9527b223a9d4a4d149bb005afc77148dbeeff785 |
|
25-Jun-2015 |
Jeff Sharkey <jsharkey@android.com> |
Let's reinvent storage, yet again! Now that we're treating storage as a runtime permission, we need to grant read/write access without killing the app. This is really tricky, since we had been using GIDs for access control, and they're set in stone once Zygote drops privileges. The only thing left that can change dynamically is the filesystem itself, so let's do that. This means changing the FUSE daemon to present itself as three different views: /mnt/runtime_default/foo - view for apps with no access /mnt/runtime_read/foo - view for apps with read access /mnt/runtime_write/foo - view for apps with write access There is still a single location for all the backing files, and filesystem permissions are derived the same way for each view, but the file modes are masked off differently for each mountpoint. During Zygote fork, it wires up the appropriate storage access into an isolated mount namespace based on the current app permissions. When the app is granted permissions dynamically at runtime, the system asks vold to jump into the existing mount namespace and bind mount the newly granted access model into place. Bug: 21858077 Change-Id: I62fb25d126dd815aea699b33d580e3afb90f8fd2
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
065075e1f993a68579ed7f8034ab09d96ec957a9 |
|
28-May-2015 |
David Srbecky <dsrbecky@google.com> |
Replace --include-cfi with --generate-debug-info. This follows a change in dex2oat. (cherry picked from commit f39477b592e6e17fe41ace2e18602a69b2dd1619) Bug: 21924613 Change-Id: I46b61298ca00bee2e83080456b180d63efd95b8f
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
fbb32f6440ed74a4d27eec03569520580d00da42 |
|
12-Jun-2015 |
Narayan Kamath <narayan@google.com> |
Better systrace slices for application startup. This change adds three new timeslices : - PostFork : As soon as possible after the app forks from the zygote. Can be used in conjunction with the system_server "Start proc:" event to derive an upper bound on fork() and zygote overhead. - RuntimeInit & ActivityThreadMain for ZygoteInit#runtimeInit and ActivityThread#main. ActivityThread#handleBindApplication and higher level functions are already well instrumented in systrace. handleBindApplication should occur immediately after ActivityThread#main. Note that we use the Activity manager tag to make it easier to correlate these new events with surrounding events (Start proc and handleBindApplication) that are already using the AM tag. bug: 21632700 Change-Id: Ibc01f1721f962c913f3c02a51763b6feb1eb6a4d
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
27c39f1adeaf1a653fb41a5af64ee815b8048dd6 |
|
27-Apr-2015 |
Andreas Gampe <agampe@google.com> |
am b6d14a00: resolved conflicts for merge of c29791d5 to mnc-dev-plus-aosp * commit 'b6d14a009e43a4d61ae2a4f98f6e3b914148d0a9': Frameworks/base: Add debug.gencfi property (cherry picked from commit a5b55a017a984608eacdf414bc1cbcd7615f1c13)
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
4887789e44cdb16b042a35e8ec03983213e88ac6 |
|
18-Mar-2015 |
Jeff Sharkey <jsharkey@android.com> |
Progress towards dynamic storage support. Storage devices are no longer hard-coded, and instead bubble up from whatever Disk and VolumeBase that vold uncovered, turning into sibling Java objects in MountService. We now treat vold events as the source-of-truth for state, and synchronize our state by asking vold to "reset" whenever we reconnect. We've now moved to a model where all storage devices are mounted in the root mount namespace (user boundaries protected with GIDs), so we no longer need app-to-vold path translation. This also means that zygote only needs to bind mount the user-specific /mnt/user/n/ path onto /storage/self/ to make legacy paths like /sdcard work. This grealy simplifies a lot of system code. Many parts of the platform depend on a primary storage device always being present, so we hack together a stub StorageVolume when vold doesn't have a volume ready yet. StorageVolume isn't really a volume anymore; it's the user-specific view onto a volume, so MountService now filters and builds them based on the calling user. StorageVolume is now immutable, making it easier to reason about. Environment now builds all of its paths dynamically based on active volumes. Adds utility methods to turn int types and flags into user-readable strings for debugging purposes. Remove UMS sharing support for now, since no current devices support it; MTP is the recommended solution going forward because it offers better multi-user support. Simplify unmount logic, since vold will now gladly trigger EJECTING broadcast and kill stubborn processes. Bug: 19993667 Change-Id: I9842280e61974c91bae15d764e386969aedcd338
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
75f1ba5a815ce13caff1faa8e0df7d4ac483507a |
|
19-Mar-2015 |
Mathieu Chartier <mathieuc@google.com> |
am f792e016: am 437ac8f8: Merge "Add JIT late override property" * commit 'f792e01606b988ab84190217529cca53da8db3f5': Add JIT late override property
|
7a49028aa2f25364042fae031d95f9283844e645 |
|
17-Mar-2015 |
Mathieu Chartier <mathieuc@google.com> |
Add JIT late override property Required for JIT debug property since user builds can't restart the shell. Bug: 19735273 Change-Id: I1983852e80010c344b45e0bb459de47c56adfce8
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
86bb9ba586dfb4136014d5e3072786d04c8b152e |
|
10-Mar-2015 |
dcashman <dcashman@google.com> |
am 4c887ac9: am db7fa51f: am c7446790: Merge "ZygoteConnection: remove obsolete security checks." * commit '4c887ac9318402b914dbee4462485006395bdfbe': ZygoteConnection: remove obsolete security checks.
|
fc4c0bf8bc162ada28969bacca9dff668a208399 |
|
06-Mar-2015 |
dcashman <dcashman@google.com> |
ZygoteConnection: remove obsolete security checks. SELinux guarantees that only the system_server and permissive domains such as su are allowed to connect to the zygote socket. Remove obsolete security checks that were only applicable when other processes could connect. Bug: 19624279 Change-Id: I1c925d7facf19b3953b5deb85d992415344c4c9f
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
08c7116ab9cd04ad6dd3c04aa1017237e7f409ac |
|
28-Feb-2015 |
John Spurlock <jspurlock@google.com> |
Remove unused imports in frameworks/base. Change-Id: I031443de83f93eb57a98863001826671b18f3b17
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
b6b044ae8263d1104e249ad2b857f0c570309990 |
|
13-Feb-2015 |
Narayan Kamath <narayan@google.com> |
Fix a couple of issues with system_server forking. - Remove the obsolete --runtime-init arg. its prescence was preventing other arguments from being parsed. - Be stricter about unparsed args - throw if we see arguments we don't expect. This was already implemented but broken (probably implemented by a crap programmer). bug: 19378905 Change-Id: Id8b6158db7ef6368dd13ae61f591cdf2b278dfd1
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
7254c123a1af6edfe61dfd0a2be111d9e27662fa |
|
04-Feb-2015 |
Christopher Ferris <cferris@google.com> |
Fix comment according to review. Change-Id: I784f2051cd173425e9a9570ac4555cf835dd277d
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
e32df45fe1a8cb7286bfdad392a0d36e0ddcf8e7 |
|
29-Jan-2015 |
Christopher Ferris <cferris@google.com> |
Fix wrap property creation when truncating. If a property name gets truncated, make sure it doesn't end in a '.' since that makes the name illegal. Bug: 19196358 Bug: https://code.google.com/p/android/issues/detail?id=82947 Change-Id: Icc1a26593237ca19ad0ebd776a60b3d6290bb355
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
37ad4b0242579d9a7251c8683eb20645be44cea8 |
|
19-Jan-2015 |
Narayan Kamath <narayan@google.com> |
Choose the right executable for wrapped applications. 64 bit zygotes should exec app_process64, whereas 32 bit zygotes should exec app_process32. Change-Id: I63b56400e0478cd2bb206c98da6858be558f0525
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
f48029f00a66e23d7872a00b56fbcf88528ba476 |
|
08-Jan-2015 |
Narayan Kamath <narayan@google.com> |
Remove support for --classpath and make --runtime-init the default. --classpath hasn't been properly supported or used for as long as git history exists, and the non --runtime-init classpath is useless without it. Also, forking and exec' a bare dalvikvm instance from the zygote seems somewhat pointless since we might as well just execute it directly. Change-Id: Ib07d822d448e7b431d7564381f9cd11735fd1113
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
6ac7e67168d89f85f622dd168a05ddfc2644f6d4 |
|
16-Jan-2015 |
Narayan Kamath <narayan@google.com> |
Fix handling of wrapped processes [part 1]. Change 3fe595108f47fffd changed our pipe creation to CLOEXEC, which doesn't work so well for wrapper processes that call exec. Sending down the PID pre-exec won't work so well because wrappers are arbitrary and might fork themselves before finally starting the child application process. Change-Id: I065f0f2150dc1ff04d2b2e8b25f06b4c754809b9
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
26b56e628bd77b1e77137b68aecb194791ec6cf6 |
|
17-Dec-2014 |
Elliott Hughes <enh@google.com> |
Move the remaining ZygoteInit native code over to Java. Bug: 18719692 Change-Id: I5f9834edecdbcc065a33a9921c740a53441636a4
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
dac83f5e6ad494f19a17523e56872e1d0870ee57 |
|
15-Dec-2014 |
Elliott Hughes <enh@google.com> |
Reimplement reopenStdio in Java. Bug: 18719692 Change-Id: I4ed984cd6148c5cba75d46a60f32a0687a5bcac3
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
3fe595108f47fffd73cfc2eb48b71a31e5d606d0 |
|
12-Dec-2014 |
Elliott Hughes <enh@google.com> |
Lose some unnecessary JNI from the zygote. Bug: 18719692 Change-Id: Ie2d50400f10f3c54cfbf94e54656f6d704eac267
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
a103ebed6e9a44a406b31636791d2970c882ec44 |
|
25-Sep-2014 |
Andreas Gampe <agampe@google.com> |
resolved conflicts for merge of dfdabe37 to lmp-dev-plus-aosp Change-Id: Ia9c350dcfb41f9d04400a86bd7e5f2cf2af656f1
|
2eacd06bfb82b33dfcbccafbcfc0bf1218484bb5 |
|
10-Sep-2014 |
jgu21 <jinghui.gu@intel.com> |
Frameworks/base: Early init native bridge Add the app directory to the arguments for starting a process. Add a check for NeedsNativeBridge and a call to PreInitializeBridge in the native fork code. Change-Id: I0b93da93251c6b4638de786bf98cf99df07c3fc2
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
dc84c6ca86290393fec2bb730f125575ee9e168e |
|
05-Sep-2014 |
Andreas Gampe <agampe@google.com> |
resolved conflicts for merge of 82ad9ec3 to lmp-dev-plus-aosp Change-Id: I7ae05c4f1b072906932a9ed47bdbad881b8e0d37
|
aec67dcc02362e4d2f7641c6605405b839bd1bd4 |
|
03-Sep-2014 |
Andreas Gampe <agampe@google.com> |
Frameworks/base: Add native bridge post-fork initialization Change-Id: I5a20de1cb68dd1802937b369b14c50c9c1031c67
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
29564cd24589867f653cd22cabbaac6493cfc530 |
|
07-Aug-2014 |
Narayan Kamath <narayan@google.com> |
Remove system_server classes from the boot image. We set the system_server classpath in the environment (like we do with BOOTCLASSPATH). After the zygote forks the system_server, we dexopt the classpath (if needed) and then launch the system server with the correct PathClassLoader. This needed several small / medium refactorings : - The logic for connecting to installd is now in a separate class and belongs in the system_server. - SystemService / SystemServiceManager have now moved to classes.jar. They are only used from there, and since they use Class.forName, we want them to be loaded by the system_server classloader, and not the bootclassloader. - BootReceiver now moves to frameworks.jar, because it is used by ActivityThread and friends. bug: 16555230 Change-Id: Ic84f0b2baf611eeedff6d123cb7191bb0259e600
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
860c5911a2437ab2543614e138c98553d0d4ebf7 |
|
29-Apr-2014 |
Elliott Hughes <enh@google.com> |
Move the Zygote off libcore.os and onto android.system. Change-Id: Iaa20e50b05fad355bdf15bcfdc58efc9941c400c
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
c41638cb759ce569630ffae4c5c4cdee1b0f3b82 |
|
07-Apr-2014 |
Narayan Kamath <narayan@google.com> |
Make zygotes aware of their supported ABIs. Query system properties for the list of ABIs and pass it as a command line argument to ZygoteInit. Also add a new Zygote command that returns this list of ABIs to peers. Change-Id: I68034c6f63fa626911122579a011a0a25a8cda94
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
973b4663b0b5ee62006522bf4742af076096e548 |
|
31-Mar-2014 |
Narayan Kamath <narayan@google.com> |
Move zygote startup logic to the frameworks. The Zygote class is now in com.android.internal.os. It is responsible for the vast majority of work before and after the call to fork(). It calls back into the Runtime via the new dalvik.system.ZygoteHooks class to allow the Runtime to perform pre fork cleanup and post fork initialization. The native code in Zygote.cpp is a direct and straightforward port of the existing code in art. Most differences are superficial, for example : - We use C style logging (ALOGE) instead of stream based logging. - We call env->FatalError() instead of using LOG(FATAL) Change-Id: Ia101fb2af12d23894fe57e4134d2bc6d142e5059
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
89d4c897a0e1bc06688bcb1fd39913ece81fe05f |
|
06-Feb-2014 |
Dave Platt <dplatt@google.com> |
Finish fixing Zygote descriptor leakage problem In order to prevent Zygote descriptors from leaking into the child environment, they should be closed by the forked-off child process before the child switches to the application UID. These changes close the descriptors via dup2(), substituting a descriptor open to /dev/null in their place; this allows the Zygote Java code to close the FileDescriptor objects cleanly. This is a multi-project change: dalvik, art, libcore, frameworks/base, and external/sepolicy are affected. The CLs need to be approved together, lest the build break or the software fail to boot. Round 2: indent change Bug: 12114500 Change-Id: I090402136a8a8b7d6aad6eb153026e85d7cf6ad3
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
42a4bb5730266f80585e67262c73505d0bfffbf8 |
|
08-Nov-2013 |
Elliott Hughes <enh@google.com> |
Remove incorrect (and unused) capget code. Note that if you revert this change, the code it removes is incorrect, and doesn't handle the top 32 bits of capabilities, one of which we're already using: CAP_BLOCK_SUSPEND. Bug: 11508244 Change-Id: Ice1f51334bce4941c6d24d6016450a2ebcf92886
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
bd19b9ee305c11d8aa3cbb105bf2d3a6b06389b5 |
|
12-Apr-2013 |
Stephen Smalley <sds@tycho.nsa.gov> |
Replace SEAndroid with SELinux. Change-Id: Ibbe544a9f025d71ad416bc01cee2145b62d7b2d4 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
468f6c15d2a8d6d1c60c941d7ef77efc30d9cdc1 |
|
30-Jan-2013 |
Nick Kralevich <nnk@google.com> |
ZygoteConnection.java: Remove dead code --peer-wait The last caller of this option was removed in system/core commit b94fd1abcbff1eacb8a2ad79c51de21ecf8f6d65 Change-Id: I9f3540c9e61b4a93038b43983fbb8badac08a2e3
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
e217ee4d7a8223289a1af7363627c69956c46d41 |
|
29-Aug-2012 |
Jeff Sharkey <jsharkey@android.com> |
Access to all users' external storage. System services holding this permission have external storage bound one level higher, giving them access to all users' files. Bug: 7003520 Change-Id: Ib2bcb8455740c713ebd01f71c9a2b89b4e642832
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
2bca868361b41ff6a8228824cbecadc4c5deb44e |
|
22-Aug-2012 |
Jeff Sharkey <jsharkey@android.com> |
Iteration on multi-user external storage. Remove single-user bind mounts, since they need to remain as raw mounts to correctly propagate when remounted. This means we're back to using sdcard_r GID to enforce READ_EXTERNAL_STORAGE. Bug: 6925012 Change-Id: I41b5d7ddc985a5df2e288632a0a80d4724089e00
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
5b1ada2562c17921adf6a62ea62bcb445160983c |
|
15-Aug-2012 |
Jeff Sharkey <jsharkey@android.com> |
Multi-user external storage support. Emulated external storage always has multi-user support using paths like "/data/media/<user_id>". Creates and destroys these paths along with user data. Uses new ensure_dir() to create directories while always ensuring permissions. Add external storage mount mode to zygote, supporting both single- and multi-user devices. For example, devices with physical SD cards are treated as single-user. Begin migrating to mount mode instead of relying on sdcard_r GID to enforce READ_EXTERNAL_STORAGE. Bug: 6925012 Change-Id: I9b872ded992cd078e2c013567d59f9f0032ec02b
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
83d9eda9c2c411e3480c52f01e192bf3c86be8e9 |
|
13-Jan-2012 |
Stephen Smalley <sds@tycho.nsa.gov> |
Pass additional inputs when spawning apps via the Zygote and add SELinux permission checks. When spawning an app process, the ActivityManagerService has additional information about the app package that may be useful in setting a SELinux security context on the process. Extend the Process.start() interface to allow passing such information to the Zygote spawner. We originally considered using the existing zygoteArgs argument, but found that those arguments are appended after the class name and left uninterpreted by ZygoteConnection, merely passed along to the class or wrapper. Thus we introduce a new seInfo argument for this purpose. Modify the ZygoteConnection to interpret the new option and convey it to forkAndSpecialize, as well as passing the nice name as a further input. Also modify the ZygoteConnection to apply SELinux permission checks on privileged operations. Change-Id: I66045ffd33ca9898b1d026882bcc1c5baf3adc17
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
3f9dd287b99340efaaa257759e71a8f81b2ed113 |
|
09-Jul-2011 |
Jeff Brown <jeffbrown@google.com> |
Increase activity timeouts when using a wrapper process. This patch enables the Zygote to tell the ActivityManager when it has started a process with a wrapper attached so that the ActivityManager can allow it extra time to start up or process events. This is useful when wrapping an app with Valgrind or other tools which add significant runtime overhead. Bug: 4584468 Change-Id: I5db6f2f15cd30b0ec40f547d2fadfa216de2926d
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
2455efebcc1e3d1e19d5de4287ac99818718029e |
|
11-Jul-2011 |
Elliott Hughes <enh@google.com> |
SDK_INT is not "current" on unreleased builds. This change (in combination with a dalvik change) ensures that system_server doesn't run with JNI app workarounds turned on. Bug: 4772166 Change-Id: Ia015aa56b5684a176de3c123e8aec7f35e7ecac5
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
e1dfcb7ab01fb991079ec1f70f75281a0ca9073e |
|
08-Jul-2011 |
Elliott Hughes <enh@google.com> |
Pass the targetSdkVersion through to the zygote-forked dalvik. This will let dalvik implement backwards-compatibile behaviors based on an app's targetSdkVersion. Bug: 4772166 Change-Id: I935c5ea9144e8b4e6e21089547287486e2234b7f
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
ae07ecf3766c38af1c12822458b98036b28bd4c0 |
|
07-Jul-2011 |
Elliott Hughes <enh@google.com> |
Add the "debug.jni.logging" property so third-party developers can debug their JNI problems. This turns on the super-verbose but indispensible logging of all native method calls and all calls to JNI functions (for third-party code only). In particular, if you have a local reference bug, you can search for the reference given in the crash and see exactly where it came from. In every case I've seen so far, that's pinpointed the bug exactly. Change-Id: Ifb7ba02ae637bdd53cd8500febdcb9d4d7799bda
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
ebed7d6e35f7f960e6e6add2b8ab7c7a31a511c3 |
|
17-May-2011 |
Jeff Brown <jeffbrown@google.com> |
Support wrapping app processes to inject debug instrumentation. Bug: 4437846 Change-Id: I4552501c693716b14714afb5c5248edaca9547ab
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
1b4c7966b15382e9ffb2bfe6468dcef0b6d090b6 |
|
27-Oct-2010 |
Andy McFadden <fadden@android.com> |
Set capabilities sooner. Bug 3135433. Change-Id: I4e34b60c0a01b85ce0d80eb96ff3510604a68c71
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
23085b781e145ed684e7270af1d5ced6800b8eff |
|
09-Feb-2010 |
Ben Cheng <bccheng@android.com> |
Support per-application switch to execute the VM in safe mode. The new attribute can be set by adding android:safeMode="true" in AndroidManifest.xml with the SDK. Tested with pairing locally compiled SDK with Eclipse and verified that the JIT (the only component currently included in the safe mode) is indeed disabled with the new attribute. Bug: 2267583
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
9066cfe9886ac131c34d59ed0e2d287b0e3c0087 |
|
04-Mar-2009 |
The Android Open Source Project <initial-contribution@android.com> |
auto import from //depot/cupcake/@135843
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
d83a98f4ce9cfa908f5c54bbd70f03eec07e7553 |
|
04-Mar-2009 |
The Android Open Source Project <initial-contribution@android.com> |
auto import from //depot/cupcake/@135843
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
f013e1afd1e68af5e3b868c26a653bbfb39538f8 |
|
18-Dec-2008 |
The Android Open Source Project <initial-contribution@android.com> |
Code drop from //branches/cupcake/...@124589
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|
54b6cfa9a9e5b861a9930af873580d6dc20f773c |
|
21-Oct-2008 |
The Android Open Source Project <initial-contribution@android.com> |
Initial Contribution
/frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java
|