Merge "libsnapshot: Off-line tool for converting OTA payloads to COWs."
diff --git a/adb/daemon/main.cpp b/adb/daemon/main.cpp
index eb28668..8c41c5e 100644
--- a/adb/daemon/main.cpp
+++ b/adb/daemon/main.cpp
@@ -108,9 +108,12 @@
// AID_NET_BW_STATS to read out qtaguid statistics
// AID_READPROC for reading /proc entries across UID boundaries
// AID_UHID for using 'hid' command to read/write to /dev/uhid
+ // AID_EXT_DATA_RW for writing to /sdcard/Android/data (devices without sdcardfs)
+ // AID_EXT_OBB_RW for writing to /sdcard/Android/obb (devices without sdcardfs)
gid_t groups[] = {AID_ADB, AID_LOG, AID_INPUT, AID_INET,
AID_NET_BT, AID_NET_BT_ADMIN, AID_SDCARD_R, AID_SDCARD_RW,
- AID_NET_BW_STATS, AID_READPROC, AID_UHID};
+ AID_NET_BW_STATS, AID_READPROC, AID_UHID, AID_EXT_DATA_RW,
+ AID_EXT_OBB_RW};
minijail_set_supplementary_gids(jail.get(), arraysize(groups), groups);
// Don't listen on a port (default 5037) if running in secure mode.
diff --git a/fs_mgr/fs_mgr_fstab.cpp b/fs_mgr/fs_mgr_fstab.cpp
index 54102ec..233d15f 100644
--- a/fs_mgr/fs_mgr_fstab.cpp
+++ b/fs_mgr/fs_mgr_fstab.cpp
@@ -640,13 +640,14 @@
entry.fs_mgr_flags.wait = true;
entry.fs_mgr_flags.logical = true;
entry.fs_mgr_flags.first_stage_mount = true;
+ fstab->emplace_back(entry);
} else {
// If the corresponding partition exists, transform all its Fstab
// by pointing .blk_device to the DSU partition.
for (auto&& entry : entries) {
entry->blk_device = partition;
// AVB keys for DSU should always be under kDsuKeysDir.
- entry->avb_keys += kDsuKeysDir;
+ entry->avb_keys = kDsuKeysDir;
}
// Make sure the ext4 is included to support GSI.
auto partition_ext4 =
diff --git a/fs_mgr/libfiemap/image_manager.cpp b/fs_mgr/libfiemap/image_manager.cpp
index f32e0eb..93fc131 100644
--- a/fs_mgr/libfiemap/image_manager.cpp
+++ b/fs_mgr/libfiemap/image_manager.cpp
@@ -640,16 +640,22 @@
return false;
}
+ bool ok = true;
for (const auto& partition : metadata->partitions) {
auto name = GetPartitionName(partition);
auto image_path = GetImageHeaderPath(name);
auto fiemap = SplitFiemap::Open(image_path);
- if (!fiemap || !fiemap->HasPinnedExtents()) {
- LOG(ERROR) << "Image is missing or was moved: " << image_path;
- return false;
+ if (fiemap == nullptr) {
+ LOG(ERROR) << "SplitFiemap::Open(\"" << image_path << "\") failed";
+ ok = false;
+ continue;
+ }
+ if (!fiemap->HasPinnedExtents()) {
+ LOG(ERROR) << "Image doesn't have pinned extents: " << image_path;
+ ok = false;
}
}
- return true;
+ return ok;
}
bool ImageManager::DisableImage(const std::string& name) {
diff --git a/init/Android.mk b/init/Android.mk
index 2fbbf4a..da94daf 100644
--- a/init/Android.mk
+++ b/init/Android.mk
@@ -119,13 +119,6 @@
# First stage init is weird: it may start without stdout/stderr, and no /proc.
LOCAL_NOSANITIZE := hwaddress
include $(BUILD_EXECUTABLE)
-
-# LOCAL_FORCE_STATIC_EXECUTABLE targets are skipped and not defined for ASAN builds
-init_vendor_deps :=
-ifneq (true,$(my_skip_this_target))
- init_vendor_deps += init_first_stage
-endif # my_skip_this_target is true
-
endif
include $(CLEAR_VARS)
@@ -140,7 +133,8 @@
LOCAL_MODULE := init_vendor
ifneq ($(BOARD_BUILD_SYSTEM_ROOT_IMAGE),true)
-LOCAL_REQUIRED_MODULES := $(init_vendor_deps)
+LOCAL_REQUIRED_MODULES := \
+ init_first_stage \
+
endif
include $(BUILD_PHONY_PACKAGE)
-init_vendor_deps :=
diff --git a/libcrypto_utils/.clang-format b/libcrypto_utils/.clang-format
new file mode 120000
index 0000000..fd0645f
--- /dev/null
+++ b/libcrypto_utils/.clang-format
@@ -0,0 +1 @@
+../.clang-format-2
\ No newline at end of file
diff --git a/libcrypto_utils/Android.bp b/libcrypto_utils/Android.bp
index d7175e0..923b291 100644
--- a/libcrypto_utils/Android.bp
+++ b/libcrypto_utils/Android.bp
@@ -23,7 +23,7 @@
},
host_supported: true,
srcs: [
- "android_pubkey.c",
+ "android_pubkey.cpp",
],
cflags: [
"-Wall",
diff --git a/libcrypto_utils/android_pubkey.c b/libcrypto_utils/android_pubkey.cpp
similarity index 65%
rename from libcrypto_utils/android_pubkey.c
rename to libcrypto_utils/android_pubkey.cpp
index 3052e52..21e5663 100644
--- a/libcrypto_utils/android_pubkey.c
+++ b/libcrypto_utils/android_pubkey.cpp
@@ -35,37 +35,29 @@
// little-endian 32 bit words. Note that Android only supports little-endian
// processors, so we don't do any byte order conversions when parsing the binary
// struct.
-typedef struct RSAPublicKey {
- // Modulus length. This must be ANDROID_PUBKEY_MODULUS_SIZE.
- uint32_t modulus_size_words;
+struct RSAPublicKey {
+ // Modulus length. This must be ANDROID_PUBKEY_MODULUS_SIZE.
+ uint32_t modulus_size_words;
- // Precomputed montgomery parameter: -1 / n[0] mod 2^32
- uint32_t n0inv;
+ // Precomputed montgomery parameter: -1 / n[0] mod 2^32
+ uint32_t n0inv;
- // RSA modulus as a little-endian array.
- uint8_t modulus[ANDROID_PUBKEY_MODULUS_SIZE];
+ // RSA modulus as a little-endian array.
+ uint8_t modulus[ANDROID_PUBKEY_MODULUS_SIZE];
- // Montgomery parameter R^2 as a little-endian array of little-endian words.
- uint8_t rr[ANDROID_PUBKEY_MODULUS_SIZE];
+ // Montgomery parameter R^2 as a little-endian array.
+ uint8_t rr[ANDROID_PUBKEY_MODULUS_SIZE];
- // RSA modulus: 3 or 65537
- uint32_t exponent;
-} RSAPublicKey;
-
-// Reverses byte order in |buffer|.
-static void reverse_bytes(uint8_t* buffer, size_t size) {
- for (size_t i = 0; i < (size + 1) / 2; ++i) {
- uint8_t tmp = buffer[i];
- buffer[i] = buffer[size - i - 1];
- buffer[size - i - 1] = tmp;
- }
-}
+ // RSA modulus: 3 or 65537
+ uint32_t exponent;
+};
bool android_pubkey_decode(const uint8_t* key_buffer, size_t size, RSA** key) {
const RSAPublicKey* key_struct = (RSAPublicKey*)key_buffer;
bool ret = false;
- uint8_t modulus_buffer[ANDROID_PUBKEY_MODULUS_SIZE];
RSA* new_key = RSA_new();
+ BIGNUM* n = NULL;
+ BIGNUM* e = NULL;
if (!new_key) {
goto cleanup;
}
@@ -79,19 +71,24 @@
}
// Convert the modulus to big-endian byte order as expected by BN_bin2bn.
- memcpy(modulus_buffer, key_struct->modulus, sizeof(modulus_buffer));
- reverse_bytes(modulus_buffer, sizeof(modulus_buffer));
- new_key->n = BN_bin2bn(modulus_buffer, sizeof(modulus_buffer), NULL);
- if (!new_key->n) {
+ n = BN_le2bn(key_struct->modulus, ANDROID_PUBKEY_MODULUS_SIZE, NULL);
+ if (!n) {
goto cleanup;
}
// Read the exponent.
- new_key->e = BN_new();
- if (!new_key->e || !BN_set_word(new_key->e, key_struct->exponent)) {
+ e = BN_new();
+ if (!e || !BN_set_word(e, key_struct->exponent)) {
goto cleanup;
}
+ if (!RSA_set0_key(new_key, n, e, NULL)) {
+ goto cleanup;
+ }
+ // RSA_set0_key takes ownership of its inputs on success.
+ n = NULL;
+ e = NULL;
+
// Note that we don't extract the montgomery parameters n0inv and rr from
// the RSAPublicKey structure. They assume a word size of 32 bits, but
// BoringSSL may use a word size of 64 bits internally, so we're lacking the
@@ -101,24 +98,16 @@
// pre-computed montgomery parameters.
*key = new_key;
+ new_key = NULL;
ret = true;
cleanup:
- if (!ret && new_key) {
- RSA_free(new_key);
- }
+ RSA_free(new_key);
+ BN_free(n);
+ BN_free(e);
return ret;
}
-static bool android_pubkey_encode_bignum(const BIGNUM* num, uint8_t* buffer) {
- if (!BN_bn2bin_padded(buffer, ANDROID_PUBKEY_MODULUS_SIZE, num)) {
- return false;
- }
-
- reverse_bytes(buffer, ANDROID_PUBKEY_MODULUS_SIZE);
- return true;
-}
-
bool android_pubkey_encode(const RSA* key, uint8_t* key_buffer, size_t size) {
RSAPublicKey* key_struct = (RSAPublicKey*)key_buffer;
bool ret = false;
@@ -127,8 +116,7 @@
BIGNUM* n0inv = BN_new();
BIGNUM* rr = BN_new();
- if (sizeof(RSAPublicKey) > size ||
- RSA_size(key) != ANDROID_PUBKEY_MODULUS_SIZE) {
+ if (sizeof(RSAPublicKey) > size || RSA_size(key) != ANDROID_PUBKEY_MODULUS_SIZE) {
goto cleanup;
}
@@ -136,27 +124,26 @@
key_struct->modulus_size_words = ANDROID_PUBKEY_MODULUS_SIZE_WORDS;
// Compute and store n0inv = -1 / N[0] mod 2^32.
- if (!ctx || !r32 || !n0inv || !BN_set_bit(r32, 32) ||
- !BN_mod(n0inv, key->n, r32, ctx) ||
+ if (!ctx || !r32 || !n0inv || !BN_set_bit(r32, 32) || !BN_mod(n0inv, RSA_get0_n(key), r32, ctx) ||
!BN_mod_inverse(n0inv, n0inv, r32, ctx) || !BN_sub(n0inv, r32, n0inv)) {
goto cleanup;
}
key_struct->n0inv = (uint32_t)BN_get_word(n0inv);
// Store the modulus.
- if (!android_pubkey_encode_bignum(key->n, key_struct->modulus)) {
+ if (!BN_bn2le_padded(key_struct->modulus, ANDROID_PUBKEY_MODULUS_SIZE, RSA_get0_n(key))) {
goto cleanup;
}
// Compute and store rr = (2^(rsa_size)) ^ 2 mod N.
if (!ctx || !rr || !BN_set_bit(rr, ANDROID_PUBKEY_MODULUS_SIZE * 8) ||
- !BN_mod_sqr(rr, rr, key->n, ctx) ||
- !android_pubkey_encode_bignum(rr, key_struct->rr)) {
+ !BN_mod_sqr(rr, rr, RSA_get0_n(key), ctx) ||
+ !BN_bn2le_padded(key_struct->rr, ANDROID_PUBKEY_MODULUS_SIZE, rr)) {
goto cleanup;
}
// Store the exponent.
- key_struct->exponent = (uint32_t)BN_get_word(key->e);
+ key_struct->exponent = (uint32_t)BN_get_word(RSA_get0_e(key));
ret = true;
diff --git a/libcutils/include/cutils/trace.h b/libcutils/include/cutils/trace.h
index c74ee3e..793e2ce 100644
--- a/libcutils/include/cutils/trace.h
+++ b/libcutils/include/cutils/trace.h
@@ -75,7 +75,8 @@
#define ATRACE_TAG_AIDL (1<<24)
#define ATRACE_TAG_NNAPI (1<<25)
#define ATRACE_TAG_RRO (1<<26)
-#define ATRACE_TAG_LAST ATRACE_TAG_RRO
+#define ATRACE_TAG_SYSPROP (1<<27)
+#define ATRACE_TAG_LAST ATRACE_TAG_SYSPROP
// Reserved for initialization.
#define ATRACE_TAG_NOT_READY (1ULL<<63)
diff --git a/libprocessgroup/profiles/cgroups.json b/libprocessgroup/profiles/cgroups.json
index 0341902..4518487 100644
--- a/libprocessgroup/profiles/cgroups.json
+++ b/libprocessgroup/profiles/cgroups.json
@@ -39,19 +39,21 @@
"Mode": "0755",
"UID": "system",
"GID": "system"
- },
- {
- "Controller": "freezer",
- "Path": "/dev/freezer",
- "Mode": "0755",
- "UID": "system",
- "GID": "system"
}
],
"Cgroups2": {
- "Path": "/dev/cg2_bpf",
- "Mode": "0600",
- "UID": "root",
- "GID": "root"
+ "Path": "/sys/fs/cgroup",
+ "Mode": "0755",
+ "UID": "system",
+ "GID": "system",
+ "Controllers": [
+ {
+ "Controller": "freezer",
+ "Path": "freezer",
+ "Mode": "0755",
+ "UID": "system",
+ "GID": "system"
+ }
+ ]
}
}
diff --git a/libprocessgroup/profiles/cgroups.proto b/libprocessgroup/profiles/cgroups.proto
index f4070c5..13adcae 100644
--- a/libprocessgroup/profiles/cgroups.proto
+++ b/libprocessgroup/profiles/cgroups.proto
@@ -24,19 +24,24 @@
Cgroups2 cgroups2 = 2 [json_name = "Cgroups2"];
}
-// Next: 6
+// Next: 7
message Cgroup {
string controller = 1 [json_name = "Controller"];
string path = 2 [json_name = "Path"];
string mode = 3 [json_name = "Mode"];
string uid = 4 [json_name = "UID"];
string gid = 5 [json_name = "GID"];
+// Booleans default to false when not specified. File reconstruction fails
+// when a boolean is specified as false, so leave unspecified in that case
+// https://developers.google.com/protocol-buffers/docs/proto3#default
+ bool needs_activation = 6 [json_name = "NeedsActivation"];
}
-// Next: 5
+// Next: 6
message Cgroups2 {
string path = 1 [json_name = "Path"];
string mode = 2 [json_name = "Mode"];
string uid = 3 [json_name = "UID"];
string gid = 4 [json_name = "GID"];
+ repeated Cgroup controllers = 5 [json_name = "Controllers"];
}
diff --git a/libprocessgroup/profiles/task_profiles.json b/libprocessgroup/profiles/task_profiles.json
index a515e58..c4dbf8e 100644
--- a/libprocessgroup/profiles/task_profiles.json
+++ b/libprocessgroup/profiles/task_profiles.json
@@ -49,6 +49,11 @@
"Name": "UClampMax",
"Controller": "cpu",
"File": "cpu.uclamp.max"
+ },
+ {
+ "Name": "FreezerState",
+ "Controller": "freezer",
+ "File": "cgroup.freeze"
}
],
@@ -74,7 +79,7 @@
"Params":
{
"Controller": "freezer",
- "Path": "frozen"
+ "Path": ""
}
}
]
@@ -87,7 +92,7 @@
"Params":
{
"Controller": "freezer",
- "Path": ""
+ "Path": "../"
}
}
]
@@ -531,6 +536,32 @@
}
}
]
+ },
+ {
+ "Name": "FreezerDisabled",
+ "Actions": [
+ {
+ "Name": "SetAttribute",
+ "Params":
+ {
+ "Name": "FreezerState",
+ "Value": "0"
+ }
+ }
+ ]
+ },
+ {
+ "Name": "FreezerEnabled",
+ "Actions": [
+ {
+ "Name": "SetAttribute",
+ "Params":
+ {
+ "Name": "FreezerState",
+ "Value": "1"
+ }
+ }
+ ]
}
],
diff --git a/logd/ChattyLogBuffer.h b/logd/ChattyLogBuffer.h
index ce3dc7b..b4d3a2f 100644
--- a/logd/ChattyLogBuffer.h
+++ b/logd/ChattyLogBuffer.h
@@ -25,7 +25,6 @@
#include <android-base/thread_annotations.h>
#include <android/log.h>
#include <private/android_filesystem_config.h>
-#include <sysutils/SocketClient.h>
#include "LogBuffer.h"
#include "LogBufferElement.h"
diff --git a/logd/LogReader.h b/logd/LogReader.h
index b85a584..a4e52c4 100644
--- a/logd/LogReader.h
+++ b/logd/LogReader.h
@@ -22,8 +22,6 @@
#include "LogReaderList.h"
#include "LogReaderThread.h"
-#define LOGD_SNDTIMEO 32
-
class LogReader : public SocketListener {
public:
explicit LogReader(LogBuffer* logbuf, LogReaderList* reader_list);
diff --git a/logd/LogReaderThread.h b/logd/LogReaderThread.h
index 1855c0e..20624f2 100644
--- a/logd/LogReaderThread.h
+++ b/logd/LogReaderThread.h
@@ -27,7 +27,6 @@
#include <memory>
#include <log/log.h>
-#include <sysutils/SocketClient.h>
#include "LogBuffer.h"
#include "LogWriter.h"
diff --git a/logd/LogTags.cpp b/logd/LogTags.cpp
index 1b7107f..6ab3b48 100644
--- a/logd/LogTags.cpp
+++ b/logd/LogTags.cpp
@@ -24,6 +24,7 @@
#include <sys/mman.h>
#include <sys/stat.h>
#include <sys/types.h>
+#include <sys/uio.h>
#include <unistd.h>
#include <string>
diff --git a/logd/LogUtils.h b/logd/LogUtils.h
index df78a50..c0f62d3 100644
--- a/logd/LogUtils.h
+++ b/logd/LogUtils.h
@@ -20,12 +20,13 @@
#include <sys/types.h>
#include <private/android_logger.h>
-#include <sysutils/SocketClient.h>
#include <utils/FastStrcmp.h>
// Hijack this header as a common include file used by most all sources
// to report some utilities defined here and there.
+#define LOGD_SNDTIMEO 32
+
namespace android {
// Furnished in main.cpp. Caller must own and free returned value
diff --git a/logd/logd_test.cpp b/logd/logd_test.cpp
index 202ab06..828f580 100644
--- a/logd/logd_test.cpp
+++ b/logd/logd_test.cpp
@@ -40,7 +40,7 @@
#include <selinux/selinux.h>
#endif
-#include "LogReader.h" // pickup LOGD_SNDTIMEO
+#include "LogUtils.h" // For LOGD_SNDTIMEO.
using android::base::unique_fd;
diff --git a/rootdir/init.rc b/rootdir/init.rc
index 6ef3bdc..37f911a 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -324,16 +324,6 @@
chmod 0664 /dev/cpuset/restricted/tasks
chmod 0664 /dev/cpuset/tasks
- # freezer cgroup entries
- mkdir /dev/freezer/frozen
- write /dev/freezer/frozen/freezer.state FROZEN
- chown system system /dev/freezer/cgroup.procs
- chown system system /dev/freezer/frozen
- chown system system /dev/freezer/frozen/freezer.state
- chown system system /dev/freezer/frozen/cgroup.procs
-
- chmod 0444 /dev/freezer/frozen/freezer.state
-
# make the PSI monitor accessible to others
chown system system /proc/pressure/memory
chmod 0664 /proc/pressure/memory
@@ -348,8 +338,6 @@
# This is needed by any process that uses socket tagging.
chmod 0644 /dev/xt_qtaguid
- chown root root /dev/cg2_bpf
- chmod 0600 /dev/cg2_bpf
mount bpf bpf /sys/fs/bpf nodev noexec nosuid
# Create location for fs_mgr to store abbreviated output from filesystem