Merge "Add TEST_MAPPING files."
diff --git a/fastboot/constants.h b/fastboot/constants.h
index f6fc74e..ad169d1 100644
--- a/fastboot/constants.h
+++ b/fastboot/constants.h
@@ -64,6 +64,7 @@
#define FB_VAR_SLOT_UNBOOTABLE "slot-unbootable"
#define FB_VAR_IS_LOGICAL "is-logical"
#define FB_VAR_IS_USERSPACE "is-userspace"
+#define FB_VAR_IS_FORCE_DEBUGGABLE "is-force-debuggable"
#define FB_VAR_HW_REVISION "hw-revision"
#define FB_VAR_VARIANT "variant"
#define FB_VAR_OFF_MODE_CHARGE_STATE "off-mode-charge"
diff --git a/fastboot/device/commands.cpp b/fastboot/device/commands.cpp
index f8befd3..e929f42 100644
--- a/fastboot/device/commands.cpp
+++ b/fastboot/device/commands.cpp
@@ -131,6 +131,7 @@
{FB_VAR_PARTITION_TYPE, {GetPartitionType, GetAllPartitionArgsWithSlot}},
{FB_VAR_IS_LOGICAL, {GetPartitionIsLogical, GetAllPartitionArgsWithSlot}},
{FB_VAR_IS_USERSPACE, {GetIsUserspace, nullptr}},
+ {FB_VAR_IS_FORCE_DEBUGGABLE, {GetIsForceDebuggable, nullptr}},
{FB_VAR_OFF_MODE_CHARGE_STATE, {GetOffModeChargeState, nullptr}},
{FB_VAR_BATTERY_VOLTAGE, {GetBatteryVoltage, nullptr}},
{FB_VAR_BATTERY_SOC_OK, {GetBatterySoCOk, nullptr}},
diff --git a/fastboot/device/variables.cpp b/fastboot/device/variables.cpp
index 5f99656..d2a7947 100644
--- a/fastboot/device/variables.cpp
+++ b/fastboot/device/variables.cpp
@@ -379,6 +379,12 @@
return true;
}
+bool GetIsForceDebuggable(FastbootDevice* /* device */, const std::vector<std::string>& /* args */,
+ std::string* message) {
+ *message = android::base::GetBoolProperty("ro.force.debuggable", false) ? "yes" : "no";
+ return true;
+}
+
std::vector<std::vector<std::string>> GetAllPartitionArgsWithSlot(FastbootDevice* device) {
std::vector<std::vector<std::string>> args;
auto partitions = ListPartitions(device);
diff --git a/fastboot/device/variables.h b/fastboot/device/variables.h
index aa4d9fc..3b2d484 100644
--- a/fastboot/device/variables.h
+++ b/fastboot/device/variables.h
@@ -54,6 +54,8 @@
std::string* message);
bool GetIsUserspace(FastbootDevice* device, const std::vector<std::string>& args,
std::string* message);
+bool GetIsForceDebuggable(FastbootDevice* device, const std::vector<std::string>& args,
+ std::string* message);
bool GetHardwareRevision(FastbootDevice* device, const std::vector<std::string>& args,
std::string* message);
bool GetVariant(FastbootDevice* device, const std::vector<std::string>& args, std::string* message);
diff --git a/fs_mgr/fs_mgr_remount.cpp b/fs_mgr/fs_mgr_remount.cpp
index 3f14d6a..23bc8e8 100644
--- a/fs_mgr/fs_mgr_remount.cpp
+++ b/fs_mgr/fs_mgr_remount.cpp
@@ -479,19 +479,24 @@
// Disable verity.
auto verity_result = SetVerityState(false /* enable_verity */);
- if (!verity_result.success) {
- return false;
+
+ // Treat error as fatal and suggest reboot only if verity is enabled.
+ // TODO(b/260041315): We check the device mapper for any "<partition>-verity" device present
+ // instead of checking ro.boot.veritymode because emulator has incorrect property value.
+ bool must_disable_verity = false;
+ for (const auto& partition : partitions) {
+ if (fs_mgr_is_verity_enabled(partition)) {
+ must_disable_verity = true;
+ break;
+ }
}
- if (verity_result.want_reboot) {
- // TODO(b/259207493): emulator has incorrect androidboot.veritymode value, causing
- // .want_reboot to always be true. In order to workaround this, double check device mapper
- // to see if verity is already disabled.
- for (const auto& partition : partitions) {
- if (fs_mgr_is_verity_enabled(partition)) {
- check_result->reboot_later = true;
- check_result->disabled_verity = true;
- break;
- }
+ if (must_disable_verity) {
+ if (!verity_result.success) {
+ return false;
+ }
+ if (verity_result.want_reboot) {
+ check_result->reboot_later = true;
+ check_result->disabled_verity = true;
}
}
diff --git a/fs_mgr/tests/adb-remount-test.sh b/fs_mgr/tests/adb-remount-test.sh
index 68f8152..c87e564 100755
--- a/fs_mgr/tests/adb-remount-test.sh
+++ b/fs_mgr/tests/adb-remount-test.sh
@@ -1422,9 +1422,12 @@
LOG RUN "flash vendor, and confirm vendor override disappears"
is_bootloader_fastboot=true
-# cuttlefish?
-[[ "$(get_property ro.product.vendor.device)" == vsoc_* ]] &&
- is_bootloader_fastboot=false
+# virtual device?
+case "$(get_property ro.product.vendor.device)" in
+ vsoc_* | emulator_* | emulator64_*)
+ is_bootloader_fastboot=false
+ ;;
+esac
is_userspace_fastboot=false
if ! ${is_bootloader_fastboot}; then
diff --git a/init/init_test.cpp b/init/init_test.cpp
index 0ca791e..7bad6fd 100644
--- a/init/init_test.cpp
+++ b/init/init_test.cpp
@@ -194,6 +194,10 @@
}
TEST(init, StartConsole) {
+ // Two different failures have been observed for this test: (1) No
+ // permission to open /dev/console and (2) getsid() != pid. Skip this test
+ // until these failures have been root-caused and fixed.
+ GTEST_SKIP() << "This test needs to be improved";
std::string init_script = R"init(
service console /system/bin/sh
class core
diff --git a/init/service.cpp b/init/service.cpp
index 331cd88..ccc7191 100644
--- a/init/service.cpp
+++ b/init/service.cpp
@@ -16,6 +16,7 @@
#include "service.h"
+#include <errno.h>
#include <fcntl.h>
#include <inttypes.h>
#include <linux/securebits.h>
@@ -226,7 +227,7 @@
}
}
-void Service::SetProcessAttributesAndCaps() {
+void Service::SetProcessAttributesAndCaps(InterprocessFifo setsid_finished) {
// Keep capabilites on uid change.
if (capabilities_ && proc_attr_.uid) {
// If Android is running in a container, some securebits might already
@@ -241,7 +242,7 @@
}
}
- if (auto result = SetProcessAttributes(proc_attr_); !result.ok()) {
+ if (auto result = SetProcessAttributes(proc_attr_, std::move(setsid_finished)); !result.ok()) {
LOG(FATAL) << "cannot set attribute for " << name_ << ": " << result.error();
}
@@ -507,7 +508,7 @@
// Enters namespaces, sets environment variables, writes PID files and runs the service executable.
void Service::RunService(const std::vector<Descriptor>& descriptors,
- InterprocessFifo cgroups_activated) {
+ InterprocessFifo cgroups_activated, InterprocessFifo setsid_finished) {
if (auto result = EnterNamespaces(namespaces_, name_, mount_namespace_); !result.ok()) {
LOG(FATAL) << "Service '" << name_ << "' failed to set up namespaces: " << result.error();
}
@@ -534,7 +535,7 @@
LOG(ERROR) << name_ << ": failed to read from notification channel: " << byte.error();
}
cgroups_activated.Close();
- if (!*byte) {
+ if (*byte != kCgroupsActivated) {
LOG(FATAL) << "Service '" << name_ << "' failed to start due to a fatal error";
_exit(EXIT_FAILURE);
}
@@ -555,7 +556,7 @@
// As requested, set our gid, supplemental gids, uid, context, and
// priority. Aborts on failure.
- SetProcessAttributesAndCaps();
+ SetProcessAttributesAndCaps(std::move(setsid_finished));
if (!ExpandArgsAndExecv(args_, sigstop_)) {
PLOG(ERROR) << "cannot execv('" << args_[0]
@@ -598,11 +599,14 @@
return {};
}
- InterprocessFifo cgroups_activated;
-
- if (Result<void> result = cgroups_activated.Initialize(); !result.ok()) {
- return result;
- }
+ // cgroups_activated is used for communication from the parent to the child
+ // while setsid_finished is used for communication from the child process to
+ // the parent process. These two communication channels are separate because
+ // combining these into a single communication channel would introduce a
+ // race between the Write() calls by the parent and by the child.
+ InterprocessFifo cgroups_activated, setsid_finished;
+ OR_RETURN(cgroups_activated.Initialize());
+ OR_RETURN(setsid_finished.Initialize());
if (Result<void> result = CheckConsole(); !result.ok()) {
return result;
@@ -661,10 +665,12 @@
if (pid == 0) {
umask(077);
cgroups_activated.CloseWriteFd();
- RunService(descriptors, std::move(cgroups_activated));
+ setsid_finished.CloseReadFd();
+ RunService(descriptors, std::move(cgroups_activated), std::move(setsid_finished));
_exit(127);
} else {
cgroups_activated.CloseReadFd();
+ setsid_finished.CloseWriteFd();
}
if (pid < 0) {
@@ -693,7 +699,7 @@
limit_percent_ != -1 || !limit_property_.empty();
errno = -createProcessGroup(proc_attr_.uid, pid_, use_memcg);
if (errno != 0) {
- Result<void> result = cgroups_activated.Write(0);
+ Result<void> result = cgroups_activated.Write(kActivatingCgroupsFailed);
if (!result.ok()) {
return Error() << "Sending notification failed: " << result.error();
}
@@ -717,10 +723,39 @@
LmkdRegister(name_, proc_attr_.uid, pid_, oom_score_adjust_);
}
- if (Result<void> result = cgroups_activated.Write(1); !result.ok()) {
+ if (Result<void> result = cgroups_activated.Write(kCgroupsActivated); !result.ok()) {
return Error() << "Sending cgroups activated notification failed: " << result.error();
}
+ cgroups_activated.Close();
+
+ // Call setpgid() from the parent process to make sure that this call has
+ // finished before the parent process calls kill(-pgid, ...).
+ if (!RequiresConsole(proc_attr_)) {
+ if (setpgid(pid, pid) < 0) {
+ switch (errno) {
+ case EACCES: // Child has already performed setpgid() followed by execve().
+ case ESRCH: // Child process no longer exists.
+ break;
+ default:
+ PLOG(ERROR) << "setpgid() from parent failed";
+ }
+ }
+ } else {
+ // The Read() call below will return an error if the child is killed.
+ if (Result<uint8_t> result = setsid_finished.Read();
+ !result.ok() || *result != kSetSidFinished) {
+ if (!result.ok()) {
+ return Error() << "Waiting for setsid() failed: " << result.error();
+ } else {
+ return Error() << "Waiting for setsid() failed: " << static_cast<uint32_t>(*result)
+ << " <> " << static_cast<uint32_t>(kSetSidFinished);
+ }
+ }
+ }
+
+ setsid_finished.Close();
+
NotifyStateChange("running");
reboot_on_failure.Disable();
return {};
diff --git a/init/service.h b/init/service.h
index e7211ec..54bf638 100644
--- a/init/service.h
+++ b/init/service.h
@@ -151,11 +151,12 @@
void NotifyStateChange(const std::string& new_state) const;
void StopOrReset(int how);
void KillProcessGroup(int signal, bool report_oneshot = false);
- void SetProcessAttributesAndCaps();
+ void SetProcessAttributesAndCaps(InterprocessFifo setsid_finished);
void ResetFlagsForStart();
Result<void> CheckConsole();
void ConfigureMemcg();
- void RunService(const std::vector<Descriptor>& descriptors, InterprocessFifo cgroups_activated);
+ void RunService(const std::vector<Descriptor>& descriptors, InterprocessFifo cgroups_activated,
+ InterprocessFifo setsid_finished);
void SetMountNamespace();
static unsigned long next_start_order_;
static bool is_exec_service_running_;
diff --git a/init/service_utils.cpp b/init/service_utils.cpp
index 52e6615..15bf963 100644
--- a/init/service_utils.cpp
+++ b/init/service_utils.cpp
@@ -232,7 +232,7 @@
return {};
}
-Result<void> SetProcessAttributes(const ProcessAttributes& attr) {
+Result<void> SetProcessAttributes(const ProcessAttributes& attr, InterprocessFifo setsid_finished) {
if (attr.ioprio_class != IoSchedClass_NONE) {
if (android_set_ioprio(getpid(), attr.ioprio_class, attr.ioprio_pri)) {
PLOG(ERROR) << "failed to set pid " << getpid() << " ioprio=" << attr.ioprio_class
@@ -240,10 +240,16 @@
}
}
- if (!attr.console.empty()) {
+ if (RequiresConsole(attr)) {
setsid();
+ setsid_finished.Write(kSetSidFinished);
+ setsid_finished.Close();
OpenConsole(attr.console);
} else {
+ // Without PID namespaces, this call duplicates the setpgid() call from
+ // the parent process. With PID namespaces, this setpgid() call sets the
+ // process group ID for a child of the init process in the PID
+ // namespace.
if (setpgid(0, 0) == -1) {
return ErrnoError() << "setpgid failed";
}
diff --git a/init/service_utils.h b/init/service_utils.h
index 65a2012..d4143aa 100644
--- a/init/service_utils.h
+++ b/init/service_utils.h
@@ -26,12 +26,20 @@
#include <android-base/unique_fd.h>
#include <cutils/iosched_policy.h>
+#include "interprocess_fifo.h"
#include "mount_namespace.h"
#include "result.h"
namespace android {
namespace init {
+// Constants used by Service::Start() for communication between parent and child.
+enum ServiceCode : uint8_t {
+ kActivatingCgroupsFailed,
+ kCgroupsActivated,
+ kSetSidFinished,
+};
+
class Descriptor {
public:
Descriptor(const std::string& name, android::base::unique_fd fd)
@@ -89,7 +97,12 @@
int priority;
bool stdio_to_kmsg;
};
-Result<void> SetProcessAttributes(const ProcessAttributes& attr);
+
+inline bool RequiresConsole(const ProcessAttributes& attr) {
+ return !attr.console.empty();
+}
+
+Result<void> SetProcessAttributes(const ProcessAttributes& attr, InterprocessFifo setsid_finished);
Result<void> WritePidToFiles(std::vector<std::string>* files);
diff --git a/libutils/include/utils/RefBase.h b/libutils/include/utils/RefBase.h
index f3acd6f..5e3fa7d 100644
--- a/libutils/include/utils/RefBase.h
+++ b/libutils/include/utils/RefBase.h
@@ -210,6 +210,7 @@
#include <atomic>
#include <functional>
+#include <memory>
#include <type_traits> // for common_type.
#include <stdint.h>
diff --git a/property_service/libpropertyinfoserializer/property_info_serializer_test.cpp b/property_service/libpropertyinfoserializer/property_info_serializer_test.cpp
index 77cbdd4..a484441 100644
--- a/property_service/libpropertyinfoserializer/property_info_serializer_test.cpp
+++ b/property_service/libpropertyinfoserializer/property_info_serializer_test.cpp
@@ -399,7 +399,6 @@
{"dalvik.vm.lockprof.threshold", "u:object_r:dalvik_prop:s0"},
{"dalvik.vm.stack-trace-file", "u:object_r:dalvik_prop:s0"},
{"dalvik.vm.usejit", "u:object_r:dalvik_prop:s0"},
- {"dalvik.vm.usejitprofiles", "u:object_r:dalvik_prop:s0"},
{"debug.atrace.tags.enableflags", "u:object_r:debug_prop:s0"},
{"debug.force_rtl", "u:object_r:debug_prop:s0"},
{"dev.bootcomplete", "u:object_r:system_prop:s0"},