Merge "bootstat: Special case logging for empty boot reason." am: b93357bdb2 am: 79afacdd61
am: 1d617f8325
Change-Id: I8dd1552628e4ca1933f5b02915fbf03f058f2bb2
diff --git a/CleanSpec.mk b/CleanSpec.mk
index 304ce4e..e2e9577 100644
--- a/CleanSpec.mk
+++ b/CleanSpec.mk
@@ -60,4 +60,14 @@
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/lib64/hw/gatekeeper.$(TARGET_DEVICE).so)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/root/vendor)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/root/init.rc)
+$(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/lib/libtrusty.so)
+$(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/lib64/libtrusty.so)
+$(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/lib/hw/keystore.trusty.so)
+$(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/lib64/hw/keystore.trusty.so)
+$(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/lib/hw/gatekeeper.trusty.so)
+$(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/lib64/hw/gatekeeper.trusty.so)
+$(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/bin/secure-storage-unit-test)
+$(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/bin/storageproxyd)
+$(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/bin/tipc-test)
+$(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/bin/trusty_keymaster_tipc)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/root/root)
diff --git a/adb/daemon/main.cpp b/adb/daemon/main.cpp
index 1c94298..3c27582 100644
--- a/adb/daemon/main.cpp
+++ b/adb/daemon/main.cpp
@@ -233,8 +233,8 @@
adb_device_banner = optarg;
break;
case 'v':
- printf("Android Debug Bridge Daemon version %d.%d.%d (%s)\n", ADB_VERSION_MAJOR,
- ADB_VERSION_MINOR, ADB_SERVER_VERSION, ADB_VERSION);
+ printf("Android Debug Bridge Daemon version %d.%d.%d\n", ADB_VERSION_MAJOR,
+ ADB_VERSION_MINOR, ADB_SERVER_VERSION);
return 0;
default:
// getopt already prints "adbd: invalid option -- %c" for us.
diff --git a/adf/libadf/Android.bp b/adf/libadf/Android.bp
index c276c53..8eef2ea 100644
--- a/adf/libadf/Android.bp
+++ b/adf/libadf/Android.bp
@@ -12,8 +12,12 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-cc_library_static {
+cc_library {
name: "libadf",
+ vendor_available: true,
+ vndk: {
+ enabled: true,
+ },
srcs: ["adf.cpp"],
cflags: ["-Werror"],
local_include_dirs: ["include"],
diff --git a/fs_mgr/fs_mgr_format.cpp b/fs_mgr/fs_mgr_format.cpp
index 75feee7..fc88217 100644
--- a/fs_mgr/fs_mgr_format.cpp
+++ b/fs_mgr/fs_mgr_format.cpp
@@ -38,7 +38,6 @@
{
uint64_t dev_sz;
int fd, rc = 0;
- int status;
if ((fd = open(fs_blkdev, O_WRONLY)) < 0) {
PERROR << "Cannot open block device";
@@ -62,7 +61,7 @@
const char* const mke2fs_args[] = {
"/system/bin/mke2fs", "-t", "ext4", "-b", "4096", fs_blkdev, size_str.c_str(), nullptr};
- rc = android_fork_execvp_ext(arraysize(mke2fs_args), const_cast<char**>(mke2fs_args), &status,
+ rc = android_fork_execvp_ext(arraysize(mke2fs_args), const_cast<char**>(mke2fs_args), NULL,
true, LOG_KLOG, true, nullptr, nullptr, 0);
if (rc) {
LERROR << "mke2fs returned " << rc;
@@ -78,7 +77,7 @@
nullptr};
rc = android_fork_execvp_ext(arraysize(e2fsdroid_args), const_cast<char**>(e2fsdroid_args),
- &status, true, LOG_KLOG, true, nullptr, nullptr, 0);
+ NULL, true, LOG_KLOG, true, nullptr, nullptr, 0);
if (rc) {
LERROR << "e2fsdroid returned " << rc;
}
@@ -88,10 +87,9 @@
static int format_f2fs(char *fs_blkdev)
{
- int status;
const char* const args[] = {"/system/bin/make_f2fs", "-f", "-O encrypt", fs_blkdev, nullptr};
- return android_fork_execvp_ext(arraysize(args), const_cast<char**>(args), &status, true,
+ return android_fork_execvp_ext(arraysize(args), const_cast<char**>(args), NULL, true,
LOG_KLOG, true, nullptr, nullptr, 0);
}
diff --git a/gatekeeperd/Android.mk b/gatekeeperd/Android.mk
index 0dfd9d8..28f0b07 100644
--- a/gatekeeperd/Android.mk
+++ b/gatekeeperd/Android.mk
@@ -21,8 +21,7 @@
LOCAL_SRC_FILES := \
SoftGateKeeperDevice.cpp \
IGateKeeperService.cpp \
- gatekeeperd.cpp \
- IUserManager.cpp
+ gatekeeperd.cpp
LOCAL_MODULE := gatekeeperd
LOCAL_SHARED_LIBRARIES := \
diff --git a/gatekeeperd/IUserManager.cpp b/gatekeeperd/IUserManager.cpp
deleted file mode 100644
index 8167d19..0000000
--- a/gatekeeperd/IUserManager.cpp
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * Copyright (C) 2015 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#define LOG_TAG "IUserManager"
-#include <stdint.h>
-#include <sys/types.h>
-#include <utils/Log.h>
-#include <binder/Parcel.h>
-
-#include "IUserManager.h"
-
-namespace android {
-
-class BpUserManager : public BpInterface<IUserManager>
-{
-public:
- explicit BpUserManager(const sp<IBinder>& impl) :
- BpInterface<IUserManager>(impl) {
- }
- virtual int32_t getCredentialOwnerProfile(int32_t user_id) {
- Parcel data, reply;
- data.writeInterfaceToken(IUserManager::getInterfaceDescriptor());
- data.writeInt32(user_id);
- status_t rc = remote()->transact(GET_CREDENTIAL_OWNER_PROFILE, data, &reply, 0);
- if (rc != NO_ERROR) {
- ALOGE("%s: failed (%d)\n", __func__, rc);
- return -1;
- }
-
- int32_t exception = reply.readExceptionCode();
- if (exception != 0) {
- ALOGE("%s: got exception (%d)\n", __func__, exception);
- return -1;
- }
-
- return reply.readInt32();
- }
-
-};
-
-IMPLEMENT_META_INTERFACE(UserManager, "android.os.IUserManager");
-
-}; // namespace android
-
diff --git a/gatekeeperd/IUserManager.h b/gatekeeperd/IUserManager.h
deleted file mode 100644
index 640e9b5..0000000
--- a/gatekeeperd/IUserManager.h
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * Copyright (C) 2015 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef IUSERMANAGER_H_
-#define IUSERMANAGER_H_
-
-#include <inttypes.h>
-#include <utils/Errors.h>
-#include <binder/IInterface.h>
-#include <binder/Parcel.h>
-#include <utils/Vector.h>
-
-namespace android {
-
-/*
-* Communication channel to UserManager
-*/
-class IUserManager : public IInterface {
- public:
- // must be kept in sync with IUserManager.aidl
- enum {
- GET_CREDENTIAL_OWNER_PROFILE = IBinder::FIRST_CALL_TRANSACTION + 0,
- };
-
- virtual int32_t getCredentialOwnerProfile(int32_t user_id) = 0;
-
- DECLARE_META_INTERFACE(UserManager);
-};
-
-}; // namespace android
-
-#endif // IUSERMANAGER_H_
-
diff --git a/gatekeeperd/gatekeeperd.cpp b/gatekeeperd/gatekeeperd.cpp
index d581736..61c8804 100644
--- a/gatekeeperd/gatekeeperd.cpp
+++ b/gatekeeperd/gatekeeperd.cpp
@@ -38,7 +38,6 @@
#include <utils/String16.h>
#include "SoftGateKeeperDevice.h"
-#include "IUserManager.h"
#include <hidl/HidlSupport.h>
#include <android/hardware/gatekeeper/1.0/IGatekeeper.h>
@@ -335,23 +334,7 @@
return ret;
}
- virtual uint64_t getSecureUserId(uint32_t uid) {
- uint64_t sid = read_sid(uid);
- if (sid == 0) {
- // might be a work profile, look up the parent
- sp<IServiceManager> sm = defaultServiceManager();
- sp<IBinder> binder = sm->getService(String16("user"));
- sp<IUserManager> um = interface_cast<IUserManager>(binder);
- int32_t parent = um->getCredentialOwnerProfile(uid);
- if (parent < 0) {
- return 0;
- } else if (parent != (int32_t) uid) {
- return read_sid(parent);
- }
- }
- return sid;
-
- }
+ virtual uint64_t getSecureUserId(uint32_t uid) { return read_sid(uid); }
virtual void clearSecureUserId(uint32_t uid) {
IPCThreadState* ipc = IPCThreadState::self();
diff --git a/healthd/Android.bp b/healthd/Android.bp
new file mode 100644
index 0000000..56f5148
--- /dev/null
+++ b/healthd/Android.bp
@@ -0,0 +1,7 @@
+cc_library_headers {
+ name: "libhealthd_headers",
+ vendor_available: true,
+ export_include_dirs: ["include"],
+ header_libs: ["libbatteryservice_headers"],
+ export_header_lib_headers: ["libbatteryservice_headers"],
+}
diff --git a/init/selinux.cpp b/init/selinux.cpp
index c4b01e6..4a3a271 100644
--- a/init/selinux.cpp
+++ b/init/selinux.cpp
@@ -418,7 +418,6 @@
selinux_android_restorecon("/dev/urandom", 0);
selinux_android_restorecon("/dev/__properties__", 0);
- selinux_android_restorecon("/file_contexts.bin", 0);
selinux_android_restorecon("/plat_file_contexts", 0);
selinux_android_restorecon("/nonplat_file_contexts", 0);
selinux_android_restorecon("/plat_property_contexts", 0);
diff --git a/libappfuse/FuseBridgeLoop.cc b/libappfuse/FuseBridgeLoop.cc
index 0792307..8b0c53e 100644
--- a/libappfuse/FuseBridgeLoop.cc
+++ b/libappfuse/FuseBridgeLoop.cc
@@ -179,7 +179,11 @@
}
const uint32_t opcode = buffer_.request.header.opcode;
- LOG(VERBOSE) << "Read a fuse packet, opcode=" << opcode;
+ const uint64_t unique = buffer_.request.header.unique;
+ LOG(VERBOSE) << "Read a fuse packet, opcode=" << opcode << " unique=" << unique;
+ if (unique == 0) {
+ return FuseBridgeState::kWaitToReadEither;
+ }
switch (opcode) {
case FUSE_FORGET:
// Do not reply to FUSE_FORGET.
diff --git a/libappfuse/tests/FuseBridgeLoopTest.cc b/libappfuse/tests/FuseBridgeLoopTest.cc
index 51d6051..0a28451 100644
--- a/libappfuse/tests/FuseBridgeLoopTest.cc
+++ b/libappfuse/tests/FuseBridgeLoopTest.cc
@@ -67,6 +67,7 @@
memset(&request_, 0, sizeof(FuseRequest));
request_.header.opcode = opcode;
request_.header.len = sizeof(fuse_in_header);
+ request_.header.unique = 1;
ASSERT_TRUE(request_.Write(dev_sockets_[0]));
memset(&response_, 0, sizeof(FuseResponse));
diff --git a/liblog/Android.bp b/liblog/Android.bp
index 6584c95..d5bb29e 100644
--- a/liblog/Android.bp
+++ b/liblog/Android.bp
@@ -42,6 +42,24 @@
"logd_writer.c",
]
+cc_library_headers {
+ name: "liblog_headers",
+ host_supported: true,
+ vendor_available: true,
+ export_include_dirs: ["include"],
+ target: {
+ windows: {
+ enabled: true,
+ },
+ linux_bionic: {
+ enabled: true,
+ },
+ vendor: {
+ export_include_dirs: ["include_vndk"],
+ },
+ },
+}
+
// Shared and static library for host and device
// ========================================================
cc_library {
@@ -78,7 +96,8 @@
},
},
- export_include_dirs: ["include"],
+ header_libs: ["liblog_headers"],
+ export_header_lib_headers: ["liblog_headers"],
cflags: [
"-Werror",
@@ -97,7 +116,7 @@
}
ndk_headers {
- name: "liblog_headers",
+ name: "liblog_ndk_headers",
from: "include/android",
to: "android",
srcs: ["include/android/log.h"],
diff --git a/liblog/tests/Android.mk b/liblog/tests/Android.mk
index 275a2d6..39b52ac 100644
--- a/liblog/tests/Android.mk
+++ b/liblog/tests/Android.mk
@@ -54,7 +54,7 @@
-Werror \
-fno-builtin \
-test_src_files := \
+cts_src_files := \
libc_test.cpp \
liblog_test_default.cpp \
liblog_test_local.cpp \
@@ -67,6 +67,9 @@
log_time_test.cpp \
log_wrap_test.cpp
+test_src_files := \
+ $(cts_src_files) \
+
# Build tests for the device (with .so). Run with:
# adb shell /data/nativetest/liblog-unit-tests/liblog-unit-tests
include $(CLEAR_VARS)
@@ -82,15 +85,15 @@
include $(CLEAR_VARS)
LOCAL_MODULE := $(cts_executable)
LOCAL_MODULE_TAGS := tests
-LOCAL_CFLAGS += $(test_c_flags)
-LOCAL_SRC_FILES := $(test_src_files)
+LOCAL_CFLAGS += $(test_c_flags) -DNO_PSTORE
+LOCAL_SRC_FILES := $(cts_src_files)
LOCAL_MODULE_PATH := $(TARGET_OUT_DATA)/nativetest
LOCAL_MULTILIB := both
LOCAL_MODULE_STEM_32 := $(LOCAL_MODULE)32
LOCAL_MODULE_STEM_64 := $(LOCAL_MODULE)64
LOCAL_SHARED_LIBRARIES := liblog libcutils libbase
LOCAL_STATIC_LIBRARIES := libgtest libgtest_main
-LOCAL_COMPATIBILITY_SUITE := cts
+LOCAL_COMPATIBILITY_SUITE := cts vts
LOCAL_CTS_TEST_PACKAGE := android.core.liblog
include $(BUILD_CTS_EXECUTABLE)
diff --git a/liblog/tests/liblog_test.cpp b/liblog/tests/liblog_test.cpp
index e2d5aeb..597a6bb 100644
--- a/liblog/tests/liblog_test.cpp
+++ b/liblog/tests/liblog_test.cpp
@@ -116,6 +116,7 @@
return ret;
}
+#ifndef NO_PSTORE
static bool isPmsgActive() {
pid_t pid = getpid();
@@ -125,6 +126,7 @@
return std::string::npos != myPidFds.find(" -> /dev/pmsg0");
}
+#endif /* NO_PSTORE */
static bool isLogdwActive() {
std::string logdwSignature =
@@ -189,22 +191,25 @@
EXPECT_LT(0, __android_log_btwrite(0, EVENT_TYPE_LONG, &ts, sizeof(ts)));
#ifdef USING_LOGGER_DEFAULT
// Check that we can close and reopen the logger
- bool pmsgActiveAfter__android_log_btwrite;
bool logdwActiveAfter__android_log_btwrite;
if (getuid() == AID_ROOT) {
tested__android_log_close = true;
- pmsgActiveAfter__android_log_btwrite = isPmsgActive();
- logdwActiveAfter__android_log_btwrite = isLogdwActive();
+#ifndef NO_PSTORE
+ bool pmsgActiveAfter__android_log_btwrite = isPmsgActive();
EXPECT_TRUE(pmsgActiveAfter__android_log_btwrite);
+#endif /* NO_PSTORE */
+ logdwActiveAfter__android_log_btwrite = isLogdwActive();
EXPECT_TRUE(logdwActiveAfter__android_log_btwrite);
} else if (!tested__android_log_close) {
fprintf(stderr, "WARNING: can not test __android_log_close()\n");
}
__android_log_close();
if (getuid() == AID_ROOT) {
+#ifndef NO_PSTORE
bool pmsgActiveAfter__android_log_close = isPmsgActive();
- bool logdwActiveAfter__android_log_close = isLogdwActive();
EXPECT_FALSE(pmsgActiveAfter__android_log_close);
+#endif /* NO_PSTORE */
+ bool logdwActiveAfter__android_log_close = isLogdwActive();
EXPECT_FALSE(logdwActiveAfter__android_log_close);
}
#endif
@@ -213,9 +218,11 @@
EXPECT_LT(0, __android_log_btwrite(0, EVENT_TYPE_LONG, &ts1, sizeof(ts1)));
#ifdef USING_LOGGER_DEFAULT
if (getuid() == AID_ROOT) {
- pmsgActiveAfter__android_log_btwrite = isPmsgActive();
- logdwActiveAfter__android_log_btwrite = isLogdwActive();
+#ifndef NO_PSTORE
+ bool pmsgActiveAfter__android_log_btwrite = isPmsgActive();
EXPECT_TRUE(pmsgActiveAfter__android_log_btwrite);
+#endif /* NO_PSTORE */
+ logdwActiveAfter__android_log_btwrite = isLogdwActive();
EXPECT_TRUE(logdwActiveAfter__android_log_btwrite);
}
#endif
@@ -3036,12 +3043,15 @@
#ifdef USING_LOGGER_DEFAULT // Do not retest pmsg functionality
#ifdef __ANDROID__
+#ifndef NO_PSTORE
static const char __pmsg_file[] =
"/data/william-shakespeare/MuchAdoAboutNothing.txt";
+#endif /* NO_PSTORE */
#endif
TEST(liblog, __android_log_pmsg_file_write) {
#ifdef __ANDROID__
+#ifndef NO_PSTORE
__android_log_close();
if (getuid() == AID_ROOT) {
tested__android_log_close = true;
@@ -3092,12 +3102,16 @@
EXPECT_TRUE(pmsgActiveAfter__android_pmsg_file_write);
EXPECT_TRUE(logdwActiveAfter__android_pmsg_file_write);
}
+#else /* NO_PSTORE */
+ GTEST_LOG_(INFO) << "This test does nothing because of NO_PSTORE.\n";
+#endif /* NO_PSTORE */
#else
GTEST_LOG_(INFO) << "This test does nothing.\n";
#endif
}
#ifdef __ANDROID__
+#ifndef NO_PSTORE
static ssize_t __pmsg_fn(log_id_t logId, char prio, const char* filename,
const char* buf, size_t len, void* arg) {
EXPECT_TRUE(NULL == arg);
@@ -3118,10 +3132,12 @@
? -ENOEXEC
: 1;
}
+#endif /* NO_PSTORE */
#endif
TEST(liblog, __android_log_pmsg_file_read) {
#ifdef __ANDROID__
+#ifndef NO_PSTORE
signaled = 0;
__android_log_close();
@@ -3155,6 +3171,9 @@
EXPECT_LT(0, ret);
EXPECT_EQ(1U, signaled);
+#else /* NO_PSTORE */
+ GTEST_LOG_(INFO) << "This test does nothing because of NO_PSTORE.\n";
+#endif /* NO_PSTORE */
#else
GTEST_LOG_(INFO) << "This test does nothing.\n";
#endif
diff --git a/libnativeloader/include/nativeloader/native_loader.h b/libnativeloader/include/nativeloader/native_loader.h
index 99ae3a7..3563fc1 100644
--- a/libnativeloader/include/nativeloader/native_loader.h
+++ b/libnativeloader/include/nativeloader/native_loader.h
@@ -34,6 +34,7 @@
int32_t target_sdk_version,
jobject class_loader,
bool is_shared,
+ bool is_for_vendor,
jstring library_path,
jstring permitted_path);
diff --git a/libnativeloader/native_loader.cpp b/libnativeloader/native_loader.cpp
index 7ccd7db..5d160ee 100644
--- a/libnativeloader/native_loader.cpp
+++ b/libnativeloader/native_loader.cpp
@@ -82,6 +82,11 @@
"/etc/public.libraries.txt";
static constexpr const char* kPublicNativeLibrariesVendorConfig =
"/vendor/etc/public.libraries.txt";
+static constexpr const char* kLlndkNativeLibrariesSystemConfigPathFromRoot =
+ "/etc/llndk.libraries.txt";
+static constexpr const char* kVndkspNativeLibrariesSystemConfigPathFromRoot =
+ "/etc/vndksp.libraries.txt";
+
// The device may be configured to have the vendor libraries loaded to a separate namespace.
// For historical reasons this namespace was named sphal but effectively it is intended
@@ -89,6 +94,11 @@
// vendor and system namespaces.
static constexpr const char* kVendorNamespaceName = "sphal";
+static constexpr const char* kVndkNamespaceName = "vndk";
+
+static constexpr const char* kClassloaderNamespaceName = "classloader-namespace";
+static constexpr const char* kVendorClassloaderNamespaceName = "vendor-classloader-namespace";
+
// (http://b/27588281) This is a workaround for apps using custom classloaders and calling
// System.load() with an absolute path which is outside of the classloader library search path.
// This list includes all directories app is allowed to access this way.
@@ -108,6 +118,7 @@
uint32_t target_sdk_version,
jobject class_loader,
bool is_shared,
+ bool is_for_vendor,
jstring java_library_path,
jstring java_permitted_path,
NativeLoaderNamespace* ns,
@@ -163,9 +174,39 @@
is_native_bridge = NativeBridgeIsPathSupported(library_path.c_str());
}
+ std::string system_exposed_libraries = system_public_libraries_;
+ const char* namespace_name = kClassloaderNamespaceName;
+ android_namespace_t* vndk_ns = nullptr;
+ if (is_for_vendor && !is_shared) {
+ LOG_FATAL_IF(is_native_bridge, "Unbundled vendor apk must not use translated architecture");
+
+ // For vendor apks, give access to the vendor lib even though
+ // they are treated as unbundled; the libs and apks are still bundled
+ // together in the vendor partition.
+#if defined(__LP64__)
+ std::string vendor_lib_path = "/vendor/lib64";
+#else
+ std::string vendor_lib_path = "/vendor/lib";
+#endif
+ library_path = library_path + ":" + vendor_lib_path.c_str();
+ permitted_path = permitted_path + ":" + vendor_lib_path.c_str();
+
+ // Also give access to LLNDK libraries since they are available to vendors
+ system_exposed_libraries = system_exposed_libraries + ":" + system_llndk_libraries_.c_str();
+
+ // Give access to VNDK-SP libraries from the 'vndk' namespace.
+ vndk_ns = android_get_exported_namespace(kVndkNamespaceName);
+ LOG_ALWAYS_FATAL_IF(vndk_ns == nullptr,
+ "Cannot find \"%s\" namespace for vendor apks", kVndkNamespaceName);
+
+ // Different name is useful for debugging
+ namespace_name = kVendorClassloaderNamespaceName;
+ ALOGD("classloader namespace configured for unbundled vendor apk. library_path=%s", library_path.c_str());
+ }
+
NativeLoaderNamespace native_loader_ns;
if (!is_native_bridge) {
- android_namespace_t* ns = android_create_namespace("classloader-namespace",
+ android_namespace_t* ns = android_create_namespace(namespace_name,
nullptr,
library_path.c_str(),
namespace_type,
@@ -181,11 +222,19 @@
// which is expected behavior in this case.
android_namespace_t* vendor_ns = android_get_exported_namespace(kVendorNamespaceName);
- if (!android_link_namespaces(ns, nullptr, system_public_libraries_.c_str())) {
+ if (!android_link_namespaces(ns, nullptr, system_exposed_libraries.c_str())) {
*error_msg = dlerror();
return false;
}
+ if (vndk_ns != nullptr && !system_vndksp_libraries_.empty()) {
+ // vendor apks are allowed to use VNDK-SP libraries.
+ if (!android_link_namespaces(ns, vndk_ns, system_vndksp_libraries_.c_str())) {
+ *error_msg = dlerror();
+ return false;
+ }
+ }
+
if (!vendor_public_libraries_.empty()) {
if (!android_link_namespaces(ns, vendor_ns, vendor_public_libraries_.c_str())) {
*error_msg = dlerror();
@@ -195,7 +244,7 @@
native_loader_ns = NativeLoaderNamespace(ns);
} else {
- native_bridge_namespace_t* ns = NativeBridgeCreateNamespace("classloader-namespace",
+ native_bridge_namespace_t* ns = NativeBridgeCreateNamespace(namespace_name,
nullptr,
library_path.c_str(),
namespace_type,
@@ -209,7 +258,7 @@
native_bridge_namespace_t* vendor_ns = NativeBridgeGetVendorNamespace();
- if (!NativeBridgeLinkNamespaces(ns, nullptr, system_public_libraries_.c_str())) {
+ if (!NativeBridgeLinkNamespaces(ns, nullptr, system_exposed_libraries.c_str())) {
*error_msg = NativeBridgeGetError();
return false;
}
@@ -259,6 +308,10 @@
std::string root_dir = android_root_env != nullptr ? android_root_env : "/system";
std::string public_native_libraries_system_config =
root_dir + kPublicNativeLibrariesSystemConfigPathFromRoot;
+ std::string llndk_native_libraries_system_config =
+ root_dir + kLlndkNativeLibrariesSystemConfigPathFromRoot;
+ std::string vndksp_native_libraries_system_config =
+ root_dir + kVndkspNativeLibrariesSystemConfigPathFromRoot;
std::string error_msg;
LOG_ALWAYS_FATAL_IF(!ReadConfig(public_native_libraries_system_config, &sonames, &error_msg),
@@ -294,6 +347,14 @@
system_public_libraries_ = base::Join(sonames, ':');
sonames.clear();
+ ReadConfig(kLlndkNativeLibrariesSystemConfigPathFromRoot, &sonames);
+ system_llndk_libraries_ = base::Join(sonames, ':');
+
+ sonames.clear();
+ ReadConfig(kVndkspNativeLibrariesSystemConfigPathFromRoot, &sonames);
+ system_vndksp_libraries_ = base::Join(sonames, ':');
+
+ sonames.clear();
// This file is optional, quietly ignore if the file does not exist.
ReadConfig(kPublicNativeLibrariesVendorConfig, &sonames);
@@ -404,6 +465,8 @@
std::vector<std::pair<jweak, NativeLoaderNamespace>> namespaces_;
std::string system_public_libraries_;
std::string vendor_public_libraries_;
+ std::string system_llndk_libraries_;
+ std::string system_vndksp_libraries_;
DISALLOW_COPY_AND_ASSIGN(LibraryNamespaces);
};
@@ -430,6 +493,7 @@
int32_t target_sdk_version,
jobject class_loader,
bool is_shared,
+ bool is_for_vendor,
jstring library_path,
jstring permitted_path) {
#if defined(__ANDROID__)
@@ -441,6 +505,7 @@
target_sdk_version,
class_loader,
is_shared,
+ is_for_vendor,
library_path,
permitted_path,
&ns,
@@ -449,7 +514,7 @@
return env->NewStringUTF(error_msg.c_str());
}
#else
- UNUSED(env, target_sdk_version, class_loader, is_shared,
+ UNUSED(env, target_sdk_version, class_loader, is_shared, is_for_vendor,
library_path, permitted_path);
#endif
return nullptr;
@@ -478,7 +543,8 @@
if (!g_namespaces->Create(env,
target_sdk_version,
class_loader,
- false,
+ false /* is_shared */,
+ false /* is_for_vendor */,
library_path,
nullptr,
&ns,
diff --git a/libsystem/include/system/thread_defs.h b/libsystem/include/system/thread_defs.h
index 377a48c..80d1160 100644
--- a/libsystem/include/system/thread_defs.h
+++ b/libsystem/include/system/thread_defs.h
@@ -55,6 +55,9 @@
/* ui service treads might want to run at a urgent display (uncommon) */
ANDROID_PRIORITY_URGENT_DISPLAY = HAL_PRIORITY_URGENT_DISPLAY,
+ /* all normal video threads */
+ ANDROID_PRIORITY_VIDEO = -10,
+
/* all normal audio threads */
ANDROID_PRIORITY_AUDIO = -16,
diff --git a/libutils/Android.bp b/libutils/Android.bp
index b7e397e..1bf5a64 100644
--- a/libutils/Android.bp
+++ b/libutils/Android.bp
@@ -18,10 +18,12 @@
host_supported: true,
header_libs: [
+ "liblog_headers",
"libsystem_headers",
"libcutils_headers"
],
export_header_lib_headers: [
+ "liblog_headers",
"libsystem_headers",
"libcutils_headers"
],
@@ -82,6 +84,10 @@
"libutils_headers",
],
+ shared_libs: [
+ "liblog",
+ ],
+
arch: {
mips: {
cflags: ["-DALIGN_DOUBLE"],
@@ -102,7 +108,6 @@
"libbacktrace",
"libcutils",
"libdl",
- "liblog",
"libvndksupport",
],
diff --git a/libvndksupport/linker.c b/libvndksupport/linker.c
index 696e978..d06cafc 100644
--- a/libvndksupport/linker.c
+++ b/libvndksupport/linker.c
@@ -23,24 +23,38 @@
extern struct android_namespace_t* android_get_exported_namespace(const char*);
+static const char* namespace_name = NULL;
+
+static struct android_namespace_t* get_vendor_namespace() {
+ const char* namespace_names[] = {"sphal", "default", NULL};
+ static struct android_namespace_t* vendor_namespace = NULL;
+ if (vendor_namespace == NULL) {
+ int name_idx = 0;
+ while (namespace_names[name_idx] != NULL) {
+ vendor_namespace = android_get_exported_namespace(namespace_names[name_idx]);
+ if (vendor_namespace != NULL) {
+ namespace_name = namespace_names[name_idx];
+ break;
+ }
+ name_idx++;
+ }
+ }
+ return vendor_namespace;
+}
+
void* android_load_sphal_library(const char* name, int flag) {
- struct android_namespace_t* sphal_namespace = android_get_exported_namespace("sphal");
- if (sphal_namespace != NULL) {
+ struct android_namespace_t* vendor_namespace = get_vendor_namespace();
+ if (vendor_namespace != NULL) {
const android_dlextinfo dlextinfo = {
- .flags = ANDROID_DLEXT_USE_NAMESPACE, .library_namespace = sphal_namespace,
+ .flags = ANDROID_DLEXT_USE_NAMESPACE, .library_namespace = vendor_namespace,
};
void* handle = android_dlopen_ext(name, flag, &dlextinfo);
if (!handle) {
- ALOGE(
- "Could not load %s from sphal namespace: %s. ",
- name, dlerror());
+ ALOGE("Could not load %s from %s namespace: %s.", name, namespace_name, dlerror());
}
return handle;
} else {
- ALOGI(
- "sphal namespace is not configured for this process. "
- "Loading %s from the current namespace instead.",
- name);
+ ALOGD("Loading %s from current namespace instead of sphal namespace.", name);
return dlopen(name, flag);
}
}
diff --git a/lmkd/lmkd.c b/lmkd/lmkd.c
index 8a6168c..5cfa2c8 100644
--- a/lmkd/lmkd.c
+++ b/lmkd/lmkd.c
@@ -18,19 +18,21 @@
#include <arpa/inet.h>
#include <errno.h>
+#include <inttypes.h>
#include <sched.h>
#include <signal.h>
#include <stdlib.h>
#include <string.h>
-#include <time.h>
#include <sys/cdefs.h>
#include <sys/epoll.h>
#include <sys/eventfd.h>
#include <sys/mman.h>
#include <sys/socket.h>
#include <sys/types.h>
+#include <time.h>
#include <unistd.h>
+#include <cutils/properties.h>
#include <cutils/sockets.h>
#include <log/log.h>
#include <processgroup/processgroup.h>
@@ -40,7 +42,10 @@
#endif
#define MEMCG_SYSFS_PATH "/dev/memcg/"
-#define MEMPRESSURE_WATCH_LEVEL "low"
+#define MEMCG_MEMORY_USAGE "/dev/memcg/memory.usage_in_bytes"
+#define MEMCG_MEMORYSW_USAGE "/dev/memcg/memory.memsw.usage_in_bytes"
+#define MEMPRESSURE_WATCH_MEDIUM_LEVEL "medium"
+#define MEMPRESSURE_WATCH_CRITICAL_LEVEL "critical"
#define ZONEINFO_PATH "/proc/zoneinfo"
#define LINE_MAX 128
@@ -48,6 +53,7 @@
#define INKERNEL_ADJ_PATH "/sys/module/lowmemorykiller/parameters/adj"
#define ARRAY_SIZE(x) (sizeof(x) / sizeof(*(x)))
+#define EIGHT_MEGA (1 << 23)
enum lmk_cmd {
LMK_TARGET,
@@ -64,17 +70,28 @@
/* default to old in-kernel interface if no memory pressure events */
static int use_inkernel_interface = 1;
+static bool has_inkernel_module;
/* memory pressure level medium event */
-static int mpevfd;
+static int mpevfd[2];
+#define CRITICAL_INDEX 1
+#define MEDIUM_INDEX 0
+
+static int medium_oomadj;
+static int critical_oomadj;
+static bool debug_process_killing;
+static bool enable_pressure_upgrade;
+static int64_t upgrade_pressure;
+static int64_t downgrade_pressure;
+static bool is_go_device;
/* control socket listen and data */
static int ctrl_lfd;
static int ctrl_dfd = -1;
static int ctrl_dfd_reopened; /* did we reopen ctrl conn on this loop? */
-/* 1 memory pressure level, 1 ctrl listen socket, 1 ctrl data socket */
-#define MAX_EPOLL_EVENTS 3
+/* 2 memory pressure levels, 1 ctrl listen socket, 1 ctrl data socket */
+#define MAX_EPOLL_EVENTS 4
static int epollfd;
static int maxevents;
@@ -113,14 +130,6 @@
#define ADJTOSLOT(adj) ((adj) + -OOM_SCORE_ADJ_MIN)
static struct adjslot_list procadjslot_list[ADJTOSLOT(OOM_SCORE_ADJ_MAX) + 1];
-/*
- * Wait 1-2 seconds for the death report of a killed process prior to
- * considering killing more processes.
- */
-#define KILL_TIMEOUT 2
-/* Time of last process kill we initiated, stop me before I kill again */
-static time_t kill_lasttime;
-
/* PAGE_SIZE / 1024 */
static long page_k;
@@ -241,6 +250,7 @@
struct proc *procp;
char path[80];
char val[20];
+ int soft_limit_mult;
if (oomadj < OOM_SCORE_ADJ_MIN || oomadj > OOM_SCORE_ADJ_MAX) {
ALOGE("Invalid PROCPRIO oomadj argument %d", oomadj);
@@ -254,6 +264,38 @@
if (use_inkernel_interface)
return;
+ if (oomadj >= 900) {
+ soft_limit_mult = 0;
+ } else if (oomadj >= 800) {
+ soft_limit_mult = 0;
+ } else if (oomadj >= 700) {
+ soft_limit_mult = 0;
+ } else if (oomadj >= 600) {
+ // Launcher should be perceptible, don't kill it.
+ oomadj = 200;
+ soft_limit_mult = 1;
+ } else if (oomadj >= 500) {
+ soft_limit_mult = 0;
+ } else if (oomadj >= 400) {
+ soft_limit_mult = 0;
+ } else if (oomadj >= 300) {
+ soft_limit_mult = 1;
+ } else if (oomadj >= 200) {
+ soft_limit_mult = 2;
+ } else if (oomadj >= 100) {
+ soft_limit_mult = 10;
+ } else if (oomadj >= 0) {
+ soft_limit_mult = 20;
+ } else {
+ // Persistent processes will have a large
+ // soft limit 512MB.
+ soft_limit_mult = 64;
+ }
+
+ snprintf(path, sizeof(path), "/dev/memcg/apps/uid_%d/pid_%d/memory.soft_limit_in_bytes", uid, pid);
+ snprintf(val, sizeof(val), "%d", soft_limit_mult * EIGHT_MEGA);
+ writefilestring(path, val);
+
procp = pid_lookup(pid);
if (!procp) {
procp = malloc(sizeof(struct proc));
@@ -278,7 +320,6 @@
return;
pid_remove(pid);
- kill_lasttime = 0;
}
static void cmd_target(int ntargets, int *params) {
@@ -294,7 +335,7 @@
lowmem_targets_size = ntargets;
- if (use_inkernel_interface) {
+ if (has_inkernel_module) {
char minfreestr[128];
char killpriostr[128];
@@ -309,9 +350,9 @@
strlcat(killpriostr, ",", sizeof(killpriostr));
}
- snprintf(val, sizeof(val), "%d", lowmem_minfree[i]);
+ snprintf(val, sizeof(val), "%d", use_inkernel_interface ? lowmem_minfree[i] : 0);
strlcat(minfreestr, val, sizeof(minfreestr));
- snprintf(val, sizeof(val), "%d", lowmem_adj[i]);
+ snprintf(val, sizeof(val), "%d", use_inkernel_interface ? lowmem_adj[i] : 0);
strlcat(killpriostr, val, sizeof(killpriostr));
}
@@ -546,9 +587,7 @@
}
/* Kill one process specified by procp. Returns the size of the process killed */
-static int kill_one_process(struct proc *procp, int other_free, int other_file,
- int minfree, int min_score_adj, bool first)
-{
+static int kill_one_process(struct proc* procp, int min_score_adj, bool is_critical) {
int pid = procp->pid;
uid_t uid = procp->uid;
char *taskname;
@@ -567,14 +606,12 @@
return -1;
}
- ALOGI("Killing '%s' (%d), uid %d, adj %d\n"
- " to free %ldkB because cache %s%ldkB is below limit %ldkB for oom_adj %d\n"
- " Free memory is %s%ldkB %s reserved",
- taskname, pid, uid, procp->oomadj, tasksize * page_k,
- first ? "" : "~", other_file * page_k, minfree * page_k, min_score_adj,
- first ? "" : "~", other_free * page_k, other_free >= 0 ? "above" : "below");
+ ALOGI(
+ "Killing '%s' (%d), uid %d, adj %d\n"
+ " to free %ldkB because system is under %s memory pressure oom_adj %d\n",
+ taskname, pid, uid, procp->oomadj, tasksize * page_k, is_critical ? "critical" : "medium",
+ min_score_adj);
r = kill(pid, SIGKILL);
- killProcessGroup(uid, pid, SIGKILL);
pid_remove(pid);
if (r) {
@@ -589,23 +626,10 @@
* Find a process to kill based on the current (possibly estimated) free memory
* and cached memory sizes. Returns the size of the killed processes.
*/
-static int find_and_kill_process(int other_free, int other_file, bool first)
-{
+static int find_and_kill_process(bool is_critical) {
int i;
- int min_score_adj = OOM_SCORE_ADJ_MAX + 1;
- int minfree = 0;
int killed_size = 0;
-
- for (i = 0; i < lowmem_targets_size; i++) {
- minfree = lowmem_minfree[i];
- if (other_free < minfree && other_file < minfree) {
- min_score_adj = lowmem_adj[i];
- break;
- }
- }
-
- if (min_score_adj == OOM_SCORE_ADJ_MAX + 1)
- return 0;
+ int min_score_adj = is_critical ? critical_oomadj : medium_oomadj;
for (i = OOM_SCORE_ADJ_MAX; i >= min_score_adj; i--) {
struct proc *procp;
@@ -614,7 +638,7 @@
procp = proc_adj_lru(i);
if (procp) {
- killed_size = kill_one_process(procp, other_free, other_file, minfree, min_score_adj, first);
+ killed_size = kill_one_process(procp, min_score_adj, is_critical);
if (killed_size < 0) {
goto retry;
} else {
@@ -626,42 +650,91 @@
return 0;
}
-static void mp_event(uint32_t events __unused) {
+static int64_t get_memory_usage(const char* path) {
+ int ret;
+ int64_t mem_usage;
+ char buf[32];
+ int fd = open(path, O_RDONLY | O_CLOEXEC);
+ if (fd == -1) {
+ ALOGE("%s open: errno=%d", path, errno);
+ return -1;
+ }
+
+ ret = read_all(fd, buf, sizeof(buf) - 1);
+ close(fd);
+ if (ret < 0) {
+ ALOGE("%s error: errno=%d", path, errno);
+ return -1;
+ }
+ sscanf(buf, "%" SCNd64, &mem_usage);
+ if (mem_usage == 0) {
+ ALOGE("No memory!");
+ return -1;
+ }
+ return mem_usage;
+}
+
+static void mp_event_common(bool is_critical) {
int ret;
unsigned long long evcount;
- struct sysmeminfo mi;
- int other_free;
- int other_file;
- int killed_size;
- bool first = true;
+ int index = is_critical ? CRITICAL_INDEX : MEDIUM_INDEX;
+ int64_t mem_usage, memsw_usage;
+ int64_t mem_pressure;
- ret = read(mpevfd, &evcount, sizeof(evcount));
+ ret = read(mpevfd[index], &evcount, sizeof(evcount));
if (ret < 0)
ALOGE("Error reading memory pressure event fd; errno=%d",
errno);
- if (time(NULL) - kill_lasttime < KILL_TIMEOUT)
+ mem_usage = get_memory_usage(MEMCG_MEMORY_USAGE);
+ memsw_usage = get_memory_usage(MEMCG_MEMORYSW_USAGE);
+ if (memsw_usage < 0 || mem_usage < 0) {
+ find_and_kill_process(is_critical);
return;
-
- while (zoneinfo_parse(&mi) < 0) {
- // Failed to read /proc/zoneinfo, assume ENOMEM and kill something
- find_and_kill_process(0, 0, true);
}
- other_free = mi.nr_free_pages - mi.totalreserve_pages;
- other_file = mi.nr_file_pages - mi.nr_shmem;
+ // Calculate percent for swappinness.
+ mem_pressure = (mem_usage * 100) / memsw_usage;
- do {
- killed_size = find_and_kill_process(other_free, other_file, first);
- if (killed_size > 0) {
- first = false;
- other_free += killed_size;
- other_file += killed_size;
+ if (enable_pressure_upgrade && !is_critical) {
+ // We are swapping too much.
+ if (mem_pressure < upgrade_pressure) {
+ ALOGI("Event upgraded to critical.");
+ is_critical = true;
}
- } while (killed_size > 0);
+ }
+
+ // If the pressure is larger than downgrade_pressure lmk will not
+ // kill any process, since enough memory is available.
+ if (mem_pressure > downgrade_pressure) {
+ if (debug_process_killing) {
+ ALOGI("Ignore %s memory pressure", is_critical ? "critical" : "medium");
+ }
+ return;
+ } else if (is_critical && mem_pressure > upgrade_pressure) {
+ if (debug_process_killing) {
+ ALOGI("Downgrade critical memory pressure");
+ }
+ // Downgrade event to medium, since enough memory available.
+ is_critical = false;
+ }
+
+ if (find_and_kill_process(is_critical) == 0) {
+ if (debug_process_killing) {
+ ALOGI("Nothing to kill");
+ }
+ }
}
-static int init_mp(char *levelstr, void *event_handler)
+static void mp_event(uint32_t events __unused) {
+ mp_event_common(false);
+}
+
+static void mp_event_critical(uint32_t events __unused) {
+ mp_event_common(true);
+}
+
+static int init_mp_common(char *levelstr, void *event_handler, bool is_critical)
{
int mpfd;
int evfd;
@@ -669,6 +742,7 @@
char buf[256];
struct epoll_event epev;
int ret;
+ int mpevfd_index = is_critical ? CRITICAL_INDEX : MEDIUM_INDEX;
mpfd = open(MEMCG_SYSFS_PATH "memory.pressure_level", O_RDONLY | O_CLOEXEC);
if (mpfd < 0) {
@@ -709,7 +783,7 @@
goto err;
}
maxevents++;
- mpevfd = evfd;
+ mpevfd[mpevfd_index] = evfd;
return 0;
err:
@@ -722,6 +796,16 @@
return -1;
}
+static int init_mp_medium()
+{
+ return init_mp_common(MEMPRESSURE_WATCH_MEDIUM_LEVEL, (void *)&mp_event, false);
+}
+
+static int init_mp_critical()
+{
+ return init_mp_common(MEMPRESSURE_WATCH_CRITICAL_LEVEL, (void *)&mp_event_critical, true);
+}
+
static int init(void) {
struct epoll_event epev;
int i;
@@ -758,12 +842,14 @@
}
maxevents++;
- use_inkernel_interface = !access(INKERNEL_MINFREE_PATH, W_OK);
+ has_inkernel_module = !access(INKERNEL_MINFREE_PATH, W_OK);
+ use_inkernel_interface = has_inkernel_module && !is_go_device;
if (use_inkernel_interface) {
ALOGI("Using in-kernel low memory killer interface");
} else {
- ret = init_mp(MEMPRESSURE_WATCH_LEVEL, (void *)&mp_event);
+ ret = init_mp_medium();
+ ret |= init_mp_critical();
if (ret)
ALOGE("Kernel does not support memory pressure events or in-kernel low memory killer");
}
@@ -806,6 +892,14 @@
.sched_priority = 1,
};
+ medium_oomadj = property_get_int32("ro.lmk.medium", 800);
+ critical_oomadj = property_get_int32("ro.lmk.critical", 0);
+ debug_process_killing = property_get_bool("ro.lmk.debug", false);
+ enable_pressure_upgrade = property_get_bool("ro.lmk.critical_upgrade", false);
+ upgrade_pressure = (int64_t)property_get_int32("ro.lmk.upgrade_pressure", 50);
+ downgrade_pressure = (int64_t)property_get_int32("ro.lmk.downgrade_pressure", 60);
+ is_go_device = property_get_bool("ro.config.low_ram", false);
+
mlockall(MCL_FUTURE);
sched_setscheduler(0, SCHED_FIFO, ¶m);
if (!init())
diff --git a/logd/tests/Android.mk b/logd/tests/Android.mk
index 1915677..a0875ea 100644
--- a/logd/tests/Android.mk
+++ b/logd/tests/Android.mk
@@ -63,7 +63,7 @@
LOCAL_MODULE_STEM_64 := $(LOCAL_MODULE)64
LOCAL_SHARED_LIBRARIES := libbase libcutils liblog libselinux
LOCAL_STATIC_LIBRARIES := libgtest libgtest_main
-LOCAL_COMPATIBILITY_SUITE := cts
+LOCAL_COMPATIBILITY_SUITE := cts vts
LOCAL_CTS_TEST_PACKAGE := android.core.logd
include $(BUILD_CTS_EXECUTABLE)
diff --git a/rootdir/Android.mk b/rootdir/Android.mk
index 1bac36c..5c1ffb3 100644
--- a/rootdir/Android.mk
+++ b/rootdir/Android.mk
@@ -193,8 +193,62 @@
# ld.config.txt
include $(CLEAR_VARS)
+_enforce_vndk_at_runtime := false
+
+ifdef BOARD_VNDK_VERSION
+ifneq ($(BOARD_VNDK_RUNTIME_DISABLE),true)
+ _enforce_vndk_at_runtime := true
+endif
+endif
+
+ifeq ($(_enforce_vndk_at_runtime),true)
LOCAL_MODULE := ld.config.txt
-ifeq ($(PRODUCT_FULL_TREBLE),true)
+LOCAL_MODULE_CLASS := ETC
+LOCAL_MODULE_PATH := $(TARGET_OUT_ETC)
+LOCAL_MODULE_STEM := $(LOCAL_MODULE)
+include $(BUILD_SYSTEM)/base_rules.mk
+vndk_lib_md5 := $(word 1, $(shell echo $(LLNDK_LIBRARIES) $(VNDK_SAMEPROCESS_LIBRARIES) | $(MD5SUM)))
+vndk_lib_dep := $(intermediates)/$(vndk_lib_md5).dep
+$(vndk_lib_dep):
+ $(hide) mkdir -p $(dir $@) && rm -rf $(dir $@)*.dep && touch $@
+
+llndk_libraries := $(subst $(space),:,$(addsuffix .so,$(LLNDK_LIBRARIES)))
+
+vndk_sameprocess_libraries := $(subst $(space),:,$(addsuffix .so,$(VNDK_SAMEPROCESS_LIBRARIES)))
+
+vndk_core_libraries := $(subst $(space),:,$(addsuffix .so,$(VNDK_CORE_LIBRARIES)))
+
+sanitizer_runtime_libraries := $(subst $(space),:,$(addsuffix .so,\
+$(ADDRESS_SANITIZER_RUNTIME_LIBRARY) \
+$(UBSAN_RUNTIME_LIBRARY) \
+$(TSAN_RUNTIME_LIBRARY) \
+$(2ND_ADDRESS_SANITIZER_RUNTIME_LIBRARY) \
+$(2ND_UBSAN_RUNTIME_LIBRARY) \
+$(2ND_TSAN_RUNTIME_LIBRARY)))
+
+$(LOCAL_BUILT_MODULE): PRIVATE_LLNDK_LIBRARIES := $(llndk_libraries)
+$(LOCAL_BUILT_MODULE): PRIVATE_VNDK_SAMEPROCESS_LIBRARIES := $(vndk_sameprocess_libraries)
+$(LOCAL_BUILT_MODULE): PRIVATE_LLNDK_PRIVATE_LIBRARIES := $(llndk_private_libraries)
+$(LOCAL_BUILT_MODULE): PRIVATE_VNDK_CORE_LIBRARIES := $(vndk_core_libraries)
+$(LOCAL_BUILT_MODULE): PRIVATE_SANITIZER_RUNTIME_LIBRARIES := $(sanitizer_runtime_libraries)
+$(LOCAL_BUILT_MODULE): $(LOCAL_PATH)/etc/ld.config.txt.in $(vndk_lib_dep)
+ @echo "Generate: $< -> $@"
+ @mkdir -p $(dir $@)
+ $(hide) sed -e 's?%LLNDK_LIBRARIES%?$(PRIVATE_LLNDK_LIBRARIES)?g' $< >$@
+ $(hide) sed -i -e 's?%VNDK_SAMEPROCESS_LIBRARIES%?$(PRIVATE_VNDK_SAMEPROCESS_LIBRARIES)?g' $@
+ $(hide) sed -i -e 's?%VNDK_CORE_LIBRARIES%?$(PRIVATE_VNDK_CORE_LIBRARIES)?g' $@
+ $(hide) sed -i -e 's?%SANITIZER_RUNTIME_LIBRARIES%?$(PRIVATE_SANITIZER_RUNTIME_LIBRARIES)?g' $@
+
+vndk_lib_md5 :=
+vndk_lib_dep :=
+llndk_libraries :=
+vndk_sameprocess_libraries :=
+vndk_core_libraries :=
+sanitizer_runtime_libraries :=
+else # if _enforce_vndk_at_runtime is not true
+
+LOCAL_MODULE := ld.config.txt
+ifeq ($(PRODUCT_FULL_TREBLE)|$(SANITIZE_TARGET),true|)
LOCAL_SRC_FILES := etc/ld.config.txt
else
LOCAL_SRC_FILES := etc/ld.config.legacy.txt
@@ -203,3 +257,46 @@
LOCAL_MODULE_PATH := $(TARGET_OUT_ETC)
LOCAL_MODULE_STEM := $(LOCAL_MODULE)
include $(BUILD_PREBUILT)
+endif
+
+#######################################
+# llndk.libraries.txt
+include $(CLEAR_VARS)
+LOCAL_MODULE := llndk.libraries.txt
+LOCAL_MODULE_CLASS := ETC
+LOCAL_MODULE_PATH := $(TARGET_OUT_ETC)
+LOCAL_MODULE_STEM := $(LOCAL_MODULE)
+include $(BUILD_SYSTEM)/base_rules.mk
+llndk_md5 = $(word 1, $(shell echo $(LLNDK_LIBRARIES) | $(MD5SUM)))
+llndk_dep = $(intermediates)/$(llndk_md5).dep
+$(llndk_dep):
+ $(hide) mkdir -p $(dir $@) && rm -rf $(dir $@)*.dep && touch $@
+
+$(LOCAL_BUILT_MODULE): PRIVATE_LLNDK_LIBRARIES := $(LLNDK_LIBRARIES)
+$(LOCAL_BUILT_MODULE): $(llndk_dep)
+ @echo "Generate: $@"
+ @mkdir -p $(dir $@)
+ $(hide) echo -n > $@
+ $(hide) $(foreach lib,$(PRIVATE_LLNDK_LIBRARIES), \
+ echo $(lib).so >> $@;)
+
+#######################################
+# vndksp.libraries.txt
+include $(CLEAR_VARS)
+LOCAL_MODULE := vndksp.libraries.txt
+LOCAL_MODULE_CLASS := ETC
+LOCAL_MODULE_PATH := $(TARGET_OUT_ETC)
+LOCAL_MODULE_STEM := $(LOCAL_MODULE)
+include $(BUILD_SYSTEM)/base_rules.mk
+vndksp_md5 = $(word 1, $(shell echo $(LLNDK_LIBRARIES) | $(MD5SUM)))
+vndksp_dep = $(intermediates)/$(vndksp_md5).dep
+$(vndksp_dep):
+ $(hide) mkdir -p $(dir $@) && rm -rf $(dir $@)*.dep && touch $@
+
+$(LOCAL_BUILT_MODULE): PRIVATE_VNDK_SAMEPROCESS_LIBRARIES := $(VNDK_SAMEPROCESS_LIBRARIES)
+$(LOCAL_BUILT_MODULE): $(vndksp_dep)
+ @echo "Generate: $@"
+ @mkdir -p $(dir $@)
+ $(hide) echo -n > $@
+ $(hide) $(foreach lib,$(PRIVATE_VNDK_SAMEPROCESS_LIBRARIES), \
+ echo $(lib).so >> $@;)
diff --git a/rootdir/etc/ld.config.txt b/rootdir/etc/ld.config.txt
index 56066bc..8aa3369 100644
--- a/rootdir/etc/ld.config.txt
+++ b/rootdir/etc/ld.config.txt
@@ -7,10 +7,14 @@
dir.system = /system/bin/
dir.system = /system/xbin/
dir.vendor = /vendor/bin/
-dir.test = /data/nativetest/
-dir.test = /data/nativetest64/
-dir.test = /data/benchmarktest/
-dir.test = /data/benchmarktest64/
+dir.vendor = /data/nativetest/vendor
+dir.vendor = /data/nativetest64/vendor
+dir.vendor = /data/benchmarktest/vendor
+dir.vendor = /data/benchmarktest64/vendor
+dir.system = /data/nativetest
+dir.system = /data/nativetest64
+dir.system = /data/benchmarktest
+dir.system = /data/benchmarktest64
[system]
additional.namespaces = sphal,vndk,rs
@@ -54,7 +58,7 @@
namespace.sphal.isolated = true
namespace.sphal.visible = true
namespace.sphal.search.paths = /vendor/${LIB}/egl:/vendor/${LIB}/hw:/vendor/${LIB}
-namespace.sphal.permitted.paths = /vendor/${LIB}
+namespace.sphal.permitted.paths = /vendor/${LIB}:/system/${LIB}/vndk-sp/hw
namespace.sphal.asan.search.paths = /data/asan/vendor/${LIB}/egl:/vendor/${LIB}/egl:/data/asan/vendor/${LIB}/hw:/vendor/${LIB}/hw:/data/asan/vendor/${LIB}:/vendor/${LIB}
namespace.sphal.asan.permitted.paths = /data/asan/vendor/${LIB}:/vendor/${LIB}
@@ -64,7 +68,7 @@
namespace.sphal.links = default,vndk,rs
# WARNING: only NDK libs can be listed here.
-namespace.sphal.link.default.shared_libs = libc.so:libz.so:libm.so:libdl.so:libstdc++.so:liblog.so:libnativewindow.so:libEGL.so:libsync.so:libGLESv1_CM.so:libGLESv2.so:libvndksupport.so
+namespace.sphal.link.default.shared_libs = libc.so:libm.so:libdl.so:libstdc++.so:liblog.so:libnativewindow.so:libEGL.so:libsync.so:libGLESv1_CM.so:libGLESv2.so:libvndksupport.so:libz.so
# WARNING: only VNDK-SP libs can be listed here. DO NOT EDIT this line.
namespace.sphal.link.vndk.shared_libs = android.hardware.renderscript@1.0.so:android.hardware.graphics.allocator@2.0.so:android.hardware.graphics.mapper@2.0.so:android.hardware.graphics.common@1.0.so:android.hidl.memory@1.0.so:libhwbinder.so:libbase.so:libcutils.so:libhardware.so:libhidlbase.so:libhidlmemory.so:libhidltransport.so:libion.so:libutils.so:libc++.so
@@ -81,6 +85,7 @@
# to load the compiled *.so file and libmediandk.so can be used here.
###############################################################################
namespace.rs.isolated = true
+namespace.rs.visible = true
namespace.rs.search.paths = /vendor/${LIB}/vndk-sp:/system/${LIB}/vndk-sp:/vendor/${LIB}
namespace.rs.permitted.paths = /vendor/${LIB}:/data
@@ -88,7 +93,7 @@
namespace.rs.asan.permitted.paths = /data/asan/vendor/${LIB}:/vendor/${LIB}:/data
namespace.rs.links = default,vndk
-namespace.rs.link.default.shared_libs = libc.so:libz.so:libm.so:libdl.so:libstdc++.so:liblog.so:libnativewindow.so:libEGL.so:libsync.so:libGLESv1_CM.so:libGLESv2.so:libmediandk.so:libvndksupport.so
+namespace.rs.link.default.shared_libs = libc.so:libm.so:libdl.so:libstdc++.so:liblog.so:libnativewindow.so:libEGL.so:libsync.so:libGLESv1_CM.so:libGLESv2.so:libmediandk.so:libvndksupport.so:libz.so:libft2.so
namespace.rs.link.vndk.shared_libs = android.hardware.renderscript@1.0.so:android.hardware.graphics.allocator@2.0.so:android.hardware.graphics.mapper@2.0.so:android.hardware.graphics.common@1.0.so:android.hidl.memory@1.0.so:libhwbinder.so:libbase.so:libcutils.so:libhardware.so:libhidlbase.so:libhidlmemory.so:libhidltransport.so:libion.so:libutils.so:libc++.so
###############################################################################
@@ -97,17 +102,18 @@
# This namespace is exclusively for vndk-sp libs.
###############################################################################
namespace.vndk.isolated = true
-namespace.vndk.search.paths = /vendor/${LIB}/vndk-sp:/system/${LIB}/vndk-sp:/vendor/${LIB}
+namespace.vndk.visible = true
+namespace.vndk.search.paths = /vendor/${LIB}/vndk-sp:/system/${LIB}/vndk-sp
namespace.vndk.permitted.paths = /vendor/${LIB}/hw:/vendor/${LIB}/egl
-namespace.vndk.asan.search.paths = /data/asan/vendor/${LIB}/vndk-sp:/vendor/${LIB}/vndk-sp:/data/asan/system/${LIB}/vndk-sp:/system/${LIB}/vndk-sp:/data/asan/vendor/${LIB}:/vendor/${LIB}
+namespace.vndk.asan.search.paths = /data/asan/vendor/${LIB}/vndk-sp:/vendor/${LIB}/vndk-sp:/data/asan/system/${LIB}/vndk-sp:/system/${LIB}/vndk-sp
namespace.vndk.asan.permitted.paths = /data/asan/vendor/${LIB}/hw:/vendor/${LIB}/hw:/data/asan/vendor/${LIB}/egl:/vendor/${LIB}/egl
# When these NDK libs are required inside this namespace, then it is redirected
# to the default namespace. This is possible since their ABI is stable across
# Android releases.
namespace.vndk.links = default
-namespace.vndk.link.default.shared_libs = android.hidl.memory@1.0-impl.so:libc.so:libz.so:libm.so:libdl.so:libstdc++.so:liblog.so:libnativewindow.so:libEGL.so:libsync.so:libvndksupport.so
+namespace.vndk.link.default.shared_libs = android.hidl.memory@1.0-impl.so:libc.so:libm.so:libdl.so:libstdc++.so:liblog.so:libnativewindow.so:libEGL.so:libsync.so:libvndksupport.so:libz.so
###############################################################################
# Namespace config for vendor processes. In O, no restriction is enforced for
@@ -117,15 +123,6 @@
###############################################################################
[vendor]
namespace.default.isolated = false
-namespace.default.search.paths = /vendor/${LIB}:/vendor/${LIB}/vndk-sp:/system/${LIB}/vndk-sp:/system/${LIB}
+namespace.default.search.paths = /vendor/${LIB}/hw:/vendor/${LIB}/egl:/vendor/${LIB}:/system/${LIB}/vndk:/vendor/${LIB}/vndk-sp:/system/${LIB}/vndk-sp:/system/${LIB}
-namespace.default.asan.search.paths = /data/asan/vendor/${LIB}:/vendor/${LIB}:/data/asan/vendor/${LIB}/vndk-sp:/vendor/${LIB}/vndk-sp:/data/asan/system/${LIB}/vndk-sp:/system/${LIB}/vndk-sp:/data/asan/system/${LIB}:/system/${LIB}
-
-###############################################################################
-# Namespace config for tests. No VNDK restriction is enforced for these tests.
-###############################################################################
-[test]
-namespace.default.isolated = false
-namespace.default.search.paths = /vendor/${LIB}:/vendor/${LIB}/vndk-sp:/system/${LIB}/vndk-sp:/system/${LIB}
-
-namespace.default.asan.search.paths = /data/asan/vendor/${LIB}:/vendor/${LIB}:/data/asan/vendor/${LIB}/vndk-sp:/vendor/${LIB}/vndk-sp:/data/asan/system/${LIB}/vndk-sp:/system/${LIB}/vndk-sp:/data/asan/system/${LIB}:/system/${LIB}
+namespace.default.asan.search.paths = /data/asan/vendor/${LIB}/hw:/vendor/${LIB}/hw:/data/asan/vendor/${LIB}/egl:/vendor/${LIB}/egl:/data/asan/vendor/${LIB}:/vendor/${LIB}:/data/asan/system/${LIB}/vndk:/system/${LIB}/vndk:/data/asan/vendor/${LIB}/vndk-sp:/vendor/${LIB}/vndk-sp:/data/asan/system/${LIB}/vndk-sp:/system/${LIB}/vndk-sp:/data/asan/system/${LIB}:/system/${LIB}
diff --git a/rootdir/etc/ld.config.txt.in b/rootdir/etc/ld.config.txt.in
new file mode 100644
index 0000000..2c73056
--- /dev/null
+++ b/rootdir/etc/ld.config.txt.in
@@ -0,0 +1,147 @@
+# Copyright (C) 2017 The Android Open Source Project
+#
+# Bionic loader config file.
+#
+
+# Don't change the order here. The first pattern that matches with the
+# absolution path of an executable is selected.
+dir.system = /system/bin/
+dir.system = /system/xbin/
+dir.vendor = /vendor/bin/
+dir.vendor = /data/nativetest/vendor
+dir.vendor = /data/nativetest64/vendor
+dir.vendor = /data/benchmarktest/vendor
+dir.vendor = /data/benchmarktest64/vendor
+dir.system = /data/nativetest
+dir.system = /data/nativetest64
+dir.system = /data/benchmarktest
+dir.system = /data/benchmarktest64
+
+[system]
+additional.namespaces = sphal,vndk,rs
+
+###############################################################################
+# "default" namespace
+#
+# Framework-side code runs in this namespace. Libs from /vendor partition
+# can't be loaded in this namespace.
+###############################################################################
+namespace.default.isolated = true
+namespace.default.search.paths = /system/${LIB}
+# /vendor/app, /vendor/framework were added since libart should be able to dlopen
+# the odex files from the directory.
+namespace.default.permitted.paths = /system/${LIB}/drm:/system/${LIB}/hw:/system/framework:/system/app:/system/priv-app:/vendor/app:/vendor/framework:/oem/app:/data:/mnt/expand
+
+namespace.default.asan.search.paths = /data/asan/system/${LIB}:/system/${LIB}
+namespace.default.asan.permitted.paths = /data:/system/${LIB}/drm:/system/${LIB}/hw:/system/framework:/system/app:/system/priv-app:/vendor/app:/vendor/framework:/oem/app:/mnt/expand
+
+###############################################################################
+# "sphal" namespace
+#
+# SP-HAL(Sameprocess-HAL)s are the only vendor libraries that are allowed to be
+# loaded inside system processes. libEGL_<chipset>.so, libGLESv2_<chipset>.so,
+# android.hardware.graphics.mapper@2.0-impl.so, etc are SP-HALs.
+#
+# This namespace is exclusivly for SP-HALs. When the framework tries to dynami-
+# cally load SP-HALs, android_dlopen_ext() is used to explicitly specifying
+# that they should be searched and loaded from this namespace.
+#
+# Note that there is no link from the default namespace to this namespace.
+###############################################################################
+namespace.sphal.isolated = true
+namespace.sphal.visible = true
+namespace.sphal.search.paths = /vendor/${LIB}/egl:/vendor/${LIB}/hw:/vendor/${LIB}
+namespace.sphal.permitted.paths = /vendor/${LIB}:/system/${LIB}/vndk-sp/hw
+
+namespace.sphal.asan.search.paths = /data/asan/vendor/${LIB}/egl:/vendor/${LIB}/egl:/data/asan/vendor/${LIB}/hw:/vendor/${LIB}/hw:/data/asan/vendor/${LIB}:/vendor/${LIB}
+namespace.sphal.asan.permitted.paths = /data/asan/vendor/${LIB}:/vendor/${LIB}
+
+# Once in this namespace, access to libraries in /system/lib is restricted. Only
+# libs listed here can be used.
+namespace.sphal.links = default,vndk,rs
+
+# WARNING: only NDK libs can be listed here.
+namespace.sphal.link.default.shared_libs = %LLNDK_LIBRARIES%:%SANITIZER_RUNTIME_LIBRARIES%
+
+# WARNING: only VNDK-SP libs can be listed here. DO NOT EDIT this line.
+namespace.sphal.link.vndk.shared_libs = %VNDK_SAMEPROCESS_LIBRARIES%
+
+# Renderscript gets separate namespace
+namespace.sphal.link.rs.shared_libs = libRS_internal.so
+
+###############################################################################
+# "rs" namespace
+#
+# This namespace is exclusively for Renderscript internal libraries.
+# This namespace has slightly looser restriction than the vndk namespace because
+# of the genuine characteristics of Renderscript; /data is in the permitted path
+# to load the compiled *.so file and libmediandk.so can be used here.
+###############################################################################
+namespace.rs.isolated = true
+namespace.rs.visible = true
+namespace.rs.search.paths = /vendor/${LIB}/vndk-sp:/system/${LIB}/vndk-sp:/vendor/${LIB}
+namespace.rs.permitted.paths = /vendor/${LIB}:/data
+
+namespace.rs.asan.search.paths = /data/asan/vendor/${LIB}/vndk-sp:/vendor/${LIB}/vndk-sp:/data/asan/system/${LIB}/vndk-sp:/system/${LIB}/vndk-sp:/data/asan/vendor/${LIB}:/vendor/${LIB}
+namespace.rs.asan.permitted.paths = /data/asan/vendor/${LIB}:/vendor/${LIB}:/data
+
+namespace.rs.links = default,vndk
+namespace.rs.link.default.shared_libs = %LLNDK_LIBRARIES%:%SANITIZER_RUNTIME_LIBRARIES%
+namespace.rs.link.vndk.shared_libs = %VNDK_SAMEPROCESS_LIBRARIES%
+
+###############################################################################
+# "vndk" namespace
+#
+# This namespace is exclusively for vndk-sp libs.
+###############################################################################
+namespace.vndk.isolated = true
+namespace.vndk.visible = true
+namespace.vndk.search.paths = /vendor/${LIB}/vndk-sp:/system/${LIB}/vndk-sp
+namespace.vndk.permitted.paths = /vendor/${LIB}/hw:/vendor/${LIB}/egl
+
+namespace.vndk.asan.search.paths = /data/asan/vendor/${LIB}/vndk-sp:/vendor/${LIB}/vndk-sp:/data/asan/system/${LIB}/vndk-sp:/system/${LIB}/vndk-sp
+namespace.vndk.asan.permitted.paths = /data/asan/vendor/${LIB}/hw:/vendor/${LIB}/hw:/data/asan/vendor/${LIB}/egl:/vendor/${LIB}/egl
+
+# When these NDK libs are required inside this namespace, then it is redirected
+# to the default namespace. This is possible since their ABI is stable across
+# Android releases.
+namespace.vndk.links = default
+namespace.vndk.link.default.shared_libs = %LLNDK_LIBRARIES%:%SANITIZER_RUNTIME_LIBRARIES%
+
+###############################################################################
+# Namespace config for vendor processes. In O, no restriction is enforced for
+# them. However, in O-MR1, access to /system/${LIB} will not be allowed to
+# the default namespace. 'system' namespace will be added to give limited
+# (LL-NDK only) access.
+###############################################################################
+[vendor]
+additional.namespaces = system
+
+###############################################################################
+# "default" namespace
+#
+# Vendor-side code runs in this namespace.
+###############################################################################
+namespace.default.isolated = true
+namespace.default.visible = true
+
+namespace.default.search.paths = /vendor/${LIB}/hw:/vendor/${LIB}/egl:/vendor/${LIB}:/vendor/${LIB}/vndk:/system/${LIB}/vndk:/vendor/${LIB}/vndk-sp:/system/${LIB}/vndk-sp
+namespace.default.permitted.paths = /vendor:/system/${LIB}/vndk:/system/${LIB}/vndk-sp
+
+namespace.default.asan.search.paths = /data/asan/vendor/${LIB}/hw:/vendor/${LIB}/hw:/data/asan/vendor/${LIB}/egl:/vendor/${LIB}/egl:/data/asan/vendor/${LIB}:/vendor/${LIB}:/data/asan/vendor/${LIB}/vndk:/vendor/${LIB}/vndk:/data/asan/system/${LIB}/vndk:/system/${LIB}/vndk:/data/asan/vendor/${LIB}/vndk-sp:/vendor/${LIB}/vndk-sp:/data/asan/system/${LIB}/vndk-sp:/system/${LIB}/vndk-sp
+namespace.default.asan.permitted.paths = /data/asan/vendor:/vendor:/data/asan/system/${LIB}/vndk:/system/${LIB}/vndk:/data/asan/system/${LIB}/vndk-sp:/system/${LIB}/vndk-sp
+
+namespace.default.links = system
+namespace.default.link.system.shared_libs = %LLNDK_LIBRARIES%
+
+###############################################################################
+# "system" namespace
+#
+# This is for vendor process to use LL-NDK in system partition.
+###############################################################################
+namespace.system.isolated = false
+namespace.system.search.paths = /system/${LIB}
+namespace.system.permitted.paths = /system/${LIB}
+
+namespace.system.asan.search.paths = /data/asan/system/${LIB}:/system/${LIB}
+namespace.system.asan.permitted.paths = /data/asan/system/${LIB}:/system/${LIB}
diff --git a/rootdir/etc/public.libraries.android.txt b/rootdir/etc/public.libraries.android.txt
index c5e149c..e20b95d 100644
--- a/rootdir/etc/public.libraries.android.txt
+++ b/rootdir/etc/public.libraries.android.txt
@@ -15,6 +15,7 @@
libmediandk.so
libm.so
libnativewindow.so
+libneuralnetworks.so
libOpenMAXAL.so
libOpenSLES.so
libRS.so
diff --git a/rootdir/etc/public.libraries.wear.txt b/rootdir/etc/public.libraries.wear.txt
index a4ca683..3c46094 100644
--- a/rootdir/etc/public.libraries.wear.txt
+++ b/rootdir/etc/public.libraries.wear.txt
@@ -15,6 +15,7 @@
libmediandk.so
libm.so
libnativewindow.so
+libneuralnetworks.so
libOpenMAXAL.so
libOpenSLES.so
libRS.so
diff --git a/rootdir/init.rc b/rootdir/init.rc
index 87920fb..6533823 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -148,6 +148,9 @@
write /proc/sys/net/ipv4/conf/all/accept_redirects 0
write /proc/sys/net/ipv6/conf/all/accept_redirects 0
+ # /proc/net/fib_trie leaks interface IP addresses
+ chmod 0400 /proc/net/fib_trie
+
# Create cgroup mount points for process groups
mkdir /dev/cpuctl
mount cgroup none /dev/cpuctl cpu
diff --git a/sdcard/sdcard.cpp b/sdcard/sdcard.cpp
index 343a903..77d5a91 100644
--- a/sdcard/sdcard.cpp
+++ b/sdcard/sdcard.cpp
@@ -319,17 +319,31 @@
LOG(FATAL) << "terminated prematurely";
}
-static bool sdcardfs_setup(const std::string& source_path, const std::string& dest_path, uid_t fsuid,
- gid_t fsgid, bool multi_user, userid_t userid, gid_t gid, mode_t mask) {
- std::string opts = android::base::StringPrintf("fsuid=%d,fsgid=%d,%smask=%d,userid=%d,gid=%d",
- fsuid, fsgid, multi_user?"multiuser,":"", mask, userid, gid);
+static bool sdcardfs_setup(const std::string& source_path, const std::string& dest_path,
+ uid_t fsuid, gid_t fsgid, bool multi_user, userid_t userid, gid_t gid,
+ mode_t mask, bool derive_gid) {
+ std::string opts = android::base::StringPrintf(
+ "fsuid=%d,fsgid=%d,%s%smask=%d,userid=%d,gid=%d", fsuid, fsgid,
+ multi_user ? "multiuser," : "", derive_gid ? "derive_gid," : "", mask, userid, gid);
if (mount(source_path.c_str(), dest_path.c_str(), "sdcardfs",
MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_NOATIME, opts.c_str()) == -1) {
- PLOG(ERROR) << "failed to mount sdcardfs filesystem";
- return false;
+ if (derive_gid) {
+ PLOG(ERROR) << "trying to mount sdcardfs filesystem without derive_gid";
+ /* Maybe this isn't supported on this kernel. Try without. */
+ opts = android::base::StringPrintf("fsuid=%d,fsgid=%d,%smask=%d,userid=%d,gid=%d",
+ fsuid, fsgid, multi_user ? "multiuser," : "", mask,
+ userid, gid);
+ if (mount(source_path.c_str(), dest_path.c_str(), "sdcardfs",
+ MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_NOATIME, opts.c_str()) == -1) {
+ PLOG(ERROR) << "failed to mount sdcardfs filesystem";
+ return false;
+ }
+ } else {
+ PLOG(ERROR) << "failed to mount sdcardfs filesystem";
+ return false;
+ }
}
-
return true;
}
@@ -355,7 +369,8 @@
}
static void run_sdcardfs(const std::string& source_path, const std::string& label, uid_t uid,
- gid_t gid, userid_t userid, bool multi_user, bool full_write) {
+ gid_t gid, userid_t userid, bool multi_user, bool full_write,
+ bool derive_gid) {
std::string dest_path_default = "/mnt/runtime/default/" + label;
std::string dest_path_read = "/mnt/runtime/read/" + label;
std::string dest_path_write = "/mnt/runtime/write/" + label;
@@ -365,10 +380,10 @@
// Multi-user storage is fully isolated per user, so "other"
// permissions are completely masked off.
if (!sdcardfs_setup(source_path, dest_path_default, uid, gid, multi_user, userid,
- AID_SDCARD_RW, 0006)
- || !sdcardfs_setup_bind_remount(dest_path_default, dest_path_read, AID_EVERYBODY, 0027)
- || !sdcardfs_setup_bind_remount(dest_path_default, dest_path_write,
- AID_EVERYBODY, full_write ? 0007 : 0027)) {
+ AID_SDCARD_RW, 0006, derive_gid) ||
+ !sdcardfs_setup_bind_remount(dest_path_default, dest_path_read, AID_EVERYBODY, 0027) ||
+ !sdcardfs_setup_bind_remount(dest_path_default, dest_path_write, AID_EVERYBODY,
+ full_write ? 0007 : 0027)) {
LOG(FATAL) << "failed to sdcardfs_setup";
}
} else {
@@ -376,11 +391,11 @@
// the Android directories are masked off to a single user
// deep inside attr_from_stat().
if (!sdcardfs_setup(source_path, dest_path_default, uid, gid, multi_user, userid,
- AID_SDCARD_RW, 0006)
- || !sdcardfs_setup_bind_remount(dest_path_default, dest_path_read,
- AID_EVERYBODY, full_write ? 0027 : 0022)
- || !sdcardfs_setup_bind_remount(dest_path_default, dest_path_write,
- AID_EVERYBODY, full_write ? 0007 : 0022)) {
+ AID_SDCARD_RW, 0006, derive_gid) ||
+ !sdcardfs_setup_bind_remount(dest_path_default, dest_path_read, AID_EVERYBODY,
+ full_write ? 0027 : 0022) ||
+ !sdcardfs_setup_bind_remount(dest_path_default, dest_path_write, AID_EVERYBODY,
+ full_write ? 0007 : 0022)) {
LOG(FATAL) << "failed to sdcardfs_setup";
}
}
@@ -437,7 +452,8 @@
<< " -g: specify GID to run as"
<< " -U: specify user ID that owns device"
<< " -m: source_path is multi-user"
- << " -w: runtime write mount has full write access";
+ << " -w: runtime write mount has full write access"
+ << " -P preserve owners on the lower file system";
return 1;
}
@@ -449,12 +465,13 @@
userid_t userid = 0;
bool multi_user = false;
bool full_write = false;
+ bool derive_gid = false;
int i;
struct rlimit rlim;
int fs_version;
int opt;
- while ((opt = getopt(argc, argv, "u:g:U:mw")) != -1) {
+ while ((opt = getopt(argc, argv, "u:g:U:mwG")) != -1) {
switch (opt) {
case 'u':
uid = strtoul(optarg, NULL, 10);
@@ -471,6 +488,9 @@
case 'w':
full_write = true;
break;
+ case 'G':
+ derive_gid = true;
+ break;
case '?':
default:
return usage();
@@ -514,7 +534,7 @@
}
if (should_use_sdcardfs()) {
- run_sdcardfs(source_path, label, uid, gid, userid, multi_user, full_write);
+ run_sdcardfs(source_path, label, uid, gid, userid, multi_user, full_write, derive_gid);
} else {
run(source_path, label, uid, gid, userid, multi_user, full_write);
}
diff --git a/storaged/Android.mk b/storaged/Android.mk
index 5e6a3c0..a1abe0f 100644
--- a/storaged/Android.mk
+++ b/storaged/Android.mk
@@ -9,7 +9,6 @@
libcutils \
liblog \
libsysutils \
- libpackagelistparser \
libbatteryservice \
include $(CLEAR_VARS)
diff --git a/storaged/include/storaged.h b/storaged/include/storaged.h
index 514798b..fa68406 100644
--- a/storaged/include/storaged.h
+++ b/storaged/include/storaged.h
@@ -256,6 +256,7 @@
uid_monitor mUidm;
time_t mStarttime;
sp<IBatteryPropertiesRegistrar> battery_properties;
+ std::unique_ptr<storage_info_t> storage_info;
public:
storaged_t(void);
~storaged_t() {}
@@ -285,6 +286,8 @@
void init_battery_service();
virtual void batteryPropertiesChanged(struct BatteryProperties props);
void binderDied(const wp<IBinder>& who);
+
+ void report_storage_info();
};
// Eventlog tag
diff --git a/storaged/include/storaged_info.h b/storaged/include/storaged_info.h
index 913c814..7d04c7a 100644
--- a/storaged/include/storaged_info.h
+++ b/storaged/include/storaged_info.h
@@ -27,39 +27,46 @@
class storage_info_t {
protected:
FRIEND_TEST(storaged_test, storage_info_t);
+ // emmc lifetime
uint16_t eol; // pre-eol (end of life) information
uint16_t lifetime_a; // device life time estimation (type A)
uint16_t lifetime_b; // device life time estimation (type B)
string version; // version string
+ // free space
+ const string userdata_path = "/data";
+ uint64_t userdata_total_kb;
+ uint64_t userdata_free_kb;
+
+ storage_info_t() : eol(0), lifetime_a(0), lifetime_b(0),
+ userdata_total_kb(0), userdata_free_kb(0) {}
void publish();
+ storage_info_t* s_info;
public:
- storage_info_t() : eol(0), lifetime_a(0), lifetime_b(0) {}
+ static storage_info_t* get_storage_info();
virtual ~storage_info_t() {}
- virtual bool report() = 0;
+ virtual void report() {};
+ void refresh();
};
class emmc_info_t : public storage_info_t {
private:
- const string emmc_sysfs = "/sys/bus/mmc/devices/mmc0:0001/";
- const string emmc_debugfs = "/d/mmc0/mmc0:0001/ext_csd";
- const char* emmc_ver_str[9] = {
- "4.0", "4.1", "4.2", "4.3", "Obsolete", "4.41", "4.5", "5.0", "5.1"
- };
-public:
- virtual ~emmc_info_t() {}
- bool report();
bool report_sysfs();
bool report_debugfs();
+public:
+ static const string emmc_sysfs;
+ static const string emmc_debugfs;
+ static const char* emmc_ver_str[];
+
+ virtual ~emmc_info_t() {}
+ virtual void report();
};
class ufs_info_t : public storage_info_t {
-private:
- const string health_file = "/sys/devices/soc/624000.ufshc/health";
public:
- virtual ~ufs_info_t() {}
- bool report();
-};
+ static const string health_file;
-void report_storage_health();
+ virtual ~ufs_info_t() {}
+ virtual void report();
+};
#endif /* _STORAGED_INFO_H_ */
diff --git a/storaged/main.cpp b/storaged/main.cpp
index 4d1e430..6b82904 100644
--- a/storaged/main.cpp
+++ b/storaged/main.cpp
@@ -49,6 +49,7 @@
storaged = new storaged_t();
storaged->init_battery_service();
+ storaged->report_storage_info();
LOG_TO(SYSTEM, INFO) << "storaged: Start";
@@ -113,7 +114,6 @@
}
if (flag_main_service) { // start main thread
- report_storage_health();
// Start the main thread of storaged
pthread_t storaged_main_thread;
errno = pthread_create(&storaged_main_thread, NULL, storaged_main, NULL);
diff --git a/storaged/storaged.cpp b/storaged/storaged.cpp
index 54d429c..06afea6 100644
--- a/storaged/storaged.cpp
+++ b/storaged/storaged.cpp
@@ -200,6 +200,10 @@
}
}
+void storaged_t::report_storage_info() {
+ storage_info->report();
+}
+
/* storaged_t */
storaged_t::storaged_t(void) {
if (access(MMC_DISK_STATS_PATH, R_OK) < 0 && access(SDA_DISK_STATS_PATH, R_OK) < 0) {
@@ -222,6 +226,8 @@
mConfig.periodic_chores_interval_uid_io =
property_get_int32("ro.storaged.uid_io.interval", DEFAULT_PERIODIC_CHORES_INTERVAL_UID_IO);
+ storage_info.reset(storage_info_t::get_storage_info());
+
mStarttime = time(NULL);
}
@@ -229,6 +235,7 @@
if (mConfig.diskstats_available) {
mDiskStats.update();
mDsm.update();
+ storage_info->refresh();
if (mTimer && (mTimer % mConfig.periodic_chores_interval_disk_stats_publish) == 0) {
mDiskStats.publish();
}
diff --git a/storaged/storaged_info.cpp b/storaged/storaged_info.cpp
index 434bd74..b5fb13e 100644
--- a/storaged/storaged_info.cpp
+++ b/storaged/storaged_info.cpp
@@ -18,6 +18,7 @@
#include <stdio.h>
#include <string.h>
+#include <sys/statvfs.h>
#include <android-base/file.h>
#include <android-base/parseint.h>
@@ -30,13 +31,42 @@
using namespace std;
using namespace android::base;
-void report_storage_health()
-{
- emmc_info_t mmc;
- ufs_info_t ufs;
+const string emmc_info_t::emmc_sysfs = "/sys/bus/mmc/devices/mmc0:0001/";
+const string emmc_info_t::emmc_debugfs = "/d/mmc0/mmc0:0001/ext_csd";
+const char* emmc_info_t::emmc_ver_str[9] = {
+ "4.0", "4.1", "4.2", "4.3", "Obsolete", "4.41", "4.5", "5.0", "5.1"
+};
- mmc.report();
- ufs.report();
+const string ufs_info_t::health_file = "/sys/devices/soc/624000.ufshc/health";
+
+static bool FileExists(const std::string& filename)
+{
+ struct stat buffer;
+ return stat(filename.c_str(), &buffer) == 0;
+}
+
+storage_info_t* storage_info_t::get_storage_info()
+{
+ if (FileExists(emmc_info_t::emmc_sysfs) ||
+ FileExists(emmc_info_t::emmc_debugfs)) {
+ return new emmc_info_t;
+ }
+ if (FileExists(ufs_info_t::health_file)) {
+ return new ufs_info_t;
+ }
+ return new storage_info_t;
+}
+
+void storage_info_t::refresh()
+{
+ struct statvfs buf;
+ if (statvfs(userdata_path.c_str(), &buf) != 0) {
+ PLOG_TO(SYSTEM, WARNING) << "Failed to get userdata info";
+ return;
+ }
+
+ userdata_total_kb = buf.f_bsize * buf.f_blocks >> 10;
+ userdata_free_kb = buf.f_bfree * buf.f_blocks >> 10;
}
void storage_info_t::publish()
@@ -46,13 +76,12 @@
<< LOG_ID_EVENTS;
}
-bool emmc_info_t::report()
+void emmc_info_t::report()
{
if (!report_sysfs() && !report_debugfs())
- return false;
+ return;
publish();
- return true;
}
bool emmc_info_t::report_sysfs()
@@ -136,21 +165,21 @@
return true;
}
-bool ufs_info_t::report()
+void ufs_info_t::report()
{
string buffer;
if (!ReadFileToString(health_file, &buffer)) {
- return false;
+ return;
}
vector<string> lines = Split(buffer, "\n");
if (lines.empty()) {
- return false;
+ return;
}
char rev[8];
if (sscanf(lines[0].c_str(), "ufs version: 0x%7s\n", rev) < 1) {
- return false;
+ return;
}
version = "ufs " + string(rev);
@@ -175,10 +204,9 @@
}
if (eol == 0 || (lifetime_a == 0 && lifetime_b == 0)) {
- return false;
+ return;
}
publish();
- return true;
}
diff --git a/storaged/storaged_uid_monitor.cpp b/storaged/storaged_uid_monitor.cpp
index 5bb98e1..dd8bdd6 100644
--- a/storaged/storaged_uid_monitor.cpp
+++ b/storaged/storaged_uid_monitor.cpp
@@ -22,33 +22,24 @@
#include <string>
#include <unordered_map>
+#include <android/content/pm/IPackageManagerNative.h>
#include <android-base/file.h>
#include <android-base/logging.h>
#include <android-base/macros.h>
#include <android-base/parseint.h>
#include <android-base/strings.h>
#include <android-base/stringprintf.h>
+#include <binder/IServiceManager.h>
#include <log/log_event_list.h>
-#include <packagelistparser/packagelistparser.h>
#include "storaged.h"
#include "storaged_uid_monitor.h"
using namespace android;
using namespace android::base;
+using namespace android::content::pm;
-static bool packagelist_parse_cb(pkg_info* info, void* userdata)
-{
- std::unordered_map<uint32_t, struct uid_info>* uids =
- reinterpret_cast<std::unordered_map<uint32_t, struct uid_info>*>(userdata);
-
- if (uids->find(info->uid) != uids->end()) {
- (*uids)[info->uid].name = info->name;
- }
-
- packagelist_free(info);
- return true;
-}
+static bool refresh_uid_names;
std::unordered_map<uint32_t, struct uid_info> uid_monitor::get_uid_io_stats()
{
@@ -56,6 +47,38 @@
return get_uid_io_stats_locked();
};
+static void get_uid_names(const vector<int>& uids, const vector<std::string*>& uid_names)
+{
+ sp<IServiceManager> sm = defaultServiceManager();
+ if (sm == NULL) {
+ LOG_TO(SYSTEM, ERROR) << "defaultServiceManager failed";
+ return;
+ }
+
+ sp<IBinder> binder = sm->getService(String16("package_native"));
+ if (binder == NULL) {
+ LOG_TO(SYSTEM, ERROR) << "getService package_native failed";
+ return;
+ }
+
+ sp<IPackageManagerNative> package_mgr = interface_cast<IPackageManagerNative>(binder);
+ std::vector<std::string> names;
+ binder::Status status = package_mgr->getNamesForUids(uids, &names);
+ if (!status.isOk()) {
+ LOG_TO(SYSTEM, ERROR) << "package_native::getNamesForUids failed: "
+ << status.exceptionMessage();
+ return;
+ }
+
+ for (uint32_t i = 0; i < uid_names.size(); i++) {
+ if (!names[i].empty()) {
+ *uid_names[i] = names[i];
+ }
+ }
+
+ refresh_uid_names = false;
+}
+
std::unordered_map<uint32_t, struct uid_info> uid_monitor::get_uid_io_stats_locked()
{
std::unordered_map<uint32_t, struct uid_info> uid_io_stats;
@@ -67,7 +90,8 @@
std::vector<std::string> io_stats = Split(buffer, "\n");
struct uid_info u;
- bool refresh_uid = false;
+ vector<int> uids;
+ vector<std::string*> uid_names;
for (uint32_t i = 0; i < io_stats.size(); i++) {
if (io_stats[i].empty()) {
@@ -91,17 +115,19 @@
continue;
}
- if (last_uid_io_stats.find(u.uid) == last_uid_io_stats.end()) {
- refresh_uid = true;
- u.name = std::to_string(u.uid);
- } else {
- u.name = last_uid_io_stats[u.uid].name;
- }
uid_io_stats[u.uid] = u;
+ uid_io_stats[u.uid].name = std::to_string(u.uid);
+ uids.push_back(u.uid);
+ uid_names.push_back(&uid_io_stats[u.uid].name);
+ if (last_uid_io_stats.find(u.uid) == last_uid_io_stats.end()) {
+ refresh_uid_names = true;
+ } else {
+ uid_io_stats[u.uid].name = last_uid_io_stats[u.uid].name;
+ }
}
- if (refresh_uid) {
- packagelist_parse(packagelist_parse_cb, &uid_io_stats);
+ if (!uids.empty() && refresh_uid_names) {
+ get_uid_names(uids, uid_names);
}
return uid_io_stats;
@@ -228,13 +254,13 @@
last_uid_io_stats[uid.uid].io[BACKGROUND].write_bytes;
usage.bytes[READ][FOREGROUND][charger_stat] +=
- (fg_rd_delta < 0) ? uid.io[FOREGROUND].read_bytes : fg_rd_delta;
+ (fg_rd_delta < 0) ? 0 : fg_rd_delta;
usage.bytes[READ][BACKGROUND][charger_stat] +=
- (bg_rd_delta < 0) ? uid.io[BACKGROUND].read_bytes : bg_rd_delta;
+ (bg_rd_delta < 0) ? 0 : bg_rd_delta;
usage.bytes[WRITE][FOREGROUND][charger_stat] +=
- (fg_wr_delta < 0) ? uid.io[FOREGROUND].write_bytes : fg_wr_delta;
+ (fg_wr_delta < 0) ? 0 : fg_wr_delta;
usage.bytes[WRITE][BACKGROUND][charger_stat] +=
- (bg_wr_delta < 0) ? uid.io[BACKGROUND].write_bytes : bg_wr_delta;
+ (bg_wr_delta < 0) ? 0 : bg_wr_delta;
}
last_uid_io_stats = uid_io_stats;
diff --git a/trusty/Android.bp b/trusty/Android.bp
index 386fbe6..2fb2e19 100644
--- a/trusty/Android.bp
+++ b/trusty/Android.bp
@@ -2,6 +2,5 @@
"gatekeeper",
"keymaster",
"libtrusty",
- "nvram",
"storage/*",
]
diff --git a/trusty/gatekeeper/Android.bp b/trusty/gatekeeper/Android.bp
index a9566a1..65b271a 100644
--- a/trusty/gatekeeper/Android.bp
+++ b/trusty/gatekeeper/Android.bp
@@ -22,6 +22,7 @@
cc_library_shared {
name: "gatekeeper.trusty",
+ vendor: true,
relative_install_path: "hw",
@@ -43,4 +44,5 @@
"libcutils",
"libtrusty",
],
+ header_libs: ["libhardware_headers"],
}
diff --git a/trusty/keymaster/Android.bp b/trusty/keymaster/Android.bp
index 6b9d723..0820fa0 100644
--- a/trusty/keymaster/Android.bp
+++ b/trusty/keymaster/Android.bp
@@ -25,6 +25,7 @@
// and ECDSA keys.
cc_binary {
name: "trusty_keymaster_tipc",
+ vendor: true,
srcs: [
"trusty_keymaster_device.cpp",
"trusty_keymaster_ipc.cpp",
@@ -45,6 +46,7 @@
// keystore.trusty is the HAL used by keystore on Trusty devices.
cc_library_shared {
name: "keystore.trusty",
+ vendor: true,
relative_install_path: "hw",
srcs: [
"module.cpp",
@@ -65,4 +67,5 @@
"liblog",
"libcutils",
],
+ header_libs: ["libhardware_headers"],
}
diff --git a/trusty/libtrusty/Android.bp b/trusty/libtrusty/Android.bp
index f316da2..88d6240 100644
--- a/trusty/libtrusty/Android.bp
+++ b/trusty/libtrusty/Android.bp
@@ -18,6 +18,7 @@
cc_library {
name: "libtrusty",
+ vendor: true,
srcs: ["trusty.c"],
export_include_dirs: ["include"],
diff --git a/trusty/libtrusty/tipc-test/Android.bp b/trusty/libtrusty/tipc-test/Android.bp
index cb00fe7..25a3cb0 100644
--- a/trusty/libtrusty/tipc-test/Android.bp
+++ b/trusty/libtrusty/tipc-test/Android.bp
@@ -14,12 +14,14 @@
cc_test {
name: "tipc-test",
- static_executable: true,
+ vendor: true,
srcs: ["tipc_test.c"],
static_libs: [
- "libc",
"libtrusty",
+ ],
+ shared_libs: [
+ "libc",
"liblog",
],
gtest: false,
diff --git a/trusty/nvram/Android.bp b/trusty/nvram/Android.bp
deleted file mode 100644
index 15e6c3e..0000000
--- a/trusty/nvram/Android.bp
+++ /dev/null
@@ -1,61 +0,0 @@
-//
-// Copyright (C) 2016 The Android Open-Source Project
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-//
-
-// nvram.trusty is the Trusty NVRAM HAL module.
-cc_library_shared {
- name: "nvram.trusty",
- relative_install_path: "hw",
- srcs: [
- "module.c",
- "trusty_nvram_device.cpp",
- "trusty_nvram_implementation.cpp",
- ],
-
- cflags: [
- "-Wall",
- "-Werror",
- "-Wextra",
- "-fvisibility=hidden",
- ],
- static_libs: ["libnvram-hal"],
- shared_libs: [
- "libtrusty",
- "libnvram-messages",
- "liblog",
- ],
-}
-
-// nvram-wipe is a helper tool for clearing NVRAM state.
-cc_binary {
- name: "nvram-wipe",
- srcs: [
- "nvram_wipe.cpp",
- "trusty_nvram_implementation.cpp",
- ],
-
- cflags: [
- "-Wall",
- "-Werror",
- "-Wextra",
- "-fvisibility=hidden",
- ],
- static_libs: ["libnvram-hal"],
- shared_libs: [
- "libtrusty",
- "libnvram-messages",
- "liblog",
- ],
-}
diff --git a/trusty/nvram/module.c b/trusty/nvram/module.c
deleted file mode 100644
index a2e64d3..0000000
--- a/trusty/nvram/module.c
+++ /dev/null
@@ -1,39 +0,0 @@
-/*
- * Copyright (C) 2016 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <hardware/nvram.h>
-
-// This function is defined in trusty_nvram_device.cpp.
-int trusty_nvram_open(const hw_module_t* module,
- const char* device_id,
- hw_device_t** device_ptr);
-
-static struct hw_module_methods_t nvram_module_methods = {
- .open = trusty_nvram_open,
-};
-
-struct nvram_module HAL_MODULE_INFO_SYM
- __attribute__((visibility("default"))) = {
- .common = {.tag = HARDWARE_MODULE_TAG,
- .module_api_version = NVRAM_MODULE_API_VERSION_0_1,
- .hal_api_version = HARDWARE_HAL_API_VERSION,
- .id = NVRAM_HARDWARE_MODULE_ID,
- .name = "Trusty NVRAM HAL",
- .author = "The Android Open Source Project",
- .methods = &nvram_module_methods,
- .dso = 0,
- .reserved = {}},
-};
diff --git a/trusty/nvram/nvram_wipe.cpp b/trusty/nvram/nvram_wipe.cpp
deleted file mode 100644
index d0f4fad..0000000
--- a/trusty/nvram/nvram_wipe.cpp
+++ /dev/null
@@ -1,66 +0,0 @@
-/*
- * Copyright (C) 2016 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <nvram/messages/nvram_messages.h>
-
-#include "trusty_nvram_implementation.h"
-
-void usage(const char* program_name) {
- fprintf(stderr, "Usage: %s [status|disable|wipe]\n", program_name);
- exit(-1);
-}
-
-int main(int argc, char* argv[]) {
- if (argc < 2) {
- usage(argv[0]);
- }
-
- nvram::TrustyNvramImplementation nvram_proxy;
- nvram::Request request;
- nvram::Response response;
-
- if (!strcmp(argv[1], "status")) {
- request.payload.Activate<nvram::COMMAND_GET_INFO>();
- nvram_proxy.Execute(request, &response);
- const nvram::GetInfoResponse* get_info_response =
- response.payload.get<nvram::COMMAND_GET_INFO>();
- if (response.result == NV_RESULT_SUCCESS) {
- int status = get_info_response && get_info_response->wipe_disabled;
- printf("Wiping disabled: %d\n", status);
- return status;
- }
- } else if (!strcmp(argv[1], "disable")) {
- request.payload.Activate<nvram::COMMAND_DISABLE_WIPE>();
- nvram_proxy.Execute(request, &response);
- } else if (!strcmp(argv[1], "wipe")) {
- request.payload.Activate<nvram::COMMAND_WIPE_STORAGE>();
- nvram_proxy.Execute(request, &response);
- } else {
- usage(argv[0]);
- }
-
- if (response.result != NV_RESULT_SUCCESS) {
- fprintf(stderr, "Command execution failure: %u\n", response.result);
- return -1;
- }
-
- return 0;
-}
-
diff --git a/trusty/nvram/trusty_nvram_device.cpp b/trusty/nvram/trusty_nvram_device.cpp
deleted file mode 100644
index 2c50915..0000000
--- a/trusty/nvram/trusty_nvram_device.cpp
+++ /dev/null
@@ -1,32 +0,0 @@
-/*
- * Copyright (C) 2016 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <nvram/hal/nvram_device_adapter.h>
-
-#include "trusty_nvram_implementation.h"
-
-extern "C" int trusty_nvram_open(const hw_module_t* module,
- const char* device_id,
- hw_device_t** device_ptr) {
- if (strcmp(NVRAM_HARDWARE_DEVICE_ID, device_id) != 0) {
- return -EINVAL;
- }
-
- nvram::NvramDeviceAdapter* adapter = new nvram::NvramDeviceAdapter(
- module, new nvram::TrustyNvramImplementation);
- *device_ptr = adapter->as_device();
- return 0;
-}
diff --git a/trusty/nvram/trusty_nvram_implementation.cpp b/trusty/nvram/trusty_nvram_implementation.cpp
deleted file mode 100644
index 9215c85..0000000
--- a/trusty/nvram/trusty_nvram_implementation.cpp
+++ /dev/null
@@ -1,113 +0,0 @@
-/*
- * Copyright (C) 2016 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#define LOG_TAG "TrustyNVRAM"
-
-#include "trusty_nvram_implementation.h"
-
-#include <errno.h>
-#include <string.h>
-#include <unistd.h>
-
-#include <hardware/nvram.h>
-#include <log/log.h>
-#include <trusty/tipc.h>
-
-#include <nvram/messages/blob.h>
-
-namespace nvram {
-namespace {
-
-// Character device to open for Trusty IPC connections.
-const char kTrustyDeviceName[] = "/dev/trusty-ipc-dev0";
-
-// App identifier of the NVRAM app.
-const char kTrustyNvramAppId[] = "com.android.trusty.nvram";
-
-} // namespace
-
-TrustyNvramImplementation::~TrustyNvramImplementation() {
- if (tipc_nvram_fd_ != -1) {
- tipc_close(tipc_nvram_fd_);
- tipc_nvram_fd_ = -1;
- }
-}
-
-void TrustyNvramImplementation::Execute(const nvram::Request& request,
- nvram::Response* response) {
- if (!SendRequest(request, response)) {
- response->result = NV_RESULT_INTERNAL_ERROR;
- }
-}
-
-bool TrustyNvramImplementation::Connect() {
- if (tipc_nvram_fd_ != -1) {
- return true;
- }
-
- int rc = tipc_connect(kTrustyDeviceName, kTrustyNvramAppId);
- if (rc < 0) {
- ALOGE("Failed to connect to Trusty NVRAM app: %s\n", strerror(-rc));
- return false;
- }
-
- tipc_nvram_fd_ = rc;
- return true;
-}
-
-bool TrustyNvramImplementation::SendRequest(const nvram::Request& request,
- nvram::Response* response) {
- if (!Connect()) {
- return false;
- }
-
- nvram::Blob request_buffer;
- if (!nvram::Encode(request, &request_buffer)) {
- ALOGE("Failed to encode NVRAM request.\n");
- return false;
- }
-
- ssize_t rc =
- write(tipc_nvram_fd_, request_buffer.data(), request_buffer.size());
- if (rc < 0) {
- ALOGE("Failed to send NVRAM request: %s\n", strerror(-rc));
- return false;
- }
- if (static_cast<size_t>(rc) != request_buffer.size()) {
- ALOGE("Failed to send full request buffer: %zd\n", rc);
- return false;
- }
-
- rc = read(tipc_nvram_fd_, response_buffer_, sizeof(response_buffer_));
- if (rc < 0) {
- ALOGE("Failed to read NVRAM response: %s\n", strerror(-rc));
- return false;
- }
-
- if (static_cast<size_t>(rc) >= sizeof(response_buffer_)) {
- ALOGE("NVRAM response exceeds response buffer size.\n");
- return false;
- }
-
- if (!nvram::Decode(response_buffer_, static_cast<size_t>(rc), response)) {
- ALOGE("Failed to decode NVRAM response.\n");
- return false;
- }
-
- return true;
-}
-
-} // namespace nvram
diff --git a/trusty/nvram/trusty_nvram_implementation.h b/trusty/nvram/trusty_nvram_implementation.h
deleted file mode 100644
index 60758f7..0000000
--- a/trusty/nvram/trusty_nvram_implementation.h
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
- * Copyright (C) 2016 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef TRUSTY_NVRAM_TRUSTY_NVRAM_IMPLEMENTATION_H_
-#define TRUSTY_NVRAM_TRUSTY_NVRAM_IMPLEMENTATION_H_
-
-#include <stdint.h>
-
-#include <nvram/hal/nvram_device_adapter.h>
-#include <nvram/messages/nvram_messages.h>
-
-namespace nvram {
-
-// |TrustyNvramImplementation| proxies requests to the Trusty NVRAM app. It
-// serializes the request objects, sends it to the Trusty app and finally reads
-// back the result and decodes it.
-class TrustyNvramImplementation : public nvram::NvramImplementation {
- public:
- ~TrustyNvramImplementation() override;
-
- void Execute(const nvram::Request& request,
- nvram::Response* response) override;
-
- private:
- // Connects the IPC channel to the Trusty app if it is not already open.
- // Returns true if the channel is open, false on errors.
- bool Connect();
-
- // Dispatches a command to the trust app. Returns true if successful (note
- // that the response may still indicate an error on the Trusty side), false if
- // there are any I/O or encoding/decoding errors.
- bool SendRequest(const nvram::Request& request,
- nvram::Response* response);
-
- // The file descriptor for the IPC connection to the Trusty app.
- int tipc_nvram_fd_ = -1;
-
- // Response buffer. This puts a hard size limit on the responses from the
- // Trusty app. 4096 matches the maximum IPC message size currently supported
- // by Trusty.
- uint8_t response_buffer_[4096];
-};
-
-} // namespace nvram
-
-#endif // TRUSTY_NVRAM_TRUSTY_NVRAM_IMPLEMENTATION_H_
diff --git a/trusty/storage/interface/Android.bp b/trusty/storage/interface/Android.bp
index a551c37..18b4a5f 100644
--- a/trusty/storage/interface/Android.bp
+++ b/trusty/storage/interface/Android.bp
@@ -16,5 +16,6 @@
cc_library_static {
name: "libtrustystorageinterface",
+ vendor: true,
export_include_dirs: ["include"],
}
diff --git a/trusty/storage/lib/Android.bp b/trusty/storage/lib/Android.bp
index 5eb3f07..4e41674 100644
--- a/trusty/storage/lib/Android.bp
+++ b/trusty/storage/lib/Android.bp
@@ -16,16 +16,19 @@
cc_library_static {
name: "libtrustystorage",
+ vendor: true,
srcs: ["storage.c"],
export_include_dirs: ["include"],
static_libs: [
- "liblog",
"libtrusty",
"libtrustystorageinterface",
],
+ shared_libs: [
+ "liblog",
+ ],
cflags: [
"-fvisibility=hidden",
diff --git a/trusty/storage/proxy/Android.bp b/trusty/storage/proxy/Android.bp
index eb34df0..da8542d 100644
--- a/trusty/storage/proxy/Android.bp
+++ b/trusty/storage/proxy/Android.bp
@@ -16,6 +16,7 @@
cc_binary {
name: "storageproxyd",
+ vendor: true,
srcs: [
"ipc.c",
@@ -25,6 +26,7 @@
],
shared_libs: ["liblog"],
+ header_libs: ["libcutils_headers"],
static_libs: [
"libtrustystorageinterface",
diff --git a/trusty/storage/proxy/proxy.c b/trusty/storage/proxy/proxy.c
index 27e5891..41263e5 100644
--- a/trusty/storage/proxy/proxy.c
+++ b/trusty/storage/proxy/proxy.c
@@ -24,7 +24,7 @@
#include <sys/stat.h>
#include <unistd.h>
-#include <private/android_filesystem_config.h>
+#include <cutils/android_filesystem_config.h>
#include "ipc.h"
#include "log.h"
diff --git a/trusty/storage/tests/Android.bp b/trusty/storage/tests/Android.bp
index 1e4fced..536c3ca 100644
--- a/trusty/storage/tests/Android.bp
+++ b/trusty/storage/tests/Android.bp
@@ -16,6 +16,7 @@
cc_test {
name: "secure-storage-unit-test",
+ vendor: true,
cflags: [
"-g",
@@ -28,6 +29,8 @@
"libtrustystorageinterface",
"libtrustystorage",
"libtrusty",
+ ],
+ shared_libs: [
"liblog",
],