130e3d7204d2b2d3d2ba956c3243fbc0fb1cabe4 |
|
23-Aug-2017 |
Tom Cherry <tomcherry@google.com> |
init: pass errors from one Result<T> to another better Result<T> currently has two problems, 1) A failing Result<T> cannot be easily constructed from a Result<U>'s error. 2) errno is lost when passing .error() through multiple Result<T>'s This change fixes both problems having Result<T>::error() return a ResultError class that contains the std::string error message and int errno. It additionally has ostream operators to continue to allow printing the error string directly to an ostream and also to pass the errno through to another Result<T> class via Error() creation. Lastly, it provides a new constructor for Result<T> for ResultError, such that a Result<T> can be constructed from Result<U>::error(). Test: boot bullhead, init unit tests Change-Id: Id9614b727cdabd2f5498b0da0e598e9aff7d9ae0
/system/core/init/util_test.cpp
|
11a3aeeae3dc887b889d4086d4d26d95c324c08d |
|
03-Aug-2017 |
Tom Cherry <tomcherry@google.com> |
init: introduce Result<T> for return values and error handling init tries to propagate error information up to build context before logging errors. This is a good thing, however too often init has the overly verbose paradigm for error handling, below: bool CalculateResult(const T& input, U* output, std::string* err) bool CalculateAndUseResult(const T& input, std::string* err) { U output; std::string calculate_result_err; if (!CalculateResult(input, &output, &calculate_result_err)) { *err = "CalculateResult " + input + " failed: " + calculate_result_err; return false; } UseResult(output); return true; } Even more common are functions that return only true/false but also require passing a std::string* err in order to see the error message. This change introduces a Result<T> that is use to either hold a successful return value of type T or to hold an error message as a std::string. If the functional only returns success or a failure with an error message, Result<Success> may be used. The classes Error and ErrnoError are used to indicate a failed Result<T>. A successful Result<T> is constructed implicitly from any type that can be implicitly converted to T or from the constructor arguments for T. This allows you to return a type T directly from a function that returns Result<T>. Error and ErrnoError are used to construct a Result<T> has failed. Each of these classes take an ostream as an input and are implicitly cast to a Result<T> containing that failure. ErrnoError() additionally appends ": " + strerror(errno) to the end of the failure string to aid in interacting with C APIs. The end result is that the above code snippet is turned into the much clearer example below: Result<U> CalculateResult(const T& input); Result<Success> CalculateAndUseResult(const T& input) { auto output = CalculateResult(input); if (!output) { return Error() << "CalculateResult " << input << " failed: " << output.error(); } UseResult(*output); return Success(); } This change also makes this conversion for some of the util.cpp functions that used the old paradigm. Test: boot bullhead, init unit tests Merged-In: I1e7d3a8820a79362245041251057fbeed2f7979b Change-Id: I1e7d3a8820a79362245041251057fbeed2f7979b
/system/core/init/util_test.cpp
|
0c8d6d27304d1d6e5f8f0a3feb1f60872ac278f2 |
|
10-Aug-2017 |
Tom Cherry <tomcherry@google.com> |
init: split security functions out of init.cpp This change splits out the selinux initialization and supporting functionality into selinux.cpp and splits the security related initialization of the rng, etc to security.cpp. It also provides additional documentation for SEPolicy loading as this has been requested by some teams. It additionally cleans up sehandle and sehandle_prop. The former is static within selinux.cpp and new wrapper functions are created around selabel_lookup*() to better serve the users. The latter is moved to property_service.cpp as it is isolated to that file for its usage. Test: boot bullhead Merged-In: Idc95d493cebc681fbe686b5160502f36af149f60 Change-Id: Idc95d493cebc681fbe686b5160502f36af149f60
/system/core/init/util_test.cpp
|
81f5d3ebef2c3789737bf718fc2a2cdd7b9e8b33 |
|
22-Jun-2017 |
Tom Cherry <tomcherry@google.com> |
init: create android::init:: namespace With some small fixups along the way Test: Boot bullhead Test: init unit tests Change-Id: I7beaa473cfa9397f845f810557d1631b4a462d6a
/system/core/init/util_test.cpp
|
2cbbe9f7a35efdc94e8e34ef92eb6f70a85887fe |
|
05-May-2017 |
Tom Cherry <tomcherry@google.com> |
init: do not log directly from read_file() and write_file() Their callers may be able to add more context, so use an error string to record the error. Bug: 38038887 Test: boot bullhead Test: Init unit tests Change-Id: I46690d1c66e00a4b15cadc6fd0d6b50e990388c3
/system/core/init/util_test.cpp
|
517e1f17cfec2143d4d10a64b1496a550acf3ea2 |
|
05-May-2017 |
Tom Cherry <tomcherry@google.com> |
init: Check DecodeUid() result and use error string Check the result of DecodeUid() and return failure when uids/gids are unable to be decoded. Also, use an error string instead of logging directly such that more context can be added when decoding fails. Bug: 38038887 Test: Boot bullhead Test: Init unit tests Change-Id: I84c11aa5a8041bf5d2f754ee9af748344b789b37
/system/core/init/util_test.cpp
|
e7656b7200d934d6f77df422d6d3dee469230dea |
|
02-May-2017 |
Tom Cherry <tomcherry@google.com> |
ueventd: do not reference init's sehandle Init exposes a global 'sehandle' that ueventd references as part of devices.cpp and util.cpp. This is particularly dangerous in device_init() in which both uevent and init write to this global. This change creates a separate local copy for devices.cpp and puts restrictions on where init.h can be included to make sure the global used by init is not reference by non-init code. Future changes to init should remove this global. Test: Boot bullhead Change-Id: Ifefa9e1932e9d647d06cca2618f5c8e5a7a85460
/system/core/init/util_test.cpp
|
060b74baad7c366cb6c74042bf307f1548a8331f |
|
12-Apr-2017 |
Tom Cherry <tomcherry@google.com> |
ueventd: convert mkdir_recursive() to std::string Bug: 36250207 Test: Boot bullhead Test: Boot sailfish, observe no boot time regression Test: init unit tests Change-Id: I5a2ac369d846e044230b709fd07eb21ad12d47bb
/system/core/init/util_test.cpp
|
dbe88e7953ed53961056c7f5531d91d229293462 |
|
28-Dec-2016 |
Yongqin Liu <yongqin.liu@linaro.org> |
init: use read_file and write_file to implement do_copy builtin this will make the implementation more cleaner, and has error message output when failed on some operations also add the O_TRUNC flag explicitly for the open function called in write_file. And add more test on read_file and write_file functions Bug: 36726045 Test: manual with hikey Test: boot and init tests on bullhead Test: cast with fugu, per b/36726045 Merged-In: If3c30a2fff58cfece2fcd27e69c30382146e6808 Change-Id: If3c30a2fff58cfece2fcd27e69c30382146e6808 Signed-off-by: Yongqin Liu <yongqin.liu@linaro.org>
/system/core/init/util_test.cpp
|
53089aa25ca9707e22e45e862f794bfc958d302a |
|
01-Apr-2017 |
Tom Cherry <tomcherry@google.com> |
init: Use std::string for write_file() The content parameter of write_file() previously took a char* that was then converted to a std::string in WriteStringToFd(). One unfortunate effect of this, is that it is impossible to write data that contains '\0' within it, as the new string will only contain characters up until the '\0'. This changes write_file() to take an std::string, such that std::string::size() is used to determine the length of the string, allowing it to contain null characters. Also change the path parameter of read_file() and write_file() for consistency. Lastly, add a test for handling strings with '\0' in them. Bug: 36726045 Test: Boot bullhead, run unit tests Change-Id: Idad60e4228ee2de741ab3ab6a4917065b5e63cd8
/system/core/init/util_test.cpp
|
395e29472fa012c4177d981d9ce699625b706f4f |
|
31-Mar-2017 |
Wonsik Kim <wonsik@google.com> |
Revert "init: use read_file and write_file to implement do_copy builtin" This reverts commit 82bac0de6d95bcdf45729516f6a4f29eb2681118. Change-Id: Ibfdf453bd85ba4fcd1948b78bd22e639a883653e
/system/core/init/util_test.cpp
|
82bac0de6d95bcdf45729516f6a4f29eb2681118 |
|
28-Dec-2016 |
Yongqin Liu <yongqin.liu@linaro.org> |
init: use read_file and write_file to implement do_copy builtin this will make the implementation more cleaner, and has error message output when failed on some operations also add the O_TRUNC flag explicitly for the open function called in write_file. And add more test on read_file and write_file functions Test: manual with hikey Change-Id: Ifc1086a20e85db6980b497b1150a8a7952e672d6 Signed-off-by: Yongqin Liu <yongqin.liu@linaro.org>
/system/core/init/util_test.cpp
|
978fd0ea254f11f84e38b41a74bbe70c81edc197 |
|
02-Dec-2016 |
Mark Salyzyn <salyzyn@google.com> |
init: service file command only opens existing files Mixing open or create, along with attribute(MAC) and permissions(DAC) is a security and confusion issue. Fix an issue where fcntl F_SETFD was called to clear O_NONBLOCK, when it should have been F_SETFL. Did not present a problem because the current user of this feature does writes and control messages only. Test: gTest logd-unit-tests and check dmesg for logd content. Bug: 32450474 Bug: 33242020 Change-Id: I23cb9a9be5ddb7e8e9c58c79838bc07536e766e6
/system/core/init/util_test.cpp
|
52bd37e63373b410c009e8611508191dfbf31d30 |
|
07-Nov-2016 |
Mark Salyzyn <salyzyn@google.com> |
libcutils: move cutils/files.h to cutils/android_get_control_file.h files.[h|cpp] is bound to be abused with junk, replace with android_get_control_file.[h|cpp]. Plus some sundry cleanup. Test: gTest libcutils-tests, logd-unit-tests, liblog-unit-tests, logcat-unit-tests and init_tests Bug: 32450474 Change-Id: Ibd4a7aa4624ea19a43d1f98a3c71ac37805d36b5
/system/core/init/util_test.cpp
|
62767fe29f8aaf62470781a3cf419ba11187d178 |
|
27-Oct-2016 |
Mark Salyzyn <salyzyn@google.com> |
init: service file keyword Solve one more issue where privilege is required to open a file and we do not want to grant such to the service. This is the service side of the picture, android_get_control_file() in libcutils is the client. The file's descriptor is placed into the environment as "ANDROID_FILE_<path>". For socket and files where non-alpha and non-numeric characters in the <name/path> are replaced with _. There was an accompanying change in android_get_control_socket() to match in commit 'libcutils: add android_get_control_socket() test' Add a gTest unit test for this that tests create_file and android_get_control_file(). Test: gTest init_tests --gtest_filter=util.create_file Bug: 32450474 Change-Id: I96eb970c707db6d51a9885873329ba1cb1f23140
/system/core/init/util_test.cpp
|
d2104df69b464721a17c21b4cd27931dc3bca612 |
|
19-Jun-2015 |
Nick Kralevich <nnk@google.com> |
init/util.cpp: don't return a negative unsigned value android_name_to_id() returns -1U on error, which causes a crash when the following clang options are enabled: -fsanitize=signed-integer-overflow,unsigned-integer-overflow -ftrap-function=abort -fsanitize-undefined-trap-on-error Rather than returning a negative unsigned value (which doesn't make a lot of sense, IMHO), return a positive unsigned value. While we're here, add logging on decode_uid failures. Bug: 21880301 Change-Id: I652e4c1daa07c7494cceca2b4e1656b9158f2604
/system/core/init/util_test.cpp
|
8d82ea05cb0945ba6cb8bf321b9ffbd0b6932745 |
|
07-Feb-2015 |
Elliott Hughes <enh@google.com> |
Implement exec. Change-Id: I20329bc9b378479d745b498d6a00eca0872cd5ab
/system/core/init/util_test.cpp
|
f682b4786a4093efb23bf80d69bf80eb274b145b |
|
06-Feb-2015 |
Elliott Hughes <enh@google.com> |
Clean up reading and writing in init. This isn't particularly useful in and of itself, but it does introduce the first (trivial) unit test, improves the documentation (including details about how to debug init crashes), and made me aware of how unpleasant the existing parser is. I also fixed a bug in passing --- unless you thought the "peboot" and "pm" commands were features... Bug: 19217569 Change-Id: I6ab76129a543ce3ed3dab52ef2c638009874c3de
/system/core/init/util_test.cpp
|