As general background, OWNERS files expedite code reviews by helping
code authors quickly find relevant reviewers, and they also ensure
that stakeholders are involved in code changes in their areas.
Some teams under frameworks/base/ have been using OWNERS files
successfully for many years, and we're ready to expand them to cover
more areas. Here's the historical coverage statistics for the last
two years of changes before these new OWNERS changes land:
-- 56% of changes are fully covered by OWNERS
-- 17% of changes are partially covered by OWNERS
-- 25% of changes have no OWNERS coverage
Working closely with team leads, we've now identified clear OWNERS on
a per-package basis, and we're using "include" directives whenever
possible to to simplify future maintenance. With this extensive
effort, we've now improved our coverage as follows:
-- 98% of changes are fully covered by OWNERS
-- 1% of changes are partially covered by OWNERS
-- 1% of changes have no OWNERS coverage
This specific change is automatically generated by a script that
identifies relevant "include" directives.
Bug: 174932174
Test: manual
Exempt-From-Owner-Approval: refactoring with team leads buy-in
Merged-In: I3480ddf2fe7ba3dfb922b459d4da01fa17a2c813
Change-Id: I3480ddf2fe7ba3dfb922b459d4da01fa17a2c813
Bug: 154760495
Test: make with WITH_TIDY=1 and DEFAULT_GLOBAL_TIDY_CHECKS=clang-analyzer-core.uninitialized.Branch
Change-Id: I569749166177c25e63b32fb468dccd13797acc05
Enable Incidentd to dump any existing dumpsys section in plain text
(as dumpsys.proto), only in eng or userdebug build. This is for a
few dumpsys services that are prohibitively expensive to migrate to
protobuf dumpsys or will undergo a major rewrite (thus render the
previously defined proto completely useless).
Bug: 149816498
Bug: 146085372
Bug: 146086519
Test: $ incident -p EXPLICIT 4000 4001
Change-Id: I0693d9bace0055cfeb63d7c8d48995d57dc0b733
(cherry picked from commit 95ba73f9c9815da08cdb7015195939a3c1b250bd)
This set of patches adds a way for the perfetto command line client to
save a trace to a hardcoded location,
/data/misc/perfetto-traces/incident-trace, and call into incidentd to
start a report, which will include said trace in a new section.
This is not a long-term solution, and is structured to minimize changes
to perfetto and incidentd. The latter is currently architected in a way
where it can only pull pre-defined information out of the system, so
we're resorting to persisting the intermediate results in a hardcoded
location.
This will introduce at most two more linked files at the same time.
Bug: 130543265
Tested: manually on crosshatch-userdebug
Merged-In: Iaaa312d2d9da73ca329807211227a8c7a049102c
Change-Id: Iaaa312d2d9da73ca329807211227a8c7a049102c
(cherry picked from commit 09a847902fa428f97841c3689b9f11243cc60460)
This set of patches adds a way for the perfetto command line client to
save a trace to a hardcoded location,
/data/misc/perfetto-traces/incident-trace, and call into incidentd to
start a report, which will include said trace in a new section.
This is not a long-term solution, and is structured to minimize changes
to perfetto and incidentd. The latter is currently architected in a way
where it can only pull pre-defined information out of the system, so
we're resorting to persisting the intermediate results in a hardcoded
location.
This will introduce at most two more linked files at the same time.
Bug: 130543265
Tested: manually on blueline-userdebug
Change-Id: Iaaa312d2d9da73ca329807211227a8c7a049102c
- The buffer size increased, and the CTS test that checked that
was triggering.
- Privacy filtering wasn't working for the stack trace sections
- The incident command was not handling the default arguments correctly
- The throttler was throttling streaming reports, which made the
test flaky.
Bug: 126253679
Test: atest CtsIncidentHostTestCases
Change-Id: I342cd7d0421ea8c22b7796fc99e779f21855af73
Previously, the decision to include or not include them was
done at runtime. This changes them to be behind a compile
time flag. It's just safer, because the code just isn't there
instead of being dependent on a system property.
Test: bit GtsIncidentManagerTestCases:*
Bug: 123543706
Change-Id: If4e611914a7b0acd399ae27e55af8f718aee3ec8
I502b34f23d61a7346d79ff0dc378add8461d2d27 added a continue before
skip[i] was set, which left it uninitialized and caused
non-deterministic output of incident-section-gen incidentd and a
non-deterministic incidentd binary. Use a vector instead of a
variable length array for skip so that it is always initialized.
Test: valgrind incident-section-gen incidentd
Change-Id: Iac9778dc8bbf4ec5540e5e2ffdaa8e2dd852d6cc
A few switches didn't have explicit breaks in them, which was causing
warnings. They were all benign, as the logic did not necessitate a
break. But this is will stop the warnings and perhaps prevent future
bugs.
Change-Id: Idb293a4896f4df8d3f11d748e0e716efc26bbd6a
Fixes: 119047812
Test: N/A
It will be a global error by default.
Test: make checkbuild
Bug: 112564944
Change-Id: I26616fd50ccf3639fa7c01d850a14d079273ede7
Exempt-From-Owner-Approval: do not block on new warnings
Arc++ devices don't have the /d/wakeup_sources file. There's a chance
other device won't have it either, and there may be other files that we
thought were standard but are actually not, so it's safer to just assume
that not every file will be available on every device and not treat a
missing file as an error.
Bug: 110109543
Test: atest incidentd_test
Change-Id: Ief09427f08d18aee611d057ddafdb9a3466744db
It will only print out a dump for userdebug or eng builds.
Bug: 77727638
Test: flash device and check output of incident proto and
'dumpsys batterystats -c --history'
Merged-In: Ib74d4c664f23a61e6fc33f700ba6a3c6fad32c74
Change-Id: Ia0c993d1281cc350d93f9c13f5540b349a4bfb84
This is a temporary solution to bypass failure of reading cpu info or
battery type in P if the path doesn't exist on some devices. See bug for
details. However in Q, incidentd should implement reading from the
common Linux kernel interfaces.
Bug: 78028767
Bug: 78239764
Test: atest incidentd_test
Change-Id: I08ffcb21709efe5478d2ac46121deb5795af1024
Merged-In: I08ffcb21709efe5478d2ac46121deb5795af1024
This section simply gzip a large file and stores result in GZippedFileProto
This greatly improves the size, before gzip, the last kmsg size ~500KB,
after gzip the proto size is ~60KB.
Bug: 73354384
Test: atest incidentd_test and manual on device test
Change-Id: I9bfc2cf07384487671edbffb5f0bd8495608fea6
And implement a file section which reads from event-log-tags for
decoding binary logs.
Bug: 70936599
Test: atest incidentd_test && atest incident_helper_test and flush on
device and test log sections and event_log_tag_map
Change-Id: Ib3d35e317f355de69f01ded012482486e9a43da6
2. Expose Dest values in IIncidentReportArgs.h
Please see bug for detail descriptions.
Bug: 67869340
Test: unit tested and on-device test. Ran command:
$ out/host/linux-x86/bin/incident-section-gen incidentd
to test various of privacy taggings.
Change-Id: I12af3d7da4c7c72bd63598893fe2c1f70b09baa4
Protobuf defines classes, which can have self recursive message
definitions and cause a bug in generating privacy flags.
Solve the problem here. The details is in incident_section_gen/main.cpp.
The logic is a bit complicated to address more than one level of self
recursion proto message definition.
Also solve a bug when PrivacyBuffer strips fields.
Modify PRIVACY_POLICY_LIST to be type Privacy** in order to allow
initialization by a method.
Bug: 68162512
Test: unit tested and on device tests
Change-Id: I1d0b79f6813e5fd66c4cf5823d0fa17efc57bb1d
1. Add logging for proto can't be parsed by incident_report
2. Close opened file descriptor of incident report request!
3. Fix invalid syntax of auto-gen section_list.cpp
Bug: 67849582
Test: manually run incident and checks /proc/<its pid>/fd
Change-Id: I38e6ac28de09aca6243ad536ed41d8059e08ba24
Bug: 34740546
Test: build with WITH_TIDY=1 and
WITH_TIDY_CHECKS="*,-readability-*,-google-readability-*,-google-runtime-references"
Change-Id: If99c75cab6a2bec0c6b38aa17189668b4943478d
1. use struct {} to instantiate privacy fields for efficiency reason
2. use vector<uint8_t>* instead of vector<uint8_t>& to indicate the
caller knows the value gets changed.
3. binary search privay policy for sections
Bug: 65595927
Test: unit test covers
Change-Id: Ic58c2f607465d1a7f10352b9a38c3d8b1a5cf352
See build/soong/README.md for more information.
Test: m incident_report incident-section-gen
Test: mmma frameworks/base
Change-Id: If1a930b40196139d29e63f6558bc4a75faca1967
Merged-In: If1a930b40196139d29e63f6558bc4a75faca1967
See build/soong/README.md for more information.
Test: m incident_report incident-section-gen
Test: mmma frameworks/base
Change-Id: If1a930b40196139d29e63f6558bc4a75faca1967
Implement EncodedBuffer that strip pii based on given privacy request.
The reason to implement another buffer is the length-delimited field's
size could change when its submessage gets stripped. It also intends to
keep the orignal data around for other requests to consume it.
In addition, the section implementation has adapted EncodedBuffer so
write out to each request's fd could be request-specific. The next step
is allow requests to set its privacy spec.
Notice the current design set the privacy spec of dropbox to AUTOMATIC,
this behavior might change in the future.
Bug: 64687253
Test: unit tests are writtern, see README.md for how to run unit tests.
Change-Id: I7ac236b8265ba9289dc6e17a8a5bf7f67ffb6bf5
This fixes the warning
frameworks/base/tools/incident_section_gen/main.cpp:170:48:
warning: Potential memory leak [clang-analyzer-cplusplus.NewDeleteLeaks]
Bug:None
Test: The warning is gone.
Change-Id: I48dbd51ff53b35aa3fcd0b6507485ec61c1a160c
1. automatically parse privacy options and generate lookup table
2. create FdBuffer iterator API in order to remove dependency on Reporter.h
Bug: 64687253
Test: Unit test for iterator API, and manually tested lookup table
Change-Id: I1ea376a4481fc4afc7bdf447936f767b63690fd3
Bug: 34740546
Test: build with WITH_TIDY=1 and
WITH_TIDY_CHECKS="*,-readability-*,-google-readability-*,-google-runtime-references"
Change-Id: Ie0885744bdf07d1a66792b61d8a49305162bcd71
This should affect only builds that call clang-tidy.
Without this change, clang-tidy has segmentation fault
when compiling several files in the incident_* directories.
Bug: 34740546
Test: build with WITH_TIDY=1 and
DEFAULT_GLOBAL_TIDY_CHECKS="*,-readability-*,-google-readability-*,-google-runtime-references"
Change-Id: Idfd46f36c01ccdd401eb54b750bc9d962c29ddeb
There are a few major pieces here:
incidentd
---------
This daemon (started by init) runs and accepts incoming requests to take
incident reports. When prompted, it calls into various system services
and fills in an IncidentProto data structure, and then writes the report
into dropbox.
The next steps for incidentd:
- Security review of SELinux policies. These will be a subset of
the dumpstate permissions. Until this is done, incidentd is
not started at boot time.
incident
--------
This shell command calls into incidentd, and can initiate an incident
report and either capture the output or leave for dropbox.
incident_report
---------------
This host side tool can call adb shell with the correct parameters
and also format the incident report as text. This formatting code
was left of the device on purpose. Right now it's pretty small, but
as the number of fields increases, the metadata and code to do the
formatting will start to grow.
The incident_report command also contains a workaround to let it
work before incidentd is turned on by default. Right now, it is
implemented to call adb shell dumpsys <service> --proto directly,
whereas in the future it will go through the full incidentd flow.
incident_section_gen
--------------------
A build-time tool that generates a stripped down set of information
about the fields that are available.
libincident
-----------
This library contains the code to connect to incidentd, and the
meta proto definitions that are used by the framework protos.
The basics are here now, but they are not fully fleshed out yet.
The privacy.proto file contains annotations that can go in the
proto file that we will later use to filter which fields are
uploaded, and which are used by local sources. For example, a
device in a test lab is safe to upload much much more information
than a real user. These will share the same mechanism, but the
user's output will be filtered according to these annotations.
frameworks/core/proto
---------------------
These .proto files contain the definitions of the system's
output. There is one master android.os.IncidentProto file that
is the top level of an incident report, but some other services
(notification, fingerprint, batterystats, etc) will have others
that are used directly by the logging mechanism.
Other files which are shared by several of the services also go
here, such as ComponentName, Locale, Configuration, etc. There
will be many more.
There is also a first iplementation of a dump method handling
--proto in the fingerprint service.
IncidentManager
---------------
The java API to trigger an incident report.
Test: Not written yet
Change-Id: I59568b115ac7fcf73af70c946c95752bf33ae67f
