Applications can set abort messages via android_set_abort_message
without actually aborting. This leads to following non-fatal dumps
printing their output to logcat in the same format as a regular crash.
Bug: http://b/37754992
Test: debuggerd_test
Change-Id: I9c5e942984dfda36448860202b0ff1c2950bdd07
(cherry picked from commit e06f2a4886)
This got moved when refactoring the reboot commands.
Bug: 37540660
Test: verify bullhead's last_reboot_reason is correct
Change-Id: I3b86496fc469ca41645df7e7ba8bb51dd25b6b38
(cherry picked from commit 47336cebc3)
- Test data shows that most shutdown finishes in 6 secs.
- The original 10 secs is too long wih no shutdown animation
running in screen.
bug: 36657139
Test: check time with reboot
(cherry picked from commit 7feab68238)
Change-Id: I2e0ec81baa7b6cdb1ff0163c16f643c2549d74ab
- init will only keep animation related services as shutdown critical.
- external component like system server can start shutdown animation.
bug: 37500823
Test: reboot
(cherry picked from commit e2b04b71ae)
Change-Id: I9a0432148887557b705d6b8bbe35f5fb1ffad5b9
The Bluetooth HAL has threads that process Bluetooth audio. They need
to be scheduled as RT priority, so allow the Bluetooth HAL to set its
threads to RT scheduling.
Bug 37518404
Test: play Bluetooth audio, confirm priority via systrace
Merged-In: I4928cf182a0805c0714e4d073cba15c864fbe328
Change-Id: I4928cf182a0805c0714e4d073cba15c864fbe328
(cherry picked from commit e08303d8cf)
VNDK-SP is relocated back to /system partition from /vendor partition,
following the original design.
In addition, the namespace for RenderScript is added. The namespace is
dedicated for loading VNDK-SP libs for RenderScript such as
libRS_internal.so. The reason for having a separate namespace is that
RenderScript requires more permitted paths (/data/*) which should not be
allowed for normal SP-HALs.
Bug: 37522144
Bug: 37550338
Test: sailfish builds and boots well
Test: lsof shows VNDK-SP libs are loaded from /system/lib/vndk-sp
Test: RenderScript app (CameraScript) runs well
Change-Id: Id139f626cafae2e43ee4eefc5a57a204e31bbbc9
Currently zygote is started early for FBE device but update_verifier is run later
which creates a potential risk. This CL ensures update_verifier run before
zygote touches anything within data/ partition. With this change, we also start zygote
early for unencrypted/unsupported encryption state device.
Bug: 37543411
Test: marlin boots
(cherry picked from commit 5dc05effec)
Change-Id: I97cde0c20f74b1b17c995d84c2e31c86fe006395
Add asan counterparts.
Bug: 37579959
Test: m && m SANITIZE_TARGET=address
Merged-in: I23f05436b79fbcb3f6fa11d84c95fcd180fad3b3
Change-Id: I23f05436b79fbcb3f6fa11d84c95fcd180fad3b3
persist.sys.usb.config values can't be combined on build-time when
property files are split into each partition.
So we need to apply the same rule of
build/make/tools/post_process_props.py on runtime.
Test: building succeeded and tested on sailfish.
Bug: 37617113
Bug: 37648659
Merged-In: If1e4279f05d74eccf5ce23eef41a466b7d8e3bde
Merged-In: I1e5ad9da360bfb3cb4970e12a76522fd0a5126b8
Change-Id: I78cdffee446d3ae6a89f138faed5f3149e4b507d
(cherry picked from commit 0cf3a07e14)
Fixes issue where attributes used exclusively in neverallow
rules were removed from policy.
Bug: 37357742
Test: Force on-device compile by removing precompiled policy.
Verify no increase in compile time.
Change-Id: I0d145fd311c2ddcb226a827f2a997f10c20a8379
It's now specified in the hal .rc file.
Bug: 37105075
Bug: 37483427
Test: Wifi HAL runs on Fugu and Pixel.
Change-Id: Iead8d4146a794cf9afbaa06a60e9f269ddc425af
- late start of zygote_secondary leads into occasional
1 second wait for starting system service.
- Early start secondary zygote so that there is no additional
wait.
bug: 37508384
Test: python packages/services/Car/tools/bootanalyze/bootanalyze.py -r -c packages/services/Car/tools/bootanalyze/config.yaml -n 100 -f -e 16 -w 30
(cherry picked from commit f8532445b4)
Change-Id: Ia46b07f3d6abb090cc169ebd807e21b16694d172
This reverts commit 5e801e7bd5.
The file permissions don't allow access to the lock on devices
where vendor code runs with UID root and GID radio. They are
no longer necessary because we have a more flexible selinux-based
solution in https://android-review.googlesource.com/#/c/354223/ .
Test: strace -f -e flock -p <netmgrd_pid> on angler shows flock succeeds
Test: strace -f -e flock -p <netmgrd_pid> on marlin shows flock succeeds
Test: netd_unit_test passes on marlin
Test: strace -f -e flock -p <netd_pid> on marlin shows flock succeeds
Bug: 36108349
Bug: 37483189
(cherry picked from commit b6e4b35fe4)
Change-Id: Ia1bbf8d93ec6777514be66cbd1a32dfc95df95c0
Merged-In: Ia1bbf8d93ec6777514be66cbd1a32dfc95df95c0
(cherry pick from commit b867beac56)
The gTest should not be able to set ro.device_owner, either as a unit
test or a CTS test. The CTS test should not be able to set
persist.logd.security, the gTest may as it is run on userdebug with
root, so check if we are root to discern expectations.
Test: gTest liblog-unit-tests --gtest_filter=liblog.__security
Test: cts-tradefed run cts-dev -a armeabi-v7a -m CtsLiblogTestCases -t liblog#__security
Bug: 36480230
Change-Id: I1da88aae34da4e2fca8dd88d740eeb879d9c65bb
(cherry pick from commit 3510359a3c)
ro.logd.kernel, ro.config.low_ram, ro.logd.timestamp and ro.debuggable
need to be retrieved prior to logd start in order for the service to
behave in a configured manner. Other essential services are also
dependent on these system properties as well, so it just makes sense
to pick them all up first in 'on fs'.
Test: smoke test
Bug: 37425809
Change-Id: I33ad185f397ee527ed3c84cc2bcb40ff8ca785b5
- Do not use -f if it was cleanly shutdown.
- For unclean shutdown or other operation failures like
mount, tune2fs failure, run full check.
- Still old image will run full check once in 5 reboots
while new image will not run full check unless something
fails.
- Add retry for final mount. If mount fails once, run full fsck
once and try again.
bug: 32246772
bug: 35366616
Test: many reboots
(cherry picked from commit 40db04d640)
Change-Id: If312d91e09aca0648dd926e26a3d1e5f7ddedb46
this will make the implementation more cleaner,
and has error message output when failed on some operations
also add the O_TRUNC flag explicitly for the open function
called in write_file.
And add more test on read_file and write_file functions
Bug: 36726045
Bug: 36576280
Test: manual with hikey
Test: boot and init tests on bullhead
Test: cast with fugu, per b/36726045
Merged-In: If3c30a2fff58cfece2fcd27e69c30382146e6808
Change-Id: If3c30a2fff58cfece2fcd27e69c30382146e6808
Signed-off-by: Yongqin Liu <yongqin.liu@linaro.org>
(cherry picked from commit dbe88e7953)
The content parameter of write_file() previously took a char* that was
then converted to a std::string in WriteStringToFd(). One unfortunate
effect of this, is that it is impossible to write data that contains
'\0' within it, as the new string will only contain characters up
until the '\0'.
This changes write_file() to take an std::string, such that
std::string::size() is used to determine the length of the string,
allowing it to contain null characters.
Also change the path parameter of read_file() and write_file() for
consistency.
Lastly, add a test for handling strings with '\0' in them.
Bug: 36726045
Bug: 36576280
Test: Boot bullhead, run unit tests
Change-Id: Idad60e4228ee2de741ab3ab6a4917065b5e63cd8
(cherry picked from commit 53089aa25c)
(cherry pick from commit 9fcaaba85d)
When BOOL_DEFAULT_FLAG_ENG and/or BOOL_DEFAULT_FLAG_SVELTE is set for
flags parameter in __android_logger_property_get_bool, they can not be
overridden by a supplied property value. Reset these two flags if
there is something in the specified property.
Test: gTest liblog-unit-tests, logcat-unit-tests and logd-unit-tests
Bug: 37425809
Change-Id: I5fc2d727e8c30bc1e781f8b365f44ec62dd36b4d
Currently if a process sets the sys.powerctl property, init adds this
property change into the event queue, just like any other property.
The actual logic to shutdown the device is not executed until init
gets to the action associated with the property change.
This is bad for multiple reasons, but explicitly causes deadlock in
the follow scenario:
A service is started with `exec` or `exec_start`
The same service sets sys.powerctl indicating to the system to
shutdown
The same service then waits infinitely
In this case, init doesn't process any further commands until the exec
service completes, including the command to reboot the device.
This change causes init to immediately handle sys.powerctl and reboot
the device regardless of the state of the event queue, wait for exec,
or wait for property conditions.
Bug: 37209359
Bug: 37415192
Test: Init reboots normally
Test: Update verifier can reboot the system
Change-Id: Iff2295aed970840f47e56c4bacc93001b791fa35
(cherry picked from commit 98ad32a967)
(cherry pick from commit 24aa9a41e1)
Failure to open socket misbehaved and told us nothing.
Test: gTest logd-unit-tests
Bug: 37378309
Change-Id: Iec369a50ccb1027e96947465e90d9572c9f4047f
(cherry pick from commit 3614a0c5d4)
Add checking for impossible(tm) scenarios within LogBuffer::flushTo:
1) When iterating through the log entries, check if the iterator
returns two identical element references and break out of the loop.
2) Cap the maximum number of log entries we will skip while holding
the iterator lock at 4194304, break out of the loop.
We print a message to the kernel logs if we hit these cases.
ToDo: Remove this paranoia at some future date.
Test: gTest liblog-unit-tests logcat-unit-tests and logd-unit-tests
Bug: 37378309
Change-Id: I789594649db14093238828b9f6d1daeca8b780c2
(cherry pick from commit 5836379b21)
Deal with a regression introduced in commit
5a34d6ea43 (logd: drop mSequence from
LogBufferElement) where log_time was compared against nsec() time
miscalculating the watermark boundary. When dealing with logcat
-t/-T, or any tail reading, add a margin to prune to back off by a
period of 3 seconds (pruneMargin).
Test: gTest liblog-unit-tests logcat-unit-tests and logd-unit-tests
Bug: 37378309
Change-Id: I72ea858e4e7b5fa91741ea84c40d2e7c3c4aa031
libui.so is not used by SP-HALs, so it is removed from the list of libs
exposed from the default namespace.
Also, this fixes a warning message "property value is empty" caused by
the automatically removed trailing '/' for the section 'legacy'. Since
the legacy behavior is already implemented by the linker itself, the
behavior doesn't need to specified in ld.config.txt.
Test: marlin/sailfish boots
Test: no warning message is shown
Change-Id: Ib679794d63b01c6794663dc88f1ab7e72cfb11d3
Josh Gao