The debug ramdisk can only be used if the device is unlocked.
When it's used, init will load adb_debug.prop and the userdebug
sepolicy from the debug ramdisk, to allow adb root on a user build.
Bug: 126493225
Test: 'make' and checks the file is installed
Change-Id: Id6962414197fc8f47f7c07818e8fb16107dc17a3
Merged-In: Id6962414197fc8f47f7c07818e8fb16107dc17a3
(cherry picked from commit 05f07d89a6)
In previous implementation, userdebug sepoilcy and property files are
loaded from the system.img. This CL changes this to:
- first-stage init copies userdebug files from ramdisk to /debug_ramisk/*
- second-stage init loads files from /debug_ramdisk/*.
Note: same as before, the above can only be triggered, if the device
is UNLOCKED
With this, we don't have to put userdebug related files into the USER
system.img.
Bug: 126493225
Test: boot device with a ramdisk with /force_debuggable, checks related
files are loaded
Change-Id: I63f5f846e82ba78427062bf7615c26173878d8f3
Merged-In: I63f5f846e82ba78427062bf7615c26173878d8f3
(cherry picked from commit 30afda71c0)
Modify the unwinder library to indicate that at least one of the stack
frames contains an elf file that is unreadable.
Modify debuggerd to display a note about the unreadable frame and a possible
way to fix it.
Bug: 129769339
Test: New unit tests pass.
Test: Ran an app that crashes and has an unreadable file and verified the
Test: message is displayed. Then setenforce 0 and verify the message is
Test: not displayed.
Change-Id: Ibc4fe1d117e9b5840290454e90914ddc698d3cc2
Merged-In: Ibc4fe1d117e9b5840290454e90914ddc698d3cc2
(cherry picked from commit 4ae266ccbd)
right now vendor_init is forked before we set oom_adj for init which
leaves a chance vendor_init could be killed in heavy memory pressure.
this CL set the oom_adj before forking everything to ensure all native
have correct oom_adj settings.
Fixes: 130824864
Test: procrank -o
(cherry picked from commit 45d8174fe7)
Change-Id: I68c18f9db24d55239f7f0608592fcc702f04542e
There appears to be a kernel bug that causes SIGHUP and SIGCONT to be
sent to the parent process group we spawn from if the process group
contains stopped jobs (e.g. the parent itself, because of wait_for_gdb).
Call setsid in all of our children to prevent this from happening.
Bug: http://b/31124563
Test: adb shell 'setprop debug.debuggerd.wait_for_gdb 1; killall -ABRT surfaceflinger'
Change-Id: I1a48d70886880a5bfbe2deb80d48deece55faf09
(cherry picked from commit 18cb681247)
Some USB controllers only support 16k writes, so drop down to that.
Bug: http://b/130622010
Test: treehugger
Change-Id: I836d5b2d0d6fcae05f290af11a6a19c6e8d7c1ba
(cherry picked from commit 770a6a4d46)
Some app may have different cgroup settings in cpuset and schedtune for its
threads, so let blkio follow cpuset only, which represents the app's current
state more accurately. Otherwise, if that thread is doing IO, then its
performance will be affected because its blkio group is in lower priority
group as schedtune.
ex: an app is now in top-app, but some thread of it set schedtune group to
background, and blkio follows schedtune because it is called later.
Main thread:
6:schedtune:/top-app
5:memory:/
4:cpuset:/top-app
3:cpuacct:/uid_1000/pid_8766
2:cpu:/
1:blkio:/
0::/
Some thread:
6:schedtune:/background
5:memory:/
4:cpuset:/top-app
3:cpuacct:/uid_1000/pid_8766
2:cpu:/
1:blkio:/background
0::/
Bug: 124727032
Test: blkio has same settings with cpuset
Change-Id: I9a140c7d9d93e1dd43c34c8cf066f4a62e2bf604
Merged-In: I9a140c7d9d93e1dd43c34c8cf066f4a62e2bf604
This refactors the step function slightly to split it up into
distinct pieces since the code needs to handle a signal handler
versus normal step slightly differently.
Add a new error for an invalid elf.
Modify libbacktrace code to handle new error code.
Bug: 130302288
Test: libbacktrace/libunwindstack unit tests.
Change-Id: I3fb9b00c02d2cf2cc5911541bba0346c6f39b8e6
Merged-In: I3fb9b00c02d2cf2cc5911541bba0346c6f39b8e6
(cherry picked from commit d11ed86d65)
umount_all is the cleanup step for mount_all.
In particular, the mount_all builtin creates a verity device,
'postinstall-verity', for the following line:
system /postinstall ... ... slotselect_other,logical,avb_keys=...
cppreopt umounts /postinstall but doesn't destroy the postinstall-verity
device, causing OTA to fail (because it cannot destroy the
system_[other] device). umount_all also destroy the verity device.
Note that mount_all does not map system_[other]; it is mapped by
first stage init. Hence, umount_all doesn't destroy it either. The OTA
client is reponsible for unmapping the device itself.
Bug: 129988285
Test: flash, boot, then check `dmctl list devices`, then OTA
Change-Id: Id3ab65b3860b6ea6cfec310ab13652009c81f415
This reverts commit 85b5fecec9.
Reason for revert: Breaks ART tests, reverting to investigate.
Exempt-From-Owner-Approval: Revert.
(cherry picked from commit b9cc4fbb26)
Bug: 130406806
Change-Id: I634e37060b97484d627fc544e3b406fd90aaa784
On some devices (e.g., emulator), init needs to read AVB footer from
a logical partition because:
1) Dynamic/logical partition is enabled
2) The partition is AVB chained, i.e., need to locate footer from the end
3) Logical partition is not understandable by bootloader,
but there is no bootloader in this case
Bug: 125540538
Bug: 128434470
Test: boot and force the fallback path, to check it can get logical path
Change-Id: Ie304bce234cbf0f938f386f7ce59235c851e0e2d
Merged-In: Ie304bce234cbf0f938f386f7ce59235c851e0e2d
(cherry picked from commit 84d4933686)
This change allows specifying additional avb keys to verify a fstab
entry. It can be used together with the original 'avb' flag. When both
'avb' and 'avb_keys' are present, it will try to use avb_keys to verify
this partition and extract the AVB descriptor from the end of it first.
When avb_key fails, it falls back to searching the AVB descriptor in the
built-in /vbmeta (and its chained partitions) with the matched partition
name.
An example of a fstab file:
system /system ext4 ro,barrier=1 wait,slotselect,avb=vbmeta,logical,first_stage_mount,avb_keys=/avb/gsi.avbpubkey
vendor /vendor ext4 ro,barrier=1 wait,slotselect,avb,logical,first_stage_mount
The overhead of adding an additional 'avb_keys' should not be significant,
as the typical size of a AVB Hashtree descriptor for /system is usually
less than 1000 bytes. e.g., on crosshatch, it's about 600 bytes, which
takes less than 1 millisecond for the following call to return failure.
auto avb_standalone_handle = AvbHandle::LoadAndVerifyVbmeta(*fstab_entry);
We also checked the time spent on init's first stage on crosshatch, with the
following CL to set ro.boottime.init.first_stage. The testing result
shows no significant difference between them as well.
https://android-review.googlesource.com/c/platform/system/core/+/934536
With an additional avb_keys entry for /system
[ro.boottime.init.first_stage]: [728]
[ro.boottime.init.first_stage]: [720]
[ro.boottime.init.first_stage]: [722]
Without an additional avb_keys entry for /system
[ro.boottime.init.first_stage]: [730]
[ro.boottime.init.first_stage]: [728]
[ro.boottime.init.first_stage]: [725]
Bug: 124491153
Test: boot a device with above fstab settings
Change-Id: I0c81f816efb0dd40c93da2df304f2e215df9d105
Merged-In: I0c81f816efb0dd40c93da2df304f2e215df9d105
(cherry picked from commit a0f8b05d91)
As raw protocol does not allow for splitting err - it has to be redirected to inout.
Before this change it was not done for in-process and all err data was lost.
Bug: 130086616
Test: manual + atest adbd_test
Change-Id: I6cd11c940673d73e2993a6eb23c46d31bd8bf504
(cherry picked from commit 704c97d6c2)
procrank currently fails if a process gets killed while it is reading
the stats. This behavior is a regression from the previous version of
procrank and is often undesired.
Change procrank to silently ignore the process if it detects that it had
been killed while reading the stats. If the process is still around,
then print a warning about it and continue to read stats for other
processes in the system.
Fixes: 130177765
Test: Tested by deliberately killing specific process in ProcessRecord()
constructor
Change-Id: I701808c3226bb9b3a350ccf8e67fb29b59b0d4e0
Merged-In: I701808c3226bb9b3a350ccf8e67fb29b59b0d4e0
Signed-off-by: Sandeep Patil <sspatil@google.com>
In an effort to ensure that our development community does not
introduce new code without corresponding SELinux changes, Android
closely monitors the number of SELinux denials which occur during
boot. This monitoring occurs both in treehugger, as well as various
dashboards. If SELinux denials are dropped during early boot, this
could result in non-determinism for the various SELinux treehugger
tests.
Introduce /system/bin/auditctl. This tool, model after
https://linux.die.net/man/8/auditctl , allows for configuring the
throttling rate for the kernel auditing system.
Remove any throttling from early boot. This will hopefully reduce
treehugger flakiness by making denial generation more predictible
during early boot.
Reapply the throttling at boot complete, to avoid denial of service
attacks against the auditing subsystem.
Delete pre-existing unittests for logd / SELinux integration. It's
intended that all throttling decisions be made in the kernel, and
shouldn't be a concern of logd.
Bug: 118815957
Test: Perform an operation which generates lots of SELinux denials,
and count how many occur before and after the time period.
(cherry picked from commit be5e446791)
Change-Id: I283cd56151d199cd66f0d217b49115460c4a01e5
Note: fiemap_writer_test's default argument now defaults to
/data/local/unencrypted or /data (whichever exists), since there is no
way to pass arguments via AndroidTest.xml.
Bug: 129000341
Test: vts-tradefed run commandAndExit vts-kernel --primary-abi-only --module VtsFiemapWriterTest
Change-Id: I8cc2e39e170b26b53cf0a829b308171890ae82fd
Somehow the code was still including this include from libbacktrace.
I think the libbacktrace include directory was coming from some
transitive includes. I verified that nothing in debuggerd is using
the libbacktace.so shared library.
Bug: 120606663
Test: Builds, unit tests pass.
Change-Id: I85c2837c5a539ccefc5a7140949988058d21697a
Merged-In: I85c2837c5a539ccefc5a7140949988058d21697a
(cherry picked from commit 3336c7bce0)
charger needs to suspend the device when the power goes away
when it doesn't have root. These two files are marked with
group system, user system, mode 0600 in 'on boot', but
it is not executed in charger. Hence, move these actions
to 'on init'.
Test: no failure in libsuspend in charger
Bug: 129138950
Change-Id: I787b935b4ff6177601329aeedccdac361b119ca3
Vendor must be a logical partition and boot must not be a logical
partition.
Test: fuzzy_fastboot --gtest_filter=*Logical*
Bug: 117220134
Change-Id: Ifc6f2f715ca92cd1fe779e8fce2d6a10a1f140b9
Merged-In: Ifc6f2f715ca92cd1fe779e8fce2d6a10a1f140b9
(cherry picked from commit 61a5bc6cf4)
Add a new ashmem_init function that only dlopens libashmemd_client.
This allows the library to be preloaded in the zygote.
Test: boots, works
Bug: 129543489
Change-Id: Ie106791edf381654f085203c266c9f9c0df35cfc
- Rename SparseBuilder to ImageBuilder, WriteSplitSparseFiles
to WriteSplitImageFiles, WriteToSparseFile to WriteToImageFile, etc.
- Add sparsify argument to ImageBuilder, WriteToImageFile, and
WriteSplitImageFiles
This allows lpmake to write non-sparse super image directly. Virtual
devices needs non-sparse images to work on.
Test: lpmake without --sparse
Test: liblp_test
Bug: 120041578
Change-Id: I76ee09efd02df7caaa8abd37a55ae0bebf9cfa29
Merged-In: I76ee09efd02df7caaa8abd37a55ae0bebf9cfa29
- If file is unlinked, the mmapped region is still there.
- If file is truncated, a SIGBUS will be seen, and holding
the fd doesn't help.
Test: boots (sanity)
Bug: 123664216
Change-Id: I6683804bc795fab6798891a4471e5fe58fbffe13
Merged-In: I6683804bc795fab6798891a4471e5fe58fbffe13
This is required for read() to function correctly
in Windows since it behaves differently in text mode and
binary mode and may cause unpredictable behavior depending
on the contents of the image file.
Bug: 129281908
Test: fastboot.exe flashall
Change-Id: I64370af44a050bafea60ff1b0b2be18cc531480a
Merged-In: I64370af44a050bafea60ff1b0b2be18cc531480a
(cherry picked from commit 1a6f6feff4)
