* commit '2fb90dc8b2b590e674c5e433e8bf3d3f08a887c8':
debuggerd: audit pid, uid and gid on SE Linux denial
property_service: log pid,uid and gid of setprop client
Rather than assuming the UID and GID of crashing processes is
the same, report and use the actual GID that the process was
running as.
Bug: 24678424
Change-Id: I3cfc415be2feb2863a4f4b850bfd4a3267217a44
Don't allow the accidental triggering of sysrq functionality
from the keyboard. The only expected use of sysrq functionality
is via /proc/sysrq-trigger
Please see https://www.kernel.org/doc/Documentation/sysrq.txt for
additional information on /proc/sys/kernel/sysrq
Bug: 13435961
Change-Id: I60dc92a4b2b4706e8fa34a6cead9abd449f7375f
- switch to coalesce instead of merge in naming of functions
and variables. Confusing since we also to merge-sorts and
other activities in the logger.
- define maxPrune rather than using a number in the code path.
Bug: 24511000
The cost of generating and throwing away a bunch of stuff that no one
normally sees is high enough to be worth avoiding.
Here's AOSP ToT on N9...
init: (Parsing /system/etc/init/atrace.rc took 0.0112s.)
init: (Parsing /system/etc/init/bootanim.rc took 0.0094s.)
init: (Parsing /system/etc/init/crash_reporter.rc took 0.0103s.)
init: (Parsing /system/etc/init/debuggerd.rc took 0.0090s.)
init: (Parsing /system/etc/init/debuggerd64.rc took 0.0085s.)
init: (Parsing /system/etc/init/drmserver.rc took 0.0078s.)
init: (Parsing /system/etc/init/dumpstate.rc took 0.0073s.)
init: (Parsing /system/etc/init/gatekeeperd.rc took 0.0063s.)
init: (Parsing /system/etc/init/installd.rc took 0.0067s.)
init: (Parsing /system/etc/init/keystore.rc took 0.0060s.)
init: (Parsing /system/etc/init/lmkd.rc took 0.0060s.)
init: (Parsing /system/etc/init/logcatd.rc took 0.0059s.)
init: (Parsing /system/etc/init/logd.rc took 0.0068s.)
init: (Parsing /system/etc/init/mdnsd.rc took 0.0057s.)
init: (Parsing /system/etc/init/mediaserver.rc took 0.0064s.)
init: (Parsing /system/etc/init/metrics_daemon.rc took 0.0063s.)
init: (Parsing /system/etc/init/mtpd.rc took 0.0055s.)
init: (Parsing /system/etc/init/netd.rc took 0.0066s.)
init: (Parsing /system/etc/init/perfprofd.rc took 0.0057s.)
init: (Parsing /system/etc/init/racoon.rc took 0.0054s.)
init: (Parsing /system/etc/init/rild.rc took 0.0061s.)
init: (Parsing /system/etc/init/servicemanager.rc took 0.0063s.)
init: (Parsing /system/etc/init/surfaceflinger.rc took 0.0061s.)
init: (Parsing /system/etc/init/uncrypt.rc took 0.0068s.)
init: (Parsing /system/etc/init/vdc.rc took 0.0065s.)
init: (Parsing /system/etc/init/vold.rc took 0.0063s.)
0.0112+0.0094+0.0103+0.0090+0.0085+0.0078+0.0073+0.0063+0.0067+0.0060+
0.0060+0.0059+0.0068+0.0057+0.0064+0.0063+0.0055+0.0066+0.0057+0.0054+
0.0061+0.0063+0.0061+0.0068+0.0065+0.0063 = 0.1809
And here it is again with the logging disabled:
init: (Parsing /system/etc/init/atrace.rc took 0.0021s.)
init: (Parsing /system/etc/init/bootanim.rc took 0.0006s.)
init: (Parsing /system/etc/init/crash_reporter.rc took 0.0007s.)
init: (Parsing /system/etc/init/debuggerd.rc took 0.0004s.)
init: (Parsing /system/etc/init/debuggerd64.rc took 0.0005s.)
init: (Parsing /system/etc/init/drmserver.rc took 0.0005s.)
init: (Parsing /system/etc/init/dumpstate.rc took 0.0005s.)
init: (Parsing /system/etc/init/gatekeeperd.rc took 0.0005s.)
init: (Parsing /system/etc/init/installd.rc took 0.0005s.)
init: (Parsing /system/etc/init/keystore.rc took 0.0013s.)
init: (Parsing /system/etc/init/lmkd.rc took 0.0006s.)
init: (Parsing /system/etc/init/logcatd.rc took 0.0013s.)
init: (Parsing /system/etc/init/logd.rc took 0.0007s.)
init: (Parsing /system/etc/init/mdnsd.rc took 0.0005s.)
init: (Parsing /system/etc/init/mediaserver.rc took 0.0009s.)
init: (Parsing /system/etc/init/metrics_daemon.rc took 0.0008s.)
init: (Parsing /system/etc/init/mtpd.rc took 0.0011s.)
init: (Parsing /system/etc/init/netd.rc took 0.0005s.)
init: (Parsing /system/etc/init/perfprofd.rc took 0.0005s.)
init: (Parsing /system/etc/init/racoon.rc took 0.0005s.)
init: (Parsing /system/etc/init/rild.rc took 0.0005s.)
init: (Parsing /system/etc/init/servicemanager.rc took 0.0005s.)
init: (Parsing /system/etc/init/surfaceflinger.rc took 0.0005s.)
init: (Parsing /system/etc/init/uncrypt.rc took 0.0005s.)
init: (Parsing /system/etc/init/vdc.rc took 0.0005s.)
init: (Parsing /system/etc/init/vold.rc took 0.0006s.)
0.0021+0.0006+0.0007+0.0004+0.0005+0.0005+0.0005+0.0005+0.0005+0.0013+
0.0006+0.0013+0.0007+0.0005+0.0009+0.0008+0.0011+0.0005+0.0005+0.0005+
0.0005+0.0005+0.0005+0.0005+0.0005+0.0006 = 0.0181
It's less than a second, but one problem is that the cost of the current
dumping is proportional to the number of init.rc files, so the more
cleanly you factor things, the more it would cost.
Change-Id: Id96f59e7d0b082d8cfdba4bdbff43a922ba4eeee
This is the minimal change just to keep it building, and doesn't
attempt to clean up any of the code.
Change-Id: I975710322ae33d8946497df25bf85b2fe28976a4
Weave has changed some of D-Bus APIs and metrics needs to be updated
accrdingly. Command::Done is replaced with Complete(), Command::Abort
now takes error code and error messages, Command::category is removed
and Command::status is renamed to Command::state
Change-Id: Ifbfd6d852f4a328168e28484d1152a24b8c8b42b
* changes:
logd: clearAll by UID speedup
logd: clear return and deal with busy if readers locked
logd: update region lock after entry has passed to reader socket
logcat: do not exit buffer loop on error
logd: clientHasLogCredentials false negatives
In order to read the /proc/<pid> files from non-root users without
using CAP_SYS_PTRACE and CAP_DAC_OVERRIDE, use setresuid(..) and
setresgid(..) to switch to the process's user to copy off necessary
files for generating the breakpad minidump.
Bug: 24678424
Change-Id: I4a43583033587441394483ce678c40c4161808b9
procrank only exists on userdebug/eng builds. For those builds,
procrank can be executed by running "su 0 procrank" instead of
relying on the binary being setuid root. This reduces the number
of setuid binaries on Android and allows for the deletion of
SELinux policy to support this.
Bug: 18342188
Change-Id: I982283f2e0f6fbe5efaffc08501c1ec175f65373
- If doing a clear, skip accounting
- Ensure for busy checking, behind a region lock for instance, only
break out if there was something to do. Basically move the filter
actions first, and defer checking the region lock to the ends of
the loops.
Bug: 23711431
Change-Id: Icc984f406880633516fb17dda84188a30d092e01
- Propagate to caller the clearing errors, busy blocked by reader.
- For clear, perform retries within logd with a one second lul each,
telling readers to skip, but on final retry to kill all readers if
problem still persists due to block reader (or high volume logspammer).
Bug: 23711431
Change-Id: Ie4c46bc9480a7f49b96a81fae25a95c603270c33
- The reader region level indicates the location to protect, but once
it has been passed to the calling reader, then allow us to go
one beyond so that a clear or prune thread can remove the entry.
Bug: 23711431
Change-Id: I0f2389858dd8c83366c034360f67d7c363625b56
- Alter logcat to collect error(s) for open, clear, get size or set
size; moving on to other buffer ids. Then after loop completed,
report and exit for the last error reported.
Bug: 23711431
Change-Id: I63a729d27544ea8d5c6119625c1de0210be0eb70
Vote three times in /proc/pid/status to look for AID_LOG group
If not, we may default to the callers UID, and the net result is
to perform the task related to that UID. For adb logcat and
shell logcat, the UID is AID_SHELL which typically has no logs,
leaving no net action taken.
Bug: 23711431
Change-Id: I2b5900a2d37173bd995eb308ee9ecafa20602b62
If -d/-e fail, get-serialno and friends will now report an error
and return a failure status code on exit.
Also fix the behavior of -d/-e with $ANDROID_SERIAL --- -d/-e
should override $ANDROID_SERIAL, not the other way round.
I'm deleting my own comment here about always returning "unknown"
for scripts. I can't find any evidence that there are scripts
relying on that, so I think my comment meant "I fear that there
are scripts doing so".
Bug: http://b/24403699
Change-Id: Ie13a751f1137abcfe0cc6c46a0630ba5e02db676
Ensure that /data/misc/update_engine exists since it will be referenced
by selinux policy.
Bug: 23186405
Change-Id: I96e4ff341086da6474ef7f7c934f1f35bffc1439
Eventhough windows does not rely on extended os
descriptor for adbd, when android usb device is
configures as a composite device such as mtp+adb,
windows discards the extended os descriptor even
if one of the USB function fails to send
the extended compat descriptor. This results in automatic
install of MTP driverto fail when Android device is in
"File Transfer" mode with adb enabled.
https://msdn.microsoft.com/en-us/library/windows/hardware/gg463179.aspx
BUG=24583401
BUG=chromium:43409
Change-Id: I87341683a9337848cac66daf9055b0d05cedd3d3
Alex Vakulenko