From https://engdoc.corp.google.com/eng/doc/devguide/cpp/styleguide.md:
"Prefer using return values over output parameters: they improve
readability, and often provide the same or better performance (see the C++
Primer)." Implement this advice for ExtractBlockDeviceName(). This patch
does not change any functionality.
Bug: 194450129
Test: mm libfs_mgr libdm_test
Merged-In: I6363781163eba08e6128507b403200f472f68a59
Change-Id: I7d340b33281ebccded0836cd0b5a293e941f4043
Ignore-AOSP-First: Already in AOSP.
Signed-off-by: Bart Van Assche <bvanassche@google.com>
Improve code readability by renaming 'device' into 'loop_device' and
'device_fd' into 'loop_fd'.
Bug: 194894000
Test: Built Android images and installed these on an Android device.
Merged-In: Ia9c2d7a525e727f8706e66631b97fc4678c6a4d9
Change-Id: I3fa0c9ca53277b621bb5b81aca394a3079c6e0a3
Ignore-AOSP-First: Already in AOSP.
Signed-off-by: Bart Van Assche <bvanassche@google.com>
The KeyMint TA may send responses that are longer thant the 8K buffer
that the KeyMint HAL holds. This patch introduces
trusty_keymaster_call_2 which can grow the receive buffer on demand.
Ignore-AOSP-First: No mergepath from AOSP.
Bug: 195622501
Test: VTS and CTS test for regression testing.
Change-Id: Ia06e590e547e649ca81cda9a71851f334970788f
This change adds the RPK apk back into the image for Trusty Keymint
devices, though the functionality will still be disabled by the
server check-in for now.
Ignore-AOSP-First: Will be CP'ed to AOSP
Bug: 194509629
Test: atest RemoteProvisionerUnitTests
Change-Id: Ic20ca119bd9c0614f7559b24ad60718c813a0cca
This is a corner case wherein a crash during OTA
merge can lead to missing of some COW operations to be
merged thereby some blocks may end up with stale data.
Fix here is to avoid any re-ordering of COW operations.
Merge the COW operations as present in the COW file.
New tests have been added to cow_snapuserd.
Bug: 194955361
Test: cow_snapuserd_test, Incremental OTA
Signed-off-by: Akilesh Kailash <akailash@google.com>
Merged-In: Id895fe7a3d6b4510676490a86d0caf62dec9b079
Change-Id: I14900b9537c4deb7824547e1dfe80f15274bdda4
Ignore-AOSP-First: manual merge from aosp
This reverts commit 1c51525f66 because it
accidentally made reboot_on_failure be a no-op for all services. This
is because Reap() itself calls KillProcessGroup() on devices with a
vendor level >= R, which in turn sets SVC_STOPPING. I had overlooked
this somehow, probably because I didn't consider that a service can
consist of multiple processes.
It turns out that real FDE devices don't actually need the above commit
because FDE devices aren't allowed to have updatable apexes enabled, and
without updatable apexes enabled, apexd exits automatically and
therefore doesn't have to be stopped. This can be verified by using the
aosp_cf_x86_phone_noapex build target, rather than aosp_cf_x86_phone
which I had used for testing before. So just revert it for now.
Bug: 194370048
Change-Id: I90eddf2a87397449b241e5acaaa8d4a4241d73a9
(cherry picked from commit d14a178d01)
Merged-In: I90eddf2a87397449b241e5acaaa8d4a4241d73a9
Revert "Add systrace tag for system property"
Revert "Add systrace tag for system property"
Revert "Adding system property tracing"
Revert submission 1403568-sysprop_trace
Reason for revert: makes property get/set non-reentrant
Reverted Changes:
I6f85f3f52:Add systrace tag for system property
Id2b93acb2:Adding system property tracing
Id78992d23:Add systrace tag for system property
I1ba9fc7bd:Add systrace tag for system property
Ignore-AOSP-First: b/193050299#comment17
Bug: 193050299
Change-Id: I9305003531c6a86194d55dc72c613337d213b53d
Merged-In: I9305003531c6a86194d55dc72c613337d213b53d
Test: build and boot a device
(cherry picked from commit 18e0f65cbf)
- Invoke TrustyKeymaster::ConfigureVendorPatchlevel() from
remote keymint Initialize(), using vendor patchlevel retrieved
from property.
- Add TrustyKeymaster::ConfigureVendorPatchlevel() method to
send the CONFIGURE_VENDOR_PATCHLEVEL message.
- Add message type values for
CONFIGURE_{VENDOR,BOOT}_PATCHLEVEL messages.
Bug: 193423844
Test: manual VTS test on device
Merged-In: Ie42345112b08ef9c669535cef2de60ea77da15b4
Change-Id: Ie42345112b08ef9c669535cef2de60ea77da15b4
Ignore-AOSP-First: manual merge from aosp
We add a wakelock to the sequence of UFS commands so that
the sequence will not be disrrupted when devices get suspended.
Bug: 193456223
Test: Trusty storage tests
Merged-In: Ib90f8b284017cf261d2a2aea940834a42c21de02
Change-Id: Ib90f8b284017cf261d2a2aea940834a42c21de02
The function send_ufs_rpmb_req is missing return paths on errors.
This patch fixes it so that any UFS command failure will return
error code to the function caller.
Bug: 193855098
Test: Trusty storage tests
Merged-In: I391ecff9ed3f892b7c3adae0ceeb18930791326f
Change-Id: I391ecff9ed3f892b7c3adae0ceeb18930791326f
Since installation time is also critical and sometime we want a finer
control on its behavior for vendor. Instead of set dex2oat to background
group, add a new task profile.
The default policy is to mirror SP_BACKGROUND to be compatible with
legacy devices.
Test: Boot
Bug: 188947181
Signed-off-by: Wei Wang <wvw@google.com>
Change-Id: I7d5e113d1c368205f712eadad27775de226131ce
If a bootconfig argument has a list of values, it has a space between
them in /proc/bootconfig.
Example:
BOARD_BOOTCONFIG := parameter=value1,value2,value3
In /proc/bootconfig, it looks like:
parameter = "value1", "value2", "value3"
Before this CL, that example would end up with the value string of:
"value1, value2, value3"
To keep consistent behavior with kernel cmdline the value string should be:
"value1,value2,value3"
Test: Boot cuttlefish with test bootconfig params and verify ro.boot.*
Bug: 192257482
Merged-In: Iccdec451f53330162fa2c9ad2b7c2630f32b4168
Change-Id: Iccdec451f53330162fa2c9ad2b7c2630f32b4168
When a new process is launched it ensures that all files under its uid/
and uid/pid hierarchy are accessible by the user/group of that process.
If the directory already exists that means the access permissions have
been already set before, therefore we do not need to reset them again.
This also avoids a race between two processes in the same uid with one
process being launched and walking the uid/ directory while the other
process is being killed and changing the content of that directory. In
such a race the process walking uid/ might find the uid/pid directory of
the process being killed but by the time it tries to set its permissions
the directory might be removed because the process got killed. The
change eliminates the possibility of this race.
Bug: 192421915
Bug: 192512069
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: I182298c36f6b0b4580ab59e440bd3aea16f5fbfe
This change includes the code necessary to communicate to the
IRemotelyProvisionedComponent backend implementation running in Trusty.
It also makes the relevant changes to the manifest XML file to add the
IRemotelyProvisionedComponent HAL.
Ignore-AOSP-First: Will cherry-pick to AOSP
Bug: 192228022
Test: atest VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: I32c30ce2dc44e95ff91574ce405f10e3b5dc9699
In some rare cases, race happens between 2 processes in the same uid.
1. Process A is dying
2. system_server calls RemoveProcessGroup() for A
3. Zygote forks Process B with the same uid of A
4. system_server calls MkdirAndChown(uid) for B
5. system_server calls MkdirAndChown(uid, pid) for B
As 2 & 4/5 belong to different threads, 2 might happens before or after
step 4/5, or even in the middle of 4/5. In such a case, 4 or 5 will
fail, leaving process B in wrong (Zygote) group.
The uid dir is only created when the corresponding apps have been
launched at least once. It's reasonable to assume one of them is going
to be launched again. Deleting and recreating the uid dir just slows
down applaunch.
Introducing a new lock in libprocessgroup can also solve the race issue.
But that will slow down the applaunch further.
Therefore, reusing the uid dir is an optimized way to solve the race.
Ignore-AOSP-First: Freezer is not a public feature yet
Bug: 192512069
Bug: 168907513
Test: Kill corresponding apps and check the uid cgroupfs dir
Change-Id: I2e91088f21f45e4eda6c709a4af65ace7e135801
The Trusty KeyMint HAL did not forward auth tokens and confirmation
tokens to the TA. This broke all per-op-bound key operations.
Ignore-AOSP-First: No mergepath from AOSP.
Test: CtsVerifier biometrics tests.
Bug: 192201272
Change-Id: Ifb2b08514acab78ff3d4fec4bc928260820d4ce0
This has kept adb_debug.prop from being installed.
Ignore-AOSP-First: fixes sc-release test breakage
Bug: 192432810
Test: build ramdisk-debug.img and see contents
Change-Id: I254579d2c6427213f40e9ae8e50d046e19390ba5
This test requires running test services, which causes test to crash
(and still incorrectly be reported as passing) when running on
non-rooted device.
Ignore-AOSP-First: reboot_test is not in AOSP yet
Bug: 190958734
Test: atest CtsInitTestCases
Change-Id: I3c5c9917d0a787d66272ccf4aefc57e6573841bc
This reverts commit 0a799bdfd6.
Now that the kernel bootconfig feature has been to updated to handle
mixed subkeys and values, androidboot.hardware parameter is supported.
Test: build and boot Cuttlefish with "androidboot.hardware=cutf_vm"
Bug: 191502832
Merged-In: I0e436a27730d20689bc6974562c3e88d744385db
Change-Id: I0e436a27730d20689bc6974562c3e88d744385db
We never use CONFIG_RT_GROUP_SCHED in GKI kernel, but that could be set
on legacy devices. Remove system cgroup migration and also RT settings
as we should not have any task under those groups.
Bug: 191925901
Test: Build
Signed-off-by: Wei Wang <wvw@google.com>
Change-Id: I492833975e28e9888e412711e80670ca0901010d
