In b/203198541, we start to compile standalone system server jars, but
the SELinux policy doesn't allow system_server to load the compiled code
at runtime. As a solution, this change creates class loaders for
standalone system server jars and caches them before switching to the
"system_server" SELinux domain, which essentially loads the jars and
compiled code into the memory.
Bug: 203198541
Test: manual -
1. Patch aosp/1874113, aosp/1876173, aosp/1906158 (in order to have
odrefresh compile a standalone system server jar).
2. Build a system image and flash it to a device.
3. Run "adb shell cat /proc/`adb shell pidof system_server`/maps" and
see "apex@com.android.wifi@javalib@service-wifi.jar@classes.odex"
being mmap'ed.
4. Run "adb logcat | grep avc" and see no denial.
5. atest odsign_e2e_tests
Change-Id: I27fbdaadae2b6f50989b4c534f7fbc80044a6685
Merged-In: I365be766cfb77c6e240d5871f1b3d8ed7abae6f5
(cherry picked from commit 281a2dfaa15fb3439b5ca92995958a8882197f3b)
Update VcnGatewayConnectionConfig to consider
mUnderlyingNetworkPriorities in #hashCode and #equals methods
Rename #setAllowedPlmnIds and #getAllowedPlmnIds
to #setAllowedOperatorPlmnIds and #getAllowedOperatorPlmnIds
Bug: 206044122
Test: atest FrameworksVcnTests(new tests), CtsVcnTestCases
Change-Id: Id16d88024bbb7ef275da0304f2dde1413a18de10
This allows system_server to search/read tracefs entries. It is needed
for attaching cpu timeinstate bpf programs to tracepoints.
Bug: 208892266
Bug: 209513178
Test: libtimeinstate_test
Change-Id: I4139605eb7c5277887092b3d6a3fb26bf4f8f171
* changes:
DelegateRegistrationState Improvement adding new states for DelegateRegistrationState: - DEREGISTERING_REASON_LOSING_PDN - DEREGISTERING_REASON_UNSPECIFIED
IMS RCS API Improvements-DelegateRegistrationState
- FgThread is an service internal class that NativeDaemonConnector
can not use it after moving into mainline module. Thus, replace
it by creating a new thread.
- Remove shutting down check because the original problem owner
netd isn't used NativeDaemonConnector now.
Bug: 206702844
Test: atest FrameworksNetTests CtsNetTestCases
Change-Id: Ib2e227ef1e361f96b397abd7c2a88420ad5a2f22
Update NetworkPriorityClassifier to calculate priority
according to the VcnUnderlyingNetworkPriority list
configured in VcnGatewayConnectionConfig
Bug: 206044122
Test: atest FrameworksVcnTests(new)
Test: atest CtsVcnTestCses
Change-Id: I55afa916af44db655a568aae2488877f2c177d59
Provide last known cell id to connection service
for emergency calls.
Bug: 198533763
Test: unit test
Change-Id: I8b660c0b5fbe095e3b9b67129b7404ebd7ec5ccd
Set the default ClassLoader for the readSerializable(ClassLoader,
Class) API, when the ClassLoader parameter is null.
Doing so could enhance the security of Parcel deserialization,
as it would prevent resolving the Serializable class using unexpected
ClassLoaders.
Test: atest -d android.os.cts.ParcelTest
Bug: 195622897
Change-Id: I6da4b4f817c33e4464d90d1e9775b54793835c92
Implementation for the APIs will be added later.
Bug: 205174140
Bug: 208222281
Tag: #feature
Test: gd/cert/run
Change-Id: I8781be89cba45a6e7a76fec7df24790a9f02d6a6
Right now, nothing is get logged due to an issue
with NetworkPolicyLogger.Data initialization.
Bug: 209236326
Test: adb shell dumpsys netpolicy
Change-Id: Ie0c3e3831802f317c5821676d426ff29a8bb5fa5
Fix AppZygote process and its children (the actual service processes)
ignoring android:memtagMode attribute in the app manifest.
When starting a new AppZygote process, apply memtag-related flags as
determined by the app manifest (and modified by compat features and
actual h/w capabilities). If this is not done, MTE is always disabled in
an AppZygote process, which makes it impossible to enable it in the
AppZygote's children.
This change has no effect unless MTE is supported in the hardware
(ARMv9) and enabled in the system.
Bug: 207557677
Test: CtsTaggingHostTestCases
Change-Id: I8805958545fd790e4ca857184b749a21e58d68cd
During a retry, test methods to be retried are written into a
file, pushed onto device and read by the test instrumentation
for execution.
The default location for such filter file is /data/local/tmp,
which is prohibited for access by system uid packages, such
as the system UI tests package.
This change uses the test app's data folder for filter: this
is not generally applicable for all the tests since root
permission is required, but it is a relatively safe assumption
in case of testing against system uid pakcages since it
implies userdebug build is being used.
Bug: 152001555
Fixes: 208473429
Test: http://go/forrest-run/L76200000952166377
Change-Id: Ifc268a1cdb94ff8e47b6bd323464deb28e0c20ea
Made BluetoothCodecConfig and BluetoothCodecStatus public,
added Builder to BluetoothCodecConfig, added accessor for
SOURCE_CODEC_TYPE_MAX and changed Arrays returns to List.
Tag: #feature
Bug: 200202780
Bug: 170678351
Test: BluetoothCodecConfigTest & BluetoothCodecStatusTest
NoNonSdkCheck: Only user actually requested the changes
Change-Id: Ic61b7087f53f45781f7e0eecca8b6d983093a22d
Introduce a set of optional Java optimization and shrinking settings for
system server, based on the Soong variable added in aosp/1896612.
Opting in to optimizations can be achieved with either:
* Env:
export SYSTEM_OPTIMIZE_JAVA=true
* Make:
$(call add_soong_config_var_value,ANDROID,SYSTEM_OPTIMIZE_JAVA,true)
Note that the initial Proguard configuration is extremely conservative.
Follow-up work will refine the rules to both allow additional shrinking
while avoiding developer friction and overhead when adding services and
dynamically loaded jars.
As these optimiations can change the resulting stack traces, a parallel
effort is working to simplify retracing of stack traces for more
accurate debugging and diagnostics. Additional stabiliation and testing
will occur before any effort to enable these optimizations by default
for specific targets. Also note that there are no plans to enable
obfuscation for any of these targets.
Preliminary results:
* Conservative keep rules (this CL w/ opt-in flag):
* services.jar (19MB -> 15MB)
* services.odex (52MB -> 54MB) (mostly from increased inlining)
* Refined keep rules (follow-up CL):
* services.jar (19MB -> 12MB)
* services.odex (52MB -> 45MB)
Bug: 203088572
Test: SYSTEM_OPTIMIZE_JAVA=true m (validate services.jar/odex change)
Change-Id: I4130233310323611f63cd9bfcc0646080cf95875
Read priv-app permission allowlists from APEX file and warn if
they're in the /system partition instead.
Test: boots
Bug: 190375768
Change-Id: I37d6deb60f0dffb75dd634075cd95bcf7ddf9684
Merged-In: I37d6deb60f0dffb75dd634075cd95bcf7ddf9684
NSD_ON setting has never been set since it created. Besides,
CTS tests assume that nsd service is always enabled otherwise
the tests will fail. Thus, remove the setting from NsdService
which is no need to read/write it and it's also a hidden symbols.
Bug: 206702844
Test: atest FrameworksNetTests CtsNetTestCases
Change-Id: Id3cef7def96925cec5095e12910e9b97ba7efb11
