Add a new ashmem_init function that only dlopens libashmemd_client.
This allows the library to be preloaded in the zygote.
Test: boots, works
Bug: 129543489
Change-Id: Ie106791edf381654f085203c266c9f9c0df35cfc
Use the LL-NDK library to read cgroup.rc.
As a side-effect, the CgroupController class is changed
to a wrapper of ACgroupController* from the library. The
class itself essentially becomes the pointer, and can be
trivially copied. Modify all client code for this change.
Test: builds and boots
Bug: 123664216
Change-Id: I635d9885db62e82f37421f6d20f59c84a6f4cbb2
Merged-In: I635d9885db62e82f37421f6d20f59c84a6f4cbb2
Hex literals have the type of the first type they fit in. The reboot
constants are large enough that that's `unsigned` rather than `int`.
Bug: http://b/76110968
Test: treehugger
Change-Id: Iac4fe61d1fe572297febf0b57e34d698942469f9
It appears Chase has fixed their app, so we no longer need to keep these
permissions relaxed.
This reverts commit 53842f8a90.
Bug: 119605322
Test: compiles and boots
Change-Id: Iba5e9ecd685eb386997a5e92638b8a1b5943ad4b
Having shared host libraries allows libraries depending on these to use
'shared_libs' for these. This simplifies configurations since these
libraries don't have to specify 'shared_libs' on all non-host targets.
Bug: 124524556
Test: build only
Change-Id: I09fb4a4fb66ea0a87cb76b1e6f400c537a11f082
If the path to android_get_control_file is a symlink, the final sanity
check will fail that the fd does not have the same path as the given
file. We can't expect callers to readlink() because this would change
the environment key. Instead, try to call realpath on both paths.
Bug: 126233777
Test: lpdump
Change-Id: I0df10d7dbe3e572b8335faad812e5cd80bff1733
Remove a superfluous check in fs_mgr, since those return values are
already impossible for a non-debuggable build. Replace a one time
call to __android_log_is_debuggable(), since there's no reason to
cache the value or use this symbol.
Test: build
Change-Id: Icd4bef7b616c49d304303747388d7e3018c6fcfc
Move tests in the same directory as the corresponding code, so it's
easier to see what is/isn't tested.
Fix naming of libcutils_tests (plural) to match the singular that's more
common (even though the plural makes more sense to me).
Add these two to system/core/'s TEST_MAPPING.
Remove obsolete AndroidTest.xml.
Fix a flaky (timing-dependent) libcutils test.
Test: ran tests
Change-Id: I7e0a31ff45c8a152562bf66fc97161594249366e
This patch adds support to make libcutils create and use memfd where
possible, instead of ashmem.
The libcutils library is made dynamic, since apps are still sending over
ashmem FDs to processes and we are working on moving those apps away
from ashmem. The best we can do for that is make the library work, and
force apps in the long run to move away from directly using ashmem.
Due to further complications mentioned in the 'NOTE' section of the
patch, memfd is kept disabled for now, so nothing changes yet. To enable
it, set the sys.use_memfd property (check user_debug build).
Bug: 113362644
Change-Id: I491cb7841b664db5b1c26b3e07a440a14810e182
Signed-off-by: Joel Fernandes <joelaf@google.com>
If libcutils is not a VNDK version and /dev/ashmem is not available,
then ask ashmemd for opened fd to /dev/ashmem.
We rely on SELinux policy to determine what's allowed to open
/dev/ashmem directly.
Bug: 113362644
Test: device boots (in selinux permissive mode)
Change-Id: I93c4fa6044b0bfa5282097c6c32139a8d8f67deb
Abstract usage of cgroups into task profiles that allows for changes
in cgroup hierarchy and version without affecting framework codebase.
Rework current processgroup and sched_policy API function implementations
to use task profiles instead of hardcoded paths and attributes.
Mount cgroups using information from cgroups.json rather than from init.rc
Exempt-From-Owner-Approval: already approved in internal master
Bug: 111307099
Test: builds, boots
Change-Id: If5532d6dc570add825cebd5b5148e00c7d688e32
Merged-In: If5532d6dc570add825cebd5b5148e00c7d688e32
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
When TARGET_FLATTEN_APEX is set to true, the APEXes are flattened
directly under /system/apex/<name>. Among them the runtime APEX carries
binaries such as linker, dex2oat and they need to be configured to be
executable.
Bug: 123684826
Test: Marlin/sailfish boots to the UI
Change-Id: I8ebe9dc4341410ff91ca2cb7cf95e21b0829c008
This reverts commit b5394db682.
Reason for revert: AOSP is fixed with new vendor image
Change-Id: Ie1a2e0200600214a65f4fe2250c903c8e8ce0a29
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Also add simpleperf_app_runner in shell utilities.
Bug: 118835348
Test: build and boot.
Test: run simpleperf_app_runner manually.
Change-Id: I538503dabfa8ff192f4b3029206a62613eacdf32
Introduce a new systrace tag, TRACE_TAG_RRO, for use with runtime
resource overlay.
Bug: 119761810
Test: builds
Merged-In: I7b883d107a9ae2b12bbda04b74001a68e2a904aa
Change-Id: I7b883d107a9ae2b12bbda04b74001a68e2a904aa
The header contained inline functions that called unimplemented code on
Windows. Enable building the implementations.
Bug: none
Test: make -j 50 checkbuild
Change-Id: I11b39e6f5c72fc000088182f3631a9f538474c42
In commit f4fc922f0b, we tightened the
permissions on various bin directories. Please see
https://android-review.googlesource.com/c/platform/system/core/+/822955
for details.
This change causes the Chase banking app to crash. This is because
the Chase app is using inotify_add_watch() on the /system/bin directory
and not checking the return value.
The Android Security model guarantees the immutability of files in
/system/bin, so the inotify watch is unnecessary.
Until the Chase app fixes their bug, we need to relax the permissions on
the /system/bin directory. Conceptually, this is a partial revert of
f4fc922f0b.
Bug: 119605322
Test: compiles
Change-Id: Ic72dd24cb27cff677093963bdfd0ae09bf132e08
Increase size of the NETLINK_KOBJECT_UEVENT socket receive buffer to
16M. Also, use SO_RCVBUFFORCE to override any limits set by
/proc/sys/net/core/rmem_max.
We had a couple of instances, where we lost critical uevent messages due
to receive buffer overflows.
Bug: 119933843
Change-Id: I6aab183aa0194e173f9175b47c6beb0835cf6675
Currently, /system/bin, /system/xbin, /product/bin, and /vendor/bin
are 0755, which allows any process to iterate through those
directories and list out the contents. For the vast majority of
processes, this is unnecessary. They only need to know whether a
particular binary exists or doesn't exist, but they don't need to
know the other binaries within those directories.
Allowing this is particularly problematic for SELinux. In particular,
some third party Android applications try to examine every file in
the bin directories, generating SELinux audit noise along the
way. This audit noise makes it harder to see real bugs, and falsely
implies an architectural dependency between the application and random
files in directories like /system/bin.
This change removes the ability to list the contents of the various bin
directories, preventing random probing by such apps. The ability to
execute files, or to probe a specific file by name, remain unchanged.
Addresses SELinux denials similar to the following:
avc: denied { getattr } for comm="Thread-11" path="/system/bin/atrace" dev="dm-0" ino=189 scontext=u:r:untrusted_app_27:s0:c512,c768 tcontext=u:object_r:atrace_exec:s0 tclass=file permissive=0 app=uk.co.santander.santanderUK
avc: denied { getattr } for comm="Binder:26637_2" path="/system/bin/atrace" dev="dm-0" ino=168 scontext=u:r:untrusted_app_25:s0:c512,c768 tcontext=u:object_r:atrace_exec:s0 tclass=file permissive=0 app=com.tencent.mm
avc: denied { getattr } for comm="Thread-12" path="/system/bin/apexd" dev="dm-0" ino=451 scontext=u:r:untrusted_app_27:s0:c512,c768 tcontext=u:object_r:apexd_exec:s0 tclass=file permissive=1 app=com.grppl.android.shell.CMBlloydsTSB73
Shell access to these directories continues to be allowed, to allow for
host-side CTS tests.
Also adjust the indentation of some clang directives, to make the
presubmit hooks happy.
Test: Device boots and no apparent problems.
Change-Id: Ibe75682fac1983d39f3f479a5850ab5a96f6627d
set_sched_policy checks that operations related to the kernel config
CONFIG_CGROUP_SCHEDTUNE are working properly, but this config is not
required so devices without this were failing the test.
This CL splits set_sched_policy into two tests so that the policy and
timerslack tests can be skipped individually when devices don't support
them.
Bug: 113185515, 112550681
Test: libcutils_test{32,64} now pass on aosp_x86_64 emulator
Change-Id: I31638b61e033f0c96b63428a8d27d27dbc36bce3
Attempting to reduce the number of different spellings we have for
"product services" partition in the codebase.
Bug: 112431447
Test: m
Change-Id: I1a87d7e040a8b1f91f973ac7d90d6360b5b54f71
Merged-In: I1a87d7e040a8b1f91f973ac7d90d6360b5b54f71
This CL is largely and adaptation of
Ie996def20e25dc1afe0c74af2096af844934b2dc
Bug: 80741439
Test: Successfully built product-services.img with one module in it, and
flashed on device. Also successfully built image with
/system/product-services and no dedicated /product-services partition.
Change-Id: I1046dfe19bf874da929c9131b76a1f85422fbb80
Callers already verify that they are calling ashmem API on a valid fd by
calling ashmem_valid first. Lets make the fstat syscall only if the
ioctl returns -ENOTTY. This means in the regular case, only 1 syscall is
needed (ioctl) vs the current 2 (fstat+ioctl).
Some data to show improvements in reduction of vfs_getattr calls in the
kernel by 10x when doing a camera.
Test: Boot and camera CTS
Bug: 111418894
Change-Id: I992620bbe44355e54ba19eeac81da586c5e5a6e0
Signed-off-by: Joel Fernandes <joelaf@google.com>