- Neuter SOCK_NONBLOCK and SOCK_CLOEXEC if they are not defined.
- F_SETFL O_NONBLOCK after socket() call.
- Correct environment reference (we recently changed handler to
replace non-ascii and non-numericals with '_' for env tag).
Test: libcutils_test32 --gtest_filter=SocketsTest.android_get_control_socket
Bug: 32450474
Change-Id: I409a8c2c78e5f057af5fd6251cbd8657018be22b
Add CAP_SYSLOG, CAP_AUDIT_CONTROL and CAP_SETGID, set
uid and gid to AID_LOGD, and permissions user and group
read and execute only.
Fix up indents for in table for clarity.
Test: gTest logd-unit-tests, liblog-unit-tests and logcat-unit-tests
Manually inspect owner and group for /system/bin/logd
Bug: 32450474
Change-Id: I5183ab200dbcd13efb0727cb91db5b12018ae804
Solve one more issue where privilege is required to open a file and
we do not want to grant such to the service. This is the client side
of the picture, init is the server. The file's descriptor was placed
into the environment as "ANDROID_FILE_<path>" where non-alpha and
non-numeric characters in the <path> are replaced with _ and this
function picks the file descriptor up.
Added definition ANDROID_FILE_ENV_PREFIX ("ANDROID_FILE_") and
android_get_control_file() prototype in a new include <cutils/files.h>
android_get_control_file() checks if the resulting file descriptor is
valid, open and matches the name reference, which on purpose will fail
if a symbolic link is in the path rather than using a fully qualified
path. Add gTest unit test for both.
Test: gTest libcutils_test --gtest_filter=FileTest.android_get_control_file
Bug: 32450474
Change-Id: I2d0310a1727f1e393a00d9fc7e6cf5d028f27905
android_get_control_socket() checks if the resulting file descriptor
is valid, open and matches the socket bound name reference, which on
purpose will fail if a symbolic link is in the path rather than using
a fully qualified path. If there are any non-alpha and non-numeric
characters in the name, they are replaced with _. Add unit test.
Test: gTest libcutils_test --gtest_filter=SocketTest.android_get_control_socket
Bug: 32450474
Change-Id: I27a6419012033ef8bd6ca04f3e479d01264d8c49
The webview_zygote is a non-root zygote process that creates isolated_app
children for rendering web content. It needs:
- CAP_SETUID and CAP_SETGID to change the UID of the new child process.
- CAP_SETPCAP to clear the capability bounding set after forking.
Test: m
Test: angler boots
Bug: 21643067
Change-Id: I986fa04be54e812f5dd2afa14e5d2d3e474e2b10
Add netlink permissions for the new wifi HAL daemon name.
Bug: 31821133
Test: Compiled and ensured that the permission denials are no longer
present in logs.
Change-Id: If939df4760d9f7e85f0f134617d3a79030e09347
Point to log/log.h where necessary, define LOG_TAG where necessary.
Accept that private/android_logger.h is suitable replacement for
log/logger.h and android/log.h.
Correct liblog/README
Effectively a cleanup and controlled select revert of
'system/core: drop or replace log/logger.h' and
'system/core: Replace log/log.h with android/log.h'.
Test: compile
Bug: 30465923
Change-Id: Ic2ad157bad6f5efe2c6af293a73bb753300b17a2
* changes:
fs_mgr: use __android_log_is_debuggable()
adb: use __android_log_is_debuggable()
debuggerd: use __android_log_is_debuggable()
logd: use __android_log_is_debuggable()
libcutils: use __android_log_is_debuggable()
Test: manual - make sure it works in both IPv4/IPv6 env.
BUG: 31537253
Change-Id: Ica492bff34a8c0441516a213d0e8b78fcdfd3282
Signed-off-by: Tao Wu <lepton@google.com>
HIDL requires file descriptors to be wrapped in native_handle_t. We want
a low overhead way to do that when the number of file descriptors is known
at compile time. Instead of
// wrap an fd in native_handle_t
native_handle_t* fd_handle = native_handle_create(1, 0);
if (!fd_handle) {
// clean up and return error
}
fd_handle->data[0] = fd;
hidl_cb(..., fd_handle);
native_handle_delete(fd_handle);
this change adds native_handle_init to allow for
// wrap an fd in native_handle_t
NATIVE_HANDLE_DECLARE_STORAGE(fd_storage, 1, 0);
native_handle_t* fd_handle = native_handle_init(fd_storage, 1, 0);
fd_handle->data[0] = fd;
hidl_cb(..., fd_handle);
Test: make libcutils
Bug: 32021609
Change-Id: If1fd07482243d37492fdea57c602a1b13c8953cc