Binder currently may service an incoming oneway transaction whenever
an outbound oneway call is made (if there is already a pending
incoming oneway call waiting). The unexpected nested method call
blocks forever on a recursive mutex acquire because healthd is single-
threaded. The binder behavior is considered a bug and may change in
the future. For now, work around this in healthd.
Make a local copy of the listeners list, then drop the lock and
perform the outbound calls on the local copy of the list.
Bug: 38201220
Test: Marlin with modified client calling scheduleUpdate() repeatedly
Change-Id: If35c2847556245921e2aff808ff747bb60356811
The generic system.img released from project Treble can't contain any verity
metadata (e.g., vboot 1.0, AVB, or any other implementation) because it's
*generic*. To make any device can boot with it, `avbctl disable-verification`
is introduced to set a new flag AVB_VBMETA_IMAGE_FLAGS_VERIFICATION_DISABLED
in the top-level vbmeta to disable the entire AVB verification process. This
should be done prior to flash the generic system.img. See the following link
for details:
https://android-review.googlesource.com/#/c/418399/
This CL checks whether AVB_VBMETA_IMAGE_FLAGS_VERIFICATION_DISABLED is
set in the top-level vbmeta. When set, skip verifying the vbmeta structs
against androidboot.vbmeta.{hash_alg, size, digest} because it will be
absent in kernel cmdline. Also, only top-level vbmeta struct is read then
returned by libavb in this case.
Note that another flag AVB_VBMETA_IMAGE_FLAGS_HASHTREE_DISABLED, usually
set by `adb disable-verity`, is used to signal fs_mgr to skip setting up
dm-verity, but libavb still verifies all vbmeta structs. fs_mgr will
also verify all vbmeta structs against androidboot.vbmeta.{hash_alg,
size, digest} from kernel cmdline as well.
Also rename SetUpAvb() to SetUpAvbHashtree() to better fit its usage.
This function will return kDisabled when any of the above two flags is set.
Finally, regardless of which flag is set or not set, we still only allow two
return values from avb_slot_verify():
- AVB_SLOT_VERIFY_RESULT_OK: it's still possible to get this value
when any of these flags are set in build time. e.g.,
BOARD_AVB_MAKE_VBMETA_IMAGE_ARGS=--flags 2
- AVB_SLOT_VERIFY_RESULT_ERROR_VERIFICATION: in most cases we should
get this value, because the flags are likely set at run time.
Bug: 62523303
Test: boot device with 'avbctl disable-verification'.
Test: boot device with 'avbctl enable-verification'.
Test: boot device with 'adb disable-verity'.
Test: boot device with 'adb enable-verity'.
Test: build image with BOARD_AVB_MAKE_VBMETA_IMAGE_ARGS=--flags 2, then boot device.
repeat the above steps to boot device again.
Merged-In: Ie8436f3e0e82c78490208f3b85eac5238a9fdfdb
Change-Id: Ie8436f3e0e82c78490208f3b85eac5238a9fdfdb
(cherry picked from commit 60f19a0792)
FuseBuffer::HandleNotImpl save the value of |request.header.unique| to the
temporary variable, clear the buffer which is a union of |request| and
|response|, then write back the unique value to response.header.unique.
Before the CL, the temporary variable was wrongly removed by the compiler
optimization, and response.header.unique was always 0. The CL adds
volatile modifier as workaround to prevent the compiler optimization
from removing the temporary value.
Bug: 62429763
Test: libappfuse_tests
Change-Id: Ia853f805633f646f316f585a35c7b018000b6eb3
(cherry picked from commit a6dee5e279)
Some processes have lots of threads and minidebug-info. Unwinding
these can take more than the original two seconds.
Bug: 62828735
Test: m
Test: debuggerd_test
Test: adb shell kill -s 6 `pid system_server`
Merged-In: I0041bd01753135ef9d86783a3c6a5cbca1c5bbad
Change-Id: I0041bd01753135ef9d86783a3c6a5cbca1c5bbad
(cherry picked from commit b02851a984)
This commit exports android.hidl.memory@1.0-impl.so from default linker
namespace to vndk (VNDK-SP) linker namespace. This fixes
libhidlmemory.so failure.
Note: Exposing android.hidl.memory@1.0-impl.so from default linker
namespace to vndk (VNDK-SP) linker namespace shall be fine because its
APIs are frozen and won't be changed in the future.
Note: android.hidl.memory@1.0-impl.so is NOT exported to sphal linker
namespace.
Bug: 35107583
Bug: 62778280
Test: Write a test SP-HAL lib which links libhidlmemory.so, load that
SP-HAL lib into system executable, and make sure mapMemory() works.
Test: sailfish boots w/o problems.
Merged-In: Ia36350dcf1f8c8dc6d7bf2c7a6ae65e0ebaef578
Merged-In: Iddb723558c3a814a905cd42797594a707bc651da
Change-Id: I69034595b2cd355e786ce7943fed7dddf1b12525
(cherry picked from commit bd7503dae7)
(cherry picked from commit 3251e582f2)
This commit exports android.hidl.memory@1.0-impl.so from default linker
namespace to vndk (VNDK-SP) linker namespace. This fixes
libhidlmemory.so failure.
Note: Exposing android.hidl.memory@1.0-impl.so from default linker
namespace to vndk (VNDK-SP) linker namespace shall be fine because its
APIs are frozen and won't be changed in the future.
Note: android.hidl.memory@1.0-impl.so is NOT exported to sphal linker
namespace.
Bug: 35107583
Bug: 62778280
Test: Write a test SP-HAL lib which links libhidlmemory.so, load that
SP-HAL lib into system executable, and make sure mapMemory() works.
Test: sailfish boots w/o problems.
Change-Id: Ia36350dcf1f8c8dc6d7bf2c7a6ae65e0ebaef578
* changes:
Revert "Revert "init: poll in first stage mount if required devices are not found""
Revert "Revert "ueventd: remove PlatformDeviceList""
fs_mgr: differentiate if fs_mgr_set_verity() was skipped or disabled
In case of non-secure builds (eng variant) fs_mgr_setup_verity() skips
verity checks regardless of fstab options. This is slightly different
than 'adb disable-verity' where it would first read the verity metadata
to check if verity is disabled.
So, this change adds a new return value of FS_MGR_SETUP_VERITY_SKIPPED
instead of piggy backing on the FS_MGR_SETUP_VERITY_DISABLED.
Bug: 62864413
Test: Boot sailfish
Merged-In: I42bf2bdce0ecb18b4c3b568e2bc96bf1590dfb35
Change-Id: I42bf2bdce0ecb18b4c3b568e2bc96bf1590dfb35
Signed-off-by: Sandeep Patil <sspatil@google.com>
(cherry picked from commit 95366e97dd)
This commit adds libhidlmemory.so and android.hidl.memory@1.0.so to the
exported libs of the `vndk` linker namespace (aka. VNDK-SP). This is
necessary because some vendors' GLES implementation uses
libhidlmemory.so. Check http://b/35107583#comment15 for the context.
Bug: 35107583
Test: sailfish boots
Change-Id: Idb5ba4ed4a89795e0e6105d55a84e7f6bbffff51
This commit adds libhidlmemory.so and android.hidl.memory@1.0.so to the
exported libs of the `vndk` linker namespace (aka. VNDK-SP). This is
necessary because some vendors' GLES implementation uses
libhidlmemory.so. Check http://b/35107583#comment15 for the context.
Bug: 35107583
Test: sailfish boots
Merged-In: Idb5ba4ed4a89795e0e6105d55a84e7f6bbffff51
Merged-In: I1556b7499bd981af995f000519b7a314c70567d1
Change-Id: I5af7c954d432a2e8de6c6b744cedbada836bbd98
First stage mount in init currently attempts to regenerate uevents for
specific devices to create the corresponding dev nodes. However, this
is racy as first stage mount happens early in the boot process and
it's possible that some of these devices have not yet been created by
the kernel.
To fix this issue, init will poll on the uevent socket for up to 10
seconds waiting for the kernel to create the required device. It will
return false and panic if this 10 second timeout passes.
Note that the same uevent socket is used in the uevent regeneration
and the polling code, so there is no race if the device is created
after the uevent regeneration and before polling starts; the first
poll will pick up the device.
Bug: 62681642
Bug: 62682821
Test: Boot bullhead
Test: Boot sailfish
Test: Boot hikey + hotplug/unplug sdcard
Merged-In: I4a6ff043eb7115b729ca4954ebc6c9e000132993
Change-Id: I4a6ff043eb7115b729ca4954ebc6c9e000132993
First stage mount in init currently attempts to regenerate uevents for
specific devices to create the corresponding dev nodes. However, this
is racy as first stage mount happens early in the boot process and
it's possible that some of these devices have not yet been created by
the kernel.
To fix this issue, init will poll on the uevent socket for up to 10
seconds waiting for the kernel to create the required device. It will
return false and panic if this 10 second timeout passes.
Note that the same uevent socket is used in the uevent regeneration
and the polling code, so there is no race if the device is created
after the uevent regeneration and before polling starts; the first
poll will pick up the device.
Bug: 62681642
Bug: 62682821
Test: Boot bullhead
Test: Boot sailfish
Test: Boot hikey + hotplug/unplug sdcard
Merged-In: I4a6ff043eb7115b729ca4954ebc6c9e000132993
Change-Id: I4a6ff043eb7115b729ca4954ebc6c9e000132993
(cherry picked from commit c4ff5e803917f04574fe98f846875db77d0fd8f5)
In order to create symlinks for USB and block devices, the path for
their parent platform device must be known.
Previously, ueventd would save each platform device that it encounters
to a list and query this list when creating the symlinks. That,
however, is racy because the uevent socket does not differentiate
uevents from RegenerateUevents() and uevents sent by the kernel when
probing a device first the first time. The below scenario is the
faulty case:
1) Kernel probes parent platform device for a block device
2) ueventd calls RegenerateUevents() and starts processing uevents
3) Kernel probes block device and sends its uevents
4) ueventd picks up the block device uevent during its uevent processing,
without yet regenerating the platform device uevent, causing improper
symlinks to be created.
This change stops storing the platform devices in a list, and instead
traverses up the directory structure for each USB or block device
until it reaches a platform device, defined as one whose subsystem is
the platform bus. This fixes the race and simplifies the ueventd
code.
Bug: 62436493
Bug: 62681642
Test: Boot bullhead
Test: Boot sailfish
Test: Init unit tests
Test: Boot hikey + hotplug/unplug sdcard
Merged-In: I21636355d8e434f30e0cba568598a6cf139e67f9
Change-Id: I21636355d8e434f30e0cba568598a6cf139e67f9
(cherry picked from commit c94ce7b130)
In order to create symlinks for USB and block devices, the path for
their parent platform device must be known.
Previously, ueventd would save each platform device that it encounters
to a list and query this list when creating the symlinks. That,
however, is racy because the uevent socket does not differentiate
uevents from device_init() and uevents sent by the kernel when
probing a device first the first time. The below scenario is the
faulty case:
1) Kernel probes parent platform device for a block device
2) ueventd calls device_init() and starts processing uevents
3) Kernel probes block device and sends its uevents
4) ueventd picks up the block device uevent during its uevent processing,
without yet regenerating the platform device uevent, causing improper
symlinks to be created.
This change stops storing the platform devices in a list, and instead
traverses up the directory structure for each USB or block device
until it reaches a platform device, defined as one whose subsystem is
the platform bus. This fixes the race and simplifies the ueventd
code.
Bug: 62436493
Bug: 62681642
Test: Boot bullhead
Test: Boot sailfish
Test: Boot hikey + hotplug/unplug sdcard
Merged-In: I21636355d8e434f30e0cba568598a6cf139e67f9
Change-Id: I21636355d8e434f30e0cba568598a6cf139e67f9
This means the library may be installed in both the
/system and /vendor partitions, if they are used by
system and vendor code respectively.
Test: mm -j64
Bug: 38244611
Change-Id: I5874529d410a226c028a248b0d22ea5e80639445
Merged-In: I978f8e34d354e4fe03a3c19dd0dbc6899f26a793
It depends on functionality in the bionic
allocator, which may get updated independently
of the vendor partition (as libc is in the LL-NDK).
Bug: 33241851
Test: builds
Change-Id: I435679843229d0d4d2e2be7bfe8c27f558a016dd
Merged-In: I435679843229d0d4d2e2be7bfe8c27f558a016dd
Relax the shell command length limits when talking to an adbd with the
shell protocol.
shell is pretty much the only service that takes an arbitrarily long
string, so this is somewhat safe.
Bug: http://b/37716055
Test: `adb shell $(python -c 'print "echo " + "f" * (32*1024)') | wc` on L and master
Merged-In: I0737fd2244530ef8080f300cd3a3549a1ab93465
Change-Id: I0737fd2244530ef8080f300cd3a3549a1ab93465
Fix a deadlock that happened when a reader/writer thread released a
transport while the hotplug thread attempted to handle a device
disconnection. Decrementing a transport refcount to zero would hold the
global transport mutex and attempt to take the usb handles mutex, while
the hotplug thread would hold the usb handles mutex and try to call
unregister_usb_transport, which would attempt to take the global
transport mutex.
Resolve this by making transport_unref not take the global transport
mutex.
Bug: http://b/62423753
Test: python test_device.py
Merged-In: Ib48b80a2091a254527f3a7d945b6a11fae61f937
Change-Id: Ib48b80a2091a254527f3a7d945b6a11fae61f937
(cherry picked from commit 7e197ef833)
