Commit graph

1470 commits

Author SHA1 Message Date
Sophia Coldren
5880692ae2 Add an include
Change-Id: I0a6c64d9f1ddd9211de994fd4c6c44d53499775f
2023-10-06 18:46:17 +00:00
Elliott Hughes
716ff7b55a s/master/main/
Test: treehugger
Change-Id: Iabb23436d92686b934f2f2609217714b64ae75de
2023-10-04 23:31:09 +00:00
Elliott Hughes
8d983ee878 Merge "Stop duplicating <linux/capabilities.h>." into main 2023-09-26 17:59:53 +00:00
Elliott Hughes
94ccdc06d0 Stop duplicating <linux/capabilities.h>.
This doesn't help the person who wants CAP_BPF, but we can fix that
better by adding it to our stale glibc (and our future switch to musl
will mean we'll never have similar problems again).

I think this just dates from when we still supported building the OS on
darwin, but those days are long gone, and I think this hack can be put
to rest now...

Test: treehugger
Change-Id: I3c2e56c68a5b00c1ad0aed422c6ce60886063f50
2023-09-25 20:33:02 +00:00
Kiyoung Kim
45d88d496e Do not check with vendor vndk version
Current libcutils checks if memfd is supported with vendor VNDK version,
but this is no longer valid if VNDK is deprecated. As we can assume that
any vendor using this code is supported as long as it is treblelized,
simplify logic to check if memfd is valid to vendor only with
'ro.treble.enabled' property.

Bug: 290159430
Test: Cuttlefish with VNDK deprecated worked without error from
libcutils

Change-Id: I351f0798da99cb4827bc3e424b63a2eaee5c7461
2023-09-23 21:06:57 +09:00
Elliott Hughes
d091aa44b3 Merge "Remove Windows workaround in file not built for Windows." into main 2023-09-22 22:56:38 +00:00
Treehugger Robot
59a2cde894 Merge "Remove unused files." into main 2023-09-22 18:01:48 +00:00
Treehugger Robot
46c366b0ed Merge "Don't duplicate uapi ioprio constants." into main 2023-09-22 18:00:19 +00:00
Elliott Hughes
f6a84e4462 Remove Windows workaround in file not built for Windows.
Test: treehugger
Change-Id: I311cfbc9245cbe90ed6fc4fa379ff5b9abdf21e7
2023-09-22 15:44:42 +00:00
Elliott Hughes
3369fe9cbb Don't duplicate uapi ioprio constants.
This code is only used in init and vold, so I suspect all the
conditional compilation could be moved into the .bp file instead, but
I'm just trying to clean up duplication today...

Test: treehugger
Change-Id: I97013f5de41e109a0cc377400c396145aed569db
2023-09-22 14:51:26 +00:00
Elliott Hughes
1faedd02a3 Remove redefinition of uapi constant added in R.
Test: treehugger
Change-Id: If0ef9c36b2f54eb59d222dedc6bf575d46c9db1d
2023-09-22 14:45:20 +00:00
Elliott Hughes
7107c582fa Remove unused files.
Test: treehugger
Change-Id: I7ea71395b87eb12044fb3e7d19c171149f4cc90b
2023-09-22 14:33:47 +00:00
Tomasz Wasilczyk
6cf9cd0123 Revert "Revert "Remove cutils threads.h header completely.""
This reverts commit c37838eec8.

Reason for revert: b/296247274 root-cause fixed

Change-Id: I859e7500a1dd09e3a66986cda9e62adf5d7a524a
2023-08-16 22:37:14 +00:00
Bruce Po
c37838eec8 Revert "Remove cutils threads.h header completely."
This reverts commit d3550e3314.

Reason for revert: DroidMonitor-triggered revert due to breakage https://android-build.googleplex.com/builds/quarterdeck?branch=git_tm-qpr-dev-plus-aosp&target=aosp_sunfish-userdebug&lkgb=10667572&lkbb=10667604&fkbb=10667601, bug http://b/296247274

Change-Id: I3f3864dc21fcb34cbb2ff524c43c3d92bd260ff6
BUG: 296247274
2023-08-16 17:38:09 +00:00
Tomasz Wasilczyk
d3550e3314 Remove cutils threads.h header completely.
Bug: 289414897
Test: it builds
Change-Id: Ifcde5849923f19f1c898a6a95811eea55be0d276
2023-08-10 15:12:05 +00:00
Treehugger Robot
0c0dafae8d Merge "Remove gettid symbol from cutils" into main 2023-08-10 04:13:24 +00:00
Treehugger Robot
a981d58972 Merge "Remove sub-includes from libcutils/threads.h" into main 2023-08-09 16:43:32 +00:00
Treehugger Robot
a28b62e0c7 Merge "Add snapuserd_ramdisk execute permission" into main 2023-08-07 18:46:33 +00:00
Tomasz Wasilczyk
8b0160868e Remove gettid symbol from cutils
Bug: 289414897
Test: it builds
Change-Id: I3b4c8b35dbf47e41d1fb0912fedc05e6545bd3d7
2023-08-03 22:16:30 +00:00
Tomasz Wasilczyk
d22098f65d Remove sub-includes from libcutils/threads.h
This will drop any incentive to use this header

Bug: 289414897
Test: it builds
Change-Id: I3d7f56ac027f59794cb4cf533847c5fda5529906
2023-08-03 22:16:23 +00:00
Tomasz Wasilczyk
21a0716613 Remove gettid declaration from cutils
Bug: 289414897
Test: it builds
Change-Id: I22d93406cf065c0e3c7d94e800763974d228ee21
2023-08-03 22:16:12 +00:00
Ray-cy.lee
d865493814 Add snapuserd_ramdisk execute permission
Bug: 294192189
Test: th
Change-Id: I42ff176ffb7eae0ac05e7f9cc54090c82df982b5
2023-08-02 16:27:50 +00:00
Tomasz Wasilczyk
8fe4f073c2 Add bug component to cutils
Bug: 289414897
Test: N/A
Change-Id: Ic7122e52c3847beba3891b121b723d19bf2076de
2023-07-27 10:16:05 -07:00
Hao Chen
8dad4b2b8a Merge "threads.h: avoid defining gettid on glibc >= 2.30" into main 2023-07-18 21:38:34 +00:00
Hao Chen
253445ce3a threads.h: avoid defining gettid on glibc >= 2.30
The issue in https://bugs.chromium.org/p/chromium/issues/detail?id=1182060 also
exists on glibc 2.30 and 2.31 since `gettid` was Introduced in glibc 2.30.

See https://man7.org/linux/man-pages/man2/gettid.2.html

Bug: 285204695
Test: Build
Change-Id: I7e534edf8c0a20c415232bcfffabbf2c1d6eec98
2023-07-18 19:52:19 +00:00
Kiyoung Kim
a4648c2be0 Enable ABI dump for libcutils
Enable ABI dump for libcutils, so ABI can be stabilized from any update
after official release.

Bug: 254141417
Test: abidiff intermediates found from libcutils.vendor build
Change-Id: Ic27c82b908b7836c7bc538a24202ed8adba4d048
2023-07-13 07:23:39 +00:00
Tomasz Wasilczyk
0c44d8d68d Make atrace_*_body explicitly a part of API.
Also, remove leftover atrace_set_debuggable(bool) symbol.

Bug: 289151149
Test: it builds
Change-Id: Id9fdf9451567d85b64971a6bb409336b12d3f535
2023-06-29 13:28:37 -07:00
Steven Moreland
7681f71b43 Merge "libcutils_test: static libjsoncpp" 2023-06-06 21:34:44 +00:00
Steven Moreland
40b59a61fc libcutils_test: static libjsoncpp
The 32-bit variant of libjsoncpp is not always installed
on 64-bit devices, so it must always be statically included.

We should probably collapse libcutils_test with
libcutils_test_static in the future.

Bug: 285357054
Test: libcutils_test
Change-Id: Ic84901ce5af766338b2cab07c3cf10841ba9a150
2023-06-06 17:52:39 +00:00
Edward Liaw
e2aba20f19 KernelLibcutilsTest: change test file push location
Upload files to /data/local/tests/unrestricted instead to improve data
collection in the event of a crash.

Bug: 284307085
Bug: 258819618
Bug: 199904562
Test: atest KernelLibcutilsTest
Change-Id: Iff816fd3276b24507c60eddc1bcd3f2c2184c27d
Signed-off-by: Edward Liaw <edliaw@google.com>
2023-06-02 23:39:48 +00:00
Edward Liaw
f8a9ba13f5 TEST_MAPPING: enable KernelLibcutilsTest in kernel-presubmit
Bug: 284307085
Bug: 258819618
Test: atest :kernel-presubmit
Change-Id: Ifa3427d3b7ff66d25ba58f5d16d0d62a709274a0
Signed-off-by: Edward Liaw <edliaw@google.com>
2023-05-31 17:29:17 +00:00
Maciej Żenczykowski
e37468b295 remove inprocess tethering
Test: TreeHugger
Bug: 279942846
Change-Id: Ia3a5d289cceac96d310e04fbae3588789cc859ca
2023-04-27 19:27:57 +00:00
Maciej Żenczykowski
93c9dfcd33 fix clatd permissions try 3 - this time for GSI
where stuff is apparently under /system_ext/apex/...
instead of /system/apex/...

Bug: 277646103
Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I947e44af334628d82ca633546f3328319c2bac60
2023-04-18 21:09:14 +00:00
Satoshi Niwa
d385506465 flattened apex: fix clatd mode also for inprocess tethering
This is a follow-on CL for aosp/2528043

/system/apex/com.android.tethering.inprocess/bin/for-system/clatd
is bind mounted as /apex/com.android.tethering/bin/for-system/clatd
when using inprocess tethering.

Bug: 273821347
Test: `ls -l /apex/com.android.tethering/bin/for-system/clatd` on bertha
Test: Also see aosp/2528043 for how it is tested
Change-Id: Ia20165663e4ff6d9266fe601d25395816792a3f7
2023-04-12 14:35:31 +09:00
Maciej Żenczykowski
1ba94402f2 flattened apex: fix /apex/com.android.tethering/bin/for-system{,/clatd} mode
from packages/modules/Connectivity/Tethering/apex/canned_fs_config
   /bin/for-system 0 1000 0750
   /bin/for-system/clatd 1029 1029 06755
the Tethering apex mounts at /apex/com.android.tethering,
but that's a bind mount, it really lives at /system/...
in the flattened fs image.

Testing via:

aosp$ export OVERRIDE_TARGET_FLATTEN_APEX=true
aosp$ a_make_target aosp_cf_x86_phone-userdebug

$ sudo mkdir /mnt/point && sudo mount -o loop,ro /aosp/out/target/product/vsoc_x86/system.img /mnt/point && egrep /mnt/point /proc/mounts && sudo ls -dlnZ /mnt/point/system/apex/com.android.tethering/bin/for-system{,/clatd} && sudo umount /mnt/point && sudo rmdir /mnt/point

/dev/loop0 /mnt/point erofs ro,relatime,user_xattr,acl,cache_strategy=readaround 0 0

drwxr-x---. 2 0 1000 u:object_r:system_file:s0 44 Apr 11 03:12 /mnt/point/system/apex/com.android.tethering/bin/for-system
-rwsr-sr-x. 1 1029 1029 u:object_r:clatd_exec:s0 18876 Apr 11 03:12 /mnt/point/system/apex/com.android.tethering/bin/for-system/clatd

while without this patch it showed:

drwxr-x--x. 2 0 2000 u:object_r:system_file:s0 44 Apr 11 01:53 /mnt/point/system/apex/com.android.tethering/bin/for-system
-rwxr-xr-x. 1 0 2000 u:object_r:clatd_exec:s0 18876 Apr 11 01:53 /mnt/point/system/apex/com.android.tethering/bin/for-system/clatd

Test: TreeHugger
Bug: 273821347
Bug: 277646103
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I9714b1e935afbe27c2eb4be3f96a9742eb752e92
2023-04-11 10:29:16 +00:00
Edward Liaw
d5ffbdfc56 sched_policy_test: set_sched_policy also set the cpuset policy as fallback
get_sched_policy uses the cpuset policy as fallback if the cpu cgroup
is not recognized.  Pixel is currently not using the cpu cgroup for
background policy due to b/208895940.

Bug: 265852986
Test: atest libcutils_test:libcutils_test.SchedPolicy#set_sched_policy -- --abi arm64-v8a
Change-Id: Ia77ace7513c48b1a14290c6ecc0222b46d6bf927
Signed-off-by: Edward Liaw <edliaw@google.com>
2023-02-01 03:06:45 +00:00
Maciej Żenczykowski
a5083ab7a7 qtaguid.cpp - improvements
Resolves a pair of TODO's, and makes a pair of error return
code paths not return null function pointers.

Note that:
  system/netd/client/NetdClient.cpp
implements this as:

int checkSocket(int socketFd) {
    if (socketFd < 0) {
        return -EBADF;
    }
    int family;
    socklen_t familyLen = sizeof(family);
    if (getsockopt(socketFd, SOL_SOCKET, SO_DOMAIN, &family, &familyLen) == -1) {
        return -errno;
    }
    if (!FwmarkClient::shouldSetFwmark(family)) {
        return -EAFNOSUPPORT;
    }
    return 0;
}

$define CHECK_SOCKET_IS_MARKABLE(sock) \
    do {                               \
        int err = checkSocket(sock);   \
        if (err) return err;           \
    } while (false)

extern "C" int tagSocket(int socketFd, uint32_t tag, uid_t uid) {
    CHECK_SOCKET_IS_MARKABLE(socketFd);
    FwmarkCommand command = {FwmarkCommand::TAG_SOCKET, 0, uid, tag};
    return FwmarkClient().send(&command, socketFd, nullptr);
}

extern "C" int untagSocket(int socketFd) {
    CHECK_SOCKET_IS_MARKABLE(socketFd);
    FwmarkCommand command = {FwmarkCommand::UNTAG_SOCKET, 0, 0, 0};
    return FwmarkClient().send(&command, socketFd, nullptr);
}

which means it *already* verifies that the passed in sockfd
is >= 0 and a socket via getsockopt(SOL_SOCKET, SO_DOMAIN),
as such the 'fcntl(sockfd, F_GETFD)' check is spurious.

Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I91ef68be5b0cc6b1972d514c13a76eaf834a3d5d
2023-01-26 22:39:04 +00:00
Treehugger Robot
aaa402ae6a Merge "TEST_MAPPING: add vts core lib tests" 2023-01-17 18:40:24 +00:00
Edward Liaw
51c52426f7 TEST_MAPPING: add vts core lib tests
Bug: 258819618
Test: atest :kernel-presubmit
Change-Id: I5e60c69e4f442d33a67b138314918725c6321137
Signed-off-by: Edward Liaw <edliaw@google.com>
2023-01-09 22:05:37 +00:00
Maciej Żenczykowski
e28f0ecebc Merge "qtaguid.h - remove qtaguid_setPacifier declaration" 2023-01-03 21:53:54 +00:00
Chih-Hung Hsieh
0ebbc62c63 Fix uninitialized value warnings.
* Also applied clang-format.

Bug: 263274255
Test: presubmit; make tidy-system-core_subset
Change-Id: I63149572b3e1af6ef33ce19c8d3f18b4f28a3eab
2022-12-20 11:56:40 -08:00
Maciej Żenczykowski
65d416a18f qtaguid.h - remove qtaguid_setPacifier declaration
There does not appear to be *any* implementation...

Additionally in a non-qtaguid eBPF world, this API simply appears meaningless...

cs/p:aosp-master qtaguid_setPacifier -file:system/core/libcutils/include.*/cutils/qtaguid[.]h$

finds nothing, except for:
  test/vts/specification/lib/ndk/bionic/1.0/libcutilsV1.vts

  api: {
    name: "qtaguid_setPacifier"
    return_type: {
      type: TYPE_SCALAR
      scalar_type: "int32_t"
    }
    arg: {
      type: TYPE_SCALAR
      scalar_type: "int32_t"
    }
  }

Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I0b7def936920d4dacf90d6bb0a8efb7b09811c6a
2022-12-18 20:40:09 +00:00
Elliott Hughes
06a839fc77 Remove an obsolete workaround.
Bug: http://b/29412086
Test: treehugger
Change-Id: I3a61db8da234b4c150816af264d796da7dfe0af6
2022-10-18 16:31:04 +00:00
Liu Cunyuan
46ed34b68f Add riscv64 support for libcutils
Signed-off-by: Liu Cunyuan <liucunyuan.lcy@linux.alibaba.com>
Signed-off-by: Mao Han <han_mao@linux.alibaba.com>
Change-Id: I3dbe6b6d79c2655ab76f48e48fd22ab72d761dfd
2022-10-12 22:16:41 +08:00
Pete Bentley
6cb61610e6 Add AID for PRNG seeder daemon.
Also adjust permissions on /dev/hw_random to allow prng_seeder group
read access.

Manual testing protocol:
* Verify prng_seeder daemon is running and has the
  correct label and uid/gid.
* Verify prng_seeder socket present and has correct
  label and permissions
* Verify no SELinux denials
* strace a libcrypto process and verify it reads seeding
  data from prng_seeder (e.g. strace bssl rand -hex 1024)
* strace seeder daemon to observe incoming connections
  (e.g. strace -f -p `pgrep prng_seeder`)
* Kill daemon, observe that init restarts it
* strace again and observe clients now seed from new instance

Bug: 243933553
Test: Manual - see above
Change-Id: I4d526844b232fc2a1fa5ffd701ca5bc5c09e7e96
2022-09-26 17:50:09 +01:00
Treehugger Robot
98e474ab43 Merge "Add fdsan capabilities for native handles" 2022-09-06 22:48:31 +00:00
Brian Duddie
9f2af69d2a Add fdsan capabilities for native handles
Introduces new APIs which can be used to simplify application of fdsan
to native_handle_t usage, and applies fdsan protection to
native_handle_clone() by default.

Bug: 244214188
Test: validated alongside sensor service change to use the new APIs
Change-Id: I3be16a09c336bcbe880bdb542d5da2969c2c34d3
2022-09-02 00:44:13 +00:00
Elliott Hughes
b7475a4c3f Add the "sys" group for tests.
It's useful to have a group that shares a numeric id with Linux and
macOS. "root" doesn't count because group 0 is actually called "wheel"
on the BSDs, and macOS has "daemon" and "kmem" as its groups 1 and 2.

This lets us have toybox tar tests that have the same results on all
supported OSes without special handling.

Test: treehugger
Change-Id: I4704d6f9ada84f3065831a099b34d1c20c4c6b03
2022-09-01 00:01:04 +00:00
Florian Mayer
556b4e0f80 Promote HWASan tests to presubmit.
They have been passing and do not show significant slowdown.

Change-Id: I8f6ac751515cffd4904e10d1ec473c3a1fff60ec
2022-06-17 22:41:33 +00:00
Rubin Xu
7e14d138ae Add AID_SECURITY_LOG_WRITER
A suppplementary group to mark which app can write to the security log
buffer. Granted via android.permission.WRITE_SECURITY_LOG and checked by
logd.

Bug: 232283779
Test: manual
Change-Id: I3ad66031ab1c9eef26db0f3e8968659dfa2855cb
2022-05-24 23:34:33 +01:00