Commit graph

89065 commits

Author SHA1 Message Date
Steven Moreland
38d36e4492 libutils: T* is a trivial type
Avoid calling constructors/destructors for
each element, when we have Vector<T*>. These
are used in libbinder and elsewhere.

std::vector is still faster but uses more mem.

Bugs: me
Test: boot && binderLibTest
Change-Id: Id1239daddd018f8eee5480d1cb6dd25d6f4df808
2024-04-26 21:08:48 +00:00
Ellen Arteca
6f7e39526c Merge "Create and support isolation for /data/storage_area" into main 2024-04-26 20:59:43 +00:00
Christopher Ferris
1c46a00865 Replace malloc_not_svelte with malloc_low_memory.
The malloc_not_svelte variable name is confusing and makes the
low memory config the default. Change this so that the default is
the regular allocator, and that Malloc_low_memory is used to enable
the low memory allocator.

Update blueprint rules so that scudo is the default action.

Test: Verified scudo config is used by default.
Test: Verfified Android GO config uses the jemalloc low memory config.
Change-Id: Ie7b4b005a6377e2a031bbae979d66b50c8b3bcdb
2024-04-26 13:33:26 -07:00
Elliott Hughes
03700c301b Merge "parse_line: allow -1 for apexes and sdk libraries." into main 2024-04-26 19:59:38 +00:00
William Loh
563c1a83a0 Merge "Create app-metadata directory" into main 2024-04-26 16:57:39 +00:00
Elliott Hughes
6e774bae19 parse_line: allow -1 for apexes and sdk libraries.
Since we're in much worse trouble if `/data/system/packages.list` is
attacker-controlled, there doesn't seem like much benefit to having
the little bit of [incomplete] range checking we had on the uid
field (by using a wider type than `uid_t` actually is), and
apparently we're now abusing `-1` to mean "apex or sdk library",
despite `uid_t` being an unsigned type.

Bug: http://b/336659478
Change-Id: I7a270eea937d21fc1d7fcda8654054210cf631fe
2024-04-26 15:30:30 +00:00
Christopher Ferris
c76a8937b0 Make sure debuggerd_test is run on device.
Tests starting failing on aarch64, so force presubmit to run the
debuggerd tests on device to close this coverage hole.

Test: Treehugger and verify tests are run on device.
Change-Id: Ie40eab35e46cefd3cebc132d9c0a3d1ebdb0d766
2024-04-25 13:57:52 -07:00
Treehugger Robot
6f5205229b Merge "ueventd: Add devname sys_name to subsystem, pulling device names from sysfs" into main 2024-04-25 19:39:02 +00:00
William Loh
188b64778c Create app-metadata directory
App metadata bundles, also known as Android Safety Labels (ASL),
contains information about the app's privacy and security practices.
This information is used to help users make more informed choices when,
for example, granting access to permissions.

ASL can currently only be preloaded on the system image or distributed
by the installer and written to a file in the app's codePath. To support
embedded ASL in APK we need to extract ASLs from APKs to a writeable
location. For non-preloaded apps we can write to the app's codePath like
the installer provided ASLs, however, we need to create a new writable
directory for preloaded apps located on read only partitions.

Bug: 336618214
Test: manual
Change-Id: I651b2dab45c3132d8467c507dc4ee304001f73f5
2024-04-25 19:21:27 +00:00
Treehugger Robot
b24f4c9699 Merge "Load modules from _16K dir when running on 16K kernel" into main 2024-04-25 18:15:02 +00:00
A. Cody Schuffelen
b479666e3c ueventd: Add devname sys_name to subsystem, pulling device names from sysfs
This change introduces a new mode to `subsystem.devname` in `ueventd.rc`
configuration files, which sets the file name to the contents of
`/sys/DEVNAME/name`.

The objective of this change is to help Cuttlefish distinguish between
console devices, which are only different in uevents by initialization
order. Cuttlefish currently relies on `/dev/hvc##` devices which are
created for non-multiport virtio-console devices.

https://cs.android.com/android/platform/superproject/main/+/main:device/google/cuttlefish/shared/config/ueventd.rc;l=18;drc=5204f119d859d3ae5f1a2ee1c6a05ee68d6a28ed

On Cuttlefish we're considering moving to multiport virtio-console
devices ( https://fedoraproject.org/wiki/Features/VirtioSerial ). It
would be possible to rely on device order here as well, but using names
to distinguish devices makes it possible to drop unused devices in the
future, rather than reserving indexes indefinitely.

Multiport virtio-console devices create uevents with DEVNAME=vport#p#
and DEVPATH=.../vport#p#, only exposing the name in a sysfs file.

Bug: 336663898
Test: Attach multiport console, run with `-DLOG_UEVENTS=1`
Test: Introduce ueventd policy using `devname sys_name`
Change-Id: I59632b556db4a47883eab97e90c0e6ca81a9c650
2024-04-25 11:10:11 -07:00
Kelvin Zhang
946a355241 Merge "Allow querying for fstab for a mount point with fstype" into main 2024-04-25 16:48:37 +00:00
Kelvin Zhang
ffdb017e7d Load modules from _16K dir when running on 16K kernel
Test: th
Bug: 293313353
Change-Id: Ie58e57174545e4def5ebc33ac29f1adb12bf06a6
2024-04-25 09:48:13 -07:00
Kelvin Zhang
6cdee65b8b Allow querying for fstab for a mount point with fstype
Test: th
Bug: 293313353
Change-Id: I8e12c465d0a3e886fcfa0cebf546b145b785c220
2024-04-25 09:48:13 -07:00
Daniel Zheng
6f7fb5a0b5 Merge "libsnapshot: remove hard coded cow version" into main 2024-04-24 22:46:17 +00:00
Treehugger Robot
b46dcf4fcb Merge "Only write appcompat properties if flag is defined" into main 2024-04-24 22:35:37 +00:00
Treehugger Robot
ef3679a78a Merge "libmodprobe: remove dummy parameters for kernel" into main 2024-04-24 22:00:52 +00:00
Ryan Prichard
d774ab22c1 Merge "sysutils: add missing <vector> include" into main 2024-04-23 17:17:20 +00:00
Ryan Prichard
455fe568b4 sysutils: add missing <vector> include
Upgrading to clang-r522817's new libc++ requires that <vector> be
included here.

Bug: 333165689
Test: treehugger
Flag: EXEMPT, fix build error
Change-Id: Ib9a072ddb39477b98c79879da6354557695ba350
2024-04-22 22:03:45 -07:00
Florian Mayer
b69633f50c Merge "Avoid confusing main_thread name" into main 2024-04-23 04:56:52 +00:00
Chungkai Mei
1db2d481ea libmodprobe: remove dummy parameters for kernel
we consume load_sequential only in libmodprobe, so remove this parameter
before sending them into kernel layer

Bug: 332435366
Test: Built and boot husky targets
Change-Id: I37e63723d3c8d4fd8ca1fda682b344a721b9a637
Signed-off-by: Chungkai Mei <chungkai@google.com>
2024-04-22 19:56:46 -07:00
Florian Mayer
2d45331a9e Avoid confusing main_thread name
It is not in fact the main thread of the process, but the thread that crashed

Change-Id: I3af6d0ffc6c0617526a9cbeb36b2a3286aaeb6f6
2024-04-22 23:43:59 +00:00
Treehugger Robot
bbdc19b7e1 Merge "storageproxyd: Fix x86 builds" into main 2024-04-22 22:18:41 +00:00
Ellen Arteca
f885d551c2 Create and support isolation for /data/storage_area
Creating the directory /data/storage_area (which will store each user's directory
of app directories of storage areas) on startup, and adding this directory
/data/storage_area to the tmpfs mirror so it can be protected by app data isolation
in zygote.

Bug: 325121608
Test: atest StorageAreaTest
Change-Id: Ia938e89fd8b794dbcbb844b01b790db7c0a62319
2024-04-22 20:51:44 +00:00
Donnie Pollitz
4f75b6699c storageproxyd: Fix x86 builds
Background:
* printf format specifiers and size_t literal were invalid.

Bug: 324989972
Test: Builds
Change-Id: I408cfe0d41fb6850d5dcfe9963bb88be48f4a0c6
Signed-off-by: Donnie Pollitz <donpollitz@google.com>
2024-04-22 22:42:54 +02:00
Donnie Pollitz
63ef65c138 Merge "storageproxyd: Add arguments for storage mapping and max file" into main 2024-04-22 18:20:44 +00:00
Treehugger Robot
6901df0eb3 Merge "init.rc: remove 4.9/4.14 support" into main 2024-04-22 17:01:10 +00:00
Treehugger Robot
dd8050f68a Merge "init.rc: remove xt_qtaguid configuration" into main 2024-04-22 16:57:47 +00:00
Treehugger Robot
95403fce00 Merge "Build init-debug.rc with Soong" into main 2024-04-22 16:28:28 +00:00
Treehugger Robot
ff086da560 Merge "setprop: check if not setprop value but setprop name starts with "ro."" into main 2024-04-22 15:59:44 +00:00
sanga1.lee
2c6b83f4d2 setprop: check if not setprop value but setprop name starts with "ro."
When setting property with setprop, a property name which starts with
"ro." could be set no matter how long the value name is.

Change-Id: Ia035ef009952db08ae8a6d4a2b8b9567d86124fc
2024-04-22 08:07:52 +00:00
Maciej Żenczykowski
a95be37d2c init.rc: remove 4.9/4.14 support
U requires 4.14+
V requires 4.19+

as such this is no longer useful

Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I39d01cc16897c6c9174cf074e27c888bc758f1cc
2024-04-20 07:06:54 +00:00
Maciej Żenczykowski
8b29034b89 init.rc: remove xt_qtaguid configuration
which has been fully replaced by eBpf
(started in android P, finished in android S)

Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Ie38e54600a9bb01c7ecdde63d9a9256bed047f41
2024-04-20 06:58:05 +00:00
Treehugger Robot
f0db2406f7 Merge "Null terminate the std::array given to execve" into main 2024-04-20 02:41:34 +00:00
Jiyong Park
e873e1d31b Null terminate the std::array given to execve
std::array<T, N> takes exactly N * sizeof(T) bytes, leaving no room for
the null terminator.

Bug: 335047945
Test: re-run the GSI test
Change-Id: Ic3aca5f409021c78a7eb965c5ed610e6a51e42cb
2024-04-20 10:11:46 +09:00
Nate Myren
32677ae8f3 Only write appcompat properties if flag is defined
Only writes the appcompat properties if the
WRITE_APPCOMPAT_OVERRIDE_SYSTEM_PROPERTIES cflag is defined

Fixes: 331307495
Test: manual
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:f04f6bae4314e01111045ba231010ba7067477a0)
Merged-In: Ie99b5027a9704c0f4f7fe4d3a6a6cf49f4bb8176
Change-Id: Ie99b5027a9704c0f4f7fe4d3a6a6cf49f4bb8176
2024-04-19 19:07:52 +00:00
Daniel Zheng
885bd1c8d6 libsnapshot: remove hard coded cow version
Remove hard coded global variables referencing cow version in
libsnapshot. This value should stem from the build system, or set
individually in test cases.

Bug: 307452468
Test: th
Change-Id: I3d536246008acca92cd93e77886e5f7d17a131e0
2024-04-19 11:39:46 -07:00
Inseob Kim
4113b658a8 Build init-debug.rc with Soong
Bug: 335369205
Test: build and compare
Change-Id: Idb6105e8527e3a2b4f0517b31be3fa8b78826880
2024-04-19 16:17:14 +09:00
Inseob Kim
8c7b66629d Merge "Build etc/hosts with Soong" into main 2024-04-19 01:29:38 +00:00
Treehugger Robot
b45c8ad05b Merge changes Ie74b9c27,If2224475 into main
* changes:
  libprocessgroup: Check validity of uid and pid arguments for createProcessGroup
  Revert "libprocessgroup: Check validity of uid and pid arguments"
2024-04-18 19:09:18 +00:00
Julien Desprez
a078141ec8 Merge "snapshotctl: Check for cow path when allocated from /data" into main 2024-04-18 18:13:55 +00:00
T.J. Mercier
7d9d171e4e libprocessgroup: Check validity of uid and pid arguments for createProcessGroup
killProcessGroup already checks for validity of the uid and pid input
arguments. Also add this checking to createProcessGroup.

Bug: 333261173
Change-Id: Ie74b9c2716978cb5eb434af12e27945e29af876e
2024-04-18 16:18:22 +00:00
T.J. Mercier
29e30f25b4 Revert "libprocessgroup: Check validity of uid and pid arguments"
This reverts commit 5a3c3f7ccf.

Don't SIGABRT for invalid requests.

Bug: 333261173
Change-Id: If22244753b43529ed17c315b3732af371827e774
2024-04-18 16:17:48 +00:00
Akilesh Kailash
fa5cf6884a snapshotctl: Check for cow path when allocated from /data
If the COW device is allocated only from /data, then
the COW device name will end with -cow-img. Hence, check
that path as well.

Bug: 335552315
Test: snapshotctl apply-update
Change-Id: Id3c5cf8afd77994da117de41bb98a226b350f8e4
Signed-off-by: Akilesh Kailash <akailash@google.com>
2024-04-18 06:19:56 -07:00
Treehugger Robot
8a92f2d747 Merge "Updated fuzz_config in Android.bp file" into main 2024-04-18 01:55:15 +00:00
Inseob Kim
f1ddc62db3 Build etc/hosts with Soong
Bug: 335369205
Test: build
Change-Id: I3a33e80dc751ddce874fe1345594e6dc5f27b36c
2024-04-18 10:44:46 +09:00
Treehugger Robot
68c7869e86 Merge "Don't install Android-only dependencies to microdroid" into main 2024-04-17 22:37:56 +00:00
David Drysdale
a8934ddc26 Merge "Warn that reboot might be needed after setting IDs" into main 2024-04-17 17:12:08 +00:00
David Drysdale
8005cfa7e4 Warn that reboot might be needed after setting IDs
Test: compile
Change-Id: Iac93f6a60df7e1a9f89183deabb37e0efc16df91
2024-04-17 16:27:49 +01:00
Jiyong Park
12c64a7586 Don't install Android-only dependencies to microdroid
init_second_stage_defaults provides properties that are common to both
Android's init and Microdroid's init. Before this CL, it included
target.product.required and target.recovery.required properties. The
required dependencies were Android-specific; the dependencies included
Android-only init.rc. Microdroid has its own init.rc (microdroid_init_rc
module).

This was problematic but so far it didn't cause an issue because those
Android-only dependencies were not installed to Microdroid due to a bug
in the build system.

As we fix the build system bug, the Android-only dependencies started
get installed to Microdroid, effectively overriding the Microdroid-only
init.rc file. This made Microdroid fail to boot.

Fixing this issue by moving the Android-only dependencies out of the
defaults module and putting them on the Android's init.

In addition to that, this CL removes the recovery variant for the
Microdroid's init because it's not used.

Bug: N/A
Test: run AVF tests
Change-Id: I09748f1123125cac74ce54fd5c360c9a3ba2f996
2024-04-17 14:36:55 +09:00