* changes:
trusty: fuzz: dump trusty kernel logs on crash
trusty: Add corpus for gatekeeper fuzzer
trusty: Fuzzer for Gatekeeper TA
trusty: fuzz: Helper library
Adds an Abort() function to the fuzzer utils library that grabs and
prints the relevant trusty kernel logs before exiting the fuzzer.
Test: /data/fuzz/arm64/trusty_gatekeeper_fuzzer/trusty_gatekeeper_fuzzer
Change-Id: I7741c7e5e0ffdc402e3d3dd9a7e5856e2a640dd2
On devices without a dedicated recovery partition, it is possible that
e2fsck exists in /system/bin, not /first_stage_ramdisk/system/bin, if
it is using generic ramdisk. When force_normal_boot, /system/bin/e2fsck
would not exist during first stage mount.
In this case, move /first_stage_ramdisk/system/bin/e2fsck to
/system/bin/e2fsck before switching root into /first_stage_ramdisk.
Abort if the operation fails.
On devices launching with R, e2fsck should already exist in the correct
place, so skip moving if force_normal_boot and
/first_stage_ramdisk/system/bin/e2fsck already exists.
On devices launching before R, it is possible that /system/bin/e2fsck
does not exist. Skip moving if force_normal_boot and /system/bin/e2fsck
does not exist.
Fixes: 171326057
Test: boot with GKI and move_recover_resources_to_vendor_boot, and
check serial output
Change-Id: I8008a4cad54c7c74a84cbcabe56723bf0e193025
Some functionality based on eBPF attached to tracepoints (gpu memory
accounting and time-in-state) rely on newer devices running with
"disabled" perf_event_paranoid controls as a result of the kernel having
LSM hooks in the perf_event_open syscall instead. This is tested
for, and set up by init via the sys.init.perf_lsm_hooks sysprop.
Development devices that boot into permissive mode still want the
eBPF-based functionality to work, but end up with a paranoid value that
disallows the syscall, as the LSM hook test expects to observe a SELinux
denial (which doesn't happen due to permissiveness).
As a pragmatic way of achieving the paranoid value override, we pretend
that the hook test has succeeded if we detect permissive SELinux during
second-stage init. It'd be nicer if we had a sysprop to reflect the
device's on-boot status of SELinux, but it's not worth adding for this
case.
BYPASS_INCLUSIVE_LANGUAGE_REASON=technical term
Bug: 170674916
Tested: booted crosshatch-userdebug with permissive kernel cmdline,
confirmed that the log message from the new codepath was present
in logcat, sysprop is 1, and paranoid is -1.
Change-Id: I9df5da2076cdbd777d35e50e8cd7a483ec85e20a
* changes:
libprocessgroup_headers: make vendor_ramdisk_available.
libdebuggerd_handler_fallback: make vendor_ramdisk_available.
libcutils: make vendor_ramdisk_available.
libpropertyinfoparser: make vendor_ramdisk_available.
For devices using utilclamp create cpu controller hierarchy. Do not
remove schedtune hierarchy yet because init.rc is generic and should
work with devices which still use schedtune.
Bug: 170507876
Test: cpuctl groups worked
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: I8494b0b64336e0c882847d555c262814bef2ffa1
* changes:
libsnapshot: Remove the timeout on client recv().
libsnapshot: Integrate with snapuserd.
snapuserd: Add an API call to wait for device deletion.
This simple tool will dump the COW header and included ops to stdout.
Bug: N/A
Test: mm inspect_cow && inspect_cow <file>
Change-Id: I369c4a21a84c95ffc10670bd9eeb2ceccb2a56d6
This reverts commit 2f77d1adc8.
Reason for revert: Applying a Fix to DS directly. No need for merged-In, since the topic is already landed in DS branch
Change-Id: I86cba9b20efebc9e700522e1697bc8f893c43089
This is so update engine can resume from the correct label.
Bug: 168554689
Test: vts_libsnapshot_test
Change-Id: Ib04e80e8219f954f105d5a85f86efa7bb9097579
Bug: 168554689
Test: vts_libsnapshot_test
Test: full OTA with update_device.py
Test: incremental OTA with update_device.py
Change-Id: I3878abfd767d2e47cf8486bc2c06233da2f1ef08
The critical services can now using the interface `critical
[window=<fatal crash window mins>] [target=<fatal reboot target>]` to
setup the timing window that when there are more than 4 crashes in it,
the init will regard it as a fatal system error and reboot the system.
Config `window=${zygote.critical_window.minute:-off}' and
`target=zygote-fatal' for all system-server services, so platform that
configures ro.boot.zygote_critical_window can escape the system-server
crash-loop via init fatal handler.
Bug: 146818493
Change-Id: Ib2dc253616be6935ab9ab52184a1b6394665e813
