Passing empty permitted path should result in no-op.
This addresses review comment on CL with commit
f334cbf0e1
Bug: http://b/28639227
Change-Id: I4a4540e522e90a145a374939921932c86f35e88d
Apps on sdcard live under /mnt/expand and therefore
this directory should be under linker namespaces
permitted_path.
Bug: http://b/28639227
Change-Id: I462f9f23656c95d9c2a48bb3f513abcd9d08f340
When user creates custom classloader which does not extend
BaseDexClassLoader the librarySearchPath gets set to null
by java.lang.Runtime.doLoad().
This patch makes nativeloader correctly handle it.
Bug: http://b/28659864
Change-Id: I1b61c6bc952984d7c49775a9178fc3270948e62a
(cherry picked from commit 8a0425b86a)
This is enabled only for builds with ro.debuggable=1
It is intended for use only in tests using dalvikvm
and needing access to platform libraries.
Bug: http://b/28449304
Change-Id: I402457d0da542996ccf265aeaa305f09881e4333
(cherry picked from commit 4ddabd01bf)
Android Wear has unfortunately been using port 5601 for years, which
falls into the range of ports we were previously polling for Android
emulators. Reduce the maximum number of emulators we can support so
that 5601 no longer falls within our range.
Bug: http://b/26468076
Change-Id: I931809cfa412122f4781eebe0164facab12c95f0
In the function dump_thread_info, if /proc/<PID>/comm is unreadable, then
threadname will be used in a strncmp causing a crash. The fix is to
avoid the check if threadname is null.
Bug: 28615417
Change-Id: I54eda86404c927dbf5a987f5dd2108487df9f16c
The code for dumping tombstones tries to read the log data. This was
silently failing after the change to drop root privileges. Fix this
by explicitly setting the groups allowed before dropping privileges.
Bug: 28590884
Change-Id: Iaccb1d2928268fc9fc855f6e3814c31ce019badf
When someone enables wait_for_gdb, activity manager will kill the
stopped process before a developer can attach to the process. To
allow debugging in this case, change the code to only contact the
activity manager right before continuing the process that is
crashing.
Also, modify the conditions under which to do a gdb attach. The previous
code did a partial attach if perform_dump failed. The new version simply
allows an attach regardless of whether perform_dump passes or fails.
Bug: 28409358
Change-Id: I4fe8d390c212d47e007cbe6543c2d114c3c7aeff
Switch insmod from using init_module to finit_module. From
"man finit_module":
The finit_module() system call is like init_module(), but reads the
module to be loaded from the file descriptor fd. It is useful when the
authenticity of a kernel module can be determined from its location in
the file system; in cases where that is possible, the overhead of
using cryptographically signed modules to determine the authenticity
of a module can be avoided.
finit_module is preferred over init_module because it allows LSMs, such
as SELinux, to perform a permission check on kernel module loads based on
the file from which the module is loaded. This functionality is not yet
implemented in the Linux kernel, but is on the SEAndroid TODO list.
See https://bitbucket.org/seandroid/wiki/wiki/ToDo
Bug: 27824855
(cherry picked from commit 124a9c97e9)
Change-Id: I5e87de1a7b8c3d8849bf757c71b08e81c378b021
am: 1baf911bd5 -s ours
* commit '1baf911bd5a8df58e0bf66a8741829f34625d44f':
DO NOT MERGE ANYWHERE Remove the USB vendor id whitelist from fastboot.
Change-Id: Ic1ea13b7a393e5bbb3e8e1376b9470987ecdc925
am: a463d24633 -s ours
* commit 'a463d246339f405981bd690209429ef5acf0f01d':
DO NOT MERGE ANYWHERE Remove the USB vendor id whitelist from fastboot.
Change-Id: Id9504ed93bedf0f981fc7817d07aee5b74fac8db
In the case when VM is restarted all weak references
from the old VM become invalid. In such event NativeLoader
needs to clear the list of classloaders from old VM.
Bug: http://b/28453840
Bug: http://b/28449304
Change-Id: I2268c1e21cf940c57ddc5f0312f56b71aa702134
Vendor blobs on ryu mprotect heap pages, causing a single chunk mapping
to appear as multiple mappings. The heap iterator has to expand the
requested range to cover the beginning of the chunk to find the chunk
metadata, which will lead to duplicate identical allocations being
reported from iterating over each of the split mappings. Silently
ignore identical allocations, and only warn on non-identical allocations
that overlap.
Bug: 28269332
Change-Id: Ied2ab9270f65d00a887c7ce1a93fbf0617d69be0
Vendor blobs on ryu mprotect heap pages, causing segfaults when dumping
unreachable memory. Handle segfaults within HeapWalker by mapping a
zero page over any unreadable pages. HeapWalker runs in the forked
process, so the mapping will not affect the original process.
Bug: 28269332
Change-Id: I16245af722123f2ad467cbc6f245a70666c55544
There is a race in ueventd's coldboot procedure that permits creation
of device block nodes before platform devices are registered. This happens
when the kernel sends events for adding block devices during ueventd's
coldboot /sys walk.
In this case the device node links used to compute the SELinux context
are not known and the node is created under the generic context:
u:object_r:block_device:s0.
A second add event for block device nodes is triggered after the platform
devices are handled by ueventd and the SELinux context is correctly computed
but the mknod call fails because the node already exists. This patch handles
this error case and updates the node's security context.
The race is introduced by the uevent sent from the sdcard device probe
function. The issue appears when this uevent is triggered during ueventd's
coldboot procedure but before the /sys/devices recursive walk reached the
corresponding sdcard platform device path.
The backtrace looks something like:
1. ueventd_main()
2. device_init()
3. coldboot("/sys/devices");
4. do_coldboot()
5. handle_device_fd()
6. handle_device_event()
6.1 handle_block_device_event()
6.2 handle_platform_device_event()
Because handle_device_fd() reads all events from the netlink socket it may
handle the add events for the sdcard partition nodes send occasionally by the
kernel during coldboot /sys walk procedure.
If handle_device_event() continues with handle_block_device_event()
before handle_platform_device_event() registers the sdcard platform device then
handle_block_device_event() will create device nodes without knowing all block
device symlinks (get_block_device_symlinks()):
1. handle_device(path=/dev/block/mmcblk0p3, links = NULL)
2. make_device(path=/dev/block/mmcblk0p3, links = NULL)
3. selabel_lookup_best_match(path=/dev/block/mmcblk0p3, links = NULL)
returns the default context (u:object_r:block_device:s0) for
/dev/block/mmcblk0p3 instead of more specific context like:
u:object_r:boot_block_device:s0
4. setfscreatecon(u:object_r:block_device:s0)
5. mknod(/dev/block/mmcblk0p3)
So the node is create with the wrong context. Afterwards the coldboot /sys walk
continues and make_device() will be called with correct path and links.
But even if the secontext is computed correctly this time it will not be
applied to the device node because mknod() fails.
I see this issue randomly appearing (one time in 10 reboots) on a Minnoboard
Turbot with external sdcard as the boot device.
BUG=28388946
Signed-off-by: Mihai Serban <mihai.serban@intel.com>
(cherry picked from commit 24a3cbfa73)
Change-Id: I2d217f1c8d48553eb4a37457dbf27fff54051cf9
We previously relied on the fact that target sdk version 0
implies system_server, which is not true, target sdk version
may be set to 0 for other apps and it means 1 - the earliest
version of android. This change enables namespaces for
apps targeting all sdk version and for system_server.
Bug: http://b/27702070
Change-Id: I16fbdeb6868c7035aec71132c80c150c08ea2cc3
(cherry picked from commit 213676b880)
Problem: For devices using /dev/usb-ffs/adb, Run
`while true; do adb reconnect device; sleep 1; done`. And the
device soon becomes offline. The adbd log shows that calling
adb_read(h->bulk_out) in usb_ffs_read() gets EOVERFLOW error.
Reason: When kicking a transport using usb-ffs, /dev/usb-ffs/adb/ep0
is not closed, and the device will not notify a usb connection reset
to host. So the host will continue to send unfinished packets even
if a new transport is started on device. The unfinished packets may
not have the same size as what is expected on device, so adbd on
device gets EOVERFLOW error. At the worst case, adbd has to create new
transports for each unfinished packet.
Fixes:
The direct fix is to make the usb connection reset when kicking transports,
as in https://android-review.googlesource.com/#/c/211267/1. And I think
we can make following improvements beside that.
1. Close a file that is used in other threads isn't safe. Because the file
descriptor may be reused to open other files, and other threads may operate
on the wrong file. So use dup2(dummy_fd) to replace close() in kick function,
and really close the file descriptor after the read/write threads exit.
2. Open new usb connection after usb_close() instead of after
usb_kick(). After usb_kick(), the transport may still exist and
reader/writer for the transport may be still running. But after
usb_close(), the previous transport is guaranteed to be destroyed.
Bug: 25935458
Change-Id: I1eff99662d1bf1cba66af7e7142f4c0c4d82c01b
(cherry picked from commit 005bf1e05b)
On mac, if the adb server kicks a transport on some error, mac usb driver
will not report a new usb device. So instead of relying on mac usb driver
to report new usb devices, this CL uses a loop to search for usb devices
not exist before. Note that this is also the behavior on windows and linux
host.
`adb reconnect` can be used to verity this CL.
Bug: 25935458
Change-Id: I890e0eb1fae173f2e7a0c962ededa294d821e015
(cherry picked from commit 48d4c0c42a)
This allows inotify requests on FUSE to be alerted when any
other stacked filesystem would trigger an inotify for the
same file.
Bug: 23904372
Change-Id: I4289b38230c314432eaf2c0d20d4ccefc058f59e
Fix broken kick_transport test, and make it not access atransport
internal variables.
Bug: 25935458
Change-Id: I91b4d32a222b2f369f801bbe3903acac9c8ea4f7
(cherry picked from commit 7f27490e7f)
Before dropping root privileges, connect to the activity manager.
Also, only connect to the activity manager if this is a crash.
Bug: 28210681
Change-Id: Ie266031910519fa2aa6835644a95c1fc56e24d8d
(cherry pick from commit efe8ecc1d9)
- periodic failures in apct, dropped second serial test
in refresh_cache, trusting check_cache or global.
- The retry loop to see if is_loggable recovers of 1000
was hiding subsequent tests, drop to 10 retries.
- On the whole, the average performance remains the same.
Bug: 25792367
Change-Id: I4110440ef46671d7a1c128689bde623808bed04f
