Currently, memfds are created with executable permissions, meaning that
one can load a binary into a memfd buffer and use fexecve() to run said
binary. This is not desirable for security reasons, and also does not
match with the behavior that the ashmem driver currently supports.
When the ashmem driver is in use, /dev/ashmem* does not have executable
permissions, so fexecve() cannot be used on those buffers. Linux kernels
6.3+ offer MFD_NOEXEC_SEAL as part of the memfd interface, which allows
one to create memfds with non-executable permissions. Furthermore, the
executable permissions cannot be changed on these memfds.
This matches the expected behavior that ashmem provided, so allow memfd
usage only if MFD_NOEXEC_SEAL is supported, and create memfds with
non-executable permissions by default.
Bug: 111903542
Change-Id: Ibb2c2be3c118ead44fc12bcd2b63dcf6f83c9b03
Signed-off-by: Isaac J. Manjarres <isaacmanjarres@google.com>
cc_binary aconfigd is replaced with rust_binary aconfigd-system. The
replacement is flag guarded and is already in TF full for more than a
week. Thus delete the flag and deprecate old cc_binary aconfigd.
Test: m
Change-Id: Ib128adc2ef8178e02222f77e6b89bcc7ac83c1da
event.logtags was moved from system/core/logcat to system/logging/logcat in Android 12 by aosp/1454058.
Change-Id: Ia3cedee549145eddb0484ec589a9599a156bea14
BUG: 168791309
Flag: DOCS_ONLY
Test: Local build
- Declare v4 HAL.
- Declare version 400 in Package Manager (when unfrozen).
- Link to current (V4 when unfrozen) versions of support libraries.
- Add `setAdditionalAttestationInfo()` method to HAL service.
- Add `SetAdditionalAttestationInfo()` method to implementation, using
the common message types.
- Add Trusty-specific message code for the
`SET_ADDITIONAL_ATTESTATION_INFO` message exchange.
Test: VtsAidlKeyMintTargetTest (new test fails until TA updated too)
Bug: 369375199
Change-Id: I4699aea3ab8a0723a5c2bc1493f7bbb69cdfd6df
1: Check the presence of the file 'prefetch_ready'. If it doesn't
exist then the device is booting for the first time after wipe.
Thus, we would just create the file and exit as we do not want
to initiate the record after data wipe primiarly because boot
after data wipe is long and the I/O pattern during first boot may not actually match
with subsequent boot.
2: If the file 'prefetch_ready' is present:
a: Compare the build-finger-print of the device with the one record format
is associated with by reading the file 'build_finger_print'. If they match,
start the prefetch_replay.
b: If they don't match, then the device was updated through OTA. Hence, start
a fresh record and delete the build-finger-print file. This should also cover
the case of device rollback.
c: If the build-finger-print file doesn't exist, then just restart the record
from scratch.
Bug: 362507272
Test: Prefetch record/replay
Change-Id: I90b861ba9381ddba6ab7dedb9930a735e55b0e5d
Signed-off-by: Akilesh Kailash <akailash@google.com>
This directory doesn't contain third-party code and it doesn't need a METADATA file.
Bug: 380376695
Test: CIs
Change-Id: Ie197786da09304476fb002b178c2a77d424f5a53
Summary: The nosymfollow mount option was added to Linux 5.10, and the bionic
headers support it. Allow mounting with the option set. Updated relevant
CTS test too.
Test: Successful build on master
Change-Id: I0b280287e07ef8c485762b820dbbb26300144982
Signed-off-by: Abdelrahman Daim <adaim@meta.com>
Bug: 362507272
Test: Verify directory is created in /metadata
Change-Id: Ie1c2312f405d4b41e06a248e4d2b93cd8fc62a93
Signed-off-by: Akilesh Kailash <akailash@google.com>
The default permission of "/sys/block/zram0/idle" and
"/sys/block/zram0/writeback" are "0200".
Adding read permission to the files does not make sense because reading
those files fail as EIO error.
We should keep permission as minimum as possible.
Bug: 117682284
Bug: 375432468
Test: ls -la /sys/block/zram0
Change-Id: I11ed5d9eee257002f4698edcd81de39d2c317ea1
Instead of hard-coding the text path everywhere, this uses a library to
get the genfs labels version.
As genfs labels affect SELinux, this also adds logs to help debug
issues.
Bug: 378805380
Test: boot and check log
Change-Id: I843c97cbeb0c211c67e0172458a4f0d236cf1f06
As per comment in aosp/3342288
Bug: 368502791
Test: launch_cvd --secure_hals=guest_keymint_trusty_insecure
Test: atest VtsAidlSharedSecretTargetTest
Change-Id: I71b6266fbd480c0ebe2a7946adadd88f38afb3e7
1: This supports "mem" tracing only.
2: Replay option is modified to use "pread" instead
of readahead.
A simple utility binary "prefetch" is built which links to the library.
The binary allows record, replay and verifying the generated
metadata.
Bug: 362507272
Test: cargo test passes all unit tests.
Verify record, replay and dump options:
./prefetch record --duration 10 --path /data/test/trace-test
./prefetch replay --path /data/test/trace-test
./prefetch dump /data/test/trace-test --format csv
Change-Id: I1661e49183c6120d2878510e609571fe6d608bb5
Signed-off-by: Vikram Auradkar <auradkar@google.com>
Signed-off-by: Akilesh Kailash <akailash@google.com>
