- Neuter SOCK_NONBLOCK and SOCK_CLOEXEC if they are not defined.
- F_SETFL O_NONBLOCK after socket() call.
- Correct environment reference (we recently changed handler to
replace non-ascii and non-numericals with '_' for env tag).
Test: libcutils_test32 --gtest_filter=SocketsTest.android_get_control_socket
Bug: 32450474
Change-Id: I409a8c2c78e5f057af5fd6251cbd8657018be22b
Add CAP_SYSLOG, CAP_AUDIT_CONTROL and CAP_SETGID, set
uid and gid to AID_LOGD, and permissions user and group
read and execute only.
Fix up indents for in table for clarity.
Test: gTest logd-unit-tests, liblog-unit-tests and logcat-unit-tests
Manually inspect owner and group for /system/bin/logd
Bug: 32450474
Change-Id: I5183ab200dbcd13efb0727cb91db5b12018ae804
Solve one more issue where privilege is required to open a file and
we do not want to grant such to the service. This is the client side
of the picture, init is the server. The file's descriptor was placed
into the environment as "ANDROID_FILE_<path>" where non-alpha and
non-numeric characters in the <path> are replaced with _ and this
function picks the file descriptor up.
Added definition ANDROID_FILE_ENV_PREFIX ("ANDROID_FILE_") and
android_get_control_file() prototype in a new include <cutils/files.h>
android_get_control_file() checks if the resulting file descriptor is
valid, open and matches the name reference, which on purpose will fail
if a symbolic link is in the path rather than using a fully qualified
path. Add gTest unit test for both.
Test: gTest libcutils_test --gtest_filter=FileTest.android_get_control_file
Bug: 32450474
Change-Id: I2d0310a1727f1e393a00d9fc7e6cf5d028f27905
android_get_control_socket() checks if the resulting file descriptor
is valid, open and matches the socket bound name reference, which on
purpose will fail if a symbolic link is in the path rather than using
a fully qualified path. If there are any non-alpha and non-numeric
characters in the name, they are replaced with _. Add unit test.
Test: gTest libcutils_test --gtest_filter=SocketTest.android_get_control_socket
Bug: 32450474
Change-Id: I27a6419012033ef8bd6ca04f3e479d01264d8c49
The webview_zygote is a non-root zygote process that creates isolated_app
children for rendering web content. It needs:
- CAP_SETUID and CAP_SETGID to change the UID of the new child process.
- CAP_SETPCAP to clear the capability bounding set after forking.
Test: m
Test: angler boots
Bug: 21643067
Change-Id: I986fa04be54e812f5dd2afa14e5d2d3e474e2b10
Add netlink permissions for the new wifi HAL daemon name.
Bug: 31821133
Test: Compiled and ensured that the permission denials are no longer
present in logs.
Change-Id: If939df4760d9f7e85f0f134617d3a79030e09347
Point to log/log.h where necessary, define LOG_TAG where necessary.
Accept that private/android_logger.h is suitable replacement for
log/logger.h and android/log.h.
Correct liblog/README
Effectively a cleanup and controlled select revert of
'system/core: drop or replace log/logger.h' and
'system/core: Replace log/log.h with android/log.h'.
Test: compile
Bug: 30465923
Change-Id: Ic2ad157bad6f5efe2c6af293a73bb753300b17a2
* changes:
fs_mgr: use __android_log_is_debuggable()
adb: use __android_log_is_debuggable()
debuggerd: use __android_log_is_debuggable()
logd: use __android_log_is_debuggable()
libcutils: use __android_log_is_debuggable()
Test: manual - make sure it works in both IPv4/IPv6 env.
BUG: 31537253
Change-Id: Ica492bff34a8c0441516a213d0e8b78fcdfd3282
Signed-off-by: Tao Wu <lepton@google.com>
HIDL requires file descriptors to be wrapped in native_handle_t. We want
a low overhead way to do that when the number of file descriptors is known
at compile time. Instead of
// wrap an fd in native_handle_t
native_handle_t* fd_handle = native_handle_create(1, 0);
if (!fd_handle) {
// clean up and return error
}
fd_handle->data[0] = fd;
hidl_cb(..., fd_handle);
native_handle_delete(fd_handle);
this change adds native_handle_init to allow for
// wrap an fd in native_handle_t
NATIVE_HANDLE_DECLARE_STORAGE(fd_storage, 1, 0);
native_handle_t* fd_handle = native_handle_init(fd_storage, 1, 0);
fd_handle->data[0] = fd;
hidl_cb(..., fd_handle);
Test: make libcutils
Bug: 32021609
Change-Id: If1fd07482243d37492fdea57c602a1b13c8953cc
Should use android/log.h instead of log/log.h as a good example
to all others. Adjust header order to comply with Android Coding
standards.
Test: Compile
Bug: 26552300
Bug: 31289077
Change-Id: I33a8fb4e754d2dc4754d335660c450e0a67190fc
Replace references to cutils/log.h and log/log.h with android/log.h.
Point cutils/log.h to android/log.h. Adjust header order to comply
with Android Coding standards.
Test: Compile
Bug: 26552300
Bug: 31289077
Change-Id: I4b00c0dff3a0a50cbb54301fdc5a6c29c21dab65
libhwbinder's Parcel::readNativeHandleNoDup returns a temporary
native_handle_t. We want a way to save the temporary handle for later
use.
Change-Id: I16f32043aa8b7d2c0aa57d67551500259b411410
android_get_control_socket has a warning from the implicit cast from
long to int. The warning was being hidden because cutils/sockets.h was
included with -isystem. Move android_get_control_socket to sockets.cpp,
since we don't want header only dependencies anyways, and fix the
warning with a range check and a static_cast.
Bug: 31492149
Test: m -j <module that uses sockets.h and -Wall>
Change-Id: I1f394ab26d4ec8a7dd0e7907c10416d7f8647624
Now it always connects to multiple address of same host and just
return one socket while other sockets get leaked.
Also, it cause trouble on machine with dual stack.
adb connect localhost:* just connect to IPv4 and IPv6 at same time
and finally it doesn't work since emulator can only handle one adb
connection.
To test this, start an emulator with non-standar port and killall adb
daemon on linux work station and then do following test.
Test: adb connect localhost:12345;lsof -n -p `pgrep adb`
Change-Id: I1e0f6824efc1db8e179377de068e3b5535aff3f7
system/core/include is included in the global include path using
-isystem, which hides all warnings. cutils/trace.h has an ignored
return value warning, move the implementation to trace-dev.c so it
doesn't cause warnings in every module that includes it in preparation
for moving from -isystem to -I.
Test: m -j native
Bug: 31492149
Change-Id: If8b3fe13059c9e59c2d5208294d427d84fa6e588
Test: CL only adds tests. Ran them to confirm they pass.
Change-Id: Iccc3edaeeabff27f23b3786c3d40b2eb5b02dc83
Signed-off-by: Connor O'Brien <connoro@google.com>
Bug: 30041118
Change-Id: I14d1fd601fc4bce12c563a2004e91bd8ba0f42c3
Test: hostapd can start as the wifi user with these capabilities.
(cherry picked from commit 2502490178)
(cherry picked from commit a76088362e)
If a connection fails to an address that resolves to multiple
sockaddrs, attempt connecting to subsequent addresses if the initial
connection fails to a reason other than timeout. This is primarily
useful for localhost, which can resolve to both an IPv4 and and IPv6
address.
Also, add an adb test to verify that this behavior.
Bug: http://b/30313466
Change-Id: Ib2df706a66cf6ef8c1097fdfd7aedb69b8df2d6e
Test: python test_adb.py (+ the test fails before this patch)
Fixes a bug where USE_CPUSET used access(F_OK)
as a sign that it should try writing to the cpuset
path. It needs to instead use access(W_OK) to
ensure that it has write access as that's what
it would try to open() with.
And stop trying to repeatedly open a file that
doesn't exist.
Change-Id: Ib391ee6f08345051c48a986a732eda30143cb614
Bug: 30041118
Change-Id: I14d1fd601fc4bce12c563a2004e91bd8ba0f42c3
Test: hostapd can start as the wifi user with these capabilities.
(cherry picked from commit 2502490178)
This is broken on all devices other than N9, and has no real path to fixing
it because there are so many different values already in use (41, 43, 47,
127), with no way to tell which you should use on any given device.
Bug: http://b/30597190
Change-Id: I07eeaaf6f5dc03c5532ffbfbb85ef2ad750206a0
The PR_SET_TIMERSLACK_PID number has collided with upstream
changes a number of times, and thus the number is not consistent
between AOSP common kernel versions.
In 4.6+, the upstream kernel added equivalent functionaity via
the /proc/<tid>/timerslack_ns entry.
This patch changes the sched_policy logic to support
/proc/<tid>/timerslack_ns if its available, falling back to the
older PR_SET_TIMERSLACK_PID method if not.
NOTE: Eventually PR_SET_TIMERSLACK_PID usage will need to be
removed as it is likely to conflict with valid future upstream
PR_* entries.
Also add missing O_CLOEXEC to other open calls in this file.
Change-Id: Iec0b8a62de0dc8bdd57b60df82bd4d31c5d64709
Signed-off-by: John Stultz <john.stultz@linaro.org>
Remove the /dev/__kmsg__ workarounds (which can then be removed
from sepolicy), and fix confusion in the translation between
android-base logging and kernel logging priorities (in particular,
where 'notice' comes in the hierarchy).
Bug: http://b/30317429
Change-Id: I6eaf9919904b6b55bc402c20bf1a4ae269014bc7
Test: adb shell dmesg | grep init
Default permission bits are 771. It causes permission denied errors when
MediaProvider tries to scan /data/preloads. We have to allow read for others.
Bug: 29940807
Change-Id: I45645cf1154501ccb64bef08b9ad7bf7709dfd8e
