This is for projects built with GCC that import parts of Android that,
despite not having Android-specific dependencies, still end up
depending on logging.h.
Also removes outdated notes.
Change-Id: I5a47b302bcaeeb935592d8fc7ad2fe5068d226c3
mkdir always returns -1 for any types of errors.
errno should be checked for actual error type.
Test: m
Change-Id: I1b56d48ba48992a2f9629dc09d795c277b5b774d
1 page isn't enough to log on AArch64, and clean pages are free, so
increase the stack size to 8 pages.
Bug: http://b/144887737
Test: treehugger
Change-Id: I731b3bc27ab37f4b830a9478a04cd34d4f7648d3
This implementation does not provide any security guaranties.
* The input method (NotSoSecureInput) runs a crypto protocols that is
sufficiently secure IFF the end point is implemented on a trustworthy
secure input device. But since the endpoint is currently in the HAL
service itself this implementation is not secure.
* This implementation provides most of the functionality, but not the
secure UI infrastructure required to run Android Protected
Confirmation.
Bug: 146078942
Test: VtsHalConfirmationUIV1_0TargetTest
Change-Id: I14717b5fa4ef15db960cdd506b8c6fe5369aec8d
Unknown process states are expected since libprocinfo doesn't
list all process states in
https://github.com/torvalds/linux/blob/master/fs/proc/array.c#L130.
So remove error message for unknown state.
Bug: none
Test: run libprocinfo_test.
Change-Id: I321893855235367e037afd58ccb63d5140619095
Perhaps the better question is, why have I 100s of times, typed
"ASSERT_NE(nullptr, foo)" for sp<> foo, and got a compiler error and
then change it to "foo.get()". This CL so we can stop wasting cycles
with that error.
Fixes: 147842528
Test: libutils_test
Change-Id: Id63b29d2a1ff3077201a62b69d864c5a826c47e0
Now that the class becomes more complicated, move it out
of SnapshotManager.
Also, make it independent of FiemapStatus. libsnapshot and
libfiemap has different return classes.
Test: libsnapshot_test
Change-Id: If340959ba60bcd51c36e2b48f4d11c149ead907a
Instead of just mentioning that something wrong has been found when
parsing UpdateState, also log the value of the erroneous status.
Bug: none
Test: m
Change-Id: I487a115a9347199059a684ef682bec79fa5f26a9
Signed-off-by: Alessio Balsini <balsini@google.com>
This gives search (x) permission on the parent apex data
directory /data/misc/apexdata so that directories below it
may be opened. It also gives that permission on the apex
data directories themselves.
Bug: 147848983
Test: Build & flash, check perms are correct
Change-Id: I27c4ea01602002c89d0771a144265e3879d9041a
Create KernelLibcutilsTest and add it to vts-core.
VtsKernelLibcutilsTest just run the test of libcutils_test_static
and filter-out all of the test except AshmemTest#. We can just use the
include-filter to do the same thing.
Bug: 147789274
Test: atest KernelLibcutilsTest
Change-Id: Idb5cee3596bf063c2419f1a11055a17ad3075e26
fwrite can cross windows platform to show log on terminal,
so we use it instead of WriteFdExactly.
Change-Id: I252c15a0bc72e1dbd98b7b5ec8000ecdcde16416
Signed-off-by: Junyong Sun <sunjy516@gmail.com>
verify a process frozen state by reading its frezer cgroup value and
don't consider it as loop-locked if frozen.
Bug: 145698592
Test: llkd_unit_test
Test: Manually froze a few processes and waited for llkd timeout, verifying that
no processes are killed, no reboot or ramdump occur and no llkd events are
logged.
Change-Id: Iea02cd86dbd1df0e6658d02581aa4bb9b658f107
It was failing with:
build/make/core/main.mk:2: Calling make directly is no longer supported.
build/make/core/main.mk:3: Either use 'envsetup.sh; m' or 'build/soong/soong_ui.bash --make-mode'
build/make/core/main.mk:4: *** done. Stop.
Test: system/core/bootstat/boot_reason_test.sh ota
Change-Id: I4fea25f1c09e6ec2f346b6de3749699e254ffd26
The credstore system daemon is running as an unprivileged user. This
CL adds this user and also creates a directory (/data/misc/credstore/)
where this daemon can store its data.
Bug: 111446262
Test: N/A
Change-Id: I8da2c32dd04fef797870b8a7bbc5e499bed71f9e
Historically, the syscall was controlled by a system-wide
perf_event_paranoid sysctl, which is not flexible enough to allow only
specific processes to use the syscall. However, SELinux support for the
syscall has been upstreamed recently[1] (and is being backported to
Android R release common kernels).
[1] da97e18458
As the presence of these hooks is not guaranteed on all Android R
platforms (since we support upgrades while keeping an older kernel), we
need to test for the feature dynamically. The LSM hooks themselves have
no way of being detected directly, so we instead test for their effects,
so we perform several syscalls, and look for a specific success/failure
combination, corresponding to the platform's SELinux policy.
If hooks are detected, perf_event_paranoid is set to -1 (unrestricted),
as the SELinux policy is then sufficient to control access.
This is done within init for several reasons:
* CAP_SYS_ADMIN side-steps perf_event_paranoid, so the tests can be done
if non-root users aren't allowed to use the syscall (the default).
* init is already the setter of the paranoid value (see init.rc), which
is also a privileged operation.
* the test itself is simple (couple of syscalls), so having a dedicated
test binary/domain felt excessive.
I decided to go through a new sysprop (set by a builtin test in
second-stage init), and keeping the actuation in init.rc. We can change
it to an immediate write to the paranoid value if a use-case comes up
that requires the decision to be made earlier in the init sequence.
Bug: 137092007
Change-Id: Ib13a31fee896f17a28910d993df57168a83a4b3d
4.19 kernel reported __arm64_sys_openat instead of SyS_openat, so
the test for llkd.sleep also needs to check for that as well.
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 147486902
Test: llkd_unit_test
Change-Id: Ibb4b4ca45391e35fd03fcb8e7ccea01f547b76e1
As a result of commit f8a00cef17206ecd1b30d3d9f99e10d9fa707aa7
("proc: restrict kernel stack dumps to root")
the userdebug feature where llkd can monitor for live lock
signatures in the stack traces broke.
So now userdebug variant of llkd requires sys_admin permissions.
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Test: llkd_unit_test
Bug: 147486902
Change-Id: I31572afa08daa490a69783855bce55313eaed96c
Compute and print the progress percentage of the dm-snapshot devices
merging after an update is marked as successful.
All the snapshot devices are queried for their update states and all
their allocated, metadata and total sectors are summed as if the system
consists of a single big snapshot device, as well as the initial
allocated sectors to keep trace of the absolute progress. Then the merge
percentage is computed on the numbers for this fake snapshot device.
Bug: 139088917
Test: manual OTA
Change-Id: Ia9a51742105c90b7fd043f3cbf4249877def7f08
Signed-off-by: Alessio Balsini <balsini@google.com>
In case one of the cryptfs calls to vdc fails, first try a normal
reboot.
Test: manual
Bug: 135984674
Bug: 143970043
Change-Id: I5706d9cd6c3a08fa06329ffb7d141de632620e3d
For a Q APEX built with use_vendor, rather than using AIDL to talk to
ashmemd, it would directly open /dev/ashmem. R libcutils does ashmem
differently, but in order to allow R-built APEXes to replace this
category of APEXes, falling back to /dev/ashmem.
Fixes: 147363115
Test: tested on Q in swcodec APEX
Change-Id: I625e46b15fee6649251ab9be7a1bbe11c5427525
__BEGIN_DECLS and __END_DECLS are all that are left, and I can compile
with using normal <sys/cdefs.h>, so hopefully we can remove this at
last.
Test: build
Change-Id: I6df7ef0da027bb91c98806e0f9661d7416ebaa5d
Davide Pallotti