The fuse_open_out structure returned to the kernel by handle_opendir()
was not properly initializing all the fields. The symptom was recursive
ls (ls -R) failing on the emulated sdcard filesystem, because rewinddir(3)
was failing with ESPIPE.
Bug: 7168594
Change-Id: I56ddfd3453e6aac34fe6e001e88c4c46fb2eb271
The legacy internal layout places users at the top-level of the
filesystem, so handle with new PERM_LEGACY_PRE_ROOT when requested.
Mirror single OBB directory between all users without requiring fancy
bind mounts by letting a nodes graft in another part of the
underlying tree.
Move to everything having "sdcard_r" GID by default, and verify that
calling apps hold "sdcard_rw" when performing mutations. Determines
app group membership from new packages.list column.
Flag to optionally enable sdcard_pics/sdcard_av permissions
splitting. Flag to supply a default GID for all files. Ignore
attempts to access security sensitive files. Fix run-as to check for
new "package_info" GID.
Change-Id: Id5f3680779109141c65fb8fa1daf56597f49ea0d
This adds support for parsing RTM_NEWADDR and RTM_DELADDR
netlink messages received on netd's netlink socket and
formatting them them so NetlinkHandler can process them.
Address changes are notified in subsystem "address". Interface
changes, which used to be notified in subsystem "net", are now
notified in subsystem "interface" to avoid confusion.
Bug: 10232006
Change-Id: I93a50e8de17014e118a42f5cc0eb90a0cbfa73cc
Allow health HAL to select specific paths to be used, overriding
default search for arbitrary power supplies with the named paths.
Change-Id: I5f724739f58ef56087ab592b7403fc083db8f173
Changes the FUSE daemon to synthesize an Android-specific set of
filesystem permissions, even when the underlying media storage is
permissionless. This is designed to support several features:
First, apps can access their own files in /Android/data/com.example/
without requiring any external storage permissions. This is enabled
by allowing o+x on parent directories, and assigning the UID owner
based on the directory name (package name). The mapping from package
to appId is parsed from packages.list, which is updated when apps are
added/removed. Changes are observed through inotify. It creates
missing package name directories when requested and valid.
Second, support for separate permissions for photos and audio/video
content on the device through new GIDs which are assigned based on
top-level directory names.
Finally, support for multi-user separation on the same physical media
through new /Android/user/ directory, which will be bind-mounted
into place. It recursively applies the above rules to each secondary
user.
rwxrwx--x root:sdcard_rw /
rwxrwx--- root:sdcard_pics /Pictures
rwxrwx--- root:sdcard_av /Music
rwxrwx--x root:sdcard_rw /Android
rwxrwx--x root:sdcard_rw /Android/data
rwxrwx--- u0_a12:sdcard_rw /Android/data/com.example
rwxrwx--x root:sdcard_rw /Android/obb/
rwxrwx--- u0_a12:sdcard_rw /Android/obb/com.example
rwxrwx--- root:sdcard_all /Android/user
rwxrwx--x root:sdcard_rw /Android/user/10
rwxrwx--- u10_a12:sdcard_rw /Android/user/10/Android/data/com.example
These derived permissions are disabled by default. Switched option
parsing to getopt().
Change-Id: I21bf5d79d13f0f07a6a116122b16395f4f97505b
uA and uAh units are converted to mA and mAh.
If current_now is present, add it to the heartbeat log (c=nnn).
Change-Id: I2b5fe7b4505c98ca2d11c3f94564c1c38493c8b9
This change adds a "verify" fs_mgr flag specifying that
the device in question should be verified.
Devices marked with this flag are expected to have a
footer immediately after their data containing all
the information needed to set up a verity instance.
Change-Id: I10101f2c3240228ee0932e3767fe35e673d2e720
Making an object Flattenable doesn't force it to
become virtual anymore. For instance, Fence and GraphicBuffer
are now non-virtual classes.
Also change Flatennable protocol a bit so that it updates
its parameters (pointers, sizes) to make it easier
to implement a flattenable in terms of other flattenables.
Change-Id: Ie81dc7637180b3c2cfcbaf644f8987ca804eb891
In b2cac4ff37ed2a3521efb307b807b12f649634b8, the last
reference to property_get was removed, but the include
file remained. Remove it.
This is causing me unrelated problems.
Change-Id: I87bbfbfa5871f6da4a1b00037a225f67bbd75881
when libutils is statically linked, the ordering of the static
initializer is not guaranteed and therefore it's unsafe to use
empty static strings: e.g.:
static String8 sThisStaticStringIsNotSafe;
instead, this new constructor can be used:
static String8 sThisStaticStringIsSafe(kEmptyString);
Change-Id: Ia3daf1cab1c97d021c0ee9c2b394b5e27e8d6c0d
This is just to support the watchdog to give it a faster
way to determine if a thread is deadlocked without having
to post a message to it.
Change-Id: I068dc8b9387caf94fe5811fb4aeb0f9b57b1a080
- added a ctor that updates and dumps the stack immediately
- added a "logtag" parameter to dump()
Change-Id: Ie51c256071d282591752243bdb4f68cf9ff8829d
background:
we have some code to fix-up the IDs of references when
using RefBase's DEBUG_REFS when those refs are managed by
arrays wp<> or sp<> (this is because wp<> / sp<> don't have
a trivial ctor when DEBUG_REFS is enabled, and Vector
treats them as trivial for obvious performance reasons)
this is complicated by the fact that we don't want to have
to recompile everything when enabling DEBUG_REFs (i.e.: the
Vector code cannot know wheter it's enabled or not for its
template stuff).
problem:
there was a bug in the fix-up code for wp<> which was trying
to access the weakref_impl from the RefBase* however, this was
moronic since RefBase could have been destroyed if there wasn't
any more strong refs -- and this happned. Instead we need to get
the weakref_impl directly from the wp<>
Change-Id: Ie16e334204205fdbff142acb9faff8479a78450b
- stacks are now saved in /data/debug which must be
created and writable by the user.
- removed "always fatal" DEBUG_REFS option, it wasn't
really needed.
- DEBUG_REFS_ENABLED_BY_DEFAULT is not the default anymore
(usually people want to target which refs they're tracking)
Change-Id: I37fae72e9dacde6ce1fa8f7dbe2bc01b1a1b95e5
When a binder service's main thread joins the thread pool
it retains its name (whatever the exec name was), which is
very confusing in systrace.
we now rename that thread just like its friends in the
thread pool.
Change-Id: Ibb3b6ff07304b247cfc6fb1694e72350c579513e
