Merge "Harden CrasherTest::Trap under sanitizers."
diff --git a/code_coverage/Android.bp b/code_coverage/Android.bp
index f2c5341..d18e7a8 100644
--- a/code_coverage/Android.bp
+++ b/code_coverage/Android.bp
@@ -76,12 +76,8 @@
},
},
riscv64: {
- src: "empty_policy/code_coverage.riscv64.policy",
- product_variables: {
- native_coverage: {
- src: "seccomp_policy/code_coverage.riscv64.policy",
- },
- },
+ // riscv64 doesn't have a secondary architecture.
+ enabled: false,
},
x86: {
src: "empty_policy/code_coverage.x86_64.policy",
diff --git a/debuggerd/Android.bp b/debuggerd/Android.bp
index 1c89472..1e9fd7b 100644
--- a/debuggerd/Android.bp
+++ b/debuggerd/Android.bp
@@ -461,6 +461,9 @@
arm64: {
src: "seccomp_policy/crash_dump.arm64.policy",
},
+ riscv64: {
+ src: "seccomp_policy/crash_dump.riscv64.policy",
+ },
x86: {
src: "seccomp_policy/crash_dump.x86.policy",
},
@@ -487,6 +490,9 @@
arm64: {
src: "seccomp_policy/crash_dump.arm.policy",
},
+ riscv64: {
+ src: "seccomp_policy/crash_dump.riscv64.policy",
+ },
x86: {
src: "seccomp_policy/crash_dump.x86_64.policy",
},
diff --git a/debuggerd/libdebuggerd/tombstone_proto.cpp b/debuggerd/libdebuggerd/tombstone_proto.cpp
index 159ebc8..9a565de 100644
--- a/debuggerd/libdebuggerd/tombstone_proto.cpp
+++ b/debuggerd/libdebuggerd/tombstone_proto.cpp
@@ -82,6 +82,8 @@
return Architecture::X86;
#elif defined(__x86_64__)
return Architecture::X86_64;
+#elif defined(__riscv) && (__riscv_xlen == 64)
+ return Architecture::RISCV64;
#else
#error Unknown architecture!
#endif
diff --git a/debuggerd/libdebuggerd/tombstone_proto_to_text.cpp b/debuggerd/libdebuggerd/tombstone_proto_to_text.cpp
index 0265641..28154a7 100644
--- a/debuggerd/libdebuggerd/tombstone_proto_to_text.cpp
+++ b/debuggerd/libdebuggerd/tombstone_proto_to_text.cpp
@@ -47,6 +47,8 @@
return "arm";
case Architecture::ARM64:
return "arm64";
+ case Architecture::RISCV64:
+ return "riscv64";
case Architecture::X86:
return "x86";
case Architecture::X86_64:
@@ -62,6 +64,8 @@
return 4;
case Architecture::ARM64:
return 8;
+ case Architecture::RISCV64:
+ return 8;
case Architecture::X86:
return 4;
case Architecture::X86_64:
@@ -119,6 +123,10 @@
special_registers = {"ip", "lr", "sp", "pc", "pst"};
break;
+ case Architecture::RISCV64:
+ special_registers = {"ra", "sp", "pc"};
+ break;
+
case Architecture::X86:
special_registers = {"ebp", "esp", "eip"};
break;
diff --git a/debuggerd/proto/tombstone.proto b/debuggerd/proto/tombstone.proto
index f0d3d3f..49865a2 100644
--- a/debuggerd/proto/tombstone.proto
+++ b/debuggerd/proto/tombstone.proto
@@ -48,8 +48,9 @@
ARM64 = 1;
X86 = 2;
X86_64 = 3;
+ RISCV64 = 4;
- reserved 4 to 999;
+ reserved 5 to 999;
}
message Signal {
diff --git a/debuggerd/seccomp_policy/crash_dump.riscv64.policy b/debuggerd/seccomp_policy/crash_dump.riscv64.policy
new file mode 100644
index 0000000..21887ab
--- /dev/null
+++ b/debuggerd/seccomp_policy/crash_dump.riscv64.policy
@@ -0,0 +1,37 @@
+read: 1
+write: 1
+exit: 1
+rt_sigreturn: 1
+exit_group: 1
+clock_gettime: 1
+gettimeofday: 1
+futex: 1
+getrandom: 1
+getpid: 1
+gettid: 1
+ppoll: 1
+pipe2: 1
+openat: 1
+dup: 1
+close: 1
+lseek: 1
+getdents64: 1
+faccessat: 1
+recvmsg: 1
+recvfrom: 1
+process_vm_readv: 1
+tgkill: 1
+rt_sigprocmask: 1
+rt_sigaction: 1
+rt_tgsigqueueinfo: 1
+prctl: arg0 == PR_GET_NO_NEW_PRIVS || arg0 == 0x53564d41 || arg0 == PR_PAC_RESET_KEYS
+madvise: 1
+mprotect: arg2 in 0x1|0x2
+munmap: 1
+getuid: 1
+fstat: 1
+mmap: arg2 in 0x1|0x2
+geteuid: 1
+getgid: 1
+getegid: 1
+getgroups: 1
diff --git a/debuggerd/seccomp_policy/generate.sh b/debuggerd/seccomp_policy/generate.sh
index 8c58b05..c467d9e 100755
--- a/debuggerd/seccomp_policy/generate.sh
+++ b/debuggerd/seccomp_policy/generate.sh
@@ -6,5 +6,6 @@
CPP='cpp -undef -E -P crash_dump.policy.def'
$CPP -D__arm__ -o crash_dump.arm.policy
$CPP -D__aarch64__ -D__LP64__ -o crash_dump.arm64.policy
+$CPP -D__riscv -D__LP64__ -o crash_dump.riscv64.policy
$CPP -D__i386__ -o crash_dump.x86.policy
$CPP -D__x86_64__ -D__LP64__ -o crash_dump.x86_64.policy
diff --git a/fs_mgr/fs_mgr_overlayfs.cpp b/fs_mgr/fs_mgr_overlayfs.cpp
index 6213aeb..c7f3343 100644
--- a/fs_mgr/fs_mgr_overlayfs.cpp
+++ b/fs_mgr/fs_mgr_overlayfs.cpp
@@ -200,6 +200,24 @@
return (info.feat_ro_compat & EXT4_FEATURE_RO_COMPAT_SHARED_BLOCKS) != 0;
}
+#define F2FS_SUPER_OFFSET 1024
+#define F2FS_FEATURE_OFFSET 2180
+#define F2FS_FEATURE_RO 0x4000
+bool fs_mgr_is_read_only_f2fs(const std::string& dev) {
+ if (!fs_mgr_is_f2fs(dev)) return false;
+
+ android::base::unique_fd fd(open(dev.c_str(), O_RDONLY | O_CLOEXEC));
+ if (fd < 0) return false;
+
+ __le32 feat;
+ if ((TEMP_FAILURE_RETRY(lseek64(fd, F2FS_SUPER_OFFSET + F2FS_FEATURE_OFFSET, SEEK_SET)) < 0) ||
+ (TEMP_FAILURE_RETRY(read(fd, &feat, sizeof(feat))) < 0)) {
+ return false;
+ }
+
+ return (feat & cpu_to_le32(F2FS_FEATURE_RO)) != 0;
+}
+
bool fs_mgr_overlayfs_enabled(FstabEntry* entry) {
// readonly filesystem, can not be mount -o remount,rw
// for squashfs, erofs or if free space is (near) zero making such a remount
@@ -214,6 +232,11 @@
return true;
}
+ // f2fs read-only mode doesn't support remount,rw
+ if (fs_mgr_is_read_only_f2fs(entry->blk_device)) {
+ return true;
+ }
+
// check if ext4 de-dupe
auto has_shared_blocks = fs_mgr_has_shared_blocks(entry->mount_point, entry->blk_device);
if (!has_shared_blocks && (entry->mount_point == "/system")) {