summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Move android_filesystem_config.h => fs_config.hYifan Hong2017-08-021-0/+4
| | | | | | | | | | | | | | | | | The non AID_ things in android_filesystem_config.h are moved to fs_config.h. For libcutils.vendor and libcutils_headers.vendor, fs_config.h is not exported. An empty system/core/include/private/fs_config.h is placed to appease the dependency from certain modules (logd, etc.) that includes system/core/include/private/android_filesystem_config.h directly. Test: m -j Test: BOARD_VNDK_VERSION=current m -j Bug: 63135587 Change-Id: I95dfb874a426941022b100c0ca26a0576b0f4aa3 Merged-In: I95dfb874a426941022b100c0ca26a0576b0f4aa3
* Moved include/android_filesystem_*.h and canned_fs_config.h to libcutilsVijay Venkatraman2017-03-213-368/+3
| | | | | | | | | Bug: 33241851 Test: No changes needed for modules not using VNDK. For VNDK, enable BOARD_VNDK_VERSION in BoardConfig.mk and add libcutils to modules that need these headers. Change-Id: I6102778aab35ed26a5ddde11230502dcd4edc852
* Allocate new UID for OTA update resource tracking.Jeff Sharkey2017-03-201-0/+1
| | | | | | | | | | | Recent changes to OTA updates started "blaming" network usage on the system UID, which makes it difficult to triage incoming bugreports that claim heavy network usage. Instead, this change gives OTA updates an explicit UID to make triage easier. Test: builds, boots Bug: 36130264 Change-Id: I0a0cc009f3d891b19b419bc12cd237ef8ac64519
* Add eSE AID.Andrew Scull2017-03-161-4/+5
| | | | | | | | | This is used by components that communicate with the embedded secure element. Test: Boot system with a daemon and device using this AID. Bug: 35628284 Change-Id: I1fd1a300c69fefbd19fda69add5d3b098be873c2
* Revert "Revert "Exporting C headers from system/core""Vijay Venkatraman2017-01-251-194/+1
| | | | | | | This reverts commit a3f2be2b73cebb057218db2a19e8fad04ecb88f6. Test: compile Change-Id: I04b3a8e47e1fa3eb9d80c14ae3a90c68a780e858
* Revert "Exporting C headers from system/core"Vijay Venkatraman2017-01-241-1/+194
| | | | | | This reverts commit 3c6763ca21c1150d66daf8fde9b440b1c3219fe6. Change-Id: If3b3e106478d28a5df927d57649abdca0a99dd0e
* Exporting C headers from system/coreVijay Venkatraman2017-01-221-194/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | Moved headers from include/libcutils and include/liblog to libcutils/include and liblog/include respectively, so they can be exported via these libs. They needed to be moved since Soong does not allow export from external folder. Added symlink from old locations. They are needed since Soong includes system/core/include by default. Once all modules are cleaned up to explicitly add the required libs, the symlinks will be removed. Also added liblog_vndk_headers that exports a special log/log.h for VNDK. Moved headers of libcutils to libcutils_headers. They should be used by modules for header-only inlines. Added libcutils_headers as dependency of libcutils. Added libcutils_vndk_headers that exports a special cutils/log.h deprecating usage of the file. A later CL will deprecate the one in libcutils_headers Test: Add above libs to shared lib of local module Change-Id: I6e1f9c5f23d8b6eae13dc3b7e5dfe7fae93b8510
* Define GID range for external data and OBBs.Jeff Sharkey2017-01-181-0/+4
| | | | | | | | | | | | | To quickly answer the question of "how much data is a UID using?" we need a GID range to label files on external storage, similar to the GID ranges already defined for cached and shared data. Also define a new GID that will be used to label the OBB files shared between all users under /data/media/obb. Test: builds, newly added tests pass Bug: 34263266 Change-Id: I16fb7d166c3dcdeafbf477162d191d3b73ae8ac2
* debuggerd: advance our amazing bet.Josh Gao2017-01-171-0/+1
| | | | | | | | | Remove debuggerd in favor of a helper process that gets execed by crashing processes. Bug: http://b/30705528 Test: debuggerd_test Change-Id: I9906c69473989cbf7fe5ea6cccf9a9c563d75906
* Merge "Revert "Revert "android_ids: move to bionic"""Elliott Hughes2017-01-091-95/+6
|\
| * Revert "Revert "android_ids: move to bionic""Elliott Hughes2016-12-131-95/+6
| | | | | | | | | | | | This reverts commit 7b7a8074e1b949231dd18618a3d4b720c8400c66. Change-Id: Icdc7221af6745084e5a4a28d851d3ad14e2a4ece
* | Define range of GIDs for cached app data.Jeff Sharkey2016-12-131-6/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | To support upcoming disk usage calculation optimizations, this change creates a new GID for each app that will be used to mark its cached data. We're allocating these unique GIDs so that we can use quotactl() to track cached data on a per-app basis. This change also tightens up the implementation of both the cache and shared GID calculation to ensure that they stay inside the valid ranges, and includes tests to verify. Test: builds, boots, tests pass Bug: 27948817 Change-Id: Ie4377e5aae267f2da39a165888139228995987cb
* | Merge "Revert "android_ids: move to bionic""Treehugger Robot2016-12-121-6/+95
|\|
| * Revert "android_ids: move to bionic"Elliott Hughes2016-12-121-6/+95
| | | | | | | | | | | | This reverts commit bc56847e84816e10908d8eea599f2afff5cc139d. Change-Id: I2d00db0aaa7dfe292e36c6bdbaaa76230849e732
* | fs_config: add comment to headerWilliam Roberts2016-12-081-0/+27
|/ | | | | | | | | | | Add a comment to android_filesystem_config.h about AID and OEM Range "scraping" done by build/tools/fs_config. Test: Build and boot. Change-Id: I2d4845d91546ae967a1ee5166b73d119938faccc Signed-off-by: William Roberts <william.c.roberts@intel.com>
* android_ids: move to bionicWilliam Roberts2016-12-081-95/+6
| | | | | | | | | | | Prevent others from using android_ids and force them to use grp.h and pwd.h family of functions. Test: Build and boot, verify services are running properly. Bug: 27999086 Change-Id: Idcd75cf7e91a49ef07a0ed3bdb514ad61aa82e69 Signed-off-by: William Roberts <william.c.roberts@intel.com>
* Define GIDs for internal media file types.Jeff Sharkey2016-12-021-0/+6
| | | | | | | | | | | Currently, all internal media storage files (under /data/media) are given the same "media_rw" GID. To support an upcoming optimization to disk usage calculation, this CL defines three new GIDs that can be used to quickly identify common types: audio, video, and images. Test: builds Bug: 27948817 Change-Id: I8548459c3d3ccbf7d822431c6e2ebd1c2e309d70
* liblog: add private android_log_write_list_buffer()Mark Salyzyn2016-11-211-0/+41
| | | | | | | | | | | Allows us to compose an event message for our own in-memory purposes. Will be used to compose an event message in logd and directly write it to just the pmsg buffer. Provide an internal enhanced C++ wrapper for event handling. Test: gTest liblog-unit-tests --gtest_filter=liblog.android_log_write_list_buffer Bug: 31456426 Change-Id: I98246898ba580f9e506baba8af2fd1b26a2a8aae
* Add UID for vehicle networkKeun-young Park2016-10-281-0/+2
| | | | | | | | - Access to vehicle network is done in vehicle network service process. Test: build bug: 32508433 Change-Id: I340d1f4964d70b53f10d84fb15a62107e1dedc0e
* liblog: logd: logcat: Split out log/logger.h into public and private.Mark Salyzyn2016-10-241-11/+10
| | | | | | | | | | | | log/logger.h pieces moved into log/log.h. Correct for some minor Android Coding standards. Test: gTests liblog-unit-tests, logd-unit-tests and logcat-unit-tests Bug: 19235719 Bug: 26552300 Bug: 31289077 Bug: 31456426 Change-Id: I0a19fd8788eec20a582e72e4c62c04534bdb1b9a
* liblog: Add private interfaces for buffer size propertiesMark Salyzyn2016-10-181-0/+15
| | | | | | | | | | | | | | | | Add private function __android_logger_get_buffer_size() to read properties and compose the default buffer size. This interface complements the existing android_looger_get_size() which returns the logd setting which can differ at runtime. For use in logd and dumpstate. Side effect is we also add the private functions __android_logger_property_get_bool() and __android_logger_valid_buffer_size() for reuse in logd. Test: gTest liblog-unit-test, logd-unit-tests and logcat-unit-tests in combination with commit 'logd: Use private interfaces for buffer size properties' Bug: 31750617 Change-Id: Id95cb68f775ef6b427c122e10f6f8291d336d184
* liblog: LIBLOG_ABI_PRIVATE __android_log_is_debuggable()Mark Salyzyn2016-10-141-0/+2
| | | | | | | | | | Allow our own libraries to use this privately instead of running the less efficient get_properties and doing the math. Test: compile and boot smoke test Bug: 27566046 Bug: 31456426 Change-Id: I2f677276d27fbcb6af01b600ac1d9891c8938d43
* liblog: adb: move security interfaces to privateMark Salyzyn2016-10-101-0/+4
| | | | | | | | | Test: Compile & adb functioning Bug: 19235719 Bug: 26552300 Bug: 31289077 Bug: 31456426 Change-Id: I7ad8963bcca3d8b5c37b547c11d163b652d35556
* system/core: drop or replace log/logger.hMark Salyzyn2016-10-041-1/+1
| | | | | | | | | | | debuggerd does not require log/logger.h, can use android/log.h In some cases, mark why log/logger.h was required. Test: Compile and boot smoke test Bug: 26552300 Bug: 31289077 Bug: 31456426 Change-Id: Ia34987e25a01d81971ec8d785415f732b8376c4f
* liblog: Replace log/log.h with android/log.hMark Salyzyn2016-09-301-1/+1
| | | | | | | | | | Move all liblog related content into android/log.h, and make log/log.h points to android/log.h. Test: Compile Bug: 26552300 Bug: 31289077 Change-Id: I858e0ebe047b86f2a8530a99bc9c380d3d58edbb
* liblog: logd: logcat: deprecate log/log_read.hMark Salyzyn2016-09-301-5/+6
| | | | | | | | | | | | Always used in combination with log/logger.h except in log_time.cpp, and not used externally. As a result liblog has to support stl, a small price to pay since goal is to convert liblog to C++ internally. Test: compile Bug: 31456426 Bug: 26552300 Bug: 31289077 Change-Id: I72828ec807d0a2c8e40bbdebd7a69f147a7ca5a9
* Remove net_bt_stack group and replace it with bluetoothAjay Panicker2016-09-201-2/+0
| | | | | Bug: 31549206 Change-Id: I667963e5f9fd1a5dc9ad74378b318e3b782e6883
* Add static UID for the webview zygote process.Robert Sesek2016-07-111-0/+2
| | | | | | | This UID will never own any files. Bug: 21643067 Change-Id: Ifc887b1033ed4564336c8552012fb6bd0de73c15
* Add UIDs for system DNS and tethering DNSErik Kline2016-07-051-0/+4
| | | | | | Bug: 29420831 Bug: 29881876 Change-Id: I7a48f980f0e52a3d322c4c02988d48fc6df643ca
* Move canned_fs_config into libcutilsMohamad Ayyash2016-05-121-0/+26
| | | | | | | | | | It's no longer specific to make_ext4fs, will be used for mksquashfs as well. BUG: 27467028 Change-Id: I41b8c2b168ada45c8378dee522391edfb8f6b9a6 Signed-off-by: Mohamad Ayyash <mkayyash@google.com> BUG: 28704419
* Merge "Add nvram user."Mattias Nissler2016-03-231-0/+2
|\
| * Add nvram user.Mattias Nissler2016-03-221-0/+2
| | | | | | | | | | | | | | | | | | | | This is intended to be used by user space daemons that are part of access-controlled NVRAM HAL implementations for Brillo. Because there might be sensitive data flowing through the daemon, we'd like to run it as a separate user. BUG: 27764637 Change-Id: If6ad7923af3c650963ee9e926f732001b6a8cb5d
* | liblog: add __android_log_pmsg_file_readMark Salyzyn2016-03-221-0/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - This is considered an Android Private function, not exported for general use. - goal is to retreive a file's content from a series of log messages from pmsg, to be retrieved after a reboot for transfer to a persistent location. - files are presented in reverse sorted order, first based on _any_ numerical content, then by alphanumeric order. - Add a gTest for this function, relies on gTest for liblog.__android_log_pmsg_file_write from prior to reboot. Bug: 27176738 Change-Id: If37ef423009bd28b598b233af3bccef3429bdc22
* | liblog: add __android_log_pmsg_file_writeMark Salyzyn2016-03-221-0/+20
|/ | | | | | | | | | | | | | | | | - This is considered an Android Private function, not exported for general use. - goal is to record a file's content into a series of log messages into pmsg, to be retrieved after a reboot for transfer to a persistent location. - filename reference is converted to a tag-unique "<dirbase>:<filebase>". - buffer and length representing the filename contents are recorded, along with a sequence number placed into the nsec time field to ANDROID_LOG_PMSG_FILE_MAX_SEQUENCE. - Add a gTest for this function. Bug: 27176738 Change-Id: If93df3ae8bfc1bb75516d4a1fd8dae0301af644b
* Add notice for adding users in AOSP.Jorge Lucangeli Obes2016-02-261-0/+1
| | | | | | | | | Sometimes new users/groups get added in internal branches, and the list gets out of sync. Add a comment to prompt developers to add users in AOSP. Bug: None Change-Id: I5b2df391902b842f1af8a377c8eac4cdb36a0518
* Add more first-party Brillo system users.Jorge Lucangeli Obes2016-02-241-0/+4
| | | | | | | | | | | | | | | | | Brillo is converging on a set of mandatory system services to be included in all Brillo builds. We'd like these services to run as separate users just like other native Android/Brillo system services. Add users for these services: -Firewalld: Brillo has more granular firewall requirements (think e.g. Brillo-powered router.) Firewalld exposes a (currently) D-Bus/ (soon to be) Binder API to broker access to IPTables rules. -Trunksd: Some Brillo product configs will require TPMs. Trunksd manages TPMs in Chrome OS and Brillo. Bug: 27299198 Change-Id: Ibe3303acdd9398ea52da0a37dbef73e5c5a948f7
* Sync internal<->AOSP user list.Chien-Yu Chen2016-02-231-0/+2
| | | | | | | | | | | Bug: 27299198 Cherry-picked from: Restart cameraserver Bug: 24511454 Change-Id: Ia27f4ef0eb71f891c789f637a21b04afe0b1c4e9
* uid for codec processMarco Nelissen2016-01-251-0/+2
| | | | Change-Id: Iadf8012e6c177bcf487048e1b5a9b4fc51a0aeba
* debuggerd: fork and drop privileges when dumping.Josh Gao2016-01-051-0/+2
| | | | | Bug: http://b/25195825 Change-Id: I913d8425232e79df3f7a051a8cc63de9c60f4780
* android_filesystem_config.h: Add Brillo users.Jorge Lucangeli Obes2016-01-051-0/+6
| | | | | | | | -metrics_collector and metricsd gather and upload device metrics. -webservd is part of the Weave (Brillo remote setup and management) stack. Bug: 26337609 Change-Id: Icf6ce75e64293adbe773f2ee65e80629f2eeb737
* Use GID "wakelock" to control access to kernel wakelockPavlin Radoslavov2015-12-281-0/+2
| | | | | | | | | | * Added new kernel GID named "wakelock" (AID_WAKELOCK = 3010) * Changed the group access for /sys/power/wake_lock and /sys/power/wake_unlock from "system" to "wakelock" * Added "wakelock" to the list of groups for the healthd process/service Bug: 25864142 Change-Id: Ieabee9964cccec3107971a361a43aa9805164aa9
* Add audioserver UID.Jorge Lucangeli Obes2015-12-181-0/+2
| | | | | | | (Originally in https://googleplex-android-review.git.corp.google.com/#/c/804752). Change-Id: I31951cad1bbcec58b21559be0d86581ba9187a92
* New uid for extractor processMarco Nelissen2015-12-181-0/+2
| | | | Change-Id: I462d4736e772da0a08b4793fc1b971ff261667ea
* Enable hidepid=2 on /procNick Kralevich2015-11-091-0/+2
| | | | | | | | | | | | | | | | | | | | | | | Add the following mount options to the /proc filesystem: hidepid=2,gid=3009 This change blocks /proc access unless you're in group 3009 (aka AID_READPROC). Please see https://github.com/torvalds/linux/blob/master/Documentation/filesystems/proc.txt for documentation on the hidepid option. hidepid=2 is preferred over hidepid=1 since it leaks less information and doesn't generate SELinux ptrace denials when trying to access /proc without being in the proper group. Add AID_READPROC to processes which need to access /proc entries for other UIDs. Bug: 23310674 Change-Id: I22bb55ff7b80ff722945e224845215196f09dafa
* am b955f476: Merge "Add a "tlsdate" AID for unprivileged tlsdate execution."Gilad Arnold2015-10-021-0/+2
|\ | | | | | | | | * commit 'b955f476d3b11da9378d5eedfc569711f625e1ba': Add a "tlsdate" AID for unprivileged tlsdate execution.
| * Add a "tlsdate" AID for unprivileged tlsdate execution.Gilad Arnold2015-10-021-0/+2
| | | | | | | | | | Bug: 23651876 Change-Id: I7ab1bccdcd2434c4af663a1afb9fe9ad124c4428
* | am 66d32c74: Merge "Use CAP_MASK_LONG for file capabilities."Jorge Lucangeli Obes2015-09-031-0/+2
|\| | | | | | | | | * commit '66d32c7488e12545218e83195738c95c183760ef': Use CAP_MASK_LONG for file capabilities.
| * Use CAP_MASK_LONG for file capabilities.Jorge Lucangeli Obes2015-09-021-0/+2
| | | | | | | | | | | | | | Extract the |1ULL << $CAP_NAME| construct to a macro, to avoid repeating it. Change-Id: I9312c27130d7e6c5b6ab3b4cc5c70a6b98378b98
* | am 45ca3d54: am a336cbcd: Merge "Reserve new UID range for OEM."Jorge Lucangeli Obes2015-07-311-0/+4
|\| | | | | | | | | * commit '45ca3d54e0f6be4237efcef5ff121a263d81971d': Reserve new UID range for OEM.
| * Reserve new UID range for OEM.Jorge Lucangeli Obes2015-07-311-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | Brillo will need to run new native system services, so reserve a reasonable UID range to accomodate them. Having 1000 UIDs will allow us to sub-partition this range if needed. The range can be used by any OEM, not just Brillo, so name it accordingly. Bug: 22555869 Change-Id: I752428ee5025bf064a35ecbe6da50c041d87b724