summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Enable llvmpipe on the Samsung devices with an OMAP4 SOCHEADreplicant-6.0Denis 'GNUtoo' Carikli2020-06-061-3/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is based on the following observation: - On a Galaxy SIII (GT-I9300), llvmpipe works and we can observe the following in the logs at boot: I SurfaceFlinger: Using composer version 1.0 W SurfaceFlinger: no suitable EGLConfig found, trying a simpler query W SurfaceFlinger: EGL_SLOW_CONFIG selected! - On a Galaxy Nexus (GT-I9250), using llvmpipe result in a black screen, and we can observe the following in the logs at boot: E SurfaceFlinger: composer device failed to initialize (Invalid argument) W SurfaceFlinger: no suitable EGLConfig found, trying a simpler query [...] I SurfaceFlinger: EGLSurface: 5-6-5-0, config=0xb56ad740 F SurfaceFlinger: EGLContext creation failed - EGL_SLOW_CONFIG selected! is not seen in the Galaxy Nexus. This patch is based on reducing the amount of changes between the Galaxy SIII (GT-I9300) configuration and the Galaxy Nexus (GT-I9250) up to the minimal changes that makes the Galaxy Nexus work with llvmpipe. This was tested on the Galaxy Nexus (GT-I9250), and even if llvmpipe is very slow, users can still interact enough with the device to run the script that switches it back to libagl. Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
* Change symlinks to files and static pathsreplicant-6.0-0004-rc1Andrés Domínguez2020-01-091-12/+27
| | | | | GNUtoo: tiny whitespace fixes Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
* Fix checking of access() return value in EGL renderer overrideJeremyRand2020-01-091-2/+2
| | | | Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
* Fix documentation typo in EGL renderer overrideJeremyRand2020-01-091-1/+1
| | | | Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
* Fix some type fails in EGL renderer overrideJeremyRand2020-01-091-2/+2
| | | | Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
* EGL renderer override: use symlinks instead of properties to specify overrides.JeremyRand2020-01-091-35/+29
| | | | | | This fixes the character limit on app names, and reduces risk of privacy leaks. Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
* EGL Loader patch to use both LLVMpipe and libagl at onceJookia2020-01-091-26/+106
| | | | | | Sent-by: Jeremy Rand <jeremyrand@airmail.cc> JeremyRand: commit message Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
* SurfaceFlinger: disable VSync thread if no clients requiring.Wang, Yue A2020-01-021-4/+4
| | | | | | | | | | | | | | | | | | | | In EventThread, 2 VSYNCs are needed to do composition and update the client status. So, a 30FPS video may leads to 60FPS VSYNC, which means the DispSync thread would be waked 60FPS. This is a unexpected behavior which takes more power consumption. Now we update the SF status soon after the first VSYNC, which means no extra VSYNC needed, and the DispSync could be awaked as expected, and consequently power get saved. Change-Id: If486eb9b87f109a71f71b510768f15dd733f1233 Orig-Change-Id: I1d3b166021e15a81b2ad770b039761fc2c15fddf Tracked-On: https://jira01.devtools.intel.com/browse/IMINAN-12211 Category: aosp improvement Domain: Graphics-SF Origin: internal Upstream-Candidate: yes Signed-off-by: Wang, Yue A <yue.a.wang@intel.com> Reviewed-on: https://android.intel.com:443/238344
* Region: Detect malicious overflow in unflattenPablo Ceballos2020-01-021-0/+5
| | | | | | Bug 29983260 Change-Id: Ib6e1cb8ae279010c5e9960aaa03513f55b7d873b
* surfaceflinger: set a fitting EGL config for MesaWolfgang Wiedmeyer2020-01-021-5/+5
| | | | | | Otherwise, the view is distorted and has the wrong colors. Signed-off-by: Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de>
* load Android SW renderer only if libagl property is setWolfgang Wiedmeyer2020-01-021-1/+1
| | | | | | allows to use the sofwaregl property separately for llvmpipe Signed-off-by: Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de>
* libagl: Fix buffer read overrun in eglCreatePbufferSurfaceJesse Hall2020-01-021-1/+1
| | | | | | | The code was assuming that EGL_NONE==0, which isn't true. Bug: 23403170 Change-Id: Ic1eccdef086b4d610bd78dbb6b2ae883c91dc322
* egl loader: check for softwareglWolfgang Wiedmeyer2020-01-021-1/+6
| | | | | Change-Id: I52d34d33ef2451019740735316b519d939c7125c Signed-off-by: Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de>
* Sanitize InputMessage before sendingSiarhei Vishniakou2019-04-123-2/+114
| | | | | | | | | | | | | | | | | | | | | | | | The struct InputMessage has many fields, and is force-aligned to 8-byte boundaries. There are also some padding fields that carry no information. This struct is typically allocated in the stack and populated with various values before being sent across as a stream of bytes through the socket. Therefore, the "unused" data portions of the struct could contain portions of the stack, since there aren't ever writes to those memory locations. To avoid this information leak, forcefully sanitize the struct. Create a new struct that is explicitly set to zero. Next, only fill the meaningful fields manually. Bug: 115739809 Test: cts-tradefed run cts -m CtsSecurityBulletinHostTestCases -t android.security.cts.Poc18_12; adb shell monkey 100000 Change-Id: I7e44dacf1e8fa3156c8e4d2f7784ef0c53dab507 Merged-In: I7e44dacf1e8fa3156c8e4d2f7784ef0c53dab507 (cherry picked from commit cb2f0ceed876b3c1cc62fc677c75a12c1f10b199)
* Increment when attempting to read protected Parcel DataMichael Wachenschwanz2018-07-161-3/+17
| | | | | | | | | | | | | | | | Make sure to increment the parcel data position even when trying to improperly read from protected data Bug: 29833520 Test (M): cts-tradefed run cts -c android.os.cts.ParcelTest -m testBinderDataProtection Test (M): cts-tradefed run cts -c android.os.cts.ParcelTest -m testBinderDataProtectionIncrements Test: cts-tradefed run cts -m CtsOsTestCases -t android.os.cts.ParcelTest#testBinderDataProtection Test: cts-tradefed run cts -m CtsOsTestCases -t android.os.cts.ParcelTest#testBinderDataProtectionIncrements Change-Id: Ie4aae6277fc5f5c924f603d9828c3a608998b986 Merged-In: Ie4aae6277fc5f5c924f603d9828c3a608998b986 (cherry picked from commit 6a825e8ad1a3928dd872bb7c3fbcd94784d77267)
* Disallow reading object data from Parcels with non-object readsMichael Wachenschwanz2018-07-162-0/+75
| | | | | | | | | | | | | | | | | | | | | | | | The check added to each non-object reads adds an overhead. If the objects (binders and file descriptors) were written to the Parcel in sequential order then check adds a small O(1) overhead to each read, plus an O(N) overhead to the first read (to verify the N objects were added in order). If the objects were written out of order (as in by jumping around the Parcel with setDataPosition and writing Binder, DON'T DO THIS!!) (writing non objects out of order is fine), the first read is forced to sort the objects in the internal bookkeeping. Based on the assumption non sequential writes are infrequent and overall Parcels are probably mostly sorted, insertion sort was used. Worst case sorts will add an O(N^2) overhead to the first non object read from the Parcel. Test: run cts -m CtsOsTestCases -t android.os.cts.ParcelTest Bug: 29833520 Change-Id: I82de8eb5f5eb56f869542d5358e96884c24301b2 (cherry picked from commit c517681c66a1a387be657e0cf06da8d19659dd14)
* Don't pad before calling writeInPlace().Martijn Coenen2018-07-161-1/+1
| | | | | | | | | | | | | | | | writeInplace() itself already pads securely, by masking off the padded bytes. If the padding is done before calling writeInplace(), no mask is applied, and heap data can leak. Bug: 77237570 Test: builds Change-Id: Ide27a0002d4ed4196530430760245b971f6a3f44 Merged-In: Ide27a0002d4ed4196530430760245b971f6a3f44 (cherry picked from commit f8542381b72a7bb2452a5278a00ca8c34edbf8a0) (cherry picked from commit 732132b765cd7b667f16cf32f0fe4c852d7d44dd) Change-Id: Id65e4573e18ab68b804f1cf63a6977a71da01e5d
* DO NOT MERGE Remove window obscurement information.Siarhei Vishniakou2017-11-101-8/+1
| | | | | | | | | | | | If ACTION_OUTSIDE_EVENTS contain information about whether the touch is obscured, then a pattern of invisible, untouchable, unfocusable SYSTEM_ALERT_WINDOWS can be placed across the screen to determine approximate locations of touch events without the user knowing. Bug: 31097064 Test: cts-tradefed run cts --class android.security.cts.MotionEventTest Change-Id: Iebbb68231cbb76f87241201e7640a1fe3e188625 CVE-2017-0860
* libgui: check for invalid slot in attachBufferChia-I Wu2017-07-061-0/+9
| | | | | | | | | | | Bug: 37478824 Test: manual AOSP-Change-Id: I369337d53539bf7f7e3d925bccdae4045da1b404 (cherry picked from commit c79a29689c1046f1f0301c75df9b9a67cba8bf04) CVE-2017-0667 Change-Id: I15290a700c2e0f0da9a44bb3131c4e38cadbaed3
* ui: Fix bad size check in Fence::unflattenChris Forbes2017-07-061-1/+1
| | | | | | | | | | | | | Differs slightly from mnc+ patch: GetFlattenedSize was fixed in mnc. Test: Boot device, run poc from bug, observe no longer crashes Bug: 37285689 AOSP-Change-Id: Id8b851733b088cce0d07493fbf76e7e24f9299ad (cherry picked from commit 9809602ac32dcb7bceaa5bc34df5b7fb68aacd38) CVE-2017-0666 Change-Id: I778c82b363ca0409d534f255cc5d17b39e751986
* libgui: Check slot received from IGBP in SurfaceDan Stoza2017-07-061-0/+6
| | | | | | | | | | | | | | Checks that the slot number received from mGraphicBufferProducer in Surface::dequeueBuffer is on the interval [0, NUM_BUFFER_SLOTS) to protect against a malicious BnGraphicBufferProducer. Bug: 36991414 AOSP-Change-Id: I1a76fd1bcce1c558f1c0c30f03638278288ed4fa (cherry picked from commit 90ce2a9c1d3af422c66b4061805831cb208263d8) CVE-2017-0665 Change-Id: If0fd4864b9fc4ea5a1c83d10adef26cdabb0f7e8
* Fix security vulnerabilityFabien Sanglard2017-04-051-2/+1
| | | | | | | | | | | AOSP-Change-Id: I4c9ea3a3177131fa29d2561da71ef18bec3af108 Test: angler, marlin Bug: 32628763 CVE-2017-0546 Change-Id: I3e87518163540a9fce1d4fc3751ed558d4854140 (cherry picked from commit 45b202513ba7440beaefbf9928f73fb6683dcfbd)
* Fix SF security vulnerability: 32706020Fabien Sanglard2017-03-131-0/+1
| | | | | | | | | | | | Because of lack of mutex lock when get mConsumerName, if one thread getConsumerName, another thread setConsumerName frequently, an UAF will be triggered. Change-Id: Id1bbf0d15de6d16def2f54ecade385058cda3b65 Test: Marling with poc provided in bug report. Bug: 32706020 (cherry picked from commit d073eb7a3f28fd74bfa24c8b7599465cb7de5436) (cherry picked from commit 2e16d5fac149dab3c3e8f1b2ca89f45cf55a7b34)
* Correct overflow check in Parcel resize codeChristopher Tate2017-03-131-2/+2
| | | | | | | | | Fix merge conflict into nyc-mr1-release Bug 31929765 Change-Id: Ie27b9945f1de056624668869bdf9a5578abff467 (cherry picked from commit 65dd433f0db2fe402dc725f7012c6e26769b3224) (cherry picked from commit b4d6b292bce7d82c93fd454078dedf5a1302b9fa)
* libEGL: Only enable WORKAROUND_BUG_10194508 with board flagD. Andrei Măceș2017-02-191-3/+0
| | | | Change-Id: Id0d000dc5397479a0cd73799f93861693179a663
* Fix SF security vulnerability: 32660278Fabien Sanglard2017-01-131-0/+1
| | | | | | | | | | | | Because of lack of mutex lock when get mSidebandStream, if one thread getSidebandStream, another thread setSidebandStream frequently, an UAF will be triggered. Bug: 32660278 Test: Marlin device with poc Change-Id: Idbcf0976ce2db682d0f13455105c45a5c7481a45 (cherry picked from commit 2d8a2432e04234d9edbb3b099f9bbbaa36ad4843) (cherry picked from commit 675e212c8c6653825cc3352c603caf2e40b00f9f)
* Merge tag 'android-6.0.1_r72' into HEADJessica Wagantall2016-10-062-3/+10
|\ | | | | | | | | | | | | Android 6.0.1 Release 72 (M4B30X) # gpg: Signature made Tue 04 Oct 2016 09:47:41 AM PDT using DSA key ID 9AB10E78 # gpg: Can't check signature: public key not found
| * ServiceManager: Allow system services running as secondary users to add servicesArve Hjønnevåg2016-08-262-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | This should be reverted when all system services have been cleaned up to not do this. A process looking up a service while running in the background will see the service registered by the active user (assuming the service is registered on every user switch), not the service registered by the user that the process itself belongs to. BUG: 30795333 Change-Id: I1b74d58be38ed358f43c163692f9e704f8f31dbe (cherry picked from commit e6bbe69ba739c8a08837134437aaccfea5f1d943)
| * DO NOT MERGE ServiceManager: Restore basic uid checkArve Hjønnevåg2016-08-261-2/+7
| | | | | | | | | | | | | | | | | | Prevent apps from registering services without relying on selinux checks. Bug: 29431260 Change-Id: I38c6e8bc7f7cba1cbd3568e8fed1ae7ac2054a9b (cherry picked from commit f03ba2c0d878071603d73b7f8e9a4a468364ac27)
| * Region: Detect malicious overflow in unflattenPablo Ceballos2016-08-161-0/+5
| | | | | | | | | | | | Bug 29983260 Change-Id: Ib6e1cb8ae279010c5e9960aaa03513f55b7d873b
* | Merge tag 'android-6.0.1_r66' into HEADJessica Wagantall2016-09-071-0/+5
|\ \ | | | | | | | | | | | | | | | | | | Android 6.0.1 release 66 # gpg: Signature made Tue 06 Sep 2016 09:26:47 AM PDT using DSA key ID 9AB10E78 # gpg: Can't check signature: public key not found
| * | Region: Detect malicious overflow in unflattenPablo Ceballos2016-07-211-0/+5
| | | | | | | | | | | | | | | | | | Bug 29983260 Change-Id: Ib6e1cb8ae279010c5e9960aaa03513f55b7d873b
* | | surfaceflinger: Add support for Exynos HWC servicesChristopher N. Hesse2016-08-182-0/+50
| | | | | | | | | | | | Change-Id: I600e946a22064d64549e266c5a3cf452d0cf6299
* | | Fix xxhdpi 3072 heap sizesAbhisek Devkota2016-08-181-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | Bootloops on r7 with current values Fix for 94774ac01d1953bcc7a70a7018267ee34793d3f7 Change-Id: I248a9375735a261715668494da0d0ab5a6440d42
* | | Fix xxxhdpi 3072 heap sizesAbhisek Devkota2016-08-171-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | Bootloops on shamu with current values Fix for 94774ac01d1953bcc7a70a7018267ee34793d3f7 Change-Id: Iade253bd8bc5074486d2d69bb9c738844615b08d
* | | dalvik: rework 3 and 4-GB dalvik heap configurationsAlex Naidis2016-08-153-7/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The previous configuration sets target utilization as .25, which is geared towards low memory devices. This path increases it to .75 and makes us pass the check: (heaptargetutilization / 2) * heapsize = heapgrowthlimit Example: heapgrowthlimit: 256m heapsize: 512m heaptargetutilization: 0.75 0.75/2 * 512 = 192 To pass the check this has to be true: 192 = 256 (WRONG) Check not passed. This new configuration is optimized for higher RAM devices and passes the check: heapgrowthlimit: 384m heapsize: 1024m heaptargetutilization: 0.75 0.75/2 * 1024 = 384 384 = 384 (TRUE) Check passed. Change-Id: I6839339382229da80546761c3746a032081ff2cd Signed-off-by: Alex Naidis <alex.naidis@linux.com>
* | | surfaceflinger: Access s3d flags only for valid display ID.Namit Solanki2016-08-131-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | - Check if display id is within display ID range. Negative display ids lead to undefined behavior in CTS tests. Change-Id: I2db8caf8d7ac65700e5bc37c180763357cc90aad CRs-Fixed: 1043297
* | | Fixed stylus eraser being rejected by palm rejectionFPtje2016-08-051-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The stylus eraser appeared not to work, i.e. Android did not respond to input from the eraser. It turned out that all input except stylus input is rejected when palm rejection is activated. The problem was that the eraser itself activates palm rejection when it hovers. The solution is to allow the eraser during palm rejection. This solution makes sense because the eraser input works in the exact same way as normal stylus input. Change-Id: I9c7451112ce7dbca14a1e1694eedca2d4ed041a1
* | | surfaceflinger: Fix uninitialized variableSteve Kondik2016-08-032-1/+9
| | | | | | | | | | | | | | | | | | * And don't try to reinit the lib after a failure. Change-Id: Ic055a48670ed8cf01e27b16c5d4ddf214db53d20
* | | surfaceflinger: Unbreak casting and other use casesSteve Kondik2016-08-031-0/+4
| | | | | | | | | | | | | | | | | | | | | * If QCOM WFD isn't in use, we'll get -1 here. Don't try and dig into the array because we'll get some random memory back. Change-Id: Ib14642fea760dc0e659473bb183c5e0116622302
* | | surfaceflinger: Add check for number of queued buffersAnjaneya Prasad Musunuri2016-08-031-1/+6
| | | | | | | | | | | | | | | | | | | | | | | | Pop buffer item from shadow queue only when number of queued buffer items is greater than zero. Change-Id: I039bc133842293c29e3e130efd65f521ef0049c6 CRs-Fixed: 1009466
* | | Merge tag 'android-6.0.1_r61' into HEADJessica Wagantall2016-08-021-0/+1
|\| | | | | | | | | | | | | | | | | Android 6.0.1 Release 61 (MOB30Z) Change-Id: I581a4bc571ffe74fe33956018ffd93df05263755
| * | Add FrameStats default constructorPablo Ceballos2016-06-231-0/+1
| |/ | | | | | | | | | | Bug 28592402 Change-Id: I857e46c9ab3ffae0d96923d665d13a4128a6cafa
* | sf: Fix compliation for non-8996 platformsdianlujitao2016-08-021-0/+6
| | | | | | | | Change-Id: I3edad5934ef9d9ec523e091fa2c959bbc9770f29
* | surfaceflinger: Isolate S3D code to msm8996 onlySteve Kondik2016-08-014-6/+9
| | | | | | | | Change-Id: Ie4b77b55eb306c795b452c59d8ae3383bd2804bc
* | surfaceflinger: Cleanups for blurSteve Kondik2016-08-013-28/+109
| | | | | | | | | | | | * Dynamically load it so no direct linkage or headers are required. Change-Id: I4eba035f527ae4f0fa2485e24a8586145baf0adc
* | sf: Allow HWC composition of virtual displays for HDMI primaryTatenda Chipeperekwa2016-07-311-3/+18
| | | | | | | | | | | | | | | | Allow HWC composition of virtual displays for HDMI primary only when the output pixel format of the HDMI display is RGB. CRs-Fixed: 1007249 Change-Id: I9680b162d844e9e6397f919e8dcc1b1a948d182c
* | SF: Add support to draw S3D framebuffer targetfeifanz2016-07-319-1/+263
| | | | | | | | | | | | | | | | Add support to draw S3D framebuffer target in case HWC driver can not handle due to resource or capability issue. Change-Id: I536fa4a03e246d51891045b692d5dc5be88f2adf CRs-fixed: 999055
* | surfaceflinger: Fix the fix of the opaque check fixSteve Kondik2016-07-241-1/+1
| | | | | | | | | | | | * Use the right define. Change-Id: I78e2aea4bf4ff933ec828cffee1a3e925622ad31
* | SF: Fix NULL pointer dereferencing in dumpDrawCycle()Ramkumar Radhakrishnan2016-07-201-0/+4
| | | | | | | | | | | | | | Check for NULL before dereferencing a pointer in dumpDrawCycle() Change-Id: I1f06214577d0065c988877acb0f1b4378080690f CRs-Fixed: 1018335
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-20 06:00:27 +0000