Commit graph

1132 commits

Author SHA1 Message Date
Mårten Kongstad
ee9534515e Add systrace tag for RRO
Introduce a new systrace tag, TRACE_TAG_RRO, for use with runtime
resource overlay.

Bug: 119761810
Test: builds
Merged-In: I7b883d107a9ae2b12bbda04b74001a68e2a904aa
Change-Id: I7b883d107a9ae2b12bbda04b74001a68e2a904aa
2019-01-08 14:17:47 -08:00
David Sehr
eb2dd20dc3 Enable building ATRACE stubs on Windows
The header contained inline functions that called unimplemented code on
Windows.  Enable building the implementations.

Bug: none
Test: make -j 50 checkbuild
Change-Id: I11b39e6f5c72fc000088182f3631a9f538474c42
2018-12-20 13:46:08 -08:00
Remi NGUYEN VAN
354d5f27ff Merge "Add UID for network stack app" 2018-12-19 02:01:23 +00:00
Nick Kralevich
53842f8a90 relax /system/bin directory permissions
In commit f4fc922f0b, we tightened the
permissions on various bin directories. Please see
https://android-review.googlesource.com/c/platform/system/core/+/822955
for details.

This change causes the Chase banking app to crash. This is because
the Chase app is using inotify_add_watch() on the /system/bin directory
and not checking the return value.

The Android Security model guarantees the immutability of files in
/system/bin, so the inotify watch is unnecessary.

Until the Chase app fixes their bug, we need to relax the permissions on
the /system/bin directory. Conceptually, this is a partial revert of
f4fc922f0b.

Bug: 119605322
Test: compiles
Change-Id: Ic72dd24cb27cff677093963bdfd0ae09bf132e08
2018-12-13 10:56:33 -08:00
Tom Cherry
23319ebebf Start using new C++ Fstab class widely
Bug: 62292478
Test: boot
Test: adb-remount-test.sh

Change-Id: Id4715af4c1f03e2cfc67de92d3ea58e933685e51
2018-12-12 17:08:09 +00:00
Remi NGUYEN VAN
1129243abe Add UID for network stack app
Test: built, booted, verified app is started and has proper uid
Bug: b/112869080
Change-Id: I8a21613de825ede8832918d0ffa08c537b30704b
2018-12-12 10:55:38 +09:00
Mark Salyzyn
757658c78d fs_config: add product and product_services to the scanning.
Test: compile
Bug: 119310326
Change-Id: I67ba155e4a03731d402cdfcf06ca80ad0c4ab2ed
2018-12-06 22:14:14 +00:00
Daniel Mentz
41aa2c3703 Increase netlink uevent rcvbuf size to 16M
Increase size of the NETLINK_KOBJECT_UEVENT socket receive buffer to
16M.  Also, use SO_RCVBUFFORCE to override any limits set by
/proc/sys/net/core/rmem_max.

We had a couple of instances, where we lost critical uevent messages due
to receive buffer overflows.

Bug: 119933843
Change-Id: I6aab183aa0194e173f9175b47c6beb0835cf6675
2018-12-03 18:39:24 +00:00
Mark Salyzyn
9f1cf25332 switch to using android-base/file.h instead of android-base/test_utils.h
Test: compile
Bug: 119313545
Change-Id: I4f7ad84743e974b4b4d1d7256088f6c8b749a237
2018-11-14 09:35:34 -08:00
Nick Kralevich
f4fc922f0b Set bin directories to 0751
Currently, /system/bin, /system/xbin, /product/bin, and /vendor/bin
are 0755, which allows any process to iterate through those
directories and list out the contents. For the vast majority of
processes, this is unnecessary. They only need to know whether a
particular binary exists or doesn't exist, but they don't need to
know the other binaries within those directories.

Allowing this is particularly problematic for SELinux. In particular,
some third party Android applications try to examine every file in
the bin directories, generating SELinux audit noise along the
way. This audit noise makes it harder to see real bugs, and falsely
implies an architectural dependency between the application and random
files in directories like /system/bin.

This change removes the ability to list the contents of the various bin
directories, preventing random probing by such apps. The ability to
execute files, or to probe a specific file by name, remain unchanged.

Addresses SELinux denials similar to the following:
  avc: denied { getattr } for comm="Thread-11" path="/system/bin/atrace" dev="dm-0" ino=189 scontext=u:r:untrusted_app_27:s0:c512,c768 tcontext=u:object_r:atrace_exec:s0 tclass=file permissive=0 app=uk.co.santander.santanderUK
  avc: denied { getattr } for comm="Binder:26637_2" path="/system/bin/atrace" dev="dm-0" ino=168 scontext=u:r:untrusted_app_25:s0:c512,c768 tcontext=u:object_r:atrace_exec:s0 tclass=file permissive=0 app=com.tencent.mm
  avc: denied { getattr } for comm="Thread-12" path="/system/bin/apexd" dev="dm-0" ino=451 scontext=u:r:untrusted_app_27:s0:c512,c768 tcontext=u:object_r:apexd_exec:s0 tclass=file permissive=1 app=com.grppl.android.shell.CMBlloydsTSB73

Shell access to these directories continues to be allowed, to allow for
host-side CTS tests.

Also adjust the indentation of some clang directives, to make the
presubmit hooks happy.

Test: Device boots and no apparent problems.
Change-Id: Ibe75682fac1983d39f3f479a5850ab5a96f6627d
2018-11-11 11:29:10 -08:00
Peiyong Lin
126c19b6ec [GPU Service] Add independent AID for gpu service.
BUG: 118347356
Test: Build, flash and boot, `adb shell cmd gpuservice vkjson` to verify

Change-Id: Ic8c4154668d09b3dbfedf4a7c0dc376a01a9bde6
2018-11-06 12:52:01 -08:00
Elliott Hughes
396bf2109a libcutils: lose socket_peer_is_trusted to ART, the only user.
Bug: N/A
Test: builds
Change-Id: I599270729c2037b2c06d7906a5e5f7362fbbaf08
2018-10-25 13:24:08 -07:00
bohu
39ed7afe2b fs_mgr: fix incorrect parameter type
BUG: 117426573
Change-Id: Iffbdd3763dd19aa527bf805918a566477d122cfc
2018-10-09 10:49:44 -07:00
Igor Murashkin
4578129f86 android_filesystem_config add AID for iorapd
Add new AID for new binder native service (iorapd).

Bug: 72170747
Change-Id: I81facb3f22e1162dc49329b970532287833fcecd
2018-10-05 16:26:28 -07:00
David Pursell
6fd4b9b6b5 libcutils test: make set_sched_policy optional
set_sched_policy checks that operations related to the kernel config
CONFIG_CGROUP_SCHEDTUNE are working properly, but this config is not
required so devices without this were failing the test.

This CL splits set_sched_policy into two tests so that the policy and
timerslack tests can be skipped individually when devices don't support
them.

Bug: 113185515, 112550681
Test: libcutils_test{32,64} now pass on aosp_x86_64 emulator
Change-Id: I31638b61e033f0c96b63428a8d27d27dbc36bce3
2018-08-28 13:26:04 -07:00
Dario Freni
ab5583b585 s/product-services/product_services/g
Attempting to reduce the number of different spellings we have for
"product services" partition in the codebase.

Bug: 112431447
Test: m
Change-Id: I1a87d7e040a8b1f91f973ac7d90d6360b5b54f71
Merged-In: I1a87d7e040a8b1f91f973ac7d90d6360b5b54f71
2018-08-20 17:46:42 +00:00
Dario Freni
4fa866a467 Add support for /product-services partition.
This CL is largely and adaptation of
Ie996def20e25dc1afe0c74af2096af844934b2dc

Bug: 80741439
Test: Successfully built product-services.img with one module in it, and
flashed on device. Also successfully built image with
/system/product-services and no dedicated /product-services partition.
Change-Id: I1046dfe19bf874da929c9131b76a1f85422fbb80
2018-07-23 16:14:36 +01:00
Joel Fernandes
70aa2a3475 Merge "libcutils: ashmem: Avoid doing fd checks for ashmem calls"
am: 5fd5be33e6

Change-Id: Ieed029cda8a99e528c2297005122b898452ab3d9
2018-07-17 19:28:23 -07:00
Joel Fernandes
5fd5be33e6 Merge "libcutils: ashmem: Avoid doing fd checks for ashmem calls" 2018-07-18 02:14:54 +00:00
Joel Fernandes
56cd651e7a libcutils: ashmem: Avoid doing fd checks for ashmem calls
Callers already verify that they are calling ashmem API on a valid fd by
calling ashmem_valid first. Lets make the fstat syscall only if the
ioctl returns -ENOTTY. This means in the regular case, only 1 syscall is
needed (ioctl) vs the current 2 (fstat+ioctl).

Some data to show improvements in reduction of vfs_getattr calls in the
kernel by 10x when doing a camera.

Test: Boot and camera CTS
Bug: 111418894
Change-Id: I992620bbe44355e54ba19eeac81da586c5e5a6e0
Signed-off-by: Joel Fernandes <joelaf@google.com>
2018-07-17 17:02:44 -07:00
Yi Kong
f2b4259b93 Merge "libcutils: remove rather than fix the mutex."
am: 39e7a1c981

Change-Id: Ie1084574143f2d1e4b4995f7682948b77b5334b6
2018-07-14 14:27:25 -07:00
Yi Kong
39e7a1c981 Merge "libcutils: remove rather than fix the mutex." 2018-07-14 21:18:54 +00:00
Elliott Hughes
51a2cacbb9 libcutils: remove rather than fix the mutex.
Bug: 68236239
Test: ran tests
Change-Id: I53e47f99e6963bedcb0be30cf10c9187da8a047d
2018-07-13 14:53:51 -07:00
Elliott Hughes
1ecedeb0c1 Merge "cutils: move hashmap to <pthread.h>."
am: dda5fe46ac

Change-Id: I925212825eb6b91074bf519e532125953c5eb1f1
2018-07-13 13:10:57 -07:00
Elliott Hughes
9d12725cad cutils: move hashmap to <pthread.h>.
Bug: N/A
Test: builds
Change-Id: I16a470265a17ea5bd47ef76ec234907cf7ec3e4f
2018-07-13 10:54:49 -07:00
Elliott Hughes
0ba4aed7ec Merge "libcutils: remove unused open_memstream."
am: df398f2b67

Change-Id: I8b19f94b4c9e689dbd72d70fa6bd28d6c003a205
2018-07-12 09:14:25 -07:00
Elliott Hughes
bf7909a521 Merge "libcutils: remove some unused API."
am: fc567a9b95

Change-Id: I114ea3f267f240ae54668807e75d077cd09228fa
2018-07-12 09:13:53 -07:00
Elliott Hughes
df398f2b67 Merge "libcutils: remove unused open_memstream." 2018-07-12 16:07:04 +00:00
Elliott Hughes
c35d4a5213 libcutils: remove unused open_memstream.
Bug: N/A
Test: builds
Change-Id: I3c2d8acd4dfe42fbe883b14501cd47674d84f431
2018-07-11 14:28:21 -07:00
Elliott Hughes
721e3ebf55 libcutils: remove some unused API.
Bug: N/A
Test: builds
Change-Id: Iabe42353a708afde2611b5c642775849e2e45baa
2018-07-11 14:27:32 -07:00
Bernie Innocenti
d540d5630c Merge "libcutils: Simplify android_get_control_socket()"
am: 5f70ed6ee1

Change-Id: I2d4b953241ee3ba62f6bbac2edd6a3c589864a90
2018-06-28 04:15:14 -07:00
Treehugger Robot
5f70ed6ee1 Merge "libcutils: Simplify android_get_control_socket()" 2018-06-28 11:01:44 +00:00
Elliott Hughes
fdd7062e09 Merge "libcutils: add OWNERS."
am: cd7244100b

Change-Id: I76a7d21a1387cc3cab77dfe95c42674dd1c0bac0
2018-06-12 15:50:18 -07:00
Treehugger Robot
cd7244100b Merge "libcutils: add OWNERS." 2018-06-12 22:46:28 +00:00
Luis Hector Chavez
bfe1835d82 Merge "bootstat: Remove the CAP_SYSLOG capability"
am: cefd4e56ad

Change-Id: I0a0627228434d0284b4f535942c97121d9773e14
2018-06-12 15:00:42 -07:00
Luis Hector Chavez
3276b57542 Merge "logd: Move the capabilities from file based to ambient"
am: 28cd2a02b1

Change-Id: Iaef160d039cf995f8dae104f122208660cc27985
2018-06-12 14:59:57 -07:00
Elliott Hughes
796eb71e9c libcutils: add OWNERS.
Bug: N/A
Test: N/A
Change-Id: Ia147e1dc9511810cd86a463861db3d3d7fedab9b
2018-06-12 13:58:30 -07:00
Luis Hector Chavez
0becca32bc bootstat: Remove the CAP_SYSLOG capability
This change removes the CAP_SYSLOG file based capability from bootstat,
since the intention is that it should not be accessing the logs in the
long term. In order to avoid bitrot, the fallback code that depends on
CAP_SYSLOG has also been removed.

Bug: 62845925
Test: system/core/bootstat/boot_reason_test.sh
Change-Id: I899be44ef3ac1c4d81072f801d55c928ae09bb15
2018-06-11 12:41:24 -07:00
Luis Hector Chavez
d32c36c961 logd: Move the capabilities from file based to ambient
This change moves logd's capabilities from being file based to being set
by init through ambient capabilities.

Bug: 62845925
Test: sailfish:/ # grep Cap /proc/`pidof logd`/status
      CapInh: 0000000000000000
      CapPrm: 0000000440000000
      CapEff: 0000000440000000
      CapBnd: 0000000440000040
      CapAmb: 0000000000000000
      $ capsh --decode=0x440000040
      0x440000040=cap_setgid,cap_audit_control,cap_syslog
Test: liblog-unit-tests, logd-unit-tests, logcat-unit-tests
Change-Id: I28c7c4ad37ad5eafd399aef78c303ce31298a9ef
2018-06-11 10:04:11 -07:00
Inseob Kim
cf5e8f1575 Merge "Support /product/bin" am: 36b61f061d
am: 931e0f268a

Change-Id: If507c7206c6e1c43e0fe5a6af411250b7879e2e3
2018-05-31 20:09:45 -07:00
Inseob Kim
25195daaca Support /product/bin
Bug: 80422611
Test: m -j succeeded and permissions of files under /product/bin are set
correctly

Change-Id: I83377d809c47c92da6b226d2853ea6a7462fb127
2018-06-01 08:33:04 +09:00
Bernie Innocenti
4351bb05ad libcutils: Simplify android_get_control_socket()
1. TEMP_FAILURE_RETRY() isn't necessary with getsockname() because
it's a synchronous syscall.

2. There's no need to allocate and free a temporary buffer for the
full pathname of the socket.

Test: Manually, as follows:
    - added temporary ALOG output
    - flashed and booted a device
    - checked expected output from all system daemons
    - removed log statements

Change-Id: I4550a2d67fdffe6aff3c1050f8eeeaca0f985fb3
2018-05-28 15:00:50 +09:00
Jiyong Park
dfe433db47 Merge "Mark as recovery_available: true" am: 9f6f8bf0dc
am: d7fece5d91

Change-Id: Id59445da13aeef13784f04daebc8a96a7d506cbb
2018-05-21 22:32:36 -07:00
Jiyong Park
612210c75b Mark as recovery_available: true
Libraries that are direct or indirect dependencies of modules installed
to recovery partition (e.g. toybox) are marked as recovery_available:
true. This allows a recovery variant of the lib is created when it is
depended by other recovery or recovery_available modules.

Bug: 67916654
Bug: 64960723
Test: m -j
Change-Id: Ie59155c08890e96ce1893fa3687afcf763d7aea3
2018-05-15 09:47:04 +09:00
Gwendal Grignou
b7f78ee89c Merge "allow config/sdcardfs directory to be seen for ARC++" into pi-dev
am: 232ce729f5

Change-Id: Idcd13df25a17e91b4395d3672ce52f9e24f400af
2018-05-10 18:41:50 -07:00
Gwendal Grignou
232ce729f5 Merge "allow config/sdcardfs directory to be seen for ARC++" into pi-dev 2018-05-11 01:36:14 +00:00
Logan Chien
94223374c8 libctuils: Exclude qtaguid.cpp from VNDK-SP variant
This commit excludes `qtaguid.cpp` from the VNDK-SP variant of
`libcutils.so` because the interface of `libnetd_client.so` may vary
between AOSP releases.

Besides, these functions don't work in vendor processes either because
VNDK-SP libraries are loaded in an isolated `vndk` linker namespace,
which cannot access `/system/lib[64]/libnetd_client.so` directly.  This
change makes it easier to spot the issue at build time and saves several
bytes.

Test: Build aosp_walleye-userdebug and
/system/lib[64]/vndk-sp-$VER/libctuils.so no longer exports qtaguid_*
functions.

Bug: 79329469
Change-Id: Idf6b60f6e58371ea320193641669d1e4412d62b8
Merged-In: Idf6b60f6e58371ea320193641669d1e4412d62b8
(cherry picked from commit 25b742c627)
2018-05-09 10:16:12 +08:00
Logan Chien
bb783998ce Merge "libctuils: Exclude qtaguid.cpp from VNDK-SP variant" 2018-05-09 01:56:00 +00:00
Gwendal Grignou
8526413941 allow config/sdcardfs directory to be seen for ARC++
Normally, the whole configfs is mounted on /config and /config will be
word readable:

sailfish:/ $ ls -ld /config/*
drwxrwx--- 258 system package_info 0 2018-05-08 16:08 /config/sdcardfs
sailfish:/ $ ls -ld /config/
drwxr-xr-x 3 root root 0 1969-12-31 16:00 /config/

On ARC++, we only mount-bind config/sdcardfs, so it is important that
/config is set properly.

It is actually 0500, so system could not see /config/sdcardfs, even if
/config/sdcardfs is set properly:
Although root can, as system uid, we can not reach /config/sdcardfs:
:/ $ ls -ld /config
dr-x------ 3 root root 31 2018-05-02 21:56 /config
:/ $ ls -ld /config/sdcardfs
ls: /config/sdcardfs: Permission denied

With this change, system (and systemservice) is able to reach
/config/sdcardfs:
:/ $ ls -ld /config
dr-xr-xr-x 3 root root 31 2018-05-02 21:56 /config
:/ $ ls -ld /config/sdcardfs
drwxrwx--- 109 system package_info 0 2018-05-08 15:29 /config/sdcardfs

Bug: 63876697
Test: After change, package service is able to create the bindings in
/config/sdcardfs.

Change-Id: I7e9b99d7af2ad001fbb1b95bee35d494e861be78
Signed-off-by: Gwendal Grignou <gwendal@google.com>
2018-05-08 16:18:48 -07:00
Elliott Hughes
23b98f492b Remove more bogus <stdbool.h> #includes from C++.
Bug: N/A
Test: builds
Change-Id: I794cd28667c6c65b38940d8f443315ad116b7ac3
2018-05-08 13:00:06 -07:00