Merge "Add arch member into Unwinder object."
diff --git a/adb/Android.bp b/adb/Android.bp
index df2c0f9..5c1e1fe 100644
--- a/adb/Android.bp
+++ b/adb/Android.bp
@@ -25,6 +25,7 @@
"-Wextra",
"-Werror",
"-Wexit-time-destructors",
+ "-Wno-non-virtual-dtor",
"-Wno-unused-parameter",
"-Wno-missing-field-initializers",
"-Wthread-safety",
diff --git a/cli-test/cli-test.cpp b/cli-test/cli-test.cpp
index d6e27ee..d1ef1b4 100644
--- a/cli-test/cli-test.cpp
+++ b/cli-test/cli-test.cpp
@@ -146,6 +146,13 @@
test->befores.push_back(line);
} else if (Match(&line, "after:")) {
test->afters.push_back(line);
+ } else if (Match(&line, "expected-exit-status:")) {
+ char* end_p;
+ errno = 0;
+ test->exit_status = strtol(line.c_str(), &end_p, 10);
+ if (errno != 0 || *end_p != '\0') {
+ Die(0, "%s:%zu: bad exit status: \"%s\"", g_file, g_line, line.c_str());
+ }
} else if (Match(&line, "expected-stdout:")) {
// Collect tab-indented lines.
std::string text;
@@ -231,15 +238,15 @@
V("running command \"%s\"", test.command.c_str());
CapturedStdout test_stdout;
CapturedStderr test_stderr;
- int exit_status = system(test.command.c_str());
+ int status = system(test.command.c_str());
test_stdout.Stop();
test_stderr.Stop();
- V("exit status %d", exit_status);
- if (exit_status != test.exit_status) {
+ V("system() returned status %d", status);
+ if (WEXITSTATUS(status) != test.exit_status) {
failed = true;
fprintf(stderr, "Incorrect exit status: expected %d but %s\n", test.exit_status,
- ExitStatusToString(exit_status).c_str());
+ ExitStatusToString(status).c_str());
}
if (!CheckOutput("stdout", test_stdout.str(), test.expected_stdout, FILES)) failed = true;
diff --git a/gatekeeperd/binder/android/service/gatekeeper/IGateKeeperService.aidl b/gatekeeperd/binder/android/service/gatekeeper/IGateKeeperService.aidl
index 57adaba..4646efc 100644
--- a/gatekeeperd/binder/android/service/gatekeeper/IGateKeeperService.aidl
+++ b/gatekeeperd/binder/android/service/gatekeeper/IGateKeeperService.aidl
@@ -30,7 +30,7 @@
interface IGateKeeperService {
/**
* Enrolls a password, returning the handle to the enrollment to be stored locally.
- * @param uid The Android user ID associated to this enrollment
+ * @param userId The Android user ID associated to this enrollment
* @param currentPasswordHandle The previously enrolled handle, or null if none
* @param currentPassword The previously enrolled plaintext password, or null if none.
* If provided, must verify against the currentPasswordHandle.
@@ -38,22 +38,22 @@
* upon success.
* @return an EnrollResponse or null on failure
*/
- GateKeeperResponse enroll(int uid, in @nullable byte[] currentPasswordHandle,
+ GateKeeperResponse enroll(int userId, in @nullable byte[] currentPasswordHandle,
in @nullable byte[] currentPassword, in byte[] desiredPassword);
/**
* Verifies an enrolled handle against a provided, plaintext blob.
- * @param uid The Android user ID associated to this enrollment
+ * @param userId The Android user ID associated to this enrollment
* @param enrolledPasswordHandle The handle against which the provided password will be
* verified.
* @param The plaintext blob to verify against enrolledPassword.
* @return a VerifyResponse, or null on failure.
*/
- GateKeeperResponse verify(int uid, in byte[] enrolledPasswordHandle, in byte[] providedPassword);
+ GateKeeperResponse verify(int userId, in byte[] enrolledPasswordHandle, in byte[] providedPassword);
/**
* Verifies an enrolled handle against a provided, plaintext blob.
- * @param uid The Android user ID associated to this enrollment
+ * @param userId The Android user ID associated to this enrollment
* @param challenge a challenge to authenticate agaisnt the device credential. If successful
* authentication occurs, this value will be written to the returned
* authentication attestation.
@@ -62,22 +62,22 @@
* @param The plaintext blob to verify against enrolledPassword.
* @return a VerifyResponse with an attestation, or null on failure.
*/
- GateKeeperResponse verifyChallenge(int uid, long challenge, in byte[] enrolledPasswordHandle,
+ GateKeeperResponse verifyChallenge(int userId, long challenge, in byte[] enrolledPasswordHandle,
in byte[] providedPassword);
/**
* Retrieves the secure identifier for the user with the provided Android ID,
* or 0 if none is found.
- * @param uid the Android user id
+ * @param userId the Android user id
*/
- long getSecureUserId(int uid);
+ long getSecureUserId(int userId);
/**
* Clears secure user id associated with the provided Android ID.
* Must be called when password is set to NONE.
- * @param uid the Android user id.
+ * @param userId the Android user id.
*/
- void clearSecureUserId(int uid);
+ void clearSecureUserId(int userId);
/**
* Notifies gatekeeper that device setup has been completed and any potentially still existing
diff --git a/gatekeeperd/gatekeeperd.cpp b/gatekeeperd/gatekeeperd.cpp
index c81a80e..b982dbc 100644
--- a/gatekeeperd/gatekeeperd.cpp
+++ b/gatekeeperd/gatekeeperd.cpp
@@ -76,9 +76,9 @@
virtual ~GateKeeperProxy() {
}
- void store_sid(uint32_t uid, uint64_t sid) {
+ void store_sid(uint32_t userId, uint64_t sid) {
char filename[21];
- snprintf(filename, sizeof(filename), "%u", uid);
+ snprintf(filename, sizeof(filename), "%u", userId);
int fd = open(filename, O_WRONLY | O_TRUNC | O_CREAT, S_IRUSR | S_IWUSR);
if (fd < 0) {
ALOGE("could not open file: %s: %s", filename, strerror(errno));
@@ -117,18 +117,18 @@
return false;
}
- void maybe_store_sid(uint32_t uid, uint64_t sid) {
+ void maybe_store_sid(uint32_t userId, uint64_t sid) {
char filename[21];
- snprintf(filename, sizeof(filename), "%u", uid);
+ snprintf(filename, sizeof(filename), "%u", userId);
if (access(filename, F_OK) == -1) {
- store_sid(uid, sid);
+ store_sid(userId, sid);
}
}
- uint64_t read_sid(uint32_t uid) {
+ uint64_t read_sid(uint32_t userId) {
char filename[21];
uint64_t sid;
- snprintf(filename, sizeof(filename), "%u", uid);
+ snprintf(filename, sizeof(filename), "%u", userId);
int fd = open(filename, O_RDONLY);
if (fd < 0) return 0;
read(fd, &sid, sizeof(sid));
@@ -136,30 +136,30 @@
return sid;
}
- void clear_sid(uint32_t uid) {
+ void clear_sid(uint32_t userId) {
char filename[21];
- snprintf(filename, sizeof(filename), "%u", uid);
+ snprintf(filename, sizeof(filename), "%u", userId);
if (remove(filename) < 0) {
ALOGE("%s: could not remove file [%s], attempting 0 write", __func__, strerror(errno));
- store_sid(uid, 0);
+ store_sid(userId, 0);
}
}
- // This should only be called on uids being passed to the GateKeeper HAL. It ensures that
+ // This should only be called on userIds being passed to the GateKeeper HAL. It ensures that
// secure storage shared across a GSI image and a host image will not overlap.
- uint32_t adjust_uid(uint32_t uid) {
+ uint32_t adjust_userId(uint32_t userId) {
static constexpr uint32_t kGsiOffset = 1000000;
- CHECK(uid < kGsiOffset);
+ CHECK(userId < kGsiOffset);
CHECK(hw_device != nullptr);
if (is_running_gsi) {
- return uid + kGsiOffset;
+ return userId + kGsiOffset;
}
- return uid;
+ return userId;
}
#define GK_ERROR *gkResponse = GKResponse::error(), Status::ok()
- Status enroll(int32_t uid, const std::optional<std::vector<uint8_t>>& currentPasswordHandle,
+ Status enroll(int32_t userId, const std::optional<std::vector<uint8_t>>& currentPasswordHandle,
const std::optional<std::vector<uint8_t>>& currentPassword,
const std::vector<uint8_t>& desiredPassword, GKResponse* gkResponse) override {
IPCThreadState* ipc = IPCThreadState::self();
@@ -198,9 +198,10 @@
android::hardware::hidl_vec<uint8_t> newPwd;
newPwd.setToExternal(const_cast<uint8_t*>(desiredPassword.data()), desiredPassword.size());
- uint32_t hw_uid = adjust_uid(uid);
+ uint32_t hw_userId = adjust_userId(userId);
Return<void> hwRes = hw_device->enroll(
- hw_uid, curPwdHandle, curPwd, newPwd, [&gkResponse](const GatekeeperResponse& rsp) {
+ hw_userId, curPwdHandle, curPwd, newPwd,
+ [&gkResponse](const GatekeeperResponse& rsp) {
if (rsp.code >= GatekeeperStatusCode::STATUS_OK) {
*gkResponse = GKResponse::ok({rsp.data.begin(), rsp.data.end()});
} else if (rsp.code == GatekeeperStatusCode::ERROR_RETRY_TIMEOUT &&
@@ -225,12 +226,12 @@
const gatekeeper::password_handle_t* handle =
reinterpret_cast<const gatekeeper::password_handle_t*>(
gkResponse->payload().data());
- store_sid(uid, handle->user_id);
+ store_sid(userId, handle->user_id);
GKResponse verifyResponse;
// immediately verify this password so we don't ask the user to enter it again
// if they just created it.
- auto status = verify(uid, gkResponse->payload(), desiredPassword, &verifyResponse);
+ auto status = verify(userId, gkResponse->payload(), desiredPassword, &verifyResponse);
if (!status.isOk() || verifyResponse.response_code() != GKResponseCode::OK) {
LOG(ERROR) << "Failed to verify password after enrolling";
}
@@ -239,13 +240,13 @@
return Status::ok();
}
- Status verify(int32_t uid, const ::std::vector<uint8_t>& enrolledPasswordHandle,
+ Status verify(int32_t userId, const ::std::vector<uint8_t>& enrolledPasswordHandle,
const ::std::vector<uint8_t>& providedPassword, GKResponse* gkResponse) override {
- return verifyChallenge(uid, 0 /* challenge */, enrolledPasswordHandle, providedPassword,
+ return verifyChallenge(userId, 0 /* challenge */, enrolledPasswordHandle, providedPassword,
gkResponse);
}
- Status verifyChallenge(int32_t uid, int64_t challenge,
+ Status verifyChallenge(int32_t userId, int64_t challenge,
const std::vector<uint8_t>& enrolledPasswordHandle,
const std::vector<uint8_t>& providedPassword,
GKResponse* gkResponse) override {
@@ -269,7 +270,7 @@
reinterpret_cast<const gatekeeper::password_handle_t*>(
enrolledPasswordHandle.data());
- uint32_t hw_uid = adjust_uid(uid);
+ uint32_t hw_userId = adjust_userId(userId);
android::hardware::hidl_vec<uint8_t> curPwdHandle;
curPwdHandle.setToExternal(const_cast<uint8_t*>(enrolledPasswordHandle.data()),
enrolledPasswordHandle.size());
@@ -278,7 +279,7 @@
providedPassword.size());
Return<void> hwRes = hw_device->verify(
- hw_uid, challenge, curPwdHandle, enteredPwd,
+ hw_userId, challenge, curPwdHandle, enteredPwd,
[&gkResponse](const GatekeeperResponse& rsp) {
if (rsp.code >= GatekeeperStatusCode::STATUS_OK) {
*gkResponse = GKResponse::ok(
@@ -315,18 +316,18 @@
}
}
- maybe_store_sid(uid, handle->user_id);
+ maybe_store_sid(userId, handle->user_id);
}
return Status::ok();
}
- Status getSecureUserId(int32_t uid, int64_t* sid) override {
- *sid = read_sid(uid);
+ Status getSecureUserId(int32_t userId, int64_t* sid) override {
+ *sid = read_sid(userId);
return Status::ok();
}
- Status clearSecureUserId(int32_t uid) override {
+ Status clearSecureUserId(int32_t userId) override {
IPCThreadState* ipc = IPCThreadState::self();
const int calling_pid = ipc->getCallingPid();
const int calling_uid = ipc->getCallingUid();
@@ -334,11 +335,11 @@
ALOGE("%s: permission denied for [%d:%d]", __func__, calling_pid, calling_uid);
return Status::ok();
}
- clear_sid(uid);
+ clear_sid(userId);
if (hw_device) {
- uint32_t hw_uid = adjust_uid(uid);
- hw_device->deleteUser(hw_uid, [] (const GatekeeperResponse &){});
+ uint32_t hw_userId = adjust_userId(userId);
+ hw_device->deleteUser(hw_userId, [](const GatekeeperResponse&) {});
}
return Status::ok();
}
diff --git a/libutils/Threads.cpp b/libutils/Threads.cpp
index 55eadb0..540dcf4 100644
--- a/libutils/Threads.cpp
+++ b/libutils/Threads.cpp
@@ -302,8 +302,8 @@
}
#if defined(__ANDROID__)
-namespace {
-int androidSetThreadPriorityInternal(pid_t tid, int pri, bool change_policy) {
+int androidSetThreadPriority(pid_t tid, int pri)
+{
int rc = 0;
int lasterr = 0;
int curr_pri = getpriority(PRIO_PROCESS, tid);
@@ -312,19 +312,17 @@
return rc;
}
- if (change_policy) {
- if (pri >= ANDROID_PRIORITY_BACKGROUND) {
- rc = SetTaskProfiles(tid, {"SCHED_SP_BACKGROUND"}, true) ? 0 : -1;
- } else if (curr_pri >= ANDROID_PRIORITY_BACKGROUND) {
- SchedPolicy policy = SP_FOREGROUND;
- // Change to the sched policy group of the process.
- get_sched_policy(getpid(), &policy);
- rc = SetTaskProfiles(tid, {get_sched_policy_profile_name(policy)}, true) ? 0 : -1;
- }
+ if (pri >= ANDROID_PRIORITY_BACKGROUND) {
+ rc = SetTaskProfiles(tid, {"SCHED_SP_BACKGROUND"}, true) ? 0 : -1;
+ } else if (curr_pri >= ANDROID_PRIORITY_BACKGROUND) {
+ SchedPolicy policy = SP_FOREGROUND;
+ // Change to the sched policy group of the process.
+ get_sched_policy(getpid(), &policy);
+ rc = SetTaskProfiles(tid, {get_sched_policy_profile_name(policy)}, true) ? 0 : -1;
+ }
- if (rc) {
- lasterr = errno;
- }
+ if (rc) {
+ lasterr = errno;
}
if (setpriority(PRIO_PROCESS, tid, pri) < 0) {
@@ -335,15 +333,6 @@
return rc;
}
-} // namespace
-
-int androidSetThreadPriority(pid_t tid, int pri) {
- return androidSetThreadPriorityInternal(tid, pri, true);
-}
-
-int androidSetThreadPriorityAndPolicy(pid_t tid, int pri, bool change_policy) {
- return androidSetThreadPriorityInternal(tid, pri, change_policy);
-}
int androidGetThreadPriority(pid_t tid) {
return getpriority(PRIO_PROCESS, tid);
diff --git a/libutils/include/utils/AndroidThreads.h b/libutils/include/utils/AndroidThreads.h
index cdb5442..a8d7851 100644
--- a/libutils/include/utils/AndroidThreads.h
+++ b/libutils/include/utils/AndroidThreads.h
@@ -78,13 +78,8 @@
// should be one of the ANDROID_PRIORITY constants. Returns INVALID_OPERATION
// if the priority set failed, else another value if just the group set failed;
// in either case errno is set. Thread ID zero means current thread.
-// This is equivalent to androidSetThreadPriorityAndPolicy(tid, prio, true);
extern int androidSetThreadPriority(pid_t tid, int prio);
-// Parameter "change_policy" indicates if sched policy should be changed. It needs
-// not be checked again if the change is done elsewhere like activity manager.
-extern int androidSetThreadPriorityAndPolicy(pid_t tid, int prio, bool change_policy);
-
// Get the current priority of a particular thread. Returns one of the
// ANDROID_PRIORITY constants or a negative result in case of error.
extern int androidGetThreadPriority(pid_t tid);