Commit graph

185 commits

Author SHA1 Message Date
Elliott Hughes
94ccdc06d0 Stop duplicating <linux/capabilities.h>.
This doesn't help the person who wants CAP_BPF, but we can fix that
better by adding it to our stale glibc (and our future switch to musl
will mean we'll never have similar problems again).

I think this just dates from when we still supported building the OS on
darwin, but those days are long gone, and I think this hack can be put
to rest now...

Test: treehugger
Change-Id: I3c2e56c68a5b00c1ad0aed422c6ce60886063f50
2023-09-25 20:33:02 +00:00
Tomasz Wasilczyk
6cf9cd0123 Revert "Revert "Remove cutils threads.h header completely.""
This reverts commit c37838eec8.

Reason for revert: b/296247274 root-cause fixed

Change-Id: I859e7500a1dd09e3a66986cda9e62adf5d7a524a
2023-08-16 22:37:14 +00:00
Bruce Po
c37838eec8 Revert "Remove cutils threads.h header completely."
This reverts commit d3550e3314.

Reason for revert: DroidMonitor-triggered revert due to breakage https://android-build.googleplex.com/builds/quarterdeck?branch=git_tm-qpr-dev-plus-aosp&target=aosp_sunfish-userdebug&lkgb=10667572&lkbb=10667604&fkbb=10667601, bug http://b/296247274

Change-Id: I3f3864dc21fcb34cbb2ff524c43c3d92bd260ff6
BUG: 296247274
2023-08-16 17:38:09 +00:00
Tomasz Wasilczyk
d3550e3314 Remove cutils threads.h header completely.
Bug: 289414897
Test: it builds
Change-Id: Ifcde5849923f19f1c898a6a95811eea55be0d276
2023-08-10 15:12:05 +00:00
Tomasz Wasilczyk
d22098f65d Remove sub-includes from libcutils/threads.h
This will drop any incentive to use this header

Bug: 289414897
Test: it builds
Change-Id: I3d7f56ac027f59794cb4cf533847c5fda5529906
2023-08-03 22:16:23 +00:00
Tomasz Wasilczyk
21a0716613 Remove gettid declaration from cutils
Bug: 289414897
Test: it builds
Change-Id: I22d93406cf065c0e3c7d94e800763974d228ee21
2023-08-03 22:16:12 +00:00
Hao Chen
8dad4b2b8a Merge "threads.h: avoid defining gettid on glibc >= 2.30" into main 2023-07-18 21:38:34 +00:00
Hao Chen
253445ce3a threads.h: avoid defining gettid on glibc >= 2.30
The issue in https://bugs.chromium.org/p/chromium/issues/detail?id=1182060 also
exists on glibc 2.30 and 2.31 since `gettid` was Introduced in glibc 2.30.

See https://man7.org/linux/man-pages/man2/gettid.2.html

Bug: 285204695
Test: Build
Change-Id: I7e534edf8c0a20c415232bcfffabbf2c1d6eec98
2023-07-18 19:52:19 +00:00
Tomasz Wasilczyk
0c44d8d68d Make atrace_*_body explicitly a part of API.
Also, remove leftover atrace_set_debuggable(bool) symbol.

Bug: 289151149
Test: it builds
Change-Id: Id9fdf9451567d85b64971a6bb409336b12d3f535
2023-06-29 13:28:37 -07:00
Maciej Żenczykowski
65d416a18f qtaguid.h - remove qtaguid_setPacifier declaration
There does not appear to be *any* implementation...

Additionally in a non-qtaguid eBPF world, this API simply appears meaningless...

cs/p:aosp-master qtaguid_setPacifier -file:system/core/libcutils/include.*/cutils/qtaguid[.]h$

finds nothing, except for:
  test/vts/specification/lib/ndk/bionic/1.0/libcutilsV1.vts

  api: {
    name: "qtaguid_setPacifier"
    return_type: {
      type: TYPE_SCALAR
      scalar_type: "int32_t"
    }
    arg: {
      type: TYPE_SCALAR
      scalar_type: "int32_t"
    }
  }

Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I0b7def936920d4dacf90d6bb0a8efb7b09811c6a
2022-12-18 20:40:09 +00:00
Pete Bentley
6cb61610e6 Add AID for PRNG seeder daemon.
Also adjust permissions on /dev/hw_random to allow prng_seeder group
read access.

Manual testing protocol:
* Verify prng_seeder daemon is running and has the
  correct label and uid/gid.
* Verify prng_seeder socket present and has correct
  label and permissions
* Verify no SELinux denials
* strace a libcrypto process and verify it reads seeding
  data from prng_seeder (e.g. strace bssl rand -hex 1024)
* strace seeder daemon to observe incoming connections
  (e.g. strace -f -p `pgrep prng_seeder`)
* Kill daemon, observe that init restarts it
* strace again and observe clients now seed from new instance

Bug: 243933553
Test: Manual - see above
Change-Id: I4d526844b232fc2a1fa5ffd701ca5bc5c09e7e96
2022-09-26 17:50:09 +01:00
Treehugger Robot
98e474ab43 Merge "Add fdsan capabilities for native handles" 2022-09-06 22:48:31 +00:00
Brian Duddie
9f2af69d2a Add fdsan capabilities for native handles
Introduces new APIs which can be used to simplify application of fdsan
to native_handle_t usage, and applies fdsan protection to
native_handle_clone() by default.

Bug: 244214188
Test: validated alongside sensor service change to use the new APIs
Change-Id: I3be16a09c336bcbe880bdb542d5da2969c2c34d3
2022-09-02 00:44:13 +00:00
Elliott Hughes
b7475a4c3f Add the "sys" group for tests.
It's useful to have a group that shares a numeric id with Linux and
macOS. "root" doesn't count because group 0 is actually called "wheel"
on the BSDs, and macOS has "daemon" and "kmem" as its groups 1 and 2.

This lets us have toybox tar tests that have the same results on all
supported OSes without special handling.

Test: treehugger
Change-Id: I4704d6f9ada84f3065831a099b34d1c20c4c6b03
2022-09-01 00:01:04 +00:00
Rubin Xu
7e14d138ae Add AID_SECURITY_LOG_WRITER
A suppplementary group to mark which app can write to the security log
buffer. Granted via android.permission.WRITE_SECURITY_LOG and checked by
logd.

Bug: 232283779
Test: manual
Change-Id: I3ad66031ab1c9eef26db0f3e8968659dfa2855cb
2022-05-24 23:34:33 +01:00
Ray Ye
6507f8adc3 Updating ATRACE_ASYNC_FOR_TRACK_END to not require a name argument
Bug: 230399626
Test: atest TraceDevTest
Change-Id: Ia1b39f55c96011a9672f4d5c8763044f849d0bb2
2022-04-28 18:18:57 +00:00
Ray Ye
399465a93e Added async trace functions with a track name argument
Bug: 221119585
Test: atest TraceDevTest
Change-Id: I48d9e858ce588e3735ddbbe14b1bd7c8f264cd83
2022-03-24 23:55:00 +00:00
Shikha Malhotra
927d9d1c68 Merge "Adding project_id ranges for internal app and cache folders." 2022-03-10 21:58:40 +00:00
Treehugger Robot
1821237a1e Merge "Reserve a UID for AID_SDK_SANDBOX" 2022-03-04 19:39:58 +00:00
Hanna Nizhnikava
4dc57edc1d Merge "Create utility method for converting sdk_sandbox_uid to app_uid" 2022-03-04 11:27:40 +00:00
Dmitri Plotnikov
8303dd695f Reserve a UID for AID_SDK_SANDBOX
Bug: 219080829
Bug: 219077358
Test: N/A
Change-Id: Iddc4e29668e7d6f2490b5d6acb9b4e5f0082d064
2022-03-03 18:03:30 -08:00
Elliott Hughes
d07d694175 Merge "Define AIDs for Weaver, Keymint and IdentityCredential applets." 2022-03-04 01:40:37 +00:00
Hanna Nizhnikava
fb78816593 Create utility method for converting sdk_sandbox_uid to app_uid
Method is needed for further use in statsd mapping process.

Bug: 217695033
Test: atest installd_service_test
Change-Id: I508a58da5f8d2e32264002db515425134d18aece
2022-03-03 21:49:43 +00:00
Nikita Ioffe
45f8837c90 Rename SupplementalProcess to SdkSandbox
Ignore-AOSP-First: code is not in AOSP yet
Bug: 220320098
Test: presubmit
Change-Id: I310feb08a903c2ee9cd544e3b9751c2e02ce5951
Merged-In: I310feb08a903c2ee9cd544e3b9751c2e02ce5951
(cherry picked from commit 6e124aac7c)
2022-03-02 16:12:41 +00:00
Samiul Islam
b18fea1abb Create utility method for calculating supplemental_uid from app_uid
Every app will now have a corresponding supplemental process associated
with it. We need an utility method to map one to the other.

Implementation details: supplemental process uid will be between range
20k-30k. As such, it will be a 10k offset from app id. See ag/16621743.

Bug: 211763739
Test: atest installd_service_test
Ignore-AOSP-First: Feature is being developed in internal branch
Change-Id: I2b6d6b086985bcb24c837eaa95a937d429d6a583
Merged-In: I2b6d6b086985bcb24c837eaa95a937d429d6a583
(cherry picked from commit 1c7acfdb67)
2022-03-02 13:29:40 +00:00
subrahmanyaman
8b83ce6186 Define AIDs for Weaver, Keymint and IdentityCredential applets.
Bug: b/222112165
Test: Run vts/cts tests
Change-Id: I2fc9144fe4a2d55bf091d8371ba2b78486b1b9c7
2022-03-02 02:35:24 +00:00
Treehugger Robot
1889a41c88 Merge "Add systrace tag for thermal" 2022-02-18 16:54:53 +00:00
Patrick Rohr
78b86ae297 Merge "Remove setCounterSet and deleteTagData support from libcutils" 2022-02-16 19:59:14 +00:00
TeYuan Wang
5ad0a9f864 Add systrace tag for thermal
Bug: 218939123
Test: build
Change-Id: Id899df349e83fa7bf4d962e88d683488632df702
2022-02-14 15:13:45 +08:00
Alexander Potapenko
585a214741 Added AID for the new dmesgd
Bug: 215095687
Test: m -j dmesgd
Change-Id: Iee3a1a644115c7808ca545ca8d22cd783a2be114
2022-02-07 13:54:21 +01:00
Shikha Malhotra
bc9b847e0f Adding project_id ranges for internal app and cache folders.
Test: atest StorageHostTest
Test: atest installd/tests/installd_service_test.cpp
Change-Id: I4dbda6f2f0d74cb4f4890555742b26c81a6b0146
2022-02-04 15:37:36 +00:00
Patrick Rohr
ccc18d7f11 Remove setCounterSet and deleteTagData support from libcutils
This functionality is now handled in mainline and has been removed from
netd in Android T.

Test: builds & boots
Change-Id: Ic435eee0d89bda30d733efbc655692c697bbe9e8
2022-02-02 14:27:50 +01:00
Treehugger Robot
e71fdca896 Merge "Diced: Added AID for Android's dice daemon diced." 2021-12-16 01:47:23 +00:00
Treehugger Robot
f54ebc7650 Merge "Add instant trace methods" 2021-12-15 18:11:52 +00:00
Lucas Dupin
2c2c5d998e Add instant trace methods
Bug: 207049735
Test: atest TraceDevTest
Change-Id: If2826a9bb1fb99d75ff3c9c03c16c2f5f1ec5d1b
2021-12-15 02:44:36 +00:00
Kalesh Singh
ccf343fa5b Add group ID for reading tracefs
Add AID_READTRACEFS and mount tracefs with gid=AID_READTRACEFS

Bug: 209513178
Test: adb shell ls -l /sys/kernel/tracing/events
Change-Id: Ibbfdf8a4b771bd7520ecbaaf15a1153d6bf0e599
2021-12-06 16:25:04 -08:00
Janis Danisevskis
9c72fe356a Diced: Added AID for Android's dice daemon diced.
Bug: 198197213
Test: N/A
Change-Id: Idc55363272e3e5529d931a17dad8a37af665edcd
2021-11-09 16:12:21 -08:00
Elliott Hughes
6fa2e48db9 cutils: only support safe list iteration.
We've had two use-after-frees in the last month from this nonsense...

Bug: http://b/204925347
Test: treehugger
Change-Id: I5e1485253224e38ca51a7a077dbe65d19e39f817
2021-11-03 10:26:36 -07:00
zhanglongxia
1aac0c01a6 Add a aid/uid for Thread subsystem
Bug: b/202786090
Test: Compiles
Change-Id: I168cf2630c9591df161d0e5df71be0f93bf7ce9a
2021-10-19 09:22:06 +08:00
Bowgo Tsai
ebb79debcc Revert "Add systrace tag for system property"
Revert "Add systrace tag for system property"

Revert "Add systrace tag for system property"

Revert "Adding system property tracing"

Revert submission 1403568-sysprop_trace

Reason for revert: makes property get/set non-reentrant
Reverted Changes:
I6f85f3f52:Add systrace tag for system property
Id2b93acb2:Adding system property tracing
Id78992d23:Add systrace tag for system property
I1ba9fc7bd:Add systrace tag for system property

Ignore-AOSP-First: b/193050299#comment17

Bug: 193050299
Change-Id: I9305003531c6a86194d55dc72c613337d213b53d
Merged-In: I9305003531c6a86194d55dc72c613337d213b53d
Test: build and boot a device
(cherry picked from commit 18e0f65cbf)
2021-07-21 09:22:27 +08:00
Andrew Walbran
3aedc7edc8 Rename VirtManager to VirtualizationService.
Bug: 188042280
Test: atest VirtualizationTestCases
Change-Id: I0e549ef02c7327f57c3d04853b3eefed7403d8e8
2021-05-24 11:41:13 +00:00
Roshan Pius
e85201bbeb filesystem_config: Add a aid/uid for UWB subsystem
Bug: 186788640
Test: Compiles
Change-Id: Ib3d1b064e8e68e7b9e59b26f356ac7c4da2eaaf8
2021-04-29 14:57:07 -07:00
Chris Wailes
9fd4627645 Added ARTD user
Test: boot and check for artd process
Bug: 177273468
Change-Id: Ic5a3f626598d5347dfada8f67c07c55c7da29f5f
2021-04-05 15:46:14 -07:00
Jeff Vander Stoep
3502c2be94 Add UID for virtmanager
Bug: 183583115
Test: ps -AZ | grep virtmanager
u: r:virtmanager:s0             virtmanager   2453     1 10930880  4544 0                   0 S virtmanager
Change-Id: Iddf8e21cb1039a5f50aa0619a708b59bec004cfc
2021-03-25 22:17:52 +01:00
Adrian Ratiu
a742158667 threads.h: avoid defining gettid on glibc >= 2.32
Glibc >=2.32 exposes a gettid() which clashes with libcutils
thread.h, so add a check to not expose it if building against
newer glibc (ChromiumOS will still use glibc 2.27 besides 2.32).

Bug: https://bugs.chromium.org/p/chromium/issues/detail?id=1182060
Test: Builds without errors on both glibc 2.32 and 2.27.

Change-Id: Ib71fa1bc9fa185e3668002407dbed05a80c87740
2021-03-05 09:55:15 +00:00
Florian Mayer
cae942d7ac Do not check for debuggable / profilable for app tracing.
This is undocumented and surprising behaviour.

Bug: 179883548
Change-Id: I373b176d4ed9f6b0e970d055d7e4e2686c6d3991
2021-02-12 16:54:51 +00:00
Mitch Phillips
391157659b [MemInit] Remove process_disable_memory_mitigations
This function is no longer necessary, and uses a deprecated API
(mallopt(M_BIONIC_DISABLE_MEMORY_MITIGATIONS)). This function was
provided originally as part of libcutils because the original API was a
private android_mallopt.

The API is being reborn as a memory-init-specific mallopt. Given that
regular system components and apps will be able to call it directly,
it's not necessary to have a wrapper function in libcutils any more.

Bug: 135772972
Test: Build the device.
Change-Id: I4a3185b99702c8e445de6837b154c4a96c8295a1
2021-01-20 16:07:49 -08:00
Elliott Hughes
dcf81848cb Remove thread_store_set()/thread_store_get().
C++ thread_local is less code to write, and performs better. All known
users have been moved over already.

Test: treehugger
Change-Id: Idaa2a58bf23342dae08dd6b9003d8f532839b351
2020-12-07 10:54:53 -08:00
Elliott Hughes
0675702c62 Make libcutils' thread local stuff more clearly deprecated.
libcutils' thread local stuff is almost unused already, so let's try
harder to prevent new users. (In parallel I'll try to actually move the
four existing users off it, so we can actually remove this.)

Test: treehugger
Change-Id: Ib5445a43cff1f161ce1c7a45959d5b126f6f6980
2020-12-02 11:22:29 -08:00
Steven Moreland
d22659b8ea libcutils: API to disable memory mitigations
Convenience API to disable memory mitigations, where we can specify
logging and also have a single place to update once a related bug is
fixed.

Bug: 166675194
Test: use API to disable memory mitigations
Change-Id: I4a3529ea1911925c49e31cc3809c2743e401c196
2020-10-10 00:16:24 +00:00