Commit graph

43628 commits

Author SHA1 Message Date
Treehugger Robot
01acb70e80 Merge "base: Add sensitivity to TMPDIR environment for TemporaryDir and TemporaryFile" 2018-11-14 23:03:32 +00:00
Yifan Hong
098cc974de liblp: partition_opener: fix log; more logs
Test: manual
Change-Id: I48777a479651dbd389e0a4420505342cb272b9f2
2018-11-14 22:45:20 +00:00
Elliott Hughes
da94ca4d28 Stop using __STRING unnecessarily.
Bug: N/A
Test: builds
Change-Id: I8748abf834ec3a808eb2fc6ee0f288562fb0b4ea
2018-11-14 14:27:22 -08:00
Mark Salyzyn
d2f5888894 base: TemporaryDir add DoNotRemove() method
Recursively delete all contents in a temporary directory in the
destructor.  If the caller wants the contents preserved, then
call DoNotRemove().

Test: compile
Bug: 119313545
Change-Id: I3601c06334920055a60dd3074b249824f4d6f510
2018-11-14 12:54:08 -08:00
Mark Salyzyn
46c2df5812 base: TemporaryDir rm -rf directory in destructor
Recursively delete all contents in a temporary directory in the
destructor.

Test: compile
Bug: 119313545
Change-Id: I9570a8591f4e51f8f4f1157e75ccc1b781f8a19d
2018-11-14 12:52:42 -08:00
David Anderson
a14f111377 liblp: Use TMPDIR instead of P_tmpdir.
lpmake should be using the intermediates directory for temporary work
rather than /tmp.  Add ability to respect TMPDIR environment as
inherited from TemporaryFile.

Bug: 119313545
Test: manual test
Change-Id: I1a0317538875ee37fb4066602ff7a75e4658d74b
2018-11-14 12:52:23 -08:00
Mark Salyzyn
6009a2debc base: Add sensitivity to TMPDIR environment for TemporaryDir and TemporaryFile
Test: compile
Bug: 119313545
Change-Id: I2917847f0e90df94d74f4bfc0b13fbc6a5f243c3
2018-11-14 12:52:13 -08:00
Treehugger Robot
b9cb149441 Merge "switch to using android-base/file.h instead of android-base/test_utils.h" 2018-11-14 20:27:23 +00:00
Mark Salyzyn
9f1cf25332 switch to using android-base/file.h instead of android-base/test_utils.h
Test: compile
Bug: 119313545
Change-Id: I4f7ad84743e974b4b4d1d7256088f6c8b749a237
2018-11-14 09:35:34 -08:00
Treehugger Robot
e77298ce9f Merge "base: move TemporaryFile and TemporaryDir to android-base/file.h" 2018-11-14 15:20:47 +00:00
Treehugger Robot
af4a0e846e Merge "liblp: SparseBuilder: num_blocks aren't check correctly" 2018-11-14 06:57:46 +00:00
Treehugger Robot
0d700897c4 Merge "liblp: fix error message" 2018-11-14 03:08:49 +00:00
Yifan Hong
6ddf9683a1 liblp: fix error message
Test: pass
Change-Id: I5a969c3fbabd8f32ea785a6196225e655205245b
2018-11-13 13:58:27 -08:00
Yifan Hong
27a34d71c1 liblp: SparseBuilder: num_blocks aren't check correctly
Test: builds

Change-Id: Ic0fe481cd168217d764b7c69dfe9da124a277f82
2018-11-13 12:57:44 -08:00
Mark Salyzyn
0790b2465a base: move TemporaryFile and TemporaryDir to android-base/file.h
Allow a wider legitimate audience to use TemporaryFile and
TemporaryDir by moving them from android-base/test_utils.h to
android-base/file.h.

Test: compile
Bug: 119313545
Change-Id: Ie558c5873ce5b3937914918b6bfb427e5b61d0da
2018-11-13 12:44:21 -08:00
Tom Cherry
9856460763 fs_mgr: remove by_name_symlinks_map_ from AvpOps
With the addition of the /dev/block/by-name/ symlinks created for the
boot_device, we no longer need to use a map to track the symlinks for
the partitions AVB needs to access.

This will help us in removing the requirement to specify which
partitions contain AVB metadata.

Bug: 117933812
Test: boot blueline_mainline with AVB
Change-Id: I1d46dba5b2fc16b2a14f861b34225ac0f2995b60
2018-11-13 11:37:36 -08:00
Josh Gao
c55fab4a59 Merge "Revert "adb: make benchmarks build on the host."" 2018-11-13 19:29:20 +00:00
Josh Gao
1289e1ec65 Revert "adb: make benchmarks build on the host."
This reverts commit 80dd70d285.

Breaks the darwin build.

Change-Id: If95266c6fc027cf2a706f3c83dce7e50b762b8aa
2018-11-13 11:28:29 -08:00
Josh Gao
7d3f006666 Merge changes Ifed3b97a,I09aacb94,I9afedd7b
* changes:
  adb: fix NonblockingFdConnection's behavior with large writes.
  adb: fix zero-initialization in Block.
  adb: make benchmarks build on the host.
2018-11-13 18:51:30 +00:00
Tom Cherry
02ac44c993 Merge "logd: fix memory leak due to slow reader" 2018-11-13 16:18:58 +00:00
Treehugger Robot
34ffa7e074 Merge "init: error log on by-name identical replacement" 2018-11-13 15:27:27 +00:00
Treehugger Robot
a07d2959cf Merge "Add support for updatable services" 2018-11-13 11:11:58 +00:00
Josh Gao
bc4dbfafb1 adb: fix NonblockingFdConnection's behavior with large writes.
Large opportunistic writes would perform a write without updating
writable_ or waking up the polling thread, which resulted in the worker
thread never polling with POLLOUT.

Test: adb_benchmark
Change-Id: Ifed3b97a4b647b539dcd2df858572fa7da9a22d0
2018-11-12 20:54:39 -08:00
Josh Gao
10d079a37b adb: fix zero-initialization in Block.
Iccfe3bd4fe45a0319bd9f23b8cbff4c7070c9f4d changed Block from using
malloc to std::make_unique, which does the equivalent of
`new char[size]()`, which value initializes the array members to 0.
Switch to `reset(new char[size])` to avoid this costly initialization.

Test: adb_benchmark
Change-Id: I09aacb949a7bd4a946ce35a8ee65d1f451577b72
2018-11-12 20:54:39 -08:00
Josh Gao
80dd70d285 adb: make benchmarks build on the host.
Test: adb_benchmark
Change-Id: I9afedd7bdcf645652e514d98bb88036753718168
2018-11-12 20:54:30 -08:00
Josh Gao
d08b470e25 Merge changes Ibb109618,If1451871
* changes:
  adb: flush stderr after logging on Windows.
  adb: libusb: don't set interface alternate setting.
2018-11-13 04:53:03 +00:00
Tom Cherry
877e074eaf Merge "fs_mgr: remove same partition check for vbmeta" 2018-11-13 00:40:24 +00:00
Tom Cherry
7bfea3d59c init: clean up the 1st/2nd stage init split
The first split of 1st/2nd stage init went a bit overboard, since it
split these even in the case of the recovery image and system-as-root,
which don't actually need the split.  This change simplifies this a
bit:

system-as-root and recovery have a single combined /system/bin/init
and a symlink from /init to it.

non-system-as-root has a separate first stage init at /init on the
first stage ramdisk and a combined /system/bin/init on system.img.

Two particular benefits from this:
1) Removal of the rsync of TARGET_RAMDISK_OUT to the recovery image
2) Decrease of overall space on the recovery image since it won't have
   a statically linked first stage init

This also unified the various entry points of init to depend entirely
on the arguments passed to it, instead of the hybrid of arguments and
environment variable used previously.

Bug: 80395578
Test: boot both system-as-root and non-system-as-root
Change-Id: Ic2f29b6f56b7defc80eaa0e7cd0c9107e978816f
2018-11-12 16:08:19 -08:00
Jiyong Park
80aa44704c Add support for updatable services
A service with 'updatable' option can be overriden by the same service
definition in APEXes.

/system/etc/init/foo.rc:

service foo /system/bin/foo
    updatable

/apex/myapex/etc/init.rc:

service foo /apex/myapex/bin/foo
    override

Overriding a non-updatable (i.e. without updatable option) service
from APEXes is prohibited.

When an updatable service is started before APEXes are all activated,
the execution is delayed until when the APEXes are all activated.

Bug: 117403679
Test: m apex.test; adb push <built_apex> /data/apex; adb reboot
adb shell, then lsof -p $(pidof surfaceflinger) shows that
the process is executing
/apex/com.android.example.apex@1/bin/surfaceflinger instead of
/system/bin/surfaceflinger

Change-Id: I8a57b8e7f6da81b4d2843e261a9a935dd279067c
2018-11-13 08:59:14 +09:00
Josh Gao
68b5d0c3e3 adb: flush stderr after logging on Windows.
Test: set ADB_TRACE=1 & adb.exe server nodaemon
Change-Id: Ibb109618be7eaae49461a306e34ff79451ec330e
2018-11-12 14:08:40 -08:00
Josh Gao
cd85556151 adb: libusb: don't set interface alternate setting.
Match behavior with the legacy implementation.

Test: ADB_TRACE=1 adb server nodaemon
Change-Id: If1451871f252ef4499b3bb887e947169f8d2432f
2018-11-12 14:08:40 -08:00
Mark Salyzyn
3c426b65f6 init: error log on by-name identical replacement
The following message creates unnecessary alarm:

init: Partition system_a already existed in the by-name symlink map \
 with a value of \
 /dev/block/platform/soc/1d84000.ufshc/by-name/system_a, new value \
 /dev/block/platform/soc/1d84000.ufshc/by-name/system_a will be \
 ignored.

and in the code is cited as an ERROR.  The message admittedly does
point out an inefficiency by reporting multiple updates.

Test: compile
Change-Id: I388a76fa078cf9de5840930247f732d16ccb0719
2018-11-12 20:27:09 +00:00
Treehugger Robot
42b38900d7 Merge "fastboot: pin USB interface versions on darwin." 2018-11-12 20:23:26 +00:00
Jintao_Zhu
5f93072db3 logd: fix memory leak due to slow reader
Kernel panic - not syncing: Out of memory occurred once after 8 hours
automatic test which cases are about Summary:logd memory leak UTResult
: 1/1

IssueID: 93440

Rootcause: the method "LogTimeEntry::FilterSecondPass"(called inside
"LogBuffer::flushTo") does not check the condition flag
"LogTimeEntry::mRelease" which will be set to true when "logd" begins
to kick off a client when it finding the client is slow-est.
Therefore the client cannot be kicked off and hence the log-element
list becomes longer and longer if the slowest client reading more
slower than the writer writing.

Change-Id: I91a44a393e63b3122c15ce269ee195e0eb4339e8
Solution: add the check.
Test: logd kills slow reader
2018-11-12 10:24:15 -08:00
Tom Cherry
13856a05e7 Merge "Reland: "init: chroot from recovery to /first_stage_ramdisk"" 2018-11-12 16:38:59 +00:00
Nick Kralevich
adfe8c4545 Merge "Set bin directories to 0751" 2018-11-12 05:06:50 +00:00
Treehugger Robot
a4e4e39421 Merge "init parses *.rc files from APEXes" 2018-11-12 02:53:41 +00:00
Eran Messeri
be0ab0a6e0 fastboot: pin USB interface versions on darwin.
Similar to the change to adb in Id26760bc62c89a1f7ef67511b21f9d9252ab69f3,
pin the interface version to IOUSBFamily 5.0.0.

Bug: 119264733
Test: Manual
Change-Id: Ied9164532c0ba6f20415dafecb0c774578aa5c57
2018-11-11 18:14:58 -08:00
Nick Kralevich
f4fc922f0b Set bin directories to 0751
Currently, /system/bin, /system/xbin, /product/bin, and /vendor/bin
are 0755, which allows any process to iterate through those
directories and list out the contents. For the vast majority of
processes, this is unnecessary. They only need to know whether a
particular binary exists or doesn't exist, but they don't need to
know the other binaries within those directories.

Allowing this is particularly problematic for SELinux. In particular,
some third party Android applications try to examine every file in
the bin directories, generating SELinux audit noise along the
way. This audit noise makes it harder to see real bugs, and falsely
implies an architectural dependency between the application and random
files in directories like /system/bin.

This change removes the ability to list the contents of the various bin
directories, preventing random probing by such apps. The ability to
execute files, or to probe a specific file by name, remain unchanged.

Addresses SELinux denials similar to the following:
  avc: denied { getattr } for comm="Thread-11" path="/system/bin/atrace" dev="dm-0" ino=189 scontext=u:r:untrusted_app_27:s0:c512,c768 tcontext=u:object_r:atrace_exec:s0 tclass=file permissive=0 app=uk.co.santander.santanderUK
  avc: denied { getattr } for comm="Binder:26637_2" path="/system/bin/atrace" dev="dm-0" ino=168 scontext=u:r:untrusted_app_25:s0:c512,c768 tcontext=u:object_r:atrace_exec:s0 tclass=file permissive=0 app=com.tencent.mm
  avc: denied { getattr } for comm="Thread-12" path="/system/bin/apexd" dev="dm-0" ino=451 scontext=u:r:untrusted_app_27:s0:c512,c768 tcontext=u:object_r:apexd_exec:s0 tclass=file permissive=1 app=com.grppl.android.shell.CMBlloydsTSB73

Shell access to these directories continues to be allowed, to allow for
host-side CTS tests.

Also adjust the indentation of some clang directives, to make the
presubmit hooks happy.

Test: Device boots and no apparent problems.
Change-Id: Ibe75682fac1983d39f3f479a5850ab5a96f6627d
2018-11-11 11:29:10 -08:00
Treehugger Robot
b6ae0e4fc3 Merge "liblp: Add a helper method for upgrading metadata on retrofit devices." 2018-11-10 22:28:41 +00:00
David Anderson
140d053c02 liblp: Add a helper method for upgrading metadata on retrofit devices.
This adds a new MetadataBuilder constructor, NewForUpdate, that can be
used by update_engine to simplify upgrading metadata. It is safe to call
whether or not the device is a retrofit. If the metadata has block
devices assigned to a specific slot, and that slot matches the slot
suffix, it will ensure that an equivalent entry exists for the alternate
slot.

Thus, if the source slot is _a and the target slot is _b, and the
metadata has "system_a" as a block device but not "system_b", this will
automatically add "system_b" as a block device.

Bug: 116802789
Test: liblp_test gtest
Change-Id: Ie89d4dbf4c708b5705e658220227ebf33fcb1930
2018-11-09 16:03:40 -08:00
Tom Cherry
866c08c0ac Reland: "init: chroot from recovery to /first_stage_ramdisk"
When using the recovery image as a trampoline to boot the system,
first chroot from the recovery image to /first_stage_ramdisk, to
minimize differences between these two boot paths.

Primary motivation is due to the fact that the basename of each mount
point is used by device-manager to name its nodes, and the previous
code that created used /system_recovery_mount as the mount point for
system.img broke AVB.  Instead of hacking around that issue, this
change unified mounting for the recovery trampoline and true first
stage ramdisk paths.

Change when relanding: the original change skipped the move mount from
/first_stage_ramdisk to / and only did a chroot instead.  This was a
mistake that resulted in the subsequent move mount of /system to / to
mount over the '/' directory instead of moving that mount.  This
change uses a bind mount of /first_stage_ramdisk to itself instead of
skipping the first move mount.

Bug: 114062208
Test: AVB works with blueline_mainline
Change-Id: I65207edfe98531892da2eafcbff19b438c9c64fe
2018-11-09 14:58:46 -08:00
Jiyong Park
c240440eec init parses *.rc files from APEXes
Init now parses *.rc files from the APEXs when the apexd notifies the
mount event via apexd.status sysprop.

Bug: 117403679
Test: m apex.test; adb root; adb push <builtfile> /data/apex; adb reboot
adb root; adb shell setprop ctl.start apex.test; dmesg shows that init
tries to start the service which doesn't exist.

[   47.979657] init: Could not ctl.start for 'apex.test': Cannot find '/apex/com.android.example.apex/bin/test': No such file or directory

Change-Id: I3f12355346eeb212eca4de85b6b73257283fa054
2018-11-10 04:18:09 +09:00
Tom Cherry
223114008c Merge "Revert "init: chroot from recovery to /first_stage_ramdisk"" 2018-11-09 18:51:14 +00:00
Tom Cherry
e087a6a3bb Revert "init: chroot from recovery to /first_stage_ramdisk"
This reverts commit 56999b41af.

Reason for revert: Something is broken here; we're not switching to /system properly.

Change-Id: I777fedcfb545c11275c9cc12f99b99a2423959a0
2018-11-09 18:47:26 +00:00
Josh Gao
6a08b2c255 Merge "adb: pin USB interface versions on darwin." 2018-11-09 18:45:52 +00:00
Tom Cherry
1bc8dcd92f fs_mgr: remove same partition check for vbmeta
With chained vbmeta and especially its use with dynamic partitions,
this check is no longer always true.  A concrete example is the
chained vbmeta_system partition that contains the metadata for /system
and /product_services for mainline devices.

Test: blueline_mainline boots with AVB enabled
Change-Id: Ib4115831bb3bb49bf6d2a908df59ba32f8405de7
2018-11-09 10:13:13 -08:00
Tom Cherry
64ae77e526 Merge "init: chroot from recovery to /first_stage_ramdisk" 2018-11-09 17:01:41 +00:00
Treehugger Robot
55e4577e90 Merge "liblp: Fix io_tests." 2018-11-09 05:33:10 +00:00
David Anderson
3d08636934 liblp: Fix io_tests.
These broke after recent changes to use IPartitionOpener in more places.
The io_tests must now give block device info to TestPartitionOpener.

Bug: N/A
Test: liblp_test gtest
Change-Id: I0a6505c7223e74507dc13184069fdc34bb6b81e4
2018-11-08 19:04:05 -08:00