C (but not C++) has a concept of a flexible array member, which
is documented at https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html .
Using a flexible array member indicates that the structure is
really a header for a variable length object.
In logd's case, the variable length structure android_event_string_t
was embedded within another structure called
android_log_event_string_t. This makes gcc's __builtin_object_size()
function really confused. When compiling with C++,
__builtin_object_size(android_log_event_string_t.payload.data, 1)
would return 0, whereas if you compiled the code with C, the same
call would (properly) return -1.
Code which does automatic bounds checking, such as the proposed
patch at https://android-review.googlesource.com/145411 , will
cause problems for logd if this syntax is used.
Don't try to embed a variable length structure within another
structure. This doesn't appear to be valid C nor C++, and
while it's worked, it seems problematic.
Instead, inline the structure so it's one big happy structure.
Change-Id: I8ac02b7142a4f6560f5f80df2effcf720f9896fc
(Cherry picked from commit 83e6f2606b)
Resolved conflict in include/private/android_filesystem_config.h, content
already in libcutils/fs_config.c.
Change-Id: I817707721786e9b920fef14ebe836fdcd65a8606
pixelflinger should not be used for new projects and should be moved out
of system/core at some point. As the first step, move all its headers
under system/core/libpixelflinger/include and update its Android.mk
files so they're not referring to the absolute system/core path anymore.
Change-Id: Idead273ab2c0450409d770f5402c4dba916192a9
Signed-off-by: Greg Hackmann <ghackmann@google.com>
pixelflinger should not be used for new projects and should be moved out
of system/core at some point. As the first step, move all its headers
under system/core/libpixelflinger/include and update its Android.mk
files so they're not referring to the absolute system/core path anymore.
Change-Id: I7acc3ef5b2e21d8ba6fe939ea8d3ec4c41959591
Signed-off-by: Greg Hackmann <ghackmann@google.com>
- create a structure to depict the private header
expected at logd end of socket.
- utilize this new structure instead of unscalable
byte stream technique used to unpack in logd.
Change-Id: I2d0e5c3531c279f2dc1fbd74807210ff8d804de0
Currently, /system/xbin/su is world executable. Prior to SELinux
enforcement, anyone (including third party apps) could run su.
The su code itself checks to see if the calling UID is root or shell.
Rather than relying on enforcement within the su binary, modify the
binary so it has group=shell, and remove world-execute permission.
This helps avoid some annoying SELinux denial messages as third party
apps call su on userdebug/eng builds.
Change-Id: I61c9231bb7e201d14ee3a5b6fe81b3fa7b12599f
Define a UID to be used by the process responsible for creating shared
RELRO files for the WebView native library, and create a directory owned
by that UID to use to store the files.
Bug: 13005501
Change-Id: I5bbb1e1035405e5534b2681f554fe16f74e3da1a
Automatically assigned as a GID to all apps running under the same
Android profile. Used for exposing to or sharing files with apps
running in a specific profile.
Analogous to AID_SHARED_GID only the sharing is between processes with
the same userId rather than with the same appId.
The name to be displayed for uids/gids with this AID is 'u*_everyone'.
Change-Id: I46efb749f74cb86868c5609a0ce1a6aab2f9e9c9
* Create a new userspace log daemon for handling logging messages.
Original-Change-Id: I75267df16359684490121e6c31cca48614d79856
Signed-off-by: Nick Kralevich <nnk@google.com>
* Merge conflicts
* rename new syslog daemon to logd to prevent confusion with bionic syslog
* replace racy getGroups call with KISS call to client->getGid()
* Timestamps are filed at logging source
* insert entries into list in timestamp order
* Added LogTimeEntry tail filtration handling
* Added region locking around LogWriter list
* separate threads for each writer
* /dev/socket/logd* permissions
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
(cherry picked from commit 3e76e0a497)
Author: Nick Kralevich <nnk@google.com>
Change-Id: Ice88b1412d8f9daa7f9119b2b5aaf684a5e28098
* Create a new userspace log daemon for handling logging messages.
Original-Change-Id: I75267df16359684490121e6c31cca48614d79856
Signed-off-by: Nick Kralevich <nnk@google.com>
* Merge conflicts
* rename new syslog daemon to logd to prevent confusion with bionic syslog
* replace racy getGroups call with KISS call to client->getGid()
* Timestamps are filed at logging source
* insert entries into list in timestamp order
* Added LogTimeEntry tail filtration handling
* Added region locking around LogWriter list
* separate threads for each writer
* /dev/socket/logd* permissions
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Change-Id: Ice88b1412d8f9daa7f9119b2b5aaf684a5e28098
The script that writes the recovery partition after a successful
update of system needs to be made executable. This change also moves
it from /system/etc to /system/bin.
Bug: 12893978
Change-Id: I686e2392a2392515a6859a7381b735de1007b7ea
Add a service called "pre-recovery" which is normally stopped but can
be started by the system server when we want to go into recovery. It
will do any preparation needed (currently needed to handle update
packages that reside on an encrypted /data partition) and then set
sys.powerctl when it's ready to actually reboot.
Bug: 12188746
Change-Id: I894a4cb200395a0f6d7fe643ed4c2ac0a45d2052
See the comment-block at the top of Aarch64Assembler.cpp
for overview on how AArch64 support has been implemented
In addition, this commit contains
[x] AArch64 inline asm versions of gglmul series of
functions and a new unit test bench to test the
functions
[x] Assembly implementations of scanline_col32cb16blend
and scanline_t32cb16blend for AArch64, with unit
test bench
Change-Id: I915cded9e1d39d9a2a70bf8a0394b8a0064d1eb4
Signed-off-by: Ashok Bhat <ashok.bhat@arm.com>
Pixelflinger's code makes assumptions, at certain places,
that pointers can be stored as ints. This patch makes use
of uintptr_t wherever pointers are stored as int or cast
to int.
Change-Id: Ie76f425cbc82ac038a747f77a95bd31774f4a8e8
Signed-off-by: Ashok Bhat <ashok.bhat@arm.com>
The struct in the union with GGLSurface in struct surface_t assumed
that the reserved field, which corresponds to the GGLsizei version
field in the GGLSurface structure (where GGLsizei is define as being
ssize_t in the system/core/include/pixelflinger/pixelflinger.h header
file) is uint32_t. That is appropriate to the 32-bit system but is
not appropriate to the 64-bit system, where ssize_t is 64-bits rather
than 32-bits.
The 32-bit system has also been tested and has no regression
because of this change.
Change-Id: I5cd84fd4a18fa0e63e27975f7b3d3e95b99cea58
Signed-off-by: Marcus Oakland <marcus.oakland@arm.com>
* Add healthd charger mode ops
* Check for executable invocation as "charger", set charger mode if so
* Incorporate charger executable as healthd charger mode
Change-Id: I4a44e7a4c3a65ae9be94491f7f498aa48d4f8a84
Changes the FUSE daemon to synthesize an Android-specific set of
filesystem permissions, even when the underlying media storage is
permissionless. This is designed to support several features:
First, apps can access their own files in /Android/data/com.example/
without requiring any external storage permissions. This is enabled
by allowing o+x on parent directories, and assigning the UID owner
based on the directory name (package name). The mapping from package
to appId is parsed from packages.list, which is updated when apps are
added/removed. Changes are observed through inotify. It creates
missing package name directories when requested and valid.
Second, support for separate permissions for photos and audio/video
content on the device through new GIDs which are assigned based on
top-level directory names.
Finally, support for multi-user separation on the same physical media
through new /Android/user/ directory, which will be bind-mounted
into place. It recursively applies the above rules to each secondary
user.
rwxrwx--x root:sdcard_rw /
rwxrwx--- root:sdcard_pics /Pictures
rwxrwx--- root:sdcard_av /Music
rwxrwx--x root:sdcard_rw /Android
rwxrwx--x root:sdcard_rw /Android/data
rwxrwx--- u0_a12:sdcard_rw /Android/data/com.example
rwxrwx--x root:sdcard_rw /Android/obb/
rwxrwx--- u0_a12:sdcard_rw /Android/obb/com.example
rwxrwx--- root:sdcard_all /Android/user
rwxrwx--x root:sdcard_rw /Android/user/10
rwxrwx--- u10_a12:sdcard_rw /Android/user/10/Android/data/com.example
These derived permissions are disabled by default. Switched option
parsing to getopt().
Change-Id: I21bf5d79d13f0f07a6a116122b16395f4f97505b
DBUS had been needed by bluetooth bluz stack. It is not needed after
we replaced bluez stack with bluedroid stack.
bug 6872904
Change-Id: I3fa41c1dd4ac80bc679d5950b3b20c7f6d12265f
