Add AID for CrOS EC. The AID will be used to update the file access
permissions for /dev/cros_ec. This file is accessed by various
tools/daemons/services that interact with the Embedded Controller via
the linux kernel ChromeOS Embedded Controller (cros_ec) driver.
Bug: 349695348
Test: $ adb shell id -u cros_ec
Test: $ adb shell id -g cros_ec
Change-Id: I6baca9d2b63c45823ed5529bf27b904bf67edf8b
The best time to attach a BPF filter to a socket is before a socket
starts receiving data. Netlink sockets start receiving data after bind()
has been called. uevent_open_socket() calls socket() and bind(). Hence
split uevent_open_socket() into two functions: one function that calls
socket() and another function that calls bind().
Bug: 203462310
Change-Id: Ia41dee4683358cf9fbb6288fad863cd4f4ac9924
Signed-off-by: Bart Van Assche <bvanassche@google.com>
The use of the macro ATOMIC_VAR_INIT is not necessary and is causing
warnings about it being deprecated. So remove it.
Test: Compiles without any warnings.
Change-Id: I137ffd0a7cf9a24c2c7ddea5c30f310722f57b98
cutils/sched_policy.h redirects to processgroup/sched_policy.h, but
libcutils does not export the libprocessgroup headers. So users have to
know about the hidden redirect to libprocessgroup and include a
libprocessgroup dependency in their Android.bp files in addition to
libcutils. Fix that.
Bug: 349105928
Test: m
Change-Id: I516bdf2cdeff980c1fcd18883ef8a2f0a9beb629
Android init will refuse to read files that are world writable. Since
adb push makes files world writable by default, this means that adb
pushed rc files cannot be read by init. Fix it by adding an fs_config
entry for *.rc that sets their permissions to 644 root:root.
Bug: 343370899
Change-Id: If9c4dd4796caae6d177d9fdeef880949e5639648
These lines were originally added to avoid needing to manually chmod
+x files pushed to these directories on the device, but adb push now
automatically copies the x bit from the host for paths without an
fs_config, so they should no longer be necessary.
Bug: 341415989
Change-Id: I83007dfe05de7b86c26373460af1f199a6d21147
This enables fs_config for /data when pushing files as root. Also,
without this, adb push to /tmp fails as the shell user.
When pushing to a directory that does not have an explicit
fs_config, such as /data/local/tmp or /tmp, use the original
file mode. Because adb copies u permissions into g and o
(and in general because the umask on the host may have
made these files world writable), this requires adding more
fs_config entries to cover directories that may contain dex files
i.e. /{odm,product,system,system_ext,vendor}/{framework,app,priv-app}
to avoid hitting a SecurityException caused by writable dex files, e.g.
04-01 21:22:16.980 10110 4815 4815 E AndroidRuntime: FATAL EXCEPTION: main
04-01 21:22:16.980 10110 4815 4815 E AndroidRuntime: Process: android.test.app.system_priv, PID: 4815
04-01 21:22:16.980 10110 4815 4815 E AndroidRuntime: java.lang.SecurityException: Writable dex file '/system/priv-app/loadlibrarytest_system_priv_app/loadlibrarytest_system_priv_app.apk' is not allowed.
04-01 21:22:16.980 10110 4815 4815 E AndroidRuntime: at dalvik.system.DexFile.openDexFileNative(Native Method)
04-01 21:22:16.980 10110 4815 4815 E AndroidRuntime: at dalvik.system.DexFile.openDexFile(DexFile.java:406)
Bug: 171233429
Bug: 311263616
Change-Id: I18f70095c793d08a25ff59e1851f6dc7648ce4dc
Migrate to tmpfile and fileno for temp file operations. These calls are
supported on MinGW, and the temp files are automatically cleaned up.
A Windows variant of ashmem-host is needed to support CursorWindows on
host Windows.
In Windows, it is not possible to unlink an open file, so the nlink
check in ashmem_validate_stat must be made Unix-only.
Test: SQLiteDatabaseTest in Google3
Test: libcutils_test_static on Windows
Bug: 317884162
Change-Id: I7fc0f1f49406b01549b7f4d7e138cb3e4d79be72
As of VNDK deprecation, any libraries that defines vndk is no longer
valid anymore. This change removes all VNDK definition(s) from modules
which was VNDK. Any former VNDK-SP libraries will be marked as double-loadable,
so it can keep be able to be referenced by LLNDK libraries.
Bug: 328994089
Test: AOSP CF build succeeded
Change-Id: I1662f16e5e446bb28167b0bb278cd63997267d2a
'sockets_test.cpp' also runs as part of libcutils_test and
libcutils_static_test, so it is redundant to have it be a separate
target.
Test: libcutils_test
Test: libcutils_static_test
Bug: 317884162
Change-Id: Ib2c2f74feb79d1436ca67ae9aca18d3eb7acf5a0
Add a new AID for Virtual Machines so we can grant
capabilities such as CAP_SYS_NICE.
Bug: 322197421
Test: Build and boots, and verified capabilities
Change-Id: Ie893ba8ed6956a554bccfbd00e4e6fe9212ea77d
Signed-off-by: David Dai <davidai@google.com>
This doesn't help the person who wants CAP_BPF, but we can fix that
better by adding it to our stale glibc (and our future switch to musl
will mean we'll never have similar problems again).
I think this just dates from when we still supported building the OS on
darwin, but those days are long gone, and I think this hack can be put
to rest now...
Test: treehugger
Change-Id: I3c2e56c68a5b00c1ad0aed422c6ce60886063f50
Current libcutils checks if memfd is supported with vendor VNDK version,
but this is no longer valid if VNDK is deprecated. As we can assume that
any vendor using this code is supported as long as it is treblelized,
simplify logic to check if memfd is valid to vendor only with
'ro.treble.enabled' property.
Bug: 290159430
Test: Cuttlefish with VNDK deprecated worked without error from
libcutils
Change-Id: I351f0798da99cb4827bc3e424b63a2eaee5c7461
This code is only used in init and vold, so I suspect all the
conditional compilation could be moved into the .bp file instead, but
I'm just trying to clean up duplication today...
Test: treehugger
Change-Id: I97013f5de41e109a0cc377400c396145aed569db
Need to seal the buffer size in align with ashmem if set to PROT_READ
only to prevent untrusted remote process to shrink the buffer size and
crash it.
Bug: 294609150
Test: build
Ignore-AOSP-First: Security
Change-Id: I9288cf30b41e84ad8d3247c204e20482912bff69
