Don't rely on the GC to clean up FD resources when they can
just be cleaned up immediately. We know the MemoryFile isn't
going to be used any further, so just close it.
Bug: 138323667
Test: Repro steps in bug. Verified addresses FD leak in system_server from repeatedly opening & closing settings.
Change-Id: Ic82006c9cb48f580aaad942c4679e774186382c9
Bug: 138422309
This reverts commit 390d9e6a18.
Reason for revert: crashes documented in b/138422309
Change-Id: I235f727d0fe87c09f6f05dddcae7759bab64dfd8
Bug: 138422309
This reverts commit 20ab1e3427.
Reason for revert: crashes documented in b/138422309
Change-Id: Ic9e33fdb24bad2b30f0eb357d6752c1834df41d5
We run the Cleaner in close, but after the fix in commit 6ca916a6, this
no longer clears the value stored in the FileDescriptor, which means
that subsequent operations on an explicitly closed SharedMemory will
operate on a bogus fd number. Clearing the FileDescriptor value in close
is sufficient, because Cleaner.clean is idempotent, and the only other
case where it executes is when the FileDescriptor is phantom reachable,
which means no one can access it to get its integer value.
Bug: http://b/138392115
Bug: http://b/138323667
Test: treehugger
Change-Id: I8bdb4c745466532a0712976416184c53fcf0dbf6
(cherry picked from commit a7641806dd)
Previously, the Cleaner we create to close the ashmem file descriptor
used a thunk that held a strong reference to the FileDescriptor we
wanted to clean up, which prevented the Cleaner from ever running.
Break the cycle by storing the integer value of the file descriptor
instead.
Bug: http://b/138323667
Test: treehugger
Change-Id: I613a7d035892032f9567d59acb04672957c96011
(cherry picked from commit 6ca916a657)
In Q, these APIs were either:
- removed from the greylist entirely without good reason
- Moved to the restricted greylist without any public alternative
information added
So they are being moved back to the greylist for Q.
Test: Treehugger
Bug: 136102585
Change-Id: I5ac8b8b9b23c3789d80239cf456072cc7dfa1203
When DND is on, it sets AppOps to return MODE_IGNORED for any non-touch
vibrations. Unfortunately, this means it blocks critical vibrations as
well, like emergency alerts. In order to avoid this, we need to respect
FLAG_BYPASS_INTERRUPTION_POLICY when set on the vibration attributes.
Bug: 132112663
Bug: 135686242
Test: Manual
Change-Id: I59465eed057b077a4c0548af162e0fec1c29afdc
This changes RescueParty to call vold over binder directly for
Checkpointing related calls. It turns out that if the system is in a bad
enough state, the other method would not work, as some of the services
required would not be running.
Bug: 135558798
Test: setprop persist.sys.enable_rescue 1
setprop debug.crash_system 1 or setprop debug.crash_sysui 1
vdc checkpoint startCheckpoint 3
stop
start
Device should go through the rescueparty flow, and reboot.
Repeat without checkpoint. Device should prompt reboot.
Change-Id: I8b11d68075cc291e9557d524bc87b54d17b370e4
Previously, there's only one Game Driver existed in the system, so we process
sphal libraries in GPU service to save the launch time for loading Game Driver.
Now we need to support a separate prerelease driver, so we have to move the
processing back to app launch time.
Bug: 134881329
Test: Manual test with prerelease driver and Settings UI.
Change-Id: Ic1bb412a6a026c68f55243c906bd56fe1fee44c3
This patch partially reversts ag/6991475 and ag/7161709. These changes
are no longer needed due to a change in the graphics driver strategy for
Q.
In addition, the preloading of the graphics driver in the USAPs need to
be removed to avoid causing a memory regression on devices with graphics
driver preloading in the Zygote disabled.
Bug: 134526352
Test: Treehugger
Change-Id: I570037866d1ae90794c711622e6045ebbffa5b9c
Merged-In: I570037866d1ae90794c711622e6045ebbffa5b9c
(cherry picked from commit fcd68fd74b)
Earlier, this API only used to consider op_legacy_storage
appop to decide whether an app will get legacy storage view
or not but there are few other factors it needs to consider
like whether the app has WRITE_MEDIA_STORAGE permission or
whether app was allowed to be an installer in which case it
will get legacy access.
Bug: 132760141
Test: atest cts/hostsidetests/appsecurity/src/android/appsecurity/cts/ExternalStorageHostTest.java
Change-Id: I227a171bf40e43e135e1a6dbc819cfad21d91520
It's possible that the Ringtone URIs will be pre-canonicalized, which
don't maintain equality when compared to uncanonicalized URIs. In order
to handle this case, we just need to uncanonicalize both URIs before
comparing.
Fixes: 134394754
Test: manual, verified audio-coupled haptics works again on B1C1
Change-Id: I2e216db1013d5bc0db0a1622e0670853663f0db8
Bug: 133515802
Test: Verified that malloc debug can be enabled on a USAP enabled device.
(cherry picked from commit 86bd25d5ed)
Change-Id: I5f25030ce8e667d175712796c0950f38baa2532d
Merged-In: I5f25030ce8e667d175712796c0950f38baa2532d
An app opting in to "profileable" does not mean we should
allow it to load ANGLE libraries from the debug package.
Bug: 128637647
Test: atest CtsGpuToolsHostTestCases
Change-Id: I5c6ea33a1e1624e006bc4865bc0a06ea92d9d806
This reverts commit 3832aa9906.
Loading layers for apps that have opted for "profileable" breaks
the Android security model. They have only consented to exposing
profiling information, not exposing data under its control. Layers
have access to everything in the API calls.
Bug: 128637647
Test: atest CtsGpuToolsHostTestCases
Change-Id: I5aed181c3cec616c3ce98a1a30287b30f190ba9b
StatsService to update UID data and overflows kernel transfer buffer.
In this case, the IPC call silently fails. The issue was discovered in Android Automotive Embedded use case that employs multiuser setup. This causes more uid data being sent via one-way StatsCompanionService::informAllUidData call than usual and can trigger the issue. As the result, uid map on statsd side is empty and many metrics are not captured.
Bug: b/132444397
Fixes: b/132444397
Test: Did a clean build of master branch and flashed the device. adb
shell cmd stats print-uid-map returned without any result. Repeated the
steps after implementing the fix, print-uid-map returns the results now.
Change-Id: I1451c13b36696449c145c51618c68d10e29a596a
