Commit Graph

1120 Commits

Author SHA1 Message Date
bohu 39ed7afe2b fs_mgr: fix incorrect parameter type
BUG: 117426573
Change-Id: Iffbdd3763dd19aa527bf805918a566477d122cfc
2018-10-09 10:49:44 -07:00
Igor Murashkin 4578129f86 android_filesystem_config add AID for iorapd
Add new AID for new binder native service (iorapd).

Bug: 72170747
Change-Id: I81facb3f22e1162dc49329b970532287833fcecd
2018-10-05 16:26:28 -07:00
David Pursell 6fd4b9b6b5 libcutils test: make set_sched_policy optional
set_sched_policy checks that operations related to the kernel config
CONFIG_CGROUP_SCHEDTUNE are working properly, but this config is not
required so devices without this were failing the test.

This CL splits set_sched_policy into two tests so that the policy and
timerslack tests can be skipped individually when devices don't support
them.

Bug: 113185515, 112550681
Test: libcutils_test{32,64} now pass on aosp_x86_64 emulator
Change-Id: I31638b61e033f0c96b63428a8d27d27dbc36bce3
2018-08-28 13:26:04 -07:00
Dario Freni ab5583b585 s/product-services/product_services/g
Attempting to reduce the number of different spellings we have for
"product services" partition in the codebase.

Bug: 112431447
Test: m
Change-Id: I1a87d7e040a8b1f91f973ac7d90d6360b5b54f71
Merged-In: I1a87d7e040a8b1f91f973ac7d90d6360b5b54f71
2018-08-20 17:46:42 +00:00
Dario Freni 4fa866a467 Add support for /product-services partition.
This CL is largely and adaptation of
Ie996def20e25dc1afe0c74af2096af844934b2dc

Bug: 80741439
Test: Successfully built product-services.img with one module in it, and
flashed on device. Also successfully built image with
/system/product-services and no dedicated /product-services partition.
Change-Id: I1046dfe19bf874da929c9131b76a1f85422fbb80
2018-07-23 16:14:36 +01:00
Joel Fernandes 70aa2a3475 Merge "libcutils: ashmem: Avoid doing fd checks for ashmem calls"
am: 5fd5be33e6

Change-Id: Ieed029cda8a99e528c2297005122b898452ab3d9
2018-07-17 19:28:23 -07:00
Joel Fernandes 5fd5be33e6 Merge "libcutils: ashmem: Avoid doing fd checks for ashmem calls" 2018-07-18 02:14:54 +00:00
Joel Fernandes 56cd651e7a libcutils: ashmem: Avoid doing fd checks for ashmem calls
Callers already verify that they are calling ashmem API on a valid fd by
calling ashmem_valid first. Lets make the fstat syscall only if the
ioctl returns -ENOTTY. This means in the regular case, only 1 syscall is
needed (ioctl) vs the current 2 (fstat+ioctl).

Some data to show improvements in reduction of vfs_getattr calls in the
kernel by 10x when doing a camera.

Test: Boot and camera CTS
Bug: 111418894
Change-Id: I992620bbe44355e54ba19eeac81da586c5e5a6e0
Signed-off-by: Joel Fernandes <joelaf@google.com>
2018-07-17 17:02:44 -07:00
Yi Kong f2b4259b93 Merge "libcutils: remove rather than fix the mutex."
am: 39e7a1c981

Change-Id: Ie1084574143f2d1e4b4995f7682948b77b5334b6
2018-07-14 14:27:25 -07:00
Yi Kong 39e7a1c981 Merge "libcutils: remove rather than fix the mutex." 2018-07-14 21:18:54 +00:00
Elliott Hughes 51a2cacbb9 libcutils: remove rather than fix the mutex.
Bug: 68236239
Test: ran tests
Change-Id: I53e47f99e6963bedcb0be30cf10c9187da8a047d
2018-07-13 14:53:51 -07:00
Elliott Hughes 1ecedeb0c1 Merge "cutils: move hashmap to <pthread.h>."
am: dda5fe46ac

Change-Id: I925212825eb6b91074bf519e532125953c5eb1f1
2018-07-13 13:10:57 -07:00
Elliott Hughes 9d12725cad cutils: move hashmap to <pthread.h>.
Bug: N/A
Test: builds
Change-Id: I16a470265a17ea5bd47ef76ec234907cf7ec3e4f
2018-07-13 10:54:49 -07:00
Elliott Hughes 0ba4aed7ec Merge "libcutils: remove unused open_memstream."
am: df398f2b67

Change-Id: I8b19f94b4c9e689dbd72d70fa6bd28d6c003a205
2018-07-12 09:14:25 -07:00
Elliott Hughes bf7909a521 Merge "libcutils: remove some unused API."
am: fc567a9b95

Change-Id: I114ea3f267f240ae54668807e75d077cd09228fa
2018-07-12 09:13:53 -07:00
Elliott Hughes df398f2b67 Merge "libcutils: remove unused open_memstream." 2018-07-12 16:07:04 +00:00
Elliott Hughes c35d4a5213 libcutils: remove unused open_memstream.
Bug: N/A
Test: builds
Change-Id: I3c2d8acd4dfe42fbe883b14501cd47674d84f431
2018-07-11 14:28:21 -07:00
Elliott Hughes 721e3ebf55 libcutils: remove some unused API.
Bug: N/A
Test: builds
Change-Id: Iabe42353a708afde2611b5c642775849e2e45baa
2018-07-11 14:27:32 -07:00
Bernie Innocenti d540d5630c Merge "libcutils: Simplify android_get_control_socket()"
am: 5f70ed6ee1

Change-Id: I2d4b953241ee3ba62f6bbac2edd6a3c589864a90
2018-06-28 04:15:14 -07:00
Treehugger Robot 5f70ed6ee1 Merge "libcutils: Simplify android_get_control_socket()" 2018-06-28 11:01:44 +00:00
Elliott Hughes fdd7062e09 Merge "libcutils: add OWNERS."
am: cd7244100b

Change-Id: I76a7d21a1387cc3cab77dfe95c42674dd1c0bac0
2018-06-12 15:50:18 -07:00
Treehugger Robot cd7244100b Merge "libcutils: add OWNERS." 2018-06-12 22:46:28 +00:00
Luis Hector Chavez bfe1835d82 Merge "bootstat: Remove the CAP_SYSLOG capability"
am: cefd4e56ad

Change-Id: I0a0627228434d0284b4f535942c97121d9773e14
2018-06-12 15:00:42 -07:00
Luis Hector Chavez 3276b57542 Merge "logd: Move the capabilities from file based to ambient"
am: 28cd2a02b1

Change-Id: Iaef160d039cf995f8dae104f122208660cc27985
2018-06-12 14:59:57 -07:00
Elliott Hughes 796eb71e9c libcutils: add OWNERS.
Bug: N/A
Test: N/A
Change-Id: Ia147e1dc9511810cd86a463861db3d3d7fedab9b
2018-06-12 13:58:30 -07:00
Luis Hector Chavez 0becca32bc bootstat: Remove the CAP_SYSLOG capability
This change removes the CAP_SYSLOG file based capability from bootstat,
since the intention is that it should not be accessing the logs in the
long term. In order to avoid bitrot, the fallback code that depends on
CAP_SYSLOG has also been removed.

Bug: 62845925
Test: system/core/bootstat/boot_reason_test.sh
Change-Id: I899be44ef3ac1c4d81072f801d55c928ae09bb15
2018-06-11 12:41:24 -07:00
Luis Hector Chavez d32c36c961 logd: Move the capabilities from file based to ambient
This change moves logd's capabilities from being file based to being set
by init through ambient capabilities.

Bug: 62845925
Test: sailfish:/ # grep Cap /proc/`pidof logd`/status
      CapInh: 0000000000000000
      CapPrm: 0000000440000000
      CapEff: 0000000440000000
      CapBnd: 0000000440000040
      CapAmb: 0000000000000000
      $ capsh --decode=0x440000040
      0x440000040=cap_setgid,cap_audit_control,cap_syslog
Test: liblog-unit-tests, logd-unit-tests, logcat-unit-tests
Change-Id: I28c7c4ad37ad5eafd399aef78c303ce31298a9ef
2018-06-11 10:04:11 -07:00
Inseob Kim cf5e8f1575 Merge "Support /product/bin" am: 36b61f061d
am: 931e0f268a

Change-Id: If507c7206c6e1c43e0fe5a6af411250b7879e2e3
2018-05-31 20:09:45 -07:00
Inseob Kim 25195daaca Support /product/bin
Bug: 80422611
Test: m -j succeeded and permissions of files under /product/bin are set
correctly

Change-Id: I83377d809c47c92da6b226d2853ea6a7462fb127
2018-06-01 08:33:04 +09:00
Bernie Innocenti 4351bb05ad libcutils: Simplify android_get_control_socket()
1. TEMP_FAILURE_RETRY() isn't necessary with getsockname() because
it's a synchronous syscall.

2. There's no need to allocate and free a temporary buffer for the
full pathname of the socket.

Test: Manually, as follows:
    - added temporary ALOG output
    - flashed and booted a device
    - checked expected output from all system daemons
    - removed log statements

Change-Id: I4550a2d67fdffe6aff3c1050f8eeeaca0f985fb3
2018-05-28 15:00:50 +09:00
Jiyong Park dfe433db47 Merge "Mark as recovery_available: true" am: 9f6f8bf0dc
am: d7fece5d91

Change-Id: Id59445da13aeef13784f04daebc8a96a7d506cbb
2018-05-21 22:32:36 -07:00
Jiyong Park 612210c75b Mark as recovery_available: true
Libraries that are direct or indirect dependencies of modules installed
to recovery partition (e.g. toybox) are marked as recovery_available:
true. This allows a recovery variant of the lib is created when it is
depended by other recovery or recovery_available modules.

Bug: 67916654
Bug: 64960723
Test: m -j
Change-Id: Ie59155c08890e96ce1893fa3687afcf763d7aea3
2018-05-15 09:47:04 +09:00
Gwendal Grignou b7f78ee89c Merge "allow config/sdcardfs directory to be seen for ARC++" into pi-dev
am: 232ce729f5

Change-Id: Idcd13df25a17e91b4395d3672ce52f9e24f400af
2018-05-10 18:41:50 -07:00
Gwendal Grignou 232ce729f5 Merge "allow config/sdcardfs directory to be seen for ARC++" into pi-dev 2018-05-11 01:36:14 +00:00
Logan Chien 94223374c8 libctuils: Exclude qtaguid.cpp from VNDK-SP variant
This commit excludes `qtaguid.cpp` from the VNDK-SP variant of
`libcutils.so` because the interface of `libnetd_client.so` may vary
between AOSP releases.

Besides, these functions don't work in vendor processes either because
VNDK-SP libraries are loaded in an isolated `vndk` linker namespace,
which cannot access `/system/lib[64]/libnetd_client.so` directly.  This
change makes it easier to spot the issue at build time and saves several
bytes.

Test: Build aosp_walleye-userdebug and
/system/lib[64]/vndk-sp-$VER/libctuils.so no longer exports qtaguid_*
functions.

Bug: 79329469
Change-Id: Idf6b60f6e58371ea320193641669d1e4412d62b8
Merged-In: Idf6b60f6e58371ea320193641669d1e4412d62b8
(cherry picked from commit 25b742c627)
2018-05-09 10:16:12 +08:00
Logan Chien bb783998ce Merge "libctuils: Exclude qtaguid.cpp from VNDK-SP variant" 2018-05-09 01:56:00 +00:00
Gwendal Grignou 8526413941 allow config/sdcardfs directory to be seen for ARC++
Normally, the whole configfs is mounted on /config and /config will be
word readable:

sailfish:/ $ ls -ld /config/*
drwxrwx--- 258 system package_info 0 2018-05-08 16:08 /config/sdcardfs
sailfish:/ $ ls -ld /config/
drwxr-xr-x 3 root root 0 1969-12-31 16:00 /config/

On ARC++, we only mount-bind config/sdcardfs, so it is important that
/config is set properly.

It is actually 0500, so system could not see /config/sdcardfs, even if
/config/sdcardfs is set properly:
Although root can, as system uid, we can not reach /config/sdcardfs:
:/ $ ls -ld /config
dr-x------ 3 root root 31 2018-05-02 21:56 /config
:/ $ ls -ld /config/sdcardfs
ls: /config/sdcardfs: Permission denied

With this change, system (and systemservice) is able to reach
/config/sdcardfs:
:/ $ ls -ld /config
dr-xr-xr-x 3 root root 31 2018-05-02 21:56 /config
:/ $ ls -ld /config/sdcardfs
drwxrwx--- 109 system package_info 0 2018-05-08 15:29 /config/sdcardfs

Bug: 63876697
Test: After change, package service is able to create the bindings in
/config/sdcardfs.

Change-Id: I7e9b99d7af2ad001fbb1b95bee35d494e861be78
Signed-off-by: Gwendal Grignou <gwendal@google.com>
2018-05-08 16:18:48 -07:00
Elliott Hughes 23b98f492b Remove more bogus <stdbool.h> #includes from C++.
Bug: N/A
Test: builds
Change-Id: I794cd28667c6c65b38940d8f443315ad116b7ac3
2018-05-08 13:00:06 -07:00
Logan Chien 25b742c627 libctuils: Exclude qtaguid.cpp from VNDK-SP variant
This commit excludes `qtaguid.cpp` from the VNDK-SP variant of
`libcutils.so` because the interface of `libnetd_client.so` may vary
between AOSP releases.

Besides, these functions don't work in vendor processes either because
VNDK-SP libraries are loaded in an isolated `vndk` linker namespace,
which cannot access `/system/lib[64]/libnetd_client.so` directly.  This
change makes it easier to spot the issue at build time and saves several
bytes.

Test: Build aosp_walleye-userdebug and
/system/lib[64]/vndk-sp-$VER/libctuils.so no longer exports qtaguid_*
functions.

Bug: 79329469
Change-Id: Idf6b60f6e58371ea320193641669d1e4412d62b8
2018-05-08 17:41:21 +08:00
Mika Raento 2c2e3e89b0 Systrace support for NNAPI
Change-Id: I5abf283b5fb04725ec0b8ffbb8191fbddec1766b
Bug: 78137932
Test: mm
2018-04-26 09:34:22 +01:00
Elliott Hughes 9f49508f36 Rewrite get_sched_policy_name for safety.
This way you'll get a build time error if you make the usual mistake of
adding to the enum but not adding an entry to the array.

Also improve the unit tests, and fix get_sched_policy_name's incorrect
behavior on invalid inputs.

Bug: N/A
Test: ran tests
Change-Id: Iefcb1ec9ef66267837da7a576c8be3d0cfb16cd0
2018-04-25 14:55:48 -07:00
Tim Murray 419ba9e2aa cutils: add restricted cpuset
(cherrypick of 658ae90f69 without the init.rc change)

Bug: 78197570
Test: CTS
Change-Id: I6df972950b75a839caa463ae282ad000b959e8ae
2018-04-25 14:30:37 -07:00
Tim Murray 658ae90f69 cutils: add restricted cpuset
Bug 78197570
Test: CTS
Exempt-From-Owner-Approval: owner OOO, build cop says it's fine

Change-Id: I6df972950b75a839caa463ae282ad000b959e8ae
2018-04-18 16:42:12 -07:00
Mark Salyzyn f089e1403b llkd: add live-lock daemon
Introduce a standalone live-lock daemon (llkd), to catch kernel
or native user space deadlocks and take mitigating actions.  Will
also configure [khungtaskd] to fortify the actions.

If a thread is in D or Z state with no forward progress for longer
than ro.llk.timeout_ms, or ro.llk.[D|Z].timeout_ms, kill the process
or parent process respectively.  If another scan shows the same
process continues to exist, then have a confirmed live-lock condition
and need to panic.  Panic the kernel in a manner to provide the
greatest bugreporting details as to the condition.  Add a alarm self
watchdog should llkd ever get locked up that is double the expected
time to flow through the mainloop.  Sampling is every
ro.llk_sample_ms.

Default will not monitor init, or [kthreadd] and all that [kthreadd]
spawns.  This reduces the effectiveness of llkd by limiting its
coverage.  If in the future, if value in covering kthreadd spawned
threads, the requirement will be to code drivers so that they do not
remain in a persistent 'D' state, or that they have mechanisms to
recover the thread should it be killed externally.  Then the
blacklists can be adjusted accordingly if these conditions are met.

An accompanying gTest set have been added, and will setup a persistent
D or Z process, with and without forward progress, but not in a
live-lock state because that would require a buggy kernel, or a module
or kernel modification to stimulate.

Android Properties llkd respond to (*_ms parms are in milliseconds):
- ro.config.low_ram default false, if true do not sysrq t (dump
  all threads).
- ro.llk.enable default false, allow live-lock daemon to be enabled.
- ro.khungtask.enable default false, allow [khungtaskd] to be enabled.
- ro.llk.mlockall default true, allow mlock'd live-lock daemon.
- ro.khungtask.timeout default 12 minutes.
- ro.llk.timeout_ms default 10 minutes, D or Z maximum timelimit,
  double this value and it sets the alarm watchdog for llkd.
- ro.llk.D.timeout_ms default ro.llk.timeout_ms, D maximum timelimit.
- ro.llk.Z.timeout_ms default ro.llk.timeout_ms, Z maximum timelimit.
- ro.llk.check_ms default 2 minutes sampling interval
  (ro.llk.timeout_ms / 5) for threads in D or Z state.
- ro.llk.blacklist.process default 0,1,2 (kernel, init and
  [kthreadd]), and process names (/comm or /cmdline) init,[kthreadd],
  lmkd,lmkd.llkd,llkd,[khungtaskd],watchdogd,[watchdogd],
  [watchdogd/0] ...
- ro.llk.blacklist.parent default 0,2 (kernel and [kthreadd]) and
  "[kthreadd]".  A comma separated lists of process ids, /comm names
  or /cmdline names.
- ro.llk.blacklist.uid default <empty>, comma separated list of
  uid numbers or names from getpwuid/getpwnam.

Test: llkd_unit_test
Bug: 33808187
Bug: 72838192
Change-Id: I32e8aa78aef10834e093265d0f3ed5b4199807c6
2018-04-18 14:01:56 -07:00
Mark Salyzyn 64d97d8761 lmkd: limit capability set to minimum
Set F() capability set and 'drop' lmkd from AID_ROOT to AID_LMKD uid
and from AID_ROOT to AID_LMKD and AID_SYSTEM gid.

/dev/memcg/memory.pressure defaults to root.root mode 0000, set it up
as root.system mode 0040 to allow lmkd read access.

Instrument failure to set SCHED_FIFO.

Annotate access points that require elevated capabilities.

Test: check /proc/`pidof lmkd`/status for capability set
Test: lmkd_unit_test
Bug: 77650566
Change-Id: I986081a0434cf6e842b63a55726380205b30a3ea
2018-04-16 14:51:56 -07:00
Tom Cherry 07aa2a6131 Remove vendor Wifi and BT entries from fs_config.cpp
Their capability bits are now specified in their associated init .rc
file, which is the proper place for this to be done.

A notice is added to guide developers away from using android_files to
give services Linux capabilities and to guide them away from adding
vendor/ entries.

Bug: 74554159
Test: BT, Wifi, Tethering work on walleye
Merged-In: I13c425d022b4f5c217587cdf601884ef44650ac7
Change-Id: I13c425d022b4f5c217587cdf601884ef44650ac7
(cherry picked from commit b5e5c56401)
2018-04-05 10:40:49 -07:00
Tom Cherry b5e5c56401 Remove vendor Wifi and BT entries from fs_config.cpp
Their capability bits are now specified in their associated init .rc
file, which is the proper place for this to be done.

A notice is added to guide developers away from using android_files to
give services Linux capabilities and to guide them away from adding
vendor/ entries.

Bug: 74554159
Test: BT, Wifi, Tethering work on walleye
Change-Id: I13c425d022b4f5c217587cdf601884ef44650ac7
2018-03-29 14:10:12 -07:00
Treehugger Robot 61896fc0ee Merge "Enabled SYS_MODULE capability for wifi@1.0-service" 2018-03-29 20:57:42 +00:00
Ajit Kumar b0fc2d743b Enabled SYS_MODULE capability for wifi@1.0-service
Add sys_module capability to enabled insmod operation.

Merged-In: I6436c3297e5318bd00ae3582549a11cb82ccbafd
Change-Id: I6436c3297e5318bd00ae3582549a11cb82ccbafd
(cherry picked from commit c2a059fbf0)
2018-03-29 19:34:06 +00:00
Tom Cherry 666464a180 Revert "fs_config: Move hostapd to /vendor/bin/hw"
This reverts commit 656b75c77c.

Capability bits are moving from fs_config.cpp to the associated init
scripts for daemons on /vendor.

Bug: 74554159
Test: wifi tethering works on walleye
2018-03-28 18:29:02 +00:00