Commit graph

14 commits

Author SHA1 Message Date
Riddle Hsu
a6abd821d5 Allow to drop existing fd cache of cgroup path
A process can give up the permission to set cgroup. If we still
keep the fd that was cached before losing the permission, when
the process sets scheduling group, it will write to the cached
fd without checking if is accessible and lead to sepolicy denied.

Bug: 123043091
Test: Build and boot.
Test: A new process from zygote set cgroup and drop fd cache, and
      then specializes to app domain. There is no sepolicy denied
      when the process creates new thread.
      (android::thread_data_t::trampoline)

Change-Id: I285ee91424ea965ea9c670fc0f6662948e3e2ce5
2019-06-18 15:53:53 +08:00
mtk16036
53f79e6861 race condition in libprocessgroup
while enable fdsan (file descriptor sanitizer),
fdsan report use-after-close error after boot complete (sedom).

Because, in SetCgroupAction::EnableResourceCaching() currently has a data race against all the
use fd_ functions like SetCgroupAction::ExecuteForProcess(uid_t uid, pid_t pid) etc.

ThreadA                                     | ThreadB
-------------------------------------------------------------------------------------------------
in SetCgroupAction::EnableResourceCaching() | in SetCgroupAction::ExecuteForProcess(...)
-------------------------------------------------------------------------------------------------
                                            | in SetCgroupAction::AddTidToCgroup(int tid, int fd)
-------------------------------------------------------------------------------------------------
fd_ = std::move(fd); /*modified fd_ value*/ |
-------------------------------------------------------------------------------------------------
                                            | write(fd)  /* crash here, fd is closed by ThreadA*/
-------------------------------------------------------------------------------------------------

So, add mutex lock to protect fd_ data race.

Bug: 134120826
Test: auto test, run the adb reboot test 100 times and no fdsan error report on libprocessgroup
Change-Id: Iccf2f705e030f79324f1164509e715dc5be825de
2019-06-11 10:52:25 -07:00
Suren Baghdasaryan
8a315d2a3e Re-enable file descriptor caching and add option to skip caching
This reverts commit bee9f5718b
"libprocessgroup: Disable file descriptor caching temporarily" and adds
option to use SetTaskProfiles and SetProcessProfiles without file caching.
This option is used from JNI to avoid access denials because cached files
are not whitelisted for JNI usage.

Bug: 123868658
Bug: 123043091
Test: boot using svelte target
Change-Id: I76b9d6af8a1dd4464cb3cf3e6dc327980efdf361
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
2019-04-20 00:11:21 +00:00
Yifan Hong
53e0deb7b2 libprocessgroup: use libcgrouprc to read cgroup.rc
Use the LL-NDK library to read cgroup.rc.

As a side-effect, the CgroupController class is changed
to a wrapper of ACgroupController* from the library. The
class itself essentially becomes the pointer, and can be
trivially copied. Modify all client code for this change.

Test: builds and boots
Bug: 123664216

Change-Id: I635d9885db62e82f37421f6d20f59c84a6f4cbb2
Merged-In: I635d9885db62e82f37421f6d20f59c84a6f4cbb2
2019-04-02 22:31:57 -07:00
Peter Collingbourne
dba6d44376 libprocessgroup: Deliberately leak TaskProfiles and CgroupMap instances.
This avoids a race between destruction on process exit and concurrent
access from another thread.

Bug: 129023204
Change-Id: Iecafa67a78e2cce53687156e7f91547b4a23ec13
2019-03-21 17:00:48 +00:00
Elliott Hughes
08b4d32139 libprocessgroup: PLOG already includes strerror(errno).
Test: builds
Change-Id: Ic1fe6b46144f7dbeb7ffba5534d94b4dae192d5c
2019-03-14 20:06:36 -07:00
Wei Wang
d71d30179c Set cg_file_data_ to null when initialization failed
Cannot really do calls if initialization failed.
Also fix LOG usage.

But: 124774415
Test: Build
Change-Id: Ifd7db90cfee51ba5830e1d4db8f8d19b5bc9feba
2019-03-08 10:18:06 -08:00
Suren Baghdasaryan
e681df44eb libprocessgroup: convert Json::Value to const refs
Convert Json::Value to const refs to prevent creation of a null member
if specified element does not exist. Fix variable naming in the parser
while we are at it.

Change-Id: I7dabfd1c73983b465984dd6c411c9fe48743a348
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
2019-03-01 00:29:49 +00:00
Suren Baghdasaryan
05da67c390 Add vendor cgroups and task_profiles support
Vendors should be able to specify additional cgroups and task profiles
without changing system files. Add support for /vendor/etc/cgroups.json
and /vendor/etc/task_profiles.json files which will augment cgroups and
task profiles specified in /etc/cgroups.json and /etc/task_profiles.json
system files.

Bug: 124960615
Change-Id: I548c2e866b65c19856a3617d75b75dcd06f7d5b7
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
2019-03-01 00:29:37 +00:00
Wei Wang
1770566de6 Fix string reference usage
Bug: 124774415
Test: Build
Change-Id: Ic0e5ee4f3375c2fa21fbc2ce3796b7368e9e289c
2019-02-27 06:04:13 +00:00
Suren Baghdasaryan
2bc522878d Suppress error log when timerslack_ns write fails for already dead process
lmkd uses set_sched_priority to expedite killing of its victims and this
sometimes results in timerslack_ns writes for an process which is already
dead. These messages are detrimental during troubleshooting and do not
indicate a real problem, therefore need to be suppressed.

Bug: 124324891
Test: lmkd_unit_test

Change-Id: I5bc071b47d386c279dd9a56eee51dba7797f4520
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
2019-02-14 03:51:17 +00:00
Suren Baghdasaryan
bee9f5718b libprocessgroup: Disable file descriptor caching temporarily
File descriptor caching breaks boot on Android Go and Svelte targets.
Disable it temporarily to fix the builds and investigate the root cause
further.

Bug: 123868658
Test: Android Go device boots after this change

Change-Id: Idd0209029cde8454ea99b9de030f7a317c2988d7
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
2019-02-06 02:15:37 +00:00
Suren Baghdasaryan
eca87cb9ca Fix non-Android build targets
Non-Android build targets are missing sys/prctl.h header and functionality
should be disabled for them like it was done previously inside
sched_policy.cpp. Also make the set_sched_policy/get_sched_policy
functionality backward compatible by creating stubs for non-Android
targets.

Bug: 111307099
Test: built sdk_gphone_x86-sdk_addon_mac target using forrest

Change-Id: I1c195267e287a84a21c588bd61d7c452bff6cfbe
Merged-In: I1c195267e287a84a21c588bd61d7c452bff6cfbe
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
2019-02-03 16:49:28 +00:00
Suren Baghdasaryan
82b72a5667 libprocessgroup: Add support for task profiles
Abstract usage of cgroups into task profiles that allows for changes
in cgroup hierarchy and version without affecting framework codebase.
Rework current processgroup and sched_policy API function implementations
to use task profiles instead of hardcoded paths and attributes.
Mount cgroups using information from cgroups.json rather than from init.rc

Exempt-From-Owner-Approval: already approved in internal master

Bug: 111307099
Test: builds, boots

Change-Id: If5532d6dc570add825cebd5b5148e00c7d688e32
Merged-In: If5532d6dc570add825cebd5b5148e00c7d688e32
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
2019-02-03 16:48:35 +00:00