Commit graph

17231 commits

Author SHA1 Message Date
Johan Redestig
67b3cad9a0 Switch to android::base::ReadFully
The if (read(...size) != size) pattern is unreliable, switch
to the android base ReadFully which wraps read in a loop.

Change-Id: I2324e4c45da3c9b53b18df6eb09ce69a6604b5d1
2015-10-13 14:49:38 +00:00
Elliott Hughes
73bf853edf Merge "Switch fs_mgr_verity.c to C++." 2015-10-13 14:43:47 +00:00
Sergio Giro
f83766079e Merge "system/core: fix iterator for LruCache" 2015-10-13 07:30:34 +00:00
Mark Salyzyn
1c04253af2 Merge "logd: object layer format statistics" 2015-10-12 22:10:30 +00:00
Alex Vakulenko
5117e41392 Merge "Update metrics to use weaved's client library" 2015-10-12 20:36:15 +00:00
Sergio Giro
0cb59c0dce system/core: fix iterator for LruCache
Was failing to return the first element

Change-Id: Ic803f5d463a56519212014d0d190407cf4b859cf
2015-10-12 16:13:44 +01:00
Nick Kralevich
2fb90dc8b2 Merge changes from topic 'userspace-audit'
* changes:
  debuggerd: audit pid, uid and gid on SE Linux denial
  property_service: log pid,uid and gid of setprop client
2015-10-10 20:07:24 +00:00
Steve Fung
4b2d6dd346 Merge "crash_reporter: Use the actual GID of the crashing process" 2015-10-10 05:33:49 +00:00
Alex Vakulenko
82b02de5aa Update metrics to use weaved's client library
Do not use weave'd D-Bus proxies directly. Use the new client library.

Change-Id: I524d9c5c4c057bd1f82a280ec96848b8a8f4fe29
2015-10-09 20:07:47 -07:00
Nick Kralevich
9e27cab695 Merge "init.rc: Disable sysrq from the keyboard" 2015-10-10 00:33:50 +00:00
Steve Fung
773fd3c428 crash_reporter: Use the actual GID of the crashing process
Rather than assuming the UID and GID of crashing processes is
the same, report and use the actual GID that the process was
running as.

Bug: 24678424
Change-Id: I3cfc415be2feb2863a4f4b850bfd4a3267217a44
2015-10-09 17:16:48 -07:00
Nick Kralevich
d28a535d9a init.rc: Disable sysrq from the keyboard
Don't allow the accidental triggering of sysrq functionality
from the keyboard. The only expected use of sysrq functionality
is via /proc/sysrq-trigger

Please see https://www.kernel.org/doc/Documentation/sysrq.txt for
additional information on /proc/sys/kernel/sysrq

Bug: 13435961
Change-Id: I60dc92a4b2b4706e8fa34a6cead9abd449f7375f
2015-10-09 17:09:10 -07:00
Alex Vakulenko
a3ae129f22 Merge "metricsd: Update weave command APIs" 2015-10-09 22:10:56 +00:00
Elliott Hughes
55793400f2 Merge "init shouldn't call DumpState by default." 2015-10-09 21:23:22 +00:00
Elliott Hughes
1946d3bca8 init shouldn't call DumpState by default.
The cost of generating and throwing away a bunch of stuff that no one
normally sees is high enough to be worth avoiding.

Here's AOSP ToT on N9...

 init: (Parsing /system/etc/init/atrace.rc took 0.0112s.)
 init: (Parsing /system/etc/init/bootanim.rc took 0.0094s.)
 init: (Parsing /system/etc/init/crash_reporter.rc took 0.0103s.)
 init: (Parsing /system/etc/init/debuggerd.rc took 0.0090s.)
 init: (Parsing /system/etc/init/debuggerd64.rc took 0.0085s.)
 init: (Parsing /system/etc/init/drmserver.rc took 0.0078s.)
 init: (Parsing /system/etc/init/dumpstate.rc took 0.0073s.)
 init: (Parsing /system/etc/init/gatekeeperd.rc took 0.0063s.)
 init: (Parsing /system/etc/init/installd.rc took 0.0067s.)
 init: (Parsing /system/etc/init/keystore.rc took 0.0060s.)
 init: (Parsing /system/etc/init/lmkd.rc took 0.0060s.)
 init: (Parsing /system/etc/init/logcatd.rc took 0.0059s.)
 init: (Parsing /system/etc/init/logd.rc took 0.0068s.)
 init: (Parsing /system/etc/init/mdnsd.rc took 0.0057s.)
 init: (Parsing /system/etc/init/mediaserver.rc took 0.0064s.)
 init: (Parsing /system/etc/init/metrics_daemon.rc took 0.0063s.)
 init: (Parsing /system/etc/init/mtpd.rc took 0.0055s.)
 init: (Parsing /system/etc/init/netd.rc took 0.0066s.)
 init: (Parsing /system/etc/init/perfprofd.rc took 0.0057s.)
 init: (Parsing /system/etc/init/racoon.rc took 0.0054s.)
 init: (Parsing /system/etc/init/rild.rc took 0.0061s.)
 init: (Parsing /system/etc/init/servicemanager.rc took 0.0063s.)
 init: (Parsing /system/etc/init/surfaceflinger.rc took 0.0061s.)
 init: (Parsing /system/etc/init/uncrypt.rc took 0.0068s.)
 init: (Parsing /system/etc/init/vdc.rc took 0.0065s.)
 init: (Parsing /system/etc/init/vold.rc took 0.0063s.)

0.0112+0.0094+0.0103+0.0090+0.0085+0.0078+0.0073+0.0063+0.0067+0.0060+
0.0060+0.0059+0.0068+0.0057+0.0064+0.0063+0.0055+0.0066+0.0057+0.0054+
0.0061+0.0063+0.0061+0.0068+0.0065+0.0063 = 0.1809

And here it is again with the logging disabled:

 init: (Parsing /system/etc/init/atrace.rc took 0.0021s.)
 init: (Parsing /system/etc/init/bootanim.rc took 0.0006s.)
 init: (Parsing /system/etc/init/crash_reporter.rc took 0.0007s.)
 init: (Parsing /system/etc/init/debuggerd.rc took 0.0004s.)
 init: (Parsing /system/etc/init/debuggerd64.rc took 0.0005s.)
 init: (Parsing /system/etc/init/drmserver.rc took 0.0005s.)
 init: (Parsing /system/etc/init/dumpstate.rc took 0.0005s.)
 init: (Parsing /system/etc/init/gatekeeperd.rc took 0.0005s.)
 init: (Parsing /system/etc/init/installd.rc took 0.0005s.)
 init: (Parsing /system/etc/init/keystore.rc took 0.0013s.)
 init: (Parsing /system/etc/init/lmkd.rc took 0.0006s.)
 init: (Parsing /system/etc/init/logcatd.rc took 0.0013s.)
 init: (Parsing /system/etc/init/logd.rc took 0.0007s.)
 init: (Parsing /system/etc/init/mdnsd.rc took 0.0005s.)
 init: (Parsing /system/etc/init/mediaserver.rc took 0.0009s.)
 init: (Parsing /system/etc/init/metrics_daemon.rc took 0.0008s.)
 init: (Parsing /system/etc/init/mtpd.rc took 0.0011s.)
 init: (Parsing /system/etc/init/netd.rc took 0.0005s.)
 init: (Parsing /system/etc/init/perfprofd.rc took 0.0005s.)
 init: (Parsing /system/etc/init/racoon.rc took 0.0005s.)
 init: (Parsing /system/etc/init/rild.rc took 0.0005s.)
 init: (Parsing /system/etc/init/servicemanager.rc took 0.0005s.)
 init: (Parsing /system/etc/init/surfaceflinger.rc took 0.0005s.)
 init: (Parsing /system/etc/init/uncrypt.rc took 0.0005s.)
 init: (Parsing /system/etc/init/vdc.rc took 0.0005s.)
 init: (Parsing /system/etc/init/vold.rc took 0.0006s.)

0.0021+0.0006+0.0007+0.0004+0.0005+0.0005+0.0005+0.0005+0.0005+0.0013+
0.0006+0.0013+0.0007+0.0005+0.0009+0.0008+0.0011+0.0005+0.0005+0.0005+
0.0005+0.0005+0.0005+0.0005+0.0005+0.0006 = 0.0181

It's less than a second, but one problem is that the cost of the current
dumping is proportional to the number of init.rc files, so the more
cleanly you factor things, the more it would cost.

Change-Id: Id96f59e7d0b082d8cfdba4bdbff43a922ba4eeee
2015-10-09 14:03:14 -07:00
Elliott Hughes
246c18caf5 Switch fs_mgr_verity.c to C++.
This is the minimal change just to keep it building, and doesn't
attempt to clean up any of the code.

Change-Id: I975710322ae33d8946497df25bf85b2fe28976a4
2015-10-09 11:52:00 -07:00
Alex Vakulenko
35f8963825 metricsd: Update weave command APIs
Weave has changed some of D-Bus APIs and metrics needs to be updated
accrdingly. Command::Done is replaced with Complete(), Command::Abort
now takes error code and error messages, Command::category is removed
and Command::status is renamed to Command::state

Change-Id: Ifbfd6d852f4a328168e28484d1152a24b8c8b42b
2015-10-09 08:18:35 -07:00
Steve Fung
23fe7be8d6 Merge "crash_reporter: Support crashes from arbitrary users" 2015-10-08 22:11:13 +00:00
Mark Salyzyn
df345a8aac Merge changes Icc984f40,Ie4c46bc9,I0f238985,I63a729d2,I2b5900a2
* changes:
  logd: clearAll by UID speedup
  logd: clear return and deal with busy if readers locked
  logd: update region lock after entry has passed to reader socket
  logcat: do not exit buffer loop on error
  logd: clientHasLogCredentials false negatives
2015-10-08 14:22:03 +00:00
Steve Fung
6db7cd7836 crash_reporter: Support crashes from arbitrary users
In order to read the /proc/<pid> files from non-root users without
using CAP_SYS_PTRACE and CAP_DAC_OVERRIDE, use setresuid(..) and
setresgid(..) to switch to the process's user to copy off necessary
files for generating the breakpad minidump.

Bug: 24678424
Change-Id: I4a43583033587441394483ce678c40c4161808b9
2015-10-07 18:16:53 -07:00
Nick Kralevich
b3fbdf5583 Merge "fs_config.c: remove setuid from procrank" 2015-10-08 00:08:58 +00:00
Elliott Hughes
21f99c089e Merge "Use const auto&/auto&& in adb." 2015-10-07 23:54:17 +00:00
Nick Kralevich
e2b2996d96 fs_config.c: remove setuid from procrank
procrank only exists on userdebug/eng builds. For those builds,
procrank can be executed by running "su 0 procrank" instead of
relying on the binary being setuid root. This reduces the number
of setuid binaries on Android and allows for the deletion of
SELinux policy to support this.

Bug: 18342188
Change-Id: I982283f2e0f6fbe5efaffc08501c1ec175f65373
2015-10-07 16:41:47 -07:00
Mark Salyzyn
2b25c66070 logd: clearAll by UID speedup
- If doing a clear, skip accounting
- Ensure for busy checking, behind a region lock for instance, only
  break out if there was something to do. Basically move the filter
  actions first, and defer checking the region lock to the ends of
  the loops.

Bug: 23711431
Change-Id: Icc984f406880633516fb17dda84188a30d092e01
2015-10-07 16:24:57 -07:00
Mark Salyzyn
c5dc970edc logd: clear return and deal with busy if readers locked
- Propagate to caller the clearing errors, busy blocked by reader.
- For clear, perform retries within logd with a one second lul each,
  telling readers to skip, but on final retry to kill all readers if
  problem still persists due to block reader (or high volume logspammer).

Bug: 23711431
Change-Id: Ie4c46bc9480a7f49b96a81fae25a95c603270c33
2015-10-07 16:23:57 -07:00
Mark Salyzyn
de4bb9c1a7 logd: update region lock after entry has passed to reader socket
- The reader region level indicates the location to protect, but once
  it has been passed to the calling reader, then allow us to go
  one beyond so that a clear or prune thread can remove the entry.

Bug: 23711431
Change-Id: I0f2389858dd8c83366c034360f67d7c363625b56
2015-10-07 16:23:57 -07:00
Mark Salyzyn
603b8e50c8 logcat: do not exit buffer loop on error
- Alter logcat to collect error(s) for open, clear, get size or set
  size; moving on to other buffer ids. Then after loop completed,
  report and exit for the last error reported.

Bug: 23711431
Change-Id: I63a729d27544ea8d5c6119625c1de0210be0eb70
2015-10-07 16:23:54 -07:00
Elliott Hughes
65fe2516b4 Use const auto&/auto&& in adb.
Change-Id: I74a7e511302e15e207906f572d181634e0ed5604
2015-10-07 16:11:17 -07:00
Mark Salyzyn
86eb38f3ca logd: clientHasLogCredentials false negatives
Vote three times in /proc/pid/status to look for AID_LOG group

If not, we may default to the callers UID, and the net result is
to perform the task related to that UID. For adb logcat and
shell logcat, the UID is AID_SHELL which typically has no logs,
leaving no net action taken.

Bug: 23711431
Change-Id: I2b5900a2d37173bd995eb308ee9ecafa20602b62
2015-10-07 16:08:28 -07:00
Elliott Hughes
1407b28628 Merge "Fix adb -d/-e error reporting." 2015-10-07 22:38:50 +00:00
Elliott Hughes
8d28e191c5 Fix adb -d/-e error reporting.
If -d/-e fail, get-serialno and friends will now report an error
and return a failure status code on exit.

Also fix the behavior of -d/-e with $ANDROID_SERIAL --- -d/-e
should override $ANDROID_SERIAL, not the other way round.

I'm deleting my own comment here about always returning "unknown"
for scripts. I can't find any evidence that there are scripts
relying on that, so I think my comment meant "I fear that there
are scripts doing so".

Bug: http://b/24403699
Change-Id: Ie13a751f1137abcfe0cc6c46a0630ba5e02db676
2015-10-07 15:35:18 -07:00
David Zeuthen
10bb4e5161 Merge "init.rc: mkdir /data/misc/update_engine 0700 root root" 2015-10-07 20:18:36 +00:00
Bertrand Simonnet
9e45f201d1 Merge "metricsd: Rename build_target_id to product_id." 2015-10-07 19:49:43 +00:00
David Zeuthen
159147853e init.rc: mkdir /data/misc/update_engine 0700 root root
Ensure that /data/misc/update_engine exists since it will be referenced
by selinux policy.

Bug: 23186405
Change-Id: I96e4ff341086da6474ef7f7c934f1f35bffc1439
2015-10-07 14:00:55 -04:00
Mark Salyzyn
58b136cbeb Merge "logcat: continue where we left off" 2015-10-07 14:25:53 +00:00
Yabin Cui
7f9d4c97c3 Merge "adb: keep file flags in fdevent_install." 2015-10-06 23:28:36 +00:00
Yabin Cui
6dfef255b8 adb: keep file flags in fdevent_install.
Bug: 24615098
Change-Id: Ia791ecbe612f09aca3bbd5787513f121fae54da5
2015-10-06 16:15:30 -07:00
Bertrand SIMONNET
7dc7827107 metricsd: Rename build_target_id to product_id.
We use product_id instead of build_target_id, the protobuffer should
rename that field too to be consistent.
The same change was made on the backend.

BUG: 24712895
Change-Id: Id9492e3debab986c9df7d4ec0caef8730eb14240
2015-10-06 15:27:37 -07:00
Mark Salyzyn
9812fc4bd0 logcat: continue where we left off
Issue introduced as part of new logcatd functionality in
commit f3555d9427

Faulty logic, add a gTest to confirm.

Bug: 19608716
Change-Id: Ic1b97def25e03e69faae4398a3dff2ff0f88545e
2015-10-06 12:46:54 -07:00
William Roberts
468573930d debuggerd: audit pid, uid and gid on SE Linux denial
When debugging SE Linux audit messages from debuggerd, its
unclear what process is triggering the access violation. To
assist in debugging, we also log pid, uid and gid.

Before:
avc:  denied  { dump_backtrace } for scontext=u:r:dumpstate:s0 ...

After:
avc: denied  { dump_backtrace } for pid=198 uid=1019 gid=1019 ..

Change-Id: I8263e6f5e77917139b73c3e84b76f7f97fd98003
Signed-off-by: William Roberts <william.c.roberts@intel.com>
2015-10-06 12:25:27 -07:00
Bertrand Simonnet
d1f8e4dc9a Merge "metricsd: Expose the metrics status through weave." 2015-10-06 18:45:42 +00:00
Bertrand SIMONNET
59890e2db9 metricsd: Expose the metrics status through weave.
metrics_daemon will export _metrics._AnalyticsReportingState containing
"enabled"/"disabled" depending on the current state and two weave
commands (_metrics._{enable,disable}AnalyticsReporting) to update it.

BUG: 24386281
TEST: manual. Enabled and disabled metrics reporting.
  `metrics_client -c` reports the correct answer.

Change-Id: Ic4a5ffc1e9f9cbc0b47ee34d3af83584d95da155
2015-10-06 10:18:54 -07:00
Bertrand Simonnet
a4a479b63b am fcaef687: Merge "metricsd: Don\'t cache the metrics status in the daemon."
* commit 'fcaef687010bc63293087c8232dad2cd0af02b5f':
  metricsd: Don't cache the metrics status in the daemon.
2015-10-05 23:42:40 +00:00
Bertrand Simonnet
fcaef68701 Merge "metricsd: Don't cache the metrics status in the daemon." 2015-10-05 23:35:39 +00:00
Elliott Hughes
8c47bb52c4 am 8a69e031: Merge "Speed up adb sync."
* commit '8a69e0315a3288ca14213602f5bec1173bc3216e':
  Speed up adb sync.
2015-10-05 19:48:00 +00:00
Elliott Hughes
8a69e0315a Merge "Speed up adb sync." 2015-10-05 19:42:03 +00:00
William Roberts
d7aea443d9 property_service: log pid,uid and gid of setprop client
When auditing setprop denials, it is often unclear of who the process is
in a multi-process domain. To help identify the invoker, log the pid, uid,
and gid of the caller.

Before:
avc:  denied  { set } for property=wifi.xxx ...

After:
avc:  denied  { set } for property=wifi.xxx pid=30691 uid=123 gid=345 ...

Change-Id: I5cdcb3d18fbd52e0987b5e1497b9f6620c6c742a
Signed-off-by: William Roberts <william.c.roberts@intel.com>
2015-10-05 11:39:56 -07:00
Bertrand SIMONNET
a5b40d077f metricsd: Don't cache the metrics status in the daemon.
metrics_daemon should never get a stale answer on whether or not the
metrics are enabled.
This is important as metrics_daemon will be the "source of truth" for
other components.

BUG: 24386281
TEST: unit tests.

Change-Id: I573568abe5d1b840683cede2fdf32cdae028a81a
2015-10-05 09:58:16 -07:00
Mark Salyzyn
758058ffd8 logd: object layer format statistics
Simplify table generation by placing the line and header formatting
into each type's (UID, PID, TID) object. Switch to const return
values for the ownership passing functions (*ToName() functions
and methods). Use longer variable names to reduce confusion.

Switch from LINES To NUM for pruned column as that more accurately
reflects what is dropped since one entry can contain several lines.

Bug: 22855208
Change-Id: Ib110dce98a68cf5f844eb30f8a192a1f691eeba2
2015-10-05 09:27:57 -07:00
Mark Salyzyn
f469768887 am bd4f52b2: Merge "liblog: optimize code hotspot"
* commit 'bd4f52b2e2d1f03e77e2bef7b40865b631c8d115':
  liblog: optimize code hotspot
2015-10-05 16:25:56 +00:00