external/sepolicy commit bca98efa575bedab68f2d5eaee2cd1fd1741962b
ensures that no permissive domains can be on user builds, and
external/sepolicy commit 3872ee396898fcb23bdc49c37fd02d81014aaa5f
re-enables enforcing mode on cameraserver.
The conditions which lead to the integrity failure detection
triggering can no longer occur. Revert the patch which relaxed
the detection.
This reverts commit 33ee84f871.
Bug: 27313768
Bug: 26902605
Change-Id: I8ee97d0858345695f9df8240de4e696f4a9ba008
Only trigger an integrity failure if a policy is reloaded or
SELinux is disabled. Don't trigger the integrity failure if
we see a permissive=1 denial, which could occur if an SELinux
domain is in permissive mode.
Bug: 27313768
Bug: 26902605
Change-Id: Ib85a2799eb6378ae8acdb965b1812d691183fdd3
pid_t is 64-bit in 64-bit mingw, but the windows process/thread
functions return a DWORD(uint32_t). Instead of promoting to a pid_t and
fixing the format strings, just use a uint32_t to store the values.
android_thread_id also cannot be a 64-bit pointer, so for windows just
force it to be a uint32_t.
libutils/ProcessCallStack only works under Linux, since it makes heavy
use of /proc. Don't compile it under Windows or Darwin.
Bug: 26957718
(cherry picked from commit 86cf941c48)
Change-Id: I8d39d1951fea1b3011caf585c983e1da7959f7c0
unique_fds are wrappers for integer file descriptors that automatically
close when they go out of scope. They are movable but not copyable and
generally mimic the semantics of std::unique_ptr
(cherry-pick from 918b9e8dc6)
Change-Id: I0657b848b6536d5ad9fc06686e240ea5c387b0ac
Test: Considerable exercise in new AIDL integration tests
Bug: None
Signed-off-by: Casey Dahlin <sadmac@google.com>
(cherry pick from commit 81f407be36)
Switch to the event list library to compose the associated event.
SideEffects: Instead of composing event on a stack buffer of 512
bytes in size, a PAGE is allocated temporarily.
Bug: 27356456
Change-Id: Ic15a87f49385834c2287ed82c26439b2c5eb4f77
(cherry pick from commit 5cecedc6e8)
Add a test to confirm exact expected content using the testframe
setup for the events log handler. Remove dependency on 512 truncation
in liblog->
android_errorWriteWithInfoLog__android_logger_list_read__data_too_large
to something more liberal.
Bug: 27356456
Change-Id: I8a53ad3a16cf16b14856efe5b95417e857c7e09b
(cherry pick from commit 67d7eafd56)
android_log_write_string8_len(android_log_context ctx,
const char *value, size_t maxlen)
Caps the supplied string to a maxlen length. Alter API to handle
a NULL pointer for the value string for this and
android_log_write_string8() and instead of returning -EINVAL,
act like a null string "" was supplied to preserve the list
location. API is also changed to report the number of characters
actually placed into the android_log_context.
Bug: 27356456
Bug: 19235719
Change-Id: I6a03d405eac1d741555dd05555513ec691e7a46e
The code assumed that snprintf would never return a value less than
the passed in size of the buffer. This is not accurate, so fix all
of the places this assumptions is made. Also, if the name is too large,
then truncate just the name to make everything fit.
Added a new set of tests for this code. Verified that the old code passes
on the _normal and _exact version of the tests, but fails with the
FORTIFY error on the _truncated version of the tests. All tests pass
on the new code.
Bug: 27324359
(cherry picked from commit 626efb78a6)
Change-Id: Iba60a926cf5a1d6b517a6bfd8c797d724f093010
(cherry pick from commit 5c77ad55d0)
Allow socket send syscall to terminate after 32 seconds if reader
stalled because of memory pressure allocating new network buffers
Add a gTest to catch regressions, add security buffer to log_dump
Bug: 27242723
Change-Id: Idaa6699d9d284e7f5f723ae0e76b3d6aa3371489
(cherry pick from commit 2ad0bd0a9b)
LogReader.h needs to be individually importable.
Fix a few others, drop includes of local includes, let them be
included in source instead and allow headers to be included
alphabetically. Was not a complete audit since goal was to
separate LogReader.h out from the pack.
Bug: 27242723
Change-Id: Ic7759ef90995e5bd285810706af33550c73cf5b5
With Type-C PD, VBUS can no longer be assumed to
to be at 5V. Read the "voltage_max" field from the
power_supply class node and export it through
BatteryProperties service.
Bug: 25229483
Change-Id: I04e32d9783a21bab375f1724758a9eeace2a047c
This change is a workaround for apps linking
libutils statically and dynamically which causes
them to crash for newer version of Android.
Bug: http://b/27313399
Change-Id: I47ac4146041b6eeef03cb605ea436719d552ec8f
This change replaces lazy get-or-create logic for
linker namespaces with the explicit one.
ApplicationLoaders.getClassLoader(..) is now resposible for
the namespace initialization for PathClassLoaders.
Bug: http://b/27189432
Bug: http://b/22548808
Change-Id: Ife987c3ca1db33a47c20f363a5ed61512be8b5a7
Move the fdevent for the framework authentication connection out of
atransport into its own static variable in adb_auth_client, since its
lifetime is completely unrelated to that of the USB connection.
Bug: http://b/27297963
Change-Id: Ie6180d0b59d133120c5755e239e76ab33ed3cc1d
(cherry picked from commit 9f48611554)
This reflects the change in PackageManager service:
frameworks/base commit 921dd754ab49df0cd580ff96503f7616c4c85f4a.
Bug: 27327503
Change-Id: Ifcc7268cd271640417b8cfc9db81ea954b491cb1
Instead of using chown, use the symlink safe lchown.
Instead of using chmod, use the symlink safe fchmodat
with AT_SYMLINK_NOFOLLOW.
Fix a bug where the SELinux filesystem creation context may
not be restored, and some memory not freed, if bind() fails.
Check the return values from the chown/chmod calls and unlink
the files if it ever fails.
Bug: 27337831
Change-Id: I3343786f5a4eefda7bbb8317f2eca16bd21003c0
Shift responsibility of preloading native libraries to the user
of the library. This lets applications that do not use jni but
depend on libnative_loader.so to avoid unnecessary preloads of
public libraries which could be expensive.
Bug: http://b/27245894
Change-Id: I12a8100de5da639c068769bca21ecebff2b2d538
Nick Kralevich