Commit Graph

24087 Commits

Author SHA1 Message Date
Treehugger Robot 299d64144b Merge "Most accept/accept4 calls in system/core don't actually want the remote address." 2016-08-23 22:48:24 +00:00
Mark Salyzyn ee431112ff libcutils: Add ashmem_valid() function
Bug: 30310689
Change-Id: I14c52c5d52745a725799652b87c86281ac214899
2016-08-23 15:29:28 -07:00
Mark Salyzyn df7a4c6bae liblog: add __android_log_close()
Bug: 30963384
Change-Id: I901e6ac2cc3c601bbecc2d64e00a98e2ab448210
2016-08-23 15:25:03 -07:00
Mark Salyzyn 305374cf0f logger: validate hdr_size field in logger entry
- check hdr_size to make sure it is in the expected range
  from sizeof entry_v1 to entry (entry_v4).
- alter msg() method to report NULL on invalid hdr_size
- alter all users of msg() method.

Bug: 30947841
Change-Id: I9bc1740d7aa9f37df5be966c18de1fb9de63d5dd
2016-08-23 14:51:50 -07:00
Josh Gao 504d4ccd7c Merge "debuggerd: don't display fault addr for manually sent signals."
am: ad52cbb9ec

Change-Id: I34284b398c32dbdfe2074d44d316f81fc45deee8
2016-08-23 21:23:15 +00:00
Treehugger Robot ad52cbb9ec Merge "debuggerd: don't display fault addr for manually sent signals." 2016-08-23 21:03:18 +00:00
Elliott Hughes 0d2ef3dc86 Merge "debuggerd: set SOCK_NONBLOCK in accept rather than later."
am: 82b67fff06

Change-Id: I6f2e72a4847fbfac8e1ba78321be7e026f7629bd
2016-08-23 20:05:48 +00:00
Elliott Hughes 3dcfa3fb1c Most accept/accept4 calls in system/core don't actually want the remote address.
So don't write the extra code for it or waste the kernel's time
copying it around.

Change-Id: I93de64064c2d4fe58ba5b5322cfa69bf31a76dad
2016-08-23 12:50:00 -07:00
Elliott Hughes 82b67fff06 Merge "debuggerd: set SOCK_NONBLOCK in accept rather than later." 2016-08-23 19:35:54 +00:00
Josh Gao 344ca5a681 debuggerd: don't display fault addr for manually sent signals.
Bug: http://b/30819045
Change-Id: Ic8ab21298dcba6acdfa876e7c729b14b0bf2afbb
Test: `killall -TRAP surfaceflinger` no longer shows fault addr,
      crasher still does
2016-08-23 12:31:14 -07:00
Daniel Rosenberg 559cc01e3e resolve merge conflicts of 40eff95 to stage-aosp-master
Change-Id: I91935ba9603ffd41af2009adc13a024701619c52
2016-08-22 20:13:52 -07:00
Daniel Rosenberg 40eff9534e Merge changes I9f380f31,Ieab6bed7,Ia870e4be,I939b1e01,I8b723dda
* changes:
  Add skip-secondary flag
  Switch fastboot to new A/B spec
  Add Fastboot support for flashing secondary images
  Handle invalid suffix lists
  Call set_active after flashall and update
2016-08-23 02:18:33 +00:00
Elliott Hughes 33f8c194f9 Merge "liblog: use SOCK_NONBLOCK directly."
am: fca43d3ec5

Change-Id: I4d959d9091adbf8bf2d7b68653a3c6064893a65a
2016-08-23 01:20:36 +00:00
Josh Gao e4d79532de Merge "adb: increase the authentication throttling limit."
am: 393e5258f6

Change-Id: I483cf75ced8d9fb896c2f5e417d258970d7cabb1
2016-08-23 01:11:28 +00:00
Treehugger Robot fca43d3ec5 Merge "liblog: use SOCK_NONBLOCK directly." 2016-08-23 01:08:18 +00:00
Treehugger Robot 393e5258f6 Merge "adb: increase the authentication throttling limit." 2016-08-23 00:12:52 +00:00
Elliott Hughes 5ba3003467 liblog: use SOCK_NONBLOCK directly.
No need to have a race, even if it doesn't matter.

Change-Id: Ia79f2633643bc63618de0fd85953b3226415484f
2016-08-22 16:19:58 -07:00
Josh Gao 8270912ed0 Merge changes I9761298a,I8d3312b2
am: 0b4fcb75d4

Change-Id: I330c467e408bc10ebdab0f5708d24d2297cf39a2
2016-08-22 21:38:53 +00:00
Treehugger Robot 0b4fcb75d4 Merge changes I9761298a,I8d3312b2
* changes:
  adb: fix public key authorization.
  adb: add support for vendor key directories.
2016-08-22 21:34:18 +00:00
Elliott Hughes 874c674c60 debuggerd: set SOCK_NONBLOCK in accept rather than later.
Change-Id: I95586984dd7aec798d75b150be238d5f6f7c91da
2016-08-22 14:17:25 -07:00
Josh Gao c8cb38803a adb: increase the authentication throttling limit.
Previously, after 10 failed authentications, we'd sleep for a second,
and we're up to 11 vendor keys in internal now...

Bug: http://b/30927527
Change-Id: I094e830521f6a2768a880c6684f32ff1ce2a3c2e
2016-08-22 13:12:32 -07:00
Josh Gao 8a0d0773bd adb: fix public key authorization.
This was broken by commit e8b663fe, which removed the null-terminator
from the message sent. For some reason, adbd requires the key to be
null terminated, despite an explicit length being part of the message.

Bug: http://b/30971808
Change-Id: I9761298a57ed76ca2bc02b05490f98cdffbaa0c3
Test: manually tested, adb authorization dialog box shows up
2016-08-22 12:58:38 -07:00
Josh Gao 2e671202c3 adb: add support for vendor key directories.
Allow directories to be specified in ADB_VENDOR_KEYS. On Linux, monitor
this directory for new keys to be added.

Additionally, deduplicate keys by hashing their public key.

Bug: http://b/29273531
Bug: http://b/30927527
Change-Id: I8d3312b216b7f2c11900f2235f1f1b1d1c7aa767
Test: manually tested by adding a key to a directory, and verifying
      that devices became authorized after replugging.
2016-08-19 17:32:50 -07:00
Daniel Rosenberg 92b4476aa0 Add skip-secondary flag
The skip-secondary flag now replaces flash-primary. This flag will
skip over the secondary images for both flashall and update.

Change-Id: I9f380f3195006d325d6c45776bf79ecec17506ad
(cherry-picked from commit e180929866)
2016-08-19 16:52:26 -07:00
Daniel Rosenberg 8091947847 Switch fastboot to new A/B spec
Slots are now referred to as a and b instead
of _a and _b. For the moment, _a and _b will
still be supported. For old devices that
support A/B, they are assumed to have 2 slots.

Bug: 29643845
Change-Id: Ieab6bed7b4977d8386dcec0afa434371f54bd63f
(cherry-picked from commit 563fcf6f69)
2016-08-19 16:52:26 -07:00
Alex Light bb9b8a5abf Add Fastboot support for flashing secondary images
Fastboot update and flashall will now flash secondary
images if provided, and if the --slot flag is not set
to 'all'. Also added flash-primary to preserve the
previous behavior, and flash-secondary to just flash
the secondary images.

Fixes from: I5bd2de1c1e0e6224a195b566f7dcbe383555a80a

Bug: 29278988
Change-Id: Ia870e4be55617c0eefa4e1381287f8cd14affe7e
(cherry-picked from commit 6c98509c34)
2016-08-19 16:52:26 -07:00
Daniel Rosenberg ad3d3c184e Handle invalid suffix lists
Some devices will report an error string as a value
when unknown variables are queried. This can lead to
unexpected behavior, so we attempt to detect this case
by seeing if the suffix list doesn't make sense.

Change-Id: I939b1e01c40ddc05d881fd54423406db250cc8e5
(cherry-picked from commit 190d968414)
2016-08-19 15:31:01 -07:00
Daniel Rosenberg 1345409537 Call set_active after flashall and update
If the device has previously failed to boot, and the current slot is
marked as unbootable, we must call set_active to reenable the slot.

Bug: 29827625
Change-Id: I8b723dda80e246b48e5967aff4503c3d120bfb9b
(cherry-picked from commit 9c9a6c62e5)
2016-08-19 15:31:01 -07:00
Dmitriy Filchenko 97e3cb7074 Merge "Remove process_name.c"
am: e5b7ad1c39

Change-Id: I8f98f5fe9ff526ed8780971eddef128ed46de271
2016-08-19 01:30:34 +00:00
Treehugger Robot e5b7ad1c39 Merge "Remove process_name.c" 2016-08-19 01:26:39 +00:00
Dmitriy Filchenko 1bb49f483b Remove process_name.c
BUG: 29824203

Change-Id: I88d67cafb8ec0c4eea3db047bac0671de698ba02
2016-08-18 23:54:46 +00:00
Hung-ying Tyan 46bfc918d0 Merge "Mount /vendor and /odm early"
am: 35569e9d68

Change-Id: I9b5360bf3036fa88e770d686ab06b8f4cff80d7c
2016-08-18 05:04:43 +00:00
Treehugger Robot 35569e9d68 Merge "Mount /vendor and /odm early" 2016-08-18 05:01:14 +00:00
Hans Boehm 53bfab1f6d Merge "Fix reference counting for Assembly"
am: 3b6530507b

Change-Id: I4c5b167d34e495a8bd2a373887d0124b8f12c96a
2016-08-18 00:00:23 +00:00
Hans Boehm 3b6530507b Merge "Fix reference counting for Assembly" 2016-08-17 23:56:09 +00:00
Hung-ying Tyan 99c4a8a6b3 Mount /vendor and /odm early
Right now these two partitions are mounted in the fs stage of the init
process. As a result, many vendor/ODM files needed earlier in the boot
process (e.g., init.<hardware>.rc, fstab.<hardware>.rc,
uevent.<hardware>.rc, SELinux policy files etc) can only live on the root
partition.

To prevent vendors/ODMs from polluting the root partition, this patch makes
it possible to mount the vendor and ODM partitions in the first stage of the
init process. The fstab info of both partitions to be mounted early is
composed from new kernel cmdline arguments android.early.prefix and
android.early.fstab.

For example, with:
android.early.prefix=/sys/devices/1010000.msdc0/mmc_host/mmc0/mmc0:0001/block/mmcblk0/
android.early.fstab=mmcblk0p10+/odm+ext4+ro+verify\nmmcblk0p09+/vendor+ext4+ro+verify

the final fstab string will be:
/sys/devices/1010000.msdc0/mmc_host/mmc0/mmc0:0001/block/mmcblk0/mmcblk0p10 /odm ext4 ro verify
/sys/devices/1010000.msdc0/mmc_host/mmc0/mmc0:0001/block/mmcblk0/mmcblk0p09 /vendor ext4 ro verify

The android.early.prefix is optional. When it is missing, the final fstab
string will be directly converted from android.early.fstab.

This patch also makes sure that the early mounted partitions are dm-verity
enabled so that they are trust worthy to store system files.

BUG=27805372

Change-Id: I3cf32482a5ec65445ba3aedab2164c7ba8f12694
2016-08-17 17:21:35 +08:00
Hans Boehm e74dec4a39 Fix reference counting for Assembly
Use correct memory ordering.

Start the reference count at zero instead of one, thus giving us a
chance to actually deallocate something.

Remove remaining (unused) inclusions of cutils/atomic.h from
libpixelflinger.

Bug: 30838047

Change-Id: I3c6fd4a4861b3635cf398ca2aa3e915118100b10
2016-08-16 10:12:43 -07:00
Narayan Kamath 388a65d146 Merge "zip_archive: Improve error message on fallocate failure."
am: 704d818ec1

Change-Id: Ic1ab5e824dcc2b6a78e8ceb29732185ad5da1987
2016-08-16 09:03:04 +00:00
Narayan Kamath 704d818ec1 Merge "zip_archive: Improve error message on fallocate failure." 2016-08-16 08:55:46 +00:00
Hans Boehm 23c857ebd6 Make RefBase more robust and debuggable
This prevents two different kinds of client errors from causing
undetected memory corruption, and helps with the detection of others:

1. We no longer deallocate objects when the weak count goes to zero
and there have been no strong references.  This otherwise causes
us to return a garbage object from a constructor if the constructor
allocates and deallocates a weak pointer to this. And we do know
that clients allocate such weak pointers in constructors and their
lifetime is hard to trace.

2. We abort if a RefBase object is explicitly destroyed while
the weak count is nonzero.  Otherwise a subsequent decrement
would cause a write to potentially reallocated memory.

3. We check counter values returned by atomic decrements for
plausibility, and fail immediately if they are not plausible.

We unconditionally log any cases in which 1 changes behavior
from before. We abort in cases in which 2 changes behavior, since
those reflect clear bugs.
In case 1, a log message now indicates a possible leak. We have
not seen such a message in practice.

The third point introduces a small amount of overhead into the
reference count decrement path. But this should be negligible
compared to the actual decrement cost.

Add a test for promote/attemptIncStrong that tries to check for
both (1) above and concurrent operation of attemptIncStrong.

Add some additional warnings and explanations to the RefBase
documentation.

Bug: 30503444
Bug: 30292291
Bug: 30292538

Change-Id: Ida92b9a2e247f543a948a75d221fbc0038dea66c
2016-08-13 11:17:51 -07:00
Josh Gao 60083bed75 Merge "debuggerd: remove unnecessary arguments."
am: 7a746f3a68

Change-Id: I0a01639dd3096372eb5bbbe28362cdbf1c1da4af
2016-08-13 00:38:54 +00:00
Josh Gao 7a746f3a68 Merge "debuggerd: remove unnecessary arguments." 2016-08-13 00:29:29 +00:00
Josh Gao 81a3f71e45 Merge "Clean up key handling in adb."
am: b859830450

Change-Id: I8d8ff82167a97e89eacbfcc97f3b704466927aa3
2016-08-12 21:21:57 +00:00
Josh Gao b859830450 Merge "Clean up key handling in adb." 2016-08-12 21:11:26 +00:00
Josh Gao 4c4a172ee9 Merge "debuggerd: remove useless timeout from wait_for_signal."
am: 5f2bc28ebf

Change-Id: Iee4f22c04ad330c91f86ca03583f8e36b2816039
2016-08-12 20:02:10 +00:00
Josh Gao 5f2bc28ebf Merge "debuggerd: remove useless timeout from wait_for_signal." 2016-08-12 19:52:55 +00:00
Josh Gao a04c80255c debuggerd: remove unnecessary arguments.
These were previously required when bionic used tgkill to reraise
signals, but now that we use rt_tgsigqueueinfo to reraise signals, they
are no longer necessary.

Change-Id: I46ba9f14039a727d0a2c4c3a9d93a3532ba8f263
2016-08-12 11:00:18 -07:00
Josh Gao f5a960a187 debuggerd: remove useless timeout from wait_for_signal.
The watchdog already handles things for us, so the timeout logic in
wait_for_signal is pointless.

Change-Id: Id81ad5f294068216b73e04c4e2ceca072ae1bbc0
2016-08-12 11:00:18 -07:00
Greg Kaiser 0c8a67bbfd Merge "fastboot: Don't leak file in error case"
am: 3a197b3799

Change-Id: Ieaab2ed5c1619f75fa4c334d61afaf858ad7d46c
2016-08-12 17:45:32 +00:00
Treehugger Robot 3a197b3799 Merge "fastboot: Don't leak file in error case" 2016-08-12 17:34:49 +00:00