Add seinfo paramater to appropriate make directory
functions. This allows proper labeling for multi-user
scenarios.
Change-Id: Iaba7c40645bc7b6cc823d613da0c3782acf6ddd5
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
Restarting installd upon policy reloads has reportedly caused
stability problems for some users. Stop restarting installd
and instead handle policy reloads within it.
Change-Id: I697a736d8e414cfc6cfa131ed7b97c7f7694d022
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
this is the first step of a series of improvements to
BufferQueue. A few things happen in this change:
- setSynchronousMode() goes away as well as the SynchronousModeAllowed flag
- BufferQueue now defaults to (what used to be) synchronous mode
- a new "controlled by app" flag is passed when creating consumers and producers
those flags are used to put the BufferQueue in a mode where it
will never block if both flags are set. This is achieved by:
- returning an error from dequeueBuffer() if it would block
- making sure a buffer is always available by replacing
the previous buffer with the new one in queueBuffer()
(note: this is similar to what asynchrnous mode used to be)
Note: in this change EGL's swap-interval 0 is broken; this will be
fixed in another change.
Change-Id: I691f9507d6e2e158287e3039f2a79a4d4434211d
This is a duplicate of the associated human-readable dumps
of these services, but much better for automated parsing.
Change-Id: I902b768b03aeac1472f03f96913f9b8ada5dba9c
When dumpstate ignores SIGPIPE it can lead to a cascade of tombstones /
coredumps since many of its children don't handle or ignore it. It's
best to just exit dumpstate once the pipe is broken.
Change-Id: Ic0c57ecf4171f0c0a07837e51c41cb1876e1350c
...app storage size for apps w/ .so files
The lib directories are tagged with the apk install number,
so must be explicitly passed down to installd.
Change-Id: Iae8815afd6ba964f5b2ed86a0d04a91827391ed6
Set the security context on the directory used
to dump Dalvik and native stack traces.
Change-Id: Iba13783f10e850485ce1a8d4aa5792d55085eb22
Signed-off-by: Robert Craig <rpcraig@tycho.ncsc.mil>
This change adds support for the -a command line argument to atrace. This
argument sets the comma separated list of application names (i.e.
/proc/self/cmdline values) for which to enable application-level tracing.
Change-Id: I812d57c4cdc581943247229413f09b7e1adc10d0
This patch set allows the PMS to parse the
mac_permissions.xml file which contains the
seinfo values. Each package that is installed
on the device will be assigned an seinfo value
based on policy. This seinfo value will help label
the app process and data directory. Modifications
include adjustments to ApplicationInfo.java
to store the seinfo tag per package as well as
adjustments to installd to communicate the seinfo
tag to libselinux.
Change-Id: I61ad1ea12fb6a9a6d0b108ec163bc4bf4c954b58
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
This change adds support for tracing specific kernel function calls using the
function_graph tracer. It adds a '-k' option to atrace that accepts a comma
separated list of kernel function names for which tracing will be enabled.
Change-Id: I872b2f1d474b8ebb904053853fc8cf8c0a98089c
Add flag that sends BUGREPORT_FINISHED broadcast when dumpstate
is finished, including the resulting filesystem paths. Also reduces
directory creation to 0770.
Bug: 7005318
Change-Id: Id4c6b699a56f8acd859b7ab73368500e1a8f3c67
Use prctl(PR_SET_PDEATHSIG, SIGKILL) in each forked child to ensure
it dies when dumpstate dies.
This is important for two cases:
- dumpstate runs a timer for each child process. On expiration, it
sends SIGTERM to kill the process. Sometimes SIGTERM isn't enough
to kill a hung process, so the child lives on.
- When dumpstate is killed by the user before completing, outstanding
children continue to run and generate output.
Change-Id: I96e0dc918c26d56c9fee53611980ba2edd238712
User builds do not have su, so when the bugreport attempts to report
disk free space, the command fails and nothing is reported. However,
the df command does not need to be run as root to report free space,
so just run the command directly.
Change-Id: Ic7deb696f293e772ddf28eacfe16e4250af9a9f3
This change adds a GPU benchmark named 'flatland' that is intended to measure
GPU performance of UI rendering and compositing scenarios at a fixed a clock
frequency. This initial version includes only window compositing scenarios.
Change-Id: I5577863aa3be5c6da8b49cb5d53cc49dec2f7081
Have installd set an app's home directory permissions to
0700 if the app has targetSdkVersion > 17.
Bug: 7208882
Change-Id: Iaa4fc42fec69bc1abdfae53704d6264dd6fa965f
This change switches atrace to use a table-driven approach to enabling and
disabling options. It unifies how framework and kernel tracing are enabled,
and causes userland tracing options to be picked up by currently running
processes.
Change-Id: Iba2a3012ca0a67c4defdd076bce597db26e9f539
setfilecon is not required on libsymlinks when target
doesn't exist. A bootloop is caused without this
change.
Change-Id: Ia895d9063f42885a3db6e8ca30cee5dceb8c1bac
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
for_each_pid only finds processes and not their threads. Add
for_each_tid and call it for show_wchan so we can see where all
threads are blocked in the kernel.
Change-Id: Iffb59f7c2933cecf51cdd358a36e19932c2f24c7
Dump /d/extfrag/unusable_index in bugreports. It shows the
percentage of memory in each zone that is not available for
allocations for each order.
Change-Id: I2af6680cb609887ea7b3d6107d1aa88bd0206b52
This change makes enabling clock tracing and bus bandwidth tracing depend on
whether the device's kernel supports these features. If it's not supported it
will be skipped.
Change-Id: I51d57299693635b0ecebb75de5dccd5b62d47be3
This change allows atrace to be run on a user build, where it is not run as
root. Some command line options still require root, and atrace will refuse to
run if those options are specified when run as non-root.
Bug: 6513400
Change-Id: I29984cb8a7c3ad80ba5fa6b031ed8ff81acabacf
When "adb bugreport" was run on previous adb releases, it
called "adb shell dumpstate". In later versions of Android,
this was changed to "adb shell bugreport", which starts
the dumpstate service.
Modify the dumpstate command so that it calls bugreport
when it's not running as root. This allows both
"adb shell dumpstate" and "adb shell bugreport" to have
the exact same output.
Bug: 6391938
Change-Id: Ia32bb9ebc579db3bee7caa0fe66dc3f124d60a12
The newer kernels now have /proc/net/xt_qtaguid/iface_stat_fmt.
Add the extra iptables output and remove ip6tables for nat which doesn't
exist.
Change-Id: I819c707b337a707ca0acd87d9ab38cd68ca0f36c
adb bugreport > b & sleep 5; kill $?
will show that a bunch of tools will SIGPIPE when trying to output data
which is normal.
We don't have a way on linux (bsd yes), to set NOSIGPIPE on the file desc
passed down via fork/exec.
Bug: 6447319
Change-Id: I25b30a823addcff89d252f162d0a07035d4fdd3f
This change adds the -z command line flag to atrace to enable support for
compressing the trace with zlib as it's printed to stdout.
Change-Id: I45301c63a4d1d388152244fec3c9e05e554598e8
This change allows atrace to run on kernels that do not have CPU frequency
interactive governor tracing enabled in the kernel.
Change-Id: Ibfde751da7b6cc9a55794355093a37feb28f5e52
The umask changed for init. We have to force /data/anr to be world
readble and /data/anr/traces.txt to be world writable so dalvik
processes can write to it.
Hopefully this is a short term change while we investigate tightening
up these permissions.
Bug: 6300296
Change-Id: Iacb4c9f1bc69d2ac679697f9cf9a52694f888489
This change adds two command line optiosn:
-b for setting the trace buffer size
-f for enabling tracing of the CPU frequency
-l for enabling tracing of the CPU load
Change-Id: Id99851a4c4eba5cfed218f29081e072bbe492133
This change makes the atrace module tag 'debug' so that the binary is
included in all debug builds.
Change-Id: I1fdb87be0461daf686e52ded04b37b9a122edea3
Services now must explicitly opt in to being accessed by isolated
processes. Currently only the activity manager and surface flinger
allow this. Activity manager is needed so that we can actually
bring up the process; SurfaceFlinger is needed to be able to get the
display information for creating the Configuration. The SurfaceFlinger
should be safe because the app doesn't have access to the window
manager so can't actually get a surface to do anything with.
The activity manager now protects most of its entry points against
isolated processes.
Change-Id: I0dad8cb2c873575c4c7659c3c2a7eda8e98f46b0
restore keystore reset behavior of removing master key.
otherwise after reboot keystore has is LOCKED and not UNINITIALIZED
cmds/keystore/keystore.cpp
when removing password, reset the keystore, so it doesn't remain
locked with a now bogus password.
core/java/com/android/internal/widget/LockPatternUtils.java
Change-Id: If5e0bb50b42599e9ca27a8b91d6cec12528419a1
Summary:
frameworks/base
keystore rewrite
keyguard integration with keystore on keyguard entry or keyguard change
KeyStore API simplification
packages/apps/Settings
Removed com.android.credentials.SET_PASSWORD intent support
Added keyguard requirement for keystore use
packages/apps/CertInstaller
Tracking KeyStore API changes
Fix for NPE in CertInstaller when certificate lacks basic constraints
packages/apps/KeyChain
Tracking KeyStore API changes
Details:
frameworks/base
Move keystore from C to C++ while rewriting password
implementation. Removed global variables. Added many comments.
cmds/keystore/Android.mk
cmds/keystore/keystore.h
cmds/keystore/keystore.c => cmds/keystore/keystore.cpp
cmds/keystore/keystore_cli.c => cmds/keystore/keystore_cli.cpp
Changed saveLockPattern and saveLockPassword to notify the keystore
on changes so that the keystore master key can be reencrypted when
the keyguard changes.
core/java/com/android/internal/widget/LockPatternUtils.java
Changed unlock screens to pass values for keystore unlock or initialization
policy/src/com/android/internal/policy/impl/PasswordUnlockScreen.java
policy/src/com/android/internal/policy/impl/PatternUnlockScreen.java
KeyStore API changes
- renamed test() to state(), which now return a State enum
- made APIs with byte[] key arguments private
- added new KeyStore.isEmpty used to determine if a keyguard is required
keystore/java/android/security/KeyStore.java
In addition to tracking KeyStore API changes, added new testIsEmpty
and improved some existing tests to validate expect values.
keystore/tests/src/android/security/KeyStoreTest.java
packages/apps/Settings
Removing com.android.credentials.SET_PASSWORD intent with the
removal of the ability to set an explicit keystore password now
that the keyguard value is used. Changed to ensure keyguard is
enabled for keystore install or unlock. Cleaned up interwoven
dialog handing into discrete dialog helper classes.
AndroidManifest.xml
src/com/android/settings/CredentialStorage.java
Remove layout for entering new password
res/layout/credentials_dialog.xml
Remove enable credentials checkbox
res/xml/security_settings_misc.xml
src/com/android/settings/SecuritySettings.java
Added ability to specify minimum quality key to ChooseLockGeneric
Activity. Used by CredentialStorage, but could also be used by
CryptKeeperSettings. Changed ChooseLockGeneric to understand
minimum quality for keystore in addition to DPM and device
encryption.
src/com/android/settings/ChooseLockGeneric.java
Changed to use getActivePasswordQuality from
getKeyguardStoredPasswordQuality based on experience in
CredentialStorage. Removed bogus class javadoc.
src/com/android/settings/CryptKeeperSettings.java
Tracking KeyStore API changes
src/com/android/settings/vpn/VpnSettings.java
src/com/android/settings/wifi/WifiSettings.java
Removing now unused string resources
res/values-af/strings.xml
res/values-am/strings.xml
res/values-ar/strings.xml
res/values-bg/strings.xml
res/values-ca/strings.xml
res/values-cs/strings.xml
res/values-da/strings.xml
res/values-de/strings.xml
res/values-el/strings.xml
res/values-en-rGB/strings.xml
res/values-es-rUS/strings.xml
res/values-es/strings.xml
res/values-fa/strings.xml
res/values-fi/strings.xml
res/values-fr/strings.xml
res/values-hr/strings.xml
res/values-hu/strings.xml
res/values-in/strings.xml
res/values-it/strings.xml
res/values-iw/strings.xml
res/values-ja/strings.xml
res/values-ko/strings.xml
res/values-lt/strings.xml
res/values-lv/strings.xml
res/values-ms/strings.xml
res/values-nb/strings.xml
res/values-nl/strings.xml
res/values-pl/strings.xml
res/values-pt-rPT/strings.xml
res/values-pt/strings.xml
res/values-rm/strings.xml
res/values-ro/strings.xml
res/values-ru/strings.xml
res/values-sk/strings.xml
res/values-sl/strings.xml
res/values-sr/strings.xml
res/values-sv/strings.xml
res/values-sw/strings.xml
res/values-th/strings.xml
res/values-tl/strings.xml
res/values-tr/strings.xml
res/values-uk/strings.xml
res/values-vi/strings.xml
res/values-zh-rCN/strings.xml
res/values-zh-rTW/strings.xml
res/values-zu/strings.xml
res/values/strings.xml
packages/apps/CertInstaller
Tracking KeyStore API changes
src/com/android/certinstaller/CertInstaller.java
Fix for NPE in CertInstaller when certificate lacks basic constraints
src/com/android/certinstaller/CredentialHelper.java
packages/apps/KeyChain
Tracking KeyStore API changes
src/com/android/keychain/KeyChainActivity.java
src/com/android/keychain/KeyChainService.java
support/src/com/android/keychain/tests/support/IKeyChainServiceTestSupport.aidl
support/src/com/android/keychain/tests/support/KeyChainServiceTestSupport.java
tests/src/com/android/keychain/tests/KeyChainServiceTest.java
Change-Id: Ic141fb5d4b43d12fe62cb1e29c7cbd891b4be35d
This seems simpler and more contained, and I think the comment explaining
why hoop-jumping is necessary is a bit clearer now.
Change-Id: Ief4afd7cbb42188ed835fce23e497520bdb753a8
To improve the security, the parameters to generate the master key has
been changed. Special cares has been taken to prevent from permanent
damages of the existing data during the transition process.
Change-Id: I0c93f3de28a9fcd314932675ccfb65a7f11fa3ff
moved surfaceflinger, audioflinger, cameraservice
all native services should now reside in this location.
Change-Id: Iee42b83dd2a94c3bf5107ab0895fe2dfcd5337a8
* Refactor netkeystore.c to make client and server code testable.
* Add a client test for setting new passwd and changing passwd.
* Exclude "." and ".." from reset_keystore().
* Change ServerCommand.executeCommand() to accept variable length of
arguments and add convert() to marshalling the args to bytes.
* Keystore.java is revised accordingly.
+ Use '\0' as the delimiter.
+ Allow whitespace character for keystore password.
In previous implementation, we use space as the delimiter. That
will stop user from using passphrase with whitespace character.
Merge commit '3383df385e208807b1dc5f2956f82a7f75f65fd8'
* commit '3383df385e208807b1dc5f2956f82a7f75f65fd8':
keystore: Provide a generic getter for native components.
1. the certtool.h is modified for avoiding the side effect,
for saving the configuration with wpa_supplicant.
2. put the loadLibrary back in CertTool.java
3. Fix incorrect JNI declarations.
1. Also change the keyname delimiter in CertTool.java.
2. Return NOTFOUND if the result.len==0 in the listKeys().
3. Define the keystore states in the class Keystore.
1. We will progressively migrate to this implementation.
2. For richc to have a quick review on the keymgmt part.
3. Add remove_key and make sure all functions are working.
4. Add permission check for get operation.
5. Return the retry count if unlock failed.
6. Add the reset operation for keystore reset.
7. Add the putfile shell command for putting the key value from file.
8. Fix the boundary issue during parsing command.
9. Use the ' ' as delimiter and reset the reply structure for each request.
10. Add change password retry count check.
11. Extract the read_marshal/write_marshal for certtool.h.
12. Remove the old implementation.
Merge commit 'db8a6ae6bbd8cbb17fb79085ffb9d3fc539fe5c2'
* commit 'db8a6ae6bbd8cbb17fb79085ffb9d3fc539fe5c2':
Provide the Keystore feature in the framework.
The keystore service is protected by the user 'keystore'. Only keystore
user/group can access the key content. All users are able to do the
following commands from shell as well:
listcerts
listuserkeys
installcert
removecert
installuserkey
removeuserkey
Merge commit '9681a5e06badbd817342e8f6be4ffbe9102c1e98'
* commit '9681a5e06badbd817342e8f6be4ffbe9102c1e98':
runtime: Add CAP_SYS_NICE to the system server capabilities list so it