With allow_all_shared_libs, the libs under /system/lib may be used
instead of libs included in the apex. This change adds stable libraries
the media apex relies on to prevent this case.
Test: dumpsys media.extractor, atest MediaPlayer2Test
Bug: 127791685
Change-Id: I6a0419e6da9e9f48a394257b1e8f977ec2dfa9a1
Keys may be required for apex updates (post-installs), so load them
before starting apexd.
Bug: 125474642
Test: m
Test: manual
Change-Id: I32ddb6ae6854334e8ee7e195173ecfaed565d783
Windows has int32_t return codes, which results in return codes 128-255
being sign extended into a negative number. Manually truncate the return
codes we get to preserve their values.
Test: test_device.py on windows
Change-Id: If41d6d469350301704f6ecff72ad17b412db3e04
... so that they can be reused later.
Also, removed test to strull and inline static constexpr variable.
Bug: 123664216
Test: libprocessgroup_proto_test
Change-Id: Ia6b93c6689d7531e6f597d1387434aed1b3efb0a
Observe some best practices in the APEX symlink
shell commands. No functional changes intended except with error
handling.
Bug: 128687472
Bug: 124106384
Bug: 122985829
Bug: 128249030
Test: make installclean / make droid / inspect one symlink
Change-Id: I099fed5ac8f25cc3911ce0e7ea2b9f74c2172193
Set properties dev.mnt.blk.<mount_point>=<device_block_class> for mount
and umount operations by setting up an Epoll handler to catch
EPOLLERR or EPOLLPRI signals when /proc/mounts is changed. Only
update properties associated with block devices. For the mount
point of /, use the designation of /root instead.
Can use the properties in init rc expansion like:
on property dev.mnt.blk.root=*
write /sys/block/${dev.mnt.blk.root}/queue/read_ahead_kb ${boot_read_ahead_kb:-2048}
on property dev.mnt.blk.data=*
write /sys/block/${dev.mnt.blk.data}/queue/read_ahead_kb ${boot_read_ahead_kb:-2048}
on late-fs
setprop boot_read_ahead_kb 128
write /sys/block/${dev.mnt.blk.root}/queue/read_ahead_kb ${boot_read_ahead_kb}
write /sys/block/${dev.mnt.blk.data}/queue/read_ahead_kb ${boot_read_ahead_kb}
Test: boot and inspect getprop results.
Bug: 124072565
Change-Id: I1b8aff44f922ba372cd926de2919c215c40ee874
When init found "/force_debuggable" in the first-stage ramdisk, it will
do the following if the device is unlocked:
1. load /system/etc/adb_debug.prop (with ro.debuggable=1)
2 .load userdebug_plat_sepolicy.cil instead of original plat_sepolicy.cil from
/system/etc/selinux/.
This make it possible to run VTS on a USER build GSI, by using a special
ramdisk containing "/force_debuggable".
Bug: 126493225
Test: unlock a USER build device, check 'adb root' can work
Change-Id: I9b4317bac1ce92f2c0baa67c83d4b12deba62c92
gatekeeperd verifyChallenge may use several pointer parameters
unchecked.
Also fixed broken length parameter check.
Bug: 127909982
Test: Not yet
Change-Id: I708bdc8afcb30f252385e51c4aa4bcefe1ef1045
When allocating a partition with a size that is unaligned (to the
optimal alignment), the remaining sectors are wasted since they are
never reallocated. This is because the free list is guaranteed to only
contain optimally-aligned regions. Unfortunately this means when a
partition is resized, we are wasting a small amount of space each time.
On a non-A/B device, this could wind up being significant.
For example, with an alignment of 512KiB, a 4KiB partition at offset 0
will waste 508KiB of space. The next extent to be allocated by any
partition will start at the next 512KiB.
To address this, we check if the last extent for a partition can be
extended to cover the difference between its last sector and the next
optimally aligned sector. We also verify that this region was not
allocated to any other partition, and does not appear in the free list,
to make sure we're not stealing space that will be used somewhere else.
Bug: 120434950
Test: liblp_test gtest
Change-Id: I88689889d44a4d2c51e659241918aaf2c064e049
As there is no security guarantee when the device is unlocked,
allowing adb root gives us more rooms to debug a USER build images.
Also, this makes it possible to run VTS on a USER build GSI, with
setting ro.debuggable=1 and unlocking the device.
This basically re-lands a reverted change:
https://android-review.googlesource.com/c/platform/system/core/+/437815
Which isn't needed after we moved /sbin/adbd to /system/bin/adbd in
USERDEBUG GSI. But it's still needed for USER build GSI.
Bug: 126493225
Test: unlock a USER build device, check 'adb root' can work
Change-Id: I93f12c8a3fe65c96c947e4602795eadfe591c521
