Remove a superfluous check in fs_mgr, since those return values are
already impossible for a non-debuggable build. Replace a one time
call to __android_log_is_debuggable(), since there's no reason to
cache the value or use this symbol.
Test: build
Change-Id: Icd4bef7b616c49d304303747388d7e3018c6fcfc
Move tests in the same directory as the corresponding code, so it's
easier to see what is/isn't tested.
Fix naming of libcutils_tests (plural) to match the singular that's more
common (even though the plural makes more sense to me).
Add these two to system/core/'s TEST_MAPPING.
Remove obsolete AndroidTest.xml.
Fix a flaky (timing-dependent) libcutils test.
Test: ran tests
Change-Id: I7e0a31ff45c8a152562bf66fc97161594249366e
This patch adds support to make libcutils create and use memfd where
possible, instead of ashmem.
The libcutils library is made dynamic, since apps are still sending over
ashmem FDs to processes and we are working on moving those apps away
from ashmem. The best we can do for that is make the library work, and
force apps in the long run to move away from directly using ashmem.
Due to further complications mentioned in the 'NOTE' section of the
patch, memfd is kept disabled for now, so nothing changes yet. To enable
it, set the sys.use_memfd property (check user_debug build).
Bug: 113362644
Change-Id: I491cb7841b664db5b1c26b3e07a440a14810e182
Signed-off-by: Joel Fernandes <joelaf@google.com>
If libcutils is not a VNDK version and /dev/ashmem is not available,
then ask ashmemd for opened fd to /dev/ashmem.
We rely on SELinux policy to determine what's allowed to open
/dev/ashmem directly.
Bug: 113362644
Test: device boots (in selinux permissive mode)
Change-Id: I93c4fa6044b0bfa5282097c6c32139a8d8f67deb
Abstract usage of cgroups into task profiles that allows for changes
in cgroup hierarchy and version without affecting framework codebase.
Rework current processgroup and sched_policy API function implementations
to use task profiles instead of hardcoded paths and attributes.
Mount cgroups using information from cgroups.json rather than from init.rc
Exempt-From-Owner-Approval: already approved in internal master
Bug: 111307099
Test: builds, boots
Change-Id: If5532d6dc570add825cebd5b5148e00c7d688e32
Merged-In: If5532d6dc570add825cebd5b5148e00c7d688e32
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
When TARGET_FLATTEN_APEX is set to true, the APEXes are flattened
directly under /system/apex/<name>. Among them the runtime APEX carries
binaries such as linker, dex2oat and they need to be configured to be
executable.
Bug: 123684826
Test: Marlin/sailfish boots to the UI
Change-Id: I8ebe9dc4341410ff91ca2cb7cf95e21b0829c008
This reverts commit b5394db682.
Reason for revert: AOSP is fixed with new vendor image
Change-Id: Ie1a2e0200600214a65f4fe2250c903c8e8ce0a29
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Also add simpleperf_app_runner in shell utilities.
Bug: 118835348
Test: build and boot.
Test: run simpleperf_app_runner manually.
Change-Id: I538503dabfa8ff192f4b3029206a62613eacdf32
Introduce a new systrace tag, TRACE_TAG_RRO, for use with runtime
resource overlay.
Bug: 119761810
Test: builds
Merged-In: I7b883d107a9ae2b12bbda04b74001a68e2a904aa
Change-Id: I7b883d107a9ae2b12bbda04b74001a68e2a904aa
The header contained inline functions that called unimplemented code on
Windows. Enable building the implementations.
Bug: none
Test: make -j 50 checkbuild
Change-Id: I11b39e6f5c72fc000088182f3631a9f538474c42
In commit f4fc922f0b, we tightened the
permissions on various bin directories. Please see
https://android-review.googlesource.com/c/platform/system/core/+/822955
for details.
This change causes the Chase banking app to crash. This is because
the Chase app is using inotify_add_watch() on the /system/bin directory
and not checking the return value.
The Android Security model guarantees the immutability of files in
/system/bin, so the inotify watch is unnecessary.
Until the Chase app fixes their bug, we need to relax the permissions on
the /system/bin directory. Conceptually, this is a partial revert of
f4fc922f0b.
Bug: 119605322
Test: compiles
Change-Id: Ic72dd24cb27cff677093963bdfd0ae09bf132e08
Increase size of the NETLINK_KOBJECT_UEVENT socket receive buffer to
16M. Also, use SO_RCVBUFFORCE to override any limits set by
/proc/sys/net/core/rmem_max.
We had a couple of instances, where we lost critical uevent messages due
to receive buffer overflows.
Bug: 119933843
Change-Id: I6aab183aa0194e173f9175b47c6beb0835cf6675
Currently, /system/bin, /system/xbin, /product/bin, and /vendor/bin
are 0755, which allows any process to iterate through those
directories and list out the contents. For the vast majority of
processes, this is unnecessary. They only need to know whether a
particular binary exists or doesn't exist, but they don't need to
know the other binaries within those directories.
Allowing this is particularly problematic for SELinux. In particular,
some third party Android applications try to examine every file in
the bin directories, generating SELinux audit noise along the
way. This audit noise makes it harder to see real bugs, and falsely
implies an architectural dependency between the application and random
files in directories like /system/bin.
This change removes the ability to list the contents of the various bin
directories, preventing random probing by such apps. The ability to
execute files, or to probe a specific file by name, remain unchanged.
Addresses SELinux denials similar to the following:
avc: denied { getattr } for comm="Thread-11" path="/system/bin/atrace" dev="dm-0" ino=189 scontext=u:r:untrusted_app_27:s0:c512,c768 tcontext=u:object_r:atrace_exec:s0 tclass=file permissive=0 app=uk.co.santander.santanderUK
avc: denied { getattr } for comm="Binder:26637_2" path="/system/bin/atrace" dev="dm-0" ino=168 scontext=u:r:untrusted_app_25:s0:c512,c768 tcontext=u:object_r:atrace_exec:s0 tclass=file permissive=0 app=com.tencent.mm
avc: denied { getattr } for comm="Thread-12" path="/system/bin/apexd" dev="dm-0" ino=451 scontext=u:r:untrusted_app_27:s0:c512,c768 tcontext=u:object_r:apexd_exec:s0 tclass=file permissive=1 app=com.grppl.android.shell.CMBlloydsTSB73
Shell access to these directories continues to be allowed, to allow for
host-side CTS tests.
Also adjust the indentation of some clang directives, to make the
presubmit hooks happy.
Test: Device boots and no apparent problems.
Change-Id: Ibe75682fac1983d39f3f479a5850ab5a96f6627d
