From 154fe3f6a79a23f3abd370fb0f00c383f5ee00a3 Mon Sep 17 00:00:00 2001 From: Sudheer Shanka Date: Mon, 30 Jul 2018 14:44:26 -0700 Subject: Pass the packageName to zygote when starting a new process. This packageName is passed so that the process initialization after the zygote fork can mount appropriate package sandbox. Bug: 111890351 Test: n/a Change-Id: I99d6c1b53fffd53d7387dc807106efe5e1dc9b07 --- core/java/android/os/Process.java | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'core/java/android/os/Process.java') diff --git a/core/java/android/os/Process.java b/core/java/android/os/Process.java index 7ce7c9237815..7caf0b103534 100644 --- a/core/java/android/os/Process.java +++ b/core/java/android/os/Process.java @@ -492,10 +492,11 @@ public class Process { String instructionSet, String appDataDir, String invokeWith, + String packageName, String[] zygoteArgs) { return zygoteProcess.start(processClass, niceName, uid, gid, gids, runtimeFlags, mountExternal, targetSdkVersion, seInfo, - abi, instructionSet, appDataDir, invokeWith, zygoteArgs); + abi, instructionSet, appDataDir, invokeWith, packageName, zygoteArgs); } /** @hide */ @@ -509,10 +510,11 @@ public class Process { String instructionSet, String appDataDir, String invokeWith, + String packageName, String[] zygoteArgs) { return WebViewZygote.getProcess().start(processClass, niceName, uid, gid, gids, runtimeFlags, mountExternal, targetSdkVersion, seInfo, - abi, instructionSet, appDataDir, invokeWith, zygoteArgs); + abi, instructionSet, appDataDir, invokeWith, packageName, zygoteArgs); } /** -- cgit v1.2.3 From d81b1d764bc956db5052e4958dae59246907a12a Mon Sep 17 00:00:00 2001 From: Sudheer Shanka Date: Wed, 5 Sep 2018 16:37:30 -0700 Subject: Add javadoc for package-name arg passed during the process start. This was left out of earlier change which added the package-name arg. Also, add @NonNull/@Nullable annotations to these arguments. Bug: 111890351 Test: manual Change-Id: I0e496172a95bfba432efc6f7f216eb1f0e951511 --- core/java/android/os/Process.java | 43 +++++++++++++++++++++------------------ 1 file changed, 23 insertions(+), 20 deletions(-) (limited to 'core/java/android/os/Process.java') diff --git a/core/java/android/os/Process.java b/core/java/android/os/Process.java index 7caf0b103534..5cd2ffcbc0a5 100644 --- a/core/java/android/os/Process.java +++ b/core/java/android/os/Process.java @@ -16,6 +16,8 @@ package android.os; +import android.annotation.NonNull; +import android.annotation.Nullable; import android.annotation.TestApi; import android.system.Os; import android.system.OsConstants; @@ -475,6 +477,7 @@ public class Process { * @param instructionSet null-ok the instruction set to use. * @param appDataDir null-ok the data directory of the app. * @param invokeWith null-ok the command to invoke with. + * @param packageName null-ok the name of the package this process belongs to. * @param zygoteArgs Additional arguments to supply to the zygote process. * * @return An object that describes the result of the attempt to start the process. @@ -482,36 +485,36 @@ public class Process { * * {@hide} */ - public static final ProcessStartResult start(final String processClass, - final String niceName, - int uid, int gid, int[] gids, + public static final ProcessStartResult start(@NonNull final String processClass, + @Nullable final String niceName, + int uid, int gid, @Nullable int[] gids, int runtimeFlags, int mountExternal, int targetSdkVersion, - String seInfo, - String abi, - String instructionSet, - String appDataDir, - String invokeWith, - String packageName, - String[] zygoteArgs) { + @Nullable String seInfo, + @NonNull String abi, + @Nullable String instructionSet, + @Nullable String appDataDir, + @Nullable String invokeWith, + @Nullable String packageName, + @Nullable String[] zygoteArgs) { return zygoteProcess.start(processClass, niceName, uid, gid, gids, runtimeFlags, mountExternal, targetSdkVersion, seInfo, abi, instructionSet, appDataDir, invokeWith, packageName, zygoteArgs); } /** @hide */ - public static final ProcessStartResult startWebView(final String processClass, - final String niceName, - int uid, int gid, int[] gids, + public static final ProcessStartResult startWebView(@NonNull final String processClass, + @Nullable final String niceName, + int uid, int gid, @Nullable int[] gids, int runtimeFlags, int mountExternal, int targetSdkVersion, - String seInfo, - String abi, - String instructionSet, - String appDataDir, - String invokeWith, - String packageName, - String[] zygoteArgs) { + @Nullable String seInfo, + @NonNull String abi, + @Nullable String instructionSet, + @Nullable String appDataDir, + @Nullable String invokeWith, + @Nullable String packageName, + @Nullable String[] zygoteArgs) { return WebViewZygote.getProcess().start(processClass, niceName, uid, gid, gids, runtimeFlags, mountExternal, targetSdkVersion, seInfo, abi, instructionSet, appDataDir, invokeWith, packageName, zygoteArgs); -- cgit v1.2.3 From 3f0645ba835111d3df9fe2ceac8aa8e456f604c2 Mon Sep 17 00:00:00 2001 From: Sudheer Shanka Date: Tue, 18 Sep 2018 13:07:59 -0700 Subject: Bind mount pkg specific dirs in the zygote child namespaces. - Also update vold to create sandboxes for secondary storage devices. - Since bind mounts are created in the process specific namespaces, we don't need /mnt/storage anymore which we were using it to prevent some bind mounts from propagating onto /mnt/runtime/write. - Create bind mounts for {media,obb} dirs similar to data dir in per process namespace. - Also fix a bug where we are not passing correct packages to vold when a new user starts. Bug: 111890351 Test: manual Change-Id: I1abbafabc58993860305e5a928c980420f89f289 --- core/java/android/os/Process.java | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) (limited to 'core/java/android/os/Process.java') diff --git a/core/java/android/os/Process.java b/core/java/android/os/Process.java index 6fab3c412ae5..0f64c4531bc3 100644 --- a/core/java/android/os/Process.java +++ b/core/java/android/os/Process.java @@ -483,6 +483,8 @@ public class Process { * @param appDataDir null-ok the data directory of the app. * @param invokeWith null-ok the command to invoke with. * @param packageName null-ok the name of the package this process belongs to. + * @param packagesForUid null-ok all the packages with the same uid as this process. + * @param visibleVols null-ok storage volumes that can be accessed by this process. * @param zygoteArgs Additional arguments to supply to the zygote process. * * @return An object that describes the result of the attempt to start the process. @@ -501,10 +503,13 @@ public class Process { @Nullable String appDataDir, @Nullable String invokeWith, @Nullable String packageName, + @Nullable String[] packagesForUid, + @Nullable String[] visibleVols, @Nullable String[] zygoteArgs) { return zygoteProcess.start(processClass, niceName, uid, gid, gids, runtimeFlags, mountExternal, targetSdkVersion, seInfo, - abi, instructionSet, appDataDir, invokeWith, packageName, zygoteArgs); + abi, instructionSet, appDataDir, invokeWith, packageName, + packagesForUid, visibleVols, zygoteArgs); } /** @hide */ @@ -519,10 +524,13 @@ public class Process { @Nullable String appDataDir, @Nullable String invokeWith, @Nullable String packageName, + @Nullable String[] packagesForUid, + @Nullable String[] visibleVols, @Nullable String[] zygoteArgs) { return WebViewZygote.getProcess().start(processClass, niceName, uid, gid, gids, runtimeFlags, mountExternal, targetSdkVersion, seInfo, - abi, instructionSet, appDataDir, invokeWith, packageName, zygoteArgs); + abi, instructionSet, appDataDir, invokeWith, packageName, + packagesForUid, visibleVols, zygoteArgs); } /** -- cgit v1.2.3 From cc065fb95e2224fe6f49011350f3399cbf27fe79 Mon Sep 17 00:00:00 2001 From: Misha Wagner Date: Mon, 15 Oct 2018 10:45:44 +0100 Subject: Modify Process::readProcFile to read in variable size file The original Process::readProcFile could only read files smaller than 256 bytes. This change allows the function to read in larger files. For files smaller than 256 bytes, the added cost is only an extra read call, which returns zero. Documentation has also been added to Process::readProcFile. Test: Used in change 5168194 Change-Id: I82f27355276e08f96bdb5fe7da49514a87afb429 --- core/java/android/os/Process.java | 33 ++++++++++++++++++++++++++++++--- 1 file changed, 30 insertions(+), 3 deletions(-) (limited to 'core/java/android/os/Process.java') diff --git a/core/java/android/os/Process.java b/core/java/android/os/Process.java index 0f64c4531bc3..379d28cf10a0 100644 --- a/core/java/android/os/Process.java +++ b/core/java/android/os/Process.java @@ -1003,11 +1003,38 @@ public class Process { public static final int PROC_OUT_LONG = 0x2000; /** @hide */ public static final int PROC_OUT_FLOAT = 0x4000; - - /** @hide */ + + /** + * Read and parse a {@code proc} file in the given format. + * + *

The format is a list of integers, where every integer describes a variable in the file. It + * specifies how the variable is syntactically terminated (e.g. {@link Process#PROC_SPACE_TERM}, + * {@link Process#PROC_TAB_TERM}, {@link Process#PROC_ZERO_TERM}). + * + *

If the variable should be parsed and returned to the caller, the termination type should + * be binary OR'd with the type of output (e.g. {@link Process#PROC_OUT_STRING}, {@link + * Process#PROC_OUT_LONG}, {@link Process#PROC_OUT_FLOAT}. + * + *

If the variable is wrapped in quotation marks it should be binary OR'd with {@link + * Process#PROC_QUOTES}. If the variable is wrapped in parentheses it should be binary OR'd with + * {@link Process#PROC_PARENS}. + * + *

If the variable is not formatted as a string and should be cast directly from characters + * to a long, the {@link Process#PROC_CHAR} integer should be binary OR'd. + * + *

If the terminating character can be repeated, the {@link Process#PROC_COMBINE} integer + * should be binary OR'd. + * + * @param file the path of the {@code proc} file to read + * @param format the format of the file + * @param outStrings the parsed {@code String}s from the file + * @param outLongs the parsed {@code long}s from the file + * @param outFloats the parsed {@code float}s from the file + * @hide + */ public static final native boolean readProcFile(String file, int[] format, String[] outStrings, long[] outLongs, float[] outFloats); - + /** @hide */ public static final native boolean parseProcLine(byte[] buffer, int startIndex, int endIndex, int[] format, String[] outStrings, long[] outLongs, float[] outFloats); -- cgit v1.2.3 From 566903ab47c684c0b955fe446ab4dbf5dfaf1a79 Mon Sep 17 00:00:00 2001 From: Misha Wagner Date: Tue, 2 Oct 2018 10:50:12 +0100 Subject: Add class to read per-thread CPU usage from proc filesystem Reads all thread CPU usage for the current process. This traverses "/proc/self/task/*/time_in_state" to gather the thread ID and CPU usage of each child thread. Process name, thread name, and UID are also read from "/proc" for interpretable data. Bug: 111534779 Test: Unit test in CpuThreadProcReaderTest Change-Id: I6c71dde1dfcc9bbb87d95baf0886f9da7a782299 --- core/java/android/os/Process.java | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'core/java/android/os/Process.java') diff --git a/core/java/android/os/Process.java b/core/java/android/os/Process.java index 379d28cf10a0..651caece01f9 100644 --- a/core/java/android/os/Process.java +++ b/core/java/android/os/Process.java @@ -990,6 +990,8 @@ public class Process { /** @hide */ public static final int PROC_TAB_TERM = (int)'\t'; /** @hide */ + public static final int PROC_NEWLINE_TERM = (int) '\n'; + /** @hide */ public static final int PROC_COMBINE = 0x100; /** @hide */ public static final int PROC_PARENS = 0x200; @@ -1009,7 +1011,8 @@ public class Process { * *

The format is a list of integers, where every integer describes a variable in the file. It * specifies how the variable is syntactically terminated (e.g. {@link Process#PROC_SPACE_TERM}, - * {@link Process#PROC_TAB_TERM}, {@link Process#PROC_ZERO_TERM}). + * {@link Process#PROC_TAB_TERM}, {@link Process#PROC_ZERO_TERM}, {@link + * Process#PROC_NEWLINE_TERM}). * *

If the variable should be parsed and returned to the caller, the termination type should * be binary OR'd with the type of output (e.g. {@link Process#PROC_OUT_STRING}, {@link -- cgit v1.2.3 From fb07678985532c8d9fcdb24e63b1d0af18a9140e Mon Sep 17 00:00:00 2001 From: Tim Murray Date: Tue, 27 Nov 2018 12:22:22 -0800 Subject: add android.os.Process.getRss() This is necessary for low-impact logging useful for training. Test: gets RSS correctly bug 119789589 Change-Id: Ie32202ff9280208dbe967a22883d8ed1198fa724 --- core/java/android/os/Process.java | 3 +++ 1 file changed, 3 insertions(+) (limited to 'core/java/android/os/Process.java') diff --git a/core/java/android/os/Process.java b/core/java/android/os/Process.java index 651caece01f9..2abcb4cd9379 100644 --- a/core/java/android/os/Process.java +++ b/core/java/android/os/Process.java @@ -1055,6 +1055,9 @@ public class Process { */ public static final native long getPss(int pid); + /** @hide */ + public static final native long[] getRss(int pid); + /** * Specifies the outcome of having started a process. * @hide -- cgit v1.2.3 From 01e719bebbd3bcc64d4ddb4ace8ac01082e3b706 Mon Sep 17 00:00:00 2001 From: Martijn Coenen Date: Wed, 5 Dec 2018 16:01:38 +0100 Subject: Allocate isolated UID ranges for app zygote and its children. Introduce a new range of app-zygote isolated UIDs, [90000..98999]. For each app that uses an application Zygote, allocate a range of 100 isolated UIDs. The application Zygote for an app will get a UID out of that range, and all other children that are forked from that zygote will get a UID from the same range. Bug: 111434506 Test: app Zygote and its children run in the new range of isolated UIDs (with SELinux disabled). New set of tests for UID allocators pass. Change-Id: I7a6883a5ddb95683932c93ea77f4e52d8f37fa4f --- core/java/android/os/Process.java | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) (limited to 'core/java/android/os/Process.java') diff --git a/core/java/android/os/Process.java b/core/java/android/os/Process.java index 938b23ca733f..ee56e3d0ad16 100644 --- a/core/java/android/os/Process.java +++ b/core/java/android/os/Process.java @@ -204,6 +204,24 @@ public class Process { */ public static final int LAST_APPLICATION_UID = 19999; + /** + * First uid used for fully isolated sandboxed processes spawned from an app zygote + * @hide + */ + public static final int FIRST_APP_ZYGOTE_ISOLATED_UID = 90000; + + /** + * Number of UIDs we allocate per application zygote + * @hide + */ + public static final int NUM_UIDS_PER_APP_ZYGOTE = 100; + + /** + * Last uid used for fully isolated sandboxed processes spawned from an app zygote + * @hide + */ + public static final int LAST_APP_ZYGOTE_ISOLATED_UID = 98999; + /** * First uid used for fully isolated sandboxed processes (with no permissions of their own) * @hide @@ -650,7 +668,8 @@ public class Process { /** {@hide} */ public static final boolean isIsolated(int uid) { uid = UserHandle.getAppId(uid); - return uid >= FIRST_ISOLATED_UID && uid <= LAST_ISOLATED_UID; + return (uid >= FIRST_ISOLATED_UID && uid <= LAST_ISOLATED_UID) + || (uid >= FIRST_APP_ZYGOTE_ISOLATED_UID && uid <= LAST_APP_ZYGOTE_ISOLATED_UID); } /** -- cgit v1.2.3 From dbf6abc35757692de776cefc0f0944bfe316accc Mon Sep 17 00:00:00 2001 From: Martijn Coenen Date: Thu, 10 Jan 2019 08:37:45 +0100 Subject: Make some Process constants @TestApi. Bug: 111434506 Test: atest CtsSeccompHostTestCases builds Change-Id: If4b9bff1e72d7b1299ac5f5a283b0ab7d504ab03 --- core/java/android/os/Process.java | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'core/java/android/os/Process.java') diff --git a/core/java/android/os/Process.java b/core/java/android/os/Process.java index ee56e3d0ad16..760fef7566c7 100644 --- a/core/java/android/os/Process.java +++ b/core/java/android/os/Process.java @@ -208,30 +208,35 @@ public class Process { * First uid used for fully isolated sandboxed processes spawned from an app zygote * @hide */ + @TestApi public static final int FIRST_APP_ZYGOTE_ISOLATED_UID = 90000; /** * Number of UIDs we allocate per application zygote * @hide */ + @TestApi public static final int NUM_UIDS_PER_APP_ZYGOTE = 100; /** * Last uid used for fully isolated sandboxed processes spawned from an app zygote * @hide */ + @TestApi public static final int LAST_APP_ZYGOTE_ISOLATED_UID = 98999; /** * First uid used for fully isolated sandboxed processes (with no permissions of their own) * @hide */ + @TestApi public static final int FIRST_ISOLATED_UID = 99000; /** * Last uid used for fully isolated sandboxed processes (with no permissions of their own) * @hide */ + @TestApi public static final int LAST_ISOLATED_UID = 99999; /** -- cgit v1.2.3 From efce929711536274fddc0642df162df1dddc7752 Mon Sep 17 00:00:00 2001 From: Chris Wailes Date: Fri, 11 Jan 2019 13:19:20 -0800 Subject: Code cleanup to conform to style guide / linter. This commit made the following changes to make the code conform to the Frameworks style guide: * Re-named variables * Re-flowed code * Organized includes Topic: zygote-prefork Test: make & flash & launch apps Bug: 68253328 Change-Id: I9274b32f1f606f29f6eb3a1e5068ca18f607afe7 --- core/java/android/os/Process.java | 15 ++------------- 1 file changed, 2 insertions(+), 13 deletions(-) (limited to 'core/java/android/os/Process.java') diff --git a/core/java/android/os/Process.java b/core/java/android/os/Process.java index f2a9adb6feea..07c4933e2e3f 100644 --- a/core/java/android/os/Process.java +++ b/core/java/android/os/Process.java @@ -31,16 +31,6 @@ import dalvik.system.VMRuntime; public class Process { private static final String LOG_TAG = "Process"; - /** - * @hide for internal use only. - */ - public static final String ZYGOTE_SOCKET = "zygote"; - - /** - * @hide for internal use only. - */ - public static final String SECONDARY_ZYGOTE_SOCKET = "zygote_secondary"; - /** * An invalid UID value. */ @@ -479,8 +469,7 @@ public class Process { * State associated with the zygote process. * @hide */ - public static final ZygoteProcess zygoteProcess = - new ZygoteProcess(ZYGOTE_SOCKET, SECONDARY_ZYGOTE_SOCKET); + public static final ZygoteProcess ZYGOTE_PROCESS = new ZygoteProcess(); /** * Start a new process. @@ -538,7 +527,7 @@ public class Process { @Nullable String[] packagesForUid, @Nullable String[] visibleVols, @Nullable String[] zygoteArgs) { - return zygoteProcess.start(processClass, niceName, uid, gid, gids, + return ZYGOTE_PROCESS.start(processClass, niceName, uid, gid, gids, runtimeFlags, mountExternal, targetSdkVersion, seInfo, abi, instructionSet, appDataDir, invokeWith, packageName, packagesForUid, visibleVols, zygoteArgs); -- cgit v1.2.3 From ba4c2eb189d0e7dccaef01568b864a744070e379 Mon Sep 17 00:00:00 2001 From: Chris Wailes Date: Fri, 11 Jan 2019 17:13:00 -0800 Subject: Enables the use of the blastula pool. This commit adds the code necessar to initialize and use the blastula pool during application launching. Highlights include: * Modifying ZygoteState to allow the creation of blastula session sockets * Modified application startup to track if a web view process is being created. * Initialization of the blastula pool during Zygote initialization. * Blastula lifecycle management via reporting pipes and event FDs. * Launching of applications via the blastula pool. The creation, maintenance, and use of the blastula pool can be disabled by setting Zygote.BLASTULA_POOL_ENABLED to false. When this feature is disabled applications will launch as they did before this patch. Topic: zygote-prefork Test: make & flash & launch app & check log message Bug: 68253328 Exempt-From-Owner-Approval: No changes to files with owners between revisions Change-Id: I46c32ad09400591e866b6c6121d5a9b0332092f3 --- core/java/android/os/Process.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'core/java/android/os/Process.java') diff --git a/core/java/android/os/Process.java b/core/java/android/os/Process.java index 07c4933e2e3f..d2ab053eb4e6 100644 --- a/core/java/android/os/Process.java +++ b/core/java/android/os/Process.java @@ -530,7 +530,7 @@ public class Process { return ZYGOTE_PROCESS.start(processClass, niceName, uid, gid, gids, runtimeFlags, mountExternal, targetSdkVersion, seInfo, abi, instructionSet, appDataDir, invokeWith, packageName, - packagesForUid, visibleVols, zygoteArgs); + packagesForUid, visibleVols, /*useBlastulaPool=*/ true, zygoteArgs); } /** @hide */ @@ -551,7 +551,7 @@ public class Process { return WebViewZygote.getProcess().start(processClass, niceName, uid, gid, gids, runtimeFlags, mountExternal, targetSdkVersion, seInfo, abi, instructionSet, appDataDir, invokeWith, packageName, - packagesForUid, visibleVols, zygoteArgs); + packagesForUid, visibleVols, /*useBlastulaPool=*/ false, zygoteArgs); } /** -- cgit v1.2.3 From 03fd40b36e1823d12f5c8b89212a708c7a866cfd Mon Sep 17 00:00:00 2001 From: Sudheer Shanka Date: Wed, 6 Feb 2019 12:39:14 -0800 Subject: Remove sandbox specific bind mounts from root namespace. Update vold to only create package sandboxes and not do any bind mounts. After zygote forks, all the necessary bind mounts will be setup for the process. Bug: 124009234 Test: manual Test: atest cts/hostsidetests/appsecurity/src/android/appsecurity/cts/ExternalStorageHostTest.java Test: atest DownloadProviderTests Test: atest cts/tests/app/src/android/app/cts/DownloadManagerTest.java Test: atest MediaProviderTests Test: atest cts/tests/tests/provider/src/android/provider/cts/MediaStore* Change-Id: Ibd4af79b385e20228a0e9ce4446f14ead87e228e --- core/java/android/os/Process.java | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'core/java/android/os/Process.java') diff --git a/core/java/android/os/Process.java b/core/java/android/os/Process.java index d2ab053eb4e6..9e97e375753c 100644 --- a/core/java/android/os/Process.java +++ b/core/java/android/os/Process.java @@ -526,11 +526,12 @@ public class Process { @Nullable String packageName, @Nullable String[] packagesForUid, @Nullable String[] visibleVols, + @Nullable String sandboxId, @Nullable String[] zygoteArgs) { return ZYGOTE_PROCESS.start(processClass, niceName, uid, gid, gids, runtimeFlags, mountExternal, targetSdkVersion, seInfo, abi, instructionSet, appDataDir, invokeWith, packageName, - packagesForUid, visibleVols, /*useBlastulaPool=*/ true, zygoteArgs); + packagesForUid, visibleVols, sandboxId, /*useBlastulaPool=*/ true, zygoteArgs); } /** @hide */ @@ -547,11 +548,12 @@ public class Process { @Nullable String packageName, @Nullable String[] packagesForUid, @Nullable String[] visibleVols, + @Nullable String sandboxId, @Nullable String[] zygoteArgs) { return WebViewZygote.getProcess().start(processClass, niceName, uid, gid, gids, runtimeFlags, mountExternal, targetSdkVersion, seInfo, abi, instructionSet, appDataDir, invokeWith, packageName, - packagesForUid, visibleVols, /*useBlastulaPool=*/ false, zygoteArgs); + packagesForUid, visibleVols, sandboxId, /*useBlastulaPool=*/ false, zygoteArgs); } /** -- cgit v1.2.3 From e51005da04b634802aad99e9e5e5f23eb1e7aeee Mon Sep 17 00:00:00 2001 From: Sudheer Shanka Date: Sun, 24 Feb 2019 10:24:09 -0800 Subject: Look for visible vols for a user under /mnt/user//package/. Currently, we pass down visisble volumes for a user to zygote so that it can set up appropriate bind mounts after forking. This method has atleast a couple of race conditions, so instead make zygote just look under /mnt/user//package for volumes that need to be handled for a particular user. Bug: 126069494 Test: manual Test: atest cts/hostsidetests/appsecurity/src/android/appsecurity/cts/ExternalStorageHostTest.java Test: atest cts/tests/app/src/android/app/cts/DownloadManagerTest.java Test: atest cts/tests/tests/provider/src/android/provider/cts/MediaStore* Change-Id: Iab47eb34d38a25dfda4a686db9b7203ad4885a93 --- core/java/android/os/Process.java | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) (limited to 'core/java/android/os/Process.java') diff --git a/core/java/android/os/Process.java b/core/java/android/os/Process.java index 9e97e375753c..cd43b42c8ca5 100644 --- a/core/java/android/os/Process.java +++ b/core/java/android/os/Process.java @@ -505,7 +505,6 @@ public class Process { * @param invokeWith null-ok the command to invoke with. * @param packageName null-ok the name of the package this process belongs to. * @param packagesForUid null-ok all the packages with the same uid as this process. - * @param visibleVols null-ok storage volumes that can be accessed by this process. * @param zygoteArgs Additional arguments to supply to the zygote process. * * @return An object that describes the result of the attempt to start the process. @@ -525,13 +524,12 @@ public class Process { @Nullable String invokeWith, @Nullable String packageName, @Nullable String[] packagesForUid, - @Nullable String[] visibleVols, @Nullable String sandboxId, @Nullable String[] zygoteArgs) { return ZYGOTE_PROCESS.start(processClass, niceName, uid, gid, gids, runtimeFlags, mountExternal, targetSdkVersion, seInfo, abi, instructionSet, appDataDir, invokeWith, packageName, - packagesForUid, visibleVols, sandboxId, /*useBlastulaPool=*/ true, zygoteArgs); + packagesForUid, sandboxId, /*useBlastulaPool=*/ true, zygoteArgs); } /** @hide */ @@ -547,13 +545,12 @@ public class Process { @Nullable String invokeWith, @Nullable String packageName, @Nullable String[] packagesForUid, - @Nullable String[] visibleVols, @Nullable String sandboxId, @Nullable String[] zygoteArgs) { return WebViewZygote.getProcess().start(processClass, niceName, uid, gid, gids, runtimeFlags, mountExternal, targetSdkVersion, seInfo, abi, instructionSet, appDataDir, invokeWith, packageName, - packagesForUid, visibleVols, sandboxId, /*useBlastulaPool=*/ false, zygoteArgs); + packagesForUid, sandboxId, /*useBlastulaPool=*/ false, zygoteArgs); } /** -- cgit v1.2.3 From 7e797b6f268395429e8f50187cabc0dff237efa5 Mon Sep 17 00:00:00 2001 From: Chris Wailes Date: Fri, 22 Feb 2019 18:29:22 -0800 Subject: Renamed blastula to unspecialized app process (usap) Bug: 123017829 Test: make & boot & launch apps Change-Id: Icfb9f8f4ebabacece817735d60d232cf3afb4e08 --- core/java/android/os/Process.java | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'core/java/android/os/Process.java') diff --git a/core/java/android/os/Process.java b/core/java/android/os/Process.java index cd43b42c8ca5..03fc2a947051 100644 --- a/core/java/android/os/Process.java +++ b/core/java/android/os/Process.java @@ -529,7 +529,8 @@ public class Process { return ZYGOTE_PROCESS.start(processClass, niceName, uid, gid, gids, runtimeFlags, mountExternal, targetSdkVersion, seInfo, abi, instructionSet, appDataDir, invokeWith, packageName, - packagesForUid, sandboxId, /*useBlastulaPool=*/ true, zygoteArgs); + packagesForUid, sandboxId, /*useUnspecializedAppProcessPool=*/ true, + zygoteArgs); } /** @hide */ @@ -550,7 +551,8 @@ public class Process { return WebViewZygote.getProcess().start(processClass, niceName, uid, gid, gids, runtimeFlags, mountExternal, targetSdkVersion, seInfo, abi, instructionSet, appDataDir, invokeWith, packageName, - packagesForUid, sandboxId, /*useBlastulaPool=*/ false, zygoteArgs); + packagesForUid, sandboxId, /*useUnspecializedAppProcessPool=*/ false, + zygoteArgs); } /** -- cgit v1.2.3 From 24ec321bf3bd094c5975439bd8285272f91dd655 Mon Sep 17 00:00:00 2001 From: Andrei Onea Date: Fri, 15 Mar 2019 17:35:05 +0000 Subject: Add @UnsupportedAppUsage annotations For packages: android.os This is an automatically generated CL. See go/UnsupportedAppUsage for more details. Exempted-From-Owner-Approval: Mechanical changes to the codebase which have been approved by Android API council and announced on android-eng@ Bug: 110868826 Test: m Change-Id: I4ece0a3f37f88fc2508cb965092aed7cabc61819 --- core/java/android/os/Process.java | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) (limited to 'core/java/android/os/Process.java') diff --git a/core/java/android/os/Process.java b/core/java/android/os/Process.java index 03fc2a947051..a7ac7a1fd689 100644 --- a/core/java/android/os/Process.java +++ b/core/java/android/os/Process.java @@ -19,6 +19,7 @@ package android.os; import android.annotation.NonNull; import android.annotation.Nullable; import android.annotation.TestApi; +import android.annotation.UnsupportedAppUsage; import android.system.Os; import android.system.OsConstants; import android.webkit.WebViewZygote; @@ -60,30 +61,35 @@ public class Process { * Defines the UID/GID for the log group. * @hide */ + @UnsupportedAppUsage public static final int LOG_UID = 1007; /** * Defines the UID/GID for the WIFI supplicant process. * @hide */ + @UnsupportedAppUsage public static final int WIFI_UID = 1010; /** * Defines the UID/GID for the mediaserver process. * @hide */ + @UnsupportedAppUsage public static final int MEDIA_UID = 1013; /** * Defines the UID/GID for the DRM process. * @hide */ + @UnsupportedAppUsage public static final int DRM_UID = 1019; /** * Defines the UID/GID for the group that controls VPN services. * @hide */ + @UnsupportedAppUsage public static final int VPN_UID = 1016; /** @@ -96,6 +102,7 @@ public class Process { * Defines the UID/GID for the NFC service process. * @hide */ + @UnsupportedAppUsage public static final int NFC_UID = 1027; /** @@ -600,6 +607,7 @@ public class Process { * Returns the identifier of this process' parent. * @hide */ + @UnsupportedAppUsage public static final int myPpid() { return Os.getppid(); } @@ -658,6 +666,7 @@ public class Process { } /** {@hide} */ + @UnsupportedAppUsage public static final boolean isIsolated(int uid) { uid = UserHandle.getAppId(uid); return (uid >= FIRST_ISOLATED_UID && uid <= LAST_ISOLATED_UID) @@ -684,6 +693,7 @@ public class Process { * @return the uid of the process, or -1 if the process is not running. * @hide pending API council review */ + @UnsupportedAppUsage public static final int getUidForPid(int pid) { String[] procStatusLabels = { "Uid:" }; long[] procStatusValues = new long[1]; @@ -698,6 +708,7 @@ public class Process { * @return the parent process id of the process, or -1 if the process is not running. * @hide */ + @UnsupportedAppUsage public static final int getParentPid(int pid) { String[] procStatusLabels = { "PPid:" }; long[] procStatusValues = new long[1]; @@ -801,6 +812,7 @@ public class Process { * * Always sets cpusets. */ + @UnsupportedAppUsage public static final native void setProcessGroup(int pid, int group) throws IllegalArgumentException, SecurityException; @@ -942,6 +954,7 @@ public class Process { * * {@hide} */ + @UnsupportedAppUsage public static final native void setArgV0(String text); /** @@ -992,41 +1005,55 @@ public class Process { public static final native void sendSignalQuiet(int pid, int signal); /** @hide */ + @UnsupportedAppUsage public static final native long getFreeMemory(); /** @hide */ + @UnsupportedAppUsage public static final native long getTotalMemory(); /** @hide */ + @UnsupportedAppUsage public static final native void readProcLines(String path, String[] reqFields, long[] outSizes); /** @hide */ + @UnsupportedAppUsage public static final native int[] getPids(String path, int[] lastArray); /** @hide */ + @UnsupportedAppUsage public static final int PROC_TERM_MASK = 0xff; /** @hide */ + @UnsupportedAppUsage public static final int PROC_ZERO_TERM = 0; /** @hide */ + @UnsupportedAppUsage public static final int PROC_SPACE_TERM = (int)' '; /** @hide */ + @UnsupportedAppUsage public static final int PROC_TAB_TERM = (int)'\t'; /** @hide */ public static final int PROC_NEWLINE_TERM = (int) '\n'; /** @hide */ + @UnsupportedAppUsage public static final int PROC_COMBINE = 0x100; /** @hide */ + @UnsupportedAppUsage public static final int PROC_PARENS = 0x200; /** @hide */ + @UnsupportedAppUsage public static final int PROC_QUOTES = 0x400; /** @hide */ public static final int PROC_CHAR = 0x800; /** @hide */ + @UnsupportedAppUsage public static final int PROC_OUT_STRING = 0x1000; /** @hide */ + @UnsupportedAppUsage public static final int PROC_OUT_LONG = 0x2000; /** @hide */ + @UnsupportedAppUsage public static final int PROC_OUT_FLOAT = 0x4000; /** @@ -1058,14 +1085,17 @@ public class Process { * @param outFloats the parsed {@code float}s from the file * @hide */ + @UnsupportedAppUsage public static final native boolean readProcFile(String file, int[] format, String[] outStrings, long[] outLongs, float[] outFloats); /** @hide */ + @UnsupportedAppUsage public static final native boolean parseProcLine(byte[] buffer, int startIndex, int endIndex, int[] format, String[] outStrings, long[] outLongs, float[] outFloats); /** @hide */ + @UnsupportedAppUsage public static final native int[] getPidsForCommands(String[] cmds); /** @@ -1076,6 +1106,7 @@ public class Process { * or -1 if the value cannot be determined * @hide */ + @UnsupportedAppUsage public static final native long getPss(int pid); /** @hide */ -- cgit v1.2.3 From 9eee3f956e0943feae9fde0f2b3656e31b628f16 Mon Sep 17 00:00:00 2001 From: Peiyong Lin Date: Tue, 9 Apr 2019 17:16:20 -0700 Subject: [GraphicsEnvironment] Expose API to query whether an app should use game driver. Game Driver and ANGLE require to disable graphics driver preloading, which results in app launch time regression. Given that in early stage, only a few applications will use them, we would like to make sure Zygote prefork comes with a preloaded graphics driver, such that applications that don't go through ANGLE or Game Driver can directly use Zygote prefork without having to load the driver. BUG: 130029351 Test: Verify with testing applications. Change-Id: I8097f0f7a908be9967b08afb01dc0ce5ff7b3413 --- core/java/android/os/Process.java | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'core/java/android/os/Process.java') diff --git a/core/java/android/os/Process.java b/core/java/android/os/Process.java index a7ac7a1fd689..fb35db11027b 100644 --- a/core/java/android/os/Process.java +++ b/core/java/android/os/Process.java @@ -513,6 +513,7 @@ public class Process { * @param packageName null-ok the name of the package this process belongs to. * @param packagesForUid null-ok all the packages with the same uid as this process. * @param zygoteArgs Additional arguments to supply to the zygote process. + * @param useSystemGraphicsDriver whether the process uses system graphics driver. * * @return An object that describes the result of the attempt to start the process. * @throws RuntimeException on fatal start failure @@ -532,12 +533,13 @@ public class Process { @Nullable String packageName, @Nullable String[] packagesForUid, @Nullable String sandboxId, - @Nullable String[] zygoteArgs) { + @Nullable String[] zygoteArgs, + boolean useSystemGraphicsDriver) { return ZYGOTE_PROCESS.start(processClass, niceName, uid, gid, gids, runtimeFlags, mountExternal, targetSdkVersion, seInfo, abi, instructionSet, appDataDir, invokeWith, packageName, packagesForUid, sandboxId, /*useUnspecializedAppProcessPool=*/ true, - zygoteArgs); + zygoteArgs, useSystemGraphicsDriver); } /** @hide */ @@ -554,12 +556,13 @@ public class Process { @Nullable String packageName, @Nullable String[] packagesForUid, @Nullable String sandboxId, - @Nullable String[] zygoteArgs) { + @Nullable String[] zygoteArgs, + boolean useSystemGraphicsDriver) { return WebViewZygote.getProcess().start(processClass, niceName, uid, gid, gids, runtimeFlags, mountExternal, targetSdkVersion, seInfo, abi, instructionSet, appDataDir, invokeWith, packageName, packagesForUid, sandboxId, /*useUnspecializedAppProcessPool=*/ false, - zygoteArgs); + zygoteArgs, useSystemGraphicsDriver); } /** -- cgit v1.2.3 From 35fdbc570b4e905bcaa7892b70bd074894384cc5 Mon Sep 17 00:00:00 2001 From: Chris Wailes Date: Wed, 17 Apr 2019 17:55:48 -0700 Subject: Load the default graphics driver in USAPs. This patch causes unspecialized app processes to load the OpenGL driver after they are forked. The ZygoteProcess code will then take an application's driver preference into account when selecting how to launch it. Test: m & boot & launch & inspect traces for driver loading Bug: 130029351 Change-Id: If6fa02f9c387596162e75a685b04208b45a5c86b Merged-In: If6fa02f9c387596162e75a685b04208b45a5c86b (cherry picked from commit 301a1c46da930bb927bd86227c6e1d44c70c349d) --- core/java/android/os/Process.java | 74 ++++++++++++++++++++------------------- 1 file changed, 38 insertions(+), 36 deletions(-) (limited to 'core/java/android/os/Process.java') diff --git a/core/java/android/os/Process.java b/core/java/android/os/Process.java index fb35db11027b..b82b5ef3f0ba 100644 --- a/core/java/android/os/Process.java +++ b/core/java/android/os/Process.java @@ -512,57 +512,59 @@ public class Process { * @param invokeWith null-ok the command to invoke with. * @param packageName null-ok the name of the package this process belongs to. * @param packagesForUid null-ok all the packages with the same uid as this process. - * @param zygoteArgs Additional arguments to supply to the zygote process. * @param useSystemGraphicsDriver whether the process uses system graphics driver. - * + * + * @param zygoteArgs Additional arguments to supply to the zygote process. * @return An object that describes the result of the attempt to start the process. * @throws RuntimeException on fatal start failure * * {@hide} */ - public static final ProcessStartResult start(@NonNull final String processClass, - @Nullable final String niceName, - int uid, int gid, @Nullable int[] gids, - int runtimeFlags, int mountExternal, - int targetSdkVersion, - @Nullable String seInfo, - @NonNull String abi, - @Nullable String instructionSet, - @Nullable String appDataDir, - @Nullable String invokeWith, - @Nullable String packageName, - @Nullable String[] packagesForUid, - @Nullable String sandboxId, - @Nullable String[] zygoteArgs, - boolean useSystemGraphicsDriver) { + public static ProcessStartResult start(@NonNull final String processClass, + @Nullable final String niceName, + int uid, int gid, @Nullable int[] gids, + int runtimeFlags, + int mountExternal, + int targetSdkVersion, + @Nullable String seInfo, + @NonNull String abi, + @Nullable String instructionSet, + @Nullable String appDataDir, + @Nullable String invokeWith, + @Nullable String packageName, + @Nullable String[] packagesForUid, + @Nullable String sandboxId, + boolean useSystemGraphicsDriver, + @Nullable String[] zygoteArgs) { return ZYGOTE_PROCESS.start(processClass, niceName, uid, gid, gids, runtimeFlags, mountExternal, targetSdkVersion, seInfo, abi, instructionSet, appDataDir, invokeWith, packageName, - packagesForUid, sandboxId, /*useUnspecializedAppProcessPool=*/ true, - zygoteArgs, useSystemGraphicsDriver); + packagesForUid, sandboxId, /*useUsapPool=*/ true, + useSystemGraphicsDriver, zygoteArgs); } /** @hide */ - public static final ProcessStartResult startWebView(@NonNull final String processClass, - @Nullable final String niceName, - int uid, int gid, @Nullable int[] gids, - int runtimeFlags, int mountExternal, - int targetSdkVersion, - @Nullable String seInfo, - @NonNull String abi, - @Nullable String instructionSet, - @Nullable String appDataDir, - @Nullable String invokeWith, - @Nullable String packageName, - @Nullable String[] packagesForUid, - @Nullable String sandboxId, - @Nullable String[] zygoteArgs, - boolean useSystemGraphicsDriver) { + public static ProcessStartResult startWebView(@NonNull final String processClass, + @Nullable final String niceName, + int uid, int gid, @Nullable int[] gids, + int runtimeFlags, + int mountExternal, + int targetSdkVersion, + @Nullable String seInfo, + @NonNull String abi, + @Nullable String instructionSet, + @Nullable String appDataDir, + @Nullable String invokeWith, + @Nullable String packageName, + @Nullable String[] packagesForUid, + @Nullable String sandboxId, + boolean useSystemGraphicsDriver, + @Nullable String[] zygoteArgs) { return WebViewZygote.getProcess().start(processClass, niceName, uid, gid, gids, runtimeFlags, mountExternal, targetSdkVersion, seInfo, abi, instructionSet, appDataDir, invokeWith, packageName, - packagesForUid, sandboxId, /*useUnspecializedAppProcessPool=*/ false, - zygoteArgs, useSystemGraphicsDriver); + packagesForUid, sandboxId, /*useUsapPool=*/ false, + useSystemGraphicsDriver, zygoteArgs); } /** -- cgit v1.2.3 From 64501e5126701200de3be5152d1b924440474403 Mon Sep 17 00:00:00 2001 From: Sudheer Shanka Date: Mon, 29 Apr 2019 10:46:26 -0700 Subject: Remove storage sandboxes related code. Bug: 131115422 Test: manual Test: atest --test-mapping packages/providers/MediaProvider Test: atest cts/hostsidetests/appsecurity/src/android/appsecurity/cts/ExternalStorageHostTest.java Test: atest DownloadProviderTests Test: atest cts/tests/app/src/android/app/cts/DownloadManagerTest.java Test: atest cts/tests/app/DownloadManagerLegacyTest/src/android/app/cts/DownloadManagerLegacyTest.java Test: atest cts/tests/app/DownloadManagerApi28Test/src/android/app/cts/DownloadManagerApi28Test.java Change-Id: Ib8a10d3a9097c1dc4132a71782d622e9e3c3747d Merged-In: Ib8a10d3a9097c1dc4132a71782d622e9e3c3747d --- core/java/android/os/Process.java | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) (limited to 'core/java/android/os/Process.java') diff --git a/core/java/android/os/Process.java b/core/java/android/os/Process.java index b82b5ef3f0ba..e50ab6cfc017 100644 --- a/core/java/android/os/Process.java +++ b/core/java/android/os/Process.java @@ -511,7 +511,6 @@ public class Process { * @param appDataDir null-ok the data directory of the app. * @param invokeWith null-ok the command to invoke with. * @param packageName null-ok the name of the package this process belongs to. - * @param packagesForUid null-ok all the packages with the same uid as this process. * @param useSystemGraphicsDriver whether the process uses system graphics driver. * * @param zygoteArgs Additional arguments to supply to the zygote process. @@ -532,14 +531,12 @@ public class Process { @Nullable String appDataDir, @Nullable String invokeWith, @Nullable String packageName, - @Nullable String[] packagesForUid, - @Nullable String sandboxId, boolean useSystemGraphicsDriver, @Nullable String[] zygoteArgs) { return ZYGOTE_PROCESS.start(processClass, niceName, uid, gid, gids, runtimeFlags, mountExternal, targetSdkVersion, seInfo, abi, instructionSet, appDataDir, invokeWith, packageName, - packagesForUid, sandboxId, /*useUsapPool=*/ true, + /*useUsapPool=*/ true, useSystemGraphicsDriver, zygoteArgs); } @@ -556,14 +553,12 @@ public class Process { @Nullable String appDataDir, @Nullable String invokeWith, @Nullable String packageName, - @Nullable String[] packagesForUid, - @Nullable String sandboxId, boolean useSystemGraphicsDriver, @Nullable String[] zygoteArgs) { return WebViewZygote.getProcess().start(processClass, niceName, uid, gid, gids, runtimeFlags, mountExternal, targetSdkVersion, seInfo, abi, instructionSet, appDataDir, invokeWith, packageName, - packagesForUid, sandboxId, /*useUsapPool=*/ false, + /*useUsapPool=*/ false, useSystemGraphicsDriver, zygoteArgs); } -- cgit v1.2.3 From bed1976f858d369b1ea9086c8c7e77573308c90c Mon Sep 17 00:00:00 2001 From: Chris Wailes Date: Fri, 7 Jun 2019 16:49:46 -0700 Subject: Removes unused code from the SystemServer/Zygote classes. This patch partially reversts ag/6991475 and ag/7161709. These changes are no longer needed due to a change in the graphics driver strategy for Q. In addition, the preloading of the graphics driver in the USAPs need to be removed to avoid causing a memory regression on devices with graphics driver preloading in the Zygote disabled. Bug: 134526352 Test: Treehugger Change-Id: I570037866d1ae90794c711622e6045ebbffa5b9c Merged-In: I570037866d1ae90794c711622e6045ebbffa5b9c (cherry picked from commit fcd68fd74b6d2704fc39074f1e177b0c0defc43c) --- core/java/android/os/Process.java | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) (limited to 'core/java/android/os/Process.java') diff --git a/core/java/android/os/Process.java b/core/java/android/os/Process.java index e50ab6cfc017..74c89d6898e5 100644 --- a/core/java/android/os/Process.java +++ b/core/java/android/os/Process.java @@ -511,7 +511,6 @@ public class Process { * @param appDataDir null-ok the data directory of the app. * @param invokeWith null-ok the command to invoke with. * @param packageName null-ok the name of the package this process belongs to. - * @param useSystemGraphicsDriver whether the process uses system graphics driver. * * @param zygoteArgs Additional arguments to supply to the zygote process. * @return An object that describes the result of the attempt to start the process. @@ -531,13 +530,11 @@ public class Process { @Nullable String appDataDir, @Nullable String invokeWith, @Nullable String packageName, - boolean useSystemGraphicsDriver, @Nullable String[] zygoteArgs) { return ZYGOTE_PROCESS.start(processClass, niceName, uid, gid, gids, runtimeFlags, mountExternal, targetSdkVersion, seInfo, abi, instructionSet, appDataDir, invokeWith, packageName, - /*useUsapPool=*/ true, - useSystemGraphicsDriver, zygoteArgs); + /*useUsapPool=*/ true, zygoteArgs); } /** @hide */ @@ -553,13 +550,11 @@ public class Process { @Nullable String appDataDir, @Nullable String invokeWith, @Nullable String packageName, - boolean useSystemGraphicsDriver, @Nullable String[] zygoteArgs) { return WebViewZygote.getProcess().start(processClass, niceName, uid, gid, gids, runtimeFlags, mountExternal, targetSdkVersion, seInfo, abi, instructionSet, appDataDir, invokeWith, packageName, - /*useUsapPool=*/ false, - useSystemGraphicsDriver, zygoteArgs); + /*useUsapPool=*/ false, zygoteArgs); } /** -- cgit v1.2.3