tzdatacheck references files in the runtime apex so should
not be executed before the apex mounts are ready.
Test: Manual tests (see b/123270813); observed tzdatacheck running after
apex files are mounted
Bug: 123270813
Bug: 116191025
Bug: 119293618
Bug: 113373927
Change-Id: I249d127c1d568bc5025d81b0bb4187c81363d897
Ensure that only the symbols in liblog.map.txt can be used by the
platform.
Bug: 123349183
Test: build
Change-Id: I99ae5d0e8ba8f5061ec20701c941d861c9eb615d
This is essentially the same change as
bcb5ba75a5
for ld.config.vndk_lite.txt.
Bug: 124789446
Test: atest CtsBionicTestCases on marlin
Change-Id: I6b65ec4df1626d625975c9834bf96ac9ff6cc3f3
Now that we always have system mounted early, we're starting to load
various daemons during the `init` trigger and these daemons need the
environment set up from init.environ.rc, so we move it to early-init.
This shouldn't need to go any further earlier in the future, since
nothing besides ueventd should ever start in early-init.
Test: systems boot, early daemons get right environment
Change-Id: I02f425a1500377c5de3427afa7872073e77a066f
They are installed to /system/etc, not /. Hence, move
out of rootdir/ and move into the code that parse these
files (i.e. libprocessgroup).
Also, Android.mk->bp.
Test: builds
Change-Id: I1763c26f81ae51ee159552e39d252fd643c35b94
In recovery mode a separate set of cgroups should be mounted. Add a
cgroups.recovery.json file to describe cgroups mounted during recovery.
Change cgroups descriptor parset to allow cgroups and cgroups2 sections
to be omitted.
Bug: 124270406
Test: "adb reboot sideload; adb devices" shows 'sideload' as expected
Change-Id: Ic32bd2b4612ec8390064f87d4655d1bd1183d741
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
libandroidicu is used by various libraries, e.g. libxml2, minikin.
Thus, expose libandroidicu to default namespace.
libpac is only used by libjni_pacprocessor (part of framework).
libicuuc, libicui18n are not exposed to default namespace,
because everyone else, except app, should use libandroidicu.
They are exposed to classloader namespace from runtime namespace
via the work done in libnativeloader in http://r.android.com/887453
b/120786417 has more details about these 2 libraries.
Bug: 120659668
Test: m droid
Change-Id: I2cd3378f1eb94b7bb1c942738b59d7e577a5f8f0
This is a precaution in case there are dependencies on the binaries in the
old location. b/124106384 tracks eliminating them (if any).
Test: Flash and check symlinks are there with adb shell ls -l system/bin
Test: adb shell system/bin/<binary>
Bug: 113373927
Bug: 124106384
Change-Id: Ib4102fe55117611f68184102e68a10ea47de0065
Originally, vndk_lite does not include system/lib/vndk-* directory but
searching the required files in system/lib instead. However, in GSI,
they are using the vndk libs which has symbols than core variants.
To avoid this problem, allow the vendor processes in vndk_lite devices
to search system/lib prior to vndk libs.
Bug: 124063441
Test: Check boot for vndk_lite devices.
Change-Id: I89a72e9d43d6fb05f4b6d87bbd4500f8febfe970
There are tests that require access to both system and vendor libraries,
like what the linker sets up when there is no matching config section.
Test: atest cameraservice_test libsurfaceflinger_unittest perfprofd_test \
inputflinger_tests (no new failures, but 3 old ones)
Test: Internal test can load libandroid.so
Bug: 124127405
Bug: 123700170
Change-Id: I4f5cb2e09bdf1ae510259198c08c252b41249d94
This commit fixes the search paths for vendor binaries in ASAN targets.
Test: Boot aosp_walleye-userdebug to home screen
Change-Id: Id87ceee3c43098bd453f6fae4f32ea62355f922b
This change fixes the problem that apexd is delaying the entire boot
sequence while waiting for the loopback devices to be created. The delay
was as big as 50 ms per a loopback device.
With this change, apexd is started much earlier: from "on post-fs-data"
to "on init". When it is first started, it scans /system/apex to
determine the number of APEXes and creates that number of loopback
devices priori. Since then it enters into the binder loop.
When the data partition is mounted, init lets apexd to initiate the
apexd boot sequence where APEXes in /data is scanned, verified, and
activated. Since the creation of the loopback devices were requested far
before, it is very likely that dev nodes for the devices are ready at
this moment (even if not, this isn't a lose).
Bug: 123404717
Bug: 123772265
Test: compare boot times.
init_zygote_START_TIME_avg is improved from 2831ms to 2622ms on blueline
Change-Id: I12450cee44aa4d17a11def62261c2f82d3f2c718
The sys.use_memfd property is set by default to false in Android
to temporarily disable memfd, till vendor and apps are ready for it.
The main issue: either apps or vendor processes can directly make ashmem
IOCTLs on FDs they receive by assuming they are ashmem, without going
through libcutils. Such fds could have very well be originally created with
libcutils hence they could be memfd. Thus the IOCTLs will break.
Set default value of sys.use_memfd property to true once the issue is
resolved, so that the code can then self-detect if kernel support is present
on the device. The property can also set to true from adb shell, for
debugging.
Bug: 113362644
Change-Id: I0f572ef36cac2a58fe308ddb90bbeffbecdaed3b
Signed-off-by: Joel Fernandes <joelaf@google.com>
JSON supports only decimal values and therefore file mode which should
use octal values has to be represented as strings. Fix the implicit
octal-to-decimal conversion and convert from string to octal in the code.
Bug: 111307099
Test: confirmed by verifying correct file permissions
Change-Id: I3ef9de0aea259f93bf74efeffca72d37d4740e15
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
- package manager needs to read from /data/apex/active, hence 0750
- both /data/apex/backups and /data/apex/sessions are internal to apexd,
hence 0700
Bug: 123927167
Fixes: 123927167
Test: apex_e2e_tests, flashall -w & checked folders were created
Change-Id: I06c28328afe4945d082acd890401651bd37fcb20
As of Id663c5f284e3b4fc65ed8cb8c2da6bcf6542e034, the asan libs
are in the TARGET_COPY_OUT_X subpath of the /data/asan/ dir, rather
than just 'x' unconditionally.
Test: presubmit
Change-Id: I3a515791e237ad10703415ea532c7a089660d8e9
TARGET_COPY_OUT_PRODUCT_SERVICES can be equal to
TARGET_COPY_OUT_PRODUCT, in which case the ld.config
lines containing PRODUCT_SERVICES are redundant.
Test: make and diff
Change-Id: I1dc24eb49d37f1ab0faa6eecdb0ccc974321f4ac
Abstract usage of cgroups into task profiles that allows for changes
in cgroup hierarchy and version without affecting framework codebase.
Rework current processgroup and sched_policy API function implementations
to use task profiles instead of hardcoded paths and attributes.
Mount cgroups using information from cgroups.json rather than from init.rc
Exempt-From-Owner-Approval: already approved in internal master
Bug: 111307099
Test: builds, boots
Change-Id: If5532d6dc570add825cebd5b5148e00c7d688e32
Merged-In: If5532d6dc570add825cebd5b5148e00c7d688e32
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Add cgroups.json and task_profiles.json file to be places under /etc/ on
the device to describe cgroups to be mounted and task profiles that
processes can request. This adds additional layer of abstraction between
what a process wants to achieve and how system implements that request.
Bug: 111307099
test: builds, boots
Change-Id: If92f011230ef5d24750e184bad776f30ba226f86
Merged-In: If92f011230ef5d24750e184bad776f30ba226f86
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
The vulkan runtime loads drivers into the sphal namespace and relies
on them being in the sphal search path so that it doesn't have to
hardcode /vendor/${LIB}/hw.
These paths used to be allowed, but were removed by commit 2498e1b
because they were believed not to be required. Things didn't break
immediately because the vulkan runtime has a (supposed to be
temporary) fallback to hw_get_module, which loads from
/vendor/${LIB}/hw using absolute paths.
Bug: 123600276
Test: Launch Vulkan app on device with hw_get_module disabled
Change-Id: I07ac43bc9d2d877d8f427058b2d62c62d065c558
This CL fixes the design problem of the previous mechanism for providing
the bootstrap bionic and the runtime bionic to the same path.
Previously, bootstrap bionic was self-bind-mounted; i.e.
/system/bin/libc.so is bind-mounted to itself. And the runtime bionic
was bind-mounted on top of the bootstrap bionic. This has not only caused
problems like `adb sync` not working(b/122737045), but also is quite
difficult to understand due to the double-and-self mounting.
This is the new design:
Most importantly, these four are all distinct:
1) bootstrap bionic (/system/lib/bootstrap/libc.so)
2) runtime bionic (/apex/com.android.runtime/lib/bionic/libc.so)
3) mount point for 1) and 2) (/bionic/lib/libc.so)
4) symlink for 3) (/system/lib/libc.so -> /bionic/lib/libc.so)
Inside the mount namespace of the pre-apexd processes, 1) is
bind-mounted to 3). Likewise, inside the mount namespace of the
post-apexd processes, 2) is bind-mounted to 3). In other words, there is
no self-mount, and no double-mount.
Another change is that mount points are under /bionic and the legacy
paths become symlinks to the mount points. This is to make sure that
there is no bind mounts under /system, which is breaking some apps.
Finally, code for creating mount namespaces, mounting bionic, etc are
refactored to mount_namespace.cpp
Bug: 120266448
Bug: 123275379
Test: m, device boots, adb sync/push/pull works,
especially with following paths:
/bionic/lib64/libc.so
/bionic/bin/linker64
/system/lib64/bootstrap/libc.so
/system/bin/bootstrap/linker64
Change-Id: Icdfbdcc1efca540ac854d4df79e07ee61fca559f
Getting it back in line with the normal ld.config.txt. This was missed in
http://r.android.com/854740.
Test: Flash and boot on marlin
Bug: 119867084
Bug: 113373927
Change-Id: Ic7e482133250eda20ff2c94c27bdee30e015ab5c
Support netd to load resolv Apex.
Switch namespaces when switching library paths between
/system and the APEX, so that internal library dependencies in both
locations are loaded from their own directory.
Bug: 119527674
Test: make; flash; lsof -p $(pidof netd)
Test: 1. manual test datacall/wifi work
2. manual test tethering work
3. system/netd/tests/runtests.sh
Change-Id: I3f69e85f2f529636f0ef29a2d9d71ad582c46dfb
Move APEX symlink creation to alternative module, one that
is targeted at /system not /. Also added comments to reflect
the tenuous connection between the module chosen and the
symlink creation.
Tested with:
rm -rf out/target/product/taimen/system \
&& make droid \
&& ls -l out/target/product/taimen/system/usr
Test: See above
Bug: 122985829
Bug: 123333111
Change-Id: I841dd42827ac2e082505ebf039f40fd394514e54
This change adds new socket declarations to the init scripts for the
Zygote processes. This socket is used for communication between the
System Server and the Blastula pool.
Bug: 68253328
Topic: zygote-prefork
Test: build image; flash device; launch apps
Change-Id: I5dbb87770b1a3100c6c122bb39ca854006bb0b0d
Merged-In: I5dbb87770b1a3100c6c122bb39ca854006bb0b0d
* changes:
Make libdexfile_external.so accessible from binaries and libraries in /system.
The runtime namespace needs to be visible since libopenjdk is loaded through dlopen().
There are dependencies on libdexfile_external from some central libraries
that are widely used (b/123186083).
One example is vendor/bin/hw/android.hardware.media.omx@1.0-service, which
requries the link from "system" to "runtime" in the [vendor] section.
The direct dependants are libunwindstack and simpleperf, so it's enough to
link from namespaces containing /system/{lib,lib64,bin}.
Test: Flash and boot
Test: Flash and boot with Runtime APEX enabled (http://r.android.com/q/topic:art-move-libs-to-runtime-apex)
Bug: 123186083
Bug: 113373927
Change-Id: I081aa7392c875202acdaf1185c2ff28e17ac7e76
The ICU .dat file was moved into the runtime APEX file
in commit b6d855f081c232309961f31c7c7c8a76abf79c3c.
There are some apps that know the old location and its
absence causes them to fail.
This change adds a symlink from the old directory to
the new directory. The ICU .dat file changes its name
with every ICU major release so this is simpler than
linking the file itself.
Bug: 119293618
Bug: 120853401
Bug: 122985829
Test: make droid / inspect output
Test: Confirm broken app works on an internal master build
Change-Id: I452dcb5e52975011c9ebd3db2caa621bbefedaf3
Regardless of VNDK version, use template ld.config.txt instead of
using prebuilt ld.config.txt.
Bug: 74658756
Bug: 123209911
Test: PRODUCT_EXTRA_VNDK_VERSIONS=27 m -j vndk_snapshot_package
Change-Id: I0eb527b71e56c555079c524542508a093bf53111
This reverts commit 67a09e5791.
Exempt-From-Owner-Approval: Fixes P0 failures.
Bug: 123185917
Reason for revert: media namespace needs to be introduced.
Change-Id: I0c28798a3143c1e627278c3a908207e670171416
And have the linker translate a java library path from an apex
to a linker namespace.
Bug: 122874359
Test: m, boots, gtest, run-test, CtsJdwpTests
Change-Id: I216c3509c45589d28acdac068aec53877aeb104a
Exempt-From-Owner-Approval: Carrying Jiyong's +2
It depends on libdexfile_external, libnative{bridge,helper,loader} and
libart(d), which are provided by the Runtime APEX.
Test: flash & boot
Test: atest CtsJdwpTestCases
Bug: 113373927
Change-Id: I0df99f444e892c47a5f06bd1bcf5d184defb4517
This will be used for system internals to access
secondary volumes without having to bypass sdcardfs.
This reverts commit 54b8844b13
Bug: 121277410
Test: manual
Change-Id: Id5b995dc5899b5999f1dea662ba1c3ee475a0e46
It's replaced with entries in PRODUCT_PACKAGES_DEBUG in
build/make/target/product/base_system.mk
Test: treehugger
Change-Id: I4dc69c34ddc2c494fc74bc4afee6efa240c9b0d3
This reverts commit 2599088ff6.
Reason: Breaks some 3p apps.
Bug: 122920047
Test: run the app, login.
Change-Id: Idea332b1f91e9d2ac6ebd3879da7820c8ba2284f
*/build.prop files are now loaded much earlier than before; from 'on
post-fs' to the time when the property service is started which is
before init starts the action loop.
This ensures that all processes that are launched by init have a
consistent view of system properties. Previously, the processes that
started before 'on post-fs' were initially with the small number of
sysprops loaded from */default.prop and then suddenly get additional
sysprops from */build.prop while they are executing.
Bug: 122714998
Test: device boots
Change-Id: Ic07528421dfbe8d4f43673cea41175d33cfbf298
This will be used for system internals to access
secondary volumes without having to bypass sdcardfs.
Bug: 121277410
Test: manual
Change-Id: I6546fa8df419157b3c2adcf5ff3faa4db4458cff
Bionic libs, regardless of whether they are bootstrap ones or from the
runtime APEX, are available via /system/lib. Since /system/lib is in the
search paths of the default(platform) namespace, there is no need to
list the bionic libs to the namespace link to the runtime namespace.
Bug: 120266448
Test: m; device boots
Test: atest CtsJniTestCases CtsCompilationTestCases CtsBionicTestCases
all passing except for following tests that are also failing at ToT
dl#exec_linker
dl#exec_linker_load_from_zip
dl#exec_linker_load_self
dl#exec_linker_load_file
Change-Id: Ib67acd4f384b2f0e70b5fe8ec6b45a5506367223
This change makes the bionic libs and the dynamic linker from the
runtime APEX (com.android.runtime) available to all processes started
after apexd finishes activating APEXes.
Specifically, the device has two sets of bionic libs and the dynamic
linker: one in the system partition for pre-apexd processes and another
in the runtime APEX for post-apexd processes. The former is referred as
the 'bootstrap' bionic and are located at
/system/lib/{libc|libdl|libm}.so and /system/bin/linker. The latter is
referred as the 'runtime' bionic and are located at
/apex/com.android.runtime/lib/bionic/{libc|libdl|libm}.so and
/apex/com.android.runtime/bin/linker.
Although the two sets are located in different directories, at runtime,
they are accessed via the same path: /system/lib/* and
/system/bin/linker ... for both pre/post-apexd processes. This is done
by bind-mounting the bootstrap or the runtime bionic to the same path.
Keeping the same path is necessary because there are many modules and
apps that explicitly or implicitly depend on the fact that bionic libs
are located in /system/lib and are loaded into the default linker
namespace (which has /system/lib in its search paths).
Before the apexd is started, init executes a built-in action
'prepare_bootstrap_bionic' that bind-mounts the bootstrap bionic to the
mount points. Processes started during this time are provided with the
bootstrap bionic. Then after the apexd is finished, init executes
another built-in action 'setup_runtime_bionic' which again mounts the
runtime bionic to the same mount points, thus hiding the previous mounts
that target the bootstrap bionic. The mounting of the runtime bionic
(which is only for post-apexd processes) is hidden from pre-apexd
processes by changing propagation type of the mount points to 'private'
and execute the pre-apexd processes with a new mount namespace using
unshare(2). If a pre-apexd process crashes and re-launched after the
apexd is on, the process still gets the bootstrap bionic by unmounting
the runtime bionic which effectively un-hides the previous bind-mounts
targeting the bootstrap bionic.
Bug: 120266448
Test: device boots
Test: cat /proc/`pidof zygote`/mountinfo shows that
/system/lib/{libc|libdl|libm}.so and /system/bin/linker are from the
runtime APEX
Test: cat /proc/'pidof vold`/mountinfo shows that the same mount points
are from system partition.
Change-Id: I7ca67755dc0656c0f0c834ba94bf23ba9b1aca68
Treehugger Robot