| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
This reverts commit ab82d1f68baf7a7963fdb5299516c2545a2d7175.
|
|
|
|
|
|
|
| |
This allows graphics libraries to communicate with each other.
Change-Id: I4c66e86b6353a174584ff77b38989713f2f77a9e
Signed-off-by: Joonas Kylmälä <joonas.kylmala@iki.fi>
|
|
|
|
|
|
| |
Bug: 133200996
Test: boot time test
Change-Id: I5262c28596adb7e849b202b8a163c190818f271a
|
|
|
|
|
|
|
|
|
|
|
| |
This patch removed the old writeout policy tune which was never touched since
2009. In the meantime, most of Android devices are equipped with over 4GB DRAM
and very fast flash storages like UFS, which becomes more like desktop or
servers in 2009. So, it'd be worth to go back to use the default kernel configs.
Bug: 129751503
Change-Id: Idb58f5b01bbc4afd270cffba5b8912ea3565819f
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There is a longstanding bug where file-based encryption causes spurious
SELinux denials of module_request because it uses the kernel's crypto
API, and the crypto API tries to autoload kernel modules.
While this sometimes indicate missing kconfig options, it can still
happen even if all needed kconfig options are enabled. This is because
a crypto algorithm can be a composition like "hmac(sha512)", and the
crypto API will first look for the full composition before it
instantiates it using the components like "hmac" and "sha512". But
often an implementation of the full composition doesn't exist.
However, as far as I can tell, Android doesn't actually use kernel
module autoloading at all. First, Android never changes
/proc/sys/kernel/modprobe from the default of "/sbin/modprobe", yet this
isn't where modprobe is located on Android. Android's SELinux policy
contains a neverallow rule that ensures that only init (not even
vendor_init) can write to this setting, so vendors can't be changing it.
Vendors could potentially be setting CONFIG_STATIC_USERMODEHELPER_PATH,
which overrides the path of all usermode helpers including modprobe.
But this is a relatively new kconfig option, available only in
android-4.14 and later. Also, for a vendor to actually do this they'd
also need to extend the SELinux policy with a domain_auto_trans rule to
allow their usermode helper to be executed by the kernel.
Android does increasingly use kernel modules, and GKI (Generic Kernel
Image) will require them. However, the modules are actually inserted by
userspace by 'init', not autoloaded.
It's possible to disable kernel module autoloading completely by setting
/proc/sys/kernel/modprobe to an empty string. So, let's do that.
This prevents lots of spurious SELinux denials, and allows removing
unnecessary rules to allow or dontaudit the module_request permission.
Note: when the kernel doesn't have CONFIG_ANDROID_BINDERFS enabled, this
change exposes a kernel bug that causes a WARNING in get_fs_type(). To
avoid this WARNING, a kernel fix should be applied too -- currently
under discussion upstream
(https://lkml.kernel.org/r/20200310223731.126894-1-ebiggers@kernel.org).
Bug: 130424539
Bug: 132409186
Bug: 144399145
Bug: 146477240
Bug: 148005188
Bug: 149542343
Test: Tested on cuttlefish and coral:
- Checked that /proc/sys/kernel/modprobe contains /sbin/modprobe
before this change, and the empty string after.
- Checked that if all SELinux rules for module_request are removed,
there are SELinux denials for module_request before this change
but none after.
- Ran lsmod both before and after and verified that the list is the
same, i.e. checked that this change doesn't break how Android
actually loads kernel modules.
Change-Id: I4132fe1a491e7b789311afcf693c1f6493fb9dc5
(cherry picked from commit 843f46e674e3f9d424144aa91c51777d66c9692c)
|
|\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
staging/lineage-17.1_merge-android-10.0.0_r37
Android 10.0.0 Release 37 (QQ3A.200605.001)
* tag 'android-10.0.0_r37':
Add cpu-set properties to serializer test
Allowing R and S developer GSI for DSU
Adding new GSI public keys
Increase timeouts.
Add TEMP_FAILURE_RETRY where appropriate.
Increase timeout to avoid flaky tests.
configs for jailed procs to dump code coverage data
Move gcov output to /data/misc/trace
rootdir: init.rc to limit discard size to 128MB
Change-Id: I402131a51320e548dfd105d2223423e14a9e8ec4
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Adding two new public keys for R-Developer-GSI and S-Developer-GSI,
respectively.
Bug: 149805495
Test: m r-developer-gsi.avbpubkey
Test: m s-developer-gsi.avbpubkey
Change-Id: Iaa7521ef40b94f13fe3c9c61d276678f47c60b98
Merged-In: Iaa7521ef40b94f13fe3c9c61d276678f47c60b98
(cherry picked from commit b697d47eb38b2dcfa545dfddb163927fc7f56900)
|
| |\
| | |
| | |
| | | |
Change-Id: I8294c4704ae3f3eaaa997aa1e2c4504b811cca03
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Gcov output location has world write on debuggable builds.
Test: N/A
Bug: 128524141
Bug: 148178774
Change-Id: Ia6b94e26352dd66f5c6819f6157b4b73dd777a90
Merged-In: Ia6b94e26352dd66f5c6819f6157b4b73dd777a90
(cherry picked from commit 360eb055e07813d66e4fc80203a124bda7591bb5)
|
| |\ \ |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
In any case, UFS storage suffers from long discard latency.
Bug: 148209614
Change-Id: Iaa8ef6eb862934af43254bd10873a12c3d34e926
Merged-In: Iaa8ef6eb862934af43254bd10873a12c3d34e926
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
|
|\| | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Android 10.0.0 release 31
* tag 'android-10.0.0_r31':
Store crashing process name in sysprop
Allowing /avb/q-developer-gsi.avbpubkey for DSU
Adding the AVB public key for Q-Developer-GSI
FlattenableUtils::align memsets
Change-Id: Ia9d79894d1a390669031842f83c1bba3d185e9b2
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bug: 144399552
Test: m q-developer-gsi.avbpubkey
Change-Id: If140c429c8b8324c0c2364aa67e72e41748b42b4
Merged-In: If140c429c8b8324c0c2364aa67e72e41748b42b4
(cherry picked from commit bd0853602b9d82398290d9c30a5259b8f8db6c79)
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
system_suspend need to be an early_hal as it's required before storage
encryption can get unlock on FDE devices.
/sys/power/wake_lock is a dependency of system_suspend (only in Q and
earlier). Permissions on this file need to be set early enough.
Bug: 136777986
Bug: 133175847
Test: boot blueline
Change-Id: I8a9d3374b327e451fb98d2279d1bac9477a9560d
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Originally, vndk_lite does not include product/lib and product_services/lib
directories first but searches for the required files in vendor/lib and odm/lib.
However, if a vendor/odm library with the same name exists, that causes the
vendor/odm library to be set as dependency to the system process that is searching
for the library, hitting neverallow SELinux denials.
To avoid this problem, allow the system processes in vndk_lite devices
to search product/lib and product_services/lib prior to vendor/lib and odm/lib.
Test: Check boot for vndk_lite devices.
Change-Id: I4113938d0803480f682c3521765e1d5f3c19ab79
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Update the recovery image only if the option is enabled
under Developer options
This reverts commit 231e0a9e6a1da6fa4a188840f68af649669e417f.
Change-Id: I928f7ee8bb3eaf5581bb8225661d253ecca0c4ef
Change CM recovery install script filename [2/2]
This is part 2/2 to maintain backwards compatibility with CWM's
verify_root_and_recovery() function. CWM checks if install-recovery.sh
exists and has an executable flag set, then offers to disable the script
for the user. CM now controls this with the persist.sys.recovery_update
property which is configurable via settings, so we don't need to
double-check this.
This changes the name of the recovery install script to
install-cm-recovery.sh.
Change-Id: I275dd358b46c626dfcb8fe02c583a308d5a89c56
init: Move install-recovery.sh back to the standard location
L moved the location of install-recovery.sh from /system/etc/ to
/system/bin. Since CWM recovery isn't looking for this location
anyway, let's return the file to this standard location. This allows
all other code in L to function properly.
Maintain the change to the init to allow flash_recovery to be disabled
in settings.
Change-Id: I8a85db8addeb75a2fd60d809c5ed4edc619ef7ed
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Bug: 140882488
Test: Booted twice, checked logs to ensure encryption
is different each time, adb created files in directory.
Cherry-Picked-From: 570d20d2ac875198416dff280b7a4b7adaacac81
Merged-In: I44f746acd1040f7baa9123d4824ba39b194f287b
Change-Id: I44f746acd1040f7baa9123d4824ba39b194f287b
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Recently Android build team changed environment to use prebuilt toybox
binaries for common tools (aosp/852849). However, as toybox xargs does
not support -I option, update_and_install_ld_config.mk started to fail
filtering out private vndk libraries from the list. To resolve this,
xargs usages are replaced with other shell command (read).
Bug: 137832162
Test: m -j && tested on Cuttlefish
Change-Id: I218ce6272c781f826b87c8efc0d3c77bf6bc3af5
Merged-In: I218ce6272c781f826b87c8efc0d3c77bf6bc3af5
(cherry picked from commit 95d55818a46d793295db5e90fa55fd0b01bed059)
|
|\|
| |
| |
| |
| |
| |
| |
| | |
into qt-dev
am: 11bf3545ab
Change-Id: I9c7af0807d12ef60636d407fbba64ec664a7d31a
|
| |\
| | |
| | |
| | | |
into qt-dev
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This reverts commit 997a2d93d7a9216c248be9c983adec2d91283f5a.
Reason for revert: This revert is needed, just also need some selinux rules for changes to the script that runs if this folder is present.
Bug: 136199978
Change-Id: Ie0544954965e3c90abc2f833c41949976c3bea65
|
|\| |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
into qt-dev
am: ff7da227db
Change-Id: I42b5fdcdb6b87afe44353d830f6b1b5c0c645fc0
|
| |\|
| | |
| | |
| | | |
into qt-dev
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This reverts commit 891a0113941136544509886c1638d973a6c9773c.
Reason for revert: Some Test failed, need more investigation
Bug: 136199978
Change-Id: Ibad0dad02a6701447c39ddcc805d44c9e68bdcce
|
|\| |
| | |
| | |
| | |
| | |
| | | |
am: 346c17bbc9
Change-Id: I501695115c2c84345db0c78e8694fd31686b7ee7
|
| |\| |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This reverts commit c6ca823710d49754c3717e9cf3ba11b9c2648825.
Reason for revert: Q-GSI on Pie devices would crash kernel.
Bug: 136199978
Change-Id: I16a2cb81a1f21627db0cb00324679a322ba42fe0
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This accelerates f2fs GC when IdleMaint.
Bug: 128594671
Bug: 137190790
Change-Id: I1cea7c99ffd5963711c66460f1c8368b43aeaee2
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
|
|\| |
| | |
| | |
| | |
| | |
| | | |
am: d6253fc917
Change-Id: I64a4f4a557bf737c0fac1b2f5f94ed28f263ee06
|
| |\ \ |
|
| | |/
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We need vold on early-fs so we can handle userdata checkpointing.
Without this, devices will take an extra minute or two as checkpointing
related vdc calls attempt to reach vold before it is available.
Bug: 134114000
Test: Boot, see vold has started before vdc checkpointing tries to call
out to vold.
Change-Id: Idfdb304503a163fbb91f9317949eb98c06fecce1
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Without this, binaries can't be run out of /data/local/tmp on a HWASANified
device.
Bug: http://b/134503977
Test: Chromium's /data/local/tmp/md5sum/md5sum_bin works on walleye_hwasan-userdebug
Change-Id: Ieceaab8aae0024864022ca42b38aa36e6212cf31
(cherry picked from commit 563ca3815494b47d5af100c6d9b9595e0bc89372)
|
|\| |
| | |
| | |
| | |
| | |
| | | |
am: 4e5fddd5f5
Change-Id: Ia28f8fb8e68deb24e17504ea8369da61501f0b5b
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- In GSI, media.extractor has follow dependency.
media.extractor -> libmpeg2extractor (media ns) ->
libprocessgroup (media ns) -> libcgrouprc (default ns).
If libcgroupsrc can't link from libmpeg2extractor, media.extractor is crashed.
Test: media.extractor didn't die.
Bug: 134981805
Merged-In: I7d3e7e6477708a505b87a884e05cd719f5a3d496
(cherry picked from commit d695733df9047bb61bbe7301d34681aa805697d0)
Change-Id: I7d3e7e6477708a505b87a884e05cd719f5a3d496
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The canonical location of the HWASAN runtime, an LL-NDK library, is being moved
to the runtime APEX. It is apparently the first LL-NDK library in the runtime
APEX that does not require a legacy symlink in /system/${LIB}. Therefore we
need to link the HWASAN runtime in the runtime namespace to various namespaces
so that the library can be loaded from outside of the namespace.
Also, add $SANITIZER_RUNTIME_LIBRARIES to
namespace.default.link.system.shared_libs. This is necessary because in
the accompanying Soong change, we cause the HWASAN runtime to be removed
from $LLNDK_LIBRARIES. In most cases, except for this one, this was a no-op
because we were already including both sets of libraries in shared_libs.
Bug: http://b/134503977
Test: Builds
Change-Id: I67d64788855d28f3a156a1b9cf8a897617277730
Merged-In: I67d64788855d28f3a156a1b9cf8a897617277730
(cherry picked from commit fb1c5a724e7f6cd07b64b0b4dcfdff5677ab7b9f)
|
|
|
|
|
|
|
|
|
|
|
| |
This directory is no longer used. OBB content is
placed in /data/media/$user/Android.
Test: make
Test: manually verify the path doesn't exist.
Bug: 129167772
Change-Id: I8549826586b9a68c8cfa3fe2e51295363f9b4e11
|
|\
| |
| |
| | |
/data" into qt-dev
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Executable in /data/ runs in default linker namespace, not
classloader namespace.
In Q, we moved libicuuc.so and libicui18n into the runtime
namespace, and allow linking from runtime namespace and classloader
namespace.
This change further allows linking from default namespace, and tries
to fix the regression temporarily.
Bug: 130788466
Test: The app issue is fixed after this CL
Merged-In: Ifae52b554124514e433cfe78875643a7450fbabd
Change-Id: Ifae52b554124514e433cfe78875643a7450fbabd
(cherry picked from commit 0c7edece9453db4f6c7be3058e64881b9805f94e)
|
|/
|
|
|
|
|
|
| |
Permitted paths were empty for ASAN builds with the media namespace.
Bug: 131625115
Test: no dlopen failure on libflacextractor.so in aosp_cf_x86_pasan
Change-Id: I90050fc54820ba68d64931412572f3b0954e6616
|
|\ |
|
| |
| |
| |
| |
| |
| | |
Bug: 124076524
Test: atest AdbDebuggingManagerTest
Change-Id: If73b81ca73ba4d64763cf49c1bbe42de81fa1cb6
|
|/
|
|
|
|
|
|
| |
Bug: 117857342
Test: values are applied
Change-Id: Id28d9619fc2fd2287fe656b8032025184ae7f631
(cherry picked from commit a8aaf198d5d5bf110df36309a7c679ed3a153d68)
Merged-In: Id28d9619fc2fd2287fe656b8032025184ae7f631
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On devices that use FDE and APEX at the same time, we need to bring up a
minimal framework to be able to mount the /data partition. During this
period, a tmpfs /data filesystem is created, which doesn't contain any
of the updated APEXEs. As a consequence, all those processes will be
using the APEXes from the /system partition.
This is obviously not desired, as APEXes in /system may be old and/or
contain security issues. Additionally, it would create a difference
between FBE and FDE devices at runtime.
Ideally, we restart all processes that have started after we created the
tmpfs /data. We can't (re)start based on class names alone, because some
classes (eg 'hal') contain services that are required to start apexd
itself and that shouldn't be killed (eg the graphics HAL).
To address this, keep track of which processes are started after /data
is mounted, with a new 'mark_post_data' keyword. Additionally, create
'class_reset_post_data', which resets all services in the class that
were created after the initial /data mount, and 'class_start_post_data',
which starts all services in the class that were started after /data was
mounted.
On a device with FBE, these keywords wouldn't be used; on a device with
FDE, we'd use them to bring down the right processes after the user has
entered the correct secret, and restart them.
Bug: 118485723
Test: manually verified process list
Change-Id: I16adb776dacf1dd1feeaff9e60639b99899905eb
|
|\ |
|
| |
| |
| |
| |
| |
| | |
Test: build & dumpsys media.extractor
Bug: 130882530
Change-Id: Ifd46858b5a864f0fbed87baa3321f233ea12954e
|
|\ \ |
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The debug ramdisk can only be used if the device is unlocked.
When it's used, init will load adb_debug.prop and the userdebug
sepolicy from the debug ramdisk, to allow adb root on a user build.
Bug: 126493225
Test: 'make' and checks the file is installed
Change-Id: Id6962414197fc8f47f7c07818e8fb16107dc17a3
Merged-In: Id6962414197fc8f47f7c07818e8fb16107dc17a3
(cherry picked from commit 05f07d89a6b44eef1fcec020bf9020a3429fc3ad)
|
|/
|
|
|
|
|
|
|
| |
Fixes: 130829745
Test: build and trigger fsck
crosshatch:/ # ls -l /dev/fscklogs/log
-rwxrwx--- 1 root system 1584 1970-04-08 14:48 /dev/fscklogs/log
Change-Id: Ifd0734e121d07b941a73d7cabde04928ce5e5c59
Merged-In: Ifd0734e121d07b941a73d7cabde04928ce5e5c59
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In previous implementation, userdebug sepoilcy and property files are
loaded from the system.img. This CL changes this to:
- first-stage init copies userdebug files from ramdisk to /debug_ramisk/*
- second-stage init loads files from /debug_ramdisk/*.
Note: same as before, the above can only be triggered, if the device
is UNLOCKED
With this, we don't have to put userdebug related files into the USER
system.img.
Bug: 126493225
Test: boot device with a ramdisk with /force_debuggable, checks related
files are loaded
Change-Id: I63f5f846e82ba78427062bf7615c26173878d8f3
Merged-In: I63f5f846e82ba78427062bf7615c26173878d8f3
(cherry picked from commit 30afda71c0dac4d1d59a91b78256ebff76257ad8)
|
|\ |
|