| 130e3d7204d2b2d3d2ba956c3243fbc0fb1cabe4 |
|
23-Aug-2017 |
Tom Cherry <tomcherry@google.com> |
init: pass errors from one Result<T> to another better
Result<T> currently has two problems,
1) A failing Result<T> cannot be easily constructed from a Result<U>'s
error.
2) errno is lost when passing .error() through multiple Result<T>'s
This change fixes both problems having Result<T>::error() return a
ResultError class that contains the std::string error message and int
errno.
It additionally has ostream operators to continue to allow printing
the error string directly to an ostream and also to pass the errno
through to another Result<T> class via Error() creation.
Lastly, it provides a new constructor for Result<T> for ResultError,
such that a Result<T> can be constructed from Result<U>::error().
Test: boot bullhead, init unit tests
Change-Id: Id9614b727cdabd2f5498b0da0e598e9aff7d9ae0
/system/core/init/util_test.cpp
|
| 11a3aeeae3dc887b889d4086d4d26d95c324c08d |
|
03-Aug-2017 |
Tom Cherry <tomcherry@google.com> |
init: introduce Result<T> for return values and error handling
init tries to propagate error information up to build context before
logging errors. This is a good thing, however too often init has the
overly verbose paradigm for error handling, below:
bool CalculateResult(const T& input, U* output, std::string* err)
bool CalculateAndUseResult(const T& input, std::string* err) {
U output;
std::string calculate_result_err;
if (!CalculateResult(input, &output, &calculate_result_err)) {
*err = "CalculateResult " + input + " failed: " +
calculate_result_err;
return false;
}
UseResult(output);
return true;
}
Even more common are functions that return only true/false but also
require passing a std::string* err in order to see the error message.
This change introduces a Result<T> that is use to either hold a
successful return value of type T or to hold an error message as a
std::string. If the functional only returns success or a failure with
an error message, Result<Success> may be used. The classes Error and
ErrnoError are used to indicate a failed Result<T>.
A successful Result<T> is constructed implicitly from any type that
can be implicitly converted to T or from the constructor arguments for
T. This allows you to return a type T directly from a function that
returns Result<T>.
Error and ErrnoError are used to construct a Result<T> has
failed. Each of these classes take an ostream as an input and are
implicitly cast to a Result<T> containing that failure. ErrnoError()
additionally appends ": " + strerror(errno) to the end of the failure
string to aid in interacting with C APIs.
The end result is that the above code snippet is turned into the much
clearer example below:
Result<U> CalculateResult(const T& input);
Result<Success> CalculateAndUseResult(const T& input) {
auto output = CalculateResult(input);
if (!output) {
return Error() << "CalculateResult " << input << " failed: "
<< output.error();
}
UseResult(*output);
return Success();
}
This change also makes this conversion for some of the util.cpp
functions that used the old paradigm.
Test: boot bullhead, init unit tests
Merged-In: I1e7d3a8820a79362245041251057fbeed2f7979b
Change-Id: I1e7d3a8820a79362245041251057fbeed2f7979b
/system/core/init/util_test.cpp
|
| 0c8d6d27304d1d6e5f8f0a3feb1f60872ac278f2 |
|
10-Aug-2017 |
Tom Cherry <tomcherry@google.com> |
init: split security functions out of init.cpp
This change splits out the selinux initialization and supporting
functionality into selinux.cpp and splits the security related
initialization of the rng, etc to security.cpp. It also provides
additional documentation for SEPolicy loading as this has been
requested by some teams.
It additionally cleans up sehandle and sehandle_prop. The former is
static within selinux.cpp and new wrapper functions are created around
selabel_lookup*() to better serve the users. The latter is moved to
property_service.cpp as it is isolated to that file for its usage.
Test: boot bullhead
Merged-In: Idc95d493cebc681fbe686b5160502f36af149f60
Change-Id: Idc95d493cebc681fbe686b5160502f36af149f60
/system/core/init/util_test.cpp
|
| 81f5d3ebef2c3789737bf718fc2a2cdd7b9e8b33 |
|
22-Jun-2017 |
Tom Cherry <tomcherry@google.com> |
init: create android::init:: namespace
With some small fixups along the way
Test: Boot bullhead
Test: init unit tests
Change-Id: I7beaa473cfa9397f845f810557d1631b4a462d6a
/system/core/init/util_test.cpp
|
| 2cbbe9f7a35efdc94e8e34ef92eb6f70a85887fe |
|
05-May-2017 |
Tom Cherry <tomcherry@google.com> |
init: do not log directly from read_file() and write_file()
Their callers may be able to add more context, so use an error string
to record the error.
Bug: 38038887
Test: boot bullhead
Test: Init unit tests
Change-Id: I46690d1c66e00a4b15cadc6fd0d6b50e990388c3
/system/core/init/util_test.cpp
|
| 517e1f17cfec2143d4d10a64b1496a550acf3ea2 |
|
05-May-2017 |
Tom Cherry <tomcherry@google.com> |
init: Check DecodeUid() result and use error string
Check the result of DecodeUid() and return failure when uids/gids are
unable to be decoded.
Also, use an error string instead of logging directly such that more
context can be added when decoding fails.
Bug: 38038887
Test: Boot bullhead
Test: Init unit tests
Change-Id: I84c11aa5a8041bf5d2f754ee9af748344b789b37
/system/core/init/util_test.cpp
|
| e7656b7200d934d6f77df422d6d3dee469230dea |
|
02-May-2017 |
Tom Cherry <tomcherry@google.com> |
ueventd: do not reference init's sehandle
Init exposes a global 'sehandle' that ueventd references as part of
devices.cpp and util.cpp. This is particularly dangerous in
device_init() in which both uevent and init write to this global.
This change creates a separate local copy for devices.cpp and puts
restrictions on where init.h can be included to make sure the global
used by init is not reference by non-init code. Future changes to
init should remove this global.
Test: Boot bullhead
Change-Id: Ifefa9e1932e9d647d06cca2618f5c8e5a7a85460
/system/core/init/util_test.cpp
|
| 060b74baad7c366cb6c74042bf307f1548a8331f |
|
12-Apr-2017 |
Tom Cherry <tomcherry@google.com> |
ueventd: convert mkdir_recursive() to std::string
Bug: 36250207
Test: Boot bullhead
Test: Boot sailfish, observe no boot time regression
Test: init unit tests
Change-Id: I5a2ac369d846e044230b709fd07eb21ad12d47bb
/system/core/init/util_test.cpp
|
| dbe88e7953ed53961056c7f5531d91d229293462 |
|
28-Dec-2016 |
Yongqin Liu <yongqin.liu@linaro.org> |
init: use read_file and write_file to implement do_copy builtin
this will make the implementation more cleaner,
and has error message output when failed on some operations
also add the O_TRUNC flag explicitly for the open function
called in write_file.
And add more test on read_file and write_file functions
Bug: 36726045
Test: manual with hikey
Test: boot and init tests on bullhead
Test: cast with fugu, per b/36726045
Merged-In: If3c30a2fff58cfece2fcd27e69c30382146e6808
Change-Id: If3c30a2fff58cfece2fcd27e69c30382146e6808
Signed-off-by: Yongqin Liu <yongqin.liu@linaro.org>
/system/core/init/util_test.cpp
|
| 53089aa25ca9707e22e45e862f794bfc958d302a |
|
01-Apr-2017 |
Tom Cherry <tomcherry@google.com> |
init: Use std::string for write_file()
The content parameter of write_file() previously took a char* that was
then converted to a std::string in WriteStringToFd(). One unfortunate
effect of this, is that it is impossible to write data that contains
'\0' within it, as the new string will only contain characters up
until the '\0'.
This changes write_file() to take an std::string, such that
std::string::size() is used to determine the length of the string,
allowing it to contain null characters.
Also change the path parameter of read_file() and write_file() for
consistency.
Lastly, add a test for handling strings with '\0' in them.
Bug: 36726045
Test: Boot bullhead, run unit tests
Change-Id: Idad60e4228ee2de741ab3ab6a4917065b5e63cd8
/system/core/init/util_test.cpp
|
| 395e29472fa012c4177d981d9ce699625b706f4f |
|
31-Mar-2017 |
Wonsik Kim <wonsik@google.com> |
Revert "init: use read_file and write_file to implement do_copy builtin"
This reverts commit 82bac0de6d95bcdf45729516f6a4f29eb2681118.
Change-Id: Ibfdf453bd85ba4fcd1948b78bd22e639a883653e
/system/core/init/util_test.cpp
|
| 82bac0de6d95bcdf45729516f6a4f29eb2681118 |
|
28-Dec-2016 |
Yongqin Liu <yongqin.liu@linaro.org> |
init: use read_file and write_file to implement do_copy builtin
this will make the implementation more cleaner,
and has error message output when failed on some operations
also add the O_TRUNC flag explicitly for the open function
called in write_file.
And add more test on read_file and write_file functions
Test: manual with hikey
Change-Id: Ifc1086a20e85db6980b497b1150a8a7952e672d6
Signed-off-by: Yongqin Liu <yongqin.liu@linaro.org>
/system/core/init/util_test.cpp
|
| 978fd0ea254f11f84e38b41a74bbe70c81edc197 |
|
02-Dec-2016 |
Mark Salyzyn <salyzyn@google.com> |
init: service file command only opens existing files
Mixing open or create, along with attribute(MAC) and permissions(DAC)
is a security and confusion issue.
Fix an issue where fcntl F_SETFD was called to clear O_NONBLOCK, when
it should have been F_SETFL. Did not present a problem because the
current user of this feature does writes and control messages only.
Test: gTest logd-unit-tests and check dmesg for logd content.
Bug: 32450474
Bug: 33242020
Change-Id: I23cb9a9be5ddb7e8e9c58c79838bc07536e766e6
/system/core/init/util_test.cpp
|
| 52bd37e63373b410c009e8611508191dfbf31d30 |
|
07-Nov-2016 |
Mark Salyzyn <salyzyn@google.com> |
libcutils: move cutils/files.h to cutils/android_get_control_file.h
files.[h|cpp] is bound to be abused with junk, replace with
android_get_control_file.[h|cpp]. Plus some sundry cleanup.
Test: gTest libcutils-tests, logd-unit-tests, liblog-unit-tests,
logcat-unit-tests and init_tests
Bug: 32450474
Change-Id: Ibd4a7aa4624ea19a43d1f98a3c71ac37805d36b5
/system/core/init/util_test.cpp
|
| 62767fe29f8aaf62470781a3cf419ba11187d178 |
|
27-Oct-2016 |
Mark Salyzyn <salyzyn@google.com> |
init: service file keyword
Solve one more issue where privilege is required to open a file and
we do not want to grant such to the service. This is the service side
of the picture, android_get_control_file() in libcutils is the client.
The file's descriptor is placed into the environment as
"ANDROID_FILE_<path>". For socket and files where non-alpha and
non-numeric characters in the <name/path> are replaced with _. There
was an accompanying change in android_get_control_socket() to match
in commit 'libcutils: add android_get_control_socket() test'
Add a gTest unit test for this that tests create_file and
android_get_control_file().
Test: gTest init_tests --gtest_filter=util.create_file
Bug: 32450474
Change-Id: I96eb970c707db6d51a9885873329ba1cb1f23140
/system/core/init/util_test.cpp
|
| d2104df69b464721a17c21b4cd27931dc3bca612 |
|
19-Jun-2015 |
Nick Kralevich <nnk@google.com> |
init/util.cpp: don't return a negative unsigned value
android_name_to_id() returns -1U on error, which causes a
crash when the following clang options are enabled:
-fsanitize=signed-integer-overflow,unsigned-integer-overflow
-ftrap-function=abort
-fsanitize-undefined-trap-on-error
Rather than returning a negative unsigned value (which doesn't
make a lot of sense, IMHO), return a positive unsigned value.
While we're here, add logging on decode_uid failures.
Bug: 21880301
Change-Id: I652e4c1daa07c7494cceca2b4e1656b9158f2604
/system/core/init/util_test.cpp
|
| 8d82ea05cb0945ba6cb8bf321b9ffbd0b6932745 |
|
07-Feb-2015 |
Elliott Hughes <enh@google.com> |
Implement exec.
Change-Id: I20329bc9b378479d745b498d6a00eca0872cd5ab
/system/core/init/util_test.cpp
|
| f682b4786a4093efb23bf80d69bf80eb274b145b |
|
06-Feb-2015 |
Elliott Hughes <enh@google.com> |
Clean up reading and writing in init.
This isn't particularly useful in and of itself, but it does introduce the
first (trivial) unit test, improves the documentation (including details
about how to debug init crashes), and made me aware of how unpleasant the
existing parser is.
I also fixed a bug in passing --- unless you thought the "peboot" and "pm"
commands were features...
Bug: 19217569
Change-Id: I6ab76129a543ce3ed3dab52ef2c638009874c3de
/system/core/init/util_test.cpp
|