Current per-API level task profiles replace the latest task profiles
rather than overriding the diffs. This poses an issue when a new
feature is added which is applicable to older devices as well we
have to change all per-API level profiles. Change the per-API task
profile support to load the latest task profiles first and then override
with per-API task profiles, similar to how vendor task profiles override
system task profiles. This minimizes the changes we need to do to the
per-API level task profiles going forward and is more consistent with
how vendor task profiles work.
Bug: 170507876
Test: boot with per-API task profiles
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: I08cc4b374cede7363cf96a30ac96971d49bb7847
This adds the -s option to not print out Cow information, providing a
simple benchmark for reading and iterating through a cow file one time.
Bug: 172026020
Test: inspect cow -s [file]
Change-Id: I6e8b80a80c71155364b8467acd556d00f1dd2a42
This introduces clusters of CowOperations to the Cow Format, improving
reader performance by allowing many operations to be read at once.
When the header's cluster_ops is a nonzero value, operations will be
clumped into packs of that number, where the last op is a special
CowClusterOp, which points to the start of the next cluster. Each
cluster is immediately followed by it's data, with the footer following
at the end of the file.
cluster_ops must not be 1, as we must include a CowClusterOp in each
group.
Change-Id: I2855288958d56569d4078f377ef0b8c01ca5c6e7
Bug: 172026020
Test: cow_api_test
libcutils' thread local stuff is almost unused already, so let's try
harder to prevent new users. (In parallel I'll try to actually move the
four existing users off it, so we can actually remove this.)
Test: treehugger
Change-Id: Ib5445a43cff1f161ce1c7a45959d5b126f6f6980
Enable the uid/pid hierarchy for all groups when using cgroup v2. Mount
the hierarchy under the cgroup v2 root. Make sure that all files under
the hierarchy are accessible by the system user.
Test: booted the device, tested the freezer cgroup, manually verified
the working of the freezer from logs and by checking statuses of
processes.
Bug: 168907513
Test: Booted the device, verified no regressions on process group access
Change-Id: I73f3e767d377902af6e12facb503b9136fb39e08
Current implementation updates the permissions of sysfs
nodes of a device upon the following actions: "add",
"change" and "online".
But certain sysfs nodes (ex: wakeup capabilities under
power management) of devices are not present when the
device is added, but these are generally dependent on
the device driver and are added once the driver is bound.
This is particularly common in USB host stack.
If the bind action events are not parsed the ueventd
will not update the permissions of these nodes.
Hence, add the support for updating permissions on
bind action as well.
Bug: 174215510
Test: Verified permissions updated on bind action
Change-Id: Ic1a147e3993ef78dd6c539bbae652e8107207b87
This is happening accidentally because of a bug in Soong. In the
meantime, add a separate snapuserd.vendor_ramdisk that does not have an
init_rc section.
Bug: N/A
Test: manual test
Change-Id: I9dcafb681f209932fa13c5c55478f0e486e53306
camera-daemon is referred in task-profiles.json so the hierarchy should
be created in aosp's init.rc.
Bug: 170507876
Bug: 171740453
Test: boot and check cgroup
Change-Id: I0e6722b88922abf4ccae3b19623d8b889a6e3cb6
Linkerconfig will be moved into Runtime APEX, so
/system/bin/linkerconfig would not be available before APEX is mounted.
Use bootstrap linkerconfig instead during early init.
Bug: 165769179
Test: Cuttlefish boot succeeded
Change-Id: Iae41f325bbd5f5194aaf4613141860f913dfbff1
Kernel will batch the merge operations only when
block numbers of source and cow device are contiguous.
Daemon will read the COW file and post-process
the operations so that kernel can batch merge the potential
operations.
There are two key changes done in post-processing:
1: COW file contains all the copy operations at the
beginning of the file. We cannot allow batch
merging of COPY operations as a crash in between
the overlapping copies can result in a corrupted state.
Hence, allow copying individual blocks at a time.
2: Replace and Zero operations can be batch merged.
However, reading our existing COW format as-is
will not allow kernel to batch merge. Hence,
process the operations in such a way that kernel can batch
merge them.
Furthermore, it is observed that sync() after every
merge is a overhead. Hence, we will only sync()
for copy operations only. For replace and zero
operations, we will not explicitly sync. This is ok as
crash in between replace/zero merge operations can
redo those operations. However for copy, we have
to make sure that sync is completed before next copy
operation is initiated.
Merge time of a full OTA on bramble is around ~60
seconds as compared to ~10+ minutes prior to this
optimization.
Note that we still have copy operations which are not
batch merged. Hence, OTA with significant number of
copy operations can still have overhead on merge timings.
Bug: 174112589
Test: vts_libsnapshot, cow_snapuserd_test
Full OTA on bramble.
Signed-off-by: Akilesh Kailash <akailash@google.com>
Change-Id: I1dc286067a26ea399fa5d4e8e826e5622ce3fa58
Refact cow_snapuserd unit test. This will
test code changes in daemon in isolation. Currently it tests
1: Reading snapshot device and validate data
2: Merge and validate data.
More tests related to merge will be added later; but this
should provide a baseline unit test for daemon.
BUG: 168311203
Test: cow_snapuserd_test
Signed-off-by: Akilesh Kailash <akailash@google.com>
Change-Id: I4d77c435a9f045204a4ff3ece524c857f9fba50f
* changes:
trusty: provide coverage to gatekeeper fuzzer
trusty: fuzz: Example TA fuzzer
trusty: fuzz: Helper lib for libFuzzer extra counters
trusty: coverage: Coverage client library
First load the verified keys, and then only lock the keyring after apexd
has run. This is in preperation for on-device signing, which will need
to add another key to the fs-verity keyring before it's locked.
Note that I've moved loading of the verified keys up a bit; fsverity_init
used to load keys from Keymaster, but it currently doesn't, so there's
no need to wait for it.
Bug: 165630556
Test: boot, cat /proc/keys
Change-Id: I077673575ae3dafcf3126d8c544fe7f8d34c0225
In task_profiles.json, camera-daemon is referred for both cpu and
cpuset controller, so create them in init.rc officially.
Test: build pass
Bug: 170507876
Change-Id: I655154ab739ffde6fdfd2d499cbaa974597d3ee7
