Move common log_id_t and simple internal support function definitions
that use it from log/log.h to log/log_id.h.
log_id_t
__android_log_buf_write
__android_log_buf_print
android_name_to_log_id
android_log_id_to_name
Test: gTest liblog-unit-tests --gtest_filter=\
liblog.log_id:\
liblog.__android_log_buf_print:\
liblog.__android_log_buf_write:\
liblog.__android_log_buf_print__concurrent64
Bug: 34250038
Change-Id: Iad3704cc72943a3094e1193a6d032c7f29a6cd5c
move LOG macros to log/log_main.h
move include/android/log.h to liblog/include/android/log.h
Test: compile of all components and gTest liblog-unit-tests
Bug: 34250038
Bug: 30465923
Change-Id: If182dd9b83689e8b7bc1a44b2f5d913c7ee5eeee
CAP_SYS_PTRACE is needed to ptrace processes that have capabilities
greater than their bounding set. Eventually, this will still be an
improvement, because we can ptrace attach, and then turn on a seccomp
filter that blocks further attaches.
Bug: http://b/34694637
Test: debuggerd `pidof system_server`
Change-Id: I4b9da164ec1fbb5060fdba590e886ac24b6a0785
We can't do an selinux transition when this is on.
Bug: http://b/34472671
Test: logcat -c; debuggerd `pidof media.codec`; logcat
Change-Id: Ie6c1832ab838df48879c32a86126862de9a15420
When handling a property control message to start a service, the
connection socket was being left open. The child socket FD would then be
inherited by the service from init as "/null".
Bug: 34698883
Test: adb shell start webview_zygote32; adb shell ls -l /proc/<pid>/fd,
no "/null" FD open.
Change-Id: I25f34e1bfc1414e6143acf23414b05f5a241cace
external/avb/libavb provides the new Android Verified Boot (AVB) flow.
It has different verity metadata format than previous formats in
fs_mgr_verity.cpp fs_mgr should support using libavb to read the metadata
(a.k.a. HASHTREE descriptor in AVB) to enable dm-verity in kernel.
Two important files in this commit:
- fs_mgr_avb_ops.c: an implementation of struct AvbOps* for libavb to do
platform dependent I/O operations, e.g., read_from_partition.
- fs_mgr_avb.cpp: it reads the metadata (a.k.a. vbmeta images in AVB) from
all partitions, verifies its integrity against the values of
androidboot.vbmeta.{hash_alg, size, digest} passed from bootloader in
kernel command line. Then enable dm-verity for partitions having the
corresponding HASHTREE descriptor and with an 'avb' fstab flag.
Bug: 31264231
Test: Enable dm-verity on /system partition
Test: Enable dm-verity with FEC on /system partition
Change-Id: I4652806984fe5a30c61be0839135b5ca78323d38
When doing a factory reset in recovery, flash erase & logical block
sizes are needed for tuning the parameters of the new userdata image.
Add flags to allow this information to be stored in recovery.fstab
Test: Factory reset marlin & confirm userdata is rebuilt correctly
Bug: 33243520
Change-Id: I6c4414d4e9026be4a3646523656ac151e93015e7
Signed-off-by: Connor O'Brien <connoro@google.com>
ASan runtime library depends on liblog, so we have to disable ASan,
but nothing else.
Bug: 33091541
Test: SANITIZE_TARGET=address keeps working
Change-Id: I6e22925b7f1d5ec86fe1bd8c00dba4c3e86ddf3f
* changes:
tombstoned: silence spurious error messages.
Actually don't start tombstoned until /data is mounted.
debuggerd_handler: add SIGSYS to the list of handled signals.
tkill and tgkill are syscalls that do not have glibc wrappers, but
they are required in order to send a signal to a specific thread.
Non-android software may call them directly with syscall(). Bionic
provides a wrapper for tgkill, so seccomp allows it, but not for
tkill. Add tkill to the whitelist.
This can be reproduced with:
sleep 1000 & sleep 1 ; strace -p $!
then hit ctrl-C, and the shell will print "Bad system call" because
the strace process died with SIGSYS
Bug: 34586922
Test: repro case is fixed
Change-Id: Ib6962a967f2cc757f2906de7905e75e1b6d6f39f
restart_syscall is used by the kernel whenever a syscall with a
timeout is interrupted. Whitelist it in seccomp to prevent
processes being killed with SIGSYS when being ptraced.
Bug: 34586922
Test: hwui_unit_tests
Change-Id: Ic47dcad33f3082eb5673c3c67fe17200d4daaf74
New protocol assumes that there is no limit on name or value
and effectively removed limit on property name length.
It also send back a uint32_t with error code (or 0 on success)
Bug: http://b/33926793
Test: mm, boot, run bionic-unit-tests --gtest_filter=prop*
Change-Id: Iac6290398ddc495e03f8fbbc3a79e923eff5df6f
