libziparchive-host needs to include the headers correctly, too.
Bug: 37342627
Test: mmma system/core/libziparchive
Change-Id: I88a6d38ff9e494273040f9b913c71bccdda117ad
During mount operations, fs_mgr_wait_for_file() is invoked to
ensure the device file exists before starting to mount it. Adding
logs when the wait fails and also skip mounting as it won't be
successful. Also merge fs_mgr_test_access() and wait_for_file()
as fs_mgr_wait_for_file().
Test: Boot device and manually trigger the timeout issue
Test: Check and confirm whether timeout log info is inside ksmg.
Change-Id: Ide6d7fdca41e03e169e4400f91b7dea327985aaf
ueventd may be asked to handle firmware during the time critical
coldboot process. If we double fork to avoid needing to reap the
firmware handler, then we may add significant delay to this process,
as the first child may not get scheduled quickly enough for waitpid()
to complete without delay.
Bug: 63081260
Test: boot bullhead and sailfish, check that firmwares are loaded,
no zombie ueventd processes remain, and no new errors are shown
Change-Id: I2bac3b1fbc3a58557a00326e491c104656db27ae
- "shutdown critical" prevents killing the service during
shutdown. And the service will be started if not running.
- Without it, services will be killed by SIGTERM / SIGKILL during shutdown.
- Even services with "shutdown critical" will be killed if shutdown
times out.
- Removes ueventd and vold from hard coded list. Each service's rc will
be updated to add "shutdown critical". watchdogd is still kept in the list.
bug: 37626581
Test: reboot and check last kmsg
Change-Id: Ie8cc699d1efbc59b9a2561bdd40fec64aed5a4bb
We have been seeing panics and errors during shutdown sequence in
some vendor's platform, and it is required to disable error handling
during shutdown.
This CL separates the shutdown request to execute another "shutdown"
trigger at the beginning of shutdown stage. And vendor can use this
trigger to add custom commands needed for shutting down gracefully.
Bug: 38203024
Bug: 62084631
Test: device reboot/shutdown
Change-Id: I3fac4ed59f06667d86e477ee55ed391cf113717f
It's not a error case if we do not find a device that we're attempting
to regenerate uevents for during first stage mount, but it is likely
to increase boot time, so we log a message to attribute this delay.
Bug: 63327193
Test: Boot bullhead, sailfish
Change-Id: I97c2e5aefd218bbdd87717ff3c375381f725de08
To boot with generic system.img for project Treble, we should allow no verity
metadata when the device is unlocked. The previous fix checks system property
"ro.boot.flash.locked" but it's unavailable during first stage mount.
This CL checks "androidboot.verifiedbootstate" in kernel command line instead.
Bug: 63268209
Test: boot sailfish without metadata on /vendor
Change-Id: Ifd1dbeb2a2f09cd06903ecdd59bc94b3905a3fbd
By forward-declaring zstream, we don't need to re-export zlib headers.
Bug: 37342627
Test: build
Test: BOARD_VNDK_VERSION=current m -j dumpstate (or any other module
using libziparchive)
Change-Id: Ia69e5d459c79878d491cfe4ca21a7cc8fed4a5d8
libziparchive headers are moved from the global include directory
(/system/core/include) to the local directory inside libziparchive.
Note: /system/core/include/ziparchive still exists as a symlink to
libarchive/include/ziparchive. This will be removed when there is no
header-only dependency to libziparchive.
Bug: 37342627
Test: build
Change-Id: I3631ffc2df7be8a064d64a625d10436090c3bb0f
When Android is running in a container, some of the securebits might be
locked, which makes prctl(PR_SET_SECUREBITS) fail.
This change gets the previous state of the process' securebits and adds
the desired bits.
Bug: 62388055
Test: aosp_bullhead-eng boots
Test: If init has non-zero securebits, it can also boot
Change-Id: Ie03bf2538f9dca40955bc58314d269246f5731bd
When init gets SIGCHLD, it uses waitpid() to get the pid of an exited
process. It then calls kill(-pid, ...) to ensure that all processes
in the process group started by that process are killed as well.
There is a bug here however as waitpid() reaps the pid when it
returns, meaning that the call to kill(-pid, ...) may fail with ESRCH
as there are no remaining references to that pid. Or worse, if the
pid is reused, the wrong processes may get the signal.
This fixes the bug by using waitid() with WNOWAIT to get the pid of an
exited process, which does not reap the pid. It then uses waitpid()
with the returned pid to do the reap only after the above kill(-pid,
...) and other operations have completed.
Bug: 38164998
Test: kill surfaceflinger and see that processes exit and are reaped
appropriately
Test: `adb reboot` and observe that the extraneous kill() failed
messages do not appear
Change-Id: Ic0213e1c97e0141e6c13129dc2abbfed86de138b
We should check the boundary of central directory before checking its
signature. Swap the order of these two checks.
Bug: 36392138
Test: libziparchive doesn't read the signature after boundary check fails.
Merged-In: Ie89f709bb2d1ccb647116fb7ccb1e23c943e5ab8
Change-Id: Ie89f709bb2d1ccb647116fb7ccb1e23c943e5ab8
(cherry picked from commit 74464a1361)
Add a check to ensure the filename boundary doesn't exceed the mapped
memory region. Also add the corresponding unit test.
Bug: 28802225
Test: New unit test passes.
Merged-In: Ibf543a7da3d7898952e9eb332c84cdfc67cf5aa4
Change-Id: Ibf543a7da3d7898952e9eb332c84cdfc67cf5aa4
(cherry picked from commit bcc4431f24)
The boundary check of an invalid EOCD record may succeed due to the
overflow of uint32_t. Fix the check and add a unit test.
Test: Open the crash.apk and libziparchive reports the offset error as expected.
Bug: 31251826
Merged-In: I1d8092a19b73886a671bc9d291cfc27d65e3d236
Change-Id: I1d8092a19b73886a671bc9d291cfc27d65e3d236
(cherry picked from commit ae8180c06d)
Use mem cgroups if the kernel is built with CONFIG_MEMCG=y,
additionally add system group.
test: verified on both kernel with/without memcg enabled
Change-Id: Ib9d1c8e3c797e75f160e0e92edf3f11c9d8e9f17
Binder currently may service an incoming oneway transaction whenever
an outbound oneway call is made (if there is already a pending
incoming oneway call waiting). The unexpected nested method call
blocks forever on a recursive mutex acquire because healthd is single-
threaded. The binder behavior is considered a bug and may change in
the future. For now, work around this in healthd.
Make a local copy of the listeners list, then drop the lock and
perform the outbound calls on the local copy of the list.
Bug: 38201220
Test: Marlin with modified client calling scheduleUpdate() repeatedly
Change-Id: If35c2847556245921e2aff808ff747bb60356811
This change homogenizes the use of std::unique_ptr for storing
capabilities in system/core/.
Bug: None
Test: m
Change-Id: I0a95f87a27b0261e9d321841d5140fc000473293
This change makes it possible for Android running in a container to
terminate cleanly instead of calling abort() when requested to shut
down.
Bug: 62388055
Test: `adb reboot` on bullhead causes no kernel panics
Test: `adb reboot` on a system without CAP_SYS_BOOT makes init terminate
nicely
Change-Id: I36b2298610f5b4a2bf8b05103d04804883df2c88
- Use the CHECK macro everywhere that assert was used.
- Remove the _debug version of the tests and leave the CHECK macro so
it's always checking in the code.
Bug: 23762183
Test: Ran unit tests.
Change-Id: Ie705eedae393d0e95bb9d99f852687a11881aef1
