diff options
| author | mosimchah <mosimchah@gmail.com> | 2025-12-02 09:27:38 -0500 |
|---|---|---|
| committer | mosimchah <mosimchah@gmail.com> | 2025-12-02 09:27:38 -0500 |
| commit | c7bade461dc55726f62997d13a48582f7c4b4655 (patch) | |
| tree | ea0588da76060a2038f54f67efd046ca77634b10 /ui/build/sandbox_linux.go | |
| parent | 0f5414d19317805e8bbbe7c4db5f0fd78769bad5 (diff) | |
| parent | 89d78cff8b00d3b20a90074635c3fe5a2ee49474 (diff) | |
Merge branch 'lineage-23.1' of https://github.com/LineageOS/android_build_soong into HEADw16.1
* 'lineage-23.1' of https://github.com/LineageOS/android_build_soong: (528 commits)
Revert "install_symlink: Make symlink target configurable"
Reapply "Clear as much of cc.Module as possible after GenerateBuildActions"
Revert "rust: config: Fix missing CPU variant LD flags in Rust"
Rename build-flag in outdir
Revert^4 "cipd: Default CIPD proxy server to on, add opt-out"
Convert check-vintf-all to phony with actions
Create a partial implementation of check-vintf-all for soong-only
Configure RBE rust pool based on build variant
Revert^3 "Add sdk version check to arr"
Add jdk.internal.invoke to the allowlist
Make droid always depend on symbols zip
Import Device and Odm skus
Don't install gob_gen in Soong
Remove bazel reference from run_integration_tests.sh
Fix bootstrap_test.sh
Don't panic in aconfig libraries when AllowMissingDependencies is set
Avoid returning nil paths from PathForModuleSrc
Revert "Flag controled clang version"
Rework module target dependencies on required deps
Revert^2 "Add sdk version check to arr"
...
Change-Id: I6e9a63fa14fda917a42e426e5dcebbad7f67e1de
Diffstat (limited to 'ui/build/sandbox_linux.go')
| -rw-r--r-- | ui/build/sandbox_linux.go | 61 |
1 files changed, 45 insertions, 16 deletions
diff --git a/ui/build/sandbox_linux.go b/ui/build/sandbox_linux.go index 1edbe2121..ca8e8c2b8 100644 --- a/ui/build/sandbox_linux.go +++ b/ui/build/sandbox_linux.go @@ -16,6 +16,7 @@ package build import ( "bytes" + "encoding/json" "os" "os/exec" "os/user" @@ -25,8 +26,7 @@ import ( ) type Sandbox struct { - Enabled bool - DisableWhenUsingGoma bool + Enabled bool AllowBuildBrokenUsesNetwork bool } @@ -41,8 +41,7 @@ var ( katiSandbox = basicSandbox soongSandbox = basicSandbox ninjaSandbox = Sandbox{ - Enabled: true, - DisableWhenUsingGoma: true, + Enabled: true, AllowBuildBrokenUsesNetwork: true, } @@ -67,11 +66,6 @@ func (c *Cmd) sandboxSupported() bool { return false } - // Goma is incompatible with PID namespaces and Mount namespaces. b/122767582 - if c.Sandbox.DisableWhenUsingGoma && c.config.UseGoma() { - return false - } - sandboxConfig.once.Do(func() { sandboxConfig.group = "nogroup" if _, err := user.LookupGroup(sandboxConfig.group); err != nil { @@ -93,19 +87,24 @@ func (c *Cmd) sandboxSupported() bool { sandboxConfig.distDir = absPath(c.ctx, derefPath) } - sandboxArgs := []string{ + var sandboxArgs []string + sandboxArgs = append(sandboxArgs, "-H", "android-build", "-e", "-u", "nobody", "-g", sandboxConfig.group, - "-R", "/", + ) + sandboxArgs = append(sandboxArgs, + c.readMountArgs()..., + ) + sandboxArgs = append(sandboxArgs, // Mount tmp before srcDir // srcDir is /tmp/.* in integration tests, which is a child dir of /tmp // nsjail throws an error if a child dir is mounted before its parent "-B", "/tmp", - c.config.sandboxConfig.SrcDirMountFlag(), sandboxConfig.srcDir, - "-B", sandboxConfig.outDir, - } + c.config.sandboxConfig.SrcDirMountFlag(), c.srcDirArg(), + "-B", c.outDirArg(), + ) if _, err := os.Stat(sandboxConfig.distDir); !os.IsNotExist(err) { //Mount dist dir as read-write if it already exists @@ -217,6 +216,28 @@ func (c *Cmd) workDir() string { return abfsSrcDir } +func abfsCacheFromMount() (string, error) { + wd, _ := os.Getwd() + type Config struct { + CacheDir string + } + type MountDetails struct { + Config Config + } + var m MountDetails + file, err := os.Open(filepath.Join(wd, ".repo/mount-details")) + if err != nil { + return "", err + } + defer file.Close() + d := json.NewDecoder(file) + if err := d.Decode(&m); err != nil { + return "", err + } + + return m.Config.CacheDir, nil +} + func (c *Cmd) wrapSandbox() { wd := c.workDir() @@ -253,6 +274,10 @@ func (c *Cmd) wrapSandbox() { "--rlimit_cpu", "soft", "--rlimit_fsize", "soft", "--rlimit_nofile", "soft", + + // nsjail defaults to a niceness of 19, the minimum priority. Raise it to 5 so that UI tasks are still + // a higher priority, but the build is a higher priority than the other background tasks that are set to 10. + "--nice_level", "5", ) sandboxArgs = append(sandboxArgs, @@ -277,14 +302,18 @@ func (c *Cmd) wrapSandbox() { "-q", ) if c.config.UseABFS() { - sandboxArgs = append(sandboxArgs, "-B", "{ABFS_DIR}") + cacheDir, err := abfsCacheFromMount() + if err != nil { + c.ctx.Fatalln(err) + } + sandboxArgs = append(sandboxArgs, "-B", cacheDir) } // Mount srcDir RW allowlists as Read-Write if len(c.config.sandboxConfig.SrcDirRWAllowlist()) > 0 && !c.config.sandboxConfig.SrcDirIsRO() { errMsg := `Product source tree has been set as ReadWrite, RW allowlist not necessary. To recover, either - 1. Unset BUILD_BROKEN_SRC_DIR_IS_WRITABLE #or + 1. Set BUILD_BROKEN_SRC_DIR_IS_WRITABLE=false #or 2. Unset BUILD_BROKEN_SRC_DIR_RW_ALLOWLIST` c.ctx.Fatalln(errMsg) } |