This patch takes out the ring buffer array added for NFLOG wakeup packet
events logging and extract it into its own class for reuse. This new
RingBuffer class has the two minimal useful functions append() and
toArray().
Bug: 65164242
Bug: 65700460
Test: runtest frameworks-net, with new unit test
Change-Id: Ib94d79a93f4e99661b7d0fac67117b91d57af980
Before this change, we were throwing a checked exception on success
and returning on failure. This made it hard to figure out where / when
something was going wrong. This change switches things around to throw
a RuntimeException when something goes wrong and to return a Runnable
on success. This lets us make stronger assertions in both the parent
and the child process about their state and expected return values.
This change also upgrades the severity of several errors that we would
earlier just ignore. We will now reject the command and terminate the
connection to the client when we encounter these errors such as:
- Malformed arguments
- Any ZygoteSecurityException, such as thown thrown by
applyUidSecurityPolicy and applyInvokeWithSecurityPolicy.
- Any error in setting up pipes etc. to facilitate communication
with child processes.
(cherry picked from commit bf99d06003)
Bug: 13618569
Test: Manual
Merged-In: Id931d44135ae2e4ede1bbac6a4b187f6c139e1fd
Change-Id: Id931d44135ae2e4ede1bbac6a4b187f6c139e1fd
Before this change, ZygoteProcess.preloadPackageForAbi returned
as soon as the command was written to the zygote socket and not
after the preload completed. This meant that there was a small
window of time before the server side of the socket polled its FDs
where a second command could be written to the zygote socket. This
would lead to only one of the commands being processed and the
other being dropped. The client side of that socket would then wait
forever for a response and bring down the system once the watchdog
timeout was hit.
Example failure case :
--------------
system_server:send command(preloadPackage)
system_server:send command(fork)
zygote:poll & process command(preloadPackage) // the fork command is dropped.
Example of normal operation :
------------------
system_server:send command(preloadPackage)
zygote:poll & process command(preloadPackage)
system_server:send command(fork)
zygote:poll & process command(fork)
This change makes preloadPackageForAbi synchronous, which ensures
that each POLLIN event corresponds to precisely one command.
(cherry picked from commit 24a3306c32)
Bug: 62886909
Bug: 13618569
Test: Manual
Contributed-By: yuqianyu@huawei.com
Merged-In: I83faf974c9a70a6ab18323f692c1981784e4c56a
Change-Id: I83faf974c9a70a6ab18323f692c1981784e4c56a
If pm.dexopt.priv-apps is set to false, disable verifier and
only allow loading oat files from system.
bug: 30972906
bug: 63920015
Test: works as expected when pm.dexopt.priv-apps is true or false
Change-Id: Ib9e80c9b7b4106e82c0b9d1c7fbb8065c190ac1f
Also now pass the flags to the forked process through --runtime-flags instead
of converting to command line arguments and converting back to an integer.
bug: 30972906
bug: 63920015
Test: builds
Change-Id: I7f10c43dd916ca2d3b9b5141f17261eb7b64f49a
This change stops relying on the ro.boot.container property for dropping
a subset of capabilities and instead relies on the effective capability
mask of the Zygote process, prior to forking.
When Android is running in a pid/mount/net/user namespace, even if a
particular capability is present, some operations that require that
capability check whether it is allowed in the init namespace (instead of
in the current namespace), so they would fail even with the capability
granted within the namespace. So, explicitly dropping the capabilities
from the beginning allows for clearer signalling of which operations can
be expected to work instead of failing silently for mysterious reasons.
Bug: 63579953
Test: aosp_bullhead-eng still boots
Test: Running Zygote without CAP_SYS_MODULE makes it such that
system_server does not request it.
Change-Id: I1d18d13341bcc04e701fd14092e7e94961728620
The VisibleForTesting annotations are used by proguard to prevent
stripping code that is needed at runtime for tests. The annotations
were marked with source retention, which worked fine with Jack's
proguard implementation. When we switched back to javac + proguard,
the VisibleForTesting annotations are gone by the time proguard
sees the classes, so the annotated classes and methods can still
be stripped.
Move the VisibleForTesting annotation to class retention, which
matches guava's equivalent annotation.
Bug: 64365384
Test: m -j MtpDocumentsProvider &&
javap -cp out/target/common/obj/APPS/MtpDocumentsProvider_intermediates/classes-proguard.jar com.android.mtp.MtpRoot
Change-Id: I63a467c2f0a21383eb9e4c9563fd6de2d994a373
Merged-In: I63a467c2f0a21383eb9e4c9563fd6de2d994a373
(cherry picked from commit 8e846143dd)
Test: set different wallpapers for different users and switch between them.
Test: re-ran cts tests at cts/tests/app/src/android/app/cts/WallpaperManagerTest.java
Change-Id: Ic06d1dc6db26869a2948590863ca9b8ac81c630e
Merged-In: Ic06d1dc6db26869a2948590863ca9b8ac81c630e
Fixes: 63513694
Dumping current themes and scrim states to make debugging easier.
Bug: 63890571
Test: adb bugreport # look for new variables
Change-Id: Ia9bfd1b91d8d2c19930cb896d337ecdfa776e6cb
Isolated UIDs keep coming and going, with their process states
being downgraded. But this shouldn't impact the process state
time tracking in battery stats, since the parent UIDs process state
reflects the overall state already.
This fixes incorrect TOP time reporting in Settings for apps like
Chrome.
Change-Id: I0e94b064cd19f1f2d951e1e88aaba06b5c1c26fe
Fixes: 62162308
Test: Use chrome for a while and observe output of dumpsys batterystats
