| Age | Commit message (Collapse) | Author |
|---|
|
Bug: 171854784
Test: Builds, Large sdcards formated as exfat if kernel supports it
Change-Id: Ie56b17f55f5027fdf714002b4c307603809fb707
|
|
* Prevents users from seeing this message in recovery:
`E:recvmsg failed (No buffer space available)`
* This is caused by volume_manager (our addition in recovery) and
hiding this error does not seem to have any negative side effect.
Change-Id: I0d65796961c3036289ed13c0b8949a27b5b97ad6
|
|
"LA.QSSI.12.0.r1-07600-qssi.0"
Change-Id: Iad9e2be9a76060a64223f9cddca8f5ae6b6eb952
|
|
Test: Boot DSU on a device without dynamic partitions but first_stage_mount for /system
Change-Id: I07f0f40037109aaaf1bce0151d1eac26c971ba9e
|
|
* This results in a metric ton of denials on some devices and
eats up valuable resources on boot, plus there's 0 need for it,
so kill it.
Change-Id: Ic52d5b3f06724430e9505345024cf0041b37ca49
|
|
Fastboot format fails to wipe any partition that doesn't at least return
"raw" partition type. Also both android.hardware.fastboot@1.0-impl.pixel
and android.hardware.fastboot@1.1-impl-mock return FileSystemType::RAW
so I assume this is fine.
Change-Id: I5707bddb1ba32edb6359858853d7b1afbf138b9f
|
|
Change-Id: Iaf5eb813e848ef05b1b455ebfe3643f4a8b4f80d
|
|
These aren't actually duplicate interfaces because we
are overriding the service so interfaces in the original
definition will never be used.
Test: Verify 'm dist' works without complaining about
duplicate interfaces.
Change-Id: Iab5e1d8bb4cb7d5b2608028c3cee73af94c47424
|
|
* Some (poorly written?) apps are continuously detected as Z state and
killed by llkd even though they work just fine, leading to extremely
bad UX and false positive bug reports.
* llkd is disabled by default but enabled by llkd-debuggable.rc on
ro.debuggable=1. Exclude it on userdebug builds to replicate user
build behavior.
Change-Id: I8365149e7896e03e58808bbead208b8d4fca6a8c
|
|
"LA.QSSI.12.0.r1-06800-qssi.0"
Change-Id: I979d0f844cf44539ca87aade5929a4c84b4d31ff
|
|
Change-Id: I75306aee722e8098dc11571361f1b9e1222223bd
|
|
s-keystone-qcom-release
Change-Id: I633739ddcb382407df3d6f5dbfc0030e8fd9acee
|
|
|
|
Note: Since there is no __ANDROID_API_T__ in this branch, and no api
define for 32, we have to hardcode the number.
Bug: 226699360
Bug: 226699360
Test: manual test
Change-Id: I2602eaa217a2b6cba8a5fb8acd6d5a8a9e3d405e
(cherry picked from commit 3a364add0b264ea5446d7bd984509c65b6aca97c)
|
|
Change-Id: I56506cf11e6e2b38712e1e7dc9e7716f969000d5
|
|
s-keystone-qcom-release
Change-Id: I08154d17257bd4f2a43fb55017a7f6b06d2cb2aa
|
|
Change-Id: If359c57eabcbc0705ec892cae4330eadcfc13582
|
|
Bug: 220074017
Change-Id: I682501b298008e130a29cab70f947f12c140e314
|
|
s-keystone-qcom-release
Change-Id: I193bfc7a347be1c84fd77bd784a14822bf4b1d3d
|
|
Change-Id: I498805f9516678fe2d9b2c2de07b31c77a88a307
|
|
s-keystone-qcom-release
Change-Id: Ib599e40f94b98ff152e927bf7263d165beddaa7d
|
|
Change-Id: If3a2d3e360d8dbaefa46534484fb2ff1e2f27718
|
|
Change-Id: I121bacd01bb2f5a168f0d47f37b1e6e9ea73a8c1
|
|
Change-Id: I06d1d012a71a678964eb5c005f1dc66cb623db56
|
|
This is a race between init process and bionic libc initialization of
snapuserd.
init->fork() ----------------> SecondStageMain() -> PropertyInit()
|
|
v
execveat ---> __libc_init_common() -> __system_properties_init()
(snapuserd)
When init process calls PropertyInit(), /dev/__properties__ directory
is created. When bionic libc of snapuserd daemon invokes __system_properties_init
_after_ init process PropertyInit() function is invoked, libc will
try to initialize the property by reading
/system/etc/selinux/plat_property_contexts. Since any reads on /system
has to be served by snapuserd, this specific read from libc cannot be
serviced leading to deadlock.
Reproduce the race by inducing a sleep of 1500ms just before execveat()
so that init process calls PropertyInit() before bionic libc
initialization. This leads to deadlock
immediately and with additional kernel instrumentation with debug
logs confirms the failure:
======================================================
init: Relaunched snapuserd with pid: 428
ext4_file_open: SNAPUSERD: path /system/etc/selinux/plat_property_contexts - Pid: 428 comm 8
ext4_file_read_iter: SNAPUSERD for path: /system/etc/selinux/plat_property_contexts pid: 428 comm 8
[ 25.418043][ T428] ext4_file_read_iter+0x3dc/0x3e0
[ 25.423000][ T428] vfs_read+0x2e0/0x354
[ 25.426986][ T428] ksys_read+0x7c/0xec
[ 25.430894][ T428] __arm64_sys_read+0x20/0x30
[ 25.435419][ T428] el0_svc_common.llvm.17612735770287389485+0xd0/0x1e0
[ 25.442095][ T428] do_el0_svc+0x28/0xa0
[ 25.446100][ T428] el0_svc+0x14/0x24
[ 25.449825][ T428] el0_sync_handler+0x88/0xec
[ 25.454343][ T428] el0_sync+0x1c0/0x200
=====================================================
Fix:
Before starting init second stage, we will wait
for snapuserd daemon to be up and running. We do a simple probe by
reading system partition. This read will eventually be serviced by
daemon confirming that daemon is up and running. Furthermore,
we are still in the kernel domain and sepolicy has not been enforced yet.
Thus, access to these device mapper block devices are ok even though
we may see audit logs.
Note that daemon will re-initialize the __system_property_init()
as part of WaitForSocket() call. This is subtle but important; since
bionic libc initialized had failed silently, it is important
that this re-initialization is done.
Bug: 207298357
Test: Induce the failure by explicitly delaying the call of execveat().
With fix, no issues observed.
Tested incremental OTA on pixel ~15 times.
Ignore-AOSP-First: cherry-pick from AOSP
Signed-off-by: Akilesh Kailash <akailash@google.com>
Change-Id: I86c2de977de052bfe9dcdc002dcbd9026601d0f3
(cherry picked from commit 65f3d09445699910947fd73b35979121b2bf07fb)
Merged-In:I86c2de977de052bfe9dcdc002dcbd9026601d0f3
|
|
Google's SafetyNet attestation includes checks for the integrity of the
verified boot chain, as reported by some ro.boot.* properties normally
passed by the bootloader. Unconditionally reporting successful, valid
values helps pass SafetyNet checks, as long as other system state is
intact.
However, the real prop values must be retained in recovery/fastbootd in
order for fastbootd to allow/deny flashing correctly based on the
bootloader lock state. This is accomplished by checking androidboot keys
in the kernel cmdline and bootconfig (necessary on Pixel 6), and not
spoofing anything if the boot isn't a normal full-blown Android boot.
Change-Id: I66d23fd91d82906b00d5eb020668f01ae83ec31f
|
|
When the bootloader is unlocked (i.e. AVB is permissive), enforcing
dm-verity on system partitions is meaningless because the bootloader
doesn't enforce verification on the root of the high-level verified boot
chain: the kernel. As a result, mounting system partitions with
dm-verity (hashtree verification) is futile when the code performing
verification has not been verified in the first place; users can also
disable dm-verity manually by flashing vbmeta with `fastboot flash
--disable-verity vbmeta vbmeta.img`.
For user and developer convenience, disable dm-verity automatically when
the bootloader is unlocked by checking for permissive AVB. This makes it
possible to ship enforcing vbmeta images for security-conscious users to
lock their bootloader and reap the benefits of verified boot, while
still allowing users with unlocked bootloaders to modify system
partitions.
Change-Id: Ie88362cfbda75561ef450e00fdc82ade221facb5
|
|
Change-Id: I9fbbca76745f9d0cb20b142d1e1c00cf1f6d25c1
|
|
Using WriteStringToFile will hold kernfs_mutex which is a big lock,
so use WriteStringToFd instead. Besides, also support fd cache for it.
Bug: 206970384
Test: build pass
Change-Id: Id79f9e1095f52079393c58edb9a4d526f4cc6b5e
Merged-In: Id79f9e1095f52079393c58edb9a4d526f4cc6b5e
(cherry picked from commit e808841d72816c68da3d6d9f451aba71bf4188bc)
Merged-In:Id79f9e1095f52079393c58edb9a4d526f4cc6b5e
|
|
UserLifecycleTests test disables all Little cores in the course of the
test, which causes attempts to add a process into /dev/cpuset/restricted
cpuset cgroup to fail with ENOSPC error code, indicating that a process
is joining a cpuset cgroup with no online cpus. Current libprocessgroup
implementation will log an error on each such occurrence, which spams
the logs and makes it hard to analyze test results. Because this
situation does not happen in production environment (we do not offline
cpus), we can prevent flooding the logs by identifying this case,
logging an appropriate error one time and ignore all later similar errors.
Bug: 158766131
Test: adb shell "echo 0 > /sys/devices/system/cpu/cpu[0-3]/online"
Test: start some apps, observe libprocessgroup errors in the logcat
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: Ia91d8839d86787569c255481bde077be51c43d93
Merged-In: Ia91d8839d86787569c255481bde077be51c43d93
(cherry picked from commit ae42d601d09fa32b5c33758432cbd306b60f58ee)
Merged-In:Ia91d8839d86787569c255481bde077be51c43d93
|
|
"LA.QSSI.12.0.r1-05800-qssi.0"
Change-Id: I057db3543fad7cab3fbda5a5ac742c92b2e2b3c5
|
|
Change-Id: I984645d8be4cd5302d802729feee8fba8a937037
|
|
Change-Id: I5d88fbb0d4dad9e8dc64e1edc789b8a70786a420
|
|
Add AID_READTRACEFS and mount tracefs with gid=AID_READTRACEFS
Bug: 209513178
Bug: 214061655
Test: adb shell ls -l /sys/kernel/tracing/events
Change-Id: Ibbfdf8a4b771bd7520ecbaaf15a1153d6bf0e599
Merged-In: Ibbfdf8a4b771bd7520ecbaaf15a1153d6bf0e599
|
|
Booting up the device without usb, the kernel sets the usb power supply
type as UNKNOWN. The type of usb power supply changes at run-time as
various chargers are plugged in/out. However, healthd initilizes the
charger list only at bootup. Change it such that it checks for charger
type changes with every battery or usb uevent.
While at it, the kernel may have a power supply type which is not known
to healthd. This is perfectly fine. Update healthd to not print a
warning.
Change-Id: I2ec9f9a420ca61814d43c316b418ce94de3691bc
|
|
Change-Id: I810e2e051329edeec54fc24255d785993066eece
|
|
HVDCP_3 is a high voltage DCP charger where the charger's voltage
can be changed by issuing pulses on the D+/D- lines. Add support to
recognize it and treat it as an AC power source.
Change-Id: Ib719529904e8b7a676bbdc5f5953f0f9da6df3fa
|
|
Change-Id: Ie1ca5018c465f6b2c15cbc00bdf3bb866d98ddef
|
|
This reverts commit 29dd6b6c01295222fee5ef2fc70692b2ecb12504.
Change-Id: I7b76cd920019ae8cb7270b3f83e777ea9de7f7a4
|
|
[Adrian DC] Preserve the log while permissive
Change-Id: I3f2887930e15d09014c2594141ba4acbbc8d6d9d
|
|
Allow optional vendor-specific initializations
within init. This can be used for runtime
initialization setup that init rc scripts do
not support.
Change-Id: I7623a0d59b18f9ec8e3623958e2f7ccd72b877bf
|
|
Since commit 5ad7b3cbc5c1 ("Try to remount mounted points only"), the
system-as-root cannot be remounted successfully when execute command
"adb remount". This is because the mount point "/system" cannot be
found and directly bails out with failure.
Add an extra checking for the mount point "/system" for the
system-as-root case, takes it as a found entry; thus the function can
continue to run and fix up to remount root.
Suggested-by: David Anderson <dvander@google.com>
Signed-off-by: Leo Yan <leo.yan@linaro.org>
Change-Id: Ia936c9d97bed951184813a087c70fe591cb33fe0
|
|
Change-Id: I041a5a3d78b6cd8b367cabce0451b879ed02294d
|
|
s-keystone-qcom-release
Change-Id: I138ff2c21a325b2d73108686809ec006be569108
|
|
This CHECK prevents a release build from resuming a two-phase merge if
the merge initially failed in the first pass.
Bug: 213031779
Bug: 213253413
Bug: 193549218
Ignore-AOSP-First: cherry-pick from AOSP
Test: vts_libsnapshot_test
Test: update_engine_unittests
Change-Id: I8bf00e3016546ef7039bb0b18eb977cc3dc1066a
Merged-In: I8bf00e3016546ef7039bb0b18eb977cc3dc1066a
|
|
Change-Id: Ibdd51b5c987341b5922175fcb2dd3824785ccf0d
|
|
Change-Id: I848effb04122a7fb07796473afc010ae612b26fc
|
|
If a merge fails we write a new snapshot status indicating that the merge
failed. If this happens to occur during the second merge phase, we fail
to propagate the phase counter to the new status. This means the merge
is unlikely to make progress and succeed later.
Bug: 213031779
Bug: 213253413
Bug: 193549218
Ignore-AOSP-First: cherry-pick from AOSP
Test: inject transient failure into CheckMergeConsistency, apply OTA,
reboot and complete merge.
Change-Id: I31fdae6bde48e3a71b6f3fcc663541257f7ebd8f
Merged-In: I31fdae6bde48e3a71b6f3fcc663541257f7ebd8f
|
|
Judging from local experiments, it looks like device-mapper doesn't
always generate a uevent after DM_DEV_CREATE ioctl.
Test: presubmit
Bug: 193462349
Change-Id: I8a74375631b20c14a32a41dbaf38380ebc0078e6
Merged-In: I8a74375631b20c14a32a41dbaf38380ebc0078e6
|
|
sparse-7698606-L95500000952403884.
Change-Id: Ib18b360932fdc963b31a2896d5445323d5f07871
|
