It's no longer specific to make_ext4fs, will be used for mksquashfs as
well.
BUG: 27467028
Change-Id: I41b8c2b168ada45c8378dee522391edfb8f6b9a6
Signed-off-by: Mohamad Ayyash <mkayyash@google.com>
(cherry pick from commit 864e8e80e4)
- This is considered an Android Private function, not exported
for general use.
- goal is to retreive a file's content from a series of log
messages from pmsg, to be retrieved after a reboot for
transfer to a persistent location.
- files are presented in reverse sorted order, first based on
_any_ numerical content, then by alphanumeric order.
- Add a gTest for this function, relies on gTest for
liblog.__android_log_pmsg_file_write from prior to reboot.
Bug: 27176738
Change-Id: If37ef423009bd28b598b233af3bccef3429bdc22
(cherry pick from commit d4b061bde2)
- This is considered an Android Private function, not exported
for general use.
- goal is to record a file's content into a series of log
messages into pmsg, to be retrieved after a reboot for
transfer to a persistent location.
- filename reference is converted to a tag-unique
"<dirbase>:<filebase>".
- buffer and length representing the filename contents are
recorded, along with a sequence number placed into the nsec
time field to ANDROID_LOG_PMSG_FILE_MAX_SEQUENCE.
- Add a gTest for this function.
Bug: 27176738
Change-Id: If93df3ae8bfc1bb75516d4a1fd8dae0301af644b
-metrics_collector and metricsd gather and upload device metrics.
-webservd is part of the Weave (Brillo remote setup and management) stack.
Bug: 26337609
Change-Id: Icf6ce75e64293adbe773f2ee65e80629f2eeb737
* Added new kernel GID named "wakelock" (AID_WAKELOCK = 3010)
* Changed the group access for /sys/power/wake_lock and
/sys/power/wake_unlock from "system" to "wakelock"
* Added "wakelock" to the list of groups for the healthd process/service
Bug: 25864142
Change-Id: Ieabee9964cccec3107971a361a43aa9805164aa9
Add the following mount options to the /proc filesystem:
hidepid=2,gid=3009
This change blocks /proc access unless you're in group 3009
(aka AID_READPROC).
Please see
https://github.com/torvalds/linux/blob/master/Documentation/filesystems/proc.txt
for documentation on the hidepid option.
hidepid=2 is preferred over hidepid=1 since it leaks less information
and doesn't generate SELinux ptrace denials when trying to access
/proc without being in the proper group.
Add AID_READPROC to processes which need to access /proc entries for
other UIDs.
Bug: 23310674
Change-Id: I22bb55ff7b80ff722945e224845215196f09dafa
Brillo will need to run new native system services, so reserve
a reasonable UID range to accomodate them. Having 1000 UIDs will
allow us to sub-partition this range if needed.
The range can be used by any OEM, not just Brillo, so name it
accordingly.
Bug: 22555869
Change-Id: I752428ee5025bf064a35ecbe6da50c041d87b724
Using a getenv('OUT') in such a deep down function is a wrong design
choice. Replacing with explicit parameter that may be NULL in case
device specific files can be accessed from /.
Since TARGET_COPY_OUT_SYSTEM may be defined to something different than
system we also ensure that we use a path relative to TARGET_OUT to
compute path to fs_config_* files.
Bug: 21989305
Bug: 22048934
Change-Id: Id91bc183b29beac7379d1117ad83bd3346e6897b
Signed-off-by: Thierry Strudel <tstrudel@google.com>
C (but not C++) has a concept of a flexible array member, which
is documented at https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html .
Using a flexible array member indicates that the structure is
really a header for a variable length object.
In logd's case, the variable length structure android_event_string_t
was embedded within another structure called
android_log_event_string_t. This makes gcc's __builtin_object_size()
function really confused. When compiling with C++,
__builtin_object_size(android_log_event_string_t.payload.data, 1)
would return 0, whereas if you compiled the code with C, the same
call would (properly) return -1.
Code which does automatic bounds checking, such as the proposed
patch at https://android-review.googlesource.com/145411 , will
cause problems for logd if this syntax is used.
Don't try to embed a variable length structure within another
structure. This doesn't appear to be valid C nor C++, and
while it's worked, it seems problematic.
Instead, inline the structure so it's one big happy structure.
Change-Id: I8ac02b7142a4f6560f5f80df2effcf720f9896fc
(Cherry picked from commit 83e6f2606b)
Resolved conflict in include/private/android_filesystem_config.h, content
already in libcutils/fs_config.c.
Change-Id: I817707721786e9b920fef14ebe836fdcd65a8606
pixelflinger should not be used for new projects and should be moved out
of system/core at some point. As the first step, move all its headers
under system/core/libpixelflinger/include and update its Android.mk
files so they're not referring to the absolute system/core path anymore.
Change-Id: Idead273ab2c0450409d770f5402c4dba916192a9
Signed-off-by: Greg Hackmann <ghackmann@google.com>
pixelflinger should not be used for new projects and should be moved out
of system/core at some point. As the first step, move all its headers
under system/core/libpixelflinger/include and update its Android.mk
files so they're not referring to the absolute system/core path anymore.
Change-Id: I7acc3ef5b2e21d8ba6fe939ea8d3ec4c41959591
Signed-off-by: Greg Hackmann <ghackmann@google.com>
- create a structure to depict the private header
expected at logd end of socket.
- utilize this new structure instead of unscalable
byte stream technique used to unpack in logd.
Change-Id: I2d0e5c3531c279f2dc1fbd74807210ff8d804de0
Currently, /system/xbin/su is world executable. Prior to SELinux
enforcement, anyone (including third party apps) could run su.
The su code itself checks to see if the calling UID is root or shell.
Rather than relying on enforcement within the su binary, modify the
binary so it has group=shell, and remove world-execute permission.
This helps avoid some annoying SELinux denial messages as third party
apps call su on userdebug/eng builds.
Change-Id: I61c9231bb7e201d14ee3a5b6fe81b3fa7b12599f
Erik Kline