* changes:
init: Add support for native service registration with lmkd
lmkd: Support process types when registering a process
lmkd: Add library function to unregister a process
lmkd: Prepare lmkd to support connection from init process
lmkd: Restrict process record modifications to the client that created it
list system calls used for dumping code coverage information; empty on
non code coverage builds. Mini-jail configurations can include this file
instead of trying to manage the list themselves.
Bug: 139313557
Test: arm32/arm64/x86 media svcs w/native coverage on, kill -37 to dump stats.
Change-Id: I7323a9739803756a76f54e4a98e995522cab71ef
From the implementation of FscryptInstallKeyring it looks like it will
install a new keyring on each call.
Another approach would be change FscryptInstallKeyring to first call
request_key[0] (http://man7.org/linux/man-pages/man2/request_key.2.html),
and don't add keyring in case request_key succeeded, but it looks like
that libkeyutils doesn't provide such functionality.
Since I was there, I've also added checks that we are not trying to
remount userdata on FDE devices.
Test: adb reboot userspace
Bug: 135984674
Change-Id: I2e063d7d87a3c2c26810e913a33e3a5c0364332b
Init unit tests refer to libraries that do not exist for the
secondary ABI, and we'd rather test the libraries on the device than
statically link them, so only test the primary ABI.
Init will only run on the primary ABI in any case, and doesn't have
much arch specific code in it.
Bug: 143560509
Test: build
Change-Id: I3c1883b3b55e5a06391d2885242f38c74eab621d
init should be able to register native services with lmkd so that they
can be killed when needed. Only processes with oom_score_adjust not
equal to the default -1000 will be registered with lmkd because with the
score that low the process is unkillable anyway.
Inform lmkd when a registered process is killed so that the record can be
removed.
Change init.rc to start lmkd during init phase so that it is there to
register other services.
Replace hardcoded oom_score_adj values with appropriate definitions.
Bug: 129011369
Test: boot and verify native service registration
Change-Id: Ie5ed62203395120d86dc1c8250fae01aa0b3c511
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Add an optional process type field into lmkd registration protocol so that
applications can be distinguished from services.
Bug: 129011369
Test: boot and verify native service registration
Change-Id: Ie610b5d07cbe247a55ab31bc079ee5c5923bea11
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Introduce lmkd_unregister_proc helper function. Fix a bug where
lmkd_pack_set_procremove used a wrong structure as a parameter.
Bug: 129011369
Test: verify process record removal when it is manually killed
Change-Id: I7ab5a499f6b1c6eecfdba4d0a5ec916053e2726a
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
In order to register native services init needs ability to communicate with
lmkd. Make liblmkd_utils library available in recovery mode so that init
can link to it and add a data socket in lmkd to support additional
connection from init. Ensure SOCK_CLOEXEC type for lmkd socket to prevent
init children from inheriting it.
Bug: 129011369
Test: boot and verify native service registration
Change-Id: Iaa4f59282fb10f838f6811571e97d55754b1bd41
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Associate each registered process with the PID of the lmkd client that
registered it to prevent one client from updating records of another
client.
Bug: 129011369
Test: boot and verify native service registration
Change-Id: Id8ca7bb6314df225d04da6469b523d2cdc237eaa
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Setting executable bit on system_ext/bin is missing, so add them into
list.
Bug: 144066307
Test: m && check if system_ext/bin/* have execute permission.
Change-Id: I89c9e0d2d54f965ecd058bb9e77ba77b7ed164c1
This will bring device to the state closer to the one during normal boot
Bug: 135984674
Test: adb install system/apex/shim/com.android.apex.cts.shim.v1.apex
Test: adb reboot userspace
Test: verified install succeeded
Change-Id: I6ef73bde2ca817c8a62bf19b8f1895dd0d6d2829
libcutils_test is fixed for all architectures and handles cases when
schedtune and/or cpuset cgroup controllers are not enabled. Include it
into presubmit test list.
Test: ran tests
Change-Id: I294220e18aae5e5760e7e6bdee7a2fe4d9c6d6a4
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
We are going to teamfood userspace reboot soon, and in order to gather
as much data as possible we are fine with ignoring checkpointing for the
devices with ext4 (teamfood will be a very limited set of people that
are aware what they've signed for).
As result of this, we don't need to reset vold and kill zram backing
device. Added a TODO to restore that functionality if needed.
Since I was there, fixed yet another typo in userspace-reboot-resume -_-
Bug: 135984674
Test: adb reboot userspace
Change-Id: I2b7a93aaf738fe9bec9d606d7e11aefb325550b1
Update fs_config tests for the new behavior in
a8eb00720c.
Before the above CL, fs_config_cmp() would match any partition prefix
to any path, even if there is not a logical relationship between them.
For example, these two lines in the test the demonstrate the changed
behavior:
{ true, "vendor/lib", "system/vendor/lib/hw", true },
{ true, "system/vendor/lib", "vendor/lib/hw", true },
The first line should match and does; it is testing that files located
at system/vendor/lib/hw are matched by an fs_path_config entry
specified as vendor/lib. This is to allow for applying the policy we
have for the vendor partition to files in /system/vendor in the case
that there is no vendor partition.
The second line should not match. This is testing that a file
that's located at vendor/lib/hw is matched by an fs_path_config entry
specified as system/vendor/lib. This is backwards; we do not want to
have policy specified for system/vendor to impact policy for the
vendor partition.
Also, we never have any relationships from /system/oem to /oem or
/system/odm to /odm, so these are logically unrelated and should fail
to match. We do however have a relationship from /vendor/odm to /odm,
so this test is added.
Test: libcutils unit tests pass on CF
Change-Id: I026f0233e00bbd0aad9bc0fb701aef000d2a037c
Migrating these files to soong modules and those modules are defined
under /packages/modules/vndk since they are highly coupled with vndk.
Bug: 141450808
Test: m llndk.libraries.txt
Change-Id: Id33366f604e3e6696a9be95dc50f40d143325697
Imagine an AIDL file:
package android.foo;
interface IFoo {}
The AIDL C++ backend will generate classes like "::android::foo::IFoo".
In order to avoid ODR conflict, the NDK (Stable C) backend linking
against libbinder_ndk puts everything under the "::aidl" namespace. So,
we have "::aidl::android::foo::IFoo". When using ScopedTrace in a class
implementing a class from this backend, there is this problem.
Bug: 141828236
Test: works
Change-Id: Iafadea11788d4c011229657b4f53063bcf65f8d8
In commit 1d4368b494 ("[REFACTOR] healthd: BatteryMonitor
use health 2.1 types"), the mapSysfsString() function was
changed to return NULL instead of -1 on error.
Everywher else that function is used commit 1d4368b494
tweaked the return value check from (ret < 0) to (!ret),
but one spot was missed.
This patch corrects the one missed check so that we compare
against null rather then negative value, since the return
value can no longer be negative.
This issue was found by inspection, and I've not seen an actual
problem with it, but thought it should be corrected.
Change-Id: I0a6564274d01276352a5dc0660b8ffbe748b5fde
Signed-off-by: John Stultz <john.stultz@linaro.org>
HIDL enum values are zero initialized, not the first value
of the enum. They need to be initialized properly.
Test: pass
Change-Id: I2adb8b851e6ac607ac4f547a6a6600604d07816f
FscryptSetDirectoryPolicy no longer tries to infer the action from the
filename. Well mostly; it still assumes top-level directories in /data
should be encrypted unless the mkdir arguments say otherwise, but
it warns.
Bug: 26641735
Test: boot, check log messages
Change-Id: Id6d2cea7fb856f17323897d85cf6190c981b443c
During automatic tests, we sometimes want to reboot the device out of
the rescue party remotely. And per http://go/recovery-adb-access, we
need to grant the adb authorization to enable the adb access. The auth
are only granted for userdebug devices and those with an unlocked
bootloader. Since the user can always flash a custom recovery image if
the bootloader is unlocked.
This cl ignores the ro.adb.secure property under recovery. The other
option is to default this property to 0 when building the boot/recovery
image.
Bug: 141247819
Test: unlock bootloader, run adb under recovery in user build
Change-Id: I424cfed5bf51a1e31d8687256ae4c6eaaa5e6249
