Create the anonymous namespace only from a non-empty library path.
This is a better heuristic than the current "first-come" one. It
allows creating classloaders that are not directly related to an
app's "main" classloader, that is, do not have any library path.
This is the case, for example, for shared libraries, including
preloaded ones.
Longer-term, the anonymous namespace creation should be made
explicit, so that the framework can have full control.
Bug: 130623656
Test: m
Test: manual
Change-Id: I8251363b372e365d10ae09d23df93d76388ac7f9
In order to prevent device stuck at reboot, we try to create shutdownt
monitor thread with a timeout (default 30s). It will dump init process
and blocked tasks call trace in last kmsg then trigger kernel panic to
reboot device.
Test: reboot device
bug: 128561401
Change-Id: Ieb400ab9fbd983544b61241a4f4b8aa2f4baa863
This reverts commit 93d63c010a.
Reason for revert: b/131312539 - All aosp-master-with-phones phones failing boot / health check.
Change-Id: Id4239f93484b7d6b8d9bcd355a59cbd40d9766e2
I'm not sure why I didn't remove this when I got rid of the other
functions marked as weak.
Test: build
Change-Id: I45e6bca7be0497e33be88d15afea8bb1d5165380
Each operation we submit results in a contiguous allocation in the
kernel which can trigger OOM-killing. Tune the queue depths to reduce
the chances of this happening, with a minimal impact on performance.
Bug: http://b/126582877
Test: ./benchmark_device.py with blueline
Change-Id: I4b0f83d54a9a9a69f0ab48322d78fb137c94dd35
Remove the code which attempts to collapse multiple similar SELinux
denials into one denial. SELinux logs are already rate throttled by the
kernel
(https://android-review.googlesource.com/c/platform/system/core/+/941357
for example), so additional filtering here only adds complexity and may
result in SELinux denials being inappropriately suppressed or dropped.
Bug: 118815957
Test: atest logd-unit-tests
Change-Id: I611fa43dc56c99aa992aad002c16c742e6034e5c
unique_fd's implicit conversion to int has led to tons of problems (see
all of the overloads for close, fdopen, fdopendir, etc.). Add a switch
that can turn it off, and reduce the ridiculous amount of work to fix up
callers by introducing a borrowed_fd type that can be constructed from
either int or unique_fd.
Test: treehugger
Change-Id: If77cf5cbcaddacdaec5919a15b3520fb68f51a62
In the future, property service may run in its own thread or process,
which means that PropertyChildReap() needs to be refactored to not run
as part of the init signal handler.
The new method spawns a new thread that handles the queue of paths
that require restorecon. It then communicates back to property service
via android::base::SetProperty(). Property service distinguishes the
thread from other callers of SetProperty() by checking the pid in the
credentials for the socket connection, thus avoiding dependencies on
the rest of init.
The new method also drops the genericness, since restorecon is the
only function that we should ever need to run asynchronously
Test: async restorecon works, including with queued requests
Change-Id: I2ca00459969e77b1820776dac23d0a0d974e330b
ion_4.12.h is ported from old Linux Kernel Driver.
According to the header comment, this is licensed under GPLv2.
This header is referred from ion.c.
To clarify license matter just in case, let's convert it using
update_all.py in bionic repository.
The original header is moved under original-kernel-headers/linux
directory.
Found this during FOSSID trial.
Test: build and boot
Change-Id: Iabd46f33968a0fbce14a501238730714c4f2cfc6
Signed-off-by: Yoshitaka Seto <yoshitaka.seto@sony.com>
If the matching string contains a [, \ or *, then it is also checked
with a regex match. Exact match is always tried firsts. If we do
not find an exact string match, switch to iterate through the entire
list for regex strings to find a match.
This allows us to scale with details without consuming a large
number of enums, permitting details that we do not necessarily want
resolution on to propagate to TRON. The hierarchical nature of the
boot reason <reason>,<subreason>,<detail>... can cause scenarios
where the <detail> does not matter to TRON, but does matter to
bugreport collection.
Add a bootstat --boot_reason_enum function to expose and test the
kBootReasonMap matchihg algorithm.
Add a kBootReasonMap test that exhaustively tests all built-in
entries, and an example of one regex entry. New regex entries added
to bootstat.cpp will need a series of exact match examples added into
filter_kBootReasonMap() function.
Test: boot_reason_test.sh kBootReasonMap (or all tests)
Bug: 116838876
Bug: 128929506
Change-Id: I3f7b5de22f99195b7ce99672a212174365960b3f
The first stage init skips mounting the mount points defined in
skip_mount.cfg, but these mount points still return from
ReadDefaultFstab(). The behavior causes some error logic which
try to access the partition which had been skipped.
After applying the patch. ReadDefaultFstab() will not contain the
skipped mount points.
Bug: 128961335
Test: `fastboot delete-logical-partition product_a`
Test: `fastboot flash system aosp_arm64-userdebug`
Test: `fastboot -w reboot` and boot to home screen
Change-Id: I3156260b5d37647dbecf98ca90601a089bea5c46
This is for Android Telemetry to be able to categorise the processes
that produce tombstones.
Test: atest debugerd_test:TombstoneTest
Change-Id: Ie635347c9839eb58bfd27739050bd68cbdbf98da
Though unlikely, it is possible for getpeercon() to fail. This change
adds code to handle this case gracefully.
Bug: 130209483
Test: boots, properties are set
Change-Id: I3b3fb76b2312a5cbc87c0da2a044be3ddf8aa400
Limit libprocessgroup VNDK API to the minimum set required for task
profiles usage. This API allows vendors to use cgroups without accessing
cgroup files directly, therefore allowing Android to change cgroup
arrangement details without breaking vendor code.
Bug: 131098932
Test: build and boot
Change-Id: I92463dfb44a108a133bafd2fe52237b6b1d50a69
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
The setup of SelinuxAuditCallback() was happening after property files
are loaded, and now that these property files can trigger audits, the
audit messages did not contain all of the correct information. This
change moves the setup of SelinuxAuditCallback() to immediately before
the property area is initialized, to ensure that this can not happen
again.
Bug: 130979265
Test: audits work early
Change-Id: I9eb43269317c74e041626ee7b2bb7fea49250e09
The debug ramdisk can only be used if the device is unlocked.
When it's used, init will load adb_debug.prop and the userdebug
sepolicy from the debug ramdisk, to allow adb root on a user build.
Bug: 126493225
Test: 'make' and checks the file is installed
Change-Id: Id6962414197fc8f47f7c07818e8fb16107dc17a3
This reverts commit bee9f5718b
"libprocessgroup: Disable file descriptor caching temporarily" and adds
option to use SetTaskProfiles and SetProcessProfiles without file caching.
This option is used from JNI to avoid access denials because cached files
are not whitelisted for JNI usage.
Bug: 123868658
Bug: 123043091
Test: boot using svelte target
Change-Id: I76b9d6af8a1dd4464cb3cf3e6dc327980efdf361
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
