Since update-engine already has this profile set,
it is better to have similar profile for the daemon
so that threads don't run at high priority.
Additionally, lower the nice value for worker
threads.
No change in the OTA install time observed.
Bug: 237490659
Test: Full OTA on Pixel
Change-Id: I53ec8c647eb781965792683b04621e6fec5eb5f2
Signed-off-by: Akilesh Kailash <akailash@google.com>
Also adjust permissions on /dev/hw_random to allow prng_seeder group
read access.
Manual testing protocol:
* Verify prng_seeder daemon is running and has the
correct label and uid/gid.
* Verify prng_seeder socket present and has correct
label and permissions
* Verify no SELinux denials
* strace a libcrypto process and verify it reads seeding
data from prng_seeder (e.g. strace bssl rand -hex 1024)
* strace seeder daemon to observe incoming connections
(e.g. strace -f -p `pgrep prng_seeder`)
* Kill daemon, observe that init restarts it
* strace again and observe clients now seed from new instance
Bug: 243933553
Test: Manual - see above
Change-Id: I4d526844b232fc2a1fa5ffd701ca5bc5c09e7e96
Currently, tagging a symbol with #apex (# systemapi or # llndk) is not
required when the symbol is in a non-NDK library. However, this is
considered dangerous because such a symbol will automatically be
promoted to NDK APIs when the library is promoted to an NDK library.
When that happens, the native API council won't be able to notice the
promotion because promoting a non-NDK library into an NDK library
doesn't require an update of the map.txt file, but Android.bp only.
To prevent that, we should mandate those tags for Mainline APIs
regardless of whether the library the API belongs to is an NDK library
or not.
Upcoming changes in build/soong will enforce this. This change is to
prepare for the enforcement.
Note that this is a build-time only change. There's no behavior change
at runtime.
Bug: 184712170
Test: m
Change-Id: I769c5318e0cfd092f2f2b368f1a860065c79818f
This folder is used to store Thread network settings data files.
Bug: b/248145048
Test: /data/misc/threadnetwork is created.
Change-Id: I58eb3d814723c5f7acfbecef7f852d8e5336c975
F2FS gives EINVAL when trying to mount zoned device with atgc. This patch
allows to keep the single fstab to support legacy and zoned devices at the
same time.
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Change-Id: I47a667443e7e60cb6729553b2ca24026e21fd90d
This removes all remaining save/restores of errno in
fs_mgr_overlayfs.cpp.
Bug: 241179247
Test: adb-remount-test.sh
Change-Id: I8bae6eb2752fe9460763455e88f9b82ad57c10e4
This patch eliminates errno as part of the return contract for
fs_mgr_overlayfs_teardown().
The non-standard use of implicit errno makes it extremely difficult to
reason about how these functions can fail. As it turns out,
fs_mgr_overlayfs_teardown has been consistently failing for a long time,
but in a place where errno isn't set, which meant "enable-verity" never
saw the failure.
The failure was originating from umount2(MNT_DETACH) which guaranteed
that DeleteBackingImage would fail with EBUSY, and DeleteBackingImage is
a binder call that doesn't set errno.
This patch switches to umount() and returns a "busy" status if the
unmount fails with EBUSY. In this case it will also disable the scratch
partition. There is a long-standing existing bug where, for non-VAB
devices, it will delete the underlying scratch partition off super. This
is pretty risky with MNT_DETACH, but that path is left unchanged here.
Some duplicated code in set-verity-state was refactored as well, since
the return value of fs_mgr_overlayfs_teardown is now more complex.
Bug: 241179247
Test: adb-remount-test.sh
Change-Id: I2ca75332b75a302622ba9b86d122a6f2accdda3e
turn off both display after first display was turned off
Bug: 242967285
Test: charging animation can show in display correctly
Signed-off-by: Jack Wu <wjack@google.com>
Change-Id: Ie5741b49322aaf8a3750b1977fb203e4d0df3539
Conversion of the gatekeeper hidl interface to stable aidl interface.
Bug: 205760843
Test: run vts -m VtsHalGatekeeperTarget
Change-Id: I7ca82780b1f834f00c3708dea55ac6500cd08c9c
This uses an std::string, which causes a heap allocation, which is not
async-safe.
Test: atest --no-bazel-mode permissive_mte_test
Change-Id: I4bd53d42d9a6a659abe62a964f14c81d9ec059d0
This is effectively a no-op change; both packages are installed.
However, removing required and moving it to PRODUCT_PACKAGES cuts the
dependency from vendor modules to system-ext modules. This is needed for
vendor-only build test.
Test: build and see both packages are installed
Change-Id: I6620020a1eccfab08594c9be3b298611bd237f1d
This patch addresses Fastboot/Fastbootd connection issues seen on ARM Mac devices.
Original ADB patch: https://android-review.googlesource.com/c/platform/packages/modules/adb/+/1699250/
Bug: 238779161
Test: 'fastboot update <path_to_update_archive>.zip' now works on ARM Mac.
Signed-off-by: Nicolas Gagnon <nicolasgagnon@google.com>
Change-Id: Id67904d91abc8b66ef1a00962e1fd57c97df98a7
Unify all our "noinline" variants to the current most common one, not
least because the new [[noinline]] syntax is fussier about where it goes.
Test: treehugger
Change-Id: Icfcb75c9d687f0f05c19f66ee778fd8962519436
updates the relevant unit tests.
BUG=182864081
Test: Update the size check to the existing unit tests
Change-Id: I66b08884a5228e164c22c575a6f6c82a236fece2
The CallStack unwind of a different thread was broken since it
wasn't properly setting the tid value.
Fix this problem and add new unit tests to verify the behavior.
Bug: 246405269
Test: New unit tests pass.
Test: Ran unit tests for 1000 operations to verify not flaky.
Change-Id: I00342e6cdcdb4bcb68f29734dadee6c987c98040
