We want to set the contents of "out_size_num_byte", and not
the pointer value, in the error case.
Bug: 266757931
Change-Id: I02edddcbcc4fc80dbb61efe8dc7c45bd3ce1c904
Test: TreeHugger
Recoverable GWP-ASan is a mode landed upstream in
https://reviews.llvm.org/D140173. For more information about why/what it
is, see
https://android-review.git.corp.google.com/c/platform/bionic/+/2394588.
This patch makes debuggerd call the required libc callbacks for GWP-ASan
to recover from the memory corruption. It also adds the functionality
that libart/sigchain eventually ends up calling, which dumps a GWP-ASan
report for the first error encountered.
Test: Build the platform, run sanitizer-status in recoverable mode,
asserting that it doesn't crash but we get a debuggerd report.
Bug: 247012630
Change-Id: I27212f7250844c20a8fd1e961417cdb4e5bd3626
* changes:
fastboot: Move some helpers into util.h/.cpp.
fastboot: Allow using LOG().
fastboot: Use RAII for sparse_file objects.
liblp: Add a helper class for building sparse-compatible super image layouts.
Reboots to fastbootd (userspace fastboot) take a long time, particularly
due to the orange AVB screen and the likelihood of devices having uart
enabled. For "flashall", there is rarely a need to actually go into
userspace, because all of super is getting thrown away. We can just
flash super in the bootloader.
In the past we didn't do this because computing super.img is expensive -
both in terms of time (due to reading dependent images) and in terms of
space (it's easily over 5GB).
But we don't actually need to fully compute super.img. We can build a
sparse_file containing the metadata/headers, with additional references
to each image file containing partition data. Liblp provides the API to
do that, and here, we simply need to translate the layout to libsparse.
On Pixel, this reduces flashall time by around 35-50 seconds, or around
20% of total time, depending on whether uart is in use.
There are some caveats, in which case we'll fall back to normal
fastbootd. This does not work on non-A/B devices, on retrofit dynamic
partition devices (Pixel 3), and in some other edge-casey scenarios. If
it fails, -v will add logging information about why.
Bue: 266982466
Test: fastboot flashall on Pixel 5+
Change-Id: Ie040da597d739faa7f834202184cec8f8e412076
The die() and verbose() macros are not really standard for AOSP. To
allow a gradual transition off them, call InitLogging on startup. This
will also allow seeing liblp logs when -v is passed.
Bug: 266982466
Test: builds
Change-Id: I74278bb5f698edb0dc81477a575b130b0bd11cdf
Powerloss of OS failure occurs when super is merging,
then the device can't bring up again for no lp_metadata sync,
so make lp_metadata sync in time.
Change-Id: I1ea31662b838e35022a566b614796f2d5e05df4b
Signed-off-by: Jia Jia <jia.jia@zte.com.cn>
get_sched_policy uses the cpuset policy as fallback if the cpu cgroup
is not recognized. Pixel is currently not using the cpu cgroup for
background policy due to b/208895940.
Bug: 265852986
Test: atest libcutils_test:libcutils_test.SchedPolicy#set_sched_policy -- --abi arm64-v8a
Change-Id: Ia77ace7513c48b1a14290c6ecc0222b46d6bf927
Signed-off-by: Edward Liaw <edliaw@google.com>
This class helps export a list of regions comprising a super partition,
and what the contents of those regions should be. It is very similar to
ImageBuilder, except that it does not require actual partition image
files, nor does it actually write an image file to disk.
The goal is to support building an in-memory super image that uses as
little memory and backing storage as possible. For example, fastboot can
use this to upload a super image without having to read and write
gigabytes of unnecessary data.
Since the goal is to optimize fastboot, we've taken some shortcuts here.
Retrofit devices and other edge-casey behavior are safely rejected. We
also don't rely on libsparse behavior here, and attempt to make the
translation to sparse records as trivial as possible, by explicitly
declaring where fill/dontcare gaps are, and only exporting 4KB aligned
regions. Hopefully this will allow the code to be portable to
non-fastboot consumers.
Bug: 266982466
Test: liblp_test
Change-Id: I1b41d233bc4512c4b62e19603e8e77bc5867cfab
When moving to a proto tombstone, backtraces no longer contain
an offset when a frame is in a shared library from an apk.
Add the offset display again if needed, and add a test to
verify this behavior.
Bug: 267341682
Test: All unit tests pass.
Test: Dumped a process running through an apk to verify the offset
Test: is present.
Change-Id: Ib720ccb5bfcc8531d1e407f3d01817e8a0b9128c
This might allow avb to save some memory by only allocate as much memory
needed to hold the partition data, instead of allocating for maximum
possible partition size(64K).
Bug: 266757931
Change-Id: I82a4b1ba3544910072050e45a7cb91e0dcbc4d05
PropertyInit loads the build.prop files and set the system properties.
Set the SELinux log callback before that to show the avc denials for debugging.
Test: $ make init_system
Push this module and ensure system property set denials are shown during boot
Bug: 185920634
Bug: 211547922
Change-Id: If9f34d469d3da2ebdfe64bb611de85a3ca37e000
This is but a cosmetic change. Before:
> [libfs_mgr]__mount(...
After:
> [libfs_mgr] __mount(...
Also change liblp, libfs_avb and libvbmeta.
Bug: 241688845
Test: Presubmit
Change-Id: I7d408a94a7fe279d9b65d699e22159b167f34526
Grant read/write access to anyone for /data/misc/wmtrace folder on
debuggable builds, it's further protected by the selinux policy.
This is to allow systemui process to write proto logs to the same folder
on device as WindowManager, both can contribute to the transitions like
PiP, Split-Screen and etc.
Bug: 251513116
Test: adb shell dumpsys activity service SystemUIService \
WMShell protolog [start | stop]
Change-Id: Ice57efa17c61d132b02c0a11a762c24d772bd90a
Make the module directory optional by reading the kernel release
version. This path is where the kernel installs modules by default.
Similar behaviour can be found in several modprobe implementations.
Bug: 254835242
Change-Id: I61707636705e5b4d9bd8ccf6351e7057eae6bcf5
Resolves a pair of TODO's, and makes a pair of error return
code paths not return null function pointers.
Note that:
system/netd/client/NetdClient.cpp
implements this as:
int checkSocket(int socketFd) {
if (socketFd < 0) {
return -EBADF;
}
int family;
socklen_t familyLen = sizeof(family);
if (getsockopt(socketFd, SOL_SOCKET, SO_DOMAIN, &family, &familyLen) == -1) {
return -errno;
}
if (!FwmarkClient::shouldSetFwmark(family)) {
return -EAFNOSUPPORT;
}
return 0;
}
$define CHECK_SOCKET_IS_MARKABLE(sock) \
do { \
int err = checkSocket(sock); \
if (err) return err; \
} while (false)
extern "C" int tagSocket(int socketFd, uint32_t tag, uid_t uid) {
CHECK_SOCKET_IS_MARKABLE(socketFd);
FwmarkCommand command = {FwmarkCommand::TAG_SOCKET, 0, uid, tag};
return FwmarkClient().send(&command, socketFd, nullptr);
}
extern "C" int untagSocket(int socketFd) {
CHECK_SOCKET_IS_MARKABLE(socketFd);
FwmarkCommand command = {FwmarkCommand::UNTAG_SOCKET, 0, 0, 0};
return FwmarkClient().send(&command, socketFd, nullptr);
}
which means it *already* verifies that the passed in sockfd
is >= 0 and a socket via getsockopt(SOL_SOCKET, SO_DOMAIN),
as such the 'fcntl(sockfd, F_GETFD)' check is spurious.
Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I91ef68be5b0cc6b1972d514c13a76eaf834a3d5d
An early return out of this function makes it harder to add new prints
after the memory maps.
Test: m, flash, look at tombstone
Change-Id: Id06e432918d69ac3307761b244473b6b7ab769e8
RemoteProvsioner is deprecated, and already disabled/non-functional
on some builds. Turn off the tests because they are causing spurious
presubmit failures.
Test: n/a
Bug: 266181756
Change-Id: I9b8d3e742ef2b2448a798b1e96b6f3e02695e2be
This fuzzer can only mutate the numerical inputs to a dm-linear table,
which is unlikely to find kernel bugs, and very unlikely to find libdm
bugs. There are a number of automated notifications from it due to
making ASSERT_EQ a no-op, which causes misuse of libdm API calls. None
of these appear to be real bugs.
Bug: 174907083
Test: N/A
Change-Id: Iaa8955eaa4423e4315b8cb74741e6425a56cc303
Take 2: remove the shell script, which wasn't working very well, and
just provide different builds of the same binary.
Bug: 208944665
Test: presubmit
Change-Id: I994a93e4e364bc210ddd2eb60025c656caa86b1c
This file contains a description of dev nodes added to the CPIO archive
for the Android ramdisks. /dev/null is a security requirement for
bionic, /dev/console is needed so the kernel can set-up stdout stderr
and stdin before running /init.
Bug: 254835242
Change-Id: I111e2db53fabd63d070b8e9ab9c52faebf484ab3
This test was added only for behavior introduced in the 5.15 kernel, where uevents are delayed until a table is laoded.
Bug: 263291020
Test: libdm_test
Change-Id: I6236c4304d8e6b780704df405290f7361d5827cc
* changes:
BatteryMonitor: fix build error with health hal v2 updraged
fastboot: Update health AIDL HAL to V2
storage: Update health AIDL HAL to V2
BatteryMonitor: get battery health data from sys file nodes
libbatterymonitor_V1 is used for some libraries linking health
aidl_interface V1 but at the same time BatteryMonitor also uses
battery hal V2 structure, it will cause compiling error.
Folk BatteryMonitor is also required along with folk libbatterymonitor
Bug: 251425963
Test: build
Change-Id: I796db83b1a67ad63e7f75f966e829a790b5c9c89
Signed-off-by: Jack Wu <wjack@google.com>
Requirements for battery health aidl hal v2, include sysfs nodes:
- Battery state of health
- Charging state
- Charging policy
- Date of manufacturing of the battery
- Date of first use of the battery
and functions
- setChargingPolicy
- getChargingPolicy
- getBatteryHealthData
Bug: 251425963
Test: m
Change-Id: I210dc403ba95b1b75759227f84bc32f32be1bbaf
Signed-off-by: Jack Wu <wjack@google.com>
