Summary: Boot sequence around apexd is changed to make it possible for
pre-apexd processes to use libraries from APEXes. They no longer need to
wait for the apexd to finish activating APEXes, which again can be
done only after /data/ is mounted. This improves overall boot
performance.
Detail: This change fixes the problem that processes that are started
before apexd (so called pre-apexd processes) can't access libraries
that are provided only by the APEXes but are not found in the system
partition (e.g. libdexfile_external.so, etc.). Main idea is to activate
system APEXes (/system/apex/*.apex) before /data is mounted and then
activate the updated APEXes (/data/apex/*.apex) after the /data mount.
Detailed boot sequence is as follows.
1) init prepares the bootstrap and default mount namespaces. A tmpfs is
mounted on /apex and the propagation type of the mountpoint is set to
private.
2) before any other process is started, apexd is started in bootstrap
mode. When executed in the mode, apexd only activates APEXes under
/system/apex. Note that APEXes activated in this phase are mounted in
the bootstrap mount namespace only.
3) other pre-apexd processes are started. They are in the bootstrap
mount namespace and thus are provided with the libraries from the system
APEXes.
4) /data is mounted. init switches into the default mount namespace and
starts apexd as a daemon as usual.
5) apexd scans both /data/apex and /system/apex, and activate latest
APEXes from the directories. Note that APEXes activated in this phase
are mounted in the default namespaces only and thus are not visible to
the pre-apexd processes.
Bug: 125549215
Test: m; device boots
Change-Id: I21c60d0ebe188fa4f24d6e6861f85ca204843069
/apex is not mounted via init.rc but directly by the first_stage init
before the mount namespaces are configured.
This allows us to change the propagation type for /apex mount point to
private to isolate APEX activatesions across post- and pre-apexd
processes.
Bug: 125549215
Test: m; device boots to the UI
Change-Id: I10e056cd30d64cb702b6c237acd8dab326162884
Because /vendor is a symlink to /system/vendor on devices without a
dedicated /vendor partition, /system/vendor/lib/* needs to be added to
the permitted paths whereever /vendor/lib/* is permitted.
Reasoning:
Legacy devices are forced to use ld.config.legacy.txt, which is very
permissive. We can prolong support for them and enable them to use the
VNDK if we extend the search paths to include the resolved symlink dirs.
Change-Id: I6b3bb7b86ed82395345a16bdc857353b1b15c704
To differentiate IO priority for different groups.
Bug: 111422845
Bug: 117857342
Test: tasks are assigned to the group as expected
Change-Id: Ibb108d1b8e0f720f7ac4cab248b3c33d35e5483d
tzdatacheck references files in the runtime apex so should
not be executed before the apex mounts are ready.
Test: Manual tests (see b/123270813); observed tzdatacheck running after
apex files are mounted
Bug: 123270813
Bug: 116191025
Bug: 119293618
Bug: 113373927
Change-Id: I249d127c1d568bc5025d81b0bb4187c81363d897
Ensure that only the symbols in liblog.map.txt can be used by the
platform.
Bug: 123349183
Test: build
Change-Id: I99ae5d0e8ba8f5061ec20701c941d861c9eb615d
This is essentially the same change as
bcb5ba75a5
for ld.config.vndk_lite.txt.
Bug: 124789446
Test: atest CtsBionicTestCases on marlin
Change-Id: I6b65ec4df1626d625975c9834bf96ac9ff6cc3f3
Now that we always have system mounted early, we're starting to load
various daemons during the `init` trigger and these daemons need the
environment set up from init.environ.rc, so we move it to early-init.
This shouldn't need to go any further earlier in the future, since
nothing besides ueventd should ever start in early-init.
Test: systems boot, early daemons get right environment
Change-Id: I02f425a1500377c5de3427afa7872073e77a066f
They are installed to /system/etc, not /. Hence, move
out of rootdir/ and move into the code that parse these
files (i.e. libprocessgroup).
Also, Android.mk->bp.
Test: builds
Change-Id: I1763c26f81ae51ee159552e39d252fd643c35b94
In recovery mode a separate set of cgroups should be mounted. Add a
cgroups.recovery.json file to describe cgroups mounted during recovery.
Change cgroups descriptor parset to allow cgroups and cgroups2 sections
to be omitted.
Bug: 124270406
Test: "adb reboot sideload; adb devices" shows 'sideload' as expected
Change-Id: Ic32bd2b4612ec8390064f87d4655d1bd1183d741
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
libandroidicu is used by various libraries, e.g. libxml2, minikin.
Thus, expose libandroidicu to default namespace.
libpac is only used by libjni_pacprocessor (part of framework).
libicuuc, libicui18n are not exposed to default namespace,
because everyone else, except app, should use libandroidicu.
They are exposed to classloader namespace from runtime namespace
via the work done in libnativeloader in http://r.android.com/887453
b/120786417 has more details about these 2 libraries.
Bug: 120659668
Test: m droid
Change-Id: I2cd3378f1eb94b7bb1c942738b59d7e577a5f8f0
Jiyong Park