fix bug by re-deriving permissions when files are moved.
Bug: 25399427
Change-Id: I06f38a24ad7dee5f5099ba81429aef03208e5683
Reads from functionfs allocate contiguous buffers in the kernel, causing
long ones to sometimes fail because of memory fragmentation.
Bug: http://b/26206622
Change-Id: Id40753d6f29b37b5ca97c3e2fa3921f52b4242de
CL in [1] changes the minui API of res_create_multi_display_surface()
(bootable/recovery/minui/minui.h). Track the change accordingly.
[1] commit b723f4f38f53a38502abb1a63165ac0749bc9cd9
Change-Id: If9684019105ff91d5ade5b69e88849af766c2a19
Don't clobber errno if mkstemp failed, always unlink, and only count
mkstemp/ftruncate failures as real failures --- if only the unlink
fails, there's no point not using what we have.
Change-Id: I6bc788682c88651a50a6316b9ca07ba07e9fefa2
Back in 080427e4e2, we said:
If the kernel doesn't support file capabilities, we ignore
a prctl(PR_CAPBSET_DROP) failure. In a future CL, this could
become a fatal error.
Make it a fatal error. With SELinux support, all devices are
required to support file capabilities.
Change-Id: I0ce0c4cb9387c42e325cbf1a63c5d82e6aab530c
Previously, for `adb shell`, we were using setenv after forking to set
up the child's environment. This would occasionally deadlock in the
child, which would cause the main thread to deadlock waiting for the
child to complete. This patch constructs the environment before forking
and passes it to execle, eliminating the deadlock.
Bug: http://b/25847115
Change-Id: I720d472770564b1449819ddaab945a89844244a8