Cross Reference: /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java

History log of /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
9527b223a9d4a4d149bb005afc77148dbeeff785	25-Jun-2015	Jeff Sharkey <jsharkey@android.com>	Let's reinvent storage, yet again! Now that we're treating storage as a runtime permission, we need to grant read/write access without killing the app. This is really tricky, since we had been using GIDs for access control, and they're set in stone once Zygote drops privileges. The only thing left that can change dynamically is the filesystem itself, so let's do that. This means changing the FUSE daemon to present itself as three different views: /mnt/runtime_default/foo - view for apps with no access /mnt/runtime_read/foo - view for apps with read access /mnt/runtime_write/foo - view for apps with write access There is still a single location for all the backing files, and filesystem permissions are derived the same way for each view, but the file modes are masked off differently for each mountpoint. During Zygote fork, it wires up the appropriate storage access into an isolated mount namespace based on the current app permissions. When the app is granted permissions dynamically at runtime, the system asks vold to jump into the existing mount namespace and bind mount the newly granted access model into place. Bug: 21858077 Change-Id: I62fb25d126dd815aea699b33d580e3afb90f8fd2 /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
065075e1f993a68579ed7f8034ab09d96ec957a9	28-May-2015	David Srbecky <dsrbecky@google.com>	Replace --include-cfi with --generate-debug-info. This follows a change in dex2oat. (cherry picked from commit f39477b592e6e17fe41ace2e18602a69b2dd1619) Bug: 21924613 Change-Id: I46b61298ca00bee2e83080456b180d63efd95b8f /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
fbb32f6440ed74a4d27eec03569520580d00da42	12-Jun-2015	Narayan Kamath <narayan@google.com>	Better systrace slices for application startup. This change adds three new timeslices : - PostFork : As soon as possible after the app forks from the zygote. Can be used in conjunction with the system_server "Start proc:" event to derive an upper bound on fork() and zygote overhead. - RuntimeInit & ActivityThreadMain for ZygoteInit#runtimeInit and ActivityThread#main. ActivityThread#handleBindApplication and higher level functions are already well instrumented in systrace. handleBindApplication should occur immediately after ActivityThread#main. Note that we use the Activity manager tag to make it easier to correlate these new events with surrounding events (Start proc and handleBindApplication) that are already using the AM tag. bug: 21632700 Change-Id: Ibc01f1721f962c913f3c02a51763b6feb1eb6a4d /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
27c39f1adeaf1a653fb41a5af64ee815b8048dd6	27-Apr-2015	Andreas Gampe <agampe@google.com>	am b6d14a00: resolved conflicts for merge of c29791d5 to mnc-dev-plus-aosp * commit 'b6d14a009e43a4d61ae2a4f98f6e3b914148d0a9': Frameworks/base: Add debug.gencfi property (cherry picked from commit a5b55a017a984608eacdf414bc1cbcd7615f1c13) /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
4887789e44cdb16b042a35e8ec03983213e88ac6	18-Mar-2015	Jeff Sharkey <jsharkey@android.com>	Progress towards dynamic storage support. Storage devices are no longer hard-coded, and instead bubble up from whatever Disk and VolumeBase that vold uncovered, turning into sibling Java objects in MountService. We now treat vold events as the source-of-truth for state, and synchronize our state by asking vold to "reset" whenever we reconnect. We've now moved to a model where all storage devices are mounted in the root mount namespace (user boundaries protected with GIDs), so we no longer need app-to-vold path translation. This also means that zygote only needs to bind mount the user-specific /mnt/user/n/ path onto /storage/self/ to make legacy paths like /sdcard work. This grealy simplifies a lot of system code. Many parts of the platform depend on a primary storage device always being present, so we hack together a stub StorageVolume when vold doesn't have a volume ready yet. StorageVolume isn't really a volume anymore; it's the user-specific view onto a volume, so MountService now filters and builds them based on the calling user. StorageVolume is now immutable, making it easier to reason about. Environment now builds all of its paths dynamically based on active volumes. Adds utility methods to turn int types and flags into user-readable strings for debugging purposes. Remove UMS sharing support for now, since no current devices support it; MTP is the recommended solution going forward because it offers better multi-user support. Simplify unmount logic, since vold will now gladly trigger EJECTING broadcast and kill stubborn processes. Bug: 19993667 Change-Id: I9842280e61974c91bae15d764e386969aedcd338 /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
75f1ba5a815ce13caff1faa8e0df7d4ac483507a	19-Mar-2015	Mathieu Chartier <mathieuc@google.com>	am f792e016: am 437ac8f8: Merge "Add JIT late override property" * commit 'f792e01606b988ab84190217529cca53da8db3f5': Add JIT late override property
7a49028aa2f25364042fae031d95f9283844e645	17-Mar-2015	Mathieu Chartier <mathieuc@google.com>	Add JIT late override property Required for JIT debug property since user builds can't restart the shell. Bug: 19735273 Change-Id: I1983852e80010c344b45e0bb459de47c56adfce8 /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
86bb9ba586dfb4136014d5e3072786d04c8b152e	10-Mar-2015	dcashman <dcashman@google.com>	am 4c887ac9: am db7fa51f: am c7446790: Merge "ZygoteConnection: remove obsolete security checks." * commit '4c887ac9318402b914dbee4462485006395bdfbe': ZygoteConnection: remove obsolete security checks.
fc4c0bf8bc162ada28969bacca9dff668a208399	06-Mar-2015	dcashman <dcashman@google.com>	ZygoteConnection: remove obsolete security checks. SELinux guarantees that only the system_server and permissive domains such as su are allowed to connect to the zygote socket. Remove obsolete security checks that were only applicable when other processes could connect. Bug: 19624279 Change-Id: I1c925d7facf19b3953b5deb85d992415344c4c9f /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
08c7116ab9cd04ad6dd3c04aa1017237e7f409ac	28-Feb-2015	John Spurlock <jspurlock@google.com>	Remove unused imports in frameworks/base. Change-Id: I031443de83f93eb57a98863001826671b18f3b17 /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
b6b044ae8263d1104e249ad2b857f0c570309990	13-Feb-2015	Narayan Kamath <narayan@google.com>	Fix a couple of issues with system_server forking. - Remove the obsolete --runtime-init arg. its prescence was preventing other arguments from being parsed. - Be stricter about unparsed args - throw if we see arguments we don't expect. This was already implemented but broken (probably implemented by a crap programmer). bug: 19378905 Change-Id: Id8b6158db7ef6368dd13ae61f591cdf2b278dfd1 /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
7254c123a1af6edfe61dfd0a2be111d9e27662fa	04-Feb-2015	Christopher Ferris <cferris@google.com>	Fix comment according to review. Change-Id: I784f2051cd173425e9a9570ac4555cf835dd277d /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
e32df45fe1a8cb7286bfdad392a0d36e0ddcf8e7	29-Jan-2015	Christopher Ferris <cferris@google.com>	Fix wrap property creation when truncating. If a property name gets truncated, make sure it doesn't end in a '.' since that makes the name illegal. Bug: 19196358 Bug: https://code.google.com/p/android/issues/detail?id=82947 Change-Id: Icc1a26593237ca19ad0ebd776a60b3d6290bb355 /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
37ad4b0242579d9a7251c8683eb20645be44cea8	19-Jan-2015	Narayan Kamath <narayan@google.com>	Choose the right executable for wrapped applications. 64 bit zygotes should exec app_process64, whereas 32 bit zygotes should exec app_process32. Change-Id: I63b56400e0478cd2bb206c98da6858be558f0525 /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
f48029f00a66e23d7872a00b56fbcf88528ba476	08-Jan-2015	Narayan Kamath <narayan@google.com>	Remove support for --classpath and make --runtime-init the default. --classpath hasn't been properly supported or used for as long as git history exists, and the non --runtime-init classpath is useless without it. Also, forking and exec' a bare dalvikvm instance from the zygote seems somewhat pointless since we might as well just execute it directly. Change-Id: Ib07d822d448e7b431d7564381f9cd11735fd1113 /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
6ac7e67168d89f85f622dd168a05ddfc2644f6d4	16-Jan-2015	Narayan Kamath <narayan@google.com>	Fix handling of wrapped processes [part 1]. Change 3fe595108f47fffd changed our pipe creation to CLOEXEC, which doesn't work so well for wrapper processes that call exec. Sending down the PID pre-exec won't work so well because wrappers are arbitrary and might fork themselves before finally starting the child application process. Change-Id: I065f0f2150dc1ff04d2b2e8b25f06b4c754809b9 /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
26b56e628bd77b1e77137b68aecb194791ec6cf6	17-Dec-2014	Elliott Hughes <enh@google.com>	Move the remaining ZygoteInit native code over to Java. Bug: 18719692 Change-Id: I5f9834edecdbcc065a33a9921c740a53441636a4 /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
dac83f5e6ad494f19a17523e56872e1d0870ee57	15-Dec-2014	Elliott Hughes <enh@google.com>	Reimplement reopenStdio in Java. Bug: 18719692 Change-Id: I4ed984cd6148c5cba75d46a60f32a0687a5bcac3 /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
3fe595108f47fffd73cfc2eb48b71a31e5d606d0	12-Dec-2014	Elliott Hughes <enh@google.com>	Lose some unnecessary JNI from the zygote. Bug: 18719692 Change-Id: Ie2d50400f10f3c54cfbf94e54656f6d704eac267 /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
a103ebed6e9a44a406b31636791d2970c882ec44	25-Sep-2014	Andreas Gampe <agampe@google.com>	resolved conflicts for merge of dfdabe37 to lmp-dev-plus-aosp Change-Id: Ia9c350dcfb41f9d04400a86bd7e5f2cf2af656f1
2eacd06bfb82b33dfcbccafbcfc0bf1218484bb5	10-Sep-2014	jgu21 <jinghui.gu@intel.com>	Frameworks/base: Early init native bridge Add the app directory to the arguments for starting a process. Add a check for NeedsNativeBridge and a call to PreInitializeBridge in the native fork code. Change-Id: I0b93da93251c6b4638de786bf98cf99df07c3fc2 /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
dc84c6ca86290393fec2bb730f125575ee9e168e	05-Sep-2014	Andreas Gampe <agampe@google.com>	resolved conflicts for merge of 82ad9ec3 to lmp-dev-plus-aosp Change-Id: I7ae05c4f1b072906932a9ed47bdbad881b8e0d37
aec67dcc02362e4d2f7641c6605405b839bd1bd4	03-Sep-2014	Andreas Gampe <agampe@google.com>	Frameworks/base: Add native bridge post-fork initialization Change-Id: I5a20de1cb68dd1802937b369b14c50c9c1031c67 /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
29564cd24589867f653cd22cabbaac6493cfc530	07-Aug-2014	Narayan Kamath <narayan@google.com>	Remove system_server classes from the boot image. We set the system_server classpath in the environment (like we do with BOOTCLASSPATH). After the zygote forks the system_server, we dexopt the classpath (if needed) and then launch the system server with the correct PathClassLoader. This needed several small / medium refactorings : - The logic for connecting to installd is now in a separate class and belongs in the system_server. - SystemService / SystemServiceManager have now moved to classes.jar. They are only used from there, and since they use Class.forName, we want them to be loaded by the system_server classloader, and not the bootclassloader. - BootReceiver now moves to frameworks.jar, because it is used by ActivityThread and friends. bug: 16555230 Change-Id: Ic84f0b2baf611eeedff6d123cb7191bb0259e600 /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
860c5911a2437ab2543614e138c98553d0d4ebf7	29-Apr-2014	Elliott Hughes <enh@google.com>	Move the Zygote off libcore.os and onto android.system. Change-Id: Iaa20e50b05fad355bdf15bcfdc58efc9941c400c /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
c41638cb759ce569630ffae4c5c4cdee1b0f3b82	07-Apr-2014	Narayan Kamath <narayan@google.com>	Make zygotes aware of their supported ABIs. Query system properties for the list of ABIs and pass it as a command line argument to ZygoteInit. Also add a new Zygote command that returns this list of ABIs to peers. Change-Id: I68034c6f63fa626911122579a011a0a25a8cda94 /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
973b4663b0b5ee62006522bf4742af076096e548	31-Mar-2014	Narayan Kamath <narayan@google.com>	Move zygote startup logic to the frameworks. The Zygote class is now in com.android.internal.os. It is responsible for the vast majority of work before and after the call to fork(). It calls back into the Runtime via the new dalvik.system.ZygoteHooks class to allow the Runtime to perform pre fork cleanup and post fork initialization. The native code in Zygote.cpp is a direct and straightforward port of the existing code in art. Most differences are superficial, for example : - We use C style logging (ALOGE) instead of stream based logging. - We call env->FatalError() instead of using LOG(FATAL) Change-Id: Ia101fb2af12d23894fe57e4134d2bc6d142e5059 /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
89d4c897a0e1bc06688bcb1fd39913ece81fe05f	06-Feb-2014	Dave Platt <dplatt@google.com>	Finish fixing Zygote descriptor leakage problem In order to prevent Zygote descriptors from leaking into the child environment, they should be closed by the forked-off child process before the child switches to the application UID. These changes close the descriptors via dup2(), substituting a descriptor open to /dev/null in their place; this allows the Zygote Java code to close the FileDescriptor objects cleanly. This is a multi-project change: dalvik, art, libcore, frameworks/base, and external/sepolicy are affected. The CLs need to be approved together, lest the build break or the software fail to boot. Round 2: indent change Bug: 12114500 Change-Id: I090402136a8a8b7d6aad6eb153026e85d7cf6ad3 /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
42a4bb5730266f80585e67262c73505d0bfffbf8	08-Nov-2013	Elliott Hughes <enh@google.com>	Remove incorrect (and unused) capget code. Note that if you revert this change, the code it removes is incorrect, and doesn't handle the top 32 bits of capabilities, one of which we're already using: CAP_BLOCK_SUSPEND. Bug: 11508244 Change-Id: Ice1f51334bce4941c6d24d6016450a2ebcf92886 /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
bd19b9ee305c11d8aa3cbb105bf2d3a6b06389b5	12-Apr-2013	Stephen Smalley <sds@tycho.nsa.gov>	Replace SEAndroid with SELinux. Change-Id: Ibbe544a9f025d71ad416bc01cee2145b62d7b2d4 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
468f6c15d2a8d6d1c60c941d7ef77efc30d9cdc1	30-Jan-2013	Nick Kralevich <nnk@google.com>	ZygoteConnection.java: Remove dead code --peer-wait The last caller of this option was removed in system/core commit b94fd1abcbff1eacb8a2ad79c51de21ecf8f6d65 Change-Id: I9f3540c9e61b4a93038b43983fbb8badac08a2e3 /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
e217ee4d7a8223289a1af7363627c69956c46d41	29-Aug-2012	Jeff Sharkey <jsharkey@android.com>	Access to all users' external storage. System services holding this permission have external storage bound one level higher, giving them access to all users' files. Bug: 7003520 Change-Id: Ib2bcb8455740c713ebd01f71c9a2b89b4e642832 /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
2bca868361b41ff6a8228824cbecadc4c5deb44e	22-Aug-2012	Jeff Sharkey <jsharkey@android.com>	Iteration on multi-user external storage. Remove single-user bind mounts, since they need to remain as raw mounts to correctly propagate when remounted. This means we're back to using sdcard_r GID to enforce READ_EXTERNAL_STORAGE. Bug: 6925012 Change-Id: I41b5d7ddc985a5df2e288632a0a80d4724089e00 /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
5b1ada2562c17921adf6a62ea62bcb445160983c	15-Aug-2012	Jeff Sharkey <jsharkey@android.com>	Multi-user external storage support. Emulated external storage always has multi-user support using paths like "/data/media/<user_id>". Creates and destroys these paths along with user data. Uses new ensure_dir() to create directories while always ensuring permissions. Add external storage mount mode to zygote, supporting both single- and multi-user devices. For example, devices with physical SD cards are treated as single-user. Begin migrating to mount mode instead of relying on sdcard_r GID to enforce READ_EXTERNAL_STORAGE. Bug: 6925012 Change-Id: I9b872ded992cd078e2c013567d59f9f0032ec02b /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
83d9eda9c2c411e3480c52f01e192bf3c86be8e9	13-Jan-2012	Stephen Smalley <sds@tycho.nsa.gov>	Pass additional inputs when spawning apps via the Zygote and add SELinux permission checks. When spawning an app process, the ActivityManagerService has additional information about the app package that may be useful in setting a SELinux security context on the process. Extend the Process.start() interface to allow passing such information to the Zygote spawner. We originally considered using the existing zygoteArgs argument, but found that those arguments are appended after the class name and left uninterpreted by ZygoteConnection, merely passed along to the class or wrapper. Thus we introduce a new seInfo argument for this purpose. Modify the ZygoteConnection to interpret the new option and convey it to forkAndSpecialize, as well as passing the nice name as a further input. Also modify the ZygoteConnection to apply SELinux permission checks on privileged operations. Change-Id: I66045ffd33ca9898b1d026882bcc1c5baf3adc17 /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
3f9dd287b99340efaaa257759e71a8f81b2ed113	09-Jul-2011	Jeff Brown <jeffbrown@google.com>	Increase activity timeouts when using a wrapper process. This patch enables the Zygote to tell the ActivityManager when it has started a process with a wrapper attached so that the ActivityManager can allow it extra time to start up or process events. This is useful when wrapping an app with Valgrind or other tools which add significant runtime overhead. Bug: 4584468 Change-Id: I5db6f2f15cd30b0ec40f547d2fadfa216de2926d /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
2455efebcc1e3d1e19d5de4287ac99818718029e	11-Jul-2011	Elliott Hughes <enh@google.com>	SDK_INT is not "current" on unreleased builds. This change (in combination with a dalvik change) ensures that system_server doesn't run with JNI app workarounds turned on. Bug: 4772166 Change-Id: Ia015aa56b5684a176de3c123e8aec7f35e7ecac5 /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
e1dfcb7ab01fb991079ec1f70f75281a0ca9073e	08-Jul-2011	Elliott Hughes <enh@google.com>	Pass the targetSdkVersion through to the zygote-forked dalvik. This will let dalvik implement backwards-compatibile behaviors based on an app's targetSdkVersion. Bug: 4772166 Change-Id: I935c5ea9144e8b4e6e21089547287486e2234b7f /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
ae07ecf3766c38af1c12822458b98036b28bd4c0	07-Jul-2011	Elliott Hughes <enh@google.com>	Add the "debug.jni.logging" property so third-party developers can debug their JNI problems. This turns on the super-verbose but indispensible logging of all native method calls and all calls to JNI functions (for third-party code only). In particular, if you have a local reference bug, you can search for the reference given in the crash and see exactly where it came from. In every case I've seen so far, that's pinpointed the bug exactly. Change-Id: Ifb7ba02ae637bdd53cd8500febdcb9d4d7799bda /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
ebed7d6e35f7f960e6e6add2b8ab7c7a31a511c3	17-May-2011	Jeff Brown <jeffbrown@google.com>	Support wrapping app processes to inject debug instrumentation. Bug: 4437846 Change-Id: I4552501c693716b14714afb5c5248edaca9547ab /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
1b4c7966b15382e9ffb2bfe6468dcef0b6d090b6	27-Oct-2010	Andy McFadden <fadden@android.com>	Set capabilities sooner. Bug 3135433. Change-Id: I4e34b60c0a01b85ce0d80eb96ff3510604a68c71 /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
23085b781e145ed684e7270af1d5ced6800b8eff	09-Feb-2010	Ben Cheng <bccheng@android.com>	Support per-application switch to execute the VM in safe mode. The new attribute can be set by adding android:safeMode="true" in AndroidManifest.xml with the SDK. Tested with pairing locally compiled SDK with Eclipse and verified that the JIT (the only component currently included in the safe mode) is indeed disabled with the new attribute. Bug: 2267583 /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
9066cfe9886ac131c34d59ed0e2d287b0e3c0087	04-Mar-2009	The Android Open Source Project <initial-contribution@android.com>	auto import from //depot/cupcake/@135843 /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
d83a98f4ce9cfa908f5c54bbd70f03eec07e7553	04-Mar-2009	The Android Open Source Project <initial-contribution@android.com>	auto import from //depot/cupcake/@135843 /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
f013e1afd1e68af5e3b868c26a653bbfb39538f8	18-Dec-2008	The Android Open Source Project <initial-contribution@android.com>	Code drop from //branches/cupcake/...@124589 /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
54b6cfa9a9e5b861a9930af873580d6dc20f773c	21-Oct-2008	The Android Open Source Project <initial-contribution@android.com>	Initial Contribution /frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java