We need vold on early-fs so we can handle userdata checkpointing.
Without this, devices will take an extra minute or two as checkpointing
related vdc calls attempt to reach vold before it is available.
Bug: 134114000
Test: Boot, see vold has started before vdc checkpointing tries to call
out to vold.
Merged-In: Idfdb304503a163fbb91f9317949eb98c06fecce1
Change-Id: Idfdb304503a163fbb91f9317949eb98c06fecce1
We need vold on early-fs so we can handle userdata checkpointing.
Without this, devices will take an extra minute or two as checkpointing
related vdc calls attempt to reach vold before it is available.
Bug: 134114000
Test: Boot, see vold has started before vdc checkpointing tries to call
out to vold.
Change-Id: Idfdb304503a163fbb91f9317949eb98c06fecce1
The old "time zone updates via APK" feature installs time zone data
files in /data. tzdatacheck is run during boot to guard against an
OTA leaving the data in /data older, or in a different format, than the
files that exist elsewhere on device. If such files existed the system
could use old versions of tzdb (and related) data or even end up
unstable.
Soon, the time zone data mainline module will be made "functionally
mandatory" by the removal of most time zone data files from the
runtime module APEX, i.e. the time zone data module cannot be absent,
and the runtime module won't have files to compare against.
This change modifies the command line args for tzdatacheck to reference
the contents of time zone data module instead of the runtime module.
Bug: 132168458
Test: Build / boot / inspect logcat
Change-Id: Iac8023b7cbb72213df344d603c121caa867a196f
There is no reason that rlimits cannot be set earlier than they are,
and apexd-bootstrap may want to set the priority service option, which
would require that these rlimits have been set, so we move these to
the beginning of early-init.
Bug: 134668377
Test: apexd-bootstrap can set the priorty service option
Change-Id: I8040190cd4dc5e141784496ae65cfab80d9cad53
This directory is no longer used. OBB content is
placed in /data/media/$user/Android.
Test: make
Test: manually verify the path doesn't exist.
Bug: 129167772
Change-Id: I8549826586b9a68c8cfa3fe2e51295363f9b4e11
On devices that use FDE and APEX at the same time, we need to bring up a
minimal framework to be able to mount the /data partition. During this
period, a tmpfs /data filesystem is created, which doesn't contain any
of the updated APEXEs. As a consequence, all those processes will be
using the APEXes from the /system partition.
This is obviously not desired, as APEXes in /system may be old and/or
contain security issues. Additionally, it would create a difference
between FBE and FDE devices at runtime.
Ideally, we restart all processes that have started after we created the
tmpfs /data. We can't (re)start based on class names alone, because some
classes (eg 'hal') contain services that are required to start apexd
itself and that shouldn't be killed (eg the graphics HAL).
To address this, keep track of which processes are started after /data
is mounted, with a new 'mark_post_data' keyword. Additionally, create
'class_reset_post_data', which resets all services in the class that
were created after the initial /data mount, and 'class_start_post_data',
which starts all services in the class that were started after /data was
mounted.
On a device with FBE, these keywords wouldn't be used; on a device with
FDE, we'd use them to bring down the right processes after the user has
entered the correct secret, and restart them.
Bug: 118485723
Test: manually verified process list
Change-Id: I16adb776dacf1dd1feeaff9e60639b99899905eb
On devices that use FDE and APEX at the same time, we need to bring up a
minimal framework to be able to mount the /data partition. During this
period, a tmpfs /data filesystem is created, which doesn't contain any
of the updated APEXEs. As a consequence, all those processes will be
using the APEXes from the /system partition.
This is obviously not desired, as APEXes in /system may be old and/or
contain security issues. Additionally, it would create a difference
between FBE and FDE devices at runtime.
Ideally, we restart all processes that have started after we created the
tmpfs /data. We can't (re)start based on class names alone, because some
classes (eg 'hal') contain services that are required to start apexd
itself and that shouldn't be killed (eg the graphics HAL).
To address this, keep track of which processes are started after /data
is mounted, with a new 'mark_post_data' keyword. Additionally, create
'class_reset_post_data', which resets all services in the class that
were created after the initial /data mount, and 'class_start_post_data',
which starts all services in the class that were started after /data was
mounted.
On a device with FBE, these keywords wouldn't be used; on a device with
FDE, we'd use them to bring down the right processes after the user has
entered the correct secret, and restart them.
Bug: 118485723
Test: manually verified process list
Change-Id: I16adb776dacf1dd1feeaff9e60639b99899905eb
right now vendor_init is forked before we set oom_adj for init which
leaves a chance vendor_init could be killed in heavy memory pressure.
this CL set the oom_adj before forking everything to ensure all native
have correct oom_adj settings.
Fixes: 130824864
Test: procrank -o
(cherry picked from commit 45d8174fe7)
Change-Id: I68c18f9db24d55239f7f0608592fcc702f04542e
right now vendor_init is forked before we set oom_adj for init which
leaves a chance vendor_init could be killed in heavy memory pressure.
this CL set the oom_adj before forking everything to ensure all native
have correct oom_adj settings.
Fixes: 130824864
Test: procrank -o
Change-Id: I8af129076c3efa29f7b781459449f8f2dc853c98
charger needs to suspend the device when the power goes away
when it doesn't have root. These two files are marked with
group system, user system, mode 0600 in 'on boot', but
it is not executed in charger. Hence, move these actions
to 'on init'.
Test: no failure in libsuspend in charger
Bug: 129138950
Change-Id: I787b935b4ff6177601329aeedccdac361b119ca3
Merged-In: I787b935b4ff6177601329aeedccdac361b119ca3
charger needs to suspend the device when the power goes away
when it doesn't have root. These two files are marked with
group system, user system, mode 0600 in 'on boot', but
it is not executed in charger. Hence, move these actions
to 'on init'.
Test: no failure in libsuspend in charger
Bug: 129138950
Change-Id: I787b935b4ff6177601329aeedccdac361b119ca3
Android sets /proc/sys/vm/dirty_expire_centisecs to 200, so f2fs
doesn't need to do checkpoint in 60 seconds.
Bug: 127511432
Change-Id: I2ba0623053d4480b82003eb1cca85ff03c61fc0f
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Change access mode and ownership for /proc/pressure/memory file
to allow system components access memory pressure information.
Bug: 129476847
Change-Id: I25b6bc9d47aee857936f050b66e7bee6363b53be
Signed-off-by: Tim Murray <timmurray@google.com>
This gives us two benefits:
- Better compatibility to keyctl(1), which doesn't have "dadd"
- Pave the way to specify key's security labels, since keyctl(1)
doesn't support, and we want to avoid adding incompatible option.
Test: See keys loaded in /proc/keys
Bug: 128607724
Change-Id: Ia45f6e9dea80d037c0820cf1fd2bc9d7c8bb6302
Keys may be required for apex updates (post-installs), so load them
before starting apexd.
Bug: 125474642
Test: m
Test: manual
Change-Id: I32ddb6ae6854334e8ee7e195173ecfaed565d783
Bind-mounting of the bionic files on /bionic/* paths no longer required
as there are direct symlinks from bionic files in /system partition to
the corresponding bionic files in the runtime APEX. e.g.,
/system/lib/libc.so -> /apex/com.android.runtime/lib/bionic/libc.so
Bug: 125549215
Test: m; devices boots
Change-Id: I4a43101c3e3e2e14a81001d6d65a8a4b727df385
This CL change the mini-keyctl tool to make it compitable with libkeyctl
tool to make it more useful.
Bug: 112038861
Test: mini-keyctl padd asymmetric 'desc' .fs-verity < /path/to/cert.der
Test: mini-keyctl unlink <key_id> <keyring_id>
Test: mini-keyctl restrict_keyring <keyring_id>
Change-Id: I950f07c7718f173823ce5a5cd08e0d1a0e23a007
