Merge "Revert^3 "libprocessgroup: uid/pid hierarchy for cgroup v2""
diff --git a/NOTICE b/NOTICE
index 152be20..8e8a91c 100644
--- a/NOTICE
+++ b/NOTICE
@@ -1,324 +1,16 @@
- =========================================================================
- == NOTICE file corresponding to the section 4 d of ==
- == the Apache License, Version 2.0, ==
- == in this case for the Android-specific code. ==
- =========================================================================
+Copyright (C) 2017 The Android Open Source Project
-Android Code
-Copyright 2005-2008 The Android Open Source Project
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
-This product includes software developed as part of
-The Android Open Source Project (http://source.android.com).
+ http://www.apache.org/licenses/LICENSE-2.0
- =========================================================================
- == NOTICE file corresponding to the section 4 d of ==
- == the Apache License, Version 2.0, ==
- == in this case for Apache Commons code. ==
- =========================================================================
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
-Apache Commons
-Copyright 1999-2006 The Apache Software Foundation
+-------------------------------------------------------------------
-This product includes software developed at
-The Apache Software Foundation (http://www.apache.org/).
-
- =========================================================================
- == NOTICE file corresponding to the section 4 d of ==
- == the Apache License, Version 2.0, ==
- == in this case for Jakarta Commons Logging. ==
- =========================================================================
-
-Jakarta Commons Logging (JCL)
-Copyright 2005,2006 The Apache Software Foundation.
-
-This product includes software developed at
-The Apache Software Foundation (http://www.apache.org/).
-
- =========================================================================
- == NOTICE file corresponding to the section 4 d of ==
- == the Apache License, Version 2.0, ==
- == in this case for the Nuance code. ==
- =========================================================================
-
-These files are Copyright 2007 Nuance Communications, but released under
-the Apache2 License.
-
- =========================================================================
- == NOTICE file corresponding to the section 4 d of ==
- == the Apache License, Version 2.0, ==
- == in this case for the Media Codecs code. ==
- =========================================================================
-
-Media Codecs
-These files are Copyright 1998 - 2009 PacketVideo, but released under
-the Apache2 License.
-
- =========================================================================
- == NOTICE file corresponding to the section 4 d of ==
- == the Apache License, Version 2.0, ==
- == in this case for the TagSoup code. ==
- =========================================================================
-
-This file is part of TagSoup and is Copyright 2002-2008 by John Cowan.
-
-TagSoup is licensed under the Apache License,
-Version 2.0. You may obtain a copy of this license at
-http://www.apache.org/licenses/LICENSE-2.0 . You may also have
-additional legal rights not granted by this license.
-
-TagSoup is distributed in the hope that it will be useful, but
-unless required by applicable law or agreed to in writing, TagSoup
-is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS
-OF ANY KIND, either express or implied; not even the implied warranty
-of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
-
- =========================================================================
- == NOTICE file corresponding to the section 4 d of ==
- == the Apache License, Version 2.0, ==
- == in this case for Additional Codecs code. ==
- =========================================================================
-
-Additional Codecs
-These files are Copyright 2003-2010 VisualOn, but released under
-the Apache2 License.
-
- =========================================================================
- == NOTICE file corresponding to the section 4 d of ==
- == the Apache License, Version 2.0, ==
- == in this case for the Audio Effects code. ==
- =========================================================================
-
-Audio Effects
-These files are Copyright (C) 2004-2010 NXP Software and
-Copyright (C) 2010 The Android Open Source Project, but released under
-the Apache2 License.
-
-
- Apache License
- Version 2.0, January 2004
- http://www.apache.org/licenses/
-
- TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
- 1. Definitions.
-
- "License" shall mean the terms and conditions for use, reproduction,
- and distribution as defined by Sections 1 through 9 of this document.
-
- "Licensor" shall mean the copyright owner or entity authorized by
- the copyright owner that is granting the License.
-
- "Legal Entity" shall mean the union of the acting entity and all
- other entities that control, are controlled by, or are under common
- control with that entity. For the purposes of this definition,
- "control" means (i) the power, direct or indirect, to cause the
- direction or management of such entity, whether by contract or
- otherwise, or (ii) ownership of fifty percent (50%) or more of the
- outstanding shares, or (iii) beneficial ownership of such entity.
-
- "You" (or "Your") shall mean an individual or Legal Entity
- exercising permissions granted by this License.
-
- "Source" form shall mean the preferred form for making modifications,
- including but not limited to software source code, documentation
- source, and configuration files.
-
- "Object" form shall mean any form resulting from mechanical
- transformation or translation of a Source form, including but
- not limited to compiled object code, generated documentation,
- and conversions to other media types.
-
- "Work" shall mean the work of authorship, whether in Source or
- Object form, made available under the License, as indicated by a
- copyright notice that is included in or attached to the work
- (an example is provided in the Appendix below).
-
- "Derivative Works" shall mean any work, whether in Source or Object
- form, that is based on (or derived from) the Work and for which the
- editorial revisions, annotations, elaborations, or other modifications
- represent, as a whole, an original work of authorship. For the purposes
- of this License, Derivative Works shall not include works that remain
- separable from, or merely link (or bind by name) to the interfaces of,
- the Work and Derivative Works thereof.
-
- "Contribution" shall mean any work of authorship, including
- the original version of the Work and any modifications or additions
- to that Work or Derivative Works thereof, that is intentionally
- submitted to Licensor for inclusion in the Work by the copyright owner
- or by an individual or Legal Entity authorized to submit on behalf of
- the copyright owner. For the purposes of this definition, "submitted"
- means any form of electronic, verbal, or written communication sent
- to the Licensor or its representatives, including but not limited to
- communication on electronic mailing lists, source code control systems,
- and issue tracking systems that are managed by, or on behalf of, the
- Licensor for the purpose of discussing and improving the Work, but
- excluding communication that is conspicuously marked or otherwise
- designated in writing by the copyright owner as "Not a Contribution."
-
- "Contributor" shall mean Licensor and any individual or Legal Entity
- on behalf of whom a Contribution has been received by Licensor and
- subsequently incorporated within the Work.
-
- 2. Grant of Copyright License. Subject to the terms and conditions of
- this License, each Contributor hereby grants to You a perpetual,
- worldwide, non-exclusive, no-charge, royalty-free, irrevocable
- copyright license to reproduce, prepare Derivative Works of,
- publicly display, publicly perform, sublicense, and distribute the
- Work and such Derivative Works in Source or Object form.
-
- 3. Grant of Patent License. Subject to the terms and conditions of
- this License, each Contributor hereby grants to You a perpetual,
- worldwide, non-exclusive, no-charge, royalty-free, irrevocable
- (except as stated in this section) patent license to make, have made,
- use, offer to sell, sell, import, and otherwise transfer the Work,
- where such license applies only to those patent claims licensable
- by such Contributor that are necessarily infringed by their
- Contribution(s) alone or by combination of their Contribution(s)
- with the Work to which such Contribution(s) was submitted. If You
- institute patent litigation against any entity (including a
- cross-claim or counterclaim in a lawsuit) alleging that the Work
- or a Contribution incorporated within the Work constitutes direct
- or contributory patent infringement, then any patent licenses
- granted to You under this License for that Work shall terminate
- as of the date such litigation is filed.
-
- 4. Redistribution. You may reproduce and distribute copies of the
- Work or Derivative Works thereof in any medium, with or without
- modifications, and in Source or Object form, provided that You
- meet the following conditions:
-
- (a) You must give any other recipients of the Work or
- Derivative Works a copy of this License; and
-
- (b) You must cause any modified files to carry prominent notices
- stating that You changed the files; and
-
- (c) You must retain, in the Source form of any Derivative Works
- that You distribute, all copyright, patent, trademark, and
- attribution notices from the Source form of the Work,
- excluding those notices that do not pertain to any part of
- the Derivative Works; and
-
- (d) If the Work includes a "NOTICE" text file as part of its
- distribution, then any Derivative Works that You distribute must
- include a readable copy of the attribution notices contained
- within such NOTICE file, excluding those notices that do not
- pertain to any part of the Derivative Works, in at least one
- of the following places: within a NOTICE text file distributed
- as part of the Derivative Works; within the Source form or
- documentation, if provided along with the Derivative Works; or,
- within a display generated by the Derivative Works, if and
- wherever such third-party notices normally appear. The contents
- of the NOTICE file are for informational purposes only and
- do not modify the License. You may add Your own attribution
- notices within Derivative Works that You distribute, alongside
- or as an addendum to the NOTICE text from the Work, provided
- that such additional attribution notices cannot be construed
- as modifying the License.
-
- You may add Your own copyright statement to Your modifications and
- may provide additional or different license terms and conditions
- for use, reproduction, or distribution of Your modifications, or
- for any such Derivative Works as a whole, provided Your use,
- reproduction, and distribution of the Work otherwise complies with
- the conditions stated in this License.
-
- 5. Submission of Contributions. Unless You explicitly state otherwise,
- any Contribution intentionally submitted for inclusion in the Work
- by You to the Licensor shall be under the terms and conditions of
- this License, without any additional terms or conditions.
- Notwithstanding the above, nothing herein shall supersede or modify
- the terms of any separate license agreement you may have executed
- with Licensor regarding such Contributions.
-
- 6. Trademarks. This License does not grant permission to use the trade
- names, trademarks, service marks, or product names of the Licensor,
- except as required for reasonable and customary use in describing the
- origin of the Work and reproducing the content of the NOTICE file.
-
- 7. Disclaimer of Warranty. Unless required by applicable law or
- agreed to in writing, Licensor provides the Work (and each
- Contributor provides its Contributions) on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
- implied, including, without limitation, any warranties or conditions
- of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
- PARTICULAR PURPOSE. You are solely responsible for determining the
- appropriateness of using or redistributing the Work and assume any
- risks associated with Your exercise of permissions under this License.
-
- 8. Limitation of Liability. In no event and under no legal theory,
- whether in tort (including negligence), contract, or otherwise,
- unless required by applicable law (such as deliberate and grossly
- negligent acts) or agreed to in writing, shall any Contributor be
- liable to You for damages, including any direct, indirect, special,
- incidental, or consequential damages of any character arising as a
- result of this License or out of the use or inability to use the
- Work (including but not limited to damages for loss of goodwill,
- work stoppage, computer failure or malfunction, or any and all
- other commercial damages or losses), even if such Contributor
- has been advised of the possibility of such damages.
-
- 9. Accepting Warranty or Additional Liability. While redistributing
- the Work or Derivative Works thereof, You may choose to offer,
- and charge a fee for, acceptance of support, warranty, indemnity,
- or other liability obligations and/or rights consistent with this
- License. However, in accepting such obligations, You may act only
- on Your own behalf and on Your sole responsibility, not on behalf
- of any other Contributor, and only if You agree to indemnify,
- defend, and hold each Contributor harmless for any liability
- incurred by, or claims asserted against, such Contributor by reason
- of your accepting any such warranty or additional liability.
-
- END OF TERMS AND CONDITIONS
-
-
-
-UNICODE, INC. LICENSE AGREEMENT - DATA FILES AND SOFTWARE
-
-Unicode Data Files include all data files under the directories
-http://www.unicode.org/Public/, http://www.unicode.org/reports/,
-and http://www.unicode.org/cldr/data/ . Unicode Software includes any
-source code published in the Unicode Standard or under the directories
-http://www.unicode.org/Public/, http://www.unicode.org/reports/, and
-http://www.unicode.org/cldr/data/.
-
-NOTICE TO USER: Carefully read the following legal agreement. BY
-DOWNLOADING, INSTALLING, COPYING OR OTHERWISE USING UNICODE INC.'S DATA
-FILES ("DATA FILES"), AND/OR SOFTWARE ("SOFTWARE"), YOU UNEQUIVOCALLY
-ACCEPT, AND AGREE TO BE BOUND BY, ALL OF THE TERMS AND CONDITIONS OF
-THIS AGREEMENT. IF YOU DO NOT AGREE, DO NOT DOWNLOAD, INSTALL, COPY,
-DISTRIBUTE OR USE THE DATA FILES OR SOFTWARE.
-
-COPYRIGHT AND PERMISSION NOTICE
-
-Copyright © 1991-2008 Unicode, Inc. All rights reserved. Distributed
-under the Terms of Use in http://www.unicode.org/copyright.html.
-
-Permission is hereby granted, free of charge, to any person obtaining
-a copy of the Unicode data files and any associated documentation (the
-"Data Files") or Unicode software and any associated documentation (the
-"Software") to deal in the Data Files or Software without restriction,
-including without limitation the rights to use, copy, modify, merge,
-publish, distribute, and/or sell copies of the Data Files or Software,
-and to permit persons to whom the Data Files or Software are furnished to
-do so, provided that (a) the above copyright notice(s) and this permission
-notice appear with all copies of the Data Files or Software, (b) both the
-above copyright notice(s) and this permission notice appear in associated
-documentation, and (c) there is clear notice in each modified Data File
-or in the Software as well as in the documentation associated with the
-Data File(s) or Software that the data or software has been modified.
-
-THE DATA FILES AND SOFTWARE ARE PROVIDED "AS IS", WITHOUT WARRANTY OF
-ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
-OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT
-OF THIRD PARTY RIGHTS. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR HOLDERS
-INCLUDED IN THIS NOTICE BE LIABLE FOR ANY CLAIM, OR ANY SPECIAL INDIRECT
-OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS
-OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE
-OR PERFORMANCE OF THE DATA FILES OR SOFTWARE.
-
-Except as contained in this notice, the name of a copyright holder
-shall not be used in advertising or otherwise to promote the sale, use
-or other dealings in these Data Files or Software without prior written
-authorization of the copyright holder.
diff --git a/bootstat/OWNERS b/bootstat/OWNERS
index 50b2097..f66b309 100644
--- a/bootstat/OWNERS
+++ b/bootstat/OWNERS
@@ -1,2 +1,2 @@
jhawkins@google.com
-salyzyn@google.com
+dvander@google.com
diff --git a/debuggerd/Android.bp b/debuggerd/Android.bp
index fd62392..53f85bf 100644
--- a/debuggerd/Android.bp
+++ b/debuggerd/Android.bp
@@ -176,6 +176,8 @@
"libdebuggerd/open_files_list.cpp",
"libdebuggerd/scudo.cpp",
"libdebuggerd/tombstone.cpp",
+ "libdebuggerd/tombstone_proto.cpp",
+ "libdebuggerd/tombstone_proto_to_text.cpp",
"libdebuggerd/utility.cpp",
],
@@ -204,8 +206,11 @@
],
whole_static_libs: [
+ "libasync_safe",
"gwp_asan_crash_handler",
"libscudo",
+ "libtombstone_proto",
+ "libprotobuf-cpp-lite",
],
target: {
@@ -228,6 +233,20 @@
},
}
+cc_binary {
+ name: "pbtombstone",
+ defaults: ["debuggerd_defaults"],
+ srcs: ["pbtombstone.cpp"],
+ static_libs: [
+ "libbase",
+ "libdebuggerd",
+ "liblog",
+ "libprotobuf-cpp-lite",
+ "libtombstone_proto",
+ "libunwindstack",
+ ],
+}
+
cc_test {
name: "debuggerd_test",
defaults: ["debuggerd_defaults"],
@@ -332,6 +351,9 @@
"libtombstoned_client_static",
"libdebuggerd",
"libcutils",
+
+ "libtombstone_proto",
+ "libprotobuf-cpp-lite",
],
shared_libs: [
diff --git a/debuggerd/common/include/dump_type.h b/debuggerd/common/include/dump_type.h
index 203269e..a3e171b 100644
--- a/debuggerd/common/include/dump_type.h
+++ b/debuggerd/common/include/dump_type.h
@@ -24,7 +24,8 @@
kDebuggerdNativeBacktrace,
kDebuggerdTombstone,
kDebuggerdJavaBacktrace,
- kDebuggerdAnyIntercept
+ kDebuggerdAnyIntercept,
+ kDebuggerdTombstoneProto,
};
inline std::ostream& operator<<(std::ostream& stream, const DebuggerdDumpType& rhs) {
@@ -41,6 +42,9 @@
case kDebuggerdAnyIntercept:
stream << "kDebuggerdAnyIntercept";
break;
+ case kDebuggerdTombstoneProto:
+ stream << "kDebuggerdTombstoneProto";
+ break;
default:
stream << "[unknown]";
}
diff --git a/debuggerd/crash_dump.cpp b/debuggerd/crash_dump.cpp
index 007a20f..68a43cf 100644
--- a/debuggerd/crash_dump.cpp
+++ b/debuggerd/crash_dump.cpp
@@ -153,14 +153,14 @@
}
struct timeval tv = {
- .tv_sec = 1,
- .tv_usec = 0,
+ .tv_sec = 1 * android::base::TimeoutMultiplier(),
+ .tv_usec = 0,
};
if (setsockopt(amfd.get(), SOL_SOCKET, SO_SNDTIMEO, &tv, sizeof(tv)) == -1) {
PLOG(ERROR) << "failed to set send timeout on activity manager socket";
return false;
}
- tv.tv_sec = 3; // 3 seconds on handshake read
+ tv.tv_sec = 3 * android::base::TimeoutMultiplier(); // 3 seconds on handshake read
if (setsockopt(amfd.get(), SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(tv)) == -1) {
PLOG(ERROR) << "failed to set receive timeout on activity manager socket";
return false;
@@ -195,6 +195,7 @@
static bool g_tombstoned_connected = false;
static unique_fd g_tombstoned_socket;
static unique_fd g_output_fd;
+static unique_fd g_proto_fd;
static void DefuseSignalHandlers() {
// Don't try to dump ourselves.
@@ -215,7 +216,7 @@
// If we abort before we get an output fd, contact tombstoned to let any
// potential listeners know that we failed.
if (!g_tombstoned_connected) {
- if (!tombstoned_connect(g_target_thread, &g_tombstoned_socket, &g_output_fd,
+ if (!tombstoned_connect(g_target_thread, &g_tombstoned_socket, &g_output_fd, &g_proto_fd,
kDebuggerdAnyIntercept)) {
// We failed to connect, not much we can do.
LOG(ERROR) << "failed to connected to tombstoned to report failure";
@@ -248,10 +249,20 @@
}
int dump_type_int;
- if (!android::base::ParseInt(argv[3], &dump_type_int, 0, 1)) {
+ if (!android::base::ParseInt(argv[3], &dump_type_int, 0)) {
LOG(FATAL) << "invalid requested dump type: " << argv[3];
}
+
*dump_type = static_cast<DebuggerdDumpType>(dump_type_int);
+ switch (*dump_type) {
+ case kDebuggerdNativeBacktrace:
+ case kDebuggerdTombstone:
+ case kDebuggerdTombstoneProto:
+ break;
+
+ default:
+ LOG(FATAL) << "invalid requested dump type: " << dump_type_int;
+ }
}
static void ReadCrashInfo(unique_fd& fd, siginfo_t* siginfo,
@@ -436,7 +447,7 @@
//
// Note: processes with many threads and minidebug-info can take a bit to
// unwind, do not make this too small. b/62828735
- alarm(30);
+ alarm(30 * android::base::TimeoutMultiplier());
// Get the process name (aka cmdline).
std::string process_name = get_process_name(g_target_thread);
@@ -480,6 +491,11 @@
info.process_name = process_name;
info.thread_name = get_thread_name(thread);
+ unique_fd attr_fd(openat(target_proc_fd, "attr/current", O_RDONLY | O_CLOEXEC));
+ if (!android::base::ReadFdToString(attr_fd, &info.selinux_label)) {
+ PLOG(WARNING) << "failed to read selinux label";
+ }
+
if (!ptrace_interrupt(thread, &info.signo)) {
PLOG(WARNING) << "failed to ptrace interrupt thread " << thread;
ptrace(PTRACE_DETACH, thread, 0, 0);
@@ -558,8 +574,8 @@
{
ATRACE_NAME("tombstoned_connect");
LOG(INFO) << "obtaining output fd from tombstoned, type: " << dump_type;
- g_tombstoned_connected =
- tombstoned_connect(g_target_thread, &g_tombstoned_socket, &g_output_fd, dump_type);
+ g_tombstoned_connected = tombstoned_connect(g_target_thread, &g_tombstoned_socket, &g_output_fd,
+ &g_proto_fd, dump_type);
}
if (g_tombstoned_connected) {
@@ -612,8 +628,8 @@
{
ATRACE_NAME("engrave_tombstone");
- engrave_tombstone(std::move(g_output_fd), &unwinder, thread_info, g_target_thread, process_info,
- &open_files, &amfd_data);
+ engrave_tombstone(std::move(g_output_fd), std::move(g_proto_fd), &unwinder, thread_info,
+ g_target_thread, process_info, &open_files, &amfd_data);
}
}
diff --git a/debuggerd/debuggerd_test.cpp b/debuggerd/debuggerd_test.cpp
index 45e555f..65820bd 100644
--- a/debuggerd/debuggerd_test.cpp
+++ b/debuggerd/debuggerd_test.cpp
@@ -311,7 +311,7 @@
if (mte_supported()) {
// Test that the default TAGGED_ADDR_CTRL value is set.
- ASSERT_MATCH(result, R"(tagged_addr_ctrl: 000000000007fff5)");
+ ASSERT_MATCH(result, R"(tagged_addr_ctrl: 000000000007fff3)");
}
}
@@ -1309,11 +1309,11 @@
tombstoned_intercept(self, &intercept_fd, &output_fd, &status, kDebuggerdJavaBacktrace);
ASSERT_EQ(InterceptStatus::kRegistered, status);
- // First connect to tombstoned requesting a native backtrace. This
+ // First connect to tombstoned requesting a native tombstone. This
// should result in a "regular" FD and not the installed intercept.
const char native[] = "native";
unique_fd tombstoned_socket, input_fd;
- ASSERT_TRUE(tombstoned_connect(self, &tombstoned_socket, &input_fd, kDebuggerdNativeBacktrace));
+ ASSERT_TRUE(tombstoned_connect(self, &tombstoned_socket, &input_fd, kDebuggerdTombstone));
ASSERT_TRUE(android::base::WriteFully(input_fd.get(), native, sizeof(native)));
tombstoned_notify_completion(tombstoned_socket.get());
@@ -1425,3 +1425,70 @@
ConsumeFd(std::move(output_fd), &result);
ASSERT_MATCH(result, R"(Cause: stack pointer[^\n]*stack overflow.\n)");
}
+
+TEST(tombstoned, proto) {
+ const pid_t self = getpid();
+ unique_fd tombstoned_socket, text_fd, proto_fd;
+ ASSERT_TRUE(
+ tombstoned_connect(self, &tombstoned_socket, &text_fd, &proto_fd, kDebuggerdTombstoneProto));
+
+ tombstoned_notify_completion(tombstoned_socket.get());
+
+ ASSERT_NE(-1, text_fd.get());
+ ASSERT_NE(-1, proto_fd.get());
+
+ struct stat text_st;
+ ASSERT_EQ(0, fstat(text_fd.get(), &text_st));
+
+ // Give tombstoned some time to link the files into place.
+ std::this_thread::sleep_for(100ms);
+
+ // Find the tombstone.
+ std::optional<int> tombstone_index;
+ for (int i = 0; i < 50; ++i) {
+ std::string path = android::base::StringPrintf("/data/tombstones/tombstone_%02d", i);
+
+ struct stat st;
+ if (TEMP_FAILURE_RETRY(stat(path.c_str(), &st)) != 0) {
+ continue;
+ }
+
+ if (st.st_dev == text_st.st_dev && st.st_ino == text_st.st_ino) {
+ tombstone_index = i;
+ break;
+ }
+ }
+
+ ASSERT_TRUE(tombstone_index);
+ std::string proto_path =
+ android::base::StringPrintf("/data/tombstones/tombstone_%02d.pb", *tombstone_index);
+
+ struct stat proto_fd_st;
+ struct stat proto_file_st;
+ ASSERT_EQ(0, fstat(proto_fd.get(), &proto_fd_st));
+ ASSERT_EQ(0, stat(proto_path.c_str(), &proto_file_st));
+
+ ASSERT_EQ(proto_fd_st.st_dev, proto_file_st.st_dev);
+ ASSERT_EQ(proto_fd_st.st_ino, proto_file_st.st_ino);
+}
+
+TEST(tombstoned, proto_intercept) {
+ const pid_t self = getpid();
+ unique_fd intercept_fd, output_fd;
+ InterceptStatus status;
+
+ tombstoned_intercept(self, &intercept_fd, &output_fd, &status, kDebuggerdTombstone);
+ ASSERT_EQ(InterceptStatus::kRegistered, status);
+
+ unique_fd tombstoned_socket, text_fd, proto_fd;
+ ASSERT_TRUE(
+ tombstoned_connect(self, &tombstoned_socket, &text_fd, &proto_fd, kDebuggerdTombstoneProto));
+ ASSERT_TRUE(android::base::WriteStringToFd("foo", text_fd.get()));
+ tombstoned_notify_completion(tombstoned_socket.get());
+
+ text_fd.reset();
+
+ std::string output;
+ ASSERT_TRUE(android::base::ReadFdToString(output_fd, &output));
+ ASSERT_EQ("foo", output);
+}
diff --git a/debuggerd/handler/debuggerd_fallback.cpp b/debuggerd/handler/debuggerd_fallback.cpp
index e103c82..feafa73 100644
--- a/debuggerd/handler/debuggerd_fallback.cpp
+++ b/debuggerd/handler/debuggerd_fallback.cpp
@@ -92,15 +92,15 @@
__linker_disable_fallback_allocator();
}
-static void debuggerd_fallback_tombstone(int output_fd, ucontext_t* ucontext, siginfo_t* siginfo,
- void* abort_message) {
+static void debuggerd_fallback_tombstone(int output_fd, int proto_fd, ucontext_t* ucontext,
+ siginfo_t* siginfo, void* abort_message) {
if (!__linker_enable_fallback_allocator()) {
async_safe_format_log(ANDROID_LOG_ERROR, "libc", "fallback allocator already in use");
return;
}
- engrave_tombstone_ucontext(output_fd, reinterpret_cast<uintptr_t>(abort_message), siginfo,
- ucontext);
+ engrave_tombstone_ucontext(output_fd, proto_fd, reinterpret_cast<uintptr_t>(abort_message),
+ siginfo, ucontext);
__linker_disable_fallback_allocator();
}
@@ -232,7 +232,8 @@
// Fetch output fd from tombstoned.
unique_fd tombstone_socket, output_fd;
- if (!tombstoned_connect(getpid(), &tombstone_socket, &output_fd, kDebuggerdNativeBacktrace)) {
+ if (!tombstoned_connect(getpid(), &tombstone_socket, &output_fd, nullptr,
+ kDebuggerdNativeBacktrace)) {
async_safe_format_log(ANDROID_LOG_ERROR, "libc",
"missing crash_dump_fallback() in selinux policy?");
goto exit;
@@ -325,10 +326,10 @@
_exit(1);
}
- unique_fd tombstone_socket, output_fd;
- bool tombstoned_connected =
- tombstoned_connect(getpid(), &tombstone_socket, &output_fd, kDebuggerdTombstone);
- debuggerd_fallback_tombstone(output_fd.get(), ucontext, info, abort_message);
+ unique_fd tombstone_socket, output_fd, proto_fd;
+ bool tombstoned_connected = tombstoned_connect(getpid(), &tombstone_socket, &output_fd, &proto_fd,
+ kDebuggerdTombstoneProto);
+ debuggerd_fallback_tombstone(output_fd.get(), proto_fd.get(), ucontext, info, abort_message);
if (tombstoned_connected) {
tombstoned_notify_completion(tombstone_socket.get());
}
diff --git a/debuggerd/handler/debuggerd_handler.cpp b/debuggerd/handler/debuggerd_handler.cpp
index 1297c4d..ca809e4 100644
--- a/debuggerd/handler/debuggerd_handler.cpp
+++ b/debuggerd/handler/debuggerd_handler.cpp
@@ -312,7 +312,7 @@
return kDebuggerdNativeBacktrace;
}
- return kDebuggerdTombstone;
+ return kDebuggerdTombstoneProto;
}
static int debuggerd_dispatch_pseudothread(void* arg) {
diff --git a/debuggerd/libdebuggerd/include/libdebuggerd/tombstone.h b/debuggerd/libdebuggerd/include/libdebuggerd/tombstone.h
index 3ff7d62..bf2cbb3 100644
--- a/debuggerd/libdebuggerd/include/libdebuggerd/tombstone.h
+++ b/debuggerd/libdebuggerd/include/libdebuggerd/tombstone.h
@@ -21,6 +21,7 @@
#include <stddef.h>
#include <sys/types.h>
+#include <functional>
#include <map>
#include <string>
@@ -30,6 +31,8 @@
#include "types.h"
// Forward declarations
+class Tombstone;
+
namespace unwindstack {
class Unwinder;
}
@@ -44,13 +47,21 @@
int open_tombstone(std::string* path);
/* Creates a tombstone file and writes the crash dump to it. */
-void engrave_tombstone(android::base::unique_fd output_fd, unwindstack::Unwinder* unwinder,
+void engrave_tombstone(android::base::unique_fd output_fd, android::base::unique_fd proto_fd,
+ unwindstack::Unwinder* unwinder,
const std::map<pid_t, ThreadInfo>& thread_info, pid_t target_thread,
const ProcessInfo& process_info, OpenFilesList* open_files,
std::string* amfd_data);
-void engrave_tombstone_ucontext(int tombstone_fd, uint64_t abort_msg_address, siginfo_t* siginfo,
- ucontext_t* ucontext);
+void engrave_tombstone_ucontext(int tombstone_fd, int proto_fd, uint64_t abort_msg_address,
+ siginfo_t* siginfo, ucontext_t* ucontext);
+void engrave_tombstone_proto(Tombstone* tombstone, unwindstack::Unwinder* unwinder,
+ const std::map<pid_t, ThreadInfo>& threads, pid_t target_thread,
+ const ProcessInfo& process_info, const OpenFilesList* open_files);
+
+bool tombstone_proto_to_text(
+ const Tombstone& tombstone,
+ std::function<void(const std::string& line, bool should_log)> callback);
#endif // _DEBUGGERD_TOMBSTONE_H
diff --git a/debuggerd/libdebuggerd/include/libdebuggerd/types.h b/debuggerd/libdebuggerd/include/libdebuggerd/types.h
index 86522ee..d5b0735 100644
--- a/debuggerd/libdebuggerd/include/libdebuggerd/types.h
+++ b/debuggerd/libdebuggerd/include/libdebuggerd/types.h
@@ -31,7 +31,9 @@
std::string thread_name;
pid_t pid;
+
std::string process_name;
+ std::string selinux_label;
int signo = 0;
siginfo_t* siginfo = nullptr;
diff --git a/debuggerd/libdebuggerd/include/libdebuggerd/utility.h b/debuggerd/libdebuggerd/include/libdebuggerd/utility.h
index 29fb9a4..d71b76f 100644
--- a/debuggerd/libdebuggerd/include/libdebuggerd/utility.h
+++ b/debuggerd/libdebuggerd/include/libdebuggerd/utility.h
@@ -81,6 +81,8 @@
void log_backtrace(log_t* log, unwindstack::Unwinder* unwinder, const char* prefix);
+ssize_t dump_memory(void* out, size_t len, size_t* start_offset, uint64_t* addr,
+ unwindstack::Memory* memory);
void dump_memory(log_t* log, unwindstack::Memory* backtrace, uint64_t addr, const std::string&);
void drop_capabilities();
diff --git a/debuggerd/libdebuggerd/tombstone.cpp b/debuggerd/libdebuggerd/tombstone.cpp
index 4bd7192..185bd6e 100644
--- a/debuggerd/libdebuggerd/tombstone.cpp
+++ b/debuggerd/libdebuggerd/tombstone.cpp
@@ -36,12 +36,12 @@
#include <string>
#include <android-base/file.h>
-#include <android-base/logging.h>
#include <android-base/properties.h>
#include <android-base/stringprintf.h>
#include <android-base/strings.h>
#include <android-base/unique_fd.h>
#include <android/log.h>
+#include <async_safe/log.h>
#include <log/log.h>
#include <log/log_read.h>
#include <log/logprint.h>
@@ -63,6 +63,8 @@
#include "gwp_asan/common.h"
#include "gwp_asan/crash_handler.h"
+#include "tombstone.pb.h"
+
using android::base::GetBoolProperty;
using android::base::GetProperty;
using android::base::StringPrintf;
@@ -190,8 +192,7 @@
static std::string get_addr_string(uint64_t addr) {
std::string addr_str;
#if defined(__LP64__)
- addr_str = StringPrintf("%08x'%08x",
- static_cast<uint32_t>(addr >> 32),
+ addr_str = StringPrintf("%08x'%08x", static_cast<uint32_t>(addr >> 32),
static_cast<uint32_t>(addr & 0xffffffff));
#else
addr_str = StringPrintf("%08x", static_cast<uint32_t>(addr));
@@ -394,8 +395,7 @@
if (primary_thread && gwp_asan_crash_data->CrashIsMine()) {
gwp_asan_crash_data->DumpCause(log);
} else if (thread_info.siginfo && !(primary_thread && scudo_crash_data->CrashIsMine())) {
- dump_probable_cause(log, thread_info.siginfo, unwinder->GetMaps(),
- thread_info.registers.get());
+ dump_probable_cause(log, thread_info.siginfo, unwinder->GetMaps(), thread_info.registers.get());
}
if (primary_thread) {
@@ -492,8 +492,7 @@
// the tombstone file.
if (first) {
- _LOG(log, logtype::LOGS, "--------- %slog %s\n",
- tail ? "tail end of " : "", filename);
+ _LOG(log, logtype::LOGS, "--------- %slog %s\n", tail ? "tail end of " : "", filename);
first = false;
}
@@ -554,8 +553,8 @@
dump_log_file(log, pid, "main", tail);
}
-void engrave_tombstone_ucontext(int tombstone_fd, uint64_t abort_msg_address, siginfo_t* siginfo,
- ucontext_t* ucontext) {
+void engrave_tombstone_ucontext(int tombstone_fd, int proto_fd, uint64_t abort_msg_address,
+ siginfo_t* siginfo, ucontext_t* ucontext) {
pid_t uid = getuid();
pid_t pid = getpid();
pid_t tid = gettid();
@@ -572,34 +571,47 @@
std::unique_ptr<unwindstack::Regs> regs(
unwindstack::Regs::CreateFromUcontext(unwindstack::Regs::CurrentArch(), ucontext));
+ std::string selinux_label;
+ android::base::ReadFileToString("/proc/self/attr/current", &selinux_label);
+
std::map<pid_t, ThreadInfo> threads;
threads[tid] = ThreadInfo{
.registers = std::move(regs),
.uid = uid,
.tid = tid,
- .thread_name = thread_name.c_str(),
+ .thread_name = std::move(thread_name),
.pid = pid,
- .process_name = process_name.c_str(),
+ .process_name = std::move(process_name),
+ .selinux_label = std::move(selinux_label),
.siginfo = siginfo,
};
unwindstack::UnwinderFromPid unwinder(kMaxFrames, pid, unwindstack::Regs::CurrentArch());
if (!unwinder.Init()) {
- LOG(FATAL) << "Failed to init unwinder object.";
+ async_safe_fatal("failed to init unwinder object");
}
ProcessInfo process_info;
+ unique_fd attr_fd(open("/proc/self/attr/current", O_RDONLY | O_CLOEXEC));
process_info.abort_msg_address = abort_msg_address;
- engrave_tombstone(unique_fd(dup(tombstone_fd)), &unwinder, threads, tid, process_info, nullptr,
- nullptr);
+ engrave_tombstone(unique_fd(dup(tombstone_fd)), unique_fd(dup(proto_fd)), &unwinder, threads, tid,
+ process_info, nullptr, nullptr);
}
-void engrave_tombstone(unique_fd output_fd, unwindstack::Unwinder* unwinder,
+void engrave_tombstone(unique_fd output_fd, unique_fd proto_fd, unwindstack::Unwinder* unwinder,
const std::map<pid_t, ThreadInfo>& threads, pid_t target_thread,
const ProcessInfo& process_info, OpenFilesList* open_files,
std::string* amfd_data) {
// Don't copy log messages to tombstone unless this is a development device.
- bool want_logs = GetBoolProperty("ro.debuggable", false);
+ Tombstone tombstone;
+ engrave_tombstone_proto(&tombstone, unwinder, threads, target_thread, process_info, open_files);
+
+ if (proto_fd != -1) {
+ if (!tombstone.SerializeToFileDescriptor(proto_fd.get())) {
+ async_safe_format_log(ANDROID_LOG_ERROR, LOG_TAG, "failed to write proto tombstone: %s",
+ strerror(errno));
+ }
+ }
log_t log;
log.current_tid = target_thread;
@@ -607,35 +619,45 @@
log.tfd = output_fd.get();
log.amfd_data = amfd_data;
- _LOG(&log, logtype::HEADER, "*** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***\n");
- dump_header_info(&log);
- _LOG(&log, logtype::HEADER, "Timestamp: %s\n", get_timestamp().c_str());
+ bool translate_proto = GetBoolProperty("debug.debuggerd.translate_proto_to_text", false);
+ if (translate_proto) {
+ tombstone_proto_to_text(tombstone, [&log](const std::string& line, bool should_log) {
+ _LOG(&log, should_log ? logtype::HEADER : logtype::LOGS, "%s\n", line.c_str());
+ });
+ } else {
+ bool want_logs = GetBoolProperty("ro.debuggable", false);
- auto it = threads.find(target_thread);
- if (it == threads.end()) {
- LOG(FATAL) << "failed to find target thread";
- }
+ _LOG(&log, logtype::HEADER,
+ "*** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***\n");
+ dump_header_info(&log);
+ _LOG(&log, logtype::HEADER, "Timestamp: %s\n", get_timestamp().c_str());
- dump_thread(&log, unwinder, it->second, process_info, true);
-
- if (want_logs) {
- dump_logs(&log, it->second.pid, 50);
- }
-
- for (auto& [tid, thread_info] : threads) {
- if (tid == target_thread) {
- continue;
+ auto it = threads.find(target_thread);
+ if (it == threads.end()) {
+ async_safe_fatal("failed to find target thread");
}
- dump_thread(&log, unwinder, thread_info, process_info, false);
- }
+ dump_thread(&log, unwinder, it->second, process_info, true);
- if (open_files) {
- _LOG(&log, logtype::OPEN_FILES, "\nopen files:\n");
- dump_open_files_list(&log, *open_files, " ");
- }
+ if (want_logs) {
+ dump_logs(&log, it->second.pid, 50);
+ }
- if (want_logs) {
- dump_logs(&log, it->second.pid, 0);
+ for (auto& [tid, thread_info] : threads) {
+ if (tid == target_thread) {
+ continue;
+ }
+
+ dump_thread(&log, unwinder, thread_info, process_info, false);
+ }
+
+ if (open_files) {
+ _LOG(&log, logtype::OPEN_FILES, "\nopen files:\n");
+ dump_open_files_list(&log, *open_files, " ");
+ }
+
+ if (want_logs) {
+ dump_logs(&log, it->second.pid, 0);
+ }
}
}
diff --git a/debuggerd/libdebuggerd/tombstone_proto.cpp b/debuggerd/libdebuggerd/tombstone_proto.cpp
new file mode 100644
index 0000000..bb3c7ea
--- /dev/null
+++ b/debuggerd/libdebuggerd/tombstone_proto.cpp
@@ -0,0 +1,488 @@
+/*
+ * Copyright (C) 2020 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#define LOG_TAG "DEBUG"
+
+#include "libdebuggerd/tombstone.h"
+
+#include <errno.h>
+#include <fcntl.h>
+#include <inttypes.h>
+#include <signal.h>
+#include <stddef.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/mman.h>
+#include <time.h>
+
+#include <memory>
+#include <string>
+
+#include <async_safe/log.h>
+
+#include <android-base/properties.h>
+#include <android-base/stringprintf.h>
+#include <android-base/strings.h>
+#include <android-base/unique_fd.h>
+
+#include <android/log.h>
+#include <log/log.h>
+#include <log/log_read.h>
+#include <log/logprint.h>
+#include <private/android_filesystem_config.h>
+
+#include <unwindstack/Maps.h>
+#include <unwindstack/Memory.h>
+#include <unwindstack/Regs.h>
+#include <unwindstack/Unwinder.h>
+
+#include "libdebuggerd/open_files_list.h"
+#include "libdebuggerd/utility.h"
+#include "util.h"
+
+#include "tombstone.pb.h"
+
+using android::base::StringPrintf;
+
+// Use the demangler from libc++.
+extern "C" char* __cxa_demangle(const char*, char*, size_t*, int* status);
+
+static Architecture get_arch() {
+#if defined(__arm__)
+ return Architecture::ARM32;
+#elif defined(__aarch64__)
+ return Architecture::ARM64;
+#elif defined(__i386__)
+ return Architecture::X86;
+#elif defined(__x86_64__)
+ return Architecture::X86_64;
+#else
+#error Unknown architecture!
+#endif
+}
+
+static std::optional<std::string> get_stack_overflow_cause(uint64_t fault_addr, uint64_t sp,
+ unwindstack::Maps* maps) {
+ static constexpr uint64_t kMaxDifferenceBytes = 256;
+ uint64_t difference;
+ if (sp >= fault_addr) {
+ difference = sp - fault_addr;
+ } else {
+ difference = fault_addr - sp;
+ }
+ if (difference <= kMaxDifferenceBytes) {
+ // The faulting address is close to the current sp, check if the sp
+ // indicates a stack overflow.
+ // On arm, the sp does not get updated when the instruction faults.
+ // In this case, the sp will still be in a valid map, which is the
+ // last case below.
+ // On aarch64, the sp does get updated when the instruction faults.
+ // In this case, the sp will be in either an invalid map if triggered
+ // on the main thread, or in a guard map if in another thread, which
+ // will be the first case or second case from below.
+ unwindstack::MapInfo* map_info = maps->Find(sp);
+ if (map_info == nullptr) {
+ return "stack pointer is in a non-existent map; likely due to stack overflow.";
+ } else if ((map_info->flags & (PROT_READ | PROT_WRITE)) != (PROT_READ | PROT_WRITE)) {
+ return "stack pointer is not in a rw map; likely due to stack overflow.";
+ } else if ((sp - map_info->start) <= kMaxDifferenceBytes) {
+ return "stack pointer is close to top of stack; likely stack overflow.";
+ }
+ }
+ return {};
+}
+
+static void dump_probable_cause(Tombstone* tombstone, const siginfo_t* si, unwindstack::Maps* maps,
+ unwindstack::Regs* regs) {
+ std::optional<std::string> cause;
+ if (si->si_signo == SIGSEGV && si->si_code == SEGV_MAPERR) {
+ if (si->si_addr < reinterpret_cast<void*>(4096)) {
+ cause = "null pointer dereference";
+ } else if (si->si_addr == reinterpret_cast<void*>(0xffff0ffc)) {
+ cause = "call to kuser_helper_version";
+ } else if (si->si_addr == reinterpret_cast<void*>(0xffff0fe0)) {
+ cause = "call to kuser_get_tls";
+ } else if (si->si_addr == reinterpret_cast<void*>(0xffff0fc0)) {
+ cause = "call to kuser_cmpxchg";
+ } else if (si->si_addr == reinterpret_cast<void*>(0xffff0fa0)) {
+ cause = "call to kuser_memory_barrier";
+ } else if (si->si_addr == reinterpret_cast<void*>(0xffff0f60)) {
+ cause = "call to kuser_cmpxchg64";
+ } else {
+ cause = get_stack_overflow_cause(reinterpret_cast<uint64_t>(si->si_addr), regs->sp(), maps);
+ }
+ } else if (si->si_signo == SIGSEGV && si->si_code == SEGV_ACCERR) {
+ uint64_t fault_addr = reinterpret_cast<uint64_t>(si->si_addr);
+ unwindstack::MapInfo* map_info = maps->Find(fault_addr);
+ if (map_info != nullptr && map_info->flags == PROT_EXEC) {
+ cause = "execute-only (no-read) memory access error; likely due to data in .text.";
+ } else {
+ cause = get_stack_overflow_cause(fault_addr, regs->sp(), maps);
+ }
+ } else if (si->si_signo == SIGSYS && si->si_code == SYS_SECCOMP) {
+ cause = StringPrintf("seccomp prevented call to disallowed %s system call %d", ABI_STRING,
+ si->si_syscall);
+ }
+
+ if (cause) {
+ tombstone->mutable_cause()->set_human_readable(*cause);
+ }
+}
+
+static void dump_abort_message(Tombstone* tombstone, unwindstack::Unwinder* unwinder,
+ const ProcessInfo& process_info) {
+ std::shared_ptr<unwindstack::Memory> process_memory = unwinder->GetProcessMemory();
+ uintptr_t address = process_info.abort_msg_address;
+ if (address == 0) {
+ return;
+ }
+
+ size_t length;
+ if (!process_memory->ReadFully(address, &length, sizeof(length))) {
+ async_safe_format_log(ANDROID_LOG_ERROR, LOG_TAG, "failed to read abort message header: %s",
+ strerror(errno));
+ return;
+ }
+
+ // The length field includes the length of the length field itself.
+ if (length < sizeof(size_t)) {
+ async_safe_format_log(ANDROID_LOG_ERROR, LOG_TAG,
+ "abort message header malformed: claimed length = %zu", length);
+ return;
+ }
+
+ length -= sizeof(size_t);
+
+ // The abort message should be null terminated already, but reserve a spot for NUL just in case.
+ std::string msg;
+ msg.resize(length);
+
+ if (!process_memory->ReadFully(address + sizeof(length), &msg[0], length)) {
+ async_safe_format_log(ANDROID_LOG_ERROR, LOG_TAG, "failed to read abort message header: %s",
+ strerror(errno));
+ return;
+ }
+
+ tombstone->set_abort_message(msg);
+}
+
+static void dump_open_fds(Tombstone* tombstone, const OpenFilesList* open_files) {
+ if (open_files) {
+ for (auto& [fd, entry] : *open_files) {
+ FD f;
+
+ f.set_fd(fd);
+
+ const std::optional<std::string>& path = entry.path;
+ if (path) {
+ f.set_path(*path);
+ }
+
+ const std::optional<uint64_t>& fdsan_owner = entry.fdsan_owner;
+ if (fdsan_owner) {
+ const char* type = android_fdsan_get_tag_type(*fdsan_owner);
+ uint64_t value = android_fdsan_get_tag_value(*fdsan_owner);
+ f.set_owner(type);
+ f.set_tag(value);
+ }
+
+ *tombstone->add_open_fds() = f;
+ }
+ }
+}
+
+static void dump_thread(Tombstone* tombstone, unwindstack::Unwinder* unwinder,
+ const ThreadInfo& thread_info, bool memory_dump = false) {
+ Thread thread;
+
+ thread.set_id(thread_info.tid);
+ thread.set_name(thread_info.thread_name);
+
+ unwindstack::Maps* maps = unwinder->GetMaps();
+ unwindstack::Memory* memory = unwinder->GetProcessMemory().get();
+
+ thread_info.registers->IterateRegisters(
+ [&thread, memory_dump, maps, memory](const char* name, uint64_t value) {
+ Register r;
+ r.set_name(name);
+ r.set_u64(value);
+ *thread.add_registers() = r;
+
+ if (memory_dump) {
+ MemoryDump dump;
+
+ char buf[256];
+ size_t start_offset = 0;
+ ssize_t bytes = dump_memory(buf, sizeof(buf), &start_offset, &value, memory);
+ if (bytes == -1) {
+ return;
+ }
+
+ dump.set_register_name(name);
+
+ unwindstack::MapInfo* map_info = maps->Find(value);
+ if (map_info) {
+ dump.set_mapping_name(map_info->name);
+ }
+
+ dump.set_begin_address(value);
+
+ if (start_offset + bytes > sizeof(buf)) {
+ async_safe_fatal("dump_memory overflowed? start offset = %zu, bytes read = %zd",
+ start_offset, bytes);
+ }
+
+ dump.set_memory(buf, start_offset + bytes);
+
+ *thread.add_memory_dump() = std::move(dump);
+ }
+ });
+
+ std::unique_ptr<unwindstack::Regs> regs_copy(thread_info.registers->Clone());
+ unwinder->SetRegs(regs_copy.get());
+ unwinder->Unwind();
+ if (unwinder->NumFrames() == 0) {
+ async_safe_format_log(ANDROID_LOG_ERROR, LOG_TAG, "failed to unwind");
+ if (unwinder->LastErrorCode() != unwindstack::ERROR_NONE) {
+ async_safe_format_log(ANDROID_LOG_ERROR, LOG_TAG, " error code: %s",
+ unwinder->LastErrorCodeString());
+ async_safe_format_log(ANDROID_LOG_ERROR, LOG_TAG, " error address: 0x%" PRIx64,
+ unwinder->LastErrorAddress());
+ }
+ } else {
+ unwinder->SetDisplayBuildID(true);
+ for (const auto& frame : unwinder->frames()) {
+ BacktraceFrame* f = thread.add_current_backtrace();
+ f->set_rel_pc(frame.rel_pc);
+ f->set_pc(frame.pc);
+ f->set_sp(frame.sp);
+
+ if (!frame.function_name.empty()) {
+ // TODO: Should this happen here, or on the display side?
+ char* demangled_name =
+ __cxa_demangle(frame.function_name.c_str(), nullptr, nullptr, nullptr);
+ if (demangled_name) {
+ f->set_function_name(demangled_name);
+ free(demangled_name);
+ } else {
+ f->set_function_name(frame.function_name);
+ }
+ }
+
+ f->set_function_offset(frame.function_offset);
+
+ if (frame.map_start == frame.map_end) {
+ // No valid map associated with this frame.
+ f->set_file_name("<unknown>");
+ } else if (!frame.map_name.empty()) {
+ f->set_file_name(frame.map_name);
+ } else {
+ f->set_file_name(StringPrintf("<anonymous:%" PRIx64 ">", frame.map_start));
+ }
+
+ f->set_file_map_offset(frame.map_elf_start_offset);
+
+ unwindstack::MapInfo* map_info = maps->Find(frame.map_start);
+ if (map_info) {
+ f->set_build_id(map_info->GetPrintableBuildID());
+ }
+ }
+ }
+
+ auto& threads = *tombstone->mutable_threads();
+ threads[thread_info.tid] = thread;
+}
+
+static void dump_main_thread(Tombstone* tombstone, unwindstack::Unwinder* unwinder,
+ const ThreadInfo& thread_info) {
+ dump_thread(tombstone, unwinder, thread_info, true);
+}
+
+static void dump_mappings(Tombstone* tombstone, unwindstack::Unwinder* unwinder) {
+ unwindstack::Maps* maps = unwinder->GetMaps();
+ std::shared_ptr<unwindstack::Memory> process_memory = unwinder->GetProcessMemory();
+
+ for (const auto& map_info : *maps) {
+ auto* map = tombstone->add_memory_mappings();
+ map->set_begin_address(map_info->start);
+ map->set_end_address(map_info->end);
+ map->set_offset(map_info->offset);
+
+ if (map_info->flags & PROT_READ) {
+ map->set_read(true);
+ }
+ if (map_info->flags & PROT_WRITE) {
+ map->set_write(true);
+ }
+ if (map_info->flags & PROT_EXEC) {
+ map->set_execute(true);
+ }
+
+ map->set_mapping_name(map_info->name);
+
+ std::string build_id = map_info->GetPrintableBuildID();
+ if (!build_id.empty()) {
+ map->set_build_id(build_id);
+ }
+
+ map->set_load_bias(map_info->GetLoadBias(process_memory));
+ }
+}
+
+static void dump_log_file(Tombstone* tombstone, const char* logger, pid_t pid) {
+ logger_list* logger_list =
+ android_logger_list_open(android_name_to_log_id(logger), ANDROID_LOG_NONBLOCK, 0, pid);
+
+ LogBuffer buffer;
+
+ while (true) {
+ log_msg log_entry;
+ ssize_t actual = android_logger_list_read(logger_list, &log_entry);
+
+ if (actual < 0) {
+ if (actual == -EINTR) {
+ // interrupted by signal, retry
+ continue;
+ }
+ if (actual == -EAGAIN) {
+ // non-blocking EOF; we're done
+ break;
+ } else {
+ break;
+ }
+ } else if (actual == 0) {
+ break;
+ }
+
+ char timestamp_secs[32];
+ time_t sec = static_cast<time_t>(log_entry.entry.sec);
+ tm tm;
+ localtime_r(&sec, &tm);
+ strftime(timestamp_secs, sizeof(timestamp_secs), "%m-%d %H:%M:%S", &tm);
+ std::string timestamp =
+ StringPrintf("%s.%03d", timestamp_secs, log_entry.entry.nsec / 1'000'000);
+
+ // Msg format is: <priority:1><tag:N>\0<message:N>\0
+ char* msg = log_entry.msg();
+ if (msg == nullptr) {
+ continue;
+ }
+
+ unsigned char prio = msg[0];
+ char* tag = msg + 1;
+ msg = tag + strlen(tag) + 1;
+
+ // consume any trailing newlines
+ char* nl = msg + strlen(msg) - 1;
+ while (nl >= msg && *nl == '\n') {
+ *nl-- = '\0';
+ }
+
+ // Look for line breaks ('\n') and display each text line
+ // on a separate line, prefixed with the header, like logcat does.
+ do {
+ nl = strchr(msg, '\n');
+ if (nl != nullptr) {
+ *nl = '\0';
+ ++nl;
+ }
+
+ LogMessage* log_msg = buffer.add_logs();
+ log_msg->set_timestamp(timestamp);
+ log_msg->set_pid(log_entry.entry.pid);
+ log_msg->set_tid(log_entry.entry.tid);
+ log_msg->set_priority(prio);
+ log_msg->set_tag(tag);
+ log_msg->set_message(msg);
+ } while ((msg = nl));
+ }
+ android_logger_list_free(logger_list);
+
+ if (!buffer.logs().empty()) {
+ buffer.set_name(logger);
+ *tombstone->add_log_buffers() = std::move(buffer);
+ }
+}
+
+static void dump_logcat(Tombstone* tombstone, pid_t pid) {
+ dump_log_file(tombstone, "system", pid);
+ dump_log_file(tombstone, "main", pid);
+}
+
+void engrave_tombstone_proto(Tombstone* tombstone, unwindstack::Unwinder* unwinder,
+ const std::map<pid_t, ThreadInfo>& threads, pid_t target_thread,
+ const ProcessInfo& process_info, const OpenFilesList* open_files) {
+ Tombstone result;
+
+ result.set_arch(get_arch());
+ result.set_build_fingerprint(android::base::GetProperty("ro.build.fingerprint", "unknown"));
+ result.set_revision(android::base::GetProperty("ro.revision", "unknown"));
+ result.set_timestamp(get_timestamp());
+
+ const ThreadInfo& main_thread = threads.at(target_thread);
+ result.set_pid(main_thread.pid);
+ result.set_tid(main_thread.tid);
+ result.set_uid(main_thread.uid);
+ result.set_selinux_label(main_thread.selinux_label);
+
+ result.set_process_name(main_thread.process_name);
+ if (!main_thread.siginfo) {
+ async_safe_fatal("siginfo missing");
+ }
+
+ Signal sig;
+ sig.set_number(main_thread.signo);
+ sig.set_name(get_signame(main_thread.siginfo));
+ sig.set_code(main_thread.siginfo->si_code);
+ sig.set_code_name(get_sigcode(main_thread.siginfo));
+
+ if (signal_has_sender(main_thread.siginfo, main_thread.pid)) {
+ sig.set_has_sender(true);
+ sig.set_sender_uid(main_thread.siginfo->si_uid);
+ sig.set_sender_pid(main_thread.siginfo->si_pid);
+ }
+
+ if (process_info.has_fault_address) {
+ sig.set_has_fault_address(true);
+ sig.set_fault_address(process_info.untagged_fault_address);
+ }
+
+ *result.mutable_signal_info() = sig;
+
+ dump_abort_message(&result, unwinder, process_info);
+
+ dump_main_thread(&result, unwinder, main_thread);
+
+ for (const auto& [tid, thread_info] : threads) {
+ if (tid != target_thread) {
+ dump_thread(&result, unwinder, thread_info);
+ }
+ }
+
+ dump_probable_cause(&result, main_thread.siginfo, unwinder->GetMaps(),
+ main_thread.registers.get());
+
+ dump_mappings(&result, unwinder);
+
+ // Only dump logs on debuggable devices.
+ if (android::base::GetBoolProperty("ro.debuggable", false)) {
+ dump_logcat(&result, main_thread.pid);
+ }
+
+ dump_open_fds(&result, open_files);
+
+ *tombstone = std::move(result);
+}
diff --git a/debuggerd/libdebuggerd/tombstone_proto_to_text.cpp b/debuggerd/libdebuggerd/tombstone_proto_to_text.cpp
new file mode 100644
index 0000000..187379d
--- /dev/null
+++ b/debuggerd/libdebuggerd/tombstone_proto_to_text.cpp
@@ -0,0 +1,360 @@
+/*
+ * Copyright (C) 2020 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <libdebuggerd/tombstone.h>
+
+#include <inttypes.h>
+
+#include <functional>
+#include <set>
+#include <string>
+#include <unordered_set>
+#include <utility>
+#include <vector>
+
+#include <android-base/stringprintf.h>
+#include <android-base/unique_fd.h>
+#include <async_safe/log.h>
+
+#include "tombstone.pb.h"
+
+using android::base::StringAppendF;
+using android::base::StringPrintf;
+
+#define CB(log, ...) callback(StringPrintf(__VA_ARGS__), log)
+#define CBL(...) CB(true, __VA_ARGS__)
+#define CBS(...) CB(false, __VA_ARGS__)
+using CallbackType = std::function<void(const std::string& line, bool should_log)>;
+
+static const char* abi_string(const Tombstone& tombstone) {
+ switch (tombstone.arch()) {
+ case Architecture::ARM32:
+ return "arm";
+ case Architecture::ARM64:
+ return "arm64";
+ case Architecture::X86:
+ return "x86";
+ case Architecture::X86_64:
+ return "x86_64";
+ default:
+ return "<unknown>";
+ }
+}
+
+static int pointer_width(const Tombstone& tombstone) {
+ switch (tombstone.arch()) {
+ case Architecture::ARM32:
+ return 4;
+ case Architecture::ARM64:
+ return 8;
+ case Architecture::X86:
+ return 4;
+ case Architecture::X86_64:
+ return 8;
+ default:
+ return 8;
+ }
+}
+
+static void print_thread_header(CallbackType callback, const Tombstone& tombstone,
+ const Thread& thread, bool should_log) {
+ CB(should_log, "pid: %d, tid: %d, name: %s >>> %s <<<", tombstone.pid(), thread.id(),
+ thread.name().c_str(), tombstone.process_name().c_str());
+ CB(should_log, "uid: %d", tombstone.uid());
+}
+
+static void print_register_row(CallbackType callback, int word_size,
+ std::vector<std::pair<std::string, uint64_t>> row, bool should_log) {
+ std::string output = " ";
+ for (const auto& [name, value] : row) {
+ output += android::base::StringPrintf(" %-3s %0*" PRIx64, name.c_str(), 2 * word_size,
+ static_cast<uint64_t>(value));
+ }
+ callback(output, should_log);
+}
+
+static void print_thread_registers(CallbackType callback, const Tombstone& tombstone,
+ const Thread& thread, bool should_log) {
+ static constexpr size_t column_count = 4;
+ std::vector<std::pair<std::string, uint64_t>> current_row;
+ std::vector<std::pair<std::string, uint64_t>> special_row;
+ std::unordered_set<std::string> special_registers;
+
+ int word_size = pointer_width(tombstone);
+
+ switch (tombstone.arch()) {
+ case Architecture::ARM32:
+ special_registers = {"ip", "lr", "sp", "pc", "pst"};
+ break;
+
+ case Architecture::ARM64:
+ special_registers = {"ip", "lr", "sp", "pc", "pst"};
+ break;
+
+ case Architecture::X86:
+ special_registers = {"ebp", "esp", "eip"};
+ break;
+
+ case Architecture::X86_64:
+ special_registers = {"rbp", "rsp", "rip"};
+ break;
+
+ default:
+ async_safe_fatal("unknown architecture");
+ }
+
+ for (const auto& reg : thread.registers()) {
+ auto row = ¤t_row;
+ if (special_registers.count(reg.name()) == 1) {
+ row = &special_row;
+ }
+
+ row->emplace_back(reg.name(), reg.u64());
+ if (current_row.size() == column_count) {
+ print_register_row(callback, word_size, current_row, should_log);
+ current_row.clear();
+ }
+ }
+
+ if (!current_row.empty()) {
+ print_register_row(callback, word_size, current_row, should_log);
+ }
+
+ print_register_row(callback, word_size, special_row, should_log);
+}
+
+static void print_thread_backtrace(CallbackType callback, const Tombstone& tombstone,
+ const Thread& thread, bool should_log) {
+ CBS("");
+ CB(should_log, "backtrace:");
+ int index = 0;
+ for (const auto& frame : thread.current_backtrace()) {
+ std::string function;
+
+ if (!frame.function_name().empty()) {
+ function =
+ StringPrintf(" (%s+%" PRId64 ")", frame.function_name().c_str(), frame.function_offset());
+ }
+
+ std::string build_id;
+ if (!frame.build_id().empty()) {
+ build_id = StringPrintf(" (BuildId: %s)", frame.build_id().c_str());
+ }
+
+ CB(should_log, " #%02d pc %0*" PRIx64 " %s%s%s", index++, pointer_width(tombstone) * 2,
+ frame.rel_pc(), frame.file_name().c_str(), function.c_str(), build_id.c_str());
+ }
+}
+
+static void print_thread_memory_dump(CallbackType callback, const Tombstone& tombstone,
+ const Thread& thread) {
+ static constexpr size_t bytes_per_line = 16;
+ int word_size = pointer_width(tombstone);
+ for (const auto& mem : thread.memory_dump()) {
+ CBS("");
+ CBS("memory near %s (%s):", mem.register_name().c_str(), mem.mapping_name().c_str());
+ uint64_t addr = mem.begin_address();
+ for (size_t offset = 0; offset < mem.memory().size(); offset += bytes_per_line) {
+ std::string line = StringPrintf(" %0*" PRIx64, word_size * 2, addr + offset);
+
+ size_t bytes = std::min(bytes_per_line, mem.memory().size() - offset);
+ for (size_t i = 0; i < bytes; i += word_size) {
+ uint64_t word = 0;
+
+ // Assumes little-endian, but what doesn't?
+ memcpy(&word, mem.memory().data() + offset + i, word_size);
+
+ StringAppendF(&line, " %0*" PRIx64, word_size * 2, word);
+ }
+
+ char ascii[bytes_per_line + 1];
+
+ memset(ascii, '.', sizeof(ascii));
+ ascii[bytes_per_line] = '\0';
+
+ for (size_t i = 0; i < bytes; ++i) {
+ uint8_t byte = mem.memory()[offset + i];
+ if (byte >= 0x20 && byte < 0x7f) {
+ ascii[i] = byte;
+ }
+ }
+
+ CBS("%s %s", line.c_str(), ascii);
+ }
+ }
+}
+
+static void print_thread(CallbackType callback, const Tombstone& tombstone, const Thread& thread) {
+ print_thread_header(callback, tombstone, thread, false);
+ print_thread_registers(callback, tombstone, thread, false);
+ print_thread_backtrace(callback, tombstone, thread, false);
+ print_thread_memory_dump(callback, tombstone, thread);
+}
+
+static void print_main_thread(CallbackType callback, const Tombstone& tombstone,
+ const Thread& thread) {
+ print_thread_header(callback, tombstone, thread, true);
+
+ const Signal& signal_info = tombstone.signal_info();
+ std::string sender_desc;
+
+ if (signal_info.has_sender()) {
+ sender_desc =
+ StringPrintf(" from pid %d, uid %d", signal_info.sender_pid(), signal_info.sender_uid());
+ }
+
+ if (!tombstone.has_signal_info()) {
+ CBL("signal information missing");
+ } else {
+ std::string fault_addr_desc;
+ if (signal_info.has_fault_address()) {
+ fault_addr_desc = StringPrintf("0x%" PRIx64, signal_info.fault_address());
+ } else {
+ fault_addr_desc = "--------";
+ }
+
+ CBL("signal %d (%s), code %d (%s%s), fault addr %s", signal_info.number(),
+ signal_info.name().c_str(), signal_info.code(), signal_info.code_name().c_str(),
+ sender_desc.c_str(), fault_addr_desc.c_str());
+ }
+
+ if (tombstone.has_cause()) {
+ const Cause& cause = tombstone.cause();
+ CBL("Cause: %s", cause.human_readable().c_str());
+ }
+
+ if (!tombstone.abort_message().empty()) {
+ CBL("Abort message: '%s'", tombstone.abort_message().c_str());
+ }
+
+ print_thread_registers(callback, tombstone, thread, true);
+ print_thread_backtrace(callback, tombstone, thread, true);
+ print_thread_memory_dump(callback, tombstone, thread);
+
+ CBS("");
+ CBS("memory map (%d %s):", tombstone.memory_mappings().size(),
+ tombstone.memory_mappings().size() == 1 ? "entry" : "entries");
+ int word_size = pointer_width(tombstone);
+ const auto format_pointer = [word_size](uint64_t ptr) -> std::string {
+ if (word_size == 8) {
+ uint64_t top = ptr >> 32;
+ uint64_t bottom = ptr & 0xFFFFFFFF;
+ return StringPrintf("%08" PRIx64 "'%08" PRIx64, top, bottom);
+ }
+
+ return StringPrintf("%0*" PRIx64, word_size * 2, ptr);
+ };
+
+ for (const auto& map : tombstone.memory_mappings()) {
+ std::string line = " ";
+ StringAppendF(&line, "%s-%s", format_pointer(map.begin_address()).c_str(),
+ format_pointer(map.end_address() - 1).c_str());
+ StringAppendF(&line, " %s%s%s", map.read() ? "r" : "-", map.write() ? "w" : "-",
+ map.execute() ? "x" : "-");
+ StringAppendF(&line, " %8" PRIx64 " %8" PRIx64, map.offset(),
+ map.end_address() - map.begin_address());
+
+ if (!map.mapping_name().empty()) {
+ StringAppendF(&line, " %s", map.mapping_name().c_str());
+
+ if (!map.build_id().empty()) {
+ StringAppendF(&line, " (BuildId: %s)", map.build_id().c_str());
+ }
+
+ if (map.load_bias() != 0) {
+ StringAppendF(&line, " (load bias 0x%" PRIx64 ")", map.load_bias());
+ }
+ }
+
+ CBS("%s", line.c_str());
+ }
+}
+
+void print_logs(CallbackType callback, const Tombstone& tombstone, int tail) {
+ for (const auto& buffer : tombstone.log_buffers()) {
+ if (tail) {
+ CBS("--------- tail end of log %s", buffer.name().c_str());
+ } else {
+ CBS("--------- log %s", buffer.name().c_str());
+ }
+
+ int begin = 0;
+ if (tail != 0) {
+ begin = std::max(0, buffer.logs().size() - tail);
+ }
+
+ for (int i = begin; i < buffer.logs().size(); ++i) {
+ const LogMessage& msg = buffer.logs(i);
+
+ static const char* kPrioChars = "!.VDIWEFS";
+ char priority = (msg.priority() < strlen(kPrioChars) ? kPrioChars[msg.priority()] : '?');
+ CBS("%s %5u %5u %c %-8s: %s", msg.timestamp().c_str(), msg.pid(), msg.tid(), priority,
+ msg.tag().c_str(), msg.message().c_str());
+ }
+ }
+}
+
+bool tombstone_proto_to_text(const Tombstone& tombstone, CallbackType callback) {
+ CBL("*** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***");
+ CBL("Build fingerprint: '%s'", tombstone.build_fingerprint().c_str());
+ CBL("Revision: '%s'", tombstone.revision().c_str());
+ CBL("ABI: '%s'", abi_string(tombstone));
+ CBL("Timestamp: %s", tombstone.timestamp().c_str());
+
+ // Process header
+ const auto& threads = tombstone.threads();
+ auto main_thread_it = threads.find(tombstone.tid());
+ if (main_thread_it == threads.end()) {
+ CBL("failed to find entry for main thread in tombstone");
+ return false;
+ }
+
+ const auto& main_thread = main_thread_it->second;
+
+ print_main_thread(callback, tombstone, main_thread);
+
+ print_logs(callback, tombstone, 50);
+
+ // protobuf's map is unordered, so sort the keys first.
+ std::set<int> thread_ids;
+ for (const auto& [tid, _] : threads) {
+ if (tid != tombstone.tid()) {
+ thread_ids.insert(tid);
+ }
+ }
+
+ for (const auto& tid : thread_ids) {
+ CBS("--- --- --- --- --- --- --- --- --- --- --- --- --- --- --- ---");
+ print_thread(callback, tombstone, threads.find(tid)->second);
+ }
+
+ if (tombstone.open_fds().size() > 0) {
+ CBS("");
+ CBS("open files:");
+ for (const auto& fd : tombstone.open_fds()) {
+ std::optional<std::string> owner;
+ if (!fd.owner().empty()) {
+ owner = StringPrintf("owned by %s 0x%" PRIx64, fd.owner().c_str(), fd.tag());
+ }
+
+ CBS(" fd %d: %s (%s)", fd.fd(), fd.path().c_str(), owner ? owner->c_str() : "unowned");
+ }
+ }
+
+ print_logs(callback, tombstone, 0);
+
+ return true;
+}
diff --git a/debuggerd/libdebuggerd/utility.cpp b/debuggerd/libdebuggerd/utility.cpp
index 7826efc..f941990 100644
--- a/debuggerd/libdebuggerd/utility.cpp
+++ b/debuggerd/libdebuggerd/utility.cpp
@@ -30,11 +30,11 @@
#include <string>
-#include <android-base/logging.h>
#include <android-base/properties.h>
#include <android-base/stringprintf.h>
#include <android-base/strings.h>
#include <android-base/unique_fd.h>
+#include <async_safe/log.h>
#include <bionic/reserved_signals.h>
#include <debuggerd/handler.h>
#include <log/log.h>
@@ -126,56 +126,56 @@
#define MEMORY_BYTES_TO_DUMP 256
#define MEMORY_BYTES_PER_LINE 16
-void dump_memory(log_t* log, unwindstack::Memory* memory, uint64_t addr, const std::string& label) {
+ssize_t dump_memory(void* out, size_t len, size_t* start_offset, uint64_t* addr,
+ unwindstack::Memory* memory) {
// Align the address to the number of bytes per line to avoid confusing memory tag output if
// memory is tagged and we start from a misaligned address. Start 32 bytes before the address.
- addr &= ~(MEMORY_BYTES_PER_LINE - 1);
- if (addr >= 4128) {
- addr -= 32;
+ *addr &= ~(MEMORY_BYTES_PER_LINE - 1);
+ if (*addr >= 4128) {
+ *addr -= 32;
}
// We don't want the address tag to appear in the addresses in the memory dump.
- addr = untag_address(addr);
+ *addr = untag_address(*addr);
// Don't bother if the address would overflow, taking tag bits into account. Note that
// untag_address truncates to 32 bits on 32-bit platforms as a side effect of returning a
// uintptr_t, so this also checks for 32-bit overflow.
- if (untag_address(addr + MEMORY_BYTES_TO_DUMP - 1) < addr) {
- return;
+ if (untag_address(*addr + MEMORY_BYTES_TO_DUMP - 1) < *addr) {
+ return -1;
}
- // Dump 256 bytes
- uintptr_t data[MEMORY_BYTES_TO_DUMP/sizeof(uintptr_t)];
- memset(data, 0, MEMORY_BYTES_TO_DUMP);
- size_t bytes = memory->Read(addr, reinterpret_cast<uint8_t*>(data), sizeof(data));
+ memset(out, 0, len);
+
+ size_t bytes = memory->Read(*addr, reinterpret_cast<uint8_t*>(out), len);
if (bytes % sizeof(uintptr_t) != 0) {
// This should never happen, but just in case.
ALOGE("Bytes read %zu, is not a multiple of %zu", bytes, sizeof(uintptr_t));
bytes &= ~(sizeof(uintptr_t) - 1);
}
- uint64_t start = 0;
+ *start_offset = 0;
bool skip_2nd_read = false;
if (bytes == 0) {
// In this case, we might want to try another read at the beginning of
// the next page only if it's within the amount of memory we would have
// read.
size_t page_size = sysconf(_SC_PAGE_SIZE);
- start = ((addr + (page_size - 1)) & ~(page_size - 1)) - addr;
- if (start == 0 || start >= MEMORY_BYTES_TO_DUMP) {
+ *start_offset = ((*addr + (page_size - 1)) & ~(page_size - 1)) - *addr;
+ if (*start_offset == 0 || *start_offset >= len) {
skip_2nd_read = true;
}
}
- if (bytes < MEMORY_BYTES_TO_DUMP && !skip_2nd_read) {
+ if (bytes < len && !skip_2nd_read) {
// Try to do one more read. This could happen if a read crosses a map,
// but the maps do not have any break between them. Or it could happen
// if reading from an unreadable map, but the read would cross back
// into a readable map. Only requires one extra read because a map has
// to contain at least one page, and the total number of bytes to dump
// is smaller than a page.
- size_t bytes2 = memory->Read(addr + start + bytes, reinterpret_cast<uint8_t*>(data) + bytes,
- sizeof(data) - bytes - start);
+ size_t bytes2 = memory->Read(*addr + *start_offset + bytes, static_cast<uint8_t*>(out) + bytes,
+ len - bytes - *start_offset);
bytes += bytes2;
if (bytes2 > 0 && bytes % sizeof(uintptr_t) != 0) {
// This should never happen, but we'll try and continue any way.
@@ -185,9 +185,21 @@
}
// If we were unable to read anything, it probably means that the register doesn't contain a
- // valid pointer. In that case, skip the output for this register entirely rather than emitting 16
- // lines of dashes.
+ // valid pointer.
if (bytes == 0) {
+ return -1;
+ }
+
+ return bytes;
+}
+
+void dump_memory(log_t* log, unwindstack::Memory* memory, uint64_t addr, const std::string& label) {
+ // Dump 256 bytes
+ uintptr_t data[MEMORY_BYTES_TO_DUMP / sizeof(uintptr_t)];
+ size_t start_offset = 0;
+
+ ssize_t bytes = dump_memory(data, sizeof(data), &start_offset, &addr, memory);
+ if (bytes == -1) {
return;
}
@@ -201,7 +213,7 @@
// words are of course presented differently.
uintptr_t* data_ptr = data;
size_t current = 0;
- size_t total_bytes = start + bytes;
+ size_t total_bytes = start_offset + bytes;
for (size_t line = 0; line < MEMORY_BYTES_TO_DUMP / MEMORY_BYTES_PER_LINE; line++) {
uint64_t tagged_addr = addr;
long tag = memory->ReadTag(addr);
@@ -214,7 +226,7 @@
addr += MEMORY_BYTES_PER_LINE;
std::string ascii;
for (size_t i = 0; i < MEMORY_BYTES_PER_LINE / sizeof(uintptr_t); i++) {
- if (current >= start && current + sizeof(uintptr_t) <= total_bytes) {
+ if (current >= start_offset && current + sizeof(uintptr_t) <= total_bytes) {
android::base::StringAppendF(&logline, " %" PRIPTR, static_cast<uint64_t>(*data_ptr));
// Fill out the ascii string from the data.
@@ -247,11 +259,11 @@
memset(&capdata, 0, sizeof(capdata));
if (capset(&capheader, &capdata[0]) == -1) {
- PLOG(FATAL) << "failed to drop capabilities";
+ async_safe_fatal("failed to drop capabilities: %s", strerror(errno));
}
if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) != 0) {
- PLOG(FATAL) << "failed to set PR_SET_NO_NEW_PRIVS";
+ async_safe_fatal("failed to set PR_SET_NO_NEW_PRIVS: %s", strerror(errno));
}
}
diff --git a/debuggerd/pbtombstone.cpp b/debuggerd/pbtombstone.cpp
new file mode 100644
index 0000000..7527e31
--- /dev/null
+++ b/debuggerd/pbtombstone.cpp
@@ -0,0 +1,62 @@
+/*
+ * Copyright (C) 2020 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <err.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include <unistd.h>
+
+#include <android-base/unique_fd.h>
+#include <libdebuggerd/tombstone.h>
+
+#include "tombstone.pb.h"
+
+using android::base::unique_fd;
+
+[[noreturn]] void usage(bool error) {
+ fprintf(stderr, "usage: pbtombstone TOMBSTONE.PB\n");
+ fprintf(stderr, "Convert a protobuf tombstone to text.\n");
+ exit(error);
+}
+
+int main(int argc, const char* argv[]) {
+ if (argc != 2) {
+ usage(true);
+ }
+
+ if (strcmp("-h", argv[1]) == 0 || strcmp("--help", argv[1]) == 0) {
+ usage(false);
+ }
+
+ unique_fd fd(open(argv[1], O_RDONLY | O_CLOEXEC));
+ if (fd == -1) {
+ err(1, "failed to open tombstone '%s'", argv[1]);
+ }
+
+ Tombstone tombstone;
+ if (!tombstone.ParseFromFileDescriptor(fd.get())) {
+ err(1, "failed to parse tombstone");
+ }
+
+ bool result = tombstone_proto_to_text(
+ tombstone, [](const std::string& line, bool) { printf("%s\n", line.c_str()); });
+
+ if (!result) {
+ errx(1, "tombstone was malformed");
+ }
+
+ return 0;
+}
diff --git a/debuggerd/proto/Android.bp b/debuggerd/proto/Android.bp
new file mode 100644
index 0000000..bb82f03
--- /dev/null
+++ b/debuggerd/proto/Android.bp
@@ -0,0 +1,35 @@
+filegroup {
+ name: "libtombstone_proto-src",
+ srcs: ["tombstone.proto"],
+}
+
+cc_library_static {
+ name: "libtombstone_proto",
+ cflags: [
+ "-Wall",
+ "-Wextra",
+ "-Wthread-safety",
+ "-Werror",
+ ],
+
+ compile_multilib: "both",
+
+ proto: {
+ export_proto_headers: true,
+ type: "lite",
+ },
+
+ srcs: [":libtombstone_proto-src"],
+
+ // b/155341058: Soong doesn't automatically add libprotobuf if there aren't any explicitly
+ // listed protos in srcs.
+ static_libs: ["libprotobuf-cpp-lite"],
+
+ stl: "libc++_static",
+ apex_available: [
+ "com.android.runtime",
+ ],
+
+ recovery_available: true,
+ vendor_ramdisk_available: true,
+}
diff --git a/debuggerd/proto/tombstone.proto b/debuggerd/proto/tombstone.proto
new file mode 100644
index 0000000..38a06f4
--- /dev/null
+++ b/debuggerd/proto/tombstone.proto
@@ -0,0 +1,121 @@
+syntax = "proto3";
+
+option java_package = "com.android.server.os";
+option java_outer_classname = "TombstoneProtos";
+
+message Tombstone {
+ Architecture arch = 1;
+ string build_fingerprint = 2;
+ string revision = 3;
+ string timestamp = 4;
+
+ uint32 pid = 5;
+ uint32 tid = 6;
+ uint32 uid = 7;
+ string selinux_label = 8;
+
+ string process_name = 9;
+
+ Signal signal_info = 10;
+ string abort_message = 14;
+ Cause cause = 15;
+
+ map<uint32, Thread> threads = 16;
+ repeated MemoryMapping memory_mappings = 17;
+ repeated LogBuffer log_buffers = 18;
+ repeated FD open_fds = 19;
+}
+
+enum Architecture {
+ ARM32 = 0;
+ ARM64 = 1;
+ X86 = 2;
+ X86_64 = 3;
+}
+
+message Signal {
+ int32 number = 1;
+ string name = 2;
+
+ int32 code = 3;
+ string code_name = 4;
+
+ bool has_sender = 5;
+ int32 sender_uid = 6;
+ int32 sender_pid = 7;
+
+ bool has_fault_address = 8;
+ uint64 fault_address = 9;
+}
+
+message Cause {
+ string human_readable = 1;
+}
+
+message Register {
+ string name = 1;
+ uint64 u64 = 2;
+}
+
+message Thread {
+ int32 id = 1;
+ string name = 2;
+ repeated Register registers = 3;
+ repeated BacktraceFrame current_backtrace = 4;
+ repeated MemoryDump memory_dump = 5;
+}
+
+message BacktraceFrame {
+ uint64 rel_pc = 1;
+ uint64 pc = 2;
+ uint64 sp = 3;
+
+ string function_name = 4;
+ uint64 function_offset = 5;
+
+ string file_name = 6;
+ uint64 file_map_offset = 7;
+ string build_id = 8;
+}
+
+message MemoryDump {
+ string register_name = 1;
+ string mapping_name = 2;
+ uint64 begin_address = 3;
+ bytes memory = 4;
+}
+
+message MemoryMapping {
+ uint64 begin_address = 1;
+ uint64 end_address = 2;
+ uint64 offset = 3;
+
+ bool read = 4;
+ bool write = 5;
+ bool execute = 6;
+
+ string mapping_name = 7;
+ string build_id = 8;
+ uint64 load_bias = 9;
+}
+
+message FD {
+ int32 fd = 1;
+ string path = 2;
+ string owner = 3;
+ uint64 tag = 4;
+}
+
+message LogBuffer {
+ string name = 1;
+ repeated LogMessage logs = 2;
+}
+
+message LogMessage {
+ string timestamp = 1;
+ uint32 pid = 2;
+ uint32 tid = 3;
+ uint32 priority = 4;
+ string tag = 5;
+ string message = 6;
+}
diff --git a/debuggerd/seccomp_policy/crash_dump.arm.policy b/debuggerd/seccomp_policy/crash_dump.arm.policy
index 254330d..4eac0e9 100644
--- a/debuggerd/seccomp_policy/crash_dump.arm.policy
+++ b/debuggerd/seccomp_policy/crash_dump.arm.policy
@@ -19,6 +19,7 @@
getdents64: 1
faccessat: 1
recvmsg: 1
+recvfrom: 1
process_vm_readv: 1
tgkill: 1
rt_sigprocmask: 1
diff --git a/debuggerd/seccomp_policy/crash_dump.arm64.policy b/debuggerd/seccomp_policy/crash_dump.arm64.policy
index 9b3ef09..1585cc6 100644
--- a/debuggerd/seccomp_policy/crash_dump.arm64.policy
+++ b/debuggerd/seccomp_policy/crash_dump.arm64.policy
@@ -18,6 +18,7 @@
getdents64: 1
faccessat: 1
recvmsg: 1
+recvfrom: 1
process_vm_readv: 1
tgkill: 1
rt_sigprocmask: 1
diff --git a/debuggerd/seccomp_policy/crash_dump.policy.def b/debuggerd/seccomp_policy/crash_dump.policy.def
index 2ef31b0..cd5aad4 100644
--- a/debuggerd/seccomp_policy/crash_dump.policy.def
+++ b/debuggerd/seccomp_policy/crash_dump.policy.def
@@ -24,6 +24,7 @@
getdents64: 1
faccessat: 1
recvmsg: 1
+recvfrom: 1
process_vm_readv: 1
diff --git a/debuggerd/seccomp_policy/crash_dump.x86.policy b/debuggerd/seccomp_policy/crash_dump.x86.policy
index 254330d..4eac0e9 100644
--- a/debuggerd/seccomp_policy/crash_dump.x86.policy
+++ b/debuggerd/seccomp_policy/crash_dump.x86.policy
@@ -19,6 +19,7 @@
getdents64: 1
faccessat: 1
recvmsg: 1
+recvfrom: 1
process_vm_readv: 1
tgkill: 1
rt_sigprocmask: 1
diff --git a/debuggerd/seccomp_policy/crash_dump.x86_64.policy b/debuggerd/seccomp_policy/crash_dump.x86_64.policy
index 9b3ef09..1585cc6 100644
--- a/debuggerd/seccomp_policy/crash_dump.x86_64.policy
+++ b/debuggerd/seccomp_policy/crash_dump.x86_64.policy
@@ -18,6 +18,7 @@
getdents64: 1
faccessat: 1
recvmsg: 1
+recvfrom: 1
process_vm_readv: 1
tgkill: 1
rt_sigprocmask: 1
diff --git a/debuggerd/tombstoned/include/tombstoned/tombstoned.h b/debuggerd/tombstoned/include/tombstoned/tombstoned.h
index 6403dbe..bff216c 100644
--- a/debuggerd/tombstoned/include/tombstoned/tombstoned.h
+++ b/debuggerd/tombstoned/include/tombstoned/tombstoned.h
@@ -23,6 +23,10 @@
#include "dump_type.h"
bool tombstoned_connect(pid_t pid, android::base::unique_fd* tombstoned_socket,
- android::base::unique_fd* output_fd, DebuggerdDumpType dump_type);
+ android::base::unique_fd* text_output_fd,
+ android::base::unique_fd* proto_output_fd, DebuggerdDumpType dump_type);
+
+bool tombstoned_connect(pid_t pid, android::base::unique_fd* tombstoned_socket,
+ android::base::unique_fd* text_output_fd, DebuggerdDumpType dump_type);
bool tombstoned_notify_completion(int tombstoned_socket);
diff --git a/debuggerd/tombstoned/intercept_manager.cpp b/debuggerd/tombstoned/intercept_manager.cpp
index 6cbf12c..4d4646a 100644
--- a/debuggerd/tombstoned/intercept_manager.cpp
+++ b/debuggerd/tombstoned/intercept_manager.cpp
@@ -26,6 +26,7 @@
#include <android-base/cmsg.h>
#include <android-base/logging.h>
+#include <android-base/properties.h>
#include <android-base/unique_fd.h>
#include "protocol.h"
@@ -162,7 +163,7 @@
event_assign(intercept->intercept_event, intercept_manager->base, sockfd, EV_READ | EV_TIMEOUT,
intercept_close_cb, arg);
- struct timeval timeout = { .tv_sec = 10, .tv_usec = 0 };
+ struct timeval timeout = {.tv_sec = 10 * android::base::TimeoutMultiplier(), .tv_usec = 0};
event_add(intercept->intercept_event, &timeout);
}
@@ -178,7 +179,7 @@
intercept->intercept_manager = static_cast<InterceptManager*>(arg);
intercept->sockfd.reset(sockfd);
- struct timeval timeout = { 1, 0 };
+ struct timeval timeout = {1 * android::base::TimeoutMultiplier(), 0};
event_base* base = evconnlistener_get_base(listener);
event* intercept_event =
event_new(base, sockfd, EV_TIMEOUT | EV_READ, intercept_request_cb, intercept);
@@ -191,6 +192,18 @@
/* backlog */ -1, intercept_socket);
}
+bool dump_types_compatible(DebuggerdDumpType interceptor, DebuggerdDumpType dump) {
+ if (interceptor == dump) {
+ return true;
+ }
+
+ if (interceptor == kDebuggerdTombstone && dump == kDebuggerdTombstoneProto) {
+ return true;
+ }
+
+ return false;
+}
+
bool InterceptManager::GetIntercept(pid_t pid, DebuggerdDumpType dump_type,
android::base::unique_fd* out_fd) {
auto it = this->intercepts.find(pid);
@@ -201,7 +214,7 @@
if (dump_type == kDebuggerdAnyIntercept) {
LOG(INFO) << "found registered intercept of type " << it->second->dump_type
<< " for requested type kDebuggerdAnyIntercept";
- } else if (it->second->dump_type != dump_type) {
+ } else if (!dump_types_compatible(it->second->dump_type, dump_type)) {
LOG(WARNING) << "found non-matching intercept of type " << it->second->dump_type
<< " for requested type: " << dump_type;
return false;
diff --git a/debuggerd/tombstoned/tombstoned.cpp b/debuggerd/tombstoned/tombstoned.cpp
index d09b8e8..3e0c47c 100644
--- a/debuggerd/tombstoned/tombstoned.cpp
+++ b/debuggerd/tombstoned/tombstoned.cpp
@@ -48,6 +48,8 @@
using android::base::GetIntProperty;
using android::base::SendFileDescriptors;
using android::base::StringPrintf;
+
+using android::base::borrowed_fd;
using android::base::unique_fd;
static InterceptManager* intercept_manager;
@@ -57,14 +59,34 @@
kCrashStatusQueued,
};
+struct CrashArtifact {
+ unique_fd fd;
+ std::optional<std::string> temporary_path;
+
+ static CrashArtifact devnull() {
+ CrashArtifact result;
+ result.fd.reset(open("/dev/null", O_WRONLY | O_CLOEXEC));
+ return result;
+ }
+};
+
+struct CrashArtifactPaths {
+ std::string text;
+ std::optional<std::string> proto;
+};
+
+struct CrashOutput {
+ CrashArtifact text;
+ std::optional<CrashArtifact> proto;
+};
+
// Ownership of Crash is a bit messy.
// It's either owned by an active event that must have a timeout, or owned by
// queued_requests, in the case that multiple crashes come in at the same time.
struct Crash {
~Crash() { event_free(crash_event); }
- std::string crash_tombstone_path;
- unique_fd crash_tombstone_fd;
+ CrashOutput output;
unique_fd crash_socket_fd;
pid_t crash_pid;
event* crash_event = nullptr;
@@ -75,14 +97,15 @@
class CrashQueue {
public:
CrashQueue(const std::string& dir_path, const std::string& file_name_prefix, size_t max_artifacts,
- size_t max_concurrent_dumps)
+ size_t max_concurrent_dumps, bool supports_proto)
: file_name_prefix_(file_name_prefix),
dir_path_(dir_path),
dir_fd_(open(dir_path.c_str(), O_DIRECTORY | O_RDONLY | O_CLOEXEC)),
max_artifacts_(max_artifacts),
next_artifact_(0),
max_concurrent_dumps_(max_concurrent_dumps),
- num_concurrent_dumps_(0) {
+ num_concurrent_dumps_(0),
+ supports_proto_(supports_proto) {
if (dir_fd_ == -1) {
PLOG(FATAL) << "failed to open directory: " << dir_path;
}
@@ -98,59 +121,104 @@
return (crash->crash_type == kDebuggerdJavaBacktrace) ? for_anrs() : for_tombstones();
}
+ static CrashQueue* for_crash(const std::unique_ptr<Crash>& crash) {
+ return for_crash(crash.get());
+ }
+
static CrashQueue* for_tombstones() {
static CrashQueue queue("/data/tombstones", "tombstone_" /* file_name_prefix */,
GetIntProperty("tombstoned.max_tombstone_count", 32),
- 1 /* max_concurrent_dumps */);
+ 1 /* max_concurrent_dumps */, true /* supports_proto */);
return &queue;
}
static CrashQueue* for_anrs() {
static CrashQueue queue("/data/anr", "trace_" /* file_name_prefix */,
GetIntProperty("tombstoned.max_anr_count", 64),
- 4 /* max_concurrent_dumps */);
+ 4 /* max_concurrent_dumps */, false /* supports_proto */);
return &queue;
}
- std::pair<std::string, unique_fd> get_output() {
- std::string path;
- unique_fd result(openat(dir_fd_, ".", O_WRONLY | O_APPEND | O_TMPFILE | O_CLOEXEC, 0640));
- if (result == -1) {
+ CrashArtifact create_temporary_file() const {
+ CrashArtifact result;
+
+ std::optional<std::string> path;
+ result.fd.reset(openat(dir_fd_, ".", O_WRONLY | O_APPEND | O_TMPFILE | O_CLOEXEC, 0640));
+ if (result.fd == -1) {
// We might not have O_TMPFILE. Try creating with an arbitrary filename instead.
static size_t counter = 0;
std::string tmp_filename = StringPrintf(".temporary%zu", counter++);
- result.reset(openat(dir_fd_, tmp_filename.c_str(),
- O_WRONLY | O_APPEND | O_CREAT | O_TRUNC | O_CLOEXEC, 0640));
- if (result == -1) {
+ result.fd.reset(openat(dir_fd_, tmp_filename.c_str(),
+ O_WRONLY | O_APPEND | O_CREAT | O_TRUNC | O_CLOEXEC, 0640));
+ if (result.fd == -1) {
PLOG(FATAL) << "failed to create temporary tombstone in " << dir_path_;
}
- path = StringPrintf("%s/%s", dir_path_.c_str(), tmp_filename.c_str());
+ result.temporary_path = std::move(tmp_filename);
}
- return std::make_pair(std::move(path), std::move(result));
+
+ return std::move(result);
}
- std::string get_next_artifact_path() {
- std::string file_name =
- StringPrintf("%s/%s%02d", dir_path_.c_str(), file_name_prefix_.c_str(), next_artifact_);
+ std::optional<CrashOutput> get_output(DebuggerdDumpType dump_type) {
+ CrashOutput result;
+
+ switch (dump_type) {
+ case kDebuggerdNativeBacktrace:
+ case kDebuggerdJavaBacktrace:
+ // Don't generate tombstones for backtrace requests.
+ return {};
+
+ case kDebuggerdTombstoneProto:
+ if (!supports_proto_) {
+ LOG(ERROR) << "received kDebuggerdTombstoneProto on a queue that doesn't support proto";
+ return {};
+ }
+ result.proto = create_temporary_file();
+ result.text = create_temporary_file();
+ break;
+
+ case kDebuggerdTombstone:
+ result.text = create_temporary_file();
+ break;
+
+ default:
+ LOG(ERROR) << "unexpected dump type: " << dump_type;
+ return {};
+ }
+
+ return result;
+ }
+
+ borrowed_fd dir_fd() { return dir_fd_; }
+
+ CrashArtifactPaths get_next_artifact_paths() {
+ CrashArtifactPaths result;
+ result.text = StringPrintf("%s%02d", file_name_prefix_.c_str(), next_artifact_);
+
+ if (supports_proto_) {
+ result.proto = StringPrintf("%s%02d.pb", file_name_prefix_.c_str(), next_artifact_);
+ }
+
next_artifact_ = (next_artifact_ + 1) % max_artifacts_;
- return file_name;
+ return result;
}
- bool maybe_enqueue_crash(Crash* crash) {
+ // Consumes crash if it returns true, otherwise leaves it untouched.
+ bool maybe_enqueue_crash(std::unique_ptr<Crash>&& crash) {
if (num_concurrent_dumps_ == max_concurrent_dumps_) {
- queued_requests_.push_back(crash);
+ queued_requests_.emplace_back(std::move(crash));
return true;
}
return false;
}
- void maybe_dequeue_crashes(void (*handler)(Crash* crash)) {
+ void maybe_dequeue_crashes(void (*handler)(std::unique_ptr<Crash> crash)) {
while (!queued_requests_.empty() && num_concurrent_dumps_ < max_concurrent_dumps_) {
- Crash* next_crash = queued_requests_.front();
+ std::unique_ptr<Crash> next_crash = std::move(queued_requests_.front());
queued_requests_.pop_front();
- handler(next_crash);
+ handler(std::move(next_crash));
}
}
@@ -164,7 +232,8 @@
time_t oldest_time = std::numeric_limits<time_t>::max();
for (size_t i = 0; i < max_artifacts_; ++i) {
- std::string path = StringPrintf("%s/%s%02zu", dir_path_.c_str(), file_name_prefix_.c_str(), i);
+ std::string path =
+ StringPrintf("%s/%s%02zu", dir_path_.c_str(), file_name_prefix_.c_str(), i);
struct stat st;
if (stat(path.c_str(), &st) != 0) {
if (errno == ENOENT) {
@@ -196,7 +265,9 @@
const size_t max_concurrent_dumps_;
size_t num_concurrent_dumps_;
- std::deque<Crash*> queued_requests_;
+ bool supports_proto_;
+
+ std::deque<std::unique_ptr<Crash>> queued_requests_;
DISALLOW_COPY_AND_ASSIGN(CrashQueue);
};
@@ -205,52 +276,61 @@
static constexpr bool kJavaTraceDumpsEnabled = true;
// Forward declare the callbacks so they can be placed in a sensible order.
-static void crash_accept_cb(evconnlistener* listener, evutil_socket_t sockfd, sockaddr*, int, void*);
+static void crash_accept_cb(evconnlistener* listener, evutil_socket_t sockfd, sockaddr*, int,
+ void*);
static void crash_request_cb(evutil_socket_t sockfd, short ev, void* arg);
static void crash_completed_cb(evutil_socket_t sockfd, short ev, void* arg);
-static void perform_request(Crash* crash) {
+static void perform_request(std::unique_ptr<Crash> crash) {
unique_fd output_fd;
bool intercepted =
intercept_manager->GetIntercept(crash->crash_pid, crash->crash_type, &output_fd);
- if (!intercepted) {
- if (crash->crash_type == kDebuggerdNativeBacktrace) {
- // Don't generate tombstones for native backtrace requests.
- output_fd.reset(open("/dev/null", O_WRONLY | O_CLOEXEC));
+ if (intercepted) {
+ if (crash->crash_type == kDebuggerdTombstoneProto) {
+ crash->output.proto = CrashArtifact::devnull();
+ }
+ } else {
+ if (auto o = CrashQueue::for_crash(crash.get())->get_output(crash->crash_type); o) {
+ crash->output = std::move(*o);
+ output_fd.reset(dup(crash->output.text.fd));
} else {
- std::tie(crash->crash_tombstone_path, output_fd) = CrashQueue::for_crash(crash)->get_output();
- crash->crash_tombstone_fd.reset(dup(output_fd.get()));
+ LOG(ERROR) << "failed to get crash output for type " << crash->crash_type;
+ return;
}
}
- TombstonedCrashPacket response = {
- .packet_type = CrashPacketType::kPerformDump
- };
- ssize_t rc =
- SendFileDescriptors(crash->crash_socket_fd, &response, sizeof(response), output_fd.get());
+ TombstonedCrashPacket response = {.packet_type = CrashPacketType::kPerformDump};
+
+ ssize_t rc = -1;
+ if (crash->output.proto) {
+ rc = SendFileDescriptors(crash->crash_socket_fd, &response, sizeof(response), output_fd.get(),
+ crash->output.proto->fd.get());
+ } else {
+ rc = SendFileDescriptors(crash->crash_socket_fd, &response, sizeof(response), output_fd.get());
+ }
+
output_fd.reset();
if (rc == -1) {
PLOG(WARNING) << "failed to send response to CrashRequest";
- goto fail;
+ return;
} else if (rc != sizeof(response)) {
PLOG(WARNING) << "crash socket write returned short";
- goto fail;
- } else {
- // TODO: Make this configurable by the interceptor?
- struct timeval timeout = { 10, 0 };
-
- event_base* base = event_get_base(crash->crash_event);
- event_assign(crash->crash_event, base, crash->crash_socket_fd, EV_TIMEOUT | EV_READ,
- crash_completed_cb, crash);
- event_add(crash->crash_event, &timeout);
+ return;
}
- CrashQueue::for_crash(crash)->on_crash_started();
- return;
+ // TODO: Make this configurable by the interceptor?
+ struct timeval timeout = {10 * android::base::TimeoutMultiplier(), 0};
-fail:
- delete crash;
+ event_base* base = event_get_base(crash->crash_event);
+
+ event_assign(crash->crash_event, base, crash->crash_socket_fd, EV_TIMEOUT | EV_READ,
+ crash_completed_cb, crash.get());
+ event_add(crash->crash_event, &timeout);
+ CrashQueue::for_crash(crash)->on_crash_started();
+
+ // The crash is now owned by the event loop.
+ crash.release();
}
static void crash_accept_cb(evconnlistener* listener, evutil_socket_t sockfd, sockaddr*, int,
@@ -260,7 +340,7 @@
// TODO: Make sure that only java crashes come in on the java socket
// and only native crashes on the native socket.
- struct timeval timeout = { 1, 0 };
+ struct timeval timeout = {1 * android::base::TimeoutMultiplier(), 0};
event* crash_event = event_new(base, sockfd, EV_TIMEOUT | EV_READ, crash_request_cb, crash);
crash->crash_socket_fd.reset(sockfd);
crash->crash_event = crash_event;
@@ -268,39 +348,37 @@
}
static void crash_request_cb(evutil_socket_t sockfd, short ev, void* arg) {
- ssize_t rc;
- Crash* crash = static_cast<Crash*>(arg);
-
+ std::unique_ptr<Crash> crash(static_cast<Crash*>(arg));
TombstonedCrashPacket request = {};
if ((ev & EV_TIMEOUT) != 0) {
LOG(WARNING) << "crash request timed out";
- goto fail;
+ return;
} else if ((ev & EV_READ) == 0) {
LOG(WARNING) << "tombstoned received unexpected event from crash socket";
- goto fail;
+ return;
}
- rc = TEMP_FAILURE_RETRY(read(sockfd, &request, sizeof(request)));
+ ssize_t rc = TEMP_FAILURE_RETRY(read(sockfd, &request, sizeof(request)));
if (rc == -1) {
PLOG(WARNING) << "failed to read from crash socket";
- goto fail;
+ return;
} else if (rc != sizeof(request)) {
LOG(WARNING) << "crash socket received short read of length " << rc << " (expected "
<< sizeof(request) << ")";
- goto fail;
+ return;
}
if (request.packet_type != CrashPacketType::kDumpRequest) {
LOG(WARNING) << "unexpected crash packet type, expected kDumpRequest, received "
<< StringPrintf("%#2hhX", request.packet_type);
- goto fail;
+ return;
}
crash->crash_type = request.packet.dump_request.dump_type;
- if (crash->crash_type < 0 || crash->crash_type > kDebuggerdAnyIntercept) {
+ if (crash->crash_type < 0 || crash->crash_type > kDebuggerdTombstoneProto) {
LOG(WARNING) << "unexpected crash dump type: " << crash->crash_type;
- goto fail;
+ return;
}
if (crash->crash_type != kDebuggerdJavaBacktrace) {
@@ -314,90 +392,117 @@
int ret = getsockopt(sockfd, SOL_SOCKET, SO_PEERCRED, &cr, &len);
if (ret != 0) {
PLOG(ERROR) << "Failed to getsockopt(..SO_PEERCRED)";
- goto fail;
+ return;
}
crash->crash_pid = cr.pid;
}
- LOG(INFO) << "received crash request for pid " << crash->crash_pid;
+ pid_t crash_pid = crash->crash_pid;
+ LOG(INFO) << "received crash request for pid " << crash_pid;
- if (CrashQueue::for_crash(crash)->maybe_enqueue_crash(crash)) {
- LOG(INFO) << "enqueueing crash request for pid " << crash->crash_pid;
+ if (CrashQueue::for_crash(crash)->maybe_enqueue_crash(std::move(crash))) {
+ LOG(INFO) << "enqueueing crash request for pid " << crash_pid;
} else {
- perform_request(crash);
+ perform_request(std::move(crash));
}
-
- return;
-
-fail:
- delete crash;
}
-static void crash_completed_cb(evutil_socket_t sockfd, short ev, void* arg) {
- ssize_t rc;
- Crash* crash = static_cast<Crash*>(arg);
- TombstonedCrashPacket request = {};
+static bool link_fd(borrowed_fd fd, borrowed_fd dirfd, const std::string& path) {
+ std::string fd_path = StringPrintf("/proc/self/fd/%d", fd.get());
- CrashQueue::for_crash(crash)->on_crash_completed();
-
- if ((ev & EV_READ) == 0) {
- goto fail;
+ int rc = linkat(AT_FDCWD, fd_path.c_str(), dirfd.get(), path.c_str(), AT_SYMLINK_FOLLOW);
+ if (rc != 0) {
+ PLOG(ERROR) << "failed to link file descriptor";
+ return false;
}
+ return true;
+}
- rc = TEMP_FAILURE_RETRY(read(sockfd, &request, sizeof(request)));
+static void crash_completed(borrowed_fd sockfd, std::unique_ptr<Crash> crash) {
+ TombstonedCrashPacket request = {};
+ CrashQueue* queue = CrashQueue::for_crash(crash);
+
+ ssize_t rc = TEMP_FAILURE_RETRY(read(sockfd.get(), &request, sizeof(request)));
if (rc == -1) {
PLOG(WARNING) << "failed to read from crash socket";
- goto fail;
+ return;
} else if (rc != sizeof(request)) {
LOG(WARNING) << "crash socket received short read of length " << rc << " (expected "
<< sizeof(request) << ")";
- goto fail;
+ return;
}
if (request.packet_type != CrashPacketType::kCompletedDump) {
LOG(WARNING) << "unexpected crash packet type, expected kCompletedDump, received "
<< uint32_t(request.packet_type);
- goto fail;
+ return;
}
- if (crash->crash_tombstone_fd != -1) {
- std::string fd_path = StringPrintf("/proc/self/fd/%d", crash->crash_tombstone_fd.get());
- std::string tombstone_path = CrashQueue::for_crash(crash)->get_next_artifact_path();
+ if (crash->output.text.fd == -1) {
+ LOG(WARNING) << "missing output fd";
+ return;
+ }
- // linkat doesn't let us replace a file, so we need to unlink first.
- int rc = unlink(tombstone_path.c_str());
- if (rc != 0 && errno != ENOENT) {
- PLOG(ERROR) << "failed to unlink tombstone at " << tombstone_path;
- goto fail;
- }
+ CrashArtifactPaths paths = queue->get_next_artifact_paths();
- rc = linkat(AT_FDCWD, fd_path.c_str(), AT_FDCWD, tombstone_path.c_str(), AT_SYMLINK_FOLLOW);
- if (rc != 0) {
- PLOG(ERROR) << "failed to link tombstone";
+ // Always try to unlink the tombstone file.
+ // linkat doesn't let us replace a file, so we need to unlink before linking
+ // our results onto disk, and if we fail for some reason, we should delete
+ // stale tombstones to avoid confusing inconsistency.
+ rc = unlinkat(queue->dir_fd().get(), paths.text.c_str(), 0);
+ if (rc != 0 && errno != ENOENT) {
+ PLOG(ERROR) << "failed to unlink tombstone at " << paths.text;
+ return;
+ }
+
+ if (crash->output.text.fd != -1) {
+ if (!link_fd(crash->output.text.fd, queue->dir_fd(), paths.text)) {
+ LOG(ERROR) << "failed to link tombstone";
} else {
if (crash->crash_type == kDebuggerdJavaBacktrace) {
- LOG(ERROR) << "Traces for pid " << crash->crash_pid << " written to: " << tombstone_path;
+ LOG(ERROR) << "Traces for pid " << crash->crash_pid << " written to: " << paths.text;
} else {
// NOTE: Several tools parse this log message to figure out where the
// tombstone associated with a given native crash was written. Any changes
// to this message must be carefully considered.
- LOG(ERROR) << "Tombstone written to: " << tombstone_path;
- }
- }
-
- // If we don't have O_TMPFILE, we need to clean up after ourselves.
- if (!crash->crash_tombstone_path.empty()) {
- rc = unlink(crash->crash_tombstone_path.c_str());
- if (rc != 0) {
- PLOG(ERROR) << "failed to unlink temporary tombstone at " << crash->crash_tombstone_path;
+ LOG(ERROR) << "Tombstone written to: " << paths.text;
}
}
}
-fail:
+ if (crash->output.proto && crash->output.proto->fd != -1) {
+ if (!paths.proto) {
+ LOG(ERROR) << "missing path for proto tombstone";
+ } else if (!link_fd(crash->output.proto->fd, queue->dir_fd(), *paths.proto)) {
+ LOG(ERROR) << "failed to link proto tombstone";
+ }
+ }
+
+ // If we don't have O_TMPFILE, we need to clean up after ourselves.
+ if (crash->output.text.temporary_path) {
+ rc = unlinkat(queue->dir_fd().get(), crash->output.text.temporary_path->c_str(), 0);
+ if (rc != 0) {
+ PLOG(ERROR) << "failed to unlink temporary tombstone at " << paths.text;
+ }
+ }
+ if (crash->output.proto && crash->output.proto->temporary_path) {
+ rc = unlinkat(queue->dir_fd().get(), crash->output.proto->temporary_path->c_str(), 0);
+ if (rc != 0) {
+ PLOG(ERROR) << "failed to unlink temporary proto tombstone";
+ }
+ }
+}
+
+static void crash_completed_cb(evutil_socket_t sockfd, short ev, void* arg) {
+ std::unique_ptr<Crash> crash(static_cast<Crash*>(arg));
CrashQueue* queue = CrashQueue::for_crash(crash);
- delete crash;
+
+ queue->on_crash_completed();
+
+ if ((ev & EV_READ) == EV_READ) {
+ crash_completed(sockfd, std::move(crash));
+ }
// If there's something queued up, let them proceed.
queue->maybe_dequeue_crashes(perform_request);
diff --git a/debuggerd/tombstoned/tombstoned_client.cpp b/debuggerd/tombstoned/tombstoned_client.cpp
index 2c23c98..abfafb1 100644
--- a/debuggerd/tombstoned/tombstoned_client.cpp
+++ b/debuggerd/tombstoned/tombstoned_client.cpp
@@ -32,8 +32,13 @@
using android::base::ReceiveFileDescriptors;
using android::base::unique_fd;
-bool tombstoned_connect(pid_t pid, unique_fd* tombstoned_socket, unique_fd* output_fd,
+bool tombstoned_connect(pid_t pid, unique_fd* tombstoned_socket, unique_fd* text_output_fd,
DebuggerdDumpType dump_type) {
+ return tombstoned_connect(pid, tombstoned_socket, text_output_fd, nullptr, dump_type);
+}
+
+bool tombstoned_connect(pid_t pid, unique_fd* tombstoned_socket, unique_fd* text_output_fd,
+ unique_fd* proto_output_fd, DebuggerdDumpType dump_type) {
unique_fd sockfd(
socket_local_client((dump_type != kDebuggerdJavaBacktrace ? kTombstonedCrashSocketName
: kTombstonedJavaTraceSocketName),
@@ -54,8 +59,15 @@
return false;
}
- unique_fd tmp_output_fd;
- ssize_t rc = ReceiveFileDescriptors(sockfd, &packet, sizeof(packet), &tmp_output_fd);
+ unique_fd tmp_output_fd, tmp_proto_fd;
+ ssize_t rc = -1;
+
+ if (dump_type == kDebuggerdTombstoneProto) {
+ rc = ReceiveFileDescriptors(sockfd, &packet, sizeof(packet), &tmp_output_fd, &tmp_proto_fd);
+ } else {
+ rc = ReceiveFileDescriptors(sockfd, &packet, sizeof(packet), &tmp_output_fd);
+ }
+
if (rc == -1) {
async_safe_format_log(ANDROID_LOG_ERROR, "libc",
"failed to read response to DumpRequest packet: %s", strerror(errno));
@@ -78,7 +90,10 @@
}
*tombstoned_socket = std::move(sockfd);
- *output_fd = std::move(tmp_output_fd);
+ *text_output_fd = std::move(tmp_output_fd);
+ if (proto_output_fd) {
+ *proto_output_fd = std::move(tmp_proto_fd);
+ }
return true;
}
diff --git a/fs_mgr/fs_mgr.cpp b/fs_mgr/fs_mgr.cpp
index 2876094..1efe793 100644
--- a/fs_mgr/fs_mgr.cpp
+++ b/fs_mgr/fs_mgr.cpp
@@ -2143,6 +2143,41 @@
return false;
}
+std::string fs_mgr_get_hashtree_algorithm(const android::fs_mgr::FstabEntry& entry) {
+ if (!entry.fs_mgr_flags.verify && !entry.fs_mgr_flags.avb) {
+ return "";
+ }
+ DeviceMapper& dm = DeviceMapper::Instance();
+ std::string device = GetVerityDeviceName(entry);
+
+ std::vector<DeviceMapper::TargetInfo> table;
+ if (dm.GetState(device) == DmDeviceState::INVALID || !dm.GetTableInfo(device, &table)) {
+ return "";
+ }
+ for (const auto& target : table) {
+ if (strcmp(target.spec.target_type, "verity") != 0) {
+ continue;
+ }
+
+ // The format is stable for dm-verity version 0 & 1. And the data is expected to have
+ // the fixed format:
+ // <version> <dev> <hash_dev> <data_block_size> <hash_block_size> <num_data_blocks>
+ // <hash_start_block> <algorithm> <digest> <salt>
+ // Details in https://www.kernel.org/doc/html/latest/admin-guide/device-mapper/verity.html
+
+ std::vector<std::string> tokens = android::base::Split(target.data, " \t\r\n");
+ if (tokens[0] != "0" && tokens[0] != "1") {
+ LOG(WARNING) << "Unrecognized device mapper version in " << target.data;
+ return "";
+ }
+
+ // Hashtree algorithm is the 8th token in the output
+ return android::base::Trim(tokens[7]);
+ }
+
+ return "";
+}
+
bool fs_mgr_verity_is_check_at_most_once(const android::fs_mgr::FstabEntry& entry) {
if (!entry.fs_mgr_flags.verify && !entry.fs_mgr_flags.avb) {
return false;
diff --git a/fs_mgr/include/fs_mgr.h b/fs_mgr/include/fs_mgr.h
index 11e3664..22c02cc 100644
--- a/fs_mgr/include/fs_mgr.h
+++ b/fs_mgr/include/fs_mgr.h
@@ -88,6 +88,10 @@
bool fs_mgr_load_verity_state(int* mode);
// Returns true if verity is enabled on this particular FstabEntry.
bool fs_mgr_is_verity_enabled(const android::fs_mgr::FstabEntry& entry);
+// Returns the hash algorithm used to build the hashtree of this particular FstabEntry. Returns an
+// empty string if the input isn't a dm-verity entry, or if there is an error.
+std::string fs_mgr_get_hashtree_algorithm(const android::fs_mgr::FstabEntry& entry);
+
bool fs_mgr_swapon_all(const android::fs_mgr::Fstab& fstab);
bool fs_mgr_update_logical_partition(android::fs_mgr::FstabEntry* entry);
diff --git a/fs_mgr/libfs_avb/Android.bp b/fs_mgr/libfs_avb/Android.bp
index 2f1ca70..45e7a30 100644
--- a/fs_mgr/libfs_avb/Android.bp
+++ b/fs_mgr/libfs_avb/Android.bp
@@ -100,6 +100,7 @@
shared_libs: [
"libcrypto",
],
+ compile_multilib: "first",
data: [
":avbtool",
":fec",
diff --git a/fs_mgr/libsnapshot/include/libsnapshot/snapshot.h b/fs_mgr/libsnapshot/include/libsnapshot/snapshot.h
index d2ffaa7..ff7a727 100644
--- a/fs_mgr/libsnapshot/include/libsnapshot/snapshot.h
+++ b/fs_mgr/libsnapshot/include/libsnapshot/snapshot.h
@@ -379,6 +379,7 @@
FRIEND_TEST(SnapshotUpdateTest, MergeCannotRemoveCow);
FRIEND_TEST(SnapshotUpdateTest, MergeInRecovery);
FRIEND_TEST(SnapshotUpdateTest, SnapshotStatusFileWithoutCow);
+ FRIEND_TEST(SnapshotUpdateTest, SpaceSwapUpdate);
friend class SnapshotTest;
friend class SnapshotUpdateTest;
friend class FlashAfterUpdateTest;
@@ -717,6 +718,8 @@
bool PerformInitTransition(InitTransition transition,
std::vector<std::string>* snapuserd_argv = nullptr);
+ SnapuserdClient* snapuserd_client() const { return snapuserd_client_.get(); }
+
std::string gsid_dir_;
std::string metadata_dir_;
std::unique_ptr<IDeviceInfo> device_;
diff --git a/fs_mgr/libsnapshot/include_test/libsnapshot/test_helpers.h b/fs_mgr/libsnapshot/include_test/libsnapshot/test_helpers.h
index ff0047e..b038527 100644
--- a/fs_mgr/libsnapshot/include_test/libsnapshot/test_helpers.h
+++ b/fs_mgr/libsnapshot/include_test/libsnapshot/test_helpers.h
@@ -146,6 +146,7 @@
bool WriteRandomData(const std::string& path, std::optional<size_t> expect_size = std::nullopt,
std::string* hash = nullptr);
bool WriteRandomData(ICowWriter* writer, std::string* hash = nullptr);
+std::string HashSnapshot(ISnapshotWriter* writer);
std::optional<std::string> GetHash(const std::string& path);
diff --git a/fs_mgr/libsnapshot/snapshot_test.cpp b/fs_mgr/libsnapshot/snapshot_test.cpp
index 0b8a03a..95e7d89 100644
--- a/fs_mgr/libsnapshot/snapshot_test.cpp
+++ b/fs_mgr/libsnapshot/snapshot_test.cpp
@@ -225,7 +225,7 @@
}
AssertionResult MapUpdateSnapshot(const std::string& name,
- std::unique_ptr<ICowWriter>* writer) {
+ std::unique_ptr<ISnapshotWriter>* writer) {
TestPartitionOpener opener(fake_super);
CreateLogicalPartitionParams params{
.block_device = fake_super,
@@ -279,6 +279,7 @@
return AssertionFailure() << "Cannot unmap image " << snapshot << "-cow-img";
}
if (!(res = DeleteDevice(snapshot + "-base"))) return res;
+ if (!(res = DeleteDevice(snapshot + "-src"))) return res;
return AssertionSuccess();
}
@@ -319,7 +320,7 @@
// Prepare A/B slot for a partition named "test_partition".
AssertionResult PrepareOneSnapshot(uint64_t device_size,
- std::unique_ptr<ICowWriter>* writer = nullptr) {
+ std::unique_ptr<ISnapshotWriter>* writer = nullptr) {
lock_ = nullptr;
DeltaArchiveManifest manifest;
@@ -511,7 +512,7 @@
static const uint64_t kDeviceSize = 1024 * 1024;
- std::unique_ptr<ICowWriter> writer;
+ std::unique_ptr<ISnapshotWriter> writer;
ASSERT_TRUE(PrepareOneSnapshot(kDeviceSize, &writer));
// Release the lock.
@@ -827,11 +828,14 @@
opener_ = std::make_unique<TestPartitionOpener>(fake_super);
+ auto dynamic_partition_metadata = manifest_.mutable_dynamic_partition_metadata();
+ dynamic_partition_metadata->set_vabc_enabled(IsCompressionEnabled());
+
// Create a fake update package metadata.
// Not using full name "system", "vendor", "product" because these names collide with the
// mapped partitions on the running device.
// Each test modifies manifest_ slightly to indicate changes to the partition layout.
- group_ = manifest_.mutable_dynamic_partition_metadata()->add_groups();
+ group_ = dynamic_partition_metadata->add_groups();
group_->set_name("group");
group_->set_size(kGroupSize);
group_->add_partition_names("sys");
@@ -945,7 +949,7 @@
AssertionResult MapOneUpdateSnapshot(const std::string& name) {
if (IsCompressionEnabled()) {
- std::unique_ptr<ICowWriter> writer;
+ std::unique_ptr<ISnapshotWriter> writer;
return MapUpdateSnapshot(name, &writer);
} else {
std::string path;
@@ -955,7 +959,7 @@
AssertionResult WriteSnapshotAndHash(const std::string& name) {
if (IsCompressionEnabled()) {
- std::unique_ptr<ICowWriter> writer;
+ std::unique_ptr<ISnapshotWriter> writer;
auto res = MapUpdateSnapshot(name, &writer);
if (!res) {
return res;
@@ -984,6 +988,42 @@
<< ", hash: " << hashes_[name];
}
+ // Generate a snapshot that moves all the upper blocks down to the start.
+ // It doesn't really matter the order, we just want copies that reference
+ // blocks that won't exist if the partition shrinks.
+ AssertionResult ShiftAllSnapshotBlocks(const std::string& name, uint64_t old_size) {
+ std::unique_ptr<ISnapshotWriter> writer;
+ if (auto res = MapUpdateSnapshot(name, &writer); !res) {
+ return res;
+ }
+ if (!writer->options().max_blocks || !*writer->options().max_blocks) {
+ return AssertionFailure() << "No max blocks set for " << name << " writer";
+ }
+
+ uint64_t src_block = (old_size / writer->options().block_size) - 1;
+ uint64_t dst_block = 0;
+ uint64_t max_blocks = *writer->options().max_blocks;
+ while (dst_block < max_blocks && dst_block < src_block) {
+ if (!writer->AddCopy(dst_block, src_block)) {
+ return AssertionFailure() << "Unable to add copy for " << name << " for blocks "
+ << src_block << ", " << dst_block;
+ }
+ dst_block++;
+ src_block--;
+ }
+ if (!writer->Finalize()) {
+ return AssertionFailure() << "Unable to finalize writer for " << name;
+ }
+
+ auto hash = HashSnapshot(writer.get());
+ if (hash.empty()) {
+ return AssertionFailure() << "Unable to hash snapshot writer for " << name;
+ }
+ hashes_[name] = hash;
+
+ return AssertionSuccess();
+ }
+
AssertionResult MapUpdateSnapshots(const std::vector<std::string>& names = {"sys_b", "vnd_b",
"prd_b"}) {
for (const auto& name : names) {
@@ -1092,8 +1132,132 @@
// Initiate the merge and wait for it to be completed.
ASSERT_TRUE(init->InitiateMerge());
ASSERT_EQ(init->IsSnapuserdRequired(), IsCompressionEnabled());
+ {
+ // We should have started in SECOND_PHASE since nothing shrinks.
+ ASSERT_TRUE(AcquireLock());
+ auto local_lock = std::move(lock_);
+ auto status = init->ReadSnapshotUpdateStatus(local_lock.get());
+ ASSERT_EQ(status.merge_phase(), MergePhase::SECOND_PHASE);
+ }
ASSERT_EQ(UpdateState::MergeCompleted, init->ProcessUpdateState());
+ // Make sure the second phase ran and deleted snapshots.
+ {
+ ASSERT_TRUE(AcquireLock());
+ auto local_lock = std::move(lock_);
+ std::vector<std::string> snapshots;
+ ASSERT_TRUE(init->ListSnapshots(local_lock.get(), &snapshots));
+ ASSERT_TRUE(snapshots.empty());
+ }
+
+ // Check that the target partitions have the same content after the merge.
+ for (const auto& name : {"sys_b", "vnd_b", "prd_b"}) {
+ ASSERT_TRUE(IsPartitionUnchanged(name))
+ << "Content of " << name << " changes after the merge";
+ }
+}
+
+// Test that shrinking and growing partitions at the same time is handled
+// correctly in VABC.
+TEST_F(SnapshotUpdateTest, SpaceSwapUpdate) {
+ // OTA client blindly unmaps all partitions that are possibly mapped.
+ for (const auto& name : {"sys_b", "vnd_b", "prd_b"}) {
+ ASSERT_TRUE(sm->UnmapUpdateSnapshot(name));
+ }
+
+ auto old_sys_size = GetSize(sys_);
+ auto old_prd_size = GetSize(prd_);
+
+ // Grow |sys| but shrink |prd|.
+ SetSize(sys_, old_sys_size * 2);
+ sys_->set_estimate_cow_size(8_MiB);
+ SetSize(prd_, old_prd_size / 2);
+ prd_->set_estimate_cow_size(1_MiB);
+
+ AddOperationForPartitions();
+
+ ASSERT_TRUE(sm->BeginUpdate());
+ ASSERT_TRUE(sm->CreateUpdateSnapshots(manifest_));
+
+ // Check that the old partition sizes were saved correctly.
+ {
+ ASSERT_TRUE(AcquireLock());
+ auto local_lock = std::move(lock_);
+
+ SnapshotStatus status;
+ ASSERT_TRUE(sm->ReadSnapshotStatus(local_lock.get(), "prd_b", &status));
+ ASSERT_EQ(status.old_partition_size(), 3145728);
+ ASSERT_TRUE(sm->ReadSnapshotStatus(local_lock.get(), "sys_b", &status));
+ ASSERT_EQ(status.old_partition_size(), 3145728);
+ }
+
+ ASSERT_TRUE(WriteSnapshotAndHash("sys_b"));
+ ASSERT_TRUE(WriteSnapshotAndHash("vnd_b"));
+ ASSERT_TRUE(ShiftAllSnapshotBlocks("prd_b", old_prd_size));
+
+ sync();
+
+ // Assert that source partitions aren't affected.
+ for (const auto& name : {"sys_a", "vnd_a", "prd_a"}) {
+ ASSERT_TRUE(IsPartitionUnchanged(name));
+ }
+
+ ASSERT_TRUE(sm->FinishedSnapshotWrites(false));
+
+ // Simulate shutting down the device.
+ ASSERT_TRUE(UnmapAll());
+
+ // After reboot, init does first stage mount.
+ auto init = NewManagerForFirstStageMount("_b");
+ ASSERT_NE(init, nullptr);
+ ASSERT_TRUE(init->NeedSnapshotsInFirstStageMount());
+ ASSERT_TRUE(init->CreateLogicalAndSnapshotPartitions("super", snapshot_timeout_));
+
+ auto indicator = sm->GetRollbackIndicatorPath();
+ ASSERT_NE(access(indicator.c_str(), R_OK), 0);
+
+ // Check that the target partitions have the same content.
+ for (const auto& name : {"sys_b", "vnd_b", "prd_b"}) {
+ ASSERT_TRUE(IsPartitionUnchanged(name));
+ }
+
+ // Initiate the merge and wait for it to be completed.
+ ASSERT_TRUE(init->InitiateMerge());
+ ASSERT_EQ(init->IsSnapuserdRequired(), IsCompressionEnabled());
+ {
+ // Check that the merge phase is FIRST_PHASE until at least one call
+ // to ProcessUpdateState() occurs.
+ ASSERT_TRUE(AcquireLock());
+ auto local_lock = std::move(lock_);
+ auto status = init->ReadSnapshotUpdateStatus(local_lock.get());
+ ASSERT_EQ(status.merge_phase(), MergePhase::FIRST_PHASE);
+ }
+
+ // Simulate shutting down the device and creating partitions again.
+ ASSERT_TRUE(UnmapAll());
+ ASSERT_TRUE(init->CreateLogicalAndSnapshotPartitions("super", snapshot_timeout_));
+
+ // Check that we used the correct types after rebooting mid-merge.
+ DeviceMapper::TargetInfo target;
+ ASSERT_TRUE(init->IsSnapshotDevice("prd_b", &target));
+ ASSERT_EQ(DeviceMapper::GetTargetType(target.spec), "snapshot-merge");
+ ASSERT_TRUE(init->IsSnapshotDevice("sys_b", &target));
+ ASSERT_EQ(DeviceMapper::GetTargetType(target.spec), "snapshot");
+ ASSERT_TRUE(init->IsSnapshotDevice("vnd_b", &target));
+ ASSERT_EQ(DeviceMapper::GetTargetType(target.spec), "snapshot");
+
+ // Complete the merge.
+ ASSERT_EQ(UpdateState::MergeCompleted, init->ProcessUpdateState());
+
+ // Make sure the second phase ran and deleted snapshots.
+ {
+ ASSERT_TRUE(AcquireLock());
+ auto local_lock = std::move(lock_);
+ std::vector<std::string> snapshots;
+ ASSERT_TRUE(init->ListSnapshots(local_lock.get(), &snapshots));
+ ASSERT_TRUE(snapshots.empty());
+ }
+
// Check that the target partitions have the same content after the merge.
for (const auto& name : {"sys_b", "vnd_b", "prd_b"}) {
ASSERT_TRUE(IsPartitionUnchanged(name))
@@ -1814,6 +1978,13 @@
ASSERT_TRUE(init->PerformInitTransition(SnapshotManager::InitTransition::SECOND_STAGE));
+ // :TODO: this is a workaround to ensure the handler list stays empty. We
+ // should make this test more like actual init, and spawn two copies of
+ // snapuserd, given how many other tests we now have for normal snapuserd.
+ ASSERT_TRUE(init->snapuserd_client()->WaitForDeviceDelete("sys_b-user-cow-init"));
+ ASSERT_TRUE(init->snapuserd_client()->WaitForDeviceDelete("vnd_b-user-cow-init"));
+ ASSERT_TRUE(init->snapuserd_client()->WaitForDeviceDelete("prd_b-user-cow-init"));
+
// The control device should have been renamed.
ASSERT_TRUE(android::fs_mgr::WaitForFileDeleted("/dev/dm-user/sys_b-user-cow-init", 10s));
ASSERT_EQ(access("/dev/dm-user/sys_b-user-cow", F_OK), 0);
diff --git a/fs_mgr/libsnapshot/snapuserd.cpp b/fs_mgr/libsnapshot/snapuserd.cpp
index ceba8ab..82db0d3 100644
--- a/fs_mgr/libsnapshot/snapuserd.cpp
+++ b/fs_mgr/libsnapshot/snapuserd.cpp
@@ -391,8 +391,6 @@
}
if (*copy_op) {
- SNAP_LOG(ERROR) << "Invalid batch merge of copy ops: merged_ops_cur_iter: "
- << merged_ops_cur_iter;
CHECK(merged_ops_cur_iter == 1);
}
return merged_ops_cur_iter;
diff --git a/fs_mgr/libsnapshot/test_helpers.cpp b/fs_mgr/libsnapshot/test_helpers.cpp
index 6104c82..e3e3af8 100644
--- a/fs_mgr/libsnapshot/test_helpers.cpp
+++ b/fs_mgr/libsnapshot/test_helpers.cpp
@@ -23,6 +23,7 @@
#include <android-base/unique_fd.h>
#include <gtest/gtest.h>
#include <openssl/sha.h>
+#include <payload_consumer/file_descriptor.h>
namespace android {
namespace snapshot {
@@ -169,6 +170,37 @@
return true;
}
+std::string HashSnapshot(ISnapshotWriter* writer) {
+ auto reader = writer->OpenReader();
+ if (!reader) {
+ return {};
+ }
+
+ SHA256_CTX ctx;
+ SHA256_Init(&ctx);
+
+ uint64_t remaining = reader->BlockDevSize();
+ char buffer[4096];
+ while (remaining) {
+ size_t to_read =
+ static_cast<size_t>(std::min(remaining, static_cast<uint64_t>(sizeof(buffer))));
+ ssize_t read = reader->Read(&buffer, to_read);
+ if (read <= 0) {
+ if (read < 0) {
+ LOG(ERROR) << "Failed to read from snapshot writer";
+ return {};
+ }
+ break;
+ }
+ SHA256_Update(&ctx, buffer, to_read);
+ remaining -= static_cast<size_t>(read);
+ }
+
+ uint8_t out[32];
+ SHA256_Final(out, &ctx);
+ return ToHexString(out, sizeof(out));
+}
+
std::optional<std::string> GetHash(const std::string& path) {
std::string content;
if (!android::base::ReadFileToString(path, &content, true)) {
diff --git a/fs_mgr/tests/adb-remount-test.sh b/fs_mgr/tests/adb-remount-test.sh
index 2433833..0df8cf0 100755
--- a/fs_mgr/tests/adb-remount-test.sh
+++ b/fs_mgr/tests/adb-remount-test.sh
@@ -213,6 +213,13 @@
return ${ret}
}
+[ "USAGE: adb_test <expression>
+
+Returns: exit status of the test expression" ]
+adb_test() {
+ adb_sh test "${@}" </dev/null
+}
+
[ "USAGE: adb_reboot
Returns: true if the reboot command succeeded" ]
@@ -956,7 +963,7 @@
if inAdb; then
reboot=false
for d in ${OVERLAYFS_BACKING}; do
- if adb_su ls -d /${d}/overlay </dev/null >/dev/null 2>/dev/null; then
+ if adb_test -d /${d}/overlay; then
adb_su rm -rf /${d}/overlay </dev/null
reboot=true
fi
@@ -1010,7 +1017,10 @@
echo "${GREEN}[ RUN ]${NORMAL} Testing kernel support for overlayfs" >&2
adb_wait || die "wait for device failed"
-adb_sh ls -d /sys/module/overlay </dev/null >/dev/null 2>/dev/null ||
+adb_root ||
+ die "initial setup"
+
+adb_test -d /sys/module/overlay ||
adb_sh grep "nodev${TAB}overlay" /proc/filesystems </dev/null >/dev/null 2>/dev/null &&
echo "${GREEN}[ OK ]${NORMAL} overlay module present" >&2 ||
(
@@ -1019,7 +1029,7 @@
) ||
overlayfs_supported=false
if ${overlayfs_supported}; then
- adb_su ls /sys/module/overlay/parameters/override_creds </dev/null >/dev/null 2>/dev/null &&
+ adb_test -f /sys/module/overlay/parameters/override_creds &&
echo "${GREEN}[ OK ]${NORMAL} overlay module supports override_creds" >&2 ||
case `adb_sh uname -r </dev/null` in
4.[456789].* | 4.[1-9][0-9]* | [56789].*)
@@ -1032,9 +1042,6 @@
esac
fi
-adb_root ||
- die "initial setup"
-
echo "${GREEN}[ RUN ]${NORMAL} Checking current overlayfs status" >&2
# We can not universally use adb enable-verity to ensure device is
@@ -1044,7 +1051,7 @@
# having to go through enable-verity transition.
reboot=false
for d in ${OVERLAYFS_BACKING}; do
- if adb_sh ls -d /${d}/overlay </dev/null >/dev/null 2>/dev/null; then
+ if adb_test -d /${d}/overlay; then
echo "${YELLOW}[ WARNING ]${NORMAL} /${d}/overlay is setup, surgically wiping" >&2
adb_sh rm -rf /${d}/overlay </dev/null ||
die "/${d}/overlay wipe"
@@ -1220,7 +1227,7 @@
die "scratch size"
echo "${BLUE}[ INFO ]${NORMAL} scratch size ${scratch_size}KB" >&2
for d in ${OVERLAYFS_BACKING}; do
- if adb_sh ls -d /${d}/overlay/system/upper </dev/null >/dev/null 2>/dev/null; then
+ if adb_test -d /${d}/overlay/system/upper; then
echo "${BLUE}[ INFO ]${NORMAL} /${d}/overlay is setup" >&2
fi
done
@@ -1656,8 +1663,10 @@
# This also saves a lot of 'noise' from the command doing a mkfs on backing
# storage and all the related tuning and adjustment.
for d in ${OVERLAYFS_BACKING}; do
- adb_su rm -rf /${d}/overlay </dev/null ||
- die "/${d}/overlay wipe"
+ if adb_test -d /${d}/overlay; then
+ adb_su rm -rf /${d}/overlay </dev/null ||
+ die "/${d}/overlay wipe"
+ fi
done
adb_reboot &&
adb_wait ${ADB_WAIT} ||
diff --git a/gatekeeperd/Android.bp b/gatekeeperd/Android.bp
index 2d9a820..d1046df 100644
--- a/gatekeeperd/Android.bp
+++ b/gatekeeperd/Android.bp
@@ -41,7 +41,7 @@
"libhidlbase",
"android.hardware.gatekeeper@1.0",
"libgatekeeper_aidl",
- "android.hardware.security.keymint-unstable-ndk_platform",
+ "android.hardware.security.keymint-V1-ndk_platform",
"android.security.authorization-ndk_platform",
],
diff --git a/gatekeeperd/gatekeeperd.cpp b/gatekeeperd/gatekeeperd.cpp
index 941f8c2..781b4af 100644
--- a/gatekeeperd/gatekeeperd.cpp
+++ b/gatekeeperd/gatekeeperd.cpp
@@ -327,7 +327,6 @@
LOG(ERROR) << "Failure in sending AuthToken to AuthorizationService.";
return GK_ERROR;
}
- AIBinder_decStrong(authzAIBinder);
}
sp<IServiceManager> sm = defaultServiceManager();
diff --git a/init/Android.bp b/init/Android.bp
index 06ecc59..b0a59b1 100644
--- a/init/Android.bp
+++ b/init/Android.bp
@@ -74,7 +74,6 @@
cc_defaults {
name: "init_defaults",
- cpp_std: "experimental",
sanitize: {
misc_undefined: ["signed-integer-overflow"],
},
@@ -336,7 +335,6 @@
cc_binary {
name: "host_init_verifier",
host_supported: true,
- cpp_std: "experimental",
cflags: [
"-Wall",
"-Wextra",
diff --git a/init/builtins.cpp b/init/builtins.cpp
index c44e03e..6b7d1e9 100644
--- a/init/builtins.cpp
+++ b/init/builtins.cpp
@@ -861,6 +861,11 @@
// for system as root, so it has property [partition.system.verified].
std::string partition = entry.mount_point == "/" ? "system" : Basename(entry.mount_point);
SetProperty("partition." + partition + ".verified", std::to_string(mode));
+
+ std::string hash_alg = fs_mgr_get_hashtree_algorithm(entry);
+ if (!hash_alg.empty()) {
+ SetProperty("partition." + partition + ".verified.hash_alg", hash_alg);
+ }
}
return {};
diff --git a/libcutils/Android.bp b/libcutils/Android.bp
index d46aeab..c75e538 100644
--- a/libcutils/Android.bp
+++ b/libcutils/Android.bp
@@ -167,7 +167,6 @@
"canned_fs_config.cpp",
"iosched_policy.cpp",
"load_file.cpp",
- "memory.cpp",
"native_handle.cpp",
"properties.cpp",
"record_stream.cpp",
diff --git a/libcutils/include/cutils/memory.h b/libcutils/include/cutils/memory.h
index 0fba53c..c6476c1 100644
--- a/libcutils/include/cutils/memory.h
+++ b/libcutils/include/cutils/memory.h
@@ -28,9 +28,6 @@
size_t strlcpy(char *dst, const char *src, size_t size);
#endif
-// Disables memory mitigations for the entire process, and logs appropriately.
-void process_disable_memory_mitigations();
-
#ifdef __cplusplus
} // extern "C"
#endif
diff --git a/libcutils/memory.cpp b/libcutils/memory.cpp
deleted file mode 100644
index 5a410c2..0000000
--- a/libcutils/memory.cpp
+++ /dev/null
@@ -1,38 +0,0 @@
-/*
- * Copyright (C) 2020 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <cutils/memory.h>
-
-#include <log/log.h>
-
-#if !defined(__APPLE__)
-#include <malloc.h>
-#endif
-
-void process_disable_memory_mitigations() {
- bool success = false;
-#ifdef __BIONIC__
- success = mallopt(M_BIONIC_DISABLE_MEMORY_MITIGATIONS, 0);
-#endif
-
- // TODO: if b/158870657 is fixed and scudo is used globally,
- // we can assert on failure rather than just log.
- if (success) {
- ALOGI("Disabled memory mitigations for process.");
- } else {
- ALOGE("Could not disable memory mitigations for process.");
- }
-}
diff --git a/libprocessgroup/profiles/Android.bp b/libprocessgroup/profiles/Android.bp
index a496237..2d7bb5a 100644
--- a/libprocessgroup/profiles/Android.bp
+++ b/libprocessgroup/profiles/Android.bp
@@ -123,9 +123,6 @@
"cgroups.recovery.json",
"task_profiles.json",
],
- test_suites: [
- "general-tests",
- ],
}
cc_test {
diff --git a/libprocessgroup/profiles/TEST_MAPPING b/libprocessgroup/profiles/TEST_MAPPING
deleted file mode 100644
index 5ff4112..0000000
--- a/libprocessgroup/profiles/TEST_MAPPING
+++ /dev/null
@@ -1,8 +0,0 @@
-{
- "presubmit": [
- {
- "name": "libprocessgroup_proto_test",
- "host": true
- }
- ]
-}
diff --git a/libprocessgroup/profiles/cgroups.json b/libprocessgroup/profiles/cgroups.json
index 5b7a28a..792af6f 100644
--- a/libprocessgroup/profiles/cgroups.json
+++ b/libprocessgroup/profiles/cgroups.json
@@ -42,7 +42,7 @@
"Controllers": [
{
"Controller": "freezer",
- "Path": "freezer",
+ "Path": ".",
"Mode": "0755",
"UID": "system",
"GID": "system"
diff --git a/libprocessgroup/profiles/task_profiles.json b/libprocessgroup/profiles/task_profiles.json
index 5b57bdd..628098b 100644
--- a/libprocessgroup/profiles/task_profiles.json
+++ b/libprocessgroup/profiles/task_profiles.json
@@ -46,7 +46,7 @@
"File": "cpu.uclamp.latency_sensitive"
},
{
- "Name": "FreezerState",
+ "Name": "Freezer",
"Controller": "freezer",
"File": "cgroup.freeze"
}
@@ -70,11 +70,11 @@
"Name": "Frozen",
"Actions": [
{
- "Name": "JoinCgroup",
+ "Name": "SetAttribute",
"Params":
{
- "Controller": "freezer",
- "Path": ""
+ "Name": "Freezer",
+ "Value": "1"
}
}
]
@@ -83,11 +83,11 @@
"Name": "Unfrozen",
"Actions": [
{
- "Name": "JoinCgroup",
+ "Name": "SetAttribute",
"Params":
{
- "Controller": "freezer",
- "Path": "../"
+ "Name": "Freezer",
+ "Value": "0"
}
}
]
diff --git a/libprocessgroup/task_profiles.cpp b/libprocessgroup/task_profiles.cpp
index 1311306..8d4ce25 100644
--- a/libprocessgroup/task_profiles.cpp
+++ b/libprocessgroup/task_profiles.cpp
@@ -273,7 +273,7 @@
value = StringReplace(value, "<pid>", std::to_string(pid), true);
if (!WriteStringToFile(value, filepath)) {
- PLOG(ERROR) << "Failed to write '" << value << "' to " << filepath;
+ if (logfailures_) PLOG(ERROR) << "Failed to write '" << value << "' to " << filepath;
return false;
}
@@ -290,7 +290,7 @@
value = StringReplace(value, "<pid>", std::to_string(tid), true);
if (!WriteStringToFile(value, filepath)) {
- PLOG(ERROR) << "Failed to write '" << value << "' to " << filepath;
+ if (logfailures_) PLOG(ERROR) << "Failed to write '" << value << "' to " << filepath;
return false;
}
@@ -516,7 +516,10 @@
std::string attr_filepath = params_val["FilePath"].asString();
std::string attr_value = params_val["Value"].asString();
if (!attr_filepath.empty() && !attr_value.empty()) {
- profile->Add(std::make_unique<WriteFileAction>(attr_filepath, attr_value));
+ const Json::Value& logfailures = params_val["LogFailures"];
+ bool attr_logfailures = logfailures.isNull() || logfailures.asBool();
+ profile->Add(std::make_unique<WriteFileAction>(attr_filepath, attr_value,
+ attr_logfailures));
} else if (attr_filepath.empty()) {
LOG(WARNING) << "WriteFile: invalid parameter: "
<< "empty filepath";
diff --git a/libprocessgroup/task_profiles.h b/libprocessgroup/task_profiles.h
index 98bcb0e..25a84b0 100644
--- a/libprocessgroup/task_profiles.h
+++ b/libprocessgroup/task_profiles.h
@@ -142,14 +142,16 @@
// Write to file action
class WriteFileAction : public ProfileAction {
public:
- WriteFileAction(const std::string& filepath, const std::string& value) noexcept
- : filepath_(filepath), value_(value) {}
+ WriteFileAction(const std::string& filepath, const std::string& value,
+ bool logfailures) noexcept
+ : filepath_(filepath), value_(value), logfailures_(logfailures) {}
virtual bool ExecuteForProcess(uid_t uid, pid_t pid) const;
virtual bool ExecuteForTask(int tid) const;
private:
std::string filepath_, value_;
+ bool logfailures_;
};
class TaskProfile {
diff --git a/llkd/libllkd.cpp b/llkd/libllkd.cpp
index a24d900..9f3e218 100644
--- a/llkd/libllkd.cpp
+++ b/llkd/libllkd.cpp
@@ -962,7 +962,7 @@
//
// This alarm is effectively the live lock detection of llkd, as
// we understandably can not monitor ourselves otherwise.
- ::alarm(duration_cast<seconds>(llkTimeoutMs * 2).count());
+ ::alarm(duration_cast<seconds>(llkTimeoutMs * 2 * android::base::TimeoutMultiplier()).count());
// kernel jiffy precision fastest acquisition
static timespec last;
diff --git a/property_service/libpropertyinfoparser/Android.bp b/property_service/libpropertyinfoparser/Android.bp
index 2d7e9cb..8777896 100644
--- a/property_service/libpropertyinfoparser/Android.bp
+++ b/property_service/libpropertyinfoparser/Android.bp
@@ -8,7 +8,6 @@
native_bridge_supported: true,
srcs: ["property_info_parser.cpp"],
- cpp_std: "experimental",
cppflags: [
"-Wall",
"-Wextra",
diff --git a/property_service/libpropertyinfoserializer/Android.bp b/property_service/libpropertyinfoserializer/Android.bp
index aa02a3a..f91bc37 100644
--- a/property_service/libpropertyinfoserializer/Android.bp
+++ b/property_service/libpropertyinfoserializer/Android.bp
@@ -1,7 +1,6 @@
cc_defaults {
name: "propertyinfoserializer_defaults",
host_supported: true,
- cpp_std: "experimental",
cppflags: [
"-Wall",
"-Wextra",
diff --git a/property_service/property_info_checker/Android.bp b/property_service/property_info_checker/Android.bp
index 65e660a..66f378a 100644
--- a/property_service/property_info_checker/Android.bp
+++ b/property_service/property_info_checker/Android.bp
@@ -2,7 +2,6 @@
name: "property_info_checker",
host_supported: true,
static_executable: true,
- cpp_std: "experimental",
static_libs: [
"libpropertyinfoserializer",
"libpropertyinfoparser",
diff --git a/rootdir/init.rc b/rootdir/init.rc
index 21a78c1..03af4f3 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -731,6 +731,7 @@
mkdir /data/misc/installd 0700 root root
mkdir /data/misc/apexdata 0711 root root
mkdir /data/misc/apexrollback 0700 root root
+ mkdir /data/misc/appcompat/ 0700 system system
mkdir /data/misc/snapshotctl_log 0755 root root
# create location to store pre-reboot information
mkdir /data/misc/prereboot 0700 system system
diff --git a/shell_and_utilities/README.md b/shell_and_utilities/README.md
index d169d29..f339553 100644
--- a/shell_and_utilities/README.md
+++ b/shell_and_utilities/README.md
@@ -26,7 +26,8 @@
because the toolbox implementations did have bugs fixed and options added
over the years. Gingerbread's rm, for example, supported `-r`/`-R` but not
`-f`. But this gives you an idea of what was available in any given release,
-and how usable it was likely to be.
+and how usable it was likely to be. (**Bold** marks where we switched to toybox
+or first added something to toybox.)
Also note that in any given release `toybox` probably contains more
commands than there are symlinks for in `/system/bin`. You can get the
@@ -118,18 +119,18 @@
toolbox: getevent iftop ioctl log nandread newfs\_msdos ps prlimit
sendevent start stop top
-toybox (0.7.0-ish): acpi base64 basename blockdev bzcat cal cat chcon chgrp chmod
-chown chroot cksum clear comm cmp cp cpio cut date df dirname dmesg
-dos2unix du echo env expand expr fallocate false find flock free
+toybox (0.7.0-ish): acpi **base64** basename blockdev bzcat cal cat chcon chgrp chmod
+chown chroot cksum clear comm cmp cp cpio cut date **df** dirname dmesg
+dos2unix **du** echo env expand expr fallocate false find **flock** free
getenforce getprop groups head hostname hwclock id ifconfig inotifyd
-insmod ionice iorenice kill killall load\_policy ln logname losetup ls
-lsmod lsof lsusb md5sum mkdir mknod mkswap mktemp modinfo more mount
+insmod **ionice** **iorenice** kill **killall** load\_policy ln logname losetup **ls**
+lsmod **lsof** lsusb md5sum mkdir mknod mkswap mktemp modinfo more *mount*
mountpoint mv netstat nice nl nohup od paste patch pgrep pidof pkill
-pmap printenv printf pwd readlink realpath renice restorecon rm rmdir
+pmap printenv printf pwd readlink realpath **renice** restorecon rm rmdir
rmmod route runcon sed seq setenforce setprop setsid sha1sum sleep sort
split stat strings swapoff swapon sync sysctl tac tail tar taskset tee
-time timeout touch tr true truncate tty ulimit umount uname uniq unix2dos
-uptime usleep vmstat wc which whoami xargs xxd yes
+time timeout touch tr true truncate **tty** **ulimit** umount uname uniq unix2dos
+**uptime** usleep vmstat wc which whoami xargs **xxd** yes
## Android 8.0 (Oreo)
@@ -141,19 +142,19 @@
toolbox: getevent newfs\_msdos
toybox (0.7.3-ish): acpi base64 basename blockdev cal cat chcon chgrp chmod chown
-chroot chrt cksum clear cmp comm cp cpio cut date df diff dirname dmesg
-dos2unix du echo env expand expr fallocate false file find flock free
-getenforce getprop groups gunzip gzip head hostname hwclock id ifconfig
-inotifyd insmod ionice iorenice kill killall ln load\_policy log logname
-losetup ls lsmod lsof lspci lsusb md5sum microcom mkdir mkfifo mknod
-mkswap mktemp modinfo modprobe more mount mountpoint mv netstat nice
-nl nohup od paste patch pgrep pidof pkill pmap printenv printf ps pwd
-readlink realpath renice restorecon rm rmdir rmmod runcon sed sendevent
-seq setenforce setprop setsid sha1sum sha224sum sha256sum sha384sum
-sha512sum sleep sort split start stat stop strings swapoff swapon sync
-sysctl tac tail tar taskset tee time timeout top touch tr true truncate
-tty ulimit umount uname uniq unix2dos uptime usleep uudecode uuencode
-vmstat wc which whoami xargs xxd yes zcat
+chroot chrt cksum clear cmp comm cp cpio cut date df **diff** dirname dmesg
+dos2unix du echo env expand expr fallocate false **file** find flock free
+getenforce getprop groups **gunzip** **gzip** head hostname hwclock id ifconfig
+inotifyd insmod ionice iorenice kill killall ln load\_policy **log** logname
+losetup ls lsmod lsof **lspci** lsusb md5sum **microcom** mkdir **mkfifo** mknod
+mkswap mktemp modinfo **modprobe** more mount mountpoint mv netstat nice
+nl nohup od paste patch pgrep pidof pkill pmap printenv printf **ps** pwd
+readlink realpath renice restorecon rm rmdir rmmod runcon sed **sendevent**
+seq setenforce setprop setsid sha1sum **sha224sum** **sha256sum** **sha384sum**
+**sha512sum** sleep sort split start stat stop strings swapoff swapon sync
+sysctl tac tail tar taskset tee time timeout **top** touch tr true truncate
+tty ulimit umount uname uniq unix2dos uptime usleep **uudecode** **uuencode**
+vmstat wc which whoami xargs xxd yes **zcat**
## Android 9.0 (Pie)
@@ -168,7 +169,7 @@
toybox (0.7.6-ish): acpi base64 basename blockdev cal cat chcon chgrp chmod chown
chroot chrt cksum clear cmp comm cp cpio cut date df diff dirname dmesg
-dos2unix du echo env expand expr fallocate false file find flock fmt free
+dos2unix du echo env expand expr fallocate false file find flock **fmt** free
getenforce groups gunzip gzip head hostname hwclock id ifconfig inotifyd
insmod ionice iorenice kill killall ln load\_policy log logname losetup ls
lsmod lsof lspci lsusb md5sum microcom mkdir mkfifo mknod mkswap mktemp
@@ -176,7 +177,7 @@
patch pgrep pidof pkill pmap printenv printf ps pwd readlink realpath
renice restorecon rm rmdir rmmod runcon sed sendevent seq setenforce
setprop setsid sha1sum sha224sum sha256sum sha384sum sha512sum sleep
-sort split start stat stop strings stty swapoff swapon sync sysctl tac
+sort split start stat stop strings **stty** swapoff swapon sync sysctl tac
tail tar taskset tee time timeout top touch tr true truncate tty ulimit
umount uname uniq unix2dos uptime usleep uudecode uuencode vmstat wc
which whoami xargs xxd yes zcat
@@ -192,24 +193,24 @@
toolbox: getevent getprop
-toybox (0.8.0-ish): acpi base64 basename bc blkid blockdev cal cat chattr chcon chgrp
+toybox (0.8.0-ish): acpi base64 basename **bc** **blkid** blockdev cal cat **chattr** chcon chgrp
chmod chown chroot chrt cksum clear cmp comm cp cpio cut date dd df
-diff dirname dmesg dos2unix du echo egrep env expand expr fallocate
-false fgrep file find flock fmt free freeramdisk fsfreeze getconf
-getenforce getfattr grep groups gunzip gzip head help hostname hwclock
-i2cdetect i2cdump i2cget i2cset iconv id ifconfig inotifyd insmod
-install ionice iorenice iotop kill killall ln load\_policy log logname
-losetup ls lsattr lsmod lsof lspci lsusb makedevs md5sum microcom
+diff dirname dmesg dos2unix du echo **egrep** env expand expr fallocate
+false **fgrep** file find flock fmt free **freeramdisk** **fsfreeze** **getconf**
+getenforce **getfattr** grep groups gunzip gzip head **help** hostname hwclock
+**i2cdetect** **i2cdump** **i2cget** **i2cset** **iconv** id ifconfig inotifyd insmod
+**install** ionice iorenice **iotop** kill killall ln load\_policy log logname
+losetup ls **lsattr** lsmod lsof lspci lsusb **makedevs** md5sum microcom
mkdir mkfifo mknod mkswap mktemp modinfo modprobe more mount mountpoint
-mv nbd-client nc netcat netstat nice nl nohup nproc nsenter od partprobe
-paste patch pgrep pidof ping ping6 pivot\_root pkill pmap printenv
-printf prlimit ps pwd pwdx readlink realpath renice restorecon rev
-rfkill rm rmdir rmmod runcon sed sendevent seq setenforce setfattr
+mv **nbd-client** **nc** **netcat** netstat nice nl nohup **nproc** **nsenter** od **partprobe**
+paste patch pgrep pidof **ping** **ping6** **pivot\_root** pkill pmap printenv
+printf **prlimit** ps pwd **pwdx** readlink realpath renice restorecon **rev**
+**rfkill** rm rmdir rmmod runcon sed sendevent seq setenforce **setfattr**
setprop setsid sha1sum sha224sum sha256sum sha384sum sha512sum sleep
sort split start stat stop strings stty swapoff swapon sync sysctl
-tac tail tar taskset tee time timeout top touch tr traceroute traceroute6
-true truncate tty tunctl ulimit umount uname uniq unix2dos unlink
-unshare uptime usleep uudecode uuencode uuidgen vconfig vmstat watch
+tac tail tar taskset tee time timeout top touch tr **traceroute** **traceroute6**
+true truncate tty **tunctl** ulimit umount uname uniq unix2dos **unlink**
+**unshare** uptime usleep uudecode uuencode **uuidgen** **vconfig** vmstat **watch**
wc which whoami xargs xxd yes zcat
## Android 11 ("R")
@@ -225,21 +226,53 @@
toolbox: getevent getprop setprop start stop
toybox (0.8.3-ish): acpi base64 basename blkid blockdev cal cat chattr chcon chgrp chmod
-chown chroot chrt cksum clear cmp comm cp cpio cut date dd devmem
+chown chroot chrt cksum clear cmp comm cp cpio cut date dd **devmem**
df diff dirname dmesg dos2unix du echo egrep env expand expr fallocate
-false fgrep file find flock fmt free freeramdisk fsfreeze fsync getconf
-getenforce getfattr getopt grep groups gunzip gzip head help hostname
+false fgrep file find flock fmt free freeramdisk fsfreeze **fsync** getconf
+getenforce getfattr **getopt** grep groups gunzip gzip head help hostname
hwclock i2cdetect i2cdump i2cget i2cset iconv id ifconfig inotifyd
insmod install ionice iorenice iotop kill killall ln load\_policy log
logname losetup ls lsattr lsmod lsof lspci lsusb makedevs md5sum microcom
mkdir mkfifo mknod mkswap mktemp modinfo modprobe more mount mountpoint
mv nbd-client nc netcat netstat nice nl nohup nproc nsenter od partprobe
paste patch pgrep pidof ping ping6 pivot\_root pkill pmap printenv
-printf prlimit ps pwd pwdx readelf readlink realpath renice restorecon
+printf prlimit ps pwd pwdx **readelf** readlink realpath renice restorecon
rev rfkill rm rmdir rmmod runcon sed sendevent seq setenforce setfattr
setsid sha1sum sha224sum sha256sum sha384sum sha512sum sleep sort
split stat strings stty swapoff swapon sync sysctl tac tail tar taskset
tee time timeout top touch tr traceroute traceroute6 true truncate
tty tunctl ulimit umount uname uniq unix2dos unlink unshare uptime
-usleep uudecode uuencode uuidgen vconfig vi vmstat watch wc which
+usleep uudecode uuencode uuidgen vconfig **vi** vmstat watch wc which
whoami xargs xxd yes zcat
+
+## Android ("S")
+
+BSD: fsck\_msdos newfs\_msdos
+
+bzip2: bzcat bzip2 bunzip2
+
+gavinhoward/bc: bc
+
+one-true-awk: awk
+
+toolbox: getevent getprop setprop start stop
+
+toybox (0.8.4-ish): **[** acpi base64 basename **blkdiscard** blkid blockdev cal cat chattr chcon
+chgrp chmod chown chroot chrt cksum clear cmp comm cp cpio cut date
+dd devmem df diff dirname dmesg dos2unix du echo egrep env expand
+expr fallocate false fgrep file find flock fmt free freeramdisk fsfreeze
+fsync getconf getenforce getfattr getopt grep groups gunzip gzip head
+help hostname hwclock i2cdetect i2cdump i2cget i2cset iconv id ifconfig
+inotifyd insmod install ionice iorenice iotop kill killall ln load\_policy
+log logname losetup ls lsattr lsmod lsof lspci lsusb makedevs md5sum
+microcom mkdir mkfifo mknod mkswap mktemp modinfo modprobe more mount
+mountpoint mv nbd-client nc netcat netstat nice nl nohup nproc nsenter
+od partprobe paste patch pgrep pidof ping ping6 pivot\_root pkill pmap
+printenv printf prlimit ps pwd pwdx readelf readlink realpath renice
+restorecon rev rfkill rm rmdir rmmod **rtcwake** runcon sed sendevent
+seq setenforce setfattr setsid sha1sum sha224sum sha256sum sha384sum
+sha512sum sleep sort split stat strings stty swapoff swapon sync sysctl
+tac tail tar taskset tee **test** time timeout top touch tr traceroute
+traceroute6 true truncate tty tunctl ulimit umount uname uniq unix2dos
+unlink unshare uptime usleep uudecode uuencode uuidgen vconfig vi
+vmstat watch wc which whoami xargs xxd yes zcat
diff --git a/storaged/include/storaged.h b/storaged/include/storaged.h
index 6f92048..79b5d41 100644
--- a/storaged/include/storaged.h
+++ b/storaged/include/storaged.h
@@ -86,6 +86,7 @@
sp<android::hardware::health::V2_0::IHealth> health;
unique_ptr<storage_info_t> storage_info;
static const uint32_t current_version;
+ Mutex proto_lock;
unordered_map<userid_t, bool> proto_loaded;
void load_proto(userid_t user_id);
char* prepare_proto(userid_t user_id, StoragedProto* proto);
diff --git a/storaged/storaged.cpp b/storaged/storaged.cpp
index 573b8c5..b7aa89f 100644
--- a/storaged/storaged.cpp
+++ b/storaged/storaged.cpp
@@ -162,6 +162,8 @@
}
void storaged_t::add_user_ce(userid_t user_id) {
+ Mutex::Autolock _l(proto_lock);
+
if (!proto_loaded[user_id]) {
load_proto(user_id);
proto_loaded[user_id] = true;
@@ -169,6 +171,8 @@
}
void storaged_t::remove_user_ce(userid_t user_id) {
+ Mutex::Autolock _l(proto_lock);
+
proto_loaded[user_id] = false;
mUidm.clear_user_history(user_id);
RemoveFileIfExists(proto_path(user_id), nullptr);
@@ -298,6 +302,8 @@
}
void storaged_t::flush_protos(unordered_map<int, StoragedProto>* protos) {
+ Mutex::Autolock _l(proto_lock);
+
for (auto& it : *protos) {
/*
* Don't flush proto if we haven't attempted to load it from file.
diff --git a/toolbox/Android.bp b/toolbox/Android.bp
index 4ca5f5a..3207824 100644
--- a/toolbox/Android.bp
+++ b/toolbox/Android.bp
@@ -19,7 +19,6 @@
cc_defaults {
name: "toolbox_binary_defaults",
defaults: ["toolbox_defaults"],
- cpp_std: "experimental",
srcs: [
"toolbox.c",
"getevent.c",
diff --git a/trusty/apploader/Android.bp b/trusty/apploader/Android.bp
new file mode 100644
index 0000000..7e97cb8
--- /dev/null
+++ b/trusty/apploader/Android.bp
@@ -0,0 +1,36 @@
+//
+// Copyright (C) 2020 The Android Open-Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+cc_binary {
+ name: "trusty_apploader",
+ vendor: true,
+
+ srcs: [
+ "apploader.cpp",
+ ],
+
+ shared_libs: [
+ "libbase",
+ "libc",
+ "liblog",
+ "libtrusty",
+ "libdmabufheap",
+ ],
+ cflags: [
+ "-Wall",
+ "-Werror",
+ ],
+}
diff --git a/trusty/apploader/apploader.cpp b/trusty/apploader/apploader.cpp
new file mode 100644
index 0000000..5d5d882
--- /dev/null
+++ b/trusty/apploader/apploader.cpp
@@ -0,0 +1,272 @@
+/*
+ * Copyright (C) 2020 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#define LOG_TAG "TrustyAppLoader"
+
+#include <BufferAllocator/BufferAllocator.h>
+#include <android-base/logging.h>
+#include <android-base/unique_fd.h>
+#include <fcntl.h>
+#include <getopt.h>
+#include <stdbool.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/mman.h>
+#include <sys/sendfile.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <trusty/tipc.h>
+#include <unistd.h>
+#include <algorithm>
+#include <string>
+
+#include "apploader_ipc.h"
+
+using android::base::unique_fd;
+using std::string;
+
+constexpr const char kTrustyDefaultDeviceName[] = "/dev/trusty-ipc-dev0";
+
+static const char* dev_name = kTrustyDefaultDeviceName;
+
+static const char* _sopts = "hs";
+static const struct option _lopts[] = {
+ {"help", no_argument, 0, 'h'},
+ {"dev", required_argument, 0, 'D'},
+ {0, 0, 0, 0},
+};
+
+static const char* usage =
+ "Usage: %s [options] package-file\n"
+ "\n"
+ "options:\n"
+ " -h, --help prints this message and exit\n"
+ " -D, --dev name Trusty device name\n"
+ "\n";
+
+static void print_usage_and_exit(const char* prog, int code) {
+ fprintf(stderr, usage, prog);
+ exit(code);
+}
+
+static void parse_options(int argc, char** argv) {
+ int c;
+ int oidx = 0;
+
+ while (1) {
+ c = getopt_long(argc, argv, _sopts, _lopts, &oidx);
+ if (c == -1) {
+ break; /* done */
+ }
+
+ switch (c) {
+ case 'h':
+ print_usage_and_exit(argv[0], EXIT_SUCCESS);
+ break;
+
+ case 'D':
+ dev_name = strdup(optarg);
+ break;
+
+ default:
+ print_usage_and_exit(argv[0], EXIT_FAILURE);
+ }
+ }
+}
+
+static unique_fd read_file(const char* file_name, off64_t* out_file_size) {
+ int rc;
+ long page_size = sysconf(_SC_PAGESIZE);
+ off64_t file_size, file_page_offset, file_page_size;
+ struct stat64 st;
+
+ unique_fd file_fd(TEMP_FAILURE_RETRY(open(file_name, O_RDONLY)));
+ if (!file_fd.ok()) {
+ fprintf(stderr, "Error opening file '%s': %s\n", file_name, strerror(errno));
+ return {};
+ }
+
+ rc = fstat64(file_fd, &st);
+ if (rc < 0) {
+ fprintf(stderr, "Error calling stat on file '%s': %s\n", file_name, strerror(errno));
+ return {};
+ }
+
+ assert(st.st_size >= 0);
+ file_size = st.st_size;
+
+ /* The dmabuf size needs to be a multiple of the page size */
+ file_page_offset = file_size & (page_size - 1);
+ if (file_page_offset) {
+ file_page_offset = page_size - file_page_offset;
+ }
+ if (__builtin_add_overflow(file_size, file_page_offset, &file_page_size)) {
+ fprintf(stderr, "Failed to page-align file size\n");
+ return {};
+ }
+
+ BufferAllocator alloc;
+ unique_fd dmabuf_fd(alloc.Alloc(kDmabufSystemHeapName, file_page_size));
+ if (!dmabuf_fd.ok()) {
+ fprintf(stderr, "Error creating dmabuf: %d\n", dmabuf_fd.get());
+ return dmabuf_fd;
+ }
+
+ void* shm = mmap(0, file_page_size, PROT_READ | PROT_WRITE, MAP_SHARED, dmabuf_fd, 0);
+ if (shm == MAP_FAILED) {
+ return {};
+ }
+
+ off64_t file_offset = 0;
+ while (file_offset < file_size) {
+ ssize_t num_read = TEMP_FAILURE_RETRY(
+ pread(file_fd, (char*)shm + file_offset, file_size - file_offset, file_offset));
+
+ if (num_read < 0) {
+ fprintf(stderr, "Error reading package file '%s': %s\n", file_name, strerror(errno));
+ break;
+ }
+
+ if (num_read == 0) {
+ fprintf(stderr, "Unexpected end of file '%s'\n", file_name);
+ break;
+ }
+
+ file_offset += (off64_t)num_read;
+ }
+
+ munmap(shm, file_page_size);
+
+ if (file_offset < file_size) {
+ return {};
+ }
+
+ assert(file_offset == file_size);
+ if (out_file_size) {
+ *out_file_size = file_size;
+ }
+
+ return dmabuf_fd;
+}
+
+static ssize_t send_load_message(int tipc_fd, int package_fd, off64_t package_size) {
+ struct apploader_header hdr = {
+ .cmd = APPLOADER_CMD_LOAD_APPLICATION,
+ };
+ struct apploader_load_app_req req = {
+ .package_size = static_cast<uint64_t>(package_size),
+ };
+ struct iovec tx[2] = {{&hdr, sizeof(hdr)}, {&req, sizeof(req)}};
+ struct trusty_shm shm = {
+ .fd = package_fd,
+ .transfer = TRUSTY_SHARE,
+ };
+ return tipc_send(tipc_fd, tx, 2, &shm, 1);
+}
+
+static ssize_t read_response(int tipc_fd) {
+ struct apploader_resp resp;
+ ssize_t rc = read(tipc_fd, &resp, sizeof(resp));
+ if (rc < 0) {
+ fprintf(stderr, "Failed to read response: %zd\n", rc);
+ return rc;
+ }
+
+ if (rc < sizeof(resp)) {
+ fprintf(stderr, "Not enough data in response: %zd\n", rc);
+ return -EIO;
+ }
+
+ if (resp.hdr.cmd != (APPLOADER_CMD_LOAD_APPLICATION | APPLOADER_RESP_BIT)) {
+ fprintf(stderr, "Invalid command in response: %u\n", resp.hdr.cmd);
+ return -EINVAL;
+ }
+
+ switch (resp.error) {
+ case APPLOADER_NO_ERROR:
+ break;
+ case APPLOADER_ERR_UNKNOWN_CMD:
+ fprintf(stderr, "Error: unknown command\n");
+ break;
+ case APPLOADER_ERR_INVALID_CMD:
+ fprintf(stderr, "Error: invalid command arguments\n");
+ break;
+ case APPLOADER_ERR_NO_MEMORY:
+ fprintf(stderr, "Error: out of Trusty memory\n");
+ break;
+ case APPLOADER_ERR_VERIFICATION_FAILED:
+ fprintf(stderr, "Error: failed to verify the package\n");
+ break;
+ case APPLOADER_ERR_LOADING_FAILED:
+ fprintf(stderr, "Error: failed to load the package\n");
+ break;
+ case APPLOADER_ERR_ALREADY_EXISTS:
+ fprintf(stderr, "Error: application already exists\n");
+ break;
+ case APPLOADER_ERR_INTERNAL:
+ fprintf(stderr, "Error: internal apploader error\n");
+ break;
+ default:
+ fprintf(stderr, "Unrecognized error: %u\n", resp.error);
+ break;
+ }
+
+ return static_cast<ssize_t>(resp.error);
+}
+
+static ssize_t send_app_package(const char* package_file_name) {
+ ssize_t rc = 0;
+ int tipc_fd = -1;
+ off64_t package_size;
+
+ unique_fd package_fd = read_file(package_file_name, &package_size);
+ if (!package_fd.ok()) {
+ rc = -1;
+ goto err_read_file;
+ }
+
+ tipc_fd = tipc_connect(dev_name, APPLOADER_PORT);
+ if (tipc_fd < 0) {
+ fprintf(stderr, "Failed to connect to Trusty app loader: %s\n", strerror(-tipc_fd));
+ rc = tipc_fd;
+ goto err_tipc_connect;
+ }
+
+ rc = send_load_message(tipc_fd, package_fd, package_size);
+ if (rc < 0) {
+ fprintf(stderr, "Failed to send package: %zd\n", rc);
+ goto err_send;
+ }
+
+ rc = read_response(tipc_fd);
+
+err_send:
+ tipc_close(tipc_fd);
+err_tipc_connect:
+err_read_file:
+ return rc;
+}
+
+int main(int argc, char** argv) {
+ parse_options(argc, argv);
+ if (optind + 1 != argc) {
+ print_usage_and_exit(argv[0], EXIT_FAILURE);
+ }
+
+ int rc = send_app_package(argv[optind]);
+ return rc == 0 ? EXIT_SUCCESS : EXIT_FAILURE;
+}
diff --git a/trusty/apploader/apploader_ipc.h b/trusty/apploader/apploader_ipc.h
new file mode 100644
index 0000000..d8c915e
--- /dev/null
+++ b/trusty/apploader/apploader_ipc.h
@@ -0,0 +1,92 @@
+/*
+ * Copyright (C) 2020 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include <stdint.h>
+
+#define APPLOADER_PORT "com.android.trusty.apploader"
+
+enum apploader_command : uint32_t {
+ APPLOADER_REQ_SHIFT = 1,
+ APPLOADER_RESP_BIT = 1,
+
+ APPLOADER_CMD_LOAD_APPLICATION = (0 << APPLOADER_REQ_SHIFT),
+ APPLOADER_CMD_GET_VERSION = (1 << APPLOADER_REQ_SHIFT),
+ APPLOADER_CMD_UNLOAD_APPLICATION = (2 << APPLOADER_REQ_SHIFT),
+};
+
+/**
+ * enum apploader_error - error codes for apploader
+ * @APPLOADER_NO_ERROR: no error
+ * @APPLOADER_ERR_UNKNOWN_CMD: unknown or not implemented command
+ * @APPLOADER_ERR_INVALID_CMD: invalid arguments or inputs passed to
+ * command
+ * @APPLOADER_ERR_NO_MEMORY: failed to allocate memory
+ * @APPLOADER_ERR_VERIFICATION_FAILED: failed to verify input application
+ * package for any reason, e.g., signature
+ * verification failed
+ * @APPLOADER_ERR_LOADING_FAILED: Trusty kernel or apploader service
+ * failed to load application
+ * @APPLOADER_ERR_ALREADY_EXISTS: application has already been loaded
+ * @APPLOADER_ERR_INTERNAL: miscellaneous or internal apploader
+ * error not covered by the above
+ */
+enum apploader_error : uint32_t {
+ APPLOADER_NO_ERROR = 0,
+ APPLOADER_ERR_UNKNOWN_CMD,
+ APPLOADER_ERR_INVALID_CMD,
+ APPLOADER_ERR_NO_MEMORY,
+ APPLOADER_ERR_VERIFICATION_FAILED,
+ APPLOADER_ERR_LOADING_FAILED,
+ APPLOADER_ERR_ALREADY_EXISTS,
+ APPLOADER_ERR_INTERNAL,
+};
+
+/**
+ * apploader_header - Serial header for communicating with apploader
+ * @cmd: the command; one of &enum apploader_command values.
+ */
+struct apploader_header {
+ uint32_t cmd;
+} __packed;
+
+/**
+ * apploader_load_app_req - Serial arguments for LOAD_APPLICATION command
+ * @package_size: size of the application package.
+ *
+ * Load an application from a given memory region. The request message also
+ * contains a handle for a memfd that contains the application package.
+ *
+ * The response is a &struct apploader_resp with the error code or
+ * %APPLOADER_NO_ERROR on success.
+ */
+struct apploader_load_app_req {
+ uint64_t package_size;
+} __packed;
+
+/**
+ * apploader_resp - Common header for all apploader responses
+ * @hdr - header with command value.
+ * @error - error code returned by peer; one of &enum apploader_error values.
+ *
+ * This structure is followed by the response-specific payload, if the command
+ * has one.
+ */
+struct apploader_resp {
+ struct apploader_header hdr;
+ uint32_t error;
+} __packed;
diff --git a/trusty/gatekeeper/gatekeeper_ipc.h b/trusty/gatekeeper/gatekeeper_ipc.h
index b05dcd8..8709d1a 100644
--- a/trusty/gatekeeper/gatekeeper_ipc.h
+++ b/trusty/gatekeeper/gatekeeper_ipc.h
@@ -20,11 +20,13 @@
#define GATEKEEPER_MAX_BUFFER_LENGTH 1024
enum gatekeeper_command {
- GK_REQ_SHIFT = 1,
- GK_RESP_BIT = 1,
+ GK_REQ_SHIFT = 1,
+ GK_RESP_BIT = 1,
- GK_ENROLL = (0 << GK_REQ_SHIFT),
- GK_VERIFY = (1 << GK_REQ_SHIFT),
+ GK_ENROLL = (0 << GK_REQ_SHIFT),
+ GK_VERIFY = (1 << GK_REQ_SHIFT),
+ GK_DELETE_USER = (2 << GK_REQ_SHIFT),
+ GK_DELETE_ALL_USERS = (3 << GK_REQ_SHIFT),
};
/**
diff --git a/trusty/gatekeeper/trusty_gatekeeper.cpp b/trusty/gatekeeper/trusty_gatekeeper.cpp
index e416fb2..ec4f81b 100644
--- a/trusty/gatekeeper/trusty_gatekeeper.cpp
+++ b/trusty/gatekeeper/trusty_gatekeeper.cpp
@@ -133,13 +133,48 @@
return {};
}
-Return<void> TrustyGateKeeperDevice::deleteUser(uint32_t /*uid*/, deleteUser_cb _hidl_cb) {
- _hidl_cb({GatekeeperStatusCode::ERROR_NOT_IMPLEMENTED, 0, {}});
+Return<void> TrustyGateKeeperDevice::deleteUser(uint32_t uid, deleteUser_cb _hidl_cb) {
+ if (error_ != 0) {
+ _hidl_cb({GatekeeperStatusCode::ERROR_GENERAL_FAILURE, 0, {}});
+ return {};
+ }
+
+ DeleteUserRequest request(uid);
+ DeleteUserResponse response;
+ auto error = Send(request, &response);
+
+ if (error != ERROR_NONE) {
+ _hidl_cb({GatekeeperStatusCode::ERROR_GENERAL_FAILURE, 0, {}});
+ } else if (response.error == ERROR_NOT_IMPLEMENTED) {
+ _hidl_cb({GatekeeperStatusCode::ERROR_NOT_IMPLEMENTED, 0, {}});
+ } else if (response.error != ERROR_NONE) {
+ _hidl_cb({GatekeeperStatusCode::ERROR_GENERAL_FAILURE, 0, {}});
+ } else {
+ _hidl_cb({GatekeeperStatusCode::STATUS_OK, response.retry_timeout, {}});
+ }
return {};
}
Return<void> TrustyGateKeeperDevice::deleteAllUsers(deleteAllUsers_cb _hidl_cb) {
- _hidl_cb({GatekeeperStatusCode::ERROR_NOT_IMPLEMENTED, 0, {}});
+ if (error_ != 0) {
+ _hidl_cb({GatekeeperStatusCode::ERROR_GENERAL_FAILURE, 0, {}});
+ return {};
+ }
+
+ DeleteAllUsersRequest request;
+ DeleteAllUsersResponse response;
+ auto error = Send(request, &response);
+
+ if (error != ERROR_NONE) {
+ _hidl_cb({GatekeeperStatusCode::ERROR_GENERAL_FAILURE, 0, {}});
+ } else if (response.error == ERROR_NOT_IMPLEMENTED) {
+ _hidl_cb({GatekeeperStatusCode::ERROR_NOT_IMPLEMENTED, 0, {}});
+ } else if (response.error != ERROR_NONE) {
+ _hidl_cb({GatekeeperStatusCode::ERROR_GENERAL_FAILURE, 0, {}});
+ } else {
+ _hidl_cb({GatekeeperStatusCode::STATUS_OK, response.retry_timeout, {}});
+ }
+
return {};
}
diff --git a/trusty/gatekeeper/trusty_gatekeeper.h b/trusty/gatekeeper/trusty_gatekeeper.h
index c0713f4..420dd7a 100644
--- a/trusty/gatekeeper/trusty_gatekeeper.h
+++ b/trusty/gatekeeper/trusty_gatekeeper.h
@@ -81,6 +81,15 @@
return Send(GK_VERIFY, request, response);
}
+ gatekeeper_error_t Send(const DeleteUserRequest& request, DeleteUserResponse* response) {
+ return Send(GK_DELETE_USER, request, response);
+ }
+
+ gatekeeper_error_t Send(const DeleteAllUsersRequest& request,
+ DeleteAllUsersResponse* response) {
+ return Send(GK_DELETE_ALL_USERS, request, response);
+ }
+
int error_;
};
diff --git a/trusty/keymaster/3.0/TrustyKeymaster3Device.cpp b/trusty/keymaster/3.0/TrustyKeymaster3Device.cpp
index 7184e4d..d787f7a 100644
--- a/trusty/keymaster/3.0/TrustyKeymaster3Device.cpp
+++ b/trusty/keymaster/3.0/TrustyKeymaster3Device.cpp
@@ -276,7 +276,7 @@
ImportKeyRequest request(impl_->message_version());
request.key_description.Reinitialize(KmParamSet(params));
request.key_format = legacy_enum_conversion(keyFormat);
- request.SetKeyMaterial(keyData.data(), keyData.size());
+ request.key_data = KeymasterKeyBlob(keyData.data(), keyData.size());
ImportKeyResponse response(impl_->message_version());
impl_->ImportKey(request, &response);
diff --git a/trusty/keymaster/4.0/TrustyKeymaster4Device.cpp b/trusty/keymaster/4.0/TrustyKeymaster4Device.cpp
index 73ad6ae..e68ba82 100644
--- a/trusty/keymaster/4.0/TrustyKeymaster4Device.cpp
+++ b/trusty/keymaster/4.0/TrustyKeymaster4Device.cpp
@@ -391,7 +391,7 @@
ImportKeyRequest request(impl_->message_version());
request.key_description.Reinitialize(KmParamSet(params));
request.key_format = legacy_enum_conversion(keyFormat);
- request.SetKeyMaterial(keyData.data(), keyData.size());
+ request.key_data = KeymasterKeyBlob(keyData.data(), keyData.size());
ImportKeyResponse response(impl_->message_version());
impl_->ImportKey(request, &response);
diff --git a/trusty/trusty-base.mk b/trusty/trusty-base.mk
index fd8daa8..12521b0 100644
--- a/trusty/trusty-base.mk
+++ b/trusty/trusty-base.mk
@@ -24,7 +24,8 @@
PRODUCT_PACKAGES += \
android.hardware.keymaster@4.0-service.trusty \
- android.hardware.gatekeeper@1.0-service.trusty
+ android.hardware.gatekeeper@1.0-service.trusty \
+ trusty_apploader
PRODUCT_PROPERTY_OVERRIDES += \
ro.hardware.keystore=trusty \