We never use CONFIG_RT_GROUP_SCHED in GKI kernel, but that could be set
on legacy devices. Remove system cgroup migration and also RT settings
as we should not have any task under those groups.
Bug: 191925901
Test: Build
Signed-off-by: Wei Wang <wvw@google.com>
Change-Id: I492833975e28e9888e412711e80670ca0901010d
adb_debug.prop is migrated too. And ramdisk_available is added to all
dependencies.
Bug: 187196593
Test: boot
Change-Id: I59cd149e0021211b8fd59c44b93bbf18dc8637bf
Merged-In: I59cd149e0021211b8fd59c44b93bbf18dc8637bf
Due to aosp/1708274, ref data directory is now world accessible.
We need to fix ref data directory so that it does not leak app
visibility information.
Bug: 189787375
Test: AppDataIsolationTests
Merged-In: I716852478ce0734c7038934c88c36a567c06393f
Change-Id: I351fd9763c4bdb6d3c0c9a9047de9a4f9986bd03
ART wants to optimize the time when the profile information
is saved for an app. To do so, it needs access to both, the current
profile, and the reference profile. This will allow ART to access
the ref profiles, which previously was not needed.
Test: m & flash
Bug: 185979271
Merged-In: Ie07bce81d2fba9c0b0ae4f322418e960c024e15d
Change-Id: Ie07bce81d2fba9c0b0ae4f322418e960c024e15d
(cherry picked from commit 11197dd8a81f0640ad09184138acde22d84f602a)
This reverts commit 14f6751df1.
Reason for revert: Removing libneuralnetworks_shim.so from Android S
Ignore-AOSP-First: This change is being submitted to sc-dev, which no
longer automerges from AOSP. The AOSP change is separately being
submitted in aosp/1711709
Bug: 188587379
Test: mma
Change-Id: I23acbdc31ddc488ad59225b483936905fa3652ee
There is no direct dependency in platform on this library, but we still
need a link to it from the system namespace, since adbconnection can
load it as a JVMTI agent without a class loader, and that is changing
to use the system namespace in https://r.android.com/1673312.
Test: atest CtsJdwpTestCases
Test: atest CtsJdwpTunnelHostTestCases
Bug: 130340935
Change-Id: Ia06c0f2a80226a056195fcff2f5d4dcab8f38518
On first boot, FDE devices hang on the command
'wait_for_prop apexd.status activated'. This is because apexd was
already started with the tmpfs /data, then was stopped by
vold.decrypt=trigger_shutdown_framework. Then when apexd is started
again with the real /data, it sees that apexd.status="ready" already, so
it doesn't consider itself to be starting from scratch again. So it
doesn't move apexd.status back to "activated" as expected.
Fix the above by resetting apexd.status to its initial value of the
empty string before trying to start apexd in the post-fs-data trigger.
Note that this also takes care of the userspace reboot case which was
previously handled in the userspace-reboot-requested trigger.
Also, FDE devices hang at the same place on non-first boots with default
encryption (i.e., when no PIN is set) because apexd is still running
after having been started with the tmpfs /data. This is because
vold.decrypt=trigger_shutdown_framework isn't run in that case, but
rather vold manually kills processes that have open files on /data --
which doesn't include apexd. But, apexd should be restarted too.
Fix that by using 'restart apexd' rather than 'start apexd'.
Note that these changes are needed even though FDE devices don't support
updatable APEXes, as apexd is needed regardless.
This is one of a set of changes that is needed to get FDE working again
so that devices that launched with FDE can be upgraded to Android 12.
Bug: 186165644
Test: Tested FDE on Cuttlefish. Also tested userspace reboot (with FBE)
Change-Id: I4fa57cf15d77b64d1167eaf966347d2a9d6a9b72
Now that we are activating APEX directly from /data/apex/decompressed
directory, without this permission, PackageManager fails to parse
decompressed APEX. This permission setting is same as what we have for
/data/apex/active.
Bug: 185886528
Test: atest ApexCompressionTests
Change-Id: Ief36a6ddc5760faff2c390fa913984385fda99a6
Soong generates classpaths.proto config and puts it into
/system/etc/classpaths/ for derive_classpath to read at runtime. There
is no need to plumb these values via make anymore.
Bug: 180105615
Test: m && launch_cvd; presubmit / DeviceBootTest
Change-Id: I514c5036871233ae865b972effea8321dbe4aea9
In order to simplify developer/test flow, the persistent property
persist.dbg.keep_debugfs_mounted can be set to prevent debugfs from
being unmounted on boot.
Bug: 184381659
Test: build and boot
Change-Id: I714616b361e6c8fb59633ec0763f9bd55af7df0e
Rename ro.product.enforce_debugfs_restrictions to
ro.product.debugfs_restrictions.enabled as per the sysprop naming
scheme.
Bug: 184381659
Test: build, boot
Change-Id: Ie350eefa342e7e16d31363139257ed285780e874
platform-bootclasspath module generates classpaths.proto config with
the information for derive_classpath to read and parse at runtime.
See go/updatable-bootclasspath.
Bug: 180105615
Test: m && launch_cvd; presubmit / DeviceBootTest
Change-Id: I0f4b1cfce9468fd6e3377a1d7233245e30f1ea51
Revert submission revert-1660531-max-boot-level-crypto-KFMCEDKSIV
Reason for revert: topic:vold-use-keystore2 has landed fixing the bug
Reverted changes:
Ibf63734a: Revert "Set earlyBootEnded before apex starts"
Id02f63a7: Revert "Expose AID_KEYSTORE"
Ibcedeff4: Revert "Cryptographic security for MAX_BOOT_LEVEL"
Restored changes:
Ia3b968afc:Set earlyBootEnded before apex starts
Ia69891291:Expose AID_KEYSTORE
I12530cd13:Cryptographic security for MAX_BOOT_LEVEL
Reverted-SHA1: 82cfe66794
Original commit message:
earlyBootEnded signals to keystore2 to read the database for the first
time, and start the MAX_BOOT_LEVEL system. It must therefore run
after /data is mounted and /data/misc/keystore is created, but before
apexd or odsign starts.
Bug: 176450483
Test: atest com.android.tests.odsign.OnDeviceSigningHostTest#verifyArtUpgradeSignsFiles
Change-Id: Ib9c2b4bbdddecdf73924125f9bdc75c82e1dd257
Adding in case of link required from the system image to nn apex.
Test: Run sample vendor service on cf device
Bug: 172925288
Change-Id: Ic4609cc0b73dfd5c9d39b75b22e241c30d61b753
so that this can be packaged in a filesystem(e.g microdroid)
Bug: 181093750
Test: MicrodroidTestCase
Change-Id: Ib86789de4632a32eee31fee0607d5ade8ae6b33f
Debugfs cannot be mounted in userbuilds since Android R. Since init only
mounts/unmounts debugfs during boot for debug builds, move it to
init-debug.rc.
Bug: 184381659
Test: build/boot
Change-Id: Ib51e82b99ec1eb95a2647c91855f6d4d1585040a
Metrics are written to /data/misc/odrefresh by odrefresh during early
boot, then the zygote passes them to statsd and delete the metrics
files.
Bug: 169925964
Test: manual
Change-Id: Ia39098109d59600ae8d7b197f46e9a6de18ca57c
Revert "Merge libdexfile_external into libdexfile (reland)."
Revert "Rename libdexfile_external_static to libdexfile_static (..."
Revert "Rename libdexfile_external_static to libdexfile_static (..."
Revert submission 1666119-libdexfile-noext-2
Reason for revert: broken build 7270939 on aosp-master on full-eng
Reverted Changes:
I582e49ae7:Merge libdexfile_external into libdexfile (reland)...
Iaa6a90f41:Rename libdexfile_external_static to libdexfile_st...
I4315189b2:libdexfile_external is replaced by libdexfile (rel...
Ia065119c2:Rename libdexfile_external_static to libdexfile_st...
Bug: 184929782
Change-Id: Id4830ded68e6fb3e9da0bcd8e428c46a79df3ff8
Test: forrest build for aosp-master on full-eng
Revert "Cryptographic security for MAX_BOOT_LEVEL"
Revert submission 1660531-max-boot-level-crypto
Reason for revert: broken test com.android.tests.odsign.OnDeviceSigningHostTest#verifyArtUpgradeSignsFiles on aosp-master on aosp_cf_x86_64_phone-userdebug at 7261517
Reverted Changes:
Ia3b968afc:Set earlyBootEnded before apex starts
Ia69891291:Expose AID_KEYSTORE
I12530cd13:Cryptographic security for MAX_BOOT_LEVEL
Bug: 184635938
Change-Id: Ibf63734a02a2c132142671c0fae5d0177bf46079
Test: forrest run for the broken test
This relands https://r.android.com/1644045 after fixing the build issue
in b/184239856.
Test: atest CtsSimpleperfTestCases
Bug: 143978909
Change-Id: I4315189b243503f5633f64d46a0ffedad3bebf0c
earlyBootEnded signals to keystore2 to read the database for the first
time, and start the MAX_BOOT_LEVEL system. It must therefore run
after /data is mounted and /data/misc/keystore is created, but before
apexd or odsign starts.
Bug: 176450483
Test: cuttlefish: check keystore2 logs to ensure all looks well.
Change-Id: Ia3b968afc38edf95712480e99e545ba88ea309c3
restrictions
Use the property ro.product.enforce_debugfs_restrictions to enable
debugfs restrictions instead of checking the launch API level. Vendors
can enable build-time as well as run-time debugfs restrictions by
setting the build flag PRODUCT_SET_DEBUGFS_RESTRICTIONS true which in
turn sets ro.product.enforce_debugfs_restrictions true as well enables
sepolicy neverallow restrictions that prevent debugfs access. The
intention of the build flag is to prevent debugfs dependencies from
creeping in during development on userdebug/eng builds.
Test: build and boot
Bug: 184381659
Change-Id: If555037f973e6e4f35eb7312637f58e8360c3013
Revert "Merge libdexfile_external into libdexfile."
Revert "libdexfile_external is replaced by libdexfile."
Revert "Rename libdexfile_external_static to libdexfile_static."
Revert "Rename libdexfile_external_static to libdexfile_static."
Revert "Allow dependencies from platform variants to APEX modules."
Revert submission 1658000
Reason for revert: Breaks full-eng build: b/184239856
Reverted Changes:
I4f8ead785:Avoid internal APEX stubs for libsigchain and clea...
I68affdf69:Allow dependencies from platform variants to APEX ...
I54b33784e:Rename libdexfile_external_static to libdexfile_st...
Id68ae9438:libdexfile_external is being replaced by libdexfil...
I12ac84eb4:libdexfile_external is replaced by libdexfile.
If05dbffc8:Rename libdexfile_external_static to libdexfile_st...
Ia011fa3a8:Merge libdexfile_external into libdexfile.
Change-Id: I2448810c9a863cde32b6ed98d9ed0a99cf260d34
It must run before odsign; and now runs after restorecon on /data as well.
Bug: 183861600
Bug: 180105615
Test: presubmit && cuttlefish boots
Change-Id: Iefe59d94a7a40ed1e526c189cbc2baf69156f334
To improve boottime, we want to run odsign in an asynchronous fashion;
but there are 2 places where we do need it be sync:
1) We need to know when it's done using its key, so that we lock
keyrings and advance the boot stage
2) We need to know verification is complete before we start the zygote
These are indicated by odsign using separate properties.
Bug: 165630556
Test: init waits for the properties, and proceeds when done
Change-Id: I623c24a683340961b339ed19be2f577d9293b097
TreeHugger Robot