Prevent apps from registering services without relying on selinux checks.
Bug: 29431260
Change-Id: I38c6e8bc7f7cba1cbd3568e8fed1ae7ac2054a9b
(cherry picked from commit f03ba2c0d878071603d73b7f8e9a4a468364ac27)
Expect the boot status explicitly as a parameter so that we do not
have to rely on dev.bootcomplete, which isn't meaningfully set
when the device needs the decryption screen on boot.
Bug: 23898216
Change-Id: I9b34298caf70b1e5d40970cc0d04c469016a80a7
Check dev.bootcomplete in dex2oat(). Use the information for
two changes.
Only switch to the background when we're post bootcomplete.
This will ensure better utilization after upgrades.
Add a second dex2oat-threads property that is used pre
bootcomplete. A separation of these phases allows using less
cores when the device is up, freeing up resources for other
purposes, e.g., avoid jank. The precedence during boot is the
boot property, or the image property if the former doesn't
exist, or the default property as a fallback.
Bug: 23898216
Bug: 24004256
Change-Id: I5063f3fc4b437cbe88c4e94584e01c1c78eccc4d
Also, move NetworkDiagnostics between the two runs of getting the
wifi counters, so we can see the effect on the counters of
sending our probe packets.
Bug: 23661687
Change-Id: I3f81c003a35f50ac1cb8e77d0a8c73dae4fd91f3
This maps a monotonic timestamp to the
corresponding real-time timestamp, which
can be used to match up the traces with
other logs that use real-time.
Also write clock_sync records first instead of at
the end, to avoid not being to write it due to the
buffer being full.
Bug: 23668823
Change-Id: I644aeea496197e194ec30f808f754e3e043d905f
(cherry pick from commit e3c4df96083231b519dad919fd0ed6624100b368)
- For those that are proud to call themselves logspam police
- Every time someone declares that something is too chatty, or that
they lost their logs because they were declared too chatty and
their associated logs were aggresively pruned we generally
ask them to report the logger statistics to pinpoint what software
product that is the elephant in the room.
- Every time we want to spawn a new 'stop being so spammy' bug spawned
off a bugreport collected for another purpose, we *wish* we had the
logger statistics to help add gravitas to the claim that some piece
of software is the top, or near the top, polluter.
Bug: 22351810
Change-Id: Ifae33cd21d0ae2917a3b4381502d723725b1701c
restorecon_data already iterates across all found users internally,
so we don't need to call it for each UID moved. In fact, this was a
bug that caused data for the owner to be relabeled when moving apps
back to internal storage.
Bug: 21813384
Change-Id: I5ba76d4f30d129365864c8a25b665f344b99a6b4
App movement now has three distinct stages: copying, scanning, and
cleanup. Previously, a battery pull late in the move process would
end up with packages.xml pointing at the old location which had been
torn down. Now, we update packages.xml to point at the new location
as the "source of truth" before we start deleting the old location.
Bug: 21831336
Change-Id: I62b8916c673265c240e2574ea968cdce5a7a0074
Previously installd removed the normal cache directory when delete_code_cache is
called. It should delete the code cache directory.
BUG=21206499
Change-Id: I5774430e389e22805fa7984b4c83420c3677ca75
Add the debug.gencfi system property that forces generation of
CFI data.
(cherry picked from commit 816243d470)
Bug: 21924613
Change-Id: Ida66f8c1567634d05cfdbba1a982be3684e94369
(cherry pick from commit f989162bb8)
Discover the logcat buffer size, divide by the worst storage
speed in kb/s, and multiply by ten to estimate the timeout in
ms for each named buffer. If that value is less than 20 seconds,
then select 20 seconds. Apply this to each logcat request.
Bug: 21555259
Change-Id: Id36aebff83cb06e94350e4a84fa266b66a8444fc
Bluedroid doesn't have much of a kernel component and no devices
expose a bluedroid node in debugfs.
Change-Id: I5600e88c543a109257d95591704a8f2a7261dfdc
Given a pair of absolute paths {from_path, to_path} , check that
they are both valid apk subpaths (eg. /data/app/package/foo) and
link(2) to_path to from_path. This is required by staged installs,
where we link existing apks and oat files to their staging location.
bug: 20889739
Change-Id: I3b5e3b43677af68be59308121a4409caaa6a72f0
The selinux_status_*() interfaces require calling selinux_status_open()
first. Since this was not being called by servicemanager, the
selinux_status_updated() call was always failing and servicemanager
was not reloading service_contexts upon a policy reload.
(cherrypicked from commit bea0746b24)
Change-Id: I6ac62e114bbca99c5f0999feb918fcde15009274
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Cherry-pick of c2c6ecd119 from AOSP
Tracing the state of the voltage and current regulators enables a developer
to attribute power consumption measurements to specific perhipherals and
cores. Unlike other indirect methods of tracing when peripherals and cores
are toggled, the regulator ftrace event indicates the exact point in time
when the kernel switches on or off the device. For example, in the following
trace, a developer can see exactly when the krait2 core starts receiving
power, and and when the voltage is set for voltage scaling.
mpdecision-2172 [000] ...1 1566.665481: regulator_enable: name=krait2
mpdecision-2172 [000] ...1 1566.665493: regulator_enable_delay: name=krait2
mpdecision-2172 [000] ...1 1566.665495: regulator_enable_complete: name=krait2
<...>-4133 [002] ...1 1566.666891: regulator_set_voltage: name=krait2 (1075000-1100000)
Change-Id: Ia322206ef74496daf1d9baa03545d8e89e398487
Signed-off-by: Aaron Schulman <aschulman@google.com>
We now move code under /data/app/com.example when a complete move
is requested. This really only works for new cluster-style installs
that also have native libraries and OAT contained inside.
Teach measuring code about cluster-style installs when measuring
app footprint. Also offer to measure private data space for all
users.
Bug: 19993667, 20275578
Change-Id: I6df7b947cb5cc8a4552f56f4b64a661e8512389f
New "mvuserdata" command will move all private app data from one
volume UUID to another. It leverages the existing "cp" toybox
command to do the heavy lifting for all known users, preserving
details like timestamps and permissions. It invokes restorecon()
to correctly label the new location when the copy is finished.
Changes installd to no longer drop capabilities, so we run as root
again. This also allows us to exec "cp" with CAP_DAC_OVERRIDE and
CAP_FOWNER still in effect.
Bug: 19993667
Change-Id: I1f407a7c4a1af97ca5afc27b04eb16b4936cbdef
We're now parsing and passing through volume UUIDs sent across the
command socket. The "!" argument value is treated as null, which
means internal storage.
Bug: 19993667
Change-Id: I17729a769ce687a2e94e85991a6338c77ded0b66
Teach free_cache() and restorecon_data() about building per-volume
paths. Also clean up restorecon_data() by using std::string when
building paths.
Clearer names for path building utility methods, and tests to verify.
Bug: 19993667
Change-Id: Iacfbcdaa5b901cc2490bc8eba366dfdeb44f1d93
Since app data paths can live on expanded storage devices, accept the
target volume UUID when building paths. The null UUID indicates the
default internal storage.
To improve readability, start using std::string in several places,
which throws when allocations fail. For now, perform last-second
sanity checks on incoming path arguments, but we'll eventually want
to check arguments as they come through installd.cpp, instead of
crashing the entire daemon.
Also remove "lib" symlink code from install() and make_user_data(),
since we're no longer supporting /data/app-lib. The framework
already uses linklib() to create the right symlink for the selected
ISA-specific library dir.
Bug: 19993667
Change-Id: Ib9343575ffb62bf3981e19375de8f3822fc31e28
This is the minimal change needed to switch it over to C++, which
paves the way for using more robust utilities like std::string.
Change-Id: I80ed6280146875eb6ddbbb340c05450388ca13f0
Apps on expanded storage live at /mnt/expand/<uuid>/app/com.example,
so we need to relax one more directory level.
Bug: 19993667
Change-Id: I347ec7b92435ea69e632ed5d5fdfabe38ce0b56e
Previously AID_INSTALL was used, which was causing permission denied errors
when PackageManager was trying to recursively rename staging directory
Bug: 19550105
Bug: 20087446
Change-Id: I3a9e3056c1fbc1ce0077a3ce52cf77ea6b5085ee