The disable_configstore is added to disable configstore when API level
is less than or equal to 29.
Bug: 150761042
Test: Add disable_configstore to PRODUCT_PACKAGES && build && check
configstore service
Change-Id: Iac01bb375a5c4080c0e110213c64041ea823ed68
Merged-In: Iac01bb375a5c4080c0e110213c64041ea823ed68
(cherry picked from commit d864334675e83a75c0343510cff3fc90ffb14c51)
GWP-ASan is a sampled allocator framework that is planned for rollout in
Android R. It instruments the bionic allocator, and requires gettid()
during its initialisation.
Ensure that we can call gettid() from configstore.
Bug: 135634846
Test: N/A
Change-Id: I4a92c989ffde9051831e858e805fc20ae993dc01
Since these were combined into libhidlbase.
Bug: 135686713
Test: build only (libhwbinder/libhidltransport are empty)
Change-Id: I075670b64eebbbbd6a6ae0e84ad51bf1c6f5ba36
the configstore functionality was added in Q. But The configstore will
be deleted. So additional function is deleted.
Bug: 124531214
Test: build & boot
Test: adb shell lshal | grep configstore & check configstore 1.2
Change-Id: Idbb00b972bc082bd75bba94dbff9cee19df48b89
Previously we couple wide color gamut display and color management together,
which is because we only do color management when we have wide color gamut
display. However, we would also want display that doesn't support wide color
gamut but is calibrated and is capable of managing sRGB gamut to have color
management. This means we will decouple wide color gamut display from color
management, a device can indicate that it's color managed without having wide
color gamut display and only manage color within sRGB gamut.
BUG: 111505327
Test: BUild, flash and check Natural/Boosted mode.
Change-Id: If1241ce040a6f691609d8f8d72a2d6f3141557cf
This change provides a reference implementation of the configstore HAL
v1.1.
Bug: 69691076
Test: tested on walleye-userdebug
Change-Id: I68ee224bcbda64f6fef91e8a0f95adb32d504aad
Configstore was up-revisioned from 1.0 to 1.1. However no new
APIs were added to 1.1. Therefore configstore in master will be down
revisioned to 1.0.
Bug: 71555815
Test: lshal | grep configsotre
Test: "cat proc/<configstore pid>/status | grep Seccomp " return:
Seccomp: 2
Change-Id: I65d2dc06fbe12d0c0ccc020bbd287e0b14320f2f
To support pthread_attr_setinheritsched for any code that uses pthread_create.
Bug: http://b/67471710
Test: no rolling configstore crashes when booting with the pthread change
Change-Id: I5847adba36b6a5d13b7bd20f955e432c14ce78b8
To prevent property name collisions between properties of system and
vendor, 'vendor.' prefix must be added to a vendor HAL service name.
You can see the details in http://go/treble-sysprop-compatibility.
Test: succeeded building and tested on a walleye device
Bug: 36796459
Change-Id: I4e8fbee791ec917a8f627a1366f4d44ec7e6febc
Configstore was up-revisioned from 1.0 to 1.1. However no new
APIs were added to 1.1. Therefore configstore in mr1 will be down
revisioned to 1.0.
Bug: 64999074
Test: lshal | grep configsotre
Test: "cat proc/<configstore pid>/status | grep Seccomp " return:
Seccomp: 2
Change-Id: Ia2614439cd620fbe5fbd427571ab55a15089cc47
Information such as tombstones and callstack are important when
debugging why a process crashed. configstore's seccomp filter
and selinux policy are currently overly strict and are blocking
the collection of crash data.
In order to keep configstore's sandbox as strict as possible, use
Crash_dump's fallback mechanism to collect crash data. This uses a
local socket to send crash data to tombstoned.
Bug: 64768925
Test: killall -ABRT android.hardware.configstore@1.1-service
Verify that configstore callstack gets dumped to logcat.
Verify that a crash tombstone gets recorded to /data/tombstones
Test: proto_fuzzer runs without crashing
Change-Id: I3c3e13d6aa1c1e2dda2a619dfa815375ee7ebff6
(cherry picked from commit 60ced29112)
Information such as tombstones and callstack are important when
debugging why a process crashed. configstore's seccomp filter
and selinux policy are currently overly strict and are blocking
the collection of crash data.
In order to keep configstore's sandbox as strict as possible, use
Crash_dump's fallback mechanism to collect crash data. This uses a
local socket to send crash data to tombstoned.
Bug: 64768925
Test: killall -ABRT android.hardware.configstore@1.1-service
Verify that configstore callstack gets dumped to logcat.
Verify that a crash tombstone gets recorded to /data/tombstones
Test: proto_fuzzer runs without crashing
Change-Id: I3c3e13d6aa1c1e2dda2a619dfa815375ee7ebff6
Configstore HAL is accessible to third party apps and thus requires
a tight sandbox that reflects the limited system access this HAL
needs.
We use two primary mechanisms to sandbox configstore, selinux and
seccomp, with the goal of restricting its access to userspace and
the kernel. The addition of a seccomp filter is primarily aimed
at reducing the kernel's attack surface that is reachable by
configstore HAL.
Seccomp filters are architecture dependent, so filters need to be
added for each architecture. This change adds a seccomp filter for
arm64 and issues a non-fatal runtime warning for other architectures
which still require a seccomp filter.
Bug: 36453956
Test: boot Marlin and Angler. Verify that configstore is not aborting
due to seccomp violations.
Test: "cat proc/<configstore pid>/status | grep seccomp " returns:
seccomp: 2
Which indicates that configstore is using seccomp-bpf.
Change-Id: Iab014ff357b7329085a5e18a92f51838d2c72371
(cherry picked from commit ed95043d64)
Configstore HAL is accessible to third party apps and thus requires
a tight sandbox that reflects the limited system access this HAL
needs.
We use two primary mechanisms to sandbox configstore, selinux and
seccomp, with the goal of restricting its access to userspace and
the kernel. The addition of a seccomp filter is primarily aimed
at reducing the kernel's attack surface that is reachable by
configstore HAL.
Seccomp filters are architecture dependent, so filters need to be
added for each architecture. This change adds a seccomp filter for
arm64 and issues a non-fatal runtime warning for other architectures
which still require a seccomp filter.
Bug: 36453956
Test: boot Marlin and Angler. Verify that configstore is not aborting
due to seccomp violations.
Test: "cat proc/<configstore pid>/status | grep seccomp " returns:
seccomp: 2
Which indicates that configstore is using seccomp-bpf.
Change-Id: Iab014ff357b7329085a5e18a92f51838d2c72371
This change provides a reference implementation of the configstore HAL
v1.1.
Bug: 37727469
Test: Built sailfish-userdebug and configstore-1.1 works
Change-Id: I75e7fd1da8e90ae48d779a3ba28957c5a93a5529
