When Android is running in a container, some of the securebits might be
locked, which makes prctl(PR_SET_SECUREBITS) fail.
This change gets the previous state of the process' securebits and adds
the desired bits.
Bug: 62388055
Test: aosp_bullhead-eng boots
Test: If init has non-zero securebits, it can also boot
Change-Id: Ie03bf2538f9dca40955bc58314d269246f5731bd
We should check the boundary of central directory before checking its
signature. Swap the order of these two checks.
Bug: 36392138
Test: libziparchive doesn't read the signature after boundary check fails.
Merged-In: Ie89f709bb2d1ccb647116fb7ccb1e23c943e5ab8
Change-Id: Ie89f709bb2d1ccb647116fb7ccb1e23c943e5ab8
(cherry picked from commit 74464a1361)
Add a check to ensure the filename boundary doesn't exceed the mapped
memory region. Also add the corresponding unit test.
Bug: 28802225
Test: New unit test passes.
Merged-In: Ibf543a7da3d7898952e9eb332c84cdfc67cf5aa4
Change-Id: Ibf543a7da3d7898952e9eb332c84cdfc67cf5aa4
(cherry picked from commit bcc4431f24)
The boundary check of an invalid EOCD record may succeed due to the
overflow of uint32_t. Fix the check and add a unit test.
Test: Open the crash.apk and libziparchive reports the offset error as expected.
Bug: 31251826
Merged-In: I1d8092a19b73886a671bc9d291cfc27d65e3d236
Change-Id: I1d8092a19b73886a671bc9d291cfc27d65e3d236
(cherry picked from commit ae8180c06d)
Use mem cgroups if the kernel is built with CONFIG_MEMCG=y,
additionally add system group.
test: verified on both kernel with/without memcg enabled
Change-Id: Ib9d1c8e3c797e75f160e0e92edf3f11c9d8e9f17
Binder currently may service an incoming oneway transaction whenever
an outbound oneway call is made (if there is already a pending
incoming oneway call waiting). The unexpected nested method call
blocks forever on a recursive mutex acquire because healthd is single-
threaded. The binder behavior is considered a bug and may change in
the future. For now, work around this in healthd.
Make a local copy of the listeners list, then drop the lock and
perform the outbound calls on the local copy of the list.
Bug: 38201220
Test: Marlin with modified client calling scheduleUpdate() repeatedly
Change-Id: If35c2847556245921e2aff808ff747bb60356811
This change homogenizes the use of std::unique_ptr for storing
capabilities in system/core/.
Bug: None
Test: m
Change-Id: I0a95f87a27b0261e9d321841d5140fc000473293
This change makes it possible for Android running in a container to
terminate cleanly instead of calling abort() when requested to shut
down.
Bug: 62388055
Test: `adb reboot` on bullhead causes no kernel panics
Test: `adb reboot` on a system without CAP_SYS_BOOT makes init terminate
nicely
Change-Id: I36b2298610f5b4a2bf8b05103d04804883df2c88
This reverts commit f2f0b31850.
libusb seems to be causing flakiness on some machines. Disable it for
now.
Bug: http://b/62962248
Test: python test_device.py (with DeviceOfflineTest commented out)
Change-Id: Ia9de78ab772c22574cf5ca7facb78f22af6d7a71
(cherry picked from commit 969110ca4a)
- Use the CHECK macro everywhere that assert was used.
- Remove the _debug version of the tests and leave the CHECK macro so
it's always checking in the code.
Bug: 23762183
Test: Ran unit tests.
Change-Id: Ie705eedae393d0e95bb9d99f852687a11881aef1
