Merge "Clean up some unneeded non-neon support."
diff --git a/debuggerd/debuggerd_test.cpp b/debuggerd/debuggerd_test.cpp
index c08721b..9c1b136 100644
--- a/debuggerd/debuggerd_test.cpp
+++ b/debuggerd/debuggerd_test.cpp
@@ -445,6 +445,8 @@
ASSERT_MATCH(result, "memory near x0 \\(\\[anon:");
#elif defined(__arm__)
ASSERT_MATCH(result, "memory near r0 \\(\\[anon:");
+#elif defined(__riscv)
+ ASSERT_MATCH(result, "memory near a0 \\(\\[anon:");
#elif defined(__x86_64__)
ASSERT_MATCH(result, "memory near rdi \\(\\[anon:");
#else
diff --git a/debuggerd/libdebuggerd/tombstone.cpp b/debuggerd/libdebuggerd/tombstone.cpp
index e5b4d74..375ed8a 100644
--- a/debuggerd/libdebuggerd/tombstone.cpp
+++ b/debuggerd/libdebuggerd/tombstone.cpp
@@ -77,9 +77,9 @@
.registers = std::move(regs), .uid = uid, .tid = target_tid,
.thread_name = std::move(thread_name), .pid = pid, .command_line = std::move(command_line),
.selinux_label = std::move(selinux_label), .siginfo = siginfo,
-#if defined(__aarch64__)
// Only supported on aarch64 for now.
- .tagged_addr_ctrl = prctl(PR_GET_TAGGED_ADDR_CTRL, 0, 0, 0, 0),
+#if defined(__aarch64__)
+ .tagged_addr_ctrl = prctl(PR_GET_TAGGED_ADDR_CTRL, 0, 0, 0, 0),
.pac_enabled_keys = prctl(PR_PAC_GET_ENABLED_KEYS, 0, 0, 0, 0),
#endif
};
@@ -88,7 +88,6 @@
if (target_tid == tid) {
return;
}
- async_safe_format_log(ANDROID_LOG_ERROR, LOG_TAG, "Adding thread %d", tid);
threads[tid] = ThreadInfo{
.uid = thread.uid,
.tid = tid,
diff --git a/fs_mgr/fs_mgr.cpp b/fs_mgr/fs_mgr.cpp
index 27137a2..1c1ab48 100644
--- a/fs_mgr/fs_mgr.cpp
+++ b/fs_mgr/fs_mgr.cpp
@@ -2191,36 +2191,22 @@
std::vector<std::string> tokens = android::base::Split(target.data, " \t\r\n");
if (tokens[0] != "0" && tokens[0] != "1") {
LOG(WARNING) << "Unrecognized device mapper version in " << target.data;
- return {};
}
// Hashtree algorithm & root digest are the 8th & 9th token in the output.
- return HashtreeInfo{.algorithm = android::base::Trim(tokens[7]),
- .root_digest = android::base::Trim(tokens[8])};
+ return HashtreeInfo{
+ .algorithm = android::base::Trim(tokens[7]),
+ .root_digest = android::base::Trim(tokens[8]),
+ .check_at_most_once = target.data.find("check_at_most_once") != std::string::npos};
}
return {};
}
bool fs_mgr_verity_is_check_at_most_once(const android::fs_mgr::FstabEntry& entry) {
- if (!entry.fs_mgr_flags.avb) {
- return false;
- }
-
- DeviceMapper& dm = DeviceMapper::Instance();
- std::string device = GetVerityDeviceName(entry);
-
- std::vector<DeviceMapper::TargetInfo> table;
- if (dm.GetState(device) == DmDeviceState::INVALID || !dm.GetTableInfo(device, &table)) {
- return false;
- }
- for (const auto& target : table) {
- if (strcmp(target.spec.target_type, "verity") == 0 &&
- target.data.find("check_at_most_once") != std::string::npos) {
- return true;
- }
- }
- return false;
+ auto hashtree_info = fs_mgr_get_hashtree_info(entry);
+ if (!hashtree_info) return false;
+ return hashtree_info->check_at_most_once;
}
std::string fs_mgr_get_super_partition_name(int slot) {
diff --git a/fs_mgr/include/fs_mgr.h b/fs_mgr/include/fs_mgr.h
index 29a5e60..43de6d8 100644
--- a/fs_mgr/include/fs_mgr.h
+++ b/fs_mgr/include/fs_mgr.h
@@ -71,6 +71,8 @@
std::string algorithm;
// The root digest of the merkle tree.
std::string root_digest;
+ // If check_at_most_once is enabled.
+ bool check_at_most_once;
};
// fs_mgr_mount_all() updates fstab entries that reference device-mapper.
diff --git a/init/builtins.cpp b/init/builtins.cpp
index c8cb253..7cb8b11 100644
--- a/init/builtins.cpp
+++ b/init/builtins.cpp
@@ -879,6 +879,8 @@
SetProperty("partition." + partition + ".verified.hash_alg", hashtree_info->algorithm);
SetProperty("partition." + partition + ".verified.root_digest",
hashtree_info->root_digest);
+ SetProperty("partition." + partition + ".verified.check_at_most_once",
+ hashtree_info->check_at_most_once ? "1" : "0");
}
}
diff --git a/init/init.cpp b/init/init.cpp
index 4ca351c..57397b5 100644
--- a/init/init.cpp
+++ b/init/init.cpp
@@ -747,6 +747,9 @@
do {
ssize_t bytes_read = TEMP_FAILURE_RETRY(read(signal_fd, &siginfo, sizeof(siginfo)));
if (bytes_read < 0 && errno == EAGAIN) {
+ if (one_off) {
+ return;
+ }
auto now = std::chrono::steady_clock::now();
std::chrono::duration<double> waited = now - started;
if (waited >= kDiagnosticTimeout) {
@@ -772,7 +775,7 @@
HandleSigtermSignal(siginfo);
break;
default:
- PLOG(ERROR) << "signal_fd: received unexpected signal " << siginfo.ssi_signo;
+ LOG(ERROR) << "signal_fd: received unexpected signal " << siginfo.ssi_signo;
break;
}
}
diff --git a/init/security.cpp b/init/security.cpp
index 0e9f6c2..2ecf687 100644
--- a/init/security.cpp
+++ b/init/security.cpp
@@ -116,6 +116,13 @@
if (SetMmapRndBitsMin(33, 24, false) && (!Has32BitAbi() || SetMmapRndBitsMin(16, 16, true))) {
return {};
}
+#elif defined(__riscv)
+ // TODO: sv48 and sv57 were both added to the kernel this year, so we
+ // probably just need some kernel fixes to enable higher ASLR randomization,
+ // but for now 24 is the maximum that the kernel supports.
+ if (SetMmapRndBitsMin(24, 18, false)) {
+ return {};
+ }
#elif defined(__x86_64__)
// x86_64 supports 28 - 32 rnd bits, but Android wants to ensure that the
// theoretical maximum of 32 bits is always supported and used.
diff --git a/init/service.cpp b/init/service.cpp
index 331cd88..caa9095 100644
--- a/init/service.cpp
+++ b/init/service.cpp
@@ -507,7 +507,7 @@
// Enters namespaces, sets environment variables, writes PID files and runs the service executable.
void Service::RunService(const std::vector<Descriptor>& descriptors,
- InterprocessFifo cgroups_activated) {
+ InterprocessFifo cgroups_activated, InterprocessFifo setsid_finished) {
if (auto result = EnterNamespaces(namespaces_, name_, mount_namespace_); !result.ok()) {
LOG(FATAL) << "Service '" << name_ << "' failed to set up namespaces: " << result.error();
}
@@ -557,6 +557,12 @@
// priority. Aborts on failure.
SetProcessAttributesAndCaps();
+ // If SetProcessAttributes() called setsid(), report this to the parent.
+ if (!proc_attr_.console.empty()) {
+ setsid_finished.Write(2);
+ }
+ setsid_finished.Close();
+
if (!ExpandArgsAndExecv(args_, sigstop_)) {
PLOG(ERROR) << "cannot execv('" << args_[0]
<< "'). See the 'Debugging init' section of init's README.md for tips";
@@ -598,7 +604,7 @@
return {};
}
- InterprocessFifo cgroups_activated;
+ InterprocessFifo cgroups_activated, setsid_finished;
if (Result<void> result = cgroups_activated.Initialize(); !result.ok()) {
return result;
@@ -608,6 +614,13 @@
return result;
}
+ // Only check proc_attr_.console after the CheckConsole() call.
+ if (!proc_attr_.console.empty()) {
+ if (Result<void> result = setsid_finished.Initialize(); !result.ok()) {
+ return result;
+ }
+ }
+
struct stat sb;
if (stat(args_[0].c_str(), &sb) == -1) {
flags_ |= SVC_DISABLED;
@@ -661,10 +674,12 @@
if (pid == 0) {
umask(077);
cgroups_activated.CloseWriteFd();
- RunService(descriptors, std::move(cgroups_activated));
+ setsid_finished.CloseReadFd();
+ RunService(descriptors, std::move(cgroups_activated), std::move(setsid_finished));
_exit(127);
} else {
cgroups_activated.CloseReadFd();
+ setsid_finished.CloseWriteFd();
}
if (pid < 0) {
@@ -721,6 +736,23 @@
return Error() << "Sending cgroups activated notification failed: " << result.error();
}
+ // Call setpgid() from the parent process to make sure that this call has
+ // finished before the parent process calls kill(-pgid, ...).
+ if (proc_attr_.console.empty()) {
+ if (setpgid(pid, pid) == -1) {
+ return ErrnoError() << "setpgid failed";
+ }
+ } else {
+ // The Read() call below will return an error if the child is killed.
+ if (Result<uint8_t> result = setsid_finished.Read(); !result.ok() || *result != 2) {
+ if (!result.ok()) {
+ return Error() << "Waiting for setsid() failed: " << result.error();
+ } else {
+ return Error() << "Waiting for setsid() failed: " << *result << " <> 2";
+ }
+ }
+ }
+
NotifyStateChange("running");
reboot_on_failure.Disable();
return {};
diff --git a/init/service.h b/init/service.h
index b2c9909..10a0790 100644
--- a/init/service.h
+++ b/init/service.h
@@ -155,7 +155,8 @@
void ResetFlagsForStart();
Result<void> CheckConsole();
void ConfigureMemcg();
- void RunService(const std::vector<Descriptor>& descriptors, InterprocessFifo cgroups_activated);
+ void RunService(const std::vector<Descriptor>& descriptors, InterprocessFifo cgroups_activated,
+ InterprocessFifo setsid_finished);
void SetMountNamespace();
static unsigned long next_start_order_;
static bool is_exec_service_running_;
diff --git a/init/service_utils.cpp b/init/service_utils.cpp
index a14969e..56a80b5 100644
--- a/init/service_utils.cpp
+++ b/init/service_utils.cpp
@@ -244,7 +244,11 @@
setsid();
OpenConsole(attr.console);
} else {
- if (setpgid(0, getpid()) == -1) {
+ // Without PID namespaces, this call duplicates the setpgid() call from
+ // the parent process. With PID namespaces, this setpgid() call sets the
+ // process group ID for a child of the init process in the PID
+ // namespace.
+ if (setpgid(0, 0) == -1) {
return ErrnoError() << "setpgid failed";
}
SetupStdio(attr.stdio_to_kmsg);
diff --git a/init/sigchld_handler.cpp b/init/sigchld_handler.cpp
index 6fc64df..f8c501f 100644
--- a/init/sigchld_handler.cpp
+++ b/init/sigchld_handler.cpp
@@ -24,6 +24,7 @@
#include <unistd.h>
#include <android-base/chrono_utils.h>
+#include <android-base/file.h>
#include <android-base/logging.h>
#include <android-base/scopeguard.h>
#include <android-base/stringprintf.h>
@@ -36,6 +37,7 @@
using android::base::boot_clock;
using android::base::make_scope_guard;
+using android::base::ReadFileToString;
using android::base::StringPrintf;
using android::base::Timer;
@@ -51,8 +53,13 @@
return 0;
}
- auto pid = siginfo.si_pid;
- if (pid == 0) return 0;
+ const pid_t pid = siginfo.si_pid;
+ if (pid == 0) {
+ DCHECK_EQ(siginfo.si_signo, 0);
+ return 0;
+ }
+
+ DCHECK_EQ(siginfo.si_signo, SIGCHLD);
// At this point we know we have a zombie pid, so we use this scopeguard to reap the pid
// whenever the function returns from this point forward.
@@ -132,6 +139,11 @@
}
LOG(INFO) << "Waiting for " << pids.size() << " pids to be reaped took " << t << " with "
<< alive_pids.size() << " of them still running";
+ for (pid_t pid : pids) {
+ std::string status = "(no-such-pid)";
+ ReadFileToString(StringPrintf("/proc/%d/status", pid), &status);
+ LOG(INFO) << "Still running: " << pid << ' ' << status;
+ }
}
} // namespace init
diff --git a/init/subcontext.h b/init/subcontext.h
index 8acc032..93ebace 100644
--- a/init/subcontext.h
+++ b/init/subcontext.h
@@ -36,8 +36,10 @@
class Subcontext {
public:
- Subcontext(std::vector<std::string> path_prefixes, std::string context, bool host = false)
- : path_prefixes_(std::move(path_prefixes)), context_(std::move(context)), pid_(0) {
+ Subcontext(std::vector<std::string> path_prefixes, std::string_view context, bool host = false)
+ : path_prefixes_(std::move(path_prefixes)),
+ context_(context.begin(), context.end()),
+ pid_(0) {
if (!host) {
Fork();
}
diff --git a/rootdir/init.rc b/rootdir/init.rc
index ec760d3..123148e 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -952,9 +952,10 @@
mkdir /data_mirror/data_de/null 0700 root root
# Bind mount CE and DE data directory to mirror's default volume directory.
- # The 'slave' option (MS_SLAVE) is needed to cause the later bind mount of
- # /data/data onto /data/user/0 to propagate to /data_mirror/data_ce/null/0.
- mount none /data/user /data_mirror/data_ce/null bind rec slave
+ # Note that because the /data mount has the "shared" propagation type, the
+ # later bind mount of /data/data onto /data/user/0 will automatically
+ # propagate to /data_mirror/data_ce/null/0 as well.
+ mount none /data/user /data_mirror/data_ce/null bind rec
mount none /data/user_de /data_mirror/data_de/null bind rec
# Create mirror directory for jit profiles
@@ -1037,6 +1038,9 @@
# Enable FUSE by default
setprop persist.sys.fuse true
+ # Update dm-verity state and set partition.*.verified properties.
+ verity_update_state
+
# It is recommended to put unnecessary data/ initialization from post-fs-data
# to start-zygote in device's init.rc to unblock zygote start.
on zygote-start && property:ro.crypto.state=unencrypted
@@ -1175,9 +1179,6 @@
# Define default initial receive window size in segments.
setprop net.tcp_def_init_rwnd 60
- # Update dm-verity state and set partition.*.verified properties.
- verity_update_state
-
# Start standard binderized HAL daemons
class_start hal