Merge "Revert "init: Terminate gracefully when CAP_SYS_BOOT is absent"" am: b5b4136ac4 am: aa447d7aa5 am: 3734cd3442
am: 387f28c18a
Change-Id: Id00c27b2d10743e0a19a6bfb8da85aa2e2c3f622
diff --git a/fs_mgr/Android.bp b/fs_mgr/Android.bp
index 0af6159..4441ad0 100644
--- a/fs_mgr/Android.bp
+++ b/fs_mgr/Android.bp
@@ -22,7 +22,6 @@
local_include_dirs: ["include/"],
cppflags: ["-Werror"],
static_libs: [
- "liblogwrap",
"libfec",
"libfec_rs",
"libbase",
@@ -33,6 +32,9 @@
"libselinux",
"libavb",
],
+ whole_static_libs: [
+ "liblogwrap",
+ ],
}
cc_library_static {
diff --git a/fs_mgr/Android.mk b/fs_mgr/Android.mk
index f3ca724..9249343 100644
--- a/fs_mgr/Android.mk
+++ b/fs_mgr/Android.mk
@@ -21,6 +21,7 @@
LOCAL_C_INCLUDES := $(LOCAL_PATH)/include
LOCAL_MODULE:= fs_mgr
LOCAL_MODULE_TAGS := optional
+LOCAL_REQUIRED_MODULES := mke2fs mke2fs.conf e2fsdroid
LOCAL_FORCE_STATIC_EXECUTABLE := true
LOCAL_MODULE_PATH := $(TARGET_ROOT_OUT)/sbin
LOCAL_UNSTRIPPED_PATH := $(TARGET_ROOT_OUT_UNSTRIPPED)
diff --git a/fs_mgr/fs_mgr_format.cpp b/fs_mgr/fs_mgr_format.cpp
index a03d92c..fc88217 100644
--- a/fs_mgr/fs_mgr_format.cpp
+++ b/fs_mgr/fs_mgr_format.cpp
@@ -24,21 +24,16 @@
#include <cutils/partition_utils.h>
#include <sys/mount.h>
-#include <ext4_utils/ext4_utils.h>
#include <ext4_utils/ext4.h>
-#include <ext4_utils/make_ext4fs.h>
-#include <selinux/selinux.h>
-#include <selinux/label.h>
+#include <ext4_utils/ext4_utils.h>
+#include <logwrap/logwrap.h>
#include <selinux/android.h>
+#include <selinux/label.h>
+#include <selinux/selinux.h>
#include "fs_mgr_priv.h"
#include "cryptfs.h"
-extern "C" {
-extern struct fs_info info; /* magic global from ext4_utils */
-extern void reset_ext4fs_info();
-}
-
static int format_ext4(char *fs_blkdev, char *fs_mnt_point, bool crypt_footer)
{
uint64_t dev_sz;
@@ -55,30 +50,36 @@
return -1;
}
- struct selabel_handle *sehandle = selinux_android_file_context_handle();
- if (!sehandle) {
- /* libselinux logs specific error */
- LERROR << "Cannot initialize android file_contexts";
- close(fd);
- return -1;
- }
-
- /* Format the partition using the calculated length */
- reset_ext4fs_info();
- info.len = (off64_t)dev_sz;
- if (crypt_footer) {
- info.len -= CRYPT_FOOTER_OFFSET;
- }
-
- /* Use make_ext4fs_internal to avoid wiping an already-wiped partition. */
- rc = make_ext4fs_internal(fd, NULL, NULL, fs_mnt_point, 0, 0, 0, 0, 0, 0, sehandle, 0, 0, NULL, NULL, NULL);
- if (rc) {
- LERROR << "make_ext4fs returned " << rc;
- }
close(fd);
- if (sehandle) {
- selabel_close(sehandle);
+ /* Format the partition using the calculated length */
+ if (crypt_footer) {
+ dev_sz -= CRYPT_FOOTER_OFFSET;
+ }
+
+ std::string size_str = std::to_string(dev_sz / 4096);
+ const char* const mke2fs_args[] = {
+ "/system/bin/mke2fs", "-t", "ext4", "-b", "4096", fs_blkdev, size_str.c_str(), nullptr};
+
+ rc = android_fork_execvp_ext(arraysize(mke2fs_args), const_cast<char**>(mke2fs_args), NULL,
+ true, LOG_KLOG, true, nullptr, nullptr, 0);
+ if (rc) {
+ LERROR << "mke2fs returned " << rc;
+ return rc;
+ }
+
+ const char* const e2fsdroid_args[] = {
+ "/system/bin/e2fsdroid",
+ "-e",
+ "-a",
+ fs_mnt_point,
+ fs_blkdev,
+ nullptr};
+
+ rc = android_fork_execvp_ext(arraysize(e2fsdroid_args), const_cast<char**>(e2fsdroid_args),
+ NULL, true, LOG_KLOG, true, nullptr, nullptr, 0);
+ if (rc) {
+ LERROR << "e2fsdroid returned " << rc;
}
return rc;
@@ -86,44 +87,10 @@
static int format_f2fs(char *fs_blkdev)
{
- char * args[5];
- int pid;
- int rc = 0;
+ const char* const args[] = {"/system/bin/make_f2fs", "-f", "-O encrypt", fs_blkdev, nullptr};
- args[0] = (char *)"/system/bin/make_f2fs";
- args[1] = (char *)"-f";
- args[2] = (char *)"-O encrypt";
- args[3] = fs_blkdev;
- args[4] = (char *)0;
-
- pid = fork();
- if (pid < 0) {
- return pid;
- }
- if (!pid) {
- /* This doesn't return */
- execv(args[0], args);
- exit(1);
- }
- for(;;) {
- pid_t p = waitpid(pid, &rc, 0);
- if (p != pid) {
- LERROR << "Error waiting for child process - " << p;
- rc = -1;
- break;
- }
- if (WIFEXITED(rc)) {
- rc = WEXITSTATUS(rc);
- LINFO << args[0] << " done, status " << rc;
- if (rc) {
- rc = -1;
- }
- break;
- }
- LERROR << "Still waiting for " << args[0] << "...";
- }
-
- return rc;
+ return android_fork_execvp_ext(arraysize(args), const_cast<char**>(args), NULL, true,
+ LOG_KLOG, true, nullptr, nullptr, 0);
}
int fs_mgr_do_format(struct fstab_rec *fstab, bool crypt_footer)
diff --git a/init/init.cpp b/init/init.cpp
index 2335b3a..ae878de 100644
--- a/init/init.cpp
+++ b/init/init.cpp
@@ -895,7 +895,6 @@
selinux_android_restorecon("/dev/urandom", 0);
selinux_android_restorecon("/dev/__properties__", 0);
- selinux_android_restorecon("/file_contexts.bin", 0);
selinux_android_restorecon("/plat_file_contexts", 0);
selinux_android_restorecon("/nonplat_file_contexts", 0);
selinux_android_restorecon("/plat_property_contexts", 0);
@@ -912,8 +911,8 @@
selinux_android_restorecon("/dev/block", SELINUX_ANDROID_RESTORECON_RECURSE);
selinux_android_restorecon("/dev/device-mapper", 0);
- selinux_android_restorecon("/sbin/mke2fs", 0);
- selinux_android_restorecon("/sbin/e2fsdroid", 0);
+ selinux_android_restorecon("/sbin/mke2fs_static", 0);
+ selinux_android_restorecon("/sbin/e2fsdroid_static", 0);
}
// Set the UDC controller for the ConfigFS USB Gadgets.
diff --git a/libappfuse/FuseBridgeLoop.cc b/libappfuse/FuseBridgeLoop.cc
index 0792307..5a897a4 100644
--- a/libappfuse/FuseBridgeLoop.cc
+++ b/libappfuse/FuseBridgeLoop.cc
@@ -173,13 +173,20 @@
}
FuseBridgeState ReadFromDevice(FuseBridgeLoopCallback* callback) {
+ // To observe APCT failures.
+ base::ScopedLogSeverity log_severity(base::VERBOSE);
+
LOG(VERBOSE) << "ReadFromDevice";
if (!buffer_.request.Read(device_fd_)) {
return FuseBridgeState::kClosing;
}
const uint32_t opcode = buffer_.request.header.opcode;
- LOG(VERBOSE) << "Read a fuse packet, opcode=" << opcode;
+ const uint64_t unique = buffer_.request.header.unique;
+ LOG(VERBOSE) << "Read a fuse packet, opcode=" << opcode << " unique=" << unique;
+ if (unique == 0) {
+ return FuseBridgeState::kWaitToReadEither;
+ }
switch (opcode) {
case FUSE_FORGET:
// Do not reply to FUSE_FORGET.
diff --git a/libappfuse/tests/FuseBridgeLoopTest.cc b/libappfuse/tests/FuseBridgeLoopTest.cc
index 51d6051..0a28451 100644
--- a/libappfuse/tests/FuseBridgeLoopTest.cc
+++ b/libappfuse/tests/FuseBridgeLoopTest.cc
@@ -67,6 +67,7 @@
memset(&request_, 0, sizeof(FuseRequest));
request_.header.opcode = opcode;
request_.header.len = sizeof(fuse_in_header);
+ request_.header.unique = 1;
ASSERT_TRUE(request_.Write(dev_sockets_[0]));
memset(&response_, 0, sizeof(FuseResponse));
diff --git a/libsync/libsync.map.txt b/libsync/libsync.map.txt
index daa28ae..f9057bd 100644
--- a/libsync/libsync.map.txt
+++ b/libsync/libsync.map.txt
@@ -17,8 +17,8 @@
LIBSYNC {
global:
sync_merge; # introduced=26
- sync_get_fence_info; # introduced=26
- sync_free_fence_info; # introduced=26
+ sync_file_info; # introduced=26
+ sync_file_info_free; # introduced=26
local:
*;
};
diff --git a/lmkd/lmkd.c b/lmkd/lmkd.c
index 8a6168c..c095315 100644
--- a/lmkd/lmkd.c
+++ b/lmkd/lmkd.c
@@ -40,7 +40,8 @@
#endif
#define MEMCG_SYSFS_PATH "/dev/memcg/"
-#define MEMPRESSURE_WATCH_LEVEL "low"
+#define MEMPRESSURE_WATCH_MEDIUM_LEVEL "medium"
+#define MEMPRESSURE_WATCH_CRITICAL_LEVEL "critical"
#define ZONEINFO_PATH "/proc/zoneinfo"
#define LINE_MAX 128
@@ -48,6 +49,7 @@
#define INKERNEL_ADJ_PATH "/sys/module/lowmemorykiller/parameters/adj"
#define ARRAY_SIZE(x) (sizeof(x) / sizeof(*(x)))
+#define EIGHT_MEGA (1 << 23)
enum lmk_cmd {
LMK_TARGET,
@@ -66,15 +68,17 @@
static int use_inkernel_interface = 1;
/* memory pressure level medium event */
-static int mpevfd;
+static int mpevfd[2];
+#define CRITICAL_INDEX 1
+#define MEDIUM_INDEX 0
/* control socket listen and data */
static int ctrl_lfd;
static int ctrl_dfd = -1;
static int ctrl_dfd_reopened; /* did we reopen ctrl conn on this loop? */
-/* 1 memory pressure level, 1 ctrl listen socket, 1 ctrl data socket */
-#define MAX_EPOLL_EVENTS 3
+/* 2 memory pressure levels, 1 ctrl listen socket, 1 ctrl data socket */
+#define MAX_EPOLL_EVENTS 4
static int epollfd;
static int maxevents;
@@ -113,14 +117,6 @@
#define ADJTOSLOT(adj) ((adj) + -OOM_SCORE_ADJ_MIN)
static struct adjslot_list procadjslot_list[ADJTOSLOT(OOM_SCORE_ADJ_MAX) + 1];
-/*
- * Wait 1-2 seconds for the death report of a killed process prior to
- * considering killing more processes.
- */
-#define KILL_TIMEOUT 2
-/* Time of last process kill we initiated, stop me before I kill again */
-static time_t kill_lasttime;
-
/* PAGE_SIZE / 1024 */
static long page_k;
@@ -241,6 +237,7 @@
struct proc *procp;
char path[80];
char val[20];
+ int soft_limit_mult;
if (oomadj < OOM_SCORE_ADJ_MIN || oomadj > OOM_SCORE_ADJ_MAX) {
ALOGE("Invalid PROCPRIO oomadj argument %d", oomadj);
@@ -254,6 +251,36 @@
if (use_inkernel_interface)
return;
+ if (oomadj >= 900) {
+ soft_limit_mult = 0;
+ } else if (oomadj >= 800) {
+ soft_limit_mult = 0;
+ } else if (oomadj >= 700) {
+ soft_limit_mult = 0;
+ } else if (oomadj >= 600) {
+ soft_limit_mult = 0;
+ } else if (oomadj >= 500) {
+ soft_limit_mult = 0;
+ } else if (oomadj >= 400) {
+ soft_limit_mult = 0;
+ } else if (oomadj >= 300) {
+ soft_limit_mult = 1;
+ } else if (oomadj >= 200) {
+ soft_limit_mult = 2;
+ } else if (oomadj >= 100) {
+ soft_limit_mult = 10;
+ } else if (oomadj >= 0) {
+ soft_limit_mult = 20;
+ } else {
+ // Persistent processes will have a large
+ // soft limit 512MB.
+ soft_limit_mult = 64;
+ }
+
+ snprintf(path, sizeof(path), "/dev/memcg/apps/uid_%d/pid_%d/memory.soft_limit_in_bytes", uid, pid);
+ snprintf(val, sizeof(val), "%d", soft_limit_mult * EIGHT_MEGA);
+ writefilestring(path, val);
+
procp = pid_lookup(pid);
if (!procp) {
procp = malloc(sizeof(struct proc));
@@ -278,7 +305,6 @@
return;
pid_remove(pid);
- kill_lasttime = 0;
}
static void cmd_target(int ntargets, int *params) {
@@ -574,7 +600,6 @@
first ? "" : "~", other_file * page_k, minfree * page_k, min_score_adj,
first ? "" : "~", other_free * page_k, other_free >= 0 ? "above" : "below");
r = kill(pid, SIGKILL);
- killProcessGroup(uid, pid, SIGKILL);
pid_remove(pid);
if (r) {
@@ -589,24 +614,12 @@
* Find a process to kill based on the current (possibly estimated) free memory
* and cached memory sizes. Returns the size of the killed processes.
*/
-static int find_and_kill_process(int other_free, int other_file, bool first)
+static int find_and_kill_process(int other_free, int other_file, bool first, int min_score_adj)
{
int i;
- int min_score_adj = OOM_SCORE_ADJ_MAX + 1;
int minfree = 0;
int killed_size = 0;
- for (i = 0; i < lowmem_targets_size; i++) {
- minfree = lowmem_minfree[i];
- if (other_free < minfree && other_file < minfree) {
- min_score_adj = lowmem_adj[i];
- break;
- }
- }
-
- if (min_score_adj == OOM_SCORE_ADJ_MAX + 1)
- return 0;
-
for (i = OOM_SCORE_ADJ_MAX; i >= min_score_adj; i--) {
struct proc *procp;
@@ -626,42 +639,33 @@
return 0;
}
-static void mp_event(uint32_t events __unused) {
+static void mp_event_common(bool is_critical) {
int ret;
unsigned long long evcount;
- struct sysmeminfo mi;
- int other_free;
- int other_file;
- int killed_size;
bool first = true;
+ int min_adj_score = is_critical ? 0 : 800;
+ int index = is_critical ? CRITICAL_INDEX : MEDIUM_INDEX;
- ret = read(mpevfd, &evcount, sizeof(evcount));
+ ret = read(mpevfd[index], &evcount, sizeof(evcount));
if (ret < 0)
ALOGE("Error reading memory pressure event fd; errno=%d",
errno);
- if (time(NULL) - kill_lasttime < KILL_TIMEOUT)
- return;
-
- while (zoneinfo_parse(&mi) < 0) {
- // Failed to read /proc/zoneinfo, assume ENOMEM and kill something
- find_and_kill_process(0, 0, true);
+ if (find_and_kill_process(0, 0, first, min_adj_score) == 0) {
+ ALOGI("Nothing to kill");
}
-
- other_free = mi.nr_free_pages - mi.totalreserve_pages;
- other_file = mi.nr_file_pages - mi.nr_shmem;
-
- do {
- killed_size = find_and_kill_process(other_free, other_file, first);
- if (killed_size > 0) {
- first = false;
- other_free += killed_size;
- other_file += killed_size;
- }
- } while (killed_size > 0);
}
-static int init_mp(char *levelstr, void *event_handler)
+static void mp_event(uint32_t events __unused) {
+ mp_event_common(false);
+}
+
+static void mp_event_critical(uint32_t events __unused) {
+ ALOGI("Memory pressure critical");
+ mp_event_common(true);
+}
+
+static int init_mp_common(char *levelstr, void *event_handler, bool is_critical)
{
int mpfd;
int evfd;
@@ -669,6 +673,7 @@
char buf[256];
struct epoll_event epev;
int ret;
+ int mpevfd_index = is_critical ? CRITICAL_INDEX : MEDIUM_INDEX;
mpfd = open(MEMCG_SYSFS_PATH "memory.pressure_level", O_RDONLY | O_CLOEXEC);
if (mpfd < 0) {
@@ -709,7 +714,7 @@
goto err;
}
maxevents++;
- mpevfd = evfd;
+ mpevfd[mpevfd_index] = evfd;
return 0;
err:
@@ -722,6 +727,16 @@
return -1;
}
+static int init_mp_medium()
+{
+ return init_mp_common(MEMPRESSURE_WATCH_MEDIUM_LEVEL, (void *)&mp_event, false);
+}
+
+static int init_mp_critical()
+{
+ return init_mp_common(MEMPRESSURE_WATCH_CRITICAL_LEVEL, (void *)&mp_event_critical, true);
+}
+
static int init(void) {
struct epoll_event epev;
int i;
@@ -763,7 +778,8 @@
if (use_inkernel_interface) {
ALOGI("Using in-kernel low memory killer interface");
} else {
- ret = init_mp(MEMPRESSURE_WATCH_LEVEL, (void *)&mp_event);
+ ret = init_mp_medium();
+ ret |= init_mp_critical();
if (ret)
ALOGE("Kernel does not support memory pressure events or in-kernel low memory killer");
}
diff --git a/rootdir/etc/ld.config.txt b/rootdir/etc/ld.config.txt
index d64eb35..0a08da5 100644
--- a/rootdir/etc/ld.config.txt
+++ b/rootdir/etc/ld.config.txt
@@ -93,10 +93,10 @@
# This namespace is exclusively for vndk-sp libs.
###############################################################################
namespace.vndk.isolated = true
-namespace.vndk.search.paths = /vendor/${LIB}/vndk-sp:/system/${LIB}/vndk-sp:/vendor/${LIB}
+namespace.vndk.search.paths = /vendor/${LIB}/vndk-sp:/system/${LIB}/vndk-sp
namespace.vndk.permitted.paths = /vendor/${LIB}/hw:/vendor/${LIB}/egl
-namespace.vndk.asan.search.paths = /data/asan/vendor/${LIB}/vndk-sp:/vendor/${LIB}/vndk-sp:/data/asan/system/${LIB}/vndk-sp:/system/${LIB}/vndk-sp:/data/asan/vendor/${LIB}:/vendor/${LIB}
+namespace.vndk.asan.search.paths = /data/asan/vendor/${LIB}/vndk-sp:/vendor/${LIB}/vndk-sp:/data/asan/system/${LIB}/vndk-sp:/system/${LIB}/vndk-sp
namespace.vndk.asan.permitted.paths = /data/asan/vendor/${LIB}/hw:/vendor/${LIB}/hw:/data/asan/vendor/${LIB}/egl:/vendor/${LIB}/egl
# When these NDK libs are required inside this namespace, then it is redirected
diff --git a/rootdir/init.rc b/rootdir/init.rc
index 62dd7bd..4198323 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -319,7 +319,6 @@
# Make sure /sys/kernel/debug (if present) is labeled properly
# Note that tracefs may be mounted under debug, so we need to cross filesystems
restorecon --recursive --cross-filesystems /sys/kernel/debug
- chmod 0755 /sys/kernel/debug/tracing
# We chown/chmod /cache again so because mount is run as root + defaults
chown system cache /cache
@@ -357,6 +356,10 @@
mkdir /cache/lost+found 0770 root root
on late-fs
+ # Ensure that tracefs has the correct permissions.
+ # This does not work correctly if it is called in post-fs.
+ chmod 0755 /sys/kernel/debug/tracing
+
# HALs required before storage encryption can get unlocked (FBE/FDE)
class_start early_hal