It's an error to pass open O_CREAT without giving it mode bits:
https://linux.die.net/man/3/open
Bug: 32073964
Test: Compiles with clang FORTIFY.
Change-Id: I6b2a3694f85565afdeb782585c6af36e8c4d1557
The behavior of passing NULL to c-string functions is undefined.
Test: passed clang-tidy checks
Bug: none
Change-Id: Ie7bcc43cd19bc4a1c314381af3929eae0a6154b9
/proc/<pid>/fd is also limited by ptrace_may_access.
Test: manual inspection of "debuggerd -b `pidof zygote`"
Change-Id: I1a28c21c0438fe8729bd8e041c6b418d6a84c586
https://android-review.googlesource.com/#/c/331200 moved crasher to
using soong, which changed its location from /system/xbin/crasher to
/system/bin/crasher.
Bug: http://b/35100742
Test: /data/nativetest/debuggerd_test/debuggerd_test32
Test: /data/nativetest64/debuggerd_test/debuggerd_test64
Change-Id: I16a2050b257277023773cc0c960b5ab36e0c7cd4
Reading /proc/<pid>/maps does a ptrace_may_access check, which will
fail if we have fewer capabilities than the target, even if we've
already ptraced it.
Bug: http://b/35070339
Test: debuggerd -b `pidof zygote`
Change-Id: I984a061022bd945a7950b88f6d579e1bd735e893
Fixed this when I tested on internal, but failed to copy the fix over
when submitting to AOSP.
Bug: http://b/35070339
Test: `adb bugreport` on angler
Change-Id: Ib84d212e5f890958cd21f5c018fbc6f368138d1e
Print actual usage messages in most cases.
Add --help and --version.
Bug: http://b/28054087
Test: manual
Change-Id: I39c1cb7a84f52e0c35d24f140ec55c3a181283fb
Prevent the boot from failing silently if one of the public libraries
does not exist.
Test: Add invalid element to public libraries and observe log is emited
during boot failure.
Change-Id: I0425085a1cc081068954f327f15be853a3ccd553
If we don't output to stderr too, not only is it annoying to shell users (who
won't see anything), it prevents us from writing better gtests that actually
make assertions about the assert message.
Bug: http://b/23675822
Test: libutils tests still pass
Change-Id: I62b3144c385cba4dde485f0b0f9b42aeaef51e9a
* changes:
debuggerd_handler: don't use clone(..., SIGCHLD, ...)
crash_dump: drop capabilities after we ptrace attach.
crash_dump: use /proc/<pid> fd to check tid process membership.
debuggerd_handler: raise ambient capset before execing.
Revert "Give crash_dump CAP_SYS_PTRACE."
Add wait time log for exec service execution time
Fix memory leak when exec service failed to start
Test: on marlin
Bug: 34518530
Change-Id: I01736bd9b1429414f3dc91dd5d02d88a681f0985
android_lookupEventTagNum added. Adds support for creating a new
log tag at runtime, registered to the logd service.
Tested on Hikey, all services stopped, shell only access, CPUs not
locked (there is enough repeatability on this platform).
$ /data/nativetest64/liblog-benchmarks/liblog-benchmarks BM_lookupEventTagNum
iterations ns/op
Precharge: start
Precharge: stop 231
NB: only Tag matching, linear lookup (as reference, before unordered_map)
BM_lookupEventTagNum 1000000 1017
NB: unordered_map with full Tag & Format lookup, but with Tag hashing
BM_lookupEventTagNum 2000000 683
NB: with full Tag & Format hash and lookup for matching
BM_lookupEventTagNum 2000000 814
NB: only Tag matching (Hail Mary path)
BM_lookupEventTagNum 5000000 471
Because the database can now be dynamic, we added reader/writer locks
which adds a 65ns (uncontended) premium on lookups, and switch to
check for an allocation adds 25ns (either open code, or using
string_view, no difference) which means our overall speed takes 90%
as long as the requests did before we switched to unordered_map.
Faster than before where we originally utilized binary lookup on
static content, but not by much. Dynamic updates that are not cached
locally take the following times to acquire long path to logd to
generate.
BM_lookupEventTag 20000000 139
BM_lookupEventTag_NOT 20000000 87
BM_lookupEventFormat 20000000 139
BM_lookupEventTagNum_logd_new 5000 335936
BM_lookupEventTagNum_logd_existing 10000 249226
The long path pickups are mitigated by the built-in caching, and
the public mapping in /dev/event-log-tags.
SideEffects: Event tags and signal handlers do not mix
Test: liblog benchmarks
Bug: 31456426
Change-Id: I69e6489d899cf35cdccffcee0d8d7cad469ada0a
android_openEventTagMap(NULL) will open and mix content from
/system/etc/event-log-tags and /dev/event-log-tags. Only
reports identicals if global.
Test: gTest logd-unit-tests and liblog-unit-tests, liblog-benchmarks.
Bug: 31456426
Change-Id: Ic17d52a7829a4daaf013828d08fc1c09446ae8ef
Will register a new event tag by name and format, and return an
event-log-tags format response with the newly allocated tag.
If format is not specified, then nothing will be recorded, but
a pre-existing named entry will be listed. If name and format are
not specified, list all dynamic entries. If name=* list all
event log tag entries.
Stickiness through logd crash will be managed with the tmpfs file
/dev/event-log-tags and through a reboot with add_tag entries in
the pmsg last logcat event log. On debug builds we retain a
/data/misc/logd/event-log-tags file that aids stickiness and that
can be picked up by the bugreport.
If we detect truncation damage to /dev/event-log-tags, or to
/data/misc/logd/event-log-tags, rebuild file with a new first line
signature incorporating the time so mmap'd readers of the file can
detect the possible change in shape and order.
Manual testing:
Make sure nc (netcat) is built for the target platform on the host:
$ m nc
Then the following can be used to issue a request on the platform:
$ echo -n 'getEventTag name=<name> format="<format>"\0EXIT\0' |
> nc -U /dev/socket/logd
Test: gTest logd-unit-test --gtest_filter=getEventTag*
Bug: 31456426
Change-Id: I5dacc5f84a24d52dae09cca5ee1a3a9f9207f06d
Processes that handle SIGCHLD can race with the crash handler to wait
on the crash_dump process. Use clone flags that cause the forked
child's death to not be reported via SIGCHLD, and don't bail out of
dumping when waitpid returns ECHILD (in case another thread is already
in a waitpid(..., __WALL))
Note that the use of waitid was switched to waitpid, because waitid
doesn't support __WCLONE until kernel version 4.7.
Bug: none
Test: "debuggerd -b `pidof zygote64`" a few times (failed roughly 50%
of the time previously)
Change-Id: Ia41a26a61f13c6f9aa85c4c2f88aef8d279d35ad
Raise the ambient capability set to match CapEff so that crash_dump can
inherit all of the capabilities of the dumped process to be able to
ptrace. Note that selinux will prevent crash_dump from actually use
any of the capabilities.
Bug: http://b/34853272
Test: debuggerd -b `pidof system_server`
Test: debuggerd -b `pidof zygote`
Change-Id: I1fe69eff54c1c0a5b3ec63f6fa504b2681c47a88
This allows clients creating their own namespace do so by modifying
the default library path, rather than hardcoding it multiple places in
the system.
Bug: 33531483
Test: build
Change-Id: I321e219392b38c235b220986e1520b49a4669863
(cherry picked from commit 823c266a8a)
This reverts commit db929bf9b7.
Seccomp is now inserted at the zygote level, not in init
Bug: 34710876
Test: Boots, seccomp policy in zygote & zygote64 but not init
Change-Id: I9075a79793171a4eaccf6228e9ff3398c791f8bd
