When native coverage is enabled, add a global GCOV_PREFIX
environment variable specifying that gcda files be output
with path prefix /data/local/tmp.
Bug: 35635587
Test: make NATIVE_COVERAGE=true; check init.environ.rc
Change-Id: I40972aea3ca3168d0687bdc93e9d4b7b3a1071b9
Parts of this change were accidentally reverted by an incorrect
manual merge conflict resolution.
Bug: 35306127
Test: manual
Change-Id: I8e6d6b07dcaa548775213dd42ba9def7431c62d3
This prevents the shell user from injecting input as if it were coming
from an existing input device, which in turn makes it easier for malware
/ abuse analysis to detect when someone is injecting input via the
command line vs a real user using a device.
(cherrypick of 95637eb2a332b9a09914b1bf32c10fccfba4a175.)
Bug: 30861057
Test: ran getevent, saw correct output, played with device
Change-Id: Ib53eea1b7767f25510b5d36fe6109101a9fad8e0
This reverts commit e5aee79e9c.
Given recent improvements to boot timing, and higher paralellization,
the lazy preloading of zygote resources makes boot time slightly slower
by ~100-250ms. Therefore, the change is being reverted until we can do
it properly and defer it to a later point in the boot process. This work
is being tracked by b/34810190
BEFORE
------
successive-online : 17290.0,17633.0,17329.0,17655.0,16802.0,16888.0,17645.0,17369.0,17572.0,16932.0,
successive-online_avg : 17311.5
successive-boot : 24834.0,25119.0,25122.0,25091.0,25617.0,25535.0,25047.0,27462.0,25088.0,25648.0,
successive-boot_avg : 25456.3
AFTER
-----
successive-online : 16973.0,16530.0,17015.0,17953.0,17367.0,17098.0,16887.0,17377.0,18039.0,16742.0,
successive-online_avg : 17198.1
successive-boot : 24921.0,25622.0,25781.0,25449.0,25128.0,24774.0,24554.0,25029.0,24544.0,25809.0,
successive-boot_avg : 25161.1
Test: Boot timings collected with tradefed harness.
Bug: 34810190
Change-Id: I9a6dd5ce31bda067e74fc088b057711fa4a7a0fb
This prevents the shell user from injecting input as if it were coming
from an existing input device, which in turn makes it easier for malware
/ abuse analysis to detect when someone is injecting input via the
command line vs a real user using a device.
Bug: 30861057
Test: ran getevent, saw correct output, played with device
Change-Id: Ib53eea1b7767f25510b5d36fe6109101a9fad8e0
When vold mounts the encrypted /data partition, it first checks for and
kills processes that have open fds to the tmpfs placeholder at /data.
This resulted in a 20 second boot-time regression (vold's timeout period)
when tombstoned was started before vold.
Bug: http://b/34461270
Test: boot is faster, no messages from vold in console spew
Test: tombstoned still started by init
Change-Id: Ib5e9ddb05f40c9da852f00e103861c6ff2d94888
Also ensure that it uses the highest supported value, and
abort if the value is not above a minimum threshold.
Test: Tested against the curent kernel (maximum value of 2,
set to 0 by the kernel initially) and against a
modified kernel (maximum value of 4, set to 4 by the
kernel initially)
Bug: 30368199
Change-Id: I608db577258b68b390ffe96f452e1f7c0bc9ad8a
for audio_source function instance, there exist 2 function name here:
"audio_source.gs2" and "audio_source.gs3"
I believe this usb accessory audio name "audio_source.gs2" is a typo,
as there is no need to create another audio_source instance.
Test: Manual
Change-Id: I70b513db474632eb990131c285c8d5105c17970f
Signed-off-by: Winter Wang <wente.wang@nxp.com>
Since splitting tracefs out from debugfs, we now need to set the
attributes explicitly on tracing folder.
Test: Run adb shell atrace -c -b 16000 -t 5 gfx
Bug: 34197733
Change-Id: If2a962332b6d1ec227e289bdf952213756e26186
Everything should be using the functionfs interface instead by now.
Bug: http://b/34228376
Test: grepping for f_adb, android_adb in source tree
Test: m
Change-Id: I6bc41049c49a867499832588dac8ed108c636c11
This helps to avoid tearDownInterfaces call from WiFiStateMachine's
constructor.
Bug: 33752168
Test: on device
(cherry picked from commit 0db195d0757e36c73b9da5a95d9b9986386f0f2e)
Change-Id: I55f56dd8daa5089073ff8dd424e92d09326c7d00
This helps to avoid tearDownInterfaces call from WiFiStateMachine's
constructor.
Bug: 33752168
Test: on device
Change-Id: I44527ee39700c5ac3259bba3a007dde6979170ff
The SO_RCVBUFFORCE option requires the caller of uevent_create_socket()
to have net_admin capabilities.
Set platform default rcv/snd buffer sizes to 256kb that will always be
overridden by the device/target. However, it will allow
ueventd / healthd to use the uevent_create_socket() API w/o requiring
the net_admin capability.
Note: All devices override the buffer sizes according to the technology
maximum to at least ~8MB. So, the init.rc change here is to make sure
platform code can work w/o any overrides.
Test: no SELinux failures for healthd with 'net_admin' removed.
Bug: https://b/32733887
Change-Id: Ida346468cd550ad07901bf3a78ad508939849906
Signed-off-by: Sandeep Patil <sspatil@google.com>
Most notably, there's no longer any need to guess an end time.
Bug: http://b/23478578
Bug: http://b/33450491
Test: rebooted with bootcharting on/off
Change-Id: Icb7d6859581da5526d77dfc5aa4d57c9bfbfd7e2
It's 5 characters shorter, has no runtime costs, can be stored on a
read-only partition, and avoids problems like b/27262109 and b/27204904.
It allows makes some security hardening easier.
Bug: 27262109
Bug: 27204904
Bug: 32799236
Test: verified new symlink created and old one not present
Change-Id: Ief362e13569ad9c868a7f0f9c4dbd6a328c96c6b
Use to solve the problem of tracefs conditionally being mounted
under debugfs and needing restorecon'd without boot performance
penalty.
Also move skip-ce to a flag for consistency.
Test: Check that trace_mount has correct attributes after boot
Bug: 32849675
Change-Id: Ib6731f502b6afc393ea5ada96fa95b339f14da49
Start update_verifier in cache group to avoid dac_override
Bug: 30020920
Change-Id: I227b4a0e1c07e7b9bf209b432e9db02275ffe660
Test: mma
(cherry picked from commit 1e4635f0a8)
* changes:
healthd: refactor healthd code to split into 'charger' and 'healthd'
healthd: build 'charger' and 'healthd' binaries
healthd: refactor to split charger and framework facing code
This renames the old '/sbin/healthd' to '/sbin/charger'
which is to be only used in recovery and charger-only mode.
.. and adds a new dynamically linked executable in /system/bin/healthd
to be used as 'healthd' in Android.
text data bss dec hex filename
817404 36704 37960 892068 d9ca4 root/sbin/charger {was healthd}
72717 11064 12984 96765 179fd system/bin/healthd {*new*}
890121 47768 50944 988833 f16a1 (TOTALS)
Corresponding changes in recovery and charger-only .rc files are
required change how 'charger' is launched in each mode.
Update the seclable for healthd with the launch path in init.rc
Test: Boot tested and verified all 3 modes (recovery, charge-only,
android)
Change-Id: I4ada27a4c113258c5be1fd10adb0f58232b10024
Signed-off-by: Sandeep Patil <sspatil@google.com>
restorecon_recursive doesn't traverse filesystem boundaries. On
tracefs systems, tracing is a separate filesystem, so restorecon
this as well
Bug: 30963384
Test: Boot hikey, and check that there are no debugfs_tracing denials in dmesg
Change-Id: I24abd3ad80d2cfdab4f64fecee799fc0c24ed238
In zygote wrapping mode, ZygoteConnection does a check to see if the pid
reported by the wrapped process is either child process that was
forked, or a decendent of it. This requires read access to other
processes /proc files. Grant zygote AID_READPROC to allow this access.
Bug: 32610632
Test: manual inspection of /proc files to verify group.
Test: manual inspection of zygote's children to make sure they do not
inherit AID_READPROC
Change-Id: I3619a9ae33c8077e068e8024f7c7d44cfca6fb76
This will make it possible to start some key services before mounting
data partition
Bug: 30118894
Change-Id: Ia9f8cc035de6cc0df9a61605864915efa0266d7f
(cherry picked from commit abfbec342f)
This will make it possible to start some key services before mounting
data partition
(cherry picked from commit abfbec342f)
Bug: 30118894
Change-Id: Ia9f8cc035de6cc0df9a61605864915efa0266d7f
This will make it possible to start some key services before mounting
data partition
Bug: 30118894
Change-Id: Ia9f8cc035de6cc0df9a61605864915efa0266d7f
persist.sys.usb.config stores the usb functions which need to be enabled
when the phone boots up. When the phone is actually booted, setting this
would also activate the following action trigger on sys.usb.config
From init.usb.rc:
Used to set USB configuration at boot and to switch the configuration
when changing the default configuration
on property:persist.sys.usb.config=*
setprop sys.usb.config ${persist.sys.usb.config}
sys.usb.config is anyways set to the actual functions by UsbDeviceManager
once it is set to none. Therefore add "on boot" condition to the above
action trigger so that persist.sys.usb.config does not race with
sys.usb.config.
BUG: 30440213
Change-Id: I3333d0b8334fb627469c7faad250bf3151bb1ebf
Rndis n/w interface "usb0" registration/deregistration is broken. If a
user try to switch to other functions or disable usb tethering or unplug
the usb cable then it doesn't kill "usb0" interface.
Fix is to delete Rndis function to unregister tethering interface when
switching from tethering to other functions or disable/unplug the
tethering cable. If we don't do that then the rndis netdev interface
will never be freed or unregistered.
This also means the rndis function has to be created everytime user
enable tethering function from Settings instead of creating it at
"on boot" in init.$hardware.usb.rc like we do currently. A relevant fix,
Change-Id: Icb49020d624fb21ef2607d473948cbbf3b9cc469, for reference has
already been submitted for device/linaro/hikey
Change-Id: If1f922e02277cccdc8c0b263be63989ee102cc80
Reported-by: Winter Wang <wente.wang@nxp.com>
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
The sched_compat_yield option was eliminated in Linux 2.6.38 by commit
ac53db596cc0 ("sched: Use a buddy to implement yield_task_fair()") and
as a result, the following error is printed to the log during boot up.
init: write_file: Unable to open '/proc/sys/kernel/sched_compat_yield':
No such file or directory"
Bug: 30034121
Change-Id: Idbdb68de0cb3ab1f67d82a4d66af880bcfdfe261
(cherry picked from commit 724dfbac70)
The sched_compat_yield option was eliminated in Linux 2.6.38 by commit
ac53db596cc0 ("sched: Use a buddy to implement yield_task_fair()") and
as a result, the following error is printed to the log during boot up.
init: write_file: Unable to open '/proc/sys/kernel/sched_compat_yield':
No such file or directory"
Bug: 30034121
Change-Id: Idbdb68de0cb3ab1f67d82a4d66af880bcfdfe261
When building without vendor/... in the tree, we won't be creating a
vendorimage, so BOARD_VENDORIMAGE_FILE_SYSTEM_TYPE won't be defined. But
we still need to use the vendor image that will be present.
Bug: 30040825
Change-Id: I756adc615aea11da60da4d3a4568caca9fed93ab
Extend the asan.options file to read binary-specific configuration
from files out of /system. For early services, the system image
location is important as /data may not be available when they are
started.
Add a template that turns most sanitization off. At this point in
time, it is, however, impossible to get to a zero overhead state
after the fact. The template is meant to adapt a build after the
fact, and work around issues with LOCAL_SANITIZE := never.
Add a Make variable and rule copying the template to the path and
name expected by ASAN. Add SANITIZE_LITE to automatically add a
large set of options files.
Bug: 29498013
Change-Id: I8e9e6929a55cee3f3fa0acb377a886bfa7006c91
We will store OTA packages there for both A/B and non-A/B OTAs. The
directory will be accessed by GMSCore (for both), uncrypt (non-A/B),
update_engine (A/B), update_verifier (A/B) and possibly system server
(for non-A/B OTAs to clean up half-way uncrypt'd packages).
Bug: 28944800
Change-Id: I5aa8156ec5052bd15dfadd4d8c28925d464e4401
(Cherry picked from commit 2b22a66382)
This adds a system property for controlling unprivileged access to
perf_event_paranoid. It depends on adding kernel support for
perf_event_paranoid=3 based on grsecurity's PERF_HARDEN feature to
completely disable unprivileged access to perf. A minimal port of this
feature is used in the vanilla Debian kernel by default.
It hides the non-hardened value as an implementation detail, since while
it is currently 1, it will probably become 2 in the future.
Bug: 29054680
Change-Id: I6e3ae3cf18d8c76df94f879c34fb6fde519b89a9
This adds a system property for controlling unprivileged access to
perf_event_paranoid. It depends on adding kernel support for
perf_event_paranoid=3 based on grsecurity's PERF_HARDEN feature to
completely disable unprivileged access to perf. A minimal port of this
feature is used in the vanilla Debian kernel by default.
It hides the non-hardened value as an implementation detail, since while
it is currently 1, it will probably become 2 in the future.
Bug: 29054680
Change-Id: I6e3ae3cf18d8c76df94f879c34fb6fde519b89a9
When using EAS, the foreground tasks were all getting boosted
during touchboosts. Limit it to top-app tasks.
BUG: 28378389
Change-Id: I72b7158a614bfd9b6c61024774e408ceba61fc9c
am: 66d69b902f
* commit '66d69b902f4ba15f2d2ad6b3d8214ae3355076cd':
init: usb: disable usb function switch until adbd is ready
Change-Id: Ib9022f062bece4a7fee2772df1d8f917c04f8e55
am: 7e11db1b32
* commit '7e11db1b3206cd92d52fca0b324f6a5260a68aec':
init: usb: disable usb function switch until adbd is ready
Change-Id: I12e8fab36f39a9b97e52ace30ab54b3a9fd7bf0f
am: b61ecb5213
* commit 'b61ecb5213e1c94e823f23d7f5a8a0a93db617d6':
init: usb: disable usb function switch until adbd is ready
Change-Id: I5fc733ee946b4d0accf58f56c80270f9e13d9f63
