diff options
| author | Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de> | 2016-12-12 15:16:39 +0100 |
|---|---|---|
| committer | Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de> | 2016-12-12 15:16:39 +0100 |
| commit | bd9837c3559f8e545bdb6bd4010b0e2d6e6297c4 (patch) | |
| tree | 4af1be2ac6814a892f91168089f6d3980bcf6931 | |
| parent | 870d7cfb19f49ced89117b403972eef4a05faf08 (diff) | |
| parent | 656154a5b4127370f7317852e224a9121c6beed3 (diff) | |
| download | system_core-bd9837c3559f8e545bdb6bd4010b0e2d6e6297c4.tar.gz system_core-bd9837c3559f8e545bdb6bd4010b0e2d6e6297c4.tar.bz2 system_core-bd9837c3559f8e545bdb6bd4010b0e2d6e6297c4.zip | |
Merge branch 'cm-13.0' of https://github.com/CyanogenMod/android_system_core into replicant-6.0
40 files changed, 1205 insertions, 287 deletions
diff --git a/adb/Android.mk b/adb/Android.mk index 425bf9ba5..d4adbfb6a 100644 --- a/adb/Android.mk +++ b/adb/Android.mk @@ -200,7 +200,10 @@ endif # will violate ODR LOCAL_SHARED_LIBRARIES := +# Don't build the host adb on Windows (this branch should only be used for security updates.) +ifneq ($(HOST_OS),windows) include $(BUILD_HOST_EXECUTABLE) +endif $(call dist-for-goals,dist_files sdk,$(LOCAL_BUILT_MODULE)) diff --git a/adb/mutex_list.h b/adb/mutex_list.h index ff7275129..15e383cd4 100644 --- a/adb/mutex_list.h +++ b/adb/mutex_list.h @@ -6,7 +6,6 @@ #ifndef ADB_MUTEX #error ADB_MUTEX not defined when including this file #endif -ADB_MUTEX(socket_list_lock) ADB_MUTEX(transport_lock) #if ADB_HOST ADB_MUTEX(local_transports_lock) diff --git a/adb/sockets.cpp b/adb/sockets.cpp index 32ca17d2c..3919147a3 100644 --- a/adb/sockets.cpp +++ b/adb/sockets.cpp @@ -25,18 +25,25 @@ #include <string.h> #include <unistd.h> +#include <algorithm> +#include <mutex> +#include <string> +#include <vector> + #if !ADB_HOST #include "cutils/properties.h" #endif #include "adb.h" #include "adb_io.h" +#include "sysdeps/mutex.h" #include "transport.h" -ADB_MUTEX_DEFINE( socket_list_lock ); - -static void local_socket_close_locked(asocket *s); +#if !defined(__BIONIC__) +using std::recursive_mutex; +#endif +static recursive_mutex& local_socket_list_lock = *new recursive_mutex(); static unsigned local_socket_next_id = 1; static asocket local_socket_list = { @@ -61,7 +68,7 @@ asocket *find_local_socket(unsigned local_id, unsigned peer_id) asocket *s; asocket *result = NULL; - adb_mutex_lock(&socket_list_lock); + std::lock_guard<recursive_mutex> lock(local_socket_list_lock); for (s = local_socket_list.next; s != &local_socket_list; s = s->next) { if (s->id != local_id) continue; @@ -70,7 +77,6 @@ asocket *find_local_socket(unsigned local_id, unsigned peer_id) } break; } - adb_mutex_unlock(&socket_list_lock); return result; } @@ -84,20 +90,17 @@ insert_local_socket(asocket* s, asocket* list) s->next->prev = s; } - -void install_local_socket(asocket *s) -{ - adb_mutex_lock(&socket_list_lock); +void install_local_socket(asocket* s) { + std::lock_guard<recursive_mutex> lock(local_socket_list_lock); s->id = local_socket_next_id++; // Socket ids should never be 0. - if (local_socket_next_id == 0) - local_socket_next_id = 1; + if (local_socket_next_id == 0) { + fatal("local socket id overflow"); + } insert_local_socket(s, &local_socket_list); - - adb_mutex_unlock(&socket_list_lock); } void remove_socket(asocket *s) @@ -116,19 +119,17 @@ void remove_socket(asocket *s) void close_all_sockets(atransport *t) { asocket *s; - - /* this is a little gross, but since s->close() *will* modify - ** the list out from under you, your options are limited. - */ - adb_mutex_lock(&socket_list_lock); + /* this is a little gross, but since s->close() *will* modify + ** the list out from under you, your options are limited. + */ + std::lock_guard<recursive_mutex> lock(local_socket_list_lock); restart: - for(s = local_socket_list.next; s != &local_socket_list; s = s->next){ - if(s->transport == t || (s->peer && s->peer->transport == t)) { - local_socket_close_locked(s); + for (s = local_socket_list.next; s != &local_socket_list; s = s->next) { + if (s->transport == t || (s->peer && s->peer->transport == t)) { + s->close(s); goto restart; } } - adb_mutex_unlock(&socket_list_lock); } static int local_socket_enqueue(asocket *s, apacket *p) @@ -191,13 +192,6 @@ static void local_socket_ready(asocket *s) fdevent_add(&s->fde, FDE_READ); } -static void local_socket_close(asocket *s) -{ - adb_mutex_lock(&socket_list_lock); - local_socket_close_locked(s); - adb_mutex_unlock(&socket_list_lock); -} - // be sure to hold the socket list lock when calling this static void local_socket_destroy(asocket *s) { @@ -226,27 +220,21 @@ static void local_socket_destroy(asocket *s) } } - -static void local_socket_close_locked(asocket *s) -{ - D("entered local_socket_close_locked. LS(%d) fd=%d\n", s->id, s->fd); - if(s->peer) { - D("LS(%d): closing peer. peer->id=%d peer->fd=%d\n", - s->id, s->peer->id, s->peer->fd); +static void local_socket_close(asocket* s) { + D("entered local_socket_close. LS(%d) fd=%d", s->id, s->fd); + std::lock_guard<recursive_mutex> lock(local_socket_list_lock); + if (s->peer) { + D("LS(%d): closing peer. peer->id=%d peer->fd=%d", s->id, s->peer->id, s->peer->fd); /* Note: it's important to call shutdown before disconnecting from * the peer, this ensures that remote sockets can still get the id * of the local socket they're connected to, to send a CLOSE() * protocol event. */ - if (s->peer->shutdown) - s->peer->shutdown(s->peer); - s->peer->peer = 0; - // tweak to avoid deadlock - if (s->peer->close == local_socket_close) { - local_socket_close_locked(s->peer); - } else { - s->peer->close(s->peer); + if (s->peer->shutdown) { + s->peer->shutdown(s->peer); } - s->peer = 0; + s->peer->peer = nullptr; + s->peer->close(s->peer); + s->peer = nullptr; } /* If we are already closing, or if there are no diff --git a/adb/sysdeps/mutex.h b/adb/sysdeps/mutex.h new file mode 100644 index 000000000..ef5d9b164 --- /dev/null +++ b/adb/sysdeps/mutex.h @@ -0,0 +1,143 @@ +#pragma once + +/* + * Copyright (C) 2016 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#if defined(_WIN32) + +#include <windows.h> + +#include <android-base/macros.h> + +#include "adb.h" + +// The prebuilt version of mingw we use doesn't support mutex or recursive_mutex. +// Therefore, implement our own using the Windows primitives. +// Put them directly into the std namespace, so that when they're actually available, the build +// breaks until they're removed. + +#include <mutex> +namespace std { + +// CRITICAL_SECTION is recursive, so just wrap it in a Mutex-compatible class. +class recursive_mutex { + public: + recursive_mutex() { + InitializeCriticalSection(&mutex_); + } + + ~recursive_mutex() { + DeleteCriticalSection(&mutex_); + } + + void lock() { + EnterCriticalSection(&mutex_); + } + + bool try_lock() { + return TryEnterCriticalSection(&mutex_); + } + + void unlock() { + LeaveCriticalSection(&mutex_); + } + + private: + CRITICAL_SECTION mutex_; + + DISALLOW_COPY_AND_ASSIGN(recursive_mutex); +}; + +class mutex { + public: + mutex() { + } + + ~mutex() { + } + + void lock() { + mutex_.lock(); + if (++lock_count_ != 1) { + fatal("non-recursive mutex locked reentrantly"); + } + } + + void unlock() { + if (--lock_count_ != 0) { + fatal("non-recursive mutex unlock resulted in unexpected lock count: %d", lock_count_); + } + mutex_.unlock(); + } + + bool try_lock() { + if (!mutex_.try_lock()) { + return false; + } + + if (lock_count_ != 0) { + mutex_.unlock(); + return false; + } + + ++lock_count_; + return true; + } + + private: + recursive_mutex mutex_; + size_t lock_count_ = 0; +}; + +} + +#elif defined(__BIONIC__) + +// On M, the recovery image uses parts of adb that depends on recursive_mutex, and uses libstdc++, +// which lacks it. + +#include <pthread.h> +#include <mutex> + +#include <base/macros.h> + +class recursive_mutex { + public: + recursive_mutex() { + } + + ~recursive_mutex() { + } + + void lock() { + pthread_mutex_lock(&mutex_); + } + + bool try_lock() { + return pthread_mutex_trylock(&mutex_); + } + + void unlock() { + pthread_mutex_unlock(&mutex_); + } + + private: + pthread_mutex_t mutex_ = PTHREAD_RECURSIVE_MUTEX_INITIALIZER_NP; + + DISALLOW_COPY_AND_ASSIGN(recursive_mutex); +}; + +#endif diff --git a/debuggerd/backtrace.cpp b/debuggerd/backtrace.cpp index b8084c517..ad6a6ee61 100644 --- a/debuggerd/backtrace.cpp +++ b/debuggerd/backtrace.cpp @@ -67,8 +67,8 @@ static void dump_process_footer(log_t* log, pid_t pid) { _LOG(log, logtype::BACKTRACE, "\n----- end %d -----\n", pid); } -static void dump_thread( - log_t* log, pid_t tid, bool attached, bool* detach_failed, int* total_sleep_time_usec) { +static void dump_thread(log_t* log, pid_t pid, pid_t tid, bool attached, + bool* detach_failed, int* total_sleep_time_usec) { char path[PATH_MAX]; char threadnamebuf[1024]; char* threadname = NULL; @@ -88,7 +88,7 @@ static void dump_thread( _LOG(log, logtype::BACKTRACE, "\n\"%s\" sysTid=%d\n", threadname ? threadname : "<unknown>", tid); - if (!attached && ptrace(PTRACE_ATTACH, tid, 0, 0) < 0) { + if (!attached && !ptrace_attach_thread(pid, tid)) { _LOG(log, logtype::BACKTRACE, "Could not attach to thread: %s\n", strerror(errno)); return; } @@ -117,7 +117,7 @@ void dump_backtrace(int fd, int amfd, pid_t pid, pid_t tid, bool* detach_failed, log.amfd = amfd; dump_process_header(&log, pid); - dump_thread(&log, tid, true, detach_failed, total_sleep_time_usec); + dump_thread(&log, pid, tid, true, detach_failed, total_sleep_time_usec); char task_path[64]; snprintf(task_path, sizeof(task_path), "/proc/%d/task", pid); @@ -135,7 +135,7 @@ void dump_backtrace(int fd, int amfd, pid_t pid, pid_t tid, bool* detach_failed, continue; } - dump_thread(&log, new_tid, false, detach_failed, total_sleep_time_usec); + dump_thread(&log, pid, new_tid, false, detach_failed, total_sleep_time_usec); } closedir(d); } diff --git a/debuggerd/debuggerd.cpp b/debuggerd/debuggerd.cpp index 984b93160..7f3fbc3dd 100644 --- a/debuggerd/debuggerd.cpp +++ b/debuggerd/debuggerd.cpp @@ -1,5 +1,6 @@ /* * Copyright 2006, The Android Open Source Project + * Copyright (c) 2015, The Linux Foundation. All rights reserved. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -138,6 +139,84 @@ static int get_process_info(pid_t tid, pid_t* out_pid, uid_t* out_uid, uid_t* ou return fields == 7 ? 0 : -1; } +static bool copy_file(const char* src, char* dest) +{ + #define BUF_SIZE 64 + ssize_t bytes; + int source_fh, dest_fh; + int total_size = 0; + char buffer[BUF_SIZE]; + + if ((source_fh = open(src, O_RDONLY, O_NOFOLLOW)) == -1) { + ALOGE("Unable to open source file %s\n", src); + } else { + if((dest_fh = open(dest, O_WRONLY | O_CREAT | O_TRUNC | O_NOFOLLOW, 0640)) == -1) { + ALOGE("Unable to write destination file %s\n", dest); + } else { + while ((bytes = read(source_fh, buffer, BUF_SIZE)) > 0) { + if (write(dest_fh, buffer, bytes) < 0) { + ALOGE("Write failed for destination file %s. Copied %d bytes\n", + dest, total_size); + break; + } + total_size += bytes; + } + ALOGI("Copied %s to %s - size: %d\n", src, dest, total_size); + fsync(dest_fh); + close(dest_fh); + } + close(source_fh); + if (total_size > 0) { + return true; + } + } + return false; +} + +static void collect_etb_map(int cr_pid) +{ + struct stat s; + char src_buf[64]; + char dest_buf[64]; + + snprintf(dest_buf, sizeof dest_buf, "/data/core/etb.%d", cr_pid); + if (!copy_file("/dev/coresight-tmc-etf", dest_buf)) { + ALOGE("Unable to copy ETB buffer file /dev/coresight-tmc-etf\n"); + } else { + memset(src_buf, 0, sizeof(src_buf)); + snprintf(src_buf, sizeof(src_buf), "/proc/%d/maps", cr_pid); + if(stat(src_buf, &s)) { + ALOGE("map file /proc/%d/maps does not exist for pid %d\n", + cr_pid, cr_pid); + } else { + snprintf(dest_buf, sizeof dest_buf, "/data/core/maps.%d", cr_pid); + if (!copy_file(src_buf, dest_buf)) { + ALOGE("Unable to copy map file /proc/%d/maps", cr_pid); + } + } + } +} + +static void enable_etb_trace(struct ucred cr) { + char value[PROPERTY_VALUE_MAX]; + property_get("persist.debug.trace", value, ""); + if ((strcmp(value,"1") == 0)) { + /* Allow ETB collection only once; Note: in future this behavior can be changed + * To allow this, use a property to indicate whether the ETB has been collected */ + property_get("debug.etb.collected", value, ""); + if(strcmp(value,"1")) { + ALOGI("Collecting ETB dumps (from pid=%d uid=%d)\n", + cr.pid, cr.uid); + property_set("debug.etb.collected", "1"); + collect_etb_map(cr.pid); + } + else { + ALOGI("ETB already collected once, skipping (from pid=%d uid=%d)\n", + cr.pid, cr.uid); + } + } +} + static int selinux_enabled; /* @@ -229,14 +308,13 @@ static int read_request(int fd, debugger_request_t* out_request) { if (msg.action == DEBUGGER_ACTION_CRASH) { // Ensure that the tid reported by the crashing process is valid. - char buf[64]; - struct stat s; - snprintf(buf, sizeof buf, "/proc/%d/task/%d", out_request->pid, out_request->tid); - if (stat(buf, &s)) { + // This check needs to happen again after ptracing the requested thread to prevent a race. + if (!pid_contains_tid(out_request->pid, out_request->tid)) { ALOGE("tid %d does not exist in pid %d. ignoring debug request\n", - out_request->tid, out_request->pid); + out_request->tid, out_request->pid); return -1; } + enable_etb_trace(cr); } else if (cr.uid == 0 || (cr.uid == AID_SYSTEM && msg.action == DEBUGGER_ACTION_DUMP_BACKTRACE)) { // Only root or system can ask us to attach to any process and dump it explicitly. @@ -396,9 +474,32 @@ static void handle_request(int fd) { // ensure that it can run as soon as we call PTRACE_CONT below. // See details in bionic/libc/linker/debugger.c, in function // debugger_signal_handler(). - if (ptrace(PTRACE_ATTACH, request.tid, 0, 0)) { + if (!ptrace_attach_thread(request.pid, request.tid)) { ALOGE("ptrace attach failed: %s\n", strerror(errno)); } else { + // DEBUGGER_ACTION_CRASH requests can come from arbitrary processes and the tid field in + // the request is sent from the other side. If an attacker can cause a process to be + // spawned with the pid of their process, they could trick debuggerd into dumping that + // process by exiting after sending the request. Validate the trusted request.uid/gid + // to defend against this. + if (request.action == DEBUGGER_ACTION_CRASH) { + pid_t pid; + uid_t uid; + gid_t gid; + if (get_process_info(request.tid, &pid, &uid, &gid) != 0) { + ALOGE("debuggerd: failed to get process info for tid '%d'", request.tid); + exit(1); + } + + if (pid != request.pid || uid != request.uid || gid != request.gid) { + ALOGE( + "debuggerd: attached task %d does not match request: " + "expected pid=%d,uid=%d,gid=%d, actual pid=%d,uid=%d,gid=%d", + request.tid, request.pid, request.uid, request.gid, pid, uid, gid); + exit(1); + } + } + bool detach_failed = false; bool tid_unresponsive = false; bool attach_gdb = should_attach_gdb(&request); diff --git a/debuggerd/tombstone.cpp b/debuggerd/tombstone.cpp index b0ad27402..82d8fdf11 100644 --- a/debuggerd/tombstone.cpp +++ b/debuggerd/tombstone.cpp @@ -167,10 +167,13 @@ static const char* get_sigcode(int signo, int code) { static void dump_header_info(log_t* log) { char fingerprint[PROPERTY_VALUE_MAX]; char revision[PROPERTY_VALUE_MAX]; + char cm_version[PROPERTY_VALUE_MAX]; + property_get("ro.cm.version", cm_version, "unknown"); property_get("ro.build.fingerprint", fingerprint, "unknown"); property_get("ro.revision", revision, "unknown"); + _LOG(log, logtype::HEADER, "CM Version: '%s'\n", cm_version); _LOG(log, logtype::HEADER, "Build fingerprint: '%s'\n", fingerprint); _LOG(log, logtype::HEADER, "Revision: '%s'\n", revision); _LOG(log, logtype::HEADER, "ABI: '%s'\n", ABI_STRING); @@ -447,7 +450,7 @@ static bool dump_sibling_thread_report( } // Skip this thread if cannot ptrace it - if (ptrace(PTRACE_ATTACH, new_tid, 0, 0) < 0) { + if (!ptrace_attach_thread(pid, new_tid)) { _LOG(log, logtype::ERROR, "ptrace attach to %d failed: %s\n", new_tid, strerror(errno)); continue; } @@ -788,21 +791,8 @@ char* engrave_tombstone(pid_t pid, pid_t tid, int signal, int original_si_code, log.current_tid = tid; log.crashed_tid = tid; - if ((mkdir(TOMBSTONE_DIR, 0755) == -1) && (errno != EEXIST)) { - _LOG(&log, logtype::ERROR, "failed to create %s: %s\n", TOMBSTONE_DIR, strerror(errno)); - } - - if (chown(TOMBSTONE_DIR, AID_SYSTEM, AID_SYSTEM) == -1) { - _LOG(&log, logtype::ERROR, "failed to change ownership of %s: %s\n", TOMBSTONE_DIR, strerror(errno)); - } - int fd = -1; - char* path = NULL; - if (selinux_android_restorecon(TOMBSTONE_DIR, 0) == 0) { - path = find_and_open_tombstone(&fd); - } else { - _LOG(&log, logtype::ERROR, "Failed to restore security context, not writing tombstone.\n"); - } + char* path = find_and_open_tombstone(&fd); if (fd < 0) { _LOG(&log, logtype::ERROR, "Skipping tombstone write, nothing to do.\n"); diff --git a/debuggerd/utility.cpp b/debuggerd/utility.cpp index 9f340a8ac..236d667a3 100644 --- a/debuggerd/utility.cpp +++ b/debuggerd/utility.cpp @@ -20,6 +20,7 @@ #include <errno.h> #include <signal.h> +#include <stdlib.h> #include <string.h> #include <unistd.h> #include <sys/ptrace.h> @@ -207,3 +208,31 @@ void dump_memory(log_t* log, Backtrace* backtrace, uintptr_t addr, const char* f _LOG(log, logtype::MEMORY, "%s %s\n", logline.c_str(), ascii.c_str()); } } + +bool pid_contains_tid(pid_t pid, pid_t tid) { + char task_path[PATH_MAX]; + if (snprintf(task_path, PATH_MAX, "/proc/%d/task/%d", pid, tid) >= PATH_MAX) { + ALOGE("debuggerd: task path overflow (pid = %d, tid = %d)\n", pid, tid); + exit(1); + } + + return access(task_path, F_OK) == 0; +} + +// Attach to a thread, and verify that it's still a member of the given process +bool ptrace_attach_thread(pid_t pid, pid_t tid) { + if (ptrace(PTRACE_ATTACH, tid, 0, 0) != 0) { + return false; + } + + // Make sure that the task we attached to is actually part of the pid we're dumping. + if (!pid_contains_tid(pid, tid)) { + if (ptrace(PTRACE_DETACH, tid, 0, 0) != 0) { + ALOGE("debuggerd: failed to detach from thread '%d'", tid); + exit(1); + } + return false; + } + + return true; +} diff --git a/debuggerd/utility.h b/debuggerd/utility.h index 263374d66..e8ec7ef81 100644 --- a/debuggerd/utility.h +++ b/debuggerd/utility.h @@ -79,4 +79,9 @@ int wait_for_sigstop(pid_t, int*, bool*); void dump_memory(log_t* log, Backtrace* backtrace, uintptr_t addr, const char* fmt, ...); +bool pid_contains_tid(pid_t pid, pid_t tid); + +// Attach to a thread, and verify that it's still a member of the given process +bool ptrace_attach_thread(pid_t pid, pid_t tid); + #endif // _DEBUGGERD_UTILITY_H diff --git a/fastboot/fastboot.cpp b/fastboot/fastboot.cpp index 5112c1599..91152a40c 100644 --- a/fastboot/fastboot.cpp +++ b/fastboot/fastboot.cpp @@ -207,7 +207,10 @@ int match_fastboot_with_serial(usb_ifc_info *info, const char *local_serial) (info->dev_vendor != 0x0421) && // Nokia (info->dev_vendor != 0x1ebf) && // Coolpad (info->dev_vendor != 0x2b4c) && // Zuk - (info->dev_vendor != 0x2a96)) // MMX + (info->dev_vendor != 0x2a96) && // MMX + (info->dev_vendor != 0x19d2) && // ZTE + (info->dev_vendor != 0x2c3f) && // Nextbit + (info->dev_vendor != 0x1bbb)) // Alcatel return -1; if(info->ifc_class != 0xff) return -1; if(info->ifc_subclass != 0x42) return -1; diff --git a/fs_mgr/Android.mk b/fs_mgr/Android.mk index d105b0b87..43c64fb2a 100644 --- a/fs_mgr/Android.mk +++ b/fs_mgr/Android.mk @@ -23,6 +23,30 @@ endif include $(BUILD_STATIC_LIBRARY) +include $(CLEAR_VARS) + +LOCAL_SRC_FILES:= fs_mgr.c fs_mgr_verity.c fs_mgr_fstab.c +LOCAL_SRC_FILES += fs_mgr_format.c + +LOCAL_C_INCLUDES := $(LOCAL_PATH)/include \ + system/vold \ + system/extras/ext4_utils \ + external/openssl/include \ + system/core/logwrapper/include + +LOCAL_MODULE:= libfs_mgr +LOCAL_WHOLE_STATIC_LIBRARIES := liblogwrap libmincrypt libext4_utils_static libsquashfs_utils libsparse_static libext2_blkid libext2_uuid_static +LOCAL_STATIC_LIBRARIES := libcutils liblog libsparse_static libz libselinux +LOCAL_C_INCLUDES += system/extras/ext4_utils system/extras/squashfs_utils external/e2fsprogs/lib +LOCAL_EXPORT_C_INCLUDE_DIRS := $(LOCAL_PATH)/include +LOCAL_CFLAGS := -Werror + +ifneq (,$(filter userdebug,$(TARGET_BUILD_VARIANT))) +LOCAL_CFLAGS += -DALLOW_ADBD_DISABLE_VERITY=1 +endif + +include $(BUILD_SHARED_LIBRARY) + include $(CLEAR_VARS) diff --git a/fs_mgr/fs_mgr.c b/fs_mgr/fs_mgr.c index c80e53130..e78b5815f 100644 --- a/fs_mgr/fs_mgr.c +++ b/fs_mgr/fs_mgr.c @@ -161,12 +161,12 @@ static void check_fs(char *blk_device, char *fs_type, char *target) } } } else if (!strcmp(fs_type, "f2fs")) { - char *f2fs_fsck_argv[] = { - F2FS_FSCK_BIN, - "-a", - blk_device - }; - INFO("Running %s on %s\n", F2FS_FSCK_BIN, blk_device); + char *f2fs_fsck_argv[] = { + F2FS_FSCK_BIN, + "-a", + blk_device + }; + INFO("Running %s -a %s\n", F2FS_FSCK_BIN, blk_device); ret = android_fork_execvp_ext(ARRAY_SIZE(f2fs_fsck_argv), f2fs_fsck_argv, &status, true, LOG_KLOG | LOG_FILE, diff --git a/healthd/Android.mk b/healthd/Android.mk index d1e005ef6..f509aceed 100644 --- a/healthd/Android.mk +++ b/healthd/Android.mk @@ -10,7 +10,7 @@ include $(BUILD_STATIC_LIBRARY) include $(CLEAR_VARS) LOCAL_SRC_FILES := healthd_board_msm.cpp -LOCAL_MODULE := libhealthd.msm +LOCAL_MODULE := libhealthd.qcom LOCAL_CFLAGS := -Werror include $(BUILD_STATIC_LIBRARY) @@ -34,6 +34,7 @@ LOCAL_CFLAGS := -D__STDC_LIMIT_MACROS -Werror HEALTHD_CHARGER_DEFINES := RED_LED_PATH \ GREEN_LED_PATH \ BLUE_LED_PATH \ + BLINK_PATH \ BACKLIGHT_PATH \ CHARGING_ENABLED_PATH @@ -51,6 +52,10 @@ ifeq ($(strip $(BOARD_CHARGER_ENABLE_SUSPEND)),true) LOCAL_CFLAGS += -DCHARGER_ENABLE_SUSPEND endif +ifeq ($(strip $(BOARD_NO_CHARGER_LED)),true) +LOCAL_CFLAGS += -DNO_CHARGER_LED +endif + LOCAL_C_INCLUDES := bootable/recovery LOCAL_STATIC_LIBRARIES := libbatteryservice libbinder libminui libpng libz libutils libstdc++ libcutils liblog libm libc @@ -62,7 +67,7 @@ endif LOCAL_HAL_STATIC_LIBRARIES := libhealthd ifeq ($(BOARD_USES_QCOM_HARDWARE),true) -BOARD_HAL_STATIC_LIBRARIES ?= libhealthd.msm +BOARD_HAL_STATIC_LIBRARIES ?= libhealthd.qcom endif # Symlink /charger to /sbin/healthd diff --git a/healthd/BatteryMonitor.cpp b/healthd/BatteryMonitor.cpp index 67a8ad0c3..86a4fc629 100644 --- a/healthd/BatteryMonitor.cpp +++ b/healthd/BatteryMonitor.cpp @@ -140,10 +140,14 @@ BatteryMonitor::PowerSupplyType BatteryMonitor::readPowerSupplyType(const String { "USB_ACA", ANDROID_POWER_SUPPLY_TYPE_AC }, { "USB_HVDCP", ANDROID_POWER_SUPPLY_TYPE_AC }, { "USB_HVDCP_3", ANDROID_POWER_SUPPLY_TYPE_AC }, + { "USB_C", ANDROID_POWER_SUPPLY_TYPE_AC }, + { "USB_PD", ANDROID_POWER_SUPPLY_TYPE_AC }, + { "USB_PD_DRP", ANDROID_POWER_SUPPLY_TYPE_USB }, { "Wireless", ANDROID_POWER_SUPPLY_TYPE_WIRELESS }, { "Wipower", ANDROID_POWER_SUPPLY_TYPE_WIRELESS }, { "DockBattery", ANDROID_POWER_SUPPLY_TYPE_DOCK_BATTERY }, { "DockAC", ANDROID_POWER_SUPPLY_TYPE_DOCK_AC }, + { "DASH", ANDROID_POWER_SUPPLY_TYPE_AC }, { NULL, 0 }, }; @@ -832,19 +836,15 @@ void BatteryMonitor::init(struct healthd_config *hc) { closedir(dir); } - // This indicates that there is no charger driver registered. // Typically the case for devices which do not have a battery and // and are always plugged into AC mains. - if (!mChargerNames.size()) { - KLOG_ERROR(LOG_TAG, "No charger supplies found\n"); - mBatteryFixedCapacity = ALWAYS_PLUGGED_CAPACITY; - mBatteryFixedTemperature = FAKE_BATTERY_TEMPERATURE; - mAlwaysPluggedDevice = true; - } if (!mBatteryDevicePresent && !mDockBatteryDevicePresent) { KLOG_WARNING(LOG_TAG, "No battery devices found\n"); hc->periodic_chores_interval_fast = -1; hc->periodic_chores_interval_slow = -1; + mBatteryFixedCapacity = ALWAYS_PLUGGED_CAPACITY; + mBatteryFixedTemperature = FAKE_BATTERY_TEMPERATURE; + mAlwaysPluggedDevice = true; } else { if (mHealthdConfig->batteryStatusPath.isEmpty()) KLOG_WARNING(LOG_TAG, "BatteryStatusPath not found\n"); diff --git a/healthd/healthd_mode_charger.cpp b/healthd/healthd_mode_charger.cpp index eb93d6a42..6df9f125e 100644 --- a/healthd/healthd_mode_charger.cpp +++ b/healthd/healthd_mode_charger.cpp @@ -82,6 +82,10 @@ char *locale; #define BLUE_LED_PATH "/sys/class/leds/blue/brightness" #endif +#ifndef BLINK_PATH +#define BLINK_PATH "/sys/class/leds/red/device/blink" +#endif + #define LOGE(x...) do { KLOG_ERROR("charger", x); } while (0) #define LOGW(x...) do { KLOG_WARNING("charger", x); } while (0) #define LOGV(x...) do { KLOG_DEBUG("charger", x); } while (0) @@ -183,6 +187,7 @@ enum { BLUE_LED = 0x01 << 2, }; +#ifndef NO_CHARGER_LED struct led_ctl { int color; const char *path; @@ -203,6 +208,7 @@ struct soc_led_color_mapping soc_leds[3] = { {90, RED_LED | GREEN_LED}, {100, GREEN_LED}, }; +#endif static struct charger charger_state; static struct healthd_config *healthd_config; @@ -211,6 +217,27 @@ static int char_width; static int char_height; static bool minui_inited; +#ifndef NO_CHARGER_LED +static int set_blink(int val) +{ + int fd; + char buffer[10]; + + fd = open(BLINK_PATH, O_RDWR); + if (fd < 0) { + LOGE("Could not open blink file\n"); + return -1; + } + snprintf(buffer, sizeof(buffer), "%d\n", val); + if (write(fd, buffer, strlen(buffer)) < 0) { + LOGE("Could not write to blink file\n"); + close(fd); + return -1; + } + close(fd); + return 0; +} + static int set_tricolor_led(int on, int color) { int fd, i; @@ -255,8 +282,12 @@ static int set_battery_soc_leds(int soc) LOGV("soc = %d, set led color 0x%x\n", soc, soc_leds[i].color); } + /* This is required to commit the changes to hardware */ + set_blink(0); + return 0; } +#endif /* current time in milliseconds */ static int64_t curr_time_ms(void) @@ -667,14 +698,17 @@ static void handle_input_state(struct charger *charger, int64_t now) static void handle_power_supply_state(struct charger *charger, int64_t now) { +#ifndef NO_CHARGER_LED static int old_soc = 0; int soc = 0; +#endif if (!charger->have_battery_state) return; healthd_board_mode_charger_battery_update(batt_prop); +#ifndef NO_CHARGER_LED if (batt_prop && batt_prop->batteryLevel >= 0) { soc = batt_prop->batteryLevel; } @@ -683,6 +717,7 @@ static void handle_power_supply_state(struct charger *charger, int64_t now) old_soc = soc; set_battery_soc_leds(soc); } +#endif if (!charger->charger_connected) { diff --git a/include/android/log.h b/include/android/log.h index 1c171b7bf..391c826d5 100644 --- a/include/android/log.h +++ b/include/android/log.h @@ -89,6 +89,11 @@ typedef enum android_LogPriority { } android_LogPriority; /* + * Release any logger resources (a new log write will immediately re-acquire) + */ +void __android_log_close(); + +/* * Send a simple string to the log. */ int __android_log_write(int prio, const char *tag, const char *text); diff --git a/include/cutils/android_reboot.h b/include/cutils/android_reboot.h index 85e1b7e5b..a3861a02d 100644 --- a/include/cutils/android_reboot.h +++ b/include/cutils/android_reboot.h @@ -17,6 +17,8 @@ #ifndef __CUTILS_ANDROID_REBOOT_H__ #define __CUTILS_ANDROID_REBOOT_H__ +#include <mntent.h> + __BEGIN_DECLS /* Commands */ @@ -28,6 +30,9 @@ __BEGIN_DECLS #define ANDROID_RB_PROPERTY "sys.powerctl" int android_reboot(int cmd, int flags, const char *arg); +int android_reboot_with_callback( + int cmd, int flags, const char *arg, + void (*cb_on_remount)(const struct mntent*)); __END_DECLS diff --git a/include/sysutils/FrameworkListener.h b/include/sysutils/FrameworkListener.h index 18049cd41..2137069fb 100644 --- a/include/sysutils/FrameworkListener.h +++ b/include/sysutils/FrameworkListener.h @@ -32,6 +32,7 @@ private: int mCommandCount; bool mWithSeq; FrameworkCommandCollection *mCommands; + bool mSkipToNextNullByte; public: FrameworkListener(const char *socketName); diff --git a/include/utils/Unicode.h b/include/utils/Unicode.h index b76a5e268..4e17cc3d9 100644 --- a/include/utils/Unicode.h +++ b/include/utils/Unicode.h @@ -87,7 +87,7 @@ ssize_t utf32_to_utf8_length(const char32_t *src, size_t src_len); * "dst" becomes \xE3\x81\x82\xE3\x81\x84 * (note that "dst" is NOT null-terminated, like strncpy) */ -void utf32_to_utf8(const char32_t* src, size_t src_len, char* dst); +void utf32_to_utf8(const char32_t* src, size_t src_len, char* dst, size_t dst_len); /** * Returns the unicode value at "index". @@ -109,7 +109,7 @@ ssize_t utf16_to_utf8_length(const char16_t *src, size_t src_len); * enough to fit the UTF-16 as measured by utf16_to_utf8_length with an added * NULL terminator. */ -void utf16_to_utf8(const char16_t* src, size_t src_len, char* dst); +void utf16_to_utf8(const char16_t* src, size_t src_len, char* dst, size_t dst_len); /** * Returns the length of "src" when "src" is valid UTF-8 string. diff --git a/init/Android.mk b/init/Android.mk index aa322361c..85dfbfc9f 100644 --- a/init/Android.mk +++ b/init/Android.mk @@ -68,6 +68,10 @@ ifneq ($(TARGET_IGNORE_RO_BOOT_REVISION),) LOCAL_CFLAGS += -DIGNORE_RO_BOOT_REVISION endif +ifneq ($(TARGET_INIT_UMOUNT_AND_FSCK_IS_UNSAFE),) +LOCAL_CFLAGS += -DUMOUNT_AND_FSCK_IS_UNSAFE +endif + LOCAL_MODULE:= init LOCAL_C_INCLUDES += \ external/zlib \ diff --git a/init/builtins.cpp b/init/builtins.cpp index b290ce3a2..1681d1707 100644 --- a/init/builtins.cpp +++ b/init/builtins.cpp @@ -16,7 +16,9 @@ #include <errno.h> #include <fcntl.h> +#include <mntent.h> #include <net/if.h> +#include <signal.h> #include <stdio.h> #include <stdlib.h> #include <string.h> @@ -38,6 +40,7 @@ #include <base/stringprintf.h> #include <cutils/partition_utils.h> #include <cutils/android_reboot.h> +#include <logwrap/logwrap.h> #include <private/android_filesystem_config.h> #include "init.h" @@ -49,6 +52,8 @@ #include "log.h" #define chmod DO_NOT_USE_CHMOD_USE_FCHMODAT_SYMLINK_NOFOLLOW +#define UNMOUNT_CHECK_MS 5000 +#define UNMOUNT_CHECK_TIMES 10 int add_environment(const char *name, const char *value); @@ -109,6 +114,69 @@ static void service_start_if_not_disabled(struct service *svc) } } +static void unmount_and_fsck(const struct mntent *entry) +{ +#ifndef UMOUNT_AND_FSCK_IS_UNSAFE + if (strcmp(entry->mnt_type, "f2fs") && strcmp(entry->mnt_type, "ext4")) + return; + + /* First, lazily unmount the directory. This unmount request finishes when + * all processes that open a file or directory in |entry->mnt_dir| exit. + */ + TEMP_FAILURE_RETRY(umount2(entry->mnt_dir, MNT_DETACH)); + + /* Next, kill all processes except init, kthreadd, and kthreadd's + * children to finish the lazy unmount. Killing all processes here is okay + * because this callback function is only called right before reboot(). + * It might be cleaner to selectively kill processes that actually use + * |entry->mnt_dir| rather than killing all, probably by reusing a function + * like killProcessesWithOpenFiles() in vold/, but the selinux policy does + * not allow init to scan /proc/<pid> files which the utility function + * heavily relies on. The policy does not allow the process to execute + * killall/pkill binaries either. Note that some processes might + * automatically restart after kill(), but that is not really a problem + * because |entry->mnt_dir| is no longer visible to such new processes. + */ + service_for_each(service_stop); + TEMP_FAILURE_RETRY(kill(-1, SIGKILL)); + + int count = 0; + while (count++ < UNMOUNT_CHECK_TIMES) { + int fd = TEMP_FAILURE_RETRY(open(entry->mnt_fsname, O_RDONLY | O_EXCL)); + if (fd >= 0) { + /* |entry->mnt_dir| has sucessfully been unmounted. */ + close(fd); + break; + } else if (errno == EBUSY) { + /* Some processes using |entry->mnt_dir| are still alive. Wait for a + * while then retry. + */ + TEMP_FAILURE_RETRY( + usleep(UNMOUNT_CHECK_MS * 1000 / UNMOUNT_CHECK_TIMES)); + continue; + } else { + /* Cannot open the device. Give up. */ + return; + } + } + + int st; + if (!strcmp(entry->mnt_type, "f2fs")) { + const char *f2fs_argv[] = { + "/system/bin/fsck.f2fs", "-f", entry->mnt_fsname, + }; + android_fork_execvp_ext(ARRAY_SIZE(f2fs_argv), (char **)f2fs_argv, + &st, true, LOG_KLOG, true, NULL); + } else if (!strcmp(entry->mnt_type, "ext4")) { + const char *ext4_argv[] = { + "/system/bin/e2fsck", "-f", "-y", entry->mnt_fsname, + }; + android_fork_execvp_ext(ARRAY_SIZE(ext4_argv), (char **)ext4_argv, + &st, true, LOG_KLOG, true, NULL); + } +#endif +} + int do_class_start(int nargs, char **args) { char prop[PROP_NAME_MAX]; @@ -577,6 +645,7 @@ int do_powerctl(int nargs, char **args) int len = 0; int cmd = 0; const char *reboot_target; + void (*callback_on_ro_remount)(const struct mntent*) = NULL; res = expand_props(command, args[1], sizeof(command)); if (res) { @@ -590,6 +659,7 @@ int do_powerctl(int nargs, char **args) } cmd = ANDROID_RB_POWEROFF; len = 8; + callback_on_ro_remount = unmount_and_fsck; } else if (strncmp(command, "reboot", 6) == 0) { cmd = ANDROID_RB_RESTART2; len = 6; @@ -614,7 +684,8 @@ int do_powerctl(int nargs, char **args) return -EINVAL; } - return android_reboot(cmd, 0, reboot_target); + return android_reboot_with_callback(cmd, 0, reboot_target, + callback_on_ro_remount); } int do_trigger(int nargs, char **args) diff --git a/init/init.cpp b/init/init.cpp index 402331bdf..8ea42ca74 100644 --- a/init/init.cpp +++ b/init/init.cpp @@ -642,7 +642,7 @@ static int wait_for_coldboot_done_action(int nargs, char **args) { // Any longer than 1s is an unreasonable length of time to delay booting. // If you're hitting this timeout, check that you didn't make your // sepolicy regular expressions too expensive (http://b/19899875). - if (wait_for_file(COLDBOOT_DONE, 1)) { + if (wait_for_file(COLDBOOT_DONE, 5)) { ERROR("Timed out waiting for %s\n", COLDBOOT_DONE); } @@ -1012,8 +1012,10 @@ static int charging_mode_booting(void) { if (f < 0) return 0; - if (1 != read(f, (void *)&cmb,1)) + if (1 != read(f, (void *)&cmb,1)) { + close(f); return 0; + } close(f); return ('1' == cmb); diff --git a/libbacktrace/Backtrace.cpp b/libbacktrace/Backtrace.cpp index 97f0ef445..42769ed90 100644 --- a/libbacktrace/Backtrace.cpp +++ b/libbacktrace/Backtrace.cpp @@ -54,24 +54,8 @@ Backtrace::~Backtrace() { } } -extern "C" char* __cxa_demangle(const char* mangled, char* buf, size_t* len, - int* status); - std::string Backtrace::GetFunctionName(uintptr_t pc, uintptr_t* offset) { std::string func_name = GetFunctionNameRaw(pc, offset); - if (!func_name.empty()) { -#if defined(__APPLE__) - // Mac OS' __cxa_demangle demangles "f" as "float"; last tested on 10.7. - if (func_name[0] != '_') { - return func_name; - } -#endif - char* name = __cxa_demangle(func_name.c_str(), 0, 0, 0); - if (name) { - func_name = name; - free(name); - } - } return func_name; } diff --git a/libcutils/android_reboot.c b/libcutils/android_reboot.c index 6ae23c1f0..af7e1892e 100644 --- a/libcutils/android_reboot.c +++ b/libcutils/android_reboot.c @@ -14,43 +14,108 @@ * limitations under the License. */ -#include <unistd.h> -#include <sys/reboot.h> -#include <sys/syscall.h> -#include <sys/types.h> -#include <sys/stat.h> +#include <errno.h> #include <fcntl.h> #include <mntent.h> +#include <stdbool.h> #include <stdio.h> +#include <stdlib.h> #include <string.h> +#include <sys/cdefs.h> +#include <sys/mount.h> +#include <sys/reboot.h> +#include <sys/stat.h> +#include <sys/syscall.h> +#include <sys/types.h> +#include <unistd.h> #include <cutils/android_reboot.h> +#include <cutils/klog.h> +#include <cutils/list.h> -#define UNUSED __attribute__((unused)) +#define TAG "android_reboot" +#define READONLY_CHECK_MS 5000 +#define READONLY_CHECK_TIMES 50 -/* Check to see if /proc/mounts contains any writeable filesystems - * backed by a block device. - * Return true if none found, else return false. +typedef struct { + struct listnode list; + struct mntent entry; +} mntent_list; + +static bool has_mount_option(const char* opts, const char* opt_to_find) +{ + bool ret = false; + char* copy = NULL; + char* opt; + char* rem; + + while ((opt = strtok_r(copy ? NULL : (copy = strdup(opts)), ",", &rem))) { + if (!strcmp(opt, opt_to_find)) { + ret = true; + break; + } + } + + free(copy); + return ret; +} + +static bool is_block_device(const char* fsname) +{ + return !strncmp(fsname, "/dev/block", 10); +} + +/* Find all read+write block devices in /proc/mounts and add them to + * |rw_entries|. */ -static int remount_ro_done(void) +static void find_rw(struct listnode* rw_entries) { FILE* fp; struct mntent* mentry; - int found_rw_fs = 0; if ((fp = setmntent("/proc/mounts", "r")) == NULL) { - /* If we can't read /proc/mounts, just give up. */ - return 1; + KLOG_WARNING(TAG, "Failed to open /proc/mounts.\n"); + return; } while ((mentry = getmntent(fp)) != NULL) { - if (!strncmp(mentry->mnt_fsname, "/dev/block", 10) && strstr(mentry->mnt_opts, "rw,")) { - found_rw_fs = 1; - break; + if (is_block_device(mentry->mnt_fsname) && + has_mount_option(mentry->mnt_opts, "rw")) { + mntent_list* item = (mntent_list*)calloc(1, sizeof(mntent_list)); + item->entry = *mentry; + item->entry.mnt_fsname = strdup(mentry->mnt_fsname); + item->entry.mnt_dir = strdup(mentry->mnt_dir); + item->entry.mnt_type = strdup(mentry->mnt_type); + item->entry.mnt_opts = strdup(mentry->mnt_opts); + list_add_tail(rw_entries, &item->list); } } endmntent(fp); +} + +static void free_entries(struct listnode* entries) +{ + struct listnode* node; + struct listnode* n; + list_for_each_safe(node, n, entries) { + mntent_list* item = node_to_item(node, mntent_list, list); + free(item->entry.mnt_fsname); + free(item->entry.mnt_dir); + free(item->entry.mnt_type); + free(item->entry.mnt_opts); + free(item); + } +} - return !found_rw_fs; +static mntent_list* find_item(struct listnode* rw_entries, const char* fsname_to_find) +{ + struct listnode* node; + list_for_each(node, rw_entries) { + mntent_list* item = node_to_item(node, mntent_list, list); + if (!strcmp(item->entry.mnt_fsname, fsname_to_find)) { + return item; + } + } + return NULL; } /* Remounting filesystems read-only is difficult when there are files @@ -64,38 +129,92 @@ static int remount_ro_done(void) * repeatedly until there are no more writable filesystems mounted on * block devices. */ -static void remount_ro(void) +static void remount_ro(void (*cb_on_remount)(const struct mntent*)) { - int fd, cnt = 0; + int fd, cnt; + FILE* fp; + struct mntent* mentry; + struct listnode* node; + + list_declare(rw_entries); + list_declare(ro_entries); + + sync(); + find_rw(&rw_entries); /* Trigger the remount of the filesystems as read-only, * which also marks them clean. */ - fd = open("/proc/sysrq-trigger", O_WRONLY); + fd = TEMP_FAILURE_RETRY(open("/proc/sysrq-trigger", O_WRONLY)); if (fd < 0) { - return; + KLOG_WARNING(TAG, "Failed to open sysrq-trigger.\n"); + /* TODO: Try to remount each rw parition manually in readonly mode. + * This may succeed if no process is using the partition. + */ + goto out; + } + if (TEMP_FAILURE_RETRY(write(fd, "u", 1)) != 1) { + close(fd); + KLOG_WARNING(TAG, "Failed to write to sysrq-trigger.\n"); + /* TODO: The same. Manually remount the paritions. */ + goto out; } - write(fd, "u", 1); close(fd); - /* Now poll /proc/mounts till it's done */ - while (!remount_ro_done() && (cnt < 50)) { - usleep(100000); + cnt = 0; + while (cnt < READONLY_CHECK_TIMES) { + if ((fp = setmntent("/proc/mounts", "r")) == NULL) { + /* If we can't read /proc/mounts, just give up. */ + KLOG_WARNING(TAG, "Failed to open /proc/mounts.\n"); + goto out; + } + while ((mentry = getmntent(fp)) != NULL) { + if (!is_block_device(mentry->mnt_fsname) || + !has_mount_option(mentry->mnt_opts, "ro")) { + continue; + } + mntent_list* item = find_item(&rw_entries, mentry->mnt_fsname); + if (item) { + /* |item| has now been ro remounted. */ + list_remove(&item->list); + list_add_tail(&ro_entries, &item->list); + } + } + endmntent(fp); + if (list_empty(&rw_entries)) { + /* All rw block devices are now readonly. */ + break; + } + TEMP_FAILURE_RETRY( + usleep(READONLY_CHECK_MS * 1000 / READONLY_CHECK_TIMES)); cnt++; } - return; -} + list_for_each(node, &rw_entries) { + mntent_list* item = node_to_item(node, mntent_list, list); + KLOG_WARNING(TAG, "Failed to remount %s in readonly mode.\n", + item->entry.mnt_fsname); + } + + if (cb_on_remount) { + list_for_each(node, &ro_entries) { + mntent_list* item = node_to_item(node, mntent_list, list); + cb_on_remount(&item->entry); + } + } +out: + free_entries(&rw_entries); + free_entries(&ro_entries); +} -int android_reboot(int cmd, int flags UNUSED, const char *arg) +int android_reboot_with_callback( + int cmd, int flags __unused, const char *arg, + void (*cb_on_remount)(const struct mntent*)) { int ret; - - sync(); - remount_ro(); - + remount_ro(cb_on_remount); switch (cmd) { case ANDROID_RB_RESTART: ret = reboot(RB_AUTOBOOT); @@ -117,3 +236,7 @@ int android_reboot(int cmd, int flags UNUSED, const char *arg) return ret; } +int android_reboot(int cmd, int flags, const char *arg) +{ + return android_reboot_with_callback(cmd, flags, arg, NULL); +} diff --git a/libcutils/ashmem-dev.c b/libcutils/ashmem-dev.c index 3089a942d..4a07d66bb 100644 --- a/libcutils/ashmem-dev.c +++ b/libcutils/ashmem-dev.c @@ -19,18 +19,119 @@ * ashmem-enabled kernel. See ashmem-sim.c for the "fake" tmp-based version, * used by the simulator. */ +#define LOG_TAG "ashmem" -#include <unistd.h> +#include <errno.h> +#include <fcntl.h> +#include <pthread.h> #include <string.h> -#include <sys/types.h> -#include <sys/stat.h> #include <sys/ioctl.h> -#include <fcntl.h> +#include <sys/stat.h> +#include <sys/types.h> +#include <unistd.h> #include <linux/ashmem.h> + #include <cutils/ashmem.h> +#include <log/log.h> + +#define ASHMEM_DEVICE "/dev/ashmem" + +/* ashmem identity */ +static dev_t __ashmem_rdev; +/* + * If we trigger a signal handler in the middle of locked activity and the + * signal handler calls ashmem, we could get into a deadlock state. + */ +static pthread_mutex_t __ashmem_lock = PTHREAD_MUTEX_INITIALIZER; + +/* logistics of getting file descriptor for ashmem */ +static int __ashmem_open_locked() +{ + int ret; + struct stat st; + + int fd = TEMP_FAILURE_RETRY(open(ASHMEM_DEVICE, O_RDWR)); + if (fd < 0) { + return fd; + } + + ret = TEMP_FAILURE_RETRY(fstat(fd, &st)); + if (ret < 0) { + int save_errno = errno; + close(fd); + errno = save_errno; + return ret; + } + if (!S_ISCHR(st.st_mode) || !st.st_rdev) { + close(fd); + errno = ENOTTY; + return -1; + } + + __ashmem_rdev = st.st_rdev; + return fd; +} -#define ASHMEM_DEVICE "/dev/ashmem" +static int __ashmem_open() +{ + int fd; + + pthread_mutex_lock(&__ashmem_lock); + fd = __ashmem_open_locked(); + pthread_mutex_unlock(&__ashmem_lock); + + return fd; +} + +/* Make sure file descriptor references ashmem, negative number means false */ +static int __ashmem_is_ashmem(int fd) +{ + dev_t rdev; + struct stat st; + + if (TEMP_FAILURE_RETRY(fstat(fd, &st)) < 0) { + return -1; + } + + rdev = 0; /* Too much complexity to sniff __ashmem_rdev */ + if (S_ISCHR(st.st_mode) && st.st_rdev) { + pthread_mutex_lock(&__ashmem_lock); + rdev = __ashmem_rdev; + if (rdev) { + pthread_mutex_unlock(&__ashmem_lock); + } else { + int fd = __ashmem_open_locked(); + if (fd < 0) { + pthread_mutex_unlock(&__ashmem_lock); + return -1; + } + rdev = __ashmem_rdev; + pthread_mutex_unlock(&__ashmem_lock); + + close(fd); + } + + if (st.st_rdev == rdev) { + return 0; + } + } + + if (rdev) { + LOG_ALWAYS_FATAL("illegal fd=%d mode=0%o rdev=%d:%d expected 0%o %d:%d", + fd, st.st_mode, major(st.st_rdev), minor(st.st_rdev), + S_IFCHR | S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IRGRP, + major(rdev), minor(rdev)); + } else { + LOG_ALWAYS_FATAL("illegal fd=%d mode=0%o rdev=%d:%d expected 0%o", + fd, st.st_mode, major(st.st_rdev), minor(st.st_rdev), + S_IFCHR | S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IRGRP); + } + /* NOTREACHED */ + + errno = ENOTTY; + return -1; +} /* * ashmem_create_region - creates a new ashmem region and returns the file @@ -41,50 +142,77 @@ */ int ashmem_create_region(const char *name, size_t size) { - int fd, ret; + int ret, save_errno; - fd = open(ASHMEM_DEVICE, O_RDWR); - if (fd < 0) - return fd; + int fd = __ashmem_open(); + if (fd < 0) { + return fd; + } - if (name) { - char buf[ASHMEM_NAME_LEN] = {0}; + if (name) { + char buf[ASHMEM_NAME_LEN] = {0}; - strlcpy(buf, name, sizeof(buf)); - ret = ioctl(fd, ASHMEM_SET_NAME, buf); - if (ret < 0) - goto error; - } + strlcpy(buf, name, sizeof(buf)); + ret = TEMP_FAILURE_RETRY(ioctl(fd, ASHMEM_SET_NAME, buf)); + if (ret < 0) { + goto error; + } + } - ret = ioctl(fd, ASHMEM_SET_SIZE, size); - if (ret < 0) - goto error; + ret = TEMP_FAILURE_RETRY(ioctl(fd, ASHMEM_SET_SIZE, size)); + if (ret < 0) { + goto error; + } - return fd; + return fd; error: - close(fd); - return ret; + save_errno = errno; + close(fd); + errno = save_errno; + return ret; } int ashmem_set_prot_region(int fd, int prot) { - return ioctl(fd, ASHMEM_SET_PROT_MASK, prot); + int ret = __ashmem_is_ashmem(fd); + if (ret < 0) { + return ret; + } + + return TEMP_FAILURE_RETRY(ioctl(fd, ASHMEM_SET_PROT_MASK, prot)); } int ashmem_pin_region(int fd, size_t offset, size_t len) { - struct ashmem_pin pin = { offset, len }; - return ioctl(fd, ASHMEM_PIN, &pin); + struct ashmem_pin pin = { offset, len }; + + int ret = __ashmem_is_ashmem(fd); + if (ret < 0) { + return ret; + } + + return TEMP_FAILURE_RETRY(ioctl(fd, ASHMEM_PIN, &pin)); } int ashmem_unpin_region(int fd, size_t offset, size_t len) { - struct ashmem_pin pin = { offset, len }; - return ioctl(fd, ASHMEM_UNPIN, &pin); + struct ashmem_pin pin = { offset, len }; + + int ret = __ashmem_is_ashmem(fd); + if (ret < 0) { + return ret; + } + + return TEMP_FAILURE_RETRY(ioctl(fd, ASHMEM_UNPIN, &pin)); } int ashmem_get_size_region(int fd) { - return ioctl(fd, ASHMEM_GET_SIZE, NULL); + int ret = __ashmem_is_ashmem(fd); + if (ret < 0) { + return ret; + } + + return TEMP_FAILURE_RETRY(ioctl(fd, ASHMEM_GET_SIZE, NULL)); } diff --git a/libcutils/ashmem-host.c b/libcutils/ashmem-host.c index abc4f9474..99a2759c0 100644 --- a/libcutils/ashmem-host.c +++ b/libcutils/ashmem-host.c @@ -73,8 +73,11 @@ int ashmem_get_size_region(int fd) return -1; } - // Check if this is an "ashmem" region. - // TODO: This is very hacky, and can easily break. We need some reliable indicator. + /* + * Check if this is an "ashmem" region. + * TODO: This is very hacky, and can easily break. + * We need some reliable indicator. + */ if (!(buf.st_nlink == 0 && S_ISREG(buf.st_mode))) { errno = ENOTTY; return -1; diff --git a/libcutils/sched_policy.c b/libcutils/sched_policy.c index 70dc8c434..b302beff1 100644 --- a/libcutils/sched_policy.c +++ b/libcutils/sched_policy.c @@ -53,8 +53,12 @@ static inline SchedPolicy _policy(SchedPolicy p) #define TIMER_SLACK_FG 50000 static pthread_once_t the_once = PTHREAD_ONCE_INIT; +static pthread_once_t sched_once = PTHREAD_ONCE_INIT; +static pthread_once_t cpuset_once = PTHREAD_ONCE_INIT; static int __sys_supports_schedgroups = -1; +static int __sys_supports_cpusets = -1; +static char proc_name[32] = {0}; // File descriptors open to /dev/cpuctl/../tasks, setup by initialize, or -1 on error. static int bg_cgroup_fd = -1; @@ -65,15 +69,8 @@ static int system_bg_cpuset_fd = -1; static int bg_cpuset_fd = -1; static int fg_cpuset_fd = -1; -/* Add tid to the scheduling group defined by the policy */ -static int add_tid_to_cgroup(int tid, int fd) +static int write_tid_to_fd(int tid, int fd) { - if (fd < 0) { - SLOGE("add_tid_to_cgroup failed; fd=%d\n", fd); - errno = EINVAL; - return -1; - } - // specialized itoa -- works for tid > 0 char text[22]; char *end = text + sizeof(text) - 1; @@ -91,8 +88,42 @@ static int add_tid_to_cgroup(int tid, int fd) */ if (errno == ESRCH) return 0; - SLOGW("add_tid_to_cgroup failed to write '%s' (%s); fd=%d\n", - ptr, strerror(errno), fd); + return -1; + } + + return 0; +} + +/* Add tid to the scheduling group defined by the policy */ +static int add_tid_to_cgroup(int tid, int fd) +{ + if (fd < 0) { + SLOGE("%s add_tid_to_cgroup failed; fd=%d\n", proc_name, fd); + errno = EINVAL; + return -1; + } + + if (write_tid_to_fd(tid, fd) != 0) { + SLOGW("%s add_tid_to_cgroup failed to write '%d' (%s); fd=%d\n", + proc_name, tid, strerror(errno), fd); + errno = EINVAL; + return -1; + } + + return 0; +} + +static int add_tid_to_cpuset(int tid, int fd) +{ + if (fd < 0) { + SLOGE("%s add_tid_to_cpuset failed; fd=%d\n", proc_name, fd); + errno = EINVAL; + return -1; + } + + if (write_tid_to_fd(tid, fd) != 0) { + SLOGW("%s add_tid_to_cpuset failed to write '%d' (%s); fd=%d\n", + proc_name, tid, strerror(errno), fd); errno = EINVAL; return -1; } @@ -101,34 +132,95 @@ static int add_tid_to_cgroup(int tid, int fd) } static void __initialize(void) { + int pfd; + int ptid = gettid(); + + sprintf(proc_name, "/proc/%d/cmdline", ptid); + + pfd = open(proc_name, O_RDONLY); + memset(proc_name, 0, sizeof(proc_name)); + if (pfd > 0) { + read(pfd, proc_name, sizeof(proc_name) - 1); + close(pfd); + } +} + +static void __init_sched(void) { char* filename; + + pthread_once(&the_once, __initialize); + if (!access("/dev/cpuctl/tasks", F_OK)) { __sys_supports_schedgroups = 1; filename = "/dev/cpuctl/tasks"; fg_cgroup_fd = open(filename, O_WRONLY | O_CLOEXEC); if (fg_cgroup_fd < 0) { - SLOGE("open of %s failed: %s\n", filename, strerror(errno)); + SLOGE("%s open of %s failed: %s\n", proc_name, filename, strerror(errno)); + __sys_supports_schedgroups = 0; } filename = "/dev/cpuctl/bg_non_interactive/tasks"; bg_cgroup_fd = open(filename, O_WRONLY | O_CLOEXEC); if (bg_cgroup_fd < 0) { - SLOGE("open of %s failed: %s\n", filename, strerror(errno)); + SLOGE("%s open of %s failed: %s\n", proc_name, filename, strerror(errno)); + __sys_supports_schedgroups = 0; + } + + if (!__sys_supports_schedgroups) { + close(bg_cgroup_fd); + bg_cgroup_fd = -1; + + close(fg_cgroup_fd); + fg_cgroup_fd = -1; } } else { __sys_supports_schedgroups = 0; } +} + +static void __init_cpuset(void) { + char *filename; + + pthread_once(&the_once, __initialize); #ifdef USE_CPUSETS if (!access("/dev/cpuset/tasks", F_OK)) { + __sys_supports_cpusets = 1; filename = "/dev/cpuset/foreground/tasks"; fg_cpuset_fd = open(filename, O_WRONLY | O_CLOEXEC); + if (fg_cpuset_fd < 0) { + SLOGE("%s open of %s failed %s\n", proc_name, filename, strerror(errno)); + __sys_supports_cpusets = 0; + } + filename = "/dev/cpuset/background/tasks"; bg_cpuset_fd = open(filename, O_WRONLY | O_CLOEXEC); + if (bg_cpuset_fd < 0) { + SLOGE("%s open of %s failed %s\n", proc_name, filename, strerror(errno)); + __sys_supports_cpusets = 0; + } + filename = "/dev/cpuset/system-background/tasks"; system_bg_cpuset_fd = open(filename, O_WRONLY | O_CLOEXEC); + if (system_bg_cpuset_fd < 0) { + SLOGE("%s open of %s failed %s\n", proc_name, filename, strerror(errno)); + __sys_supports_cpusets = 0; + } + + if (!__sys_supports_cpusets) { + close(fg_cpuset_fd); + fg_cpuset_fd = -1; + + close(bg_cpuset_fd); + bg_cpuset_fd = -1; + + close(system_bg_cpuset_fd); + system_bg_cpuset_fd = -1; + } + } else { + __sys_supports_cpusets = 0; } #endif @@ -193,11 +285,11 @@ static int getSchedulerGroup(int tid, char* buf, size_t bufLen) return 0; } - SLOGE("Failed to find cpu subsys"); + SLOGE("%s Failed to find cpu subsys", proc_name); fclose(fp); return -1; out_bad_data: - SLOGE("Bad cgroup data {%s}", lineBuf); + SLOGE("%s Bad cgroup data {%s}", proc_name, lineBuf); fclose(fp); return -1; #else @@ -211,7 +303,8 @@ int get_sched_policy(int tid, SchedPolicy *policy) if (tid == 0) { tid = gettid(); } - pthread_once(&the_once, __initialize); + + pthread_once(&sched_once, __init_sched); if (__sys_supports_schedgroups) { char grpBuf[32]; @@ -250,8 +343,13 @@ int set_cpuset_policy(int tid, SchedPolicy policy) if (tid == 0) { tid = gettid(); } + + pthread_once(&cpuset_once, __init_cpuset); + + if (!__sys_supports_cpusets) + return set_sched_policy(tid, policy); + policy = _policy(policy); - pthread_once(&the_once, __initialize); int fd; switch (policy) { @@ -271,7 +369,7 @@ int set_cpuset_policy(int tid, SchedPolicy policy) break; } - if (add_tid_to_cgroup(tid, fd) != 0) { + if (add_tid_to_cpuset(tid, fd) != 0) { if (errno != ESRCH && errno != ENOENT) return -errno; } @@ -286,7 +384,8 @@ int set_sched_policy(int tid, SchedPolicy policy) tid = gettid(); } policy = _policy(policy); - pthread_once(&the_once, __initialize); + + pthread_once(&sched_once, __init_sched); #if POLICY_DEBUG char statfile[64]; diff --git a/liblog/logd_write.c b/liblog/logd_write.c index bdee28f50..9c4e4817b 100644 --- a/liblog/logd_write.c +++ b/liblog/logd_write.c @@ -323,6 +323,48 @@ const char *android_log_id_to_name(log_id_t log_id) } #endif +/* + * Release any logger resources. A new log write will immediately re-acquire. + */ +void __android_log_close() +{ +#if FAKE_LOG_DEVICE + int i; +#endif + +#ifdef HAVE_PTHREADS + pthread_mutex_lock(&log_init_lock); +#endif + + write_to_log = __write_to_log_init; + + /* + * Threads that are actively writing at this point are not held back + * by a lock and are at risk of dropping the messages with a return code + * -EBADF. Prefer to return error code than add the overhead of a lock to + * each log writing call to guarantee delivery. In addition, anyone + * calling this is doing so to release the logging resources and shut down, + * for them to do so with outstanding log requests in other threads is a + * disengenuous use of this function. + */ +#if FAKE_LOG_DEVICE + for (i = 0; i < LOG_ID_MAX; i++) { + fakeLogClose(log_fds[i]); + log_fds[i] = -1; + } +#else + close(logd_fd); + logd_fd = -1; + + close(pstore_fd); + pstore_fd = -1; +#endif + +#ifdef HAVE_PTHREADS + pthread_mutex_unlock(&log_init_lock); +#endif +} + static int __write_to_log_init(log_id_t log_id, struct iovec *vec, size_t nr) { #if !defined(_WIN32) @@ -513,3 +555,42 @@ int __android_log_bswrite(int32_t tag, const char *payload) return write_to_log(LOG_ID_EVENTS, vec, 4); } + +#ifdef MTK_HARDWARE +struct xlog_record { + const char *tag_str; + const char *fmt_str; + int prio; +}; + +void __attribute__((weak)) __xlog_buf_printf(__unused int bufid, const struct xlog_record *xlog_record, ...) { + va_list args; + va_start(args, xlog_record); +#if HAVE_LIBC_SYSTEM_PROPERTIES + int len = 0; + int do_xlog = 0; + char results[PROP_VALUE_MAX]; + + + // MobileLog + len = __system_property_get ("debug.MB.running", results); + if (len && atoi(results)) + do_xlog = 1; + + // ModemLog + len = __system_property_get ("debug.mdlogger.Running", results); + if (len && atoi(results)) + do_xlog = 1; + + // Manual + len = __system_property_get ("persist.debug.xlog.enable", results); + if (len && atoi(results)) + do_xlog = 1; + + if (do_xlog > 0) +#endif + __android_log_vprint(xlog_record->prio, xlog_record->tag_str, xlog_record->fmt_str, args); + + return; +} +#endif diff --git a/liblog/logd_write_kern.c b/liblog/logd_write_kern.c index bd4323840..f0c6cb258 100644 --- a/liblog/logd_write_kern.c +++ b/liblog/logd_write_kern.c @@ -106,6 +106,41 @@ static int __write_to_log_kernel(log_id_t log_id, struct iovec *vec, size_t nr) return ret; } +/* + * Release any logger resources. A new log write will immediately re-acquire. + */ +void __android_log_close() +{ +#ifdef HAVE_PTHREADS + pthread_mutex_lock(&log_init_lock); +#endif + + write_to_log = __write_to_log_init; + + /* + * Threads that are actively writing at this point are not held back + * by a lock and are at risk of dropping the messages with a return code + * -EBADF. Prefer to return error code than add the overhead of a lock to + * each log writing call to guarantee delivery. In addition, anyone + * calling this is doing so to release the logging resources and shut down, + * for them to do so with outstanding log requests in other threads is a + * disengenuous use of this function. + */ + + log_close(log_fds[LOG_ID_MAIN]); + log_fds[LOG_ID_MAIN] = -1; + log_close(log_fds[LOG_ID_RADIO]); + log_fds[LOG_ID_RADIO] = -1; + log_close(log_fds[LOG_ID_EVENTS]); + log_fds[LOG_ID_EVENTS] = -1; + log_close(log_fds[LOG_ID_SYSTEM]); + log_fds[LOG_ID_SYSTEM] = -1; + +#ifdef HAVE_PTHREADS + pthread_mutex_unlock(&log_init_lock); +#endif +} + static int __write_to_log_init(log_id_t log_id, struct iovec *vec, size_t nr) { pthread_mutex_lock(&log_init_lock); diff --git a/liblog/tests/liblog_test.cpp b/liblog/tests/liblog_test.cpp index c98704139..0e7fec483 100644 --- a/liblog/tests/liblog_test.cpp +++ b/liblog/tests/liblog_test.cpp @@ -127,12 +127,17 @@ TEST(liblog, __android_log_btwrite__android_logger_list_read) { ASSERT_TRUE(NULL != (logger_list = android_logger_list_open( LOG_ID_EVENTS, ANDROID_LOG_RDONLY | ANDROID_LOG_NONBLOCK, 1000, pid))); + // Check that we can close and reopen the logger log_time ts(CLOCK_MONOTONIC); - ASSERT_LT(0, __android_log_btwrite(0, EVENT_TYPE_LONG, &ts, sizeof(ts))); + __android_log_close(); + + log_time ts1(CLOCK_MONOTONIC); + ASSERT_LT(0, __android_log_btwrite(0, EVENT_TYPE_LONG, &ts1, sizeof(ts1))); usleep(1000000); int count = 0; + int second_count = 0; for (;;) { log_msg log_msg; @@ -156,10 +161,13 @@ TEST(liblog, __android_log_btwrite__android_logger_list_read) { log_time tx(eventData + 4 + 1); if (ts == tx) { ++count; + } else if (ts1 == tx) { + ++second_count; } } EXPECT_EQ(1, count); + EXPECT_EQ(1, second_count); android_logger_list_close(logger_list); } diff --git a/libnetutils/ifc_utils.c b/libnetutils/ifc_utils.c index 3bd59c789..0bd76286b 100644 --- a/libnetutils/ifc_utils.c +++ b/libnetutils/ifc_utils.c @@ -597,23 +597,26 @@ int ifc_disable(const char *ifname) int ifc_reset_connections(const char *ifname, const int reset_mask) { #ifdef HAVE_ANDROID_OS - int result, success; + int result = 0, success; in_addr_t myaddr = 0; struct ifreq ifr; struct in6_ifreq ifr6; + int ctl_sock = -1; if (reset_mask & RESET_IPV4_ADDRESSES) { /* IPv4. Clear connections on the IP address. */ - ifc_init(); - if (!(reset_mask & RESET_IGNORE_INTERFACE_ADDRESS)) { - ifc_get_info(ifname, &myaddr, NULL, NULL); + ctl_sock = socket(AF_INET, SOCK_DGRAM, 0); + if (ctl_sock >= 0) { + if (!(reset_mask & RESET_IGNORE_INTERFACE_ADDRESS)) { + ifc_get_info(ifname, &myaddr, NULL, NULL); + } + ifc_init_ifr(ifname, &ifr); + init_sockaddr_in(&ifr.ifr_addr, myaddr); + result = ioctl(ctl_sock, SIOCKILLADDR, &ifr); + close(ctl_sock); + } else { + result = -1; } - ifc_init_ifr(ifname, &ifr); - init_sockaddr_in(&ifr.ifr_addr, myaddr); - result = ioctl(ifc_ctl_sock, SIOCKILLADDR, &ifr); - ifc_close(); - } else { - result = 0; } if (reset_mask & RESET_IPV6_ADDRESSES) { @@ -623,14 +626,18 @@ int ifc_reset_connections(const char *ifname, const int reset_mask) * So we clear all unused IPv6 connections on the device by specifying an * empty IPv6 address. */ - ifc_init6(); + ctl_sock = socket(AF_INET6, SOCK_DGRAM, 0); // This implicitly specifies an address of ::, i.e., kill all IPv6 sockets. memset(&ifr6, 0, sizeof(ifr6)); - success = ioctl(ifc_ctl_sock6, SIOCKILLADDR, &ifr6); - if (result == 0) { - result = success; + if (ctl_sock >= 0) { + success = ioctl(ctl_sock, SIOCKILLADDR, &ifr6); + if (result == 0) { + result = success; + } + close(ctl_sock); + } else { + result = -1; } - ifc_close6(); } return result; diff --git a/libsysutils/src/FrameworkListener.cpp b/libsysutils/src/FrameworkListener.cpp index e7b3dd69a..579ead991 100644 --- a/libsysutils/src/FrameworkListener.cpp +++ b/libsysutils/src/FrameworkListener.cpp @@ -49,6 +49,7 @@ void FrameworkListener::init(const char *socketName UNUSED, bool withSeq) { errorRate = 0; mCommandCount = 0; mWithSeq = withSeq; + mSkipToNextNullByte = false; } bool FrameworkListener::onDataAvailable(SocketClient *c) { @@ -59,10 +60,15 @@ bool FrameworkListener::onDataAvailable(SocketClient *c) { if (len < 0) { SLOGE("read() failed (%s)", strerror(errno)); return false; - } else if (!len) + } else if (!len) { return false; - if(buffer[len-1] != '\0') + } else if (buffer[len-1] != '\0') { SLOGW("String is not zero-terminated"); + android_errorWriteLog(0x534e4554, "29831647"); + c->sendMsg(500, "Command too large for buffer", false); + mSkipToNextNullByte = true; + return false; + } int offset = 0; int i; @@ -70,11 +76,16 @@ bool FrameworkListener::onDataAvailable(SocketClient *c) { for (i = 0; i < len; i++) { if (buffer[i] == '\0') { /* IMPORTANT: dispatchCommand() expects a zero-terminated string */ - dispatchCommand(c, buffer + offset); + if (mSkipToNextNullByte) { + mSkipToNextNullByte = false; + } else { + dispatchCommand(c, buffer + offset); + } offset = i + 1; } } + mSkipToNextNullByte = false; return true; } diff --git a/libutils/String8.cpp b/libutils/String8.cpp index ad65fdb88..75dfa2994 100644 --- a/libutils/String8.cpp +++ b/libutils/String8.cpp @@ -102,20 +102,21 @@ static char* allocFromUTF16(const char16_t* in, size_t len) { if (len == 0) return getEmptyString(); - const ssize_t bytes = utf16_to_utf8_length(in, len); - if (bytes < 0) { + // Allow for closing '\0' + const ssize_t resultStrLen = utf16_to_utf8_length(in, len) + 1; + if (resultStrLen < 1) { return getEmptyString(); } - SharedBuffer* buf = SharedBuffer::alloc(bytes+1); + SharedBuffer* buf = SharedBuffer::alloc(resultStrLen); ALOG_ASSERT(buf, "Unable to allocate shared buffer"); if (!buf) { return getEmptyString(); } - char* str = (char*)buf->data(); - utf16_to_utf8(in, len, str); - return str; + char* resultStr = (char*)buf->data(); + utf16_to_utf8(in, len, resultStr, resultStrLen); + return resultStr; } static char* allocFromUTF32(const char32_t* in, size_t len) @@ -124,21 +125,21 @@ static char* allocFromUTF32(const char32_t* in, size_t len) return getEmptyString(); } - const ssize_t bytes = utf32_to_utf8_length(in, len); - if (bytes < 0) { + const ssize_t resultStrLen = utf32_to_utf8_length(in, len) + 1; + if (resultStrLen < 1) { return getEmptyString(); } - SharedBuffer* buf = SharedBuffer::alloc(bytes+1); + SharedBuffer* buf = SharedBuffer::alloc(resultStrLen); ALOG_ASSERT(buf, "Unable to allocate shared buffer"); if (!buf) { return getEmptyString(); } - char* str = (char*) buf->data(); - utf32_to_utf8(in, len, str); + char* resultStr = (char*) buf->data(); + utf32_to_utf8(in, len, resultStr, resultStrLen); - return str; + return resultStr; } // --------------------------------------------------------------------------- diff --git a/libutils/SystemClock.cpp b/libutils/SystemClock.cpp index c3b5d7402..28ea8176e 100644 --- a/libutils/SystemClock.cpp +++ b/libutils/SystemClock.cpp @@ -121,9 +121,11 @@ int64_t elapsedRealtimeNano() #endif static int s_fd = -1; + bool need_unlock = false; if (clock_method < 0) { pthread_mutex_lock(&clock_lock); + need_unlock = true; } if (clock_method < 0 || clock_method == METHOD_IOCTL) { @@ -143,6 +145,8 @@ int64_t elapsedRealtimeNano() checkTimeStamps(timestamp, &prevTimestamp, &prevMethod, METHOD_IOCTL); if (clock_method < 0) { clock_method = METHOD_IOCTL; + } + if (need_unlock) { pthread_mutex_unlock(&clock_lock); } return timestamp; @@ -159,6 +163,8 @@ int64_t elapsedRealtimeNano() METHOD_CLOCK_GETTIME); if (clock_method < 0) { clock_method = METHOD_CLOCK_GETTIME; + } + if (need_unlock) { pthread_mutex_unlock(&clock_lock); } return timestamp; @@ -173,6 +179,8 @@ int64_t elapsedRealtimeNano() METHOD_SYSTEMTIME); if (clock_method < 0) { clock_method = METHOD_SYSTEMTIME; + } + if (need_unlock) { pthread_mutex_unlock(&clock_lock); } return timestamp; diff --git a/libutils/Unicode.cpp b/libutils/Unicode.cpp index fb876c91f..2b5293e74 100644 --- a/libutils/Unicode.cpp +++ b/libutils/Unicode.cpp @@ -14,6 +14,7 @@ * limitations under the License. */ +#include <log/log.h> #include <utils/Unicode.h> #include <stddef.h> @@ -182,7 +183,7 @@ ssize_t utf32_to_utf8_length(const char32_t *src, size_t src_len) return ret; } -void utf32_to_utf8(const char32_t* src, size_t src_len, char* dst) +void utf32_to_utf8(const char32_t* src, size_t src_len, char* dst, size_t dst_len) { if (src == NULL || src_len == 0 || dst == NULL) { return; @@ -193,9 +194,12 @@ void utf32_to_utf8(const char32_t* src, size_t src_len, char* dst) char *cur = dst; while (cur_utf32 < end_utf32) { size_t len = utf32_codepoint_utf8_length(*cur_utf32); + LOG_ALWAYS_FATAL_IF(dst_len < len, "%zu < %zu", dst_len, len); utf32_codepoint_to_utf8((uint8_t *)cur, *cur_utf32++, len); cur += len; + dst_len -= len; } + LOG_ALWAYS_FATAL_IF(dst_len < 1, "dst_len < 1: %zu < 1", dst_len); *cur = '\0'; } @@ -324,7 +328,7 @@ int strzcmp16_h_n(const char16_t *s1H, size_t n1, const char16_t *s2N, size_t n2 : 0); } -void utf16_to_utf8(const char16_t* src, size_t src_len, char* dst) +void utf16_to_utf8(const char16_t* src, size_t src_len, char* dst, size_t dst_len) { if (src == NULL || src_len == 0 || dst == NULL) { return; @@ -345,9 +349,12 @@ void utf16_to_utf8(const char16_t* src, size_t src_len, char* dst) utf32 = (char32_t) *cur_utf16++; } const size_t len = utf32_codepoint_utf8_length(utf32); + LOG_ALWAYS_FATAL_IF(dst_len < len, "%zu < %zu", dst_len, len); utf32_codepoint_to_utf8((uint8_t*)cur, utf32, len); cur += len; + dst_len -= len; } + LOG_ALWAYS_FATAL_IF(dst_len < 1, "%zu < 1", dst_len); *cur = '\0'; } @@ -408,10 +415,10 @@ ssize_t utf16_to_utf8_length(const char16_t *src, size_t src_len) const char16_t* const end = src + src_len; while (src < end) { if ((*src & 0xFC00) == 0xD800 && (src + 1) < end - && (*++src & 0xFC00) == 0xDC00) { + && (*(src + 1) & 0xFC00) == 0xDC00) { // surrogate pairs are always 4 bytes. ret += 4; - src++; + src += 2; } else { ret += utf32_codepoint_utf8_length((char32_t) *src++); } diff --git a/libutils/tests/String8_test.cpp b/libutils/tests/String8_test.cpp index c42c68dce..7cd67d314 100644 --- a/libutils/tests/String8_test.cpp +++ b/libutils/tests/String8_test.cpp @@ -17,6 +17,7 @@ #define LOG_TAG "String8_test" #include <utils/Log.h> #include <utils/String8.h> +#include <utils/String16.h> #include <gtest/gtest.h> @@ -72,4 +73,22 @@ TEST_F(String8Test, OperatorPlusEquals) { EXPECT_STREQ(src3, " Verify me."); } +// http://b/29250543 +TEST_F(String8Test, CorrectInvalidSurrogate) { + // d841d8 is an invalid start for a surrogate pair. Make sure this is handled by ignoring the + // first character in the pair and handling the rest correctly. + String16 string16(u"\xd841\xd841\xdc41\x0000"); + String8 string8(string16); + + EXPECT_EQ(4U, string8.length()); +} + +TEST_F(String8Test, CheckUtf32Conversion) { + // Since bound checks were added, check the conversion can be done without fatal errors. + // The utf8 lengths of these are chars are 1 + 2 + 3 + 4 = 10. + const char32_t string32[] = U"\x0000007f\x000007ff\x0000911\x0010fffe"; + String8 string8(string32); + EXPECT_EQ(10U, string8.length()); +} + } diff --git a/logwrapper/logwrap.c b/logwrapper/logwrap.c index 83576fb8f..44455d157 100644 --- a/logwrapper/logwrap.c +++ b/logwrapper/logwrap.c @@ -355,7 +355,8 @@ static int parent(const char *tag, int parent_read, pid_t pid, } if (poll_fds[0].revents & POLLIN) { - sz = read(parent_read, &buffer[b], sizeof(buffer) - 1 - b); + sz = TEMP_FAILURE_RETRY( + read(parent_read, &buffer[b], sizeof(buffer) - 1 - b)); sz += b; // Log one line at a time @@ -490,7 +491,7 @@ int android_fork_execvp_ext(int argc, char* argv[], int *status, bool ignore_int } /* Use ptty instead of socketpair so that STDOUT is not buffered */ - parent_ptty = open("/dev/ptmx", O_RDWR); + parent_ptty = TEMP_FAILURE_RETRY(open("/dev/ptmx", O_RDWR)); if (parent_ptty < 0) { ERROR("Cannot create parent ptty\n"); rc = -1; @@ -505,7 +506,7 @@ int android_fork_execvp_ext(int argc, char* argv[], int *status, bool ignore_int goto err_ptty; } - child_ptty = open(child_devname, O_RDWR); + child_ptty = TEMP_FAILURE_RETRY(open(child_devname, O_RDWR)); if (child_ptty < 0) { ERROR("Cannot open child_ptty\n"); rc = -1; diff --git a/rootdir/init.rc b/rootdir/init.rc index 78adacc9d..1c6fca642 100644 --- a/rootdir/init.rc +++ b/rootdir/init.rc @@ -559,6 +559,11 @@ on property:sys.sysctl.extra_free_kbytes=* on property:sys.sysctl.tcp_def_init_rwnd=* write /proc/sys/net/ipv4/tcp_default_init_rwnd ${sys.sysctl.tcp_def_init_rwnd} +on property:security.perf_harden=0 + write /proc/sys/kernel/perf_event_paranoid 1 + +on property:security.perf_harden=1 + write /proc/sys/kernel/perf_event_paranoid 3 ## Daemon processes to be run by init. ## @@ -693,6 +698,7 @@ service bootanim /system/bin/bootanimation group graphics audio disabled oneshot + writepid /dev/cpuset/system-background/tasks service gatekeeperd /system/bin/gatekeeperd /data/misc/gatekeeper class late_start diff --git a/rootdir/ueventd.rc b/rootdir/ueventd.rc index f82d8994d..67eaabc8f 100644 --- a/rootdir/ueventd.rc +++ b/rootdir/ueventd.rc @@ -99,42 +99,3 @@ subsystem adf # DVB API device nodes /dev/dvb* 0660 root system -# Governor permissions -/sys/devices/system/cpu/cpu* cpufreq/scaling_governor 0664 system system - -/sys/devices/system/cpu/cpufreq ondemand/boostfreq 0664 system system -/sys/devices/system/cpu/cpufreq ondemand/boostpulse 0664 system system -/sys/devices/system/cpu/cpufreq ondemand/boosttime 0664 system system -/sys/devices/system/cpu/cpufreq ondemand/down_differential 0664 system system -/sys/devices/system/cpu/cpufreq ondemand/down_differential_multi_core 0664 system system -/sys/devices/system/cpu/cpufreq ondemand/ignore_nice_load 0664 system system -/sys/devices/system/cpu/cpufreq ondemand/input_boost 0664 system system -/sys/devices/system/cpu/cpufreq ondemand/io_is_busy 0664 system system -/sys/devices/system/cpu/cpufreq ondemand/optimal_freq 0664 system system -/sys/devices/system/cpu/cpufreq ondemand/powersave_bias 0664 system system -/sys/devices/system/cpu/cpufreq ondemand/sampling_down_factor 0664 system system -/sys/devices/system/cpu/cpufreq ondemand/sampling_rate 0664 system system -/sys/devices/system/cpu/cpufreq ondemand/sampling_rate_min 0664 system system -/sys/devices/system/cpu/cpufreq ondemand/sync_freq 0664 system system -/sys/devices/system/cpu/cpufreq ondemand/up_threshold 0664 system system -/sys/devices/system/cpu/cpufreq ondemand/up_threshold_any_cpu_load 0664 system system -/sys/devices/system/cpu/cpufreq ondemand/up_threshold_multi_core 0664 system system - -/sys/devices/system/cpu/cpufreq interactive/above_hispeed_delay 0664 system system -/sys/devices/system/cpu/cpufreq interactive/align_windows 0664 system system -/sys/devices/system/cpu/cpufreq interactive/boost 0664 system system -/sys/devices/system/cpu/cpufreq interactive/boostpulse 0664 system system -/sys/devices/system/cpu/cpufreq interactive/boostpulse_duration 0664 system system -/sys/devices/system/cpu/cpufreq interactive/go_hispeed_load 0664 system system -/sys/devices/system/cpu/cpufreq interactive/hispeed_freq 0664 system system -/sys/devices/system/cpu/cpufreq interactive/io_is_busy 0664 system system -/sys/devices/system/cpu/cpufreq interactive/max_freq_hysteresis 0664 system system -/sys/devices/system/cpu/cpufreq interactive/min_sample_rate 0664 system system -/sys/devices/system/cpu/cpufreq interactive/min_sample_time 0664 system system -/sys/devices/system/cpu/cpufreq interactive/sampling_down_factor 0664 system system -/sys/devices/system/cpu/cpufreq interactive/sync_freq 0664 system system -/sys/devices/system/cpu/cpufreq interactive/target_loads 0664 system system -/sys/devices/system/cpu/cpufreq interactive/timer_rate 0664 system system -/sys/devices/system/cpu/cpufreq interactive/timer_slack 0664 system system -/sys/devices/system/cpu/cpufreq interactive/up_threshold_any_cpu_freq 0664 system system -/sys/devices/system/cpu/cpufreq interactive/up_threshold_any_cpu_load 0664 system system diff --git a/sdcard/sdcard.c b/sdcard/sdcard.c index 33b150914..227982c05 100644 --- a/sdcard/sdcard.c +++ b/sdcard/sdcard.c @@ -41,6 +41,7 @@ #include <cutils/hashmap.h> #include <cutils/log.h> #include <cutils/multiuser.h> +#include <cutils/properties.h> #include <private/android_filesystem_config.h> @@ -337,7 +338,7 @@ static ssize_t get_node_path_locked(struct node* node, char* buf, size_t bufsize ssize_t pathlen = 0; if (node->parent && node->graft_path == NULL) { - pathlen = get_node_path_locked(node->parent, buf, bufsize - namelen - 2); + pathlen = get_node_path_locked(node->parent, buf, bufsize - namelen - 1); if (pathlen < 0) { return -1; } @@ -1776,24 +1777,39 @@ static int usage() { return 1; } -static int fuse_setup(struct fuse* fuse, gid_t gid, mode_t mask) { +static int fuse_setup(struct fuse* fuse, gid_t gid, mode_t mask, bool use_sdcardfs) { char opts[256]; - fuse->fd = open("/dev/fuse", O_RDWR); - if (fuse->fd == -1) { - ERROR("failed to open fuse device: %s\n", strerror(errno)); - return -1; + if (!use_sdcardfs) { + fuse->fd = open("/dev/fuse", O_RDWR); + if (fuse->fd == -1) { + ERROR("failed to open fuse device: %s\n", strerror(errno)); + return -1; + } } umount2(fuse->dest_path, MNT_DETACH); - snprintf(opts, sizeof(opts), - "fd=%i,rootmode=40000,default_permissions,allow_other,user_id=%d,group_id=%d", - fuse->fd, fuse->global->uid, fuse->global->gid); - if (mount("/dev/fuse", fuse->dest_path, "fuse", MS_NOSUID | MS_NODEV | MS_NOEXEC | - MS_NOATIME, opts) != 0) { - ERROR("failed to mount fuse filesystem: %s\n", strerror(errno)); - return -1; + if (use_sdcardfs) { + snprintf(opts, sizeof(opts), + "%sfsuid=%u,fsgid=%u,userid=%d,gid=%u,mask=%u,reserved_mb=20", + (fuse->global->multi_user ? "multiuser," : ""), + fuse->global->uid, fuse->global->gid, + fuse->global->root.userid, gid, mask); + if (mount(fuse->global->source_path, fuse->dest_path, "sdcardfs", + MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_NOATIME, opts) != 0) { + ERROR("failed to mount sdcardfs filesystem: %s\n", strerror(errno)); + return -1; + } + } else { + snprintf(opts, sizeof(opts), + "fd=%i,rootmode=40000,default_permissions,allow_other,user_id=%d,group_id=%d", + fuse->fd, fuse->global->uid, fuse->global->gid); + if (mount("/dev/fuse", fuse->dest_path, "fuse", MS_NOSUID | MS_NODEV | MS_NOEXEC | + MS_NOATIME, opts) != 0) { + ERROR("failed to mount fuse filesystem: %s\n", strerror(errno)); + return -1; + } } fuse->gid = gid; @@ -1803,7 +1819,7 @@ static int fuse_setup(struct fuse* fuse, gid_t gid, mode_t mask) { } static void run(const char* source_path, const char* label, uid_t uid, - gid_t gid, userid_t userid, bool multi_user, bool full_write) { + gid_t gid, userid_t userid, bool multi_user, bool full_write, bool use_sdcardfs) { struct fuse_global global; struct fuse fuse_default; struct fuse fuse_read; @@ -1875,9 +1891,9 @@ static void run(const char* source_path, const char* label, uid_t uid, if (multi_user) { /* Multi-user storage is fully isolated per user, so "other" * permissions are completely masked off. */ - if (fuse_setup(&fuse_default, AID_SDCARD_RW, 0006) - || fuse_setup(&fuse_read, AID_EVERYBODY, 0027) - || fuse_setup(&fuse_write, AID_EVERYBODY, full_write ? 0007 : 0027)) { + if (fuse_setup(&fuse_default, AID_SDCARD_RW, 0006, use_sdcardfs) + || fuse_setup(&fuse_read, AID_EVERYBODY, 0027, use_sdcardfs) + || fuse_setup(&fuse_write, AID_EVERYBODY, full_write ? 0007 : 0027, use_sdcardfs)) { ERROR("failed to fuse_setup\n"); exit(1); } @@ -1885,9 +1901,9 @@ static void run(const char* source_path, const char* label, uid_t uid, /* Physical storage is readable by all users on device, but * the Android directories are masked off to a single user * deep inside attr_from_stat(). */ - if (fuse_setup(&fuse_default, AID_SDCARD_RW, 0006) - || fuse_setup(&fuse_read, AID_EVERYBODY, full_write ? 0027 : 0022) - || fuse_setup(&fuse_write, AID_EVERYBODY, full_write ? 0007 : 0022)) { + if (fuse_setup(&fuse_default, AID_SDCARD_RW, 0006, use_sdcardfs) + || fuse_setup(&fuse_read, AID_EVERYBODY, full_write ? 0027 : 0022, use_sdcardfs) + || fuse_setup(&fuse_write, AID_EVERYBODY, full_write ? 0007 : 0022, use_sdcardfs)) { ERROR("failed to fuse_setup\n"); exit(1); } @@ -1911,6 +1927,11 @@ static void run(const char* source_path, const char* label, uid_t uid, fs_prepare_dir(global.obb_path, 0775, uid, gid); } + // Nothing else for us to do if sdcardfs is in use! + if (use_sdcardfs) { + exit(0); + } + if (pthread_create(&thread_default, NULL, start_handler, &handler_default) || pthread_create(&thread_read, NULL, start_handler, &handler_read) || pthread_create(&thread_write, NULL, start_handler, &handler_write)) { @@ -1995,6 +2016,8 @@ int sdcard_main(int argc, char **argv) { sleep(1); } - run(source_path, label, uid, gid, userid, multi_user, full_write); + bool use_sdcardfs = property_get_bool("ro.sdcardfs.enable", false); + + run(source_path, label, uid, gid, userid, multi_user, full_write, use_sdcardfs); return 1; } |