Create a new group for dex2oat in cpu cgroup, which is dedicated for
dex2oat processes. Also modify task profiles for this change.
Bug: 201223712
Test: dex2oat group created
Change-Id: Ic61f4b8a64d01c03549b680970805e12b9ce4fcc
This is required since Android 12, because
CtsNativeVerifiedBootTestCases will read property
"partition.${partition}.verified.hash_alg" to
check that sha1 is not used.
Also see https://r.android.com/1546980 for more details.
Bug: 175236047
Bug: 203720638
Test: build and boot a device
Change-Id: I300265f4af9c2781d40537f391bda9eaf62c27ba
The tracing instance takes extra RAM and is not needed on devices running older kernels.
Bug: 194156700
Test: manual on a Pixel device
Change-Id: I794062741688ebea0e4bc500723a966f8f646ee1
Signed-off-by: Alexander Potapenko <glider@google.com>
In order for crashes when executables are run from the
/data/local/tests directory, set the executable bit for that
directory and sub-directories. Without this, neither the root
user nor shell user can read any executables or shared libraries in
the tests directory.
Bug: 197229540
Test: Used the crasher executable and copied it to /data/local/tests
Test: and verified that running it as root and shell results in
Test: tombstones that have full unwinds with function names.
Change-Id: Ice669358decad9766e0496c156aa84d4ecacd124
sys.sysctl.extra_free_kbytes property controls the value set to the
/proc/sys/vm/extra_free_kbytes out-of-tree kernel knob. Replace its
use with execution of extra_free_kbytes.sh script which calculates
and sets corresponding value to /proc/sys/vm/watermark_scale_factor
upstream-supported kernel knob.
Bug: 109664768
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: Iaece28eb858a20c8c39578a28dc6bbc6adc13c40
The main users of this instance are KFENCE and MTE-aided KASAN, which are only supported on arm64.
Skip creation of this tracing instance on 32-bit systems to save ~6Mb memory on low-end devices.
Bug: 195089948
Bug: 194719088
Bug: 194156700
Change-Id: Icaf762715fed7a282b1ad738c10bcb45dc848f4d
In newer kernel, it introduces watermark boost feature
to enhance memory fragmentation problems. This feature
will dynamically boost/down watermark level which conflicts
with LMKD assumption and causing LMKD not to work properly.
Disabling this feature first until we address it.
Bug: 189938926
Test: check vm parameter.
Signed-off-by: Martin Liu <liumartin@google.com>
Change-Id: I6db5163f843f1129080bb944df7cbb8c799a58e0
The sysfs node of sd blk_device is /sys/fs/f2fs/sd-<num>, we shouldn't
skip partition number at this time.
Bug: 189257443
Test: access sd-<num> sysfs correctly
Signed-off-by: Guo Weichao <guoweichao@oppo.com>
Signed-off-by: Huang Jianan <huangjianan@oppo.com>
Change-Id: Ibcd7bb265f8fca9cd26f8770403f1bafad433acb
We never use CONFIG_RT_GROUP_SCHED in GKI kernel, but that could be set
on legacy devices. Remove system cgroup migration and also RT settings
as we should not have any task under those groups.
Bug: 191925901
Test: Build
Signed-off-by: Wei Wang <wvw@google.com>
Merged-In: I492833975e28e9888e412711e80670ca0901010d
Change-Id: I492833975e28e9888e412711e80670ca0901010d
(cherry picked from commit b4e79853cd)
writepid command usage to join a cgroup has been deprecated in favor
of a more flexible approach using task_profiles. This way cgroup path
is not hardcoded and cgroup changes can be easily made. Replace
writepid with task_profiles command to migrate between cgroups.
Bug: 191283136
Test: build and boot
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: I945c634dfa7621437d8ea3981bce370d680b7371
adb_debug.prop is migrated too. And ramdisk_available is added to all
dependencies.
Bug: 187196593
Test: boot
Change-Id: I59cd149e0021211b8fd59c44b93bbf18dc8637bf
Due to aosp/1708274, ref data directory is now world accessible.
We need to fix ref data directory so that it does not leak app
visibility information.
Bug: 189787375
Test: AppDataIsolationTests
Change-Id: I716852478ce0734c7038934c88c36a567c06393f
This reverts commit 14f6751df1.
Reason for revert: Removing libneuralnetworks_shim.so from Android S
Change-Id: I23acbdc31ddc488ad59225b483936905fa3652ee
Merged-In: I23acbdc31ddc488ad59225b483936905fa3652ee
ART wants to optimize the time when the profile information
is saved for an app. To do so, it needs access to both, the current
profile, and the reference profile. This will allow ART to access
the ref profiles, which previously was not needed.
Test: m & flash
Bug: 185979271
Change-Id: Ie07bce81d2fba9c0b0ae4f322418e960c024e15d
There is no direct dependency in platform on this library, but we still
need a link to it from the system namespace, since adbconnection can
load it as a JVMTI agent without a class loader, and that is changing
to use the system namespace in https://r.android.com/1673312.
Test: atest CtsJdwpTestCases
Test: atest CtsJdwpTunnelHostTestCases
Bug: 130340935
Change-Id: Ia06c0f2a80226a056195fcff2f5d4dcab8f38518
On first boot, FDE devices hang on the command
'wait_for_prop apexd.status activated'. This is because apexd was
already started with the tmpfs /data, then was stopped by
vold.decrypt=trigger_shutdown_framework. Then when apexd is started
again with the real /data, it sees that apexd.status="ready" already, so
it doesn't consider itself to be starting from scratch again. So it
doesn't move apexd.status back to "activated" as expected.
Fix the above by resetting apexd.status to its initial value of the
empty string before trying to start apexd in the post-fs-data trigger.
Note that this also takes care of the userspace reboot case which was
previously handled in the userspace-reboot-requested trigger.
Also, FDE devices hang at the same place on non-first boots with default
encryption (i.e., when no PIN is set) because apexd is still running
after having been started with the tmpfs /data. This is because
vold.decrypt=trigger_shutdown_framework isn't run in that case, but
rather vold manually kills processes that have open files on /data --
which doesn't include apexd. But, apexd should be restarted too.
Fix that by using 'restart apexd' rather than 'start apexd'.
Note that these changes are needed even though FDE devices don't support
updatable APEXes, as apexd is needed regardless.
This is one of a set of changes that is needed to get FDE working again
so that devices that launched with FDE can be upgraded to Android 12.
Bug: 186165644
Test: Tested FDE on Cuttlefish. Also tested userspace reboot (with FBE)
Change-Id: I4fa57cf15d77b64d1167eaf966347d2a9d6a9b72
Now that we are activating APEX directly from /data/apex/decompressed
directory, without this permission, PackageManager fails to parse
decompressed APEX. This permission setting is same as what we have for
/data/apex/active.
Bug: 185886528
Test: atest ApexCompressionTests
Change-Id: Ief36a6ddc5760faff2c390fa913984385fda99a6
Soong generates classpaths.proto config and puts it into
/system/etc/classpaths/ for derive_classpath to read at runtime. There
is no need to plumb these values via make anymore.
Bug: 180105615
Test: m && launch_cvd; presubmit / DeviceBootTest
Change-Id: I514c5036871233ae865b972effea8321dbe4aea9
In order to simplify developer/test flow, the persistent property
persist.dbg.keep_debugfs_mounted can be set to prevent debugfs from
being unmounted on boot.
Bug: 184381659
Test: build and boot
Change-Id: I714616b361e6c8fb59633ec0763f9bd55af7df0e
Rename ro.product.enforce_debugfs_restrictions to
ro.product.debugfs_restrictions.enabled as per the sysprop naming
scheme.
Bug: 184381659
Test: build, boot
Change-Id: Ie350eefa342e7e16d31363139257ed285780e874
platform-bootclasspath module generates classpaths.proto config with
the information for derive_classpath to read and parse at runtime.
See go/updatable-bootclasspath.
Bug: 180105615
Test: m && launch_cvd; presubmit / DeviceBootTest
Change-Id: I0f4b1cfce9468fd6e3377a1d7233245e30f1ea51
Revert submission revert-1660531-max-boot-level-crypto-KFMCEDKSIV
Reason for revert: topic:vold-use-keystore2 has landed fixing the bug
Reverted changes:
Ibf63734a: Revert "Set earlyBootEnded before apex starts"
Id02f63a7: Revert "Expose AID_KEYSTORE"
Ibcedeff4: Revert "Cryptographic security for MAX_BOOT_LEVEL"
Restored changes:
Ia3b968afc:Set earlyBootEnded before apex starts
Ia69891291:Expose AID_KEYSTORE
I12530cd13:Cryptographic security for MAX_BOOT_LEVEL
Reverted-SHA1: 82cfe66794
Original commit message:
earlyBootEnded signals to keystore2 to read the database for the first
time, and start the MAX_BOOT_LEVEL system. It must therefore run
after /data is mounted and /data/misc/keystore is created, but before
apexd or odsign starts.
Bug: 176450483
Test: atest com.android.tests.odsign.OnDeviceSigningHostTest#verifyArtUpgradeSignsFiles
Change-Id: Ib9c2b4bbdddecdf73924125f9bdc75c82e1dd257
Adding in case of link required from the system image to nn apex.
Test: Run sample vendor service on cf device
Bug: 172925288
Change-Id: Ic4609cc0b73dfd5c9d39b75b22e241c30d61b753
so that this can be packaged in a filesystem(e.g microdroid)
Bug: 181093750
Test: MicrodroidTestCase
Change-Id: Ib86789de4632a32eee31fee0607d5ade8ae6b33f
Debugfs cannot be mounted in userbuilds since Android R. Since init only
mounts/unmounts debugfs during boot for debug builds, move it to
init-debug.rc.
Bug: 184381659
Test: build/boot
Change-Id: Ib51e82b99ec1eb95a2647c91855f6d4d1585040a
Metrics are written to /data/misc/odrefresh by odrefresh during early
boot, then the zygote passes them to statsd and delete the metrics
files.
Bug: 169925964
Test: manual
Change-Id: Ia39098109d59600ae8d7b197f46e9a6de18ca57c
Revert "Merge libdexfile_external into libdexfile (reland)."
Revert "Rename libdexfile_external_static to libdexfile_static (..."
Revert "Rename libdexfile_external_static to libdexfile_static (..."
Revert submission 1666119-libdexfile-noext-2
Reason for revert: broken build 7270939 on aosp-master on full-eng
Reverted Changes:
I582e49ae7:Merge libdexfile_external into libdexfile (reland)...
Iaa6a90f41:Rename libdexfile_external_static to libdexfile_st...
I4315189b2:libdexfile_external is replaced by libdexfile (rel...
Ia065119c2:Rename libdexfile_external_static to libdexfile_st...
Bug: 184929782
Change-Id: Id4830ded68e6fb3e9da0bcd8e428c46a79df3ff8
Test: forrest build for aosp-master on full-eng
Revert "Cryptographic security for MAX_BOOT_LEVEL"
Revert submission 1660531-max-boot-level-crypto
Reason for revert: broken test com.android.tests.odsign.OnDeviceSigningHostTest#verifyArtUpgradeSignsFiles on aosp-master on aosp_cf_x86_64_phone-userdebug at 7261517
Reverted Changes:
Ia3b968afc:Set earlyBootEnded before apex starts
Ia69891291:Expose AID_KEYSTORE
I12530cd13:Cryptographic security for MAX_BOOT_LEVEL
Bug: 184635938
Change-Id: Ibf63734a02a2c132142671c0fae5d0177bf46079
Test: forrest run for the broken test
This relands https://r.android.com/1644045 after fixing the build issue
in b/184239856.
Test: atest CtsSimpleperfTestCases
Bug: 143978909
Change-Id: I4315189b243503f5633f64d46a0ffedad3bebf0c