This should ensure that the self tests run before any other binaries
that load libcrypto and which would otherwise run into SELinux denials
trying to create the marker file /dev/boringssl/selftest/[hash]
The invocation of the self test binaries from the Conscrypt apex
requires the apex to be mounted so it remains at a later point in
the boot process.
Bug: 137267623
Test: Treehugger
Change-Id: I34266d6e9d2f394fffa8a2c7725479b5770d119c
The accidental trailing ':' appears to stop the line
triggering.
Bug: 137267623
Test: Checked the /system/bin/boringssl_self_test32
now runs on aosp_cf_x86_phone-userdebug
Change-Id: I7b4b1d6b838d8d1a7a0db7f104a94b34962df030
vold is already started during early-fs which happens before
post-fs-data.
Trying to start it again in post-fs-data is a little bit confusing.
Test: device boots
Change-Id: I5faefe6d1f1bb7472ea3d032b1f157c69da565f1
The script needs to run after keystore, which is now a core service.
Note the previous APEX requirement by ART is no longer needed.
Test: see keys loaded
Bug: 112038744
Change-Id: I02fb6ce193bb301488b259421f120e6aa6cd75b9
The installed file name of modules may not match the module name.
Use module-installed-files to get the installed file name.
Bug: 117607748
Test: m checkbuild
Test: only libprotobuf-cpp-*-3.9.1.so changed in ld.config.R.txt
Change-Id: I83b7519f344b65b6cd98c4cabcf9bce0e753ba92
Merged-In: I83b7519f344b65b6cd98c4cabcf9bce0e753ba92
Instead of init.cpp knowning about the boringssl self
test, use init.rc to exec dedicated self test executables.
Advantages:
- The self test is run not only both the copy of libcrypto
in /system but also /apex/com.android.conscrypt.
- The self test is run not only for the primary (e.g. 64bit)
ABI but also for a secondarry (e.g. 32bit) ABI.
- The dependency on libcrypto is kept to the self test binary.
- The self test binary abstracts the exact native API for
running the self test (this will change soon because the
self test will be run when the library is loaded).
Bug: 137267623
Test: Check that logcat shows both binaries being started as root,
and finishing with exit code 0.
Change-Id: I1e716749ee2133993f0f7b2836483391fd1a62f0
For now, keep symlinks only to the binaries demonstrably in use by apps
(dex2oat and dalvikvm).
Test: adb shell ls -l /system/bin
Bug: 124106384
Change-Id: Id662beb4c13785ac9d44bf41f9f33907219b69be
This is a temporary fix to keep the Bionic-associated libraries accessible
in the runtime namespace, pending a proper namespace split.
Test: Build & boot with taimen_hwasan-userdebug
Bug: 139408016
Bug: 139916951
Exempt-From-Owner-Approval: Approved internally
Change-Id: I27069b20f7c7068b931340f548b284ce1676466c
Merged-In: I27069b20f7c7068b931340f548b284ce1676466c
Start the serial console at the 'init' trigger instead of much later
when property triggers happen. This will help debugging early boot
issues.
Test: serial console starts early for a userdebug build
Test: serial console still doesn't start on a user build
Change-Id: I7112a8e7171c9fa865c8787c9a3d14515bc59478
Init sets the encryption policy on these directores when created.
Bug: b/139193659
Test: Boot device without this, then try to boot with it without wiping.
Cherrypicked-From: 7bf42f148a
Change-Id: I6b26710674b51d62fa4a07b06e06c539571fb7ac
Merged-In: I6b26710674b51d62fa4a07b06e06c539571fb7ac
This directory is intended to be used by boringssl
(through the bssl_self_test{,64} binaries) to create /
check for the existence of marker files indicating that
the self test has successfully run.
It appears that because this is an .rc script for init
rather than a shell,
mkdir -p /dev/boringssl/selftest 0755 root root
wouldn't work.
Bug: 139348610
Bug: 136262690
Test: Checked that after booting, /dev/boringssl/selftest
exists:
$ su root ls -l /dev/boringssl
total 0
drwxr-xr-x 2 root root 40 1972-02-11 03:27 selftest
Test: Checked that if I instead try:
mkdir -p /dev/boringssl/selftest 0755 root root
in init.rc then the directory isn't created (there is
no error message in logcat because logd is only
started in line 311).
Change-Id: I12fdd08c8ead152ac4e62cbd0a2099a9d6170ddb
Linker namespace 'rs' has /system/lib/vndk-sp in its search paths.
So we don't need to link 'rs' namespace to 'vndk' namespace.
Bug: 139706981
Test: run RS-using apps from Play
Change-Id: I14c1d6c4e7624bbd6551731ea88de1b4c2e5edb6
This change fixes a bug that neuralnetworks namespace is linked to the
default namespace in [vendor] section. Default namespace is for
/vendor/lib in [vendor] section. System libraries are available in the
'system' namespace.
Bug: 139113342
Test: N/A
Change-Id: I1b6751e5e33522f9829f3d9ad7371efdce01b0f0
This change is part of enabling upcoming platform changes that are
described in the bug linked below.
Bug: 135341433
Test: builds, boots successfully and external storage remains
an sdcardfs mount by default and works correctly
Test: cat /proc/1/mountinfo is unchanged
Change-Id: Idf851b3a42910e0ce8fdd75daea1cce91dd1aa98
Linker ignores link configuration if either namespace is not valid.
However there was a link configuration from postinstall section which
target link namespace does not exist. Also, there was no binary within
postinstall from hwasan build (checked with bonito), so there may be no
usage for this section now. Removing this line for better human
readability, and behavior of the linker would be same as before.
Test: m -j && tested from cuttlefish
Change-Id: I0c7b2949d055ba767e1429238e8764ee7798fe44
This CL implements some of the libsnapshot internals necessary to work
with update_engine. In particular it implements snapshot and update
state, as well as creating and mapping snapshot devices. It does not
implement anything related to merging, nor does it implement the full
update_engine flow.
Update state is stored in /metadata/ota/state. To synchronize callers of
libsnapshot, we always flock() this file at the top of public functions
in SnapshotManager. Internal functions are only called while the lock is
held, and a "LockedFile" guard object is always passed through to
indicate proof-of-lock.
Low-level functions, such as snapshot management, have been moved to
private methods. Higher-level methods designed for update_engine will
ultimately call into these.
This CL also adds some functional tests for SnapshotManager. Test state
is stored in /metadata/ota/test to avoid conflicts with the rest of the
system.
Bug: 136678799
Test: libsnapshot_test gtest
Change-Id: I78c769ed33b307d5214ee386bb13648e35db6cc6
Move the symlink destination of /system/usr/icu from Runtime APEX to
i18n APEX
Bug: 137009149
Test: Device boots
Change-Id: I86ff83a28d4124892d2b5d84ff09bc539f76c941
Linkerconfig requires more libraries txt files to get library list
related variable values. To make this available from runtime, those
should be added as build target and included in system image.
Bug: 137511540
Test: m -j && tested from cuttlefish
Change-Id: Id3304eea5a7d8f2ffc171cd3b110b7d65e881f8c
Makes updated libneuralnetworks.so in /apex/com.android.neuralnetworks/{LIB}
loadable from all relevant namespaces.
Test: Verified that right library is being loaded using lsof and
Test: verbose debug logs from bionic/ld.
Bug: 137320025
Change-Id: I38140bb9915a3f85f10456e15ed0f492dbdba802
Recently Android build team changed environment to use prebuilt toybox
binaries for common tools (aosp/852849). However, as toybox xargs does
not support -I option, update_and_install_ld_config.mk started to fail
filtering out private vndk libraries from the list. To resolve this,
xargs usages are replaced with other shell command (read).
Bug: 137832162
Test: m -j && tested on Cuttlefish
Change-Id: I218ce6272c781f826b87c8efc0d3c77bf6bc3af5
/metadata/ota will store the update state ("none", "applying",
"booting", "merging") for each dynamic partition. The data will be
managed by libsnapshot, whose primary consumer will be update_engine
but will also be available to recovery/fastbootd.
Bug: 136678799
Test: /metadata/ota exists
Change-Id: I3e06484cafeb363904914767abc8984adaa37021
system_suspend need to be an early_hal as it's required before storage
encryption can get unlock on FDE devices.
/sys/power/wake_lock is a dependency of system_suspend (only in Q and
earlier). Permissions on this file need to be set early enough.
Bug: 136777986
Bug: 133175847
Test: boot blueline
Change-Id: I8a9d3374b327e451fb98d2279d1bac9477a9560d
This reverts commit 997a2d93d7.
Reason for revert: This revert is needed, just also need some selinux rules for changes to the script that runs if this folder is present.
Bug: 136199978
Change-Id: Ie0544954965e3c90abc2f833c41949976c3bea65
(cherry picked from commit 35708b9d7b)
This reverts commit 997a2d93d7.
Reason for revert: This revert is needed, just also need some selinux rules for changes to the script that runs if this folder is present.
Bug: 136199978
Change-Id: Ie0544954965e3c90abc2f833c41949976c3bea65
This reverts commit 891a011394.
Reason for revert: Some Test failed, need more investigation
Bug: 136199978
Change-Id: Ibad0dad02a6701447c39ddcc805d44c9e68bdcce
Create linkerconfig tmpfs mount and create ld.config.txt using
linkerconfig during init
Bug: 135004088
Test: m -j & tested from device
Change-Id: Iea30259871ef26d6c04beebf42b17ba7b494db0d
This reverts commit c6ca823710.
Reason for revert: Q-GSI on Pie devices would crash kernel.
Bug: 136199978
Change-Id: I16a2cb81a1f21627db0cb00324679a322ba42fe0
Update adb, fastboot and mount point
Bug: 134359158
Test: build and check if system_ext.img can be flashed
Change-Id: I6219f72242c5fe42a508008c0b1fd218d74da5b6
We need vold on early-fs so we can handle userdata checkpointing.
Without this, devices will take an extra minute or two as checkpointing
related vdc calls attempt to reach vold before it is available.
Bug: 134114000
Test: Boot, see vold has started before vdc checkpointing tries to call
out to vold.
Merged-In: Idfdb304503a163fbb91f9317949eb98c06fecce1
Change-Id: Idfdb304503a163fbb91f9317949eb98c06fecce1
We need vold on early-fs so we can handle userdata checkpointing.
Without this, devices will take an extra minute or two as checkpointing
related vdc calls attempt to reach vold before it is available.
Bug: 134114000
Test: Boot, see vold has started before vdc checkpointing tries to call
out to vold.
Change-Id: Idfdb304503a163fbb91f9317949eb98c06fecce1
Without this, binaries can't be run out of /data/local/tmp on a HWASANified
device.
Bug: http://b/134503977
Test: Chromium's /data/local/tmp/md5sum/md5sum_bin works on walleye_hwasan-userdebug
Change-Id: Ieceaab8aae0024864022ca42b38aa36e6212cf31
(cherry picked from commit 563ca38154)
Without this, binaries can't be run out of /data/local/tmp on a HWASANified
device.
Test: Chromium's /data/local/tmp/md5sum/md5sum_bin works on walleye_hwasan-userdebug
Change-Id: Ieceaab8aae0024864022ca42b38aa36e6212cf31
The old "time zone updates via APK" feature installs time zone data
files in /data. tzdatacheck is run during boot to guard against an
OTA leaving the data in /data older, or in a different format, than the
files that exist elsewhere on device. If such files existed the system
could use old versions of tzdb (and related) data or even end up
unstable.
Soon, the time zone data mainline module will be made "functionally
mandatory" by the removal of most time zone data files from the
runtime module APEX, i.e. the time zone data module cannot be absent,
and the runtime module won't have files to compare against.
This change modifies the command line args for tzdatacheck to reference
the contents of time zone data module instead of the runtime module.
Bug: 132168458
Test: Build / boot / inspect logcat
Change-Id: Iac8023b7cbb72213df344d603c121caa867a196f
There is no reason that rlimits cannot be set earlier than they are,
and apexd-bootstrap may want to set the priority service option, which
would require that these rlimits have been set, so we move these to
the beginning of early-init.
Bug: 134668377
Test: apexd-bootstrap can set the priorty service option
Change-Id: I8040190cd4dc5e141784496ae65cfab80d9cad53
The canonical location of the HWASAN runtime, an LL-NDK library, is being moved
to the runtime APEX. It is apparently the first LL-NDK library in the runtime
APEX that does not require a legacy symlink in /system/${LIB}. Therefore we
need to link the HWASAN runtime in the runtime namespace to various namespaces
so that the library can be loaded from outside of the namespace.
Also, add $SANITIZER_RUNTIME_LIBRARIES to
namespace.default.link.system.shared_libs. This is necessary because in
the accompanying Soong change, we cause the HWASAN runtime to be removed
from $LLNDK_LIBRARIES. In most cases, except for this one, this was a no-op
because we were already including both sets of libraries in shared_libs.
Bug: http://b/134503977
Test: Builds
Change-Id: I67d64788855d28f3a156a1b9cf8a897617277730
Merged-In: I67d64788855d28f3a156a1b9cf8a897617277730
(cherry picked from commit fb1c5a724e)
This directory is no longer used. OBB content is
placed in /data/media/$user/Android.
Test: make
Test: manually verify the path doesn't exist.
Bug: 129167772
Change-Id: I8549826586b9a68c8cfa3fe2e51295363f9b4e11
Executable in /data/ runs in default linker namespace, not
classloader namespace.
In Q, we moved libicuuc.so and libicui18n into the runtime
namespace, and allow linking from runtime namespace and classloader
namespace.
This change further allows linking from default namespace, and tries
to fix the regression temporarily.
Bug: 130788466
Test: The app issue is fixed after this CL
Merged-In: Ifae52b554124514e433cfe78875643a7450fbabd
Change-Id: Ifae52b554124514e433cfe78875643a7450fbabd
(cherry picked from commit 0c7edece94)
Permitted paths were empty for ASAN builds with the media namespace.
Bug: 131625115
Test: no dlopen failure on libflacextractor.so in aosp_cf_x86_pasan
Change-Id: I90050fc54820ba68d64931412572f3b0954e6616
Executable in /data/ runs in default linker namespace, not
classloader namespace.
In Q, we moved libicuuc.so and libicui18n into the runtime
namespace, and allow linking from runtime namespace and classloader
namespace.
This change further allows linking from default namespace, and tries
to fix the regression temporarily.
Bug: 130788466
Test: The app issue is fixed after this CL
Change-Id: Ifae52b554124514e433cfe78875643a7450fbabd
We used to start update_verifier after mounting userdata (post-fs-data),
as part of zygote-start. This leads to issues in practice for security
updates, where an A/B device falls back into the old slot (for any
reason, which unrelates to this change) but failing to boot due to
upgraded key blob. It essentially breaks the fallback capability offered
by A/B OTA.
This CL mitigates the issue by starting update_verifier early, before
mounting userdata. This avoids the device from falling back to the old
slot with an already-upgraded key blob. update_verifier loses the
opportunity of verifying _all_ the updated blocks based on the info
that's stored in userdata. Instead it will only trigger the minimal
read to finish the work of marking a successful boot. This is a
trade-off in P to avoid putting the device in a bad state after
fallback, which will be improved in Q by better handling the fallback
path in vold.
Bug: 131176531
Test: Flash and boot crosshatch. Check the start of update_verifier and
it marks a successful boot.
Change-Id: I3f4c4333ff38772a9a93c9d027d497db11de1d63
(cherry picked from commit 79cfc7d5a8)
The canonical location of the HWASAN runtime, an LL-NDK library, is being moved
to the runtime APEX. It is apparently the first LL-NDK library in the runtime
APEX that does not require a legacy symlink in /system/${LIB}. Therefore we
need to link the HWASAN runtime in the runtime namespace to various namespaces
so that the library can be loaded from outside of the namespace.
Also, add $SANITIZER_RUNTIME_LIBRARIES to
namespace.default.link.system.shared_libs. This is necessary because in
the accompanying Soong change, we cause the HWASAN runtime to be removed
from $LLNDK_LIBRARIES. In most cases, except for this one, this was a no-op
because we were already including both sets of libraries in shared_libs.
Change-Id: I67d64788855d28f3a156a1b9cf8a897617277730
This relands http://r.android.com/951440:
This affected binaries in the Runtime APEX, where the platform namespace is
"platform" rather than "default".
Also extend ANDROID_ADDITIONAL_PUBLIC_LIBRARIES to create links to both to
platform and runtime namespaces, so that it can be used to open up access to
internal libraries in the Runtime APEX as well, which is used by ART gtests
and run tests.
Also update some comments in the ld.config*.txt files to accurately explain
why some namespaces need to be visible, and some other minor changes for
consistency. There are no semantically significant changes in those files.
Test: Flash and boot
Test: Run an ART run test with the internal libarttest.so library
Test: lunch aosp_cf_x86_phone-eng;
atest android.compilation.cts.AdbRootDependentCompilationTest#testCompile_curProfile \
com.android.cts.dexmetadata.InstallDexMetadataHostTest#testProfileSnapshotAfterInstall \
installd_dexopt_test
Bug: 130293232
Bug: 121117762
Change-Id: I3d9f2102a03e83843e15bc78b5ad347220c52769
Follow up to http://r.android.com/943476. This library is only available in
debug builds of the Runtime APEX.
Test: Flash and boot with eng build
Change-Id: I260f9b838f44ba3f8976c117d9e42fc456239e88
This reverts commit 4ca0ca67bf.
Reason for revert: Breaks android.compilation.cts.AdbRootDependentCompilationTest#testCompile_curProfile and others: http://g/art-team/R2nEDA1Ka_s
Change-Id: Ia6285648133d21e61040efafc73cac97d702a7c4
This affected binaries in the Runtime APEX, where the platform namespace is
"platform" rather than "default".
Also extend ANDROID_ADDITIONAL_PUBLIC_LIBRARIES to create links to both to
platform and runtime namespaces, so that it can be used to open up access to
internal libraries in the Runtime APEX as well, which is used by ART gtests
and run tests.
Also update some comments in the ld.config*.txt files to accurately explain
why some namespaces need to be visible, and some other minor changes for
consistency. There are no semantically significant changes in those files.
Test: Flash and boot
Test: Run an ART run test with the internal libarttest.so library
Bug: 130293232
Bug: 121117762
Change-Id: I7ebaf5370dd0f533b1bb5f0e67e7c3c1df48e512
On devices that use FDE and APEX at the same time, we need to bring up a
minimal framework to be able to mount the /data partition. During this
period, a tmpfs /data filesystem is created, which doesn't contain any
of the updated APEXEs. As a consequence, all those processes will be
using the APEXes from the /system partition.
This is obviously not desired, as APEXes in /system may be old and/or
contain security issues. Additionally, it would create a difference
between FBE and FDE devices at runtime.
Ideally, we restart all processes that have started after we created the
tmpfs /data. We can't (re)start based on class names alone, because some
classes (eg 'hal') contain services that are required to start apexd
itself and that shouldn't be killed (eg the graphics HAL).
To address this, keep track of which processes are started after /data
is mounted, with a new 'mark_post_data' keyword. Additionally, create
'class_reset_post_data', which resets all services in the class that
were created after the initial /data mount, and 'class_start_post_data',
which starts all services in the class that were started after /data was
mounted.
On a device with FBE, these keywords wouldn't be used; on a device with
FDE, we'd use them to bring down the right processes after the user has
entered the correct secret, and restart them.
Bug: 118485723
Test: manually verified process list
Change-Id: I16adb776dacf1dd1feeaff9e60639b99899905eb
On devices that use FDE and APEX at the same time, we need to bring up a
minimal framework to be able to mount the /data partition. During this
period, a tmpfs /data filesystem is created, which doesn't contain any
of the updated APEXEs. As a consequence, all those processes will be
using the APEXes from the /system partition.
This is obviously not desired, as APEXes in /system may be old and/or
contain security issues. Additionally, it would create a difference
between FBE and FDE devices at runtime.
Ideally, we restart all processes that have started after we created the
tmpfs /data. We can't (re)start based on class names alone, because some
classes (eg 'hal') contain services that are required to start apexd
itself and that shouldn't be killed (eg the graphics HAL).
To address this, keep track of which processes are started after /data
is mounted, with a new 'mark_post_data' keyword. Additionally, create
'class_reset_post_data', which resets all services in the class that
were created after the initial /data mount, and 'class_start_post_data',
which starts all services in the class that were started after /data was
mounted.
On a device with FBE, these keywords wouldn't be used; on a device with
FDE, we'd use them to bring down the right processes after the user has
entered the correct secret, and restart them.
Bug: 118485723
Test: manually verified process list
Change-Id: I16adb776dacf1dd1feeaff9e60639b99899905eb
The debug ramdisk can only be used if the device is unlocked.
When it's used, init will load adb_debug.prop and the userdebug
sepolicy from the debug ramdisk, to allow adb root on a user build.
Bug: 126493225
Test: 'make' and checks the file is installed
Change-Id: Id6962414197fc8f47f7c07818e8fb16107dc17a3
Merged-In: Id6962414197fc8f47f7c07818e8fb16107dc17a3
(cherry picked from commit 05f07d89a6)
The debug ramdisk can only be used if the device is unlocked.
When it's used, init will load adb_debug.prop and the userdebug
sepolicy from the debug ramdisk, to allow adb root on a user build.
Bug: 126493225
Test: 'make' and checks the file is installed
Change-Id: Id6962414197fc8f47f7c07818e8fb16107dc17a3
In previous implementation, userdebug sepoilcy and property files are
loaded from the system.img. This CL changes this to:
- first-stage init copies userdebug files from ramdisk to /debug_ramisk/*
- second-stage init loads files from /debug_ramdisk/*.
Note: same as before, the above can only be triggered, if the device
is UNLOCKED
With this, we don't have to put userdebug related files into the USER
system.img.
Bug: 126493225
Test: boot device with a ramdisk with /force_debuggable, checks related
files are loaded
Change-Id: I63f5f846e82ba78427062bf7615c26173878d8f3
Merged-In: I63f5f846e82ba78427062bf7615c26173878d8f3
(cherry picked from commit 30afda71c0)
In previous implementation, userdebug sepoilcy and property files are
loaded from the system.img. This CL changes this to:
- first-stage init copies userdebug files from ramdisk to /debug_ramisk/*
- second-stage init loads files from /debug_ramdisk/*.
Note: same as before, the above can only be triggered, if the device
is UNLOCKED
With this, we don't have to put userdebug related files into the USER
system.img.
Bug: 126493225
Test: boot device with a ramdisk with /force_debuggable, checks related
files are loaded
Change-Id: I63f5f846e82ba78427062bf7615c26173878d8f3
right now vendor_init is forked before we set oom_adj for init which
leaves a chance vendor_init could be killed in heavy memory pressure.
this CL set the oom_adj before forking everything to ensure all native
have correct oom_adj settings.
Fixes: 130824864
Test: procrank -o
(cherry picked from commit 45d8174fe7)
Change-Id: I68c18f9db24d55239f7f0608592fcc702f04542e
right now vendor_init is forked before we set oom_adj for init which
leaves a chance vendor_init could be killed in heavy memory pressure.
this CL set the oom_adj before forking everything to ensure all native
have correct oom_adj settings.
Fixes: 130824864
Test: procrank -o
Change-Id: I8af129076c3efa29f7b781459449f8f2dc853c98
/sbin was traditionally used for static binaries on the ramdisk for
Android, but now everything is a shared binary, so this directory is
empty and we do not want to encourage creation of new libraries in
this directory.
Bug: 73660730
Test: build
Change-Id: I0d0aa052e1eaf529d18921c45169473df0ee51ff
charger needs to suspend the device when the power goes away
when it doesn't have root. These two files are marked with
group system, user system, mode 0600 in 'on boot', but
it is not executed in charger. Hence, move these actions
to 'on init'.
Test: no failure in libsuspend in charger
Bug: 129138950
Change-Id: I787b935b4ff6177601329aeedccdac361b119ca3
Merged-In: I787b935b4ff6177601329aeedccdac361b119ca3
charger needs to suspend the device when the power goes away
when it doesn't have root. These two files are marked with
group system, user system, mode 0600 in 'on boot', but
it is not executed in charger. Hence, move these actions
to 'on init'.
Test: no failure in libsuspend in charger
Bug: 129138950
Change-Id: I787b935b4ff6177601329aeedccdac361b119ca3
With the recent change that removed get_exported_namespace out of libdl,
the RenderScript SP-HAL stopped using android_dlopen_ext which it used
to load libRS_internal.so in the "rs" namespace. Instead, it now falls
back to the ordinary dlopen() call. The dlopen() call tries to load the
lib in the current namespace (which is sphal) and then falls back to the
linked namespaces: default, vndk, rs.
The problem is that rs is listed as the last namespace and therefore the
linker tries the namespace only when it failed to load the library in
other namespaces: default and vndk. libRS_internal.so is accessible to
both vndk and rs namespaces. So, the dlopen() call always goes into the
vndk namespace and there is no chance for the lib to be loaded in the rs
namespace.
To fix the problem, the rs namespace is placed before vndk so that the
namespace is tried first.
Bug: 129550847
Test: runtest -x cts/tests/camera/src/android/hardware/
Change-Id: Idafc32f8a309dd12495768931d7ea17a2f791c50
This CL adds three GSI keys, to allow booting a GSI with AVB
to enable dm-verity.
https://android.googlesource.com/platform/external/avb/
The keys for R and S GSI is to allow a device boots a new
version of GSI in a Treble-compatible manner.
For more information about GSI, please visit:
https://source.android.com/setup/build/gsi
Bug: 112293933
Test: m q-gsi.avbpubkey r-gsi.avbpubkey s-gsi.avbpubkey
Change-Id: I4439e44fbd5da3240d7f6c7987f66445ec4590c5
Android sets /proc/sys/vm/dirty_expire_centisecs to 200, so f2fs
doesn't need to do checkpoint in 60 seconds.
Bug: 127511432
Change-Id: I2ba0623053d4480b82003eb1cca85ff03c61fc0f
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Change access mode and ownership for /proc/pressure/memory file
to allow system components access memory pressure information.
Bug: 129476847
Change-Id: I25b6bc9d47aee857936f050b66e7bee6363b53be
Signed-off-by: Tim Murray <timmurray@google.com>
This is necessary to get the correct APEX namespace setup for apps that
executes binaries from there.
In older releases no linker config applied to binaries in /data, so the
fallback config in /system/bin/linker was used, which basically just looked
up libraries in /system/{lib,lib64}. With the introduction of APEXes that
location no longer contains the complete set of libraries, so this is
necessary to retain functional parity.
Strictly speaking this fallback rule should apply as last resort for a
binary in any location, but the linker does not accept "dir.system = /".
Test: Flash and boot
Test: The app regression in b/128569634
Bug: 128569634
Change-Id: Icfcd66f0a7d8d898618be1b6186bb1111d20d688
They are not needed since the binaries and relevant exported libraries have
moved to the Runtime APEX.
Test: Flash and boot
Test: atest CtsJniTestCases CtsJdwpTestCases
Bug: 119867084
Change-Id: If416fbae7057aec02059bb31a4dcd8b63dcc0cad
This gives us two benefits:
- Better compatibility to keyctl(1), which doesn't have "dadd"
- Pave the way to specify key's security labels, since keyctl(1)
doesn't support, and we want to avoid adding incompatible option.
Test: See keys loaded in /proc/keys
Bug: 128607724
Change-Id: Ia45f6e9dea80d037c0820cf1fd2bc9d7c8bb6302
AsynchronousCloseMonitor is moved into libandroidio by
r.android.com/910073 and so libjavacore no longer needs to
be linked to the conscrypt namespace.
Bug: 123744297
Test: m && flashall
Test: atest CtsLibcoreOkHttpTestCases
Test: atest CtsLibcoreTestCases
Change-Id: Id720b59e4ef42a2c0226b497a1cc3c54f7a837d0
Make ld.config.legacy.txt similar to other linker configurations with
respect to tests in /data/{nativetest,benchmarktest}{,64}.
Note: The linker legacy configuration is used by the ART generic build
targets, defined in project device/generic/art.
Test: ART chroot-based on-device testing using the master-art
Bug: 121117762
Change-Id: I6c8fafa2568862e450aa7b9fea1177a184cb9705
With allow_all_shared_libs, the libs under /system/lib may be used
instead of libs included in the apex. This change adds stable libraries
the media apex relies on to prevent this case.
Test: dumpsys media.extractor, atest MediaPlayer2Test
Bug: 127791685
Change-Id: I6a0419e6da9e9f48a394257b1e8f977ec2dfa9a1
Keys may be required for apex updates (post-installs), so load them
before starting apexd.
Bug: 125474642
Test: m
Test: manual
Change-Id: I32ddb6ae6854334e8ee7e195173ecfaed565d783
Observe some best practices in the APEX symlink
shell commands. No functional changes intended except with error
handling.
Bug: 128687472
Bug: 124106384
Bug: 122985829
Bug: 128249030
Test: make installclean / make droid / inspect one symlink
Change-Id: I099fed5ac8f25cc3911ce0e7ea2b9f74c2172193
Tobias Thierer