Using WriteStringToFile will hold kernfs_mutex which is a big lock,
so use WriteStringToFd instead. Besides, also support fd cache for it.
Bug: 206970384
Test: build pass
Change-Id: Id79f9e1095f52079393c58edb9a4d526f4cc6b5e
Merged-In: Id79f9e1095f52079393c58edb9a4d526f4cc6b5e
UserLifecycleTests test disables all Little cores in the course of the
test, which causes attempts to add a process into /dev/cpuset/restricted
cpuset cgroup to fail with ENOSPC error code, indicating that a process
is joining a cpuset cgroup with no online cpus. Current libprocessgroup
implementation will log an error on each such occurrence, which spams
the logs and makes it hard to analyze test results. Because this
situation does not happen in production environment (we do not offline
cpus), we can prevent flooding the logs by identifying this case,
logging an appropriate error one time and ignore all later similar errors.
Bug: 158766131
Test: adb shell "echo 0 > /sys/devices/system/cpu/cpu[0-3]/online"
Test: start some apps, observe libprocessgroup errors in the logcat
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: Ia91d8839d86787569c255481bde077be51c43d93
Merged-In: Ia91d8839d86787569c255481bde077be51c43d93
When the scratch space is mmap'ed, the metadata buffer
will be un-aligned. This may lead to alignment fault
on 32-bit systems. Address this by temporarily copying
it to buffer.
No perf impact as this code path is not in I/O path
and the copy is a for the size of metadata buffer which
is 8k.
Bug: 206426215
Test: Full and Incremental OTA on pixel
1: Compile snapuserd as 32 bit and reproduced the bug on pixel.
2: With fix - OTA applied successfully.
3: Reboot the device when merge was in-flight as the fix is primarily
in that path.
4: Verify merge completion and data integrity post merge.
Signed-off-by: Akilesh Kailash <akailash@google.com>
Change-Id: Icd4a21d6a61f1ab36e65994c06a4d049a2ee741c
Merged-In: I63c0d862057ebf138c9d1696a942030e30598739
This change only *adds* /system_ext/etc/selinux to the debug policy
search path, and does not change any preconditions to load the debug
policy. The device still needs to be bootloader-unlocked and has the
debug ramdisk flashed to be able to use the debug policy. The only thing
changed is that now the debug policy can be loaded from /system_ext or
/debug_ramdisk when system partition is compliance testing GSI.
The debug policy in the boot ramdisk may be outdated if the system
partition is flashed with a image built from a different revision.
This happens frequently when running the compliance testing VTS, where
the device is flashed with (A) GSI and (B) device vendor image & debug
boot image, and (A) and (B) are built from different git revisions.
To address this, we install a copy of the debug policy under
/system_ext, so that the version desync between (A) & (B) wouldn't be a
problem anymore because (A) no longer relies on the debug policy file
from (B).
Bug: 188067818
Test: Flash RQ2A.201207.001 bramble-user with debug ramdisk & flash
gsi_arm64-user from master, device can boot and `adb root` works
Change-Id: I4d6235c73472e4d97619b2230292e6a0bc4b3e05
Merged-In: I4d6235c73472e4d97619b2230292e6a0bc4b3e05
(cherry picked from commit 650b29d2349253a0dd6000564ccb2c19b51352db)
While llkd helps in discovering issues in apps which leave zombies, it
creates issues for dogfooders when apps are killed. Disable it by
default.
Bug: 202411543
Test: boot and check llkd not running
Test: `setprop ro.llk.enable true` enables llkd
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: If93bf9e981eaa3921a9da5f3160db26c4fe17e66
Merged-In: If93bf9e981eaa3921a9da5f3160db26c4fe17e66
Create a new group for dex2oat in cpu cgroup, which is dedicated for
dex2oat processes. Also modify task profiles for this change.
Bug: 201223712
Test: dex2oat group created
Change-Id: Ic61f4b8a64d01c03549b680970805e12b9ce4fcc
Merged-In: Ic61f4b8a64d01c03549b680970805e12b9ce4fcc
If a checkpointing operation is in progress, discard any write operations
that are flagged as STORAGE_MSG_FLAG_PRE_COMMIT_CHECKPOINT. In tandem
with trusty-side changes that set the flag appropriately, this avoids
the awkward case where the checkpoint is rolled back, which potentially
leads to inconsistency between the data and the superblock.
Based on Stephen's CL/1845477 "Add helper to check checkpoint state of
mounts".
Original change: https://android-review.googlesource.com/c/platform/system/core/+/1850058
Test: m storageproxyd
Bug: 194313068
Change-Id: I0924084f7f0b20018cbb71f5153469c8a686e262
Merged-In: I0924084f7f0b20018cbb71f5153469c8a686e262
(cherry picked from commit 34404f4ab1326eb179f889201dcfd04eb6002d0e)
This reverts commit 220f604ca5.
Reason for revert: from bug 202436407 it looks like the initial revert wasn't needed.
Change-Id: I81dba47ee4bc55da2d4c5212dfc1b6200719b8be
Since we are adding SCHED_SP_SYSTEM into framework, the policy is needed
on older releases as well.
Bug: 201428466
Test: Build
Signed-off-by: Wei Wang <wvw@google.com>
Change-Id: I0784820bfec84fd8ef98f2feb2caee084d0a14a2
Merged-In: I0784820bfec84fd8ef98f2feb2caee084d0a14a2
The tracing instance takes extra RAM and is not needed on devices running older kernels.
Bug: 194156700
Test: manual on a Pixel device
Signed-off-by: Alexander Potapenko <glider@google.com>
Merged-In: I794062741688ebea0e4bc500723a966f8f646ee1
Change-Id: Ie8614e67a89cea67bed88427820fefdf110713c9
The main users of this instance are KFENCE and MTE-aided KASAN, which are only supported on arm64.
Skip creation of this tracing instance on 32-bit systems to save ~6Mb memory on low-end devices.
Bug: 195089948
Bug: 194719088
Bug: 194156700
Test: manual on Pixel device
Merged-In: Icaf762715fed7a282b1ad738c10bcb45dc848f4d
Change-Id: I61694ce174fa745ef9fd50ca7464b5a9e1d1e011
This property will hold the major.minor part of the kernel version (e.g. "5.4"), allowing init scripts to act depending on that version, enabling and disabling certain features.
Bug: 194156700
Test: manual on a Pixel device
Signed-off-by: Alexander Potapenko <glider@google.com>
Merged-In: Icec640b8a7150b344d9aa3bc0bdbcdae050c7c45
Change-Id: I5af411e39da600e5e0f6703f3a2a4930d509e29d
Attempts a retry of the intial write or read when an RPMB command
triggers a UNIT ATTENTION condition. This causes the UA status to be
reset and hopefully result in a successful command. This runs the risk
of retrying a successful write, but we wouldn't have been able to get
the RPMB response after that write anyway due to the UA condition.
Test: m storageproxyd
Bug: 194712579
Change-Id: Ib970e779365bb396756c114684c7f6e56a737ab1
Merged-In: Ib970e779365bb396756c114684c7f6e56a737ab1
(cherry picked from commit a9085181afaa80ac8b4cfb82a6762e336b1e2500)
check_scci_sense (now renamed unexpected_scsi_sense) was supposed to
return false iff the sense data was valid and did not contain an error.
This return value was inverted. Invert the return values and rename the
function to clarify its role.
Test: m storageproxyd
Bug: 195544379
Change-Id: I3b84188aabe58345a83d2fd57bb8103e730cf365
Merged-In: I3b84188aabe58345a83d2fd57bb8103e730cf365
Rewrites the buffer logging to print to the Android log instead of
stderr. The storageproxyd service is started by init and stderr is not
logged anywhere. Because we want to log sense data errors under normal
operation, we need to log to logcat instead of stderr.
Test: Define RPMB_DEBUG, build for qemu-trusty, run, inspect logcat
Bug: 195544379
Change-Id: Iecc0d4680420bb92c94be628789093888a2f1941
Merged-In: Iecc0d4680420bb92c94be628789093888a2f1941
Adds parsing and logging of SCSI errors from SG_IO calls for RPMB. Does
not alter behavior of the RPMB proxy in response to these errors.
Test: m storageproxyd
Bug: 195544379
Change-Id: I928ddebcb65aa6c305d3dcab7c64bd19d11a50fa
Merged-In: I928ddebcb65aa6c305d3dcab7c64bd19d11a50fa
Adds a file handle parameter to the debug print_buf function to allow
printing to either stdout or stderr.
Test: m storageproxyd
Bug: 195544379
Change-Id: Iade322a21312a676b3599bddafdfc43b599617ea
Merged-In: Iade322a21312a676b3599bddafdfc43b599617ea
(cherry picked from commit 3bb483b196)
Attempts a retry of the intial write or read when an RPMB command
triggers a UNIT ATTENTION condition. This causes the UA status to be
reset and hopefully result in a successful command. This runs the risk
of retrying a successful write, but we wouldn't have been able to get
the RPMB response after that write anyway due to the UA condition.
Test: m storageproxyd
Bug: 194712579
Change-Id: Ib970e779365bb396756c114684c7f6e56a737ab1
Merged-In: Ib970e779365bb396756c114684c7f6e56a737ab1
(cherry picked from commit a9085181afaa80ac8b4cfb82a6762e336b1e2500)
check_scci_sense (now renamed unexpected_scsi_sense) was supposed to
return false iff the sense data was valid and did not contain an error.
This return value was inverted. Invert the return values and rename the
function to clarify its role.
Test: m storageproxyd
Bug: 195544379
Change-Id: I3b84188aabe58345a83d2fd57bb8103e730cf365
Merged-In: I3b84188aabe58345a83d2fd57bb8103e730cf365
Rick Yiu