In the 3.10 kernel, dtb-y is not defined in Makefile.boot anymore
but in dts/Makefile, so it needs to be included too.
Change-Id: I6d6fccf933709bcb6220ce8f12b4b9e2a7c40d63
Signed-off-by: Benoit Goby <benoit@android.com>
Move the poison pointer offset to 0xdead000000000000, a
recognized value that is not mappable by user-space exploits.
Change-Id: I558441a26a7c8390aa087f32c4cbe980de8c8ce3
Signed-off-by: Thierry Strudel <tstrudel@google.com>
Signed-off-by: Jeff Vander Stoep <jeffv@google.com>
The aarch64-linux-android- toolchain enables -fpic by default. -fpic
isn't needed for the kernel and breaks CONFIG_JUMP_LABEL, so turn it
off.
Change-Id: I685da1dc60e4cf1e9abcfb56e03654675ac02a0c
Signed-off-by: Greg Hackmann <ghackmann@google.com>
A port of 8608d7c4418c75841c562a90cddd9beae5798a48 to ARM64. Both the
original code and this port are limited to dumping kernel addresses, so
don't bother if the registers are from a userspace process.
Change-Id: Idc76804c54efaaeb70311cbb500c54db6dac4525
Signed-off-by: Greg Hackmann <ghackmann@google.com>
pfn_valid() returns a false positive when the lower (64 - PAGE_SHIFT)
bits match a valid pfn but some of the upper bits are set. This caused
a kernel panic in kpageflags_read() when a userspace utility parsed
/proc/*/pagemap, neglected to discard the upper flag bits, and tried to
lseek()+read() from the corresponding offset in /proc/kpageflags.
A valid pfn will never have the upper PAGE_SHIFT bits set, so simply
check for this before passing the pfn to memblock_is_memory().
Change-Id: Ief5d8cd4dd93cbecd545a634a8d5885865cb5970
Signed-off-by: Greg Hackmann <ghackmann@google.com>
Bail out early if IRQs are disabled in do_page_fault or else
[14415.157266] BUG: sleeping function called from invalid context at arch/arm/mm/fault.c:301
Russell King's idea from
http://comments.gmane.org/gmane.linux.ports.arm.omap/59256
Signed-off-by: JP Abgrall <jpa@google.com>
At times, it is necessary for boards to provide some additional information
as part of panic logs. Provide information on the board hardware as part
of panic logs.
It is safer to print this information at the very end in case something
bad happens as part of the information retrieval itself.
To use this, set global mach_panic_string to an appropriate string in the
board file.
Change-Id: Id12cdda87b0cd2940dd01d52db97e6162f671b4d
Signed-off-by: Nishanth Menon <nm@ti.com>
If the console_lock was held while the system was rebooted, the messages
in the temporary logbuffer would not have propogated to all the console
drivers.
This force releases the console lock if it failed to be acquired.
Change-Id: I193dcf7b968be17966833e50b8b8bc70d5d9fe89
Signed-off-by: Dima Zavin <dima@android.com>
If CACHE_FLUSH_RANGE_LIMIT is defined, then the entire dcache will
be flushed if the requested range is larger than this limit.
Change-Id: I29277d645a9d6716b1952cf3b870c78496261dd0
Signed-off-by: Arve Hjønnevåg <arve@android.com>
Fix spinlock declaration and tty_insert/flip arguments.
If ARM DCC tty driver is enabled then we run into following build failure:
----------
CC drivers/char/dcc_tty.o
drivers/char/dcc_tty.c:29:36: error: ‘SPIN_LOCK_UNLOCKED’ undeclared here (not in a function)
drivers/char/dcc_tty.c: In function ‘dcc_poll_locked’:
drivers/char/dcc_tty.c:83:4: warning: passing argument 1 of ‘tty_insert_flip_string’ from incompatible pointer type [enabled by default]
In file included from drivers/char/dcc_tty.c:23:0:
include/linux/tty_flip.h:32:19: note: expected ‘struct tty_port *’ but argument is of type ‘struct tty_struct *’
drivers/char/dcc_tty.c:84:4: warning: passing argument 1 of ‘tty_flip_buffer_push’ from incompatible pointer type [enabled by default]
In file included from drivers/char/dcc_tty.c:23:0:
include/linux/tty_flip.h:13:13: note: expected ‘struct tty_port *’ but argument is of type ‘struct tty_struct *’
make[2]: *** [drivers/char/dcc_tty.o] Error 1
----------
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
This is extremely useful in diagnosing remote crashes, and is based heavily
on original work by <md@google.com>.
Signed-off-by: San Mehat <san@google.com>
Cc: Michael Davidson <md@google.com>
[ARM] process: Use uber-safe probe_kernel_address() to read mem when dumping.
This prevents the dump from taking pagefaults / external aborts.
Change-Id: I8df76e8638780f94fb1bd7ea4471e3f7b01df950
Signed-off-by: San Mehat <san@google.com>
Fix redundant "buffer->private_flags & ION_PRIV_FLAG_SHRINKER_FREE"
checks in if(!cached ...) condition block.
AOSP Change-Id: I98ee8902df0c80135dddfa998c4ca4c2bb44e40e,
"ion: Handle the memory mapping correctly on x86", is broken
on android-3.18+ kernels. It conflicts with upstream commit
53a91c68fa, "staging: ion: Add private buffer flag to skip
page pooling on free", and break the ION_PRIV_FLAG_SHRINKER_FREE
private flag check logic.
Change-Id: I9cee4bcc3545cf92e07c21c2b42d27cf88da3316
Reported-by: chenfeng <puck.chen@hisilicon.com>
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
ION_POOL_CACHE_POLICY uses x86 specific commands.
Only allow it to be used for x86.
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Change-Id: Ic66e175fa41486b0b5f77872f2193add77cbe66f
(cherry picked from commit 43f4056cbec017c4414d74b032e9c14e009eabb0)
This patch modifies the ion page pool code to address
limitation in x86 PAT. When one physical page is mapped
to multiple virtual pages, the same cache policy
should be used. Add set_memory_wc/uc call to avoid aliases.
If not, all mappings will be cached(write back).
Change-Id: I98ee8902df0c80135dddfa998c4ca4c2bb44e40e
Signed-off-by: Zhebin Jin <zhebin.jin@intel.com>
Signed-off-by: Vinil Cheeramvelil <vinil.cheeramvelil@intel.com>
Commit "SELinux: Enable setting security contexts on rootfs inodes."
cherry-picked in experimental/android-4.1 used a now obsolete flag
SE_SBLABELSUPP. Rename it to SBLABEL_MNT as intended by upstream
commit 12f348b9dc "SELinux: rename SE_SBLABELSUPP to SBLABEL_MNT",
otherwise we run into following build error:
CC security/selinux/hooks.o
security/selinux/hooks.c: In function ‘sb_finish_set_opts’:
security/selinux/hooks.c:459:19: error: ‘SE_SBLABELSUPP’ undeclared (first use in this function)
sbsec->flags |= SE_SBLABELSUPP;
^
security/selinux/hooks.c:459:19: note: each undeclared identifier is reported only once for each function it appears in
make[2]: *** [security/selinux/hooks.o] Error 1
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
NOT intended for new Android devices - this commit is unnecessary
for a target device that does not have a previous M variant.
DO NOT upstream. Android only.
Motivation:
This commit mitigates a mismatch between selinux kernel and
selinux userspace. The selinux ioctl white-listing binary policy
format that was accepted into Android M differs slightly from what
was later accepted into the upstream kernel. This leaves Android
master branch kernels incompatible with Android M releases. This
patch restores backwards compatibility. This is important because:
1. kernels may be updated on a different cycle than the rest of the
OS e.g. security patching.
2. Android M bringup may still be ongoing for some devices. The
same kernel should work for both M and master.
Backwards compatibility is achieved by checking for an Android M
policy characteristic during initial policy read and converting to
upstream policy format. The inverse conversion is done for policy
write as required for CTS testing.
Bug: 22846070
Change-Id: I2f1ee2eee402f37cf3c9df9f9e03c1b9ddec1929
Signed-off-by: Jeff Vander Stoep <jeffv@google.com>
rootfs (ramfs) can support setting of security contexts
by userspace due to the vfs fallback behavior of calling
the security module to set the in-core inode state
for security.* attributes when the filesystem does not
provide an xattr handler. No xattr handler required
as the inodes are pinned in memory and have no backing
store.
This is useful in allowing early userspace to label individual
files within a rootfs while still providing a policy-defined
default via genfs.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Paul Moore <pmoore@redhat.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Commit b641072 ("security: Add AID_NET_RAW and AID_NET_ADMIN capability
check in cap_capable().") introduces additional checks for AID_NET_xxx
macros. Since the header file including those macros are conditionally
included, the checks should also be conditionally executed.
Change-Id: Iaec5208d5b95a46b1ac3f2db8449c661e803fa5b
Signed-off-by: Tushar Behera <tushar.behera@linaro.org>
Signed-off-by: Andrey Konovalov <andrey.konovalov@linaro.org>
AOSP's cpufreq_stats patch to report power/current
per cpufreq is broken at the moment so skip power
reporting for now.
Change-Id: I07779511f51ff3a9303dc98a3b71ac0a5882a4e9
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
Checking if the uid_entry->uid matches the uid intended to be removed will
prevent deleting unwanted uid_entry.
Type cast the key for the hashtable to the same size, as when they were
inserted. This will make sure that we can find the uid_entry we want.
Bug: 25195548
Change-Id: I567942123cfb20e4b61ad624da19ec4cc84642c1
Signed-off: Ruchi kandoi <kandoiruchi@google.com>
Converting cputime_t to usec caused overflow when the value is greater
than 1 hour. Use msec and convert to unsigned long long to support bigger
range.
Bug: 22461683
Change-Id: I853fe3e8e7dbf0d3e2cc5c6f9688a5a6e1f1fb3e
Signed-off-by: Jin Qian <jinqian@google.com>
This avoids the race where a particular process is terminating and we
read the show_uid_stats. At this time since the task_struct still exists
and we will account for the terminating process as one of the active
task, where as the stats would have been added in the task exit
callback.
Bug: 22064385
Change-Id: Id2ae04b33fcd230eda9683a41b6019d4dd8f5d85
Signed-off-by: Jin Qian <jinqian@google.com>
Signed-off-by: Ruchi Kandoi <kandoiruchi@google.com>
/proc/uid_cputime/show_uid_stats shows a third field power for each of
the uids. It represents the power in the units (uAusec)
Change-Id: I52fdc5e59647e9dc97561a26d56f462a2689ba9c
Signed-off-by: Ruchi Kandoi <kandoiruchi@google.com>
Create uids from kuids using from_kuid_munged(),
otherwise we run into following build error and warnings:
--------------------
CC drivers/misc/uid_cputime.o
drivers/misc/uid_cputime.c: In function ‘uid_stat_show’:
drivers/misc/uid_cputime.c:90:36: error: incompatible type for argument 1 of ‘find_or_register_uid’
drivers/misc/uid_cputime.c:54:26: note: expected ‘uid_t’ but argument is of type ‘kuid_t’
drivers/misc/uid_cputime.c:94:4: warning: format ‘%d’ expects argument of type ‘int’, but argument 3 has type ‘kuid_t’ [-Wformat]
drivers/misc/uid_cputime.c: In function ‘process_notifier’:
drivers/misc/uid_cputime.c:194:6: error: incompatible types when assigning to type ‘uid_t’ from type ‘kuid_t’
make[2]: *** [drivers/misc/uid_cputime.o] Error 1
--------------------
Change-Id: Ifecb98001f7fe2fac74d1ef3e1abd03d43fc9059
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
(cherry picked from commit b0f4decae627cf2d74e6f72c7ecb939c77d48625)
Adds proc files /proc/uid_cputime/show_uid_stat and
/proc/uid_cputime/remove_uid_range.
show_uid_stat lists the total utime and stime for the active as well as
terminated processes for each of the uids.
Writing a range of uids to remove_uid_range will delete the accounting
for all the uids within that range.
Change-Id: I21d9210379da730b33ddc1a0ea663c8c9d2ac15b
Make oom_adj and oom_score_adj user read-only.
Bug: 19636629
Change-Id: I055bb172d5b4d3d856e25918f3c5de8edf31e4a3
Signed-off-by: Rom Lemarchand <romlem@google.com>
PR_SET_TIMERSLACK_PID value keep colliding with that of
newer prctls in mainline (e.g. first with PR_SET_THP_DISABLE,
and again with PR_MPX_ENABLE_MANAGEMENT).
So reset PR_SET_TIMERSLACK_PID to a large number so as to
avoid conflict in the near term while it is out of mainline
tree.
Corresponding Change-Id up for review in platform/system/core
is Icd8c658c8eb62136dc26c2c4c94f7782e9827cdb
Change-Id: I061b25473acc020c13ee22ecfb32336bc358e76a
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
Make PR_SET_TIMERSLACK_PID consider pid namespace and resolve the
target pid in the caller's namespace. Otherwise, calls from pid
namespace other than init would fail or affect the wrong task.
Change-Id: I1da15196abc4096536713ce03714e99d2e63820a
Signed-off-by: Micha Kalfon <micha@cellrox.com>
Acked-by: Oren Laadan <orenl@cellrox.com>
The case clause for the PR_SET_TIMERSLACK_PID option was placed inside
the an internal switch statement for PR_MCE_KILL (see commits 37a591d4
and 8ae872f1) . This commit moves it to the right place.
Change-Id: I63251669d7e2f2aa843d1b0900e7df61518c3dea
Signed-off-by: Micha Kalfon <micha@cellrox.com>
Acked-by: Oren Laadan <orenl@cellrox.com>
Adds a capable() check to make sure that arbitary apps do not change the
timer slack for other apps.
Bug: 15000427
Change-Id: I558a2551a0e3579c7f7e7aae54b28aa9d982b209
Signed-off-by: Ruchi Kandoi <kandoiruchi@google.com>
Second argument is similar to PR_SET_TIMERSLACK, if non-zero then the
slack is set to that value otherwise sets it to the default for the thread.
Takes PID of the thread as the third argument.
This allows power/performance management software to set timer slack for
other threads according to its policy for the thread (such as when the
thread is designated foreground vs. background activity)
Change-Id: I744d451ff4e60dae69f38f53948ff36c51c14a3f
Signed-off-by: Ruchi Kandoi <kandoiruchi@google.com>
A spare array holding mem cgroup threshold events is kept around
to make sure we can always safely deregister an event and have an
array to store the new set of events in.
In the scenario where we're going from 1 to 0 registered events, the
pointer to the primary array containing 1 event is copied to the spare
slot, and then the spare slot is freed because no events are left.
However, it is freed before calling synchronize_rcu(), which means
readers may still be accessing threshold->primary after it is freed.
Fixed by only freeing after synchronize_rcu().
Signed-off-by: Martijn Coenen <maco@google.com>
Refactor *allow_attach() handler to align it with the changes
from mainline commit 1f7dd3e5a6 "cgroup: fix handling of
multi-destination migration from subtree_control enabling".
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
In 53b5e2f generic cgroup subsystem permission checks have been added.
When this is been done within procs_write an empty taskset is added to
the tasks css set. When a task later on migrates to a new group we see a
dmesg warning cause the mg_node isn't empty (cgroup.c:2086). Cause this
happens all the time this spams dmesg.
I am not really familiar with this code, but it looks to me like adding
the taskset is just a temporary action in this context. Therefore this
taskset should be removed after the actual check. This is what this fix
does.
This problem was seen and the fix tested on x86 using l-mr1 and master.
Change-Id: I9894d39e8b5692ef65149002b07e65a84a33ffea
Signed-off-by: Christian Poetzsch <christian.potzsch@imgtec.com>
- Return -EINVAL when cgroups support isn't enabled
- Add allow_attach callback in CPU cgroups
Change-Id: Id3360b4a39919524fc4b6fcbd44fa2050009f000
Signed-off-by: Rom Lemarchand <romlem@android.com>
Pass correct argument to subsys_cgroup_allow_attach(), which
expects 'struct cgroup_subsys_state *' argument but we pass
'struct cgroup *' instead which doesn't seem right.
This fixes following 'incompatible pointer type' compiler warning:
----------
CC mm/memcontrol.o
mm/memcontrol.c: In function ‘mem_cgroup_allow_attach’:
mm/memcontrol.c:5052:2: warning: passing argument 1 of ‘subsys_cgroup_allow_attach’ from incompatible pointer type [enabled by default]
In file included from include/linux/memcontrol.h:22:0,
from mm/memcontrol.c:29:
include/linux/cgroup.h:953:5: note: expected ‘struct cgroup_subsys_state *’ but argument is of type ‘struct cgroup *’
----------
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
Rather than using explicit euid == 0 checks when trying to move
tasks into a cgroup via CFS, move permission checks into each
specific cgroup subsystem. If a subsystem does not specify a
'allow_attach' handler, then we fall back to doing our checks
the old way.
Use the 'allow_attach' handler for the 'cpu' cgroup to allow
non-root processes to add arbitrary processes to a 'cpu' cgroup
if it has the CAP_SYS_NICE capability set.
This version of the patch adds a 'allow_attach' handler instead
of reusing the 'can_attach' handler. If the 'can_attach' handler
is reused, a new cgroup that implements 'can_attach' but not
the permission checks could end up with no permission checks
at all.
Change-Id: Icfa950aa9321d1ceba362061d32dc7dfa2c64f0c
Original-Author: San Mehat <san@google.com>
Signed-off-by: Colin Cross <ccross@android.com>
Use the 'allow_attach' handler for the 'mem' cgroup to allow
non-root processes to add arbitrary processes to a 'mem' cgroup
if it has the CAP_SYS_NICE capability set.
Bug: 18260435
Change-Id: If7d37bf90c1544024c4db53351adba6a64966250
Signed-off-by: Rom Lemarchand <romlem@android.com>
move cpu_cgroup_allow_attach to a common subsys_cgroup_allow_attach.
This allows any process with CAP_SYS_NICE to move tasks across cgroups if
they use this function as their allow_attach handler.
Bug: 18260435
Change-Id: I6bb4933d07e889d0dc39e33b4e71320c34a2c90f
Signed-off-by: Rom Lemarchand <romlem@android.com>
