Resolve one of the threading issues by creating a private C++ified
copy of getopt_long_r that started out its life as the bionic
getopt_long, but is reentrant. Adds a new state context for the
stderr stream called optstderr. Utilize this new function in logcat.
Control opterr and optstderr to match liblogcat expectations. Correct
and fortify const.
Alternative would be to lock around _all_ getopt callers. This has
the advantage of requiring _no_ locks that could get in the way of
using liblogcat in a signal handler. The log reader interface does
run the risk of incurring locks and heap allocations though, so there
is more work to be done for that final goal.
Test: gTest logcat-unit-tests
Bug: 35326290
Change-Id: Ibb1b374c55d357d5d7fa5ad00bfaf07ae0bc4ba5
To start Treble VTS test, a single AOSP system.img will be flashed onto
the device. The size of AOSP system.img might be different than the
system partition size on device, making locating verity metadata fail
(at the last fixed size of the partition).
This change allows disabling dm-verity on system partition when the
device is unlocked (orange device state) with invalid metadata.
BUG: 35603549
Test: Boot bullhead with a different-sized system.img, checks verity is
not enabled via:
"adb shell getprop | grep partition.system.verified"
Change-Id: Id89d023e82c78ff1902ab7a528431cf7f65e49ad
This makes init log stderr of secilc invoked to compile SELinux
policy. Having an explanation for why secilc failed is very useful for
debugging boot issues.
Test: Device with PRODUCT_FULL_TREBLE boots up just fine
Test: Modified init.cpp to reference non-existent .cil file on a device
with PRODUCT_FULL_TREBLE and confirmed that dmesg now contains the
error message from secilc saying that the file was not found.
Bug: 31363362
Change-Id: I6a3b3576daf0d6fd09e2c79bc43ae63850f44a00
- three properties: .early, .default, .late
- for tracking critical early boot times
bug: 35949600
Test: manual, getprop after boot
Change-Id: I851891518428e6e21cb43a2a6f982ab7db281d4c
Some unittests require libbinderwrapper_test_support.so and fail
because it isn't on userdebug images.
Bug: 30631078, 35804180
Test: `make dist`
(cherry picked from commit 6515f36e43082ea105115de7e34d9cd09c77220a)
Change-Id: I4d8878de8963d0cbd29d6aca4b233ba674121688
android_log_processBinaryLogBuffer and android_log_processLogBuffer
error return should have message and messageLen fields set to zero,
or to a valid-but-truncated buffer so that we can discern the
difference. This will resolve an issue with reporting content from
an uninitialized field in liblogcat should caller add --debug flag.
To enhance the debugging capability, truncated string events because
of the logger limits are provided rather than dropping the field, but
still with an error return.
Some minor coding style issues resolved. Add required, or remove
extraneous spaces. Use C-style comments only.
Test: gtest liblog-unit-tests
Bug: 27405083
Bug: 35326290
Change-Id: I4a7ddd7278fb1c582f921e1ba10e0765fadb791b
The three CIL files comprising split sepolicy are being moved from the
root directory to system and vendor directories based on whether the
file is for platform/system policy or non-platform/vendor policy.
Test: Device boots, no additional SELinux denials. This test was run
for a device which has split policy and for a device which has
monolithic policy.
Bug: 31363362
Change-Id: Ica49f0beae56be0f1cea7117e48bf2f6af8b848b
Include the ABI in seccomp causes.
Slightly improved command-line usage information.
Fix crasher for seccomp failures.
Bug: N/A
Test: crasher
Change-Id: Ie419ecfe72ee4f5ccf49c927be18350a58a66a90
This makes the build system include split SELinux policy (three CIL
files and the secilc compiler needed to compile them) if
PRODUCT_FULL_TREBLE is set to true. Otherwise, the monolitic SELinux
policy is included.
Split policy currently adds around 400 ms to boot time (measured on
marlin/sailfish and bullhead) because the policy needs to be compiled
during boot. This is the main reason why we include split policy only
on devices which require it.
Test: Device boots, no additional SELinux denials. This test is
performed on a device with PRODUCT_FULL_TREBLE set to true, and
on a device with PRODUCT_FULL_TREBLE set to false.
Test: Device with PRODUCT_FULL_TREBLE set to true contains secilc and
the three *.cil files, but does not contain the sepolicy file.
Device with PRODUCT_FULL_TREBLE set to false contains sepolicy
file but does not contain the secilc file or any *.cil files.
Bug: 31363362
Change-Id: I419aa35bad6efbc7f936bddbdc776de5633846fc
