OSDN Git Service
Jeff Vander Stoep [Sun, 29 May 2016 21:22:32 +0000 (14:22 -0700)]
ANDROID: security,perf: Allow further restriction of perf_event_open
When kernel.perf_event_open is set to 3 (or greater), disallow all
access to performance events by users without CAP_SYS_ADMIN.
Add a Kconfig symbol CONFIG_SECURITY_PERF_EVENTS_RESTRICT that
makes this value the default.
This is based on a similar feature in grsecurity
(CONFIG_GRKERNSEC_PERF_HARDEN). This version doesn't include making
the variable read-only. It also allows enabling further restriction
at run-time regardless of whether the default is changed.
https://lkml.org/lkml/2016/1/11/587
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Bug:
29054680
Change-Id: Iff5bff4fc1042e85866df9faa01bce8d04335ab8
Mark Salyzyn [Wed, 30 Dec 2015 17:26:15 +0000 (09:26 -0800)]
ANDROID: rtc-palmas: correct for bcd year
Replace bcd2bin and bin2bcd with one that maps years 1970 to 2129
in a pattern that works with the underlying hardware.
The only transition that does not work correctly for this rtc clock
is the transition from 2099 to 2100, it proceeds to 2000. The rtc
clock retains and transitions the year correctly in all other
circumstances.
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug:
26346842
Change-Id: Ie527700190b1ae4b4bc3c12279d875aa5985b168
yangdongdong [Sat, 8 Aug 2015 03:59:59 +0000 (11:59 +0800)]
ANDROID: power: wakeup: align wakeup_sources format
This aligns every column of elements in wakeup_sources to
conveniently check any specific column for suspicious power
consumption wakeup source or for other easily human readable purpose.
Change-Id: Iac8b0538170fcc0cca9f6857c15d9a4c62c8865e
Signed-off-by: yangdongdong <yangdongdong@xiaomi.com>
Ruchi Kandoi [Tue, 10 Nov 2015 18:53:55 +0000 (10:53 -0800)]
ANDROID: power: wakeup: Add the guard condition for len in pm_get_active_wakeup_sources
Check if the len is not greater than maximum to prevent buffer overflow.
Signed-off-by: Ruchi Kandoi <kandoiruchi@google.com>
Change-Id: I575b0a72bb5448b68353408d71fa8b83420c9088
Ruchi Kandoi [Wed, 8 Apr 2015 22:42:29 +0000 (15:42 -0700)]
ANDROID: power: wakeup: Add last wake up source logging for suspend abort reason.
There is a possibility that a wakeup source event is received after
the device prepares to suspend which might cause the suspend to abort.
This patch adds the functionality of reporting the last active wakeup
source which is currently not active but caused the suspend to abort reason
via the /sys/kernel/power/last_wakeup_reason file.
Change-Id: I1760d462f497b33e425f5565cb6cff5973932ec3
Signed-off-by: Ruchi Kandoi <kandoiruchi@google.com>
Amit Pundir [Mon, 13 Apr 2015 21:08:20 +0000 (02:38 +0530)]
ANDROID: power: wakeup_reason: fix suspend time reporting
Suspend time reporting Change-Id: I2cb9a9408a5fd12166aaec11b935a0fd6a408c63
(Power: Report suspend times from last_suspend_time), is broken on 3.16+
kernels because get_xtime_and_monotonic_and_sleep_offset() hrtimer helper
routine is removed from kernel timekeeping.
The replacement helper routines ktime_get_update_offsets_{tick,now}()
are private to core kernel timekeeping so we can't use them, hence using
ktime_get() and ktime_get_boottime() instead and sampling the time twice.
Idea is to use Monotonic boottime offset to calculate total time spent
in last suspend state and CLOCK_MONOTONIC to calculate time spent in
last suspend-resume process.
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
jinqian [Wed, 25 Mar 2015 23:18:44 +0000 (16:18 -0700)]
ANDROID: power: wakeup_reason: Report suspend times from last_suspend_time
This node epxorts two values separated by space.
From left to right:
1. time spent in suspend/resume process
2. time spent sleep in suspend state
Change-Id: I2cb9a9408a5fd12166aaec11b935a0fd6a408c63
Dmitry Shmidt [Fri, 31 Oct 2014 23:05:46 +0000 (16:05 -0700)]
ANDROID: power: wakeup_reason: Add check_wakeup_reason() to verify wakeup source irq
Wakeup reason is set before driver resume handlers are called.
It is cleared before driver suspend handlers are called, on
PM_SUSPEND_PREPARE.
Change-Id: I04218c9b0c115a7877e8029c73e6679ff82e0aa4
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Ruchi Kandoi [Wed, 29 Oct 2014 17:36:27 +0000 (10:36 -0700)]
ANDROID: power: wakeup_reason: Adds functionality to log the last suspend abort reason.
Extends the last_resume_reason to log suspend abort reason. The abort
reasons will have "Abort:" appended at the start to distinguish itself
from the resume reason.
Signed-off-by: Ruchi Kandoi <kandoiruchi@google.com>
Change-Id: I3207f1844e3d87c706dfc298fb10e1c648814c5f
[AmitP: Folded following android-4.9 changes into this patch
00a83e61b4fc ("ANDROID: Make suspend abort reason logging depend on CONFIG_PM_SLEEP")
9d17e24b036e ("ANDROID: wakeup_reason: use vsnprintf instead of snsprintf for vargs.")
7961972600ba ("ANDROID: power: Provide dummy log_suspend_abort_reason() if SUSPEND is disabled")]
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
Ruchi Kandoi [Wed, 15 Oct 2014 00:43:21 +0000 (17:43 -0700)]
ANDROID: power: wakeup_reason: Avoids bogus error messages for the suspend aborts.
Avoids printing bogus error message "tasks refusing to freeze", in cases
where pending wakeup source caused the suspend abort.
Signed-off-by: Ruchi Kandoi <kandoiruchi@google.com>
Change-Id: I913ad290f501b31cd536d039834c8d24c6f16928
Ruchi Kandoi [Fri, 7 Mar 2014 20:54:30 +0000 (12:54 -0800)]
ANDROID: power: wakeup_reason: Add guard condition for maximum wakeup reasons
Ensure the array for the wakeup reason IRQs does not overflow.
Change-Id: Iddc57a3aeb1888f39d4e7b004164611803a4d37c
Signed-off-by: Ruchi Kandoi <kandoiruchi@google.com>
(cherry picked from commit
b5ea40cdfcf38296535f931a7e5e7bf47b6fad7f)
Ruchi Kandoi [Wed, 19 Feb 2014 23:30:47 +0000 (15:30 -0800)]
ANDROID: power: wakeup_reason: add an API to log wakeup reasons
Add API log_wakeup_reason() and expose it to userspace via sysfs path
/sys/kernel/wakeup_reasons/last_resume_reason
Change-Id: I81addaf420f1338255c5d0638b0d244a99d777d1
Signed-off-by: Ruchi Kandoi <kandoiruchi@google.com>
[AmitP: Folded following android-4.9 commit changes into this patch
1135122a192a ("ANDROID: POWER: fix compile warnings in log_wakeup_reason")
b4e6247778b0 ("ANDROID: Power: Changes the permission to read only for sysfs file /sys/kernel/wakeup_reasons/last_resume_reason")
e13dbc7c69cd ("ANDROID: power: wakeup_reason: rename irq_count to irqcount")]
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
Todd Poynor [Thu, 12 Dec 2013 23:59:09 +0000 (15:59 -0800)]
ANDROID: power: power_supply: Add property CHARGE_COUNTER_EXT and 64-bit precision properties
Add POWER_SUPPLY_PROP_CHARGE_COUNTER_EXT that stores accumulated charge
in nAh units as a signed 64-bit value.
Add generic support for signed 64-bit property values.
Change-Id: I2bd34b1e95ffba24e7bfef81f398f22bd2aaf05e
Signed-off-by: Todd Poynor <toddpoynor@google.com>
Todd Poynor [Wed, 18 Jul 2012 23:28:50 +0000 (16:28 -0700)]
ANDROID: power: power_supply: add POWER_SUPPLY_PROP_CHARGE_ENABLED
Change-Id: I3e93b502452811cbfc4d904202b4f1d94edc143d
Signed-off-by: Todd Poynor <toddpoynor@google.com>
Todd Poynor [Fri, 13 Jul 2012 20:30:04 +0000 (13:30 -0700)]
ANDROID: power: power_supply: add POWER_SUPPLY_PROP_USB_OTG
Change-Id: Idfc6ef2e37d62aad6f26cc8eafa53db642cd352b
Signed-off-by: Todd Poynor <toddpoynor@google.com>
Todd Poynor [Tue, 3 Jul 2012 22:41:20 +0000 (15:41 -0700)]
ANDROID: power: power_supply: Add custom property for USB High Current mode
For smb347.
Change-Id: I3323469072e1ee5085d61af8a89612b06b91f94a
Signed-off-by: Todd Poynor <toddpoynor@google.com>
[AmitP: Folded following android-4.9 commit changes into this patch
af4f6ce7f57b ("ANDROID: power: power_supply: move POWER_SUPPLY_PROP_USB_HC to type 'int' order")]
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
Colin Cross [Thu, 3 Apr 2014 01:02:15 +0000 (18:02 -0700)]
ANDROID: arm64: copy CONFIG_CMDLINE_EXTEND from ARM
Copy the config choice for CONFIG_CMDLINE_EXTEND from
arch/arm/Kconfig, including CONFIG_CMDLINE_FROM_BOOTLOADER
as the default. These will be used by drivers/of/fdt.c.
Change-Id: I8416038498ddf8fc1e99ab06109825eb1492aa7f
Signed-off-by: Colin Cross <ccross@android.com>
Doug Anderson [Fri, 3 Feb 2012 06:58:28 +0000 (22:58 -0800)]
ANDROID: of: Support CONFIG_CMDLINE_EXTEND config option
The old logic assumes CMDLINE_FROM_BOOTLOADER vs. CMDLINE_FORCE and
ignores CMDLINE_EXTEND. Here's the old logic:
- CONFIG_CMDLINE_FORCE=true
CONFIG_CMDLINE
- dt bootargs=non-empty:
dt bootargs
- dt bootargs=empty, @data is non-empty string
@data is left unchanged
- dt bootargs=empty, @data is empty string
CONFIG_CMDLINE (or "" if that's not defined)
The new logic is now documented in of_fdt.h and is copied here for
reference:
- CONFIG_CMDLINE_FORCE=true
CONFIG_CMDLINE
- CONFIG_CMDLINE_EXTEND=true, @data is non-empty string
@data + dt bootargs (even if dt bootargs are empty)
- CONFIG_CMDLINE_EXTEND=true, @data is empty string
CONFIG_CMDLINE + dt bootargs (even if dt bootargs are empty)
- CMDLINE_FROM_BOOTLOADER=true, dt bootargs=non-empty:
dt bootargs
- CMDLINE_FROM_BOOTLOADER=true, dt bootargs=empty, @data is non-empty string
@data is left unchanged
- CMDLINE_FROM_BOOTLOADER=true, dt bootargs=empty, @data is empty string
CONFIG_CMDLINE (or "" if that's not defined)
Signed-off-by: Doug Anderson <dianders@chromium.org>
CC: devicetree-discuss@lists.ozlabs.org
CC: Grant Likely <grant.likely@secretlab.ca>
CC: Benjamin Herrenschmidt <benh@kernel.crashing.org>
CC: Rob Herring <rob.herring@calxeda.com>
Change-Id: I40ace250847f813358125dfcaa8998fd32cf7ea3
Signed-off-by: Colin Cross <ccross@android.com>
[AmitP: Folded following android-4.9 commit changes into this patch
e820270abb5d ("ANDROID: of: fix CONFIG_CMDLINE_EXTEND")
9a4a74055444 ("ANDROID: of: Fix build warnings")]
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
Suren Baghdasaryan [Thu, 17 Aug 2017 20:58:40 +0000 (13:58 -0700)]
ANDROID: NFC: st21nfca: Fix memory OOB and leak issues in connectivity events handler
Overflow on memcpy is possible in kernel driver for st21nfca's
NFC HCI layer when handling connectivity events if aid_len or
params_len are bigger than the buffer size.
Memory leak is possible when parameter tag is invalid.
Bug:
62679581
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Suren Baghdasaryan [Thu, 17 Aug 2017 22:50:54 +0000 (15:50 -0700)]
ANDROID: NFC: Fix possible memory corruption when handling SHDLC I-Frame commands
When handling SHDLC I-Frame commands "pipe" field used for indexing
into an array should be checked before usage. If left unchecked it
might access memory outside of the array of size NFC_HCI_MAX_PIPES(127).
Bug:
62679701
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Suren Baghdasaryan [Thu, 17 Aug 2017 23:30:47 +0000 (16:30 -0700)]
ANDROID: nfc: fdp: Fix possible buffer overflow in WCS4000 NFC driver
Possible buffer overflow when reading next_read_size bytes into
tmp buffer after next_read_size was extracted from a previous packet.
Bug:
62678828
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Suren Baghdasaryan [Thu, 17 Aug 2017 17:43:14 +0000 (10:43 -0700)]
ANDROID: NFC: st21nfca: Fix out of bounds kernel access when handling ATR_REQ
Out of bounds kernel accesses in st21nfca's NFC HCI layer
might happen when handling ATR_REQ events if user-specified
atr_req->length is bigger than the buffer size. In
that case memcpy() inside st21nfca_tm_send_atr_res() will
read extra bytes resulting in OOB read from the kernel heap.
Bug:
62679012
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Subash Abhinov Kasiviswanathan [Wed, 2 Nov 2016 17:56:40 +0000 (11:56 -0600)]
ANDROID: netfilter: xt_IDLETIMER: Use fullsock when querying uid
sock_i_uid() acquires the sk_callback_lock which does not exist for
sockets in TCP_NEW_SYN_RECV state. This results in errors showing up
as spinlock bad magic. Fix this by looking for the full sock as
suggested by Eric.
Callstack for reference -
-003|rwlock_bug
-004|arch_read_lock
-004|do_raw_read_lock
-005|raw_read_lock_bh
-006|sock_i_uid
-007|from_kuid_munged(inline)
-007|reset_timer
-008|idletimer_tg_target
-009|ipt_do_table
-010|iptable_mangle_hook
-011|nf_iterate
-012|nf_hook_slow
-013|NF_HOOK_COND(inline)
-013|ip_output
-014|ip_local_out
-015|ip_build_and_send_pkt
-016|tcp_v4_send_synack
-017|atomic_sub_return(inline)
-017|reqsk_put(inline)
-017|tcp_conn_request
-018|tcp_v4_conn_request
-019|tcp_rcv_state_process
-020|tcp_v4_do_rcv
-021|tcp_v4_rcv
-022|ip_local_deliver_finish
-023|NF_HOOK_THRESH(inline)
-023|NF_HOOK(inline)
-023|ip_local_deliver
-024|ip_rcv_finish
-025|NF_HOOK_THRESH(inline)
-025|NF_HOOK(inline)
-025|ip_rcv
-026|deliver_skb(inline)
-026|deliver_ptype_list_skb(inline)
-026|__netif_receive_skb_core
-027|__netif_receive_skb
-028|netif_receive_skb_internal
-029|netif_receive_skb
Change-Id: Ic8f3a3d2d7af31434d1163b03971994e2125d552
Signed-off-by: Subash Abhinov Kasiviswanathan <subashab@codeaurora.org>
Cc: Eric Dumazet <edumazet@google.com>
Subash Abhinov Kasiviswanathan [Fri, 11 Nov 2016 02:36:15 +0000 (19:36 -0700)]
ANDROID: netfilter: xt_IDLETIMER: Fix use after free condition during work
schedule_work(&timer->work) appears to be called after
cancel_work_sync(&info->timer->work) is completed.
Work can be scheduled from the PM_POST_SUSPEND notification event
even after cancel_work_sync is called.
Call stack
-004|notify_netlink_uevent(
| [X19] timer = 0xFFFFFFC0A5DFC780 -> (
| ...
| [NSD:0xFFFFFFC0A5DFC800] kobj = 0x6B6B6B6B6B6B6B6B,
| [NSD:0xFFFFFFC0A5DFC868] timeout = 0x6B6B6B6B,
| [NSD:0xFFFFFFC0A5DFC86C] refcnt = 0x6B6B6B6B,
| [NSD:0xFFFFFFC0A5DFC870] work_pending = 0x6B,
| [NSD:0xFFFFFFC0A5DFC871] send_nl_msg = 0x6B,
| [NSD:0xFFFFFFC0A5DFC872] active = 0x6B,
| [NSD:0xFFFFFFC0A5DFC874] uid = 0x6B6B6B6B,
| [NSD:0xFFFFFFC0A5DFC878] suspend_time_valid = 0x6B))
-005|idletimer_tg_work(
-006|__read_once_size(inline)
-006|static_key_count(inline)
-006|static_key_false(inline)
-006|trace_workqueue_execute_end(inline)
-006|process_one_work(
-007|worker_thread(
-008|kthread(
-009|ret_from_fork(asm)
---|end of frame
Force any pending idletimer_tg_work() to complete before freeing
the associated work struct and after unregistering to the pm_notifier
callback.
Change-Id: I4c5f0a1c142f7d698c092cf7bcafdb0f9fbaa9c1
Signed-off-by: Subash Abhinov Kasiviswanathan <subashab@codeaurora.org>
Ruchi Kandoi [Thu, 23 Apr 2015 19:09:09 +0000 (12:09 -0700)]
ANDROID: netfilter: xt_IDLETIMER: Adds the uid field in the msg
Message notifications contains an additional uid field. This field
represents the uid that was responsible for waking the radio. And hence
it is present only in notifications stating that the radio is now
active.
Change-Id: I18fc73eada512e370d7ab24fc9f890845037b729
Signed-off-by: Ruchi Kandoi <kandoiruchi@google.com>
Bug:
20264396
[AmitP: Folded following android-4.9 commit changes into this patch
22ea73dee036 ("nf: IDLETIMER: Fix broken uid field in the msg")]
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
Ruchi Kandoi [Tue, 25 Mar 2014 23:43:28 +0000 (16:43 -0700)]
ANDROID: netfilter: xt_IDLETIMER: time-stamp and suspend/resume handling.
Message notifications contains an additional timestamp field in nano seconds.
The expiry time for the timers are modified during suspend/resume.
If timer was supposed to expire while the system is suspended then a
notification is sent when it resumes with the timestamp of the scheduled expiry.
Removes the race condition for multiple work scheduled.
Bug:
13247811
Change-Id: I752c5b00225fe7085482819f975cc0eb5af89bff
Signed-off-by: Ruchi Kandoi <kandoiruchi@google.com>
[AmitP: Folded following android-4.9 commit changes into this patch
13e257eaa624 ("nf: Remove compilation error caused by
e8430cbed3ef15fdb1ac26cfd020e010aa5f1c35")]
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
JP Abgrall [Fri, 27 Apr 2012 06:28:35 +0000 (23:28 -0700)]
ANDROID: netfilter: xt_IDLETIMER: Add new netlink msg type
Send notifications when the label becomes active after an idle period.
Send netlink message notifications in addition to sysfs notifications.
Using a uevent with
subsystem=xt_idletimer
INTERFACE=...
STATE={active,inactive}
This is backport from common android-3.0
commit:
beb914e987cbbd368988d2b94a6661cb907c4d5a
with uevent support instead of a new netlink message type.
Change-Id: I31677ef00c94b5f82c8457e5bf9e5e584c23c523
Signed-off-by: Ashish Sharma <ashishsharma@google.com>
Signed-off-by: JP Abgrall <jpa@google.com>
Chenbo Feng [Fri, 21 Apr 2017 01:54:13 +0000 (18:54 -0700)]
ANDROID: netfilter: xt_qtaguid: Use sk_uid to replace uid get from socket file
Retrieve socket uid from the sk_uid field added to struct sk instead of
read it from sk->socket->file. It prevent the packet been dropped when
the socket file doesn't exist.
Bug:
37524657
Signed-off-by: Chenbo Feng <fengc@google.com>
Change-Id: Ic58239c1f9aa7e0eb1d4d1c09d40b845fd4e8e57
JP Abgrall [Sat, 21 Dec 2013 00:51:11 +0000 (16:51 -0800)]
ANDROID: netfilter: xt_qtaguid: fix handling for cases where tunnels are used.
* fix skb->dev vs par->in/out
When there is some forwarding going on, it introduces extra state
around devs associated with xt_action_param->in/out and sk_buff->dev.
E.g.
par->in and par->out are both set, or
skb->dev and par->out are both set (and different)
This would lead qtaguid to make the wrong assumption about the
direction and update the wrong device stats.
Now we rely more on par->in/out.
* Fix handling when qtaguid is used as "owner"
When qtaguid is used as an owner module, and sk_socket->file is
not there (happens when tunnels are involved), it would
incorrectly do a tag stats update.
* Correct debug messages.
Bug:
11687690
Change-Id: I2b1ff8bd7131969ce9e25f8291d83a6280b3ba7f
CRs-Fixed: 747810
Signed-off-by: JP Abgrall <jpa@google.com>
Git-commit:
2b71479d6f5fe8f33b335f713380f72037244395
Git-repo: https://www.codeaurora.org/cgit/quic/la/kernel/mediatek
[imaund@codeaurora.org: Resolved trivial context conflicts.]
Signed-off-by: Ian Maund <imaund@codeaurora.org>
[bflowers@codeaurora.org: Resolved merge conflicts]
Signed-off-by: Bryse Flowers <bflowers@codeaurora.org>
Signed-off-by: Chenbo Feng <fengc@google.com>
Simon Dubray [Tue, 1 Aug 2017 16:22:47 +0000 (18:22 +0200)]
ANDROID: netfilter: xt_qtaguid: handle properly request sockets
To match rules related to uid/gid for syn recv packets
we need to get the full socket from request_sock struct.
Bug:
63917742
Change-Id: I03acb2251319fd800d0e36a6dde30fc1fbb7d1b0
Signed-off-by: Simon Dubray <simonx.dubray@intel.com>
Chenbo Feng [Wed, 19 Apr 2017 21:22:47 +0000 (14:22 -0700)]
ANDROID: netfilter: xt_qtaguid: Add untag hacks to inet_release function
To prevent protential risk of memory leak caused by closing socket with
out untag it from qtaguid module, the qtaguid module now do not hold any
socket file reference count. Instead, it will increase the sk_refcnt of
the sk struct to prevent a reuse of the socket pointer. And when a socket
is released. It will delete the tag if the socket is previously tagged so
no more resources is held by xt_qtaguid moudle. A flag is added to the untag
process to prevent possible kernel crash caused by fail to delete
corresponding socket_tag_entry list.
Bug:
36374484
Test: compile and run test under system/extra/test/iptables,
run cts -m CtsNetTestCases -t android.net.cts.SocketRefCntTest
Signed-off-by: Chenbo Feng <fengc@google.com>
Change-Id: Iea7c3bf0c59b9774a5114af905b2405f6bc9ee52
Greg Hackmann [Mon, 24 Apr 2017 23:16:15 +0000 (16:16 -0700)]
ANDROID: netfilter: xt_qtaguid: don't check if embedded arrays are NULL
clang warns about four NULL pointer checks:
net/netfilter/xt_qtaguid.c:973:11: warning: address of array 'ifa->ifa_label' will always evaluate to 'true' [-Wpointer-bool-conversion]
net/netfilter/xt_qtaguid.c:974:13: warning: address of array 'ifa->ifa_label' will always evaluate to 'true' [-Wpointer-bool-conversion]
net/netfilter/xt_qtaguid.c:1212:31: warning: address of array 'el_dev->name' will always evaluate to 'true' [-Wpointer-bool-conversion]
net/netfilter/xt_qtaguid.c:1640:31: warning: address of array 'el_dev->name' will always evaluate to 'true' [-Wpointer-bool-conversion]
Both of these fields are embedded char[16] arrays rather than pointers,
so they can never be NULL.
Change-Id: I748ff6dd11569e5596a9d5cecdf9c334847e7307
Signed-off-by: Greg Hackmann <ghackmann@google.com>
Chenbo Feng [Thu, 23 Mar 2017 20:51:24 +0000 (13:51 -0700)]
ANDROID: netfilter: xt_qtaguid: fix the deadlock when enable DDEBUG
When DDEBUG is enabled, the prdebug_full_state() function will try to
recursively aquire the spinlock of sock_tag_list and causing deadlock. A
check statement is added before it aquire the spinlock to differentiate
the behavior depend on the caller of the function.
Bug:
36559739
Test: Compile and run test under system/extra/test/iptables/
Change-Id: Ie3397fbaa207e14fe214d47aaf5e8ca1f4a712ee
Signed-off-by: Chenbo Feng <fengc@google.com>
(cherry picked from commit
f0faedd6b468777f3bb5834f97100794d562c8b7)
Mohamad Ayyash [Wed, 11 May 2016 20:18:35 +0000 (13:18 -0700)]
ANDROID: netfilter: xt_qtaguid: Don't show empty tag stats for unprivileged uids
BUG:
27577101
BUG:
27532522
Change-Id: Ibee3c5d224f139b9312a40acb203e87aa7060797
Signed-off-by: Mohamad Ayyash <mkayyash@google.com>
John Stultz [Thu, 12 May 2016 18:17:52 +0000 (11:17 -0700)]
ANDROID: netfilter: xt_qtaguid: Fix panic caused by processing non-full socket.
In an issue very similar to
4e461c777e3 (xt_qtaguid: Fix panic
caused by synack processing), we were seeing panics on occasion
in testing.
In this case, it was the same issue, but caused by a different
call path, as the sk being returned from qtaguid_find_sk() was
not a full socket. Resulting in the sk->sk_socket deref to fail.
This patch adds an extra check to ensure the sk being retuned
is a full socket, and if not it returns NULL.
Reported-by: Milosz Wasilewski <milosz.wasilewski@linaro.org>
Signed-off-by: John Stultz <john.stultz@linaro.org>
John Stultz [Sat, 23 Apr 2016 00:12:57 +0000 (17:12 -0700)]
ANDROID: netfilter: xt_qtaguid: Fix panic caused by synack processing
In upstream commit
ca6fb06518836ef9b65dc0aac02ff97704d52a05
(tcp: attach SYNACK messages to request sockets instead of
listener)
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=
ca6fb0651883
The building of synack messages was changed, which made it so
the skb->sk points to a casted request_sock. This is problematic,
as there is no sk_socket in a request_sock. So when the qtaguid_mt
function tries to access the sk->sk_socket, it accesses uninitialized
memory.
After looking at how other netfilter implementations handle this,
I realized there was a skb_to_full_sk() helper added, which the
xt_qtaguid code isn't yet using.
This patch adds its use, and resovles panics seen when accessing
uninitialzed memory when processing synack packets.
Reported-by: YongQin Liu <yongquin.liu@linaro.org>
Signed-off-by: John Stultz <john.stultz@linaro.org>
liping.zhang [Mon, 11 Jan 2016 05:31:01 +0000 (13:31 +0800)]
ANDROID: netfilter: xt_qtaguid: fix a race condition in if_tag_stat_update
Miss a lock protection in if_tag_stat_update while doing get_iface_entry. So if
one CPU is doing iface_stat_create while another CPU is doing if_tag_stat_update,
race will happened.
Change-Id: Ib8d98e542f4e385685499f5b7bb7354f08654a75
Signed-off-by: Liping Zhang <liping.zhang@spreadtrum.com>
Amit Pundir [Mon, 6 Jul 2015 18:58:49 +0000 (00:28 +0530)]
ANDROID: netfilter: xt_qtaguid: xt_socket: build fixes
Add missing header <linux/miscdevice.h> and use
xt_socket_lookup_slow_v* instead of xt_socket_get*_sk
in xt_qtaguid.c.
Fix xt_socket_lookup_slow_v* functions in xt_socket.c
and declare them in xt_socket.h
Change-Id: I55819b2d4ffa82a2be20995c87d28fb5cc77b5ba
Signed-off-by: John Stultz <john.stultz@linaro.org>
[AmitP: Upstream commit
8db4c5be88f6 ("netfilter: move socket lookup
infrastructure to nf_socket_ipv{4,6}.c")] moved socket lookup
to nf_socket_ipv{4,6}.c, hence use nf_sk_lookup_slow_v[4|6]()
instead of obsolete xt_socket_lookup_slow_v[4|6]().
Also folded following android-4.9 commit changes into this patch
7de1bb86dc5a ("ANDROID: netfilter: xt_qtaguid/socket: build fixes for 4.4")
5b5ab94817f9 ("ANDROID: netfilter: xt_qtaguid: seq_printf fixes")]
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
Dmitry Torokhov [Thu, 3 Sep 2015 21:48:52 +0000 (14:48 -0700)]
ANDROID: netfilter: xt_socket/nf_socket: fix refcount underflow and crash
nf_socket_get_sock_v[4|6]() do not always increment sock refcount, which
causes confusion in xt_qtaguid module which is not aware of this fact
and drops the reference whether it should have or not. Fix it by
changing nf_socket_get_sock_v[4|6]() to always increment recount of returned
sock.
This should fix the following crash:
[ 111.319523] BUG: failure at
/mnt/host/source/src/third_party/kernel/v3.18/net/ipv4/inet_timewait_sock.c:90/__inet_twsk_kill()!
[ 111.331192] Kernel panic - not syncing: BUG!
[ 111.335468] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G U W
3.18.0-06867-g268df91 #1
[ 111.343810] Hardware name: Google Tegra210 Smaug Rev 1+ (DT)
[ 111.349463] Call trace:
[ 111.351917] [<
ffffffc000207288>] dump_backtrace+0x0/0x10c
[ 111.357314] [<
ffffffc0002073a4>] show_stack+0x10/0x1c
[ 111.362367] [<
ffffffc000a82d1c>] dump_stack+0x74/0x94
[ 111.367414] [<
ffffffc000a81824>] panic+0xec/0x238
[ 111.372116] [<
ffffffc000981648>] __inet_twsk_kill+0xd0/0xf8
[ 111.377684] [<
ffffffc0009817b0>] inet_twdr_do_twkill_work+0x64/0xd0
[ 111.383946] [<
ffffffc000981a5c>] inet_twdr_hangman+0x2c/0xa4
[ 111.389602] [<
ffffffc000271cf0>] call_timer_fn+0xac/0x160
[ 111.394995] [<
ffffffc00027250c>] run_timer_softirq+0x23c/0x274
[ 111.400824] [<
ffffffc000220a68>] __do_softirq+0x1a4/0x330
[ 111.406218] [<
ffffffc000220e94>] irq_exit+0x70/0xd0
[ 111.411093] [<
ffffffc000264e00>] __handle_domain_irq+0x84/0xa8
[ 111.416922] [<
ffffffc0002003ec>] gic_handle_irq+0x4c/0x80
b/
22476945
Originally reviewed at:
https://chromium-review.googlesource.com/#/c/297414/
Change-Id: I51fa94a9d92a84a0bd3b58466d711e46a6892a79
Signed-off-by: Dmitry Torokhov <dtor@google.com>
[jstultz: Cherry-picked and added missing local var definition]
Signed-off-by: John Stultz <john.stultz@linaro.org>
[AmitP: Refactored the original changes based on upstream commit,
8db4c5be88f6 ("netfilter: move socket lookup infrastructure to nf_socket_ipv{4,6}.c"),
changes. Also use refcount_inc instead of atomic_inc to align with
41c6d650f653 ("net: convert sock.sk_refcnt from atomic_t to refcount_t")]
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
Mohamad Ayyash [Wed, 14 Jan 2015 03:20:44 +0000 (19:20 -0800)]
ANDROID: netfilter: xt_qtaguid: Use sk_callback_lock read locks before reading sk->sk_socket
It prevents a kernel panic when accessing sk->sk_socket fields due to NULLing sk->sk_socket when sock_orphan is called through
sk_common_release.
Change-Id: I4aa46b4e2d8600e4d4ef8dcdd363aa4e6e5f8433
Signed-off-by: Mohamad Ayyash <mkayyash@google.com>
(cherry picked from commit
cdea0ebcb8bcfe57688f6cb692b49e550ebd9796)
Signed-off-by: John Stultz <john.stultz@linaro.org>
John Stultz [Fri, 28 Mar 2014 23:23:48 +0000 (16:23 -0700)]
ANDROID: netfilter: xt_qtaguid/xt_socket: Build fixups
Fix up build kuid/kguid build issues in netfilter code.
Also re-add the xt_socket_get/put_sk interfaces needed by xt_qtaguid.
Change-Id: I7027fb840e109785bddffe8ea717b8d018b26d82
Signed-off-by: John Stultz <john.stultz@linaro.org>
[AmitP: Folded following android-4.9 commit changes into this patch
da5ea99a74f2 ("ANDROID: netfilter: xt_qtaguid: fix seq_printf type mismatch warning")
070eff8f023c ("ANDROID: netfilter: xt_qtaguid: fix broken uid/gid range check")]
2879b6ec24ee ("ANDROID: xt_qtaguid: use sock_gen_put() instead of xt_socket_put_sk()")]
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
Jon Medhurst (Tixy) [Tue, 15 Apr 2014 04:20:49 +0000 (21:20 -0700)]
ANDROID: netfilter: xt_qtaguid: Fix boot panic
We need the change below because of mainline commit
351638e7de (net: pass
info struct via netdevice notifier). Otherwise we panic.
Change-Id: I7daf7513a733933fdcbaeebea7f8191f8b6a0432
Signed-off-by: John Stultz <john.stultz@linaro.org>
JP Abgrall [Thu, 21 Feb 2013 00:38:34 +0000 (16:38 -0800)]
ANDROID: netfilter: xt_qtaguid: fix bad tcp_time_wait sock handling
Since (
41063e9 ipv4: Early TCP socket demux), skb's can have an sk which
is not a struct sock but the smaller struct inet_timewait_sock without an
sk->sk_socket. Now we bypass sk_state == TCP_TIME_WAIT
Signed-off-by: JP Abgrall <jpa@google.com>
Arve Hjønnevåg [Tue, 14 May 2013 03:45:02 +0000 (20:45 -0700)]
ANDROID: netfilter: xt_qtaguid: 3.10 fixes
Stop using obsolete procfs api.
Signed-off-by: Arve Hjønnevåg <arve@android.com>
[AmitP: Folded following android-4.9 commit changes into this patch
564729173b12 ("netfilter: xt_qtaguid: fix memory leak in seq_file handlers")
85a2eb5b48fc ("ANDROID: netfilter: xt_qtaguid: 64-bit warning fixes")]
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
JP Abgrall [Mon, 8 Apr 2013 22:09:26 +0000 (15:09 -0700)]
ANDROID: netfilter: xt_qtaguid: rate limit some of the printks
Some of the printks are in the packet handling path.
We now ratelimit the very unlikely errors to avoid
kmsg spamming.
Signed-off-by: JP Abgrall <jpa@google.com>
JP Abgrall [Thu, 7 Feb 2013 01:40:07 +0000 (17:40 -0800)]
ANDROID: netfilter: xt_qtaguid: Allow tracking loopback
In the past it would always ignore interfaces with loopback addresses.
Now we just treat them like any other.
This also helps with writing tests that check for the presence
of the qtaguid module.
Signed-off-by: JP Abgrall <jpa@google.com>
JP Abgrall [Tue, 29 Jan 2013 00:50:44 +0000 (16:50 -0800)]
ANDROID: netfilter: xt_qtaguid: extend iface stat to report protocols
In the past the iface_stat_fmt would only show global bytes/packets
for the skb-based numbers.
For stall detection in userspace, distinguishing tcp vs other protocols
makes it easier.
Now we report
ifname total_skb_rx_bytes total_skb_rx_packets total_skb_tx_bytes
total_skb_tx_packets {rx,tx}_{tcp,udp,ohter}_{bytes,packets}
Bug:
6818637
Signed-off-by: JP Abgrall <jpa@google.com>
JP Abgrall [Sat, 5 Jan 2013 02:18:36 +0000 (18:18 -0800)]
ANDROID: netfilter: xt_qtaguid: remove AID_* dependency for access control
qtaguid limits what can be done with /ctrl and /stats based on group
membership.
This changes removes AID_NET_BW_STATS and AID_NET_BW_ACCT, and picks
up the groups from the gid of the matching proc entry files.
Signed-off-by: JP Abgrall <jpa@google.com>
Change-Id: I42e477adde78a12ed5eb58fbc0b277cdaadb6f94
Pontus Fuchs [Mon, 19 Nov 2012 19:44:51 +0000 (11:44 -0800)]
ANDROID: netfilter: xt_qtaguid: Don't BUG_ON if create_if_tag_stat fails
If create_if_tag_stat fails to allocate memory (GFP_ATOMIC) the
following will happen:
qtaguid: iface_stat: tag stat alloc failed
...
kernel BUG at xt_qtaguid.c:1482!
Signed-off-by: Pontus Fuchs <pontus.fuchs@gmail.com>
JP Abgrall [Wed, 10 Oct 2012 03:38:21 +0000 (20:38 -0700)]
ANDROID: netfilter: xt_qtaguid: fix error exit that would keep a spinlock.
qtudev_open() could return with a uid_tag_data_tree_lock held
when an kzalloc(..., GFP_ATOMIC) would fail.
Very unlikely to get triggered AND survive the mayhem of running out of mem.
Signed-off-by: JP Abgrall <jpa@google.com>
JP Abgrall [Tue, 28 Aug 2012 23:53:32 +0000 (16:53 -0700)]
ANDROID: netfilter: xt_qtaguid: report only uid tags to non-privileged processes
In the past, a process could only see its own stats (uid-based summary,
and details).
Now we allow any process to see other UIDs uid-based stats, but still
hide the detailed stats.
Change-Id: I7666961ed244ac1d9359c339b048799e5db9facc
Signed-off-by: JP Abgrall <jpa@google.com>
JP Abgrall [Fri, 27 Apr 2012 19:57:39 +0000 (12:57 -0700)]
ANDROID: netfilter: xt_qtaguid: start tracking iface rx/tx at low level
qtaguid tracks the device stats by monitoring when it goes up and down,
then it gets the dev_stats().
But devs don't correctly report stats (either they don't count headers
symmetrically between rx/tx, or they count internal control messages).
Now qtaguid counts the rx/tx bytes/packets during raw:prerouting and
mangle:postrouting (nat is not available in ipv6).
The results are in
/proc/net/xt_qtaguid/iface_stat_fmt
which outputs a format line (bash expansion):
ifname total_skb_{rx,tx}_{bytes,packets}
Added event counters for pre/post handling.
Added extra ctrl_*() pid/uid debugging.
Change-Id: Id84345d544ad1dd5f63e3842cab229e71d339297
Signed-off-by: JP Abgrall <jpa@google.com>
JP Abgrall [Tue, 17 Apr 2012 23:00:07 +0000 (16:00 -0700)]
ANDROID: netfilter: xt_qtaguid: fix ipv6 protocol lookup
When updating the stats for a given uid it would incorrectly assume
IPV4 and pick up the wrong protocol when IPV6.
Change-Id: Iea4a635012b4123bf7aa93809011b7b2040bb3d5
Signed-off-by: JP Abgrall <jpa@google.com>
JP Abgrall [Mon, 20 Jun 2011 19:41:46 +0000 (12:41 -0700)]
ANDROID: netfilter: xt_qtaguid: add qtaguid matching module
This module allows tracking stats at the socket level for given UIDs.
It replaces xt_owner.
If the --uid-owner is not specified, it will just count stats based on
who the skb belongs to. This will even happen on incoming skbs as it
looks into the skb via xt_socket magic to see who owns it.
If an skb is lost, it will be assigned to uid=0.
To control what sockets of what UIDs are tagged by what, one uses:
echo t $sock_fd $accounting_tag $the_billed_uid \
> /proc/net/xt_qtaguid/ctrl
So whenever an skb belongs to a sock_fd, it will be accounted against
$the_billed_uid
and matching stats will show up under the uid with the given
$accounting_tag.
Because the number of allocations for the stats structs is not that big:
~500 apps * 32 per app
we'll just do it atomic. This avoids walking lists many times, and
the fancy worker thread handling. Slabs will grow when needed later.
It use netdevice and inetaddr notifications instead of hooks in the core dev
code to track when a device comes and goes. This removes the need for
exposed iface_stat.h.
Put procfs dirs in /proc/net/xt_qtaguid/
ctrl
stats
iface_stat/<iface>/...
The uid stats are obtainable in ./stats.
Change-Id: I01af4fd91c8de651668d3decb76d9bdc1e343919
Signed-off-by: JP Abgrall <jpa@google.com>
[AmitP: Folded following android-4.9 commit changes into this patch
e5d798684a71 ("ANDROID: netfilter: qtaguid: initialize a local var to keep compiler happy")]
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
JP Abgrall [Tue, 12 Jul 2011 19:02:59 +0000 (12:02 -0700)]
ANDROID: netfilter: xt_quota2: fixup the quota2, and enable.
The xt_quota2 came from
http://sourceforge.net/projects/xtables-addons/develop
It needed tweaking for it to compile within the kernel tree.
Fixed kmalloc() and create_proc_entry() invocations within
a non-interruptible context.
Removed useless copying of current quota back to the iptable's
struct matchinfo:
- those are per CPU: they will change randomly based on which
cpu gets to update the value.
- they prevent matching a rule: e.g.
-A chain -m quota2 --name q1 --quota 123
can't be followed by
-D chain -m quota2 --name q1 --quota 123
as the 123 will be compared to the struct matchinfo's quota member.
Use the NETLINK NETLINK_NFLOG family to log a single message
when the quota limit is reached.
It uses the same packet type as ipt_ULOG, but
- never copies skb data,
- uses 112 as the event number (ULOG's +1)
It doesn't log if the module param "event_num" is 0.
Change-Id: I021d3b743db3b22158cc49acb5c94d905b501492
Signed-off-by: JP Abgrall <jpa@google.com>
[AmitP: Fix quota2_log() call and use ktime directly to align with
upstream commits
2456e8553544 ("ktime: Get rid of the union") and
613dbd95723a ("netfilter: x_tables: move hook state into xt_action_param structure").
Also folded following android-4.9 commit changes into this patch
eb6aba2a14b9 ("ANDROID: netfilter: xt_quota2: 3.10 fixes.")
Parts of
85a2eb5b48fc ("ANDROID: netfilter: xt_qtaguid: 64-bit warning fixes")
89f9044e826c ("ANDROID: net: kuid/kguid build fixes")
60d4c172c5cd ("ANDROID: netfilter: xt_quota2: make quota2_log work well")]
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
JP Abgrall [Tue, 21 Jun 2011 18:14:49 +0000 (11:14 -0700)]
ANDROID: netfilter: xt_quota2: adding the original quota2 from xtables-addons
The original xt_quota in the kernel is plain broken:
- counts quota at a per CPU level
(was written back when ubiquitous SMP was just a dream)
- provides no way to count across IPV4/IPV6.
This patch is the original unaltered code from:
http://sourceforge.net/projects/xtables-addons
at commit
e84391ce665cef046967f796dd91026851d6bbf3
Change-Id: I19d49858840effee9ecf6cff03c23b45a97efdeb
Signed-off-by: JP Abgrall <jpa@google.com>
Lorenzo Colitti [Wed, 10 May 2017 14:54:04 +0000 (23:54 +0900)]
ANDROID: net: xfrm: make PF_KEY SHA256 use RFC-compliant truncation.
When using the PF_KEY interface, SHA-256 hashes are hardcoded to
use 96-bit truncation. This is a violation of RFC4868, which
specifies 128-bit truncation, but will not be fixed upstream due
to backwards compatibility concerns and because the PF_KEY
interface is deprecated in favour of netlink XFRM (which allows
the app to specify an arbitrary truncation length).
Change the hardcoded truncation length from 96 to 128 so that
PF_KEY apps such as racoon will work with standards-compliant VPN
servers.
Bug:
34114242
Change-Id: Ie46bff4b6358f18117d0be241171d677d31d33f7
Signed-off-by: Lorenzo Colitti <lorenzo@google.com>
Jimmy Perchet [Mon, 9 May 2016 17:32:04 +0000 (10:32 -0700)]
ANDROID: net: wireless: wlcore: Disable filtering in AP role
When you configure (set it up) a STA interface, the driver
install a multicast filter. This is normal behavior, when
one application subscribe to multicast address the filter
is updated. When Access Point interface is configured, there
is no filter installation and the "filter update" path is
disabled in the driver.
The problem happens when you switch an interface from STA
type to AP type. The filter is installed but there are no
means to update it.
Change-Id: Ied22323af831575303abd548574918baa9852dd0
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
Dmitry Shmidt [Tue, 24 Jun 2014 16:36:50 +0000 (09:36 -0700)]
ANDROID: net: wireless: Decrease scan entry expiration to avoid stall results
Change-Id: I0e23ce45d78d7c17633670973f49943a5ed6032d
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Nick Pelly [Fri, 5 Dec 2008 01:37:05 +0000 (17:37 -0800)]
ANDROID: net: rfkill: Introduce CONFIG_RFKILL_PM and use instead of CONFIG_PM to power down
Some platforms do not want to power down rfkill devices on suspend.
Change-Id: I62a11630521c636d54a4a02ab9037a43435925f5
Signed-off-by: Nick Pelly <npelly@google.com>
[AmitP: Folded following android-4.9 commit changes into this patch
faad2b874fea ("rfkill: fix unused function warning")]
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
Lorenzo Colitti [Wed, 26 Mar 2014 10:35:41 +0000 (19:35 +0900)]
ANDROID: net: ipv6: autoconf routes into per-device tables
Currently, IPv6 router discovery always puts routes into
RT6_TABLE_MAIN. This causes problems for connection managers
that want to support multiple simultaneous network connections
and want control over which one is used by default (e.g., wifi
and wired).
To work around this connection managers typically take the routes
they prefer and copy them to static routes with low metrics in
the main table. This puts the burden on the connection manager
to watch netlink to see if the routes have changed, delete the
routes when their lifetime expires, etc.
Instead, this patch adds a per-interface sysctl to have the
kernel put autoconf routes into different tables. This allows
each interface to have its own autoconf table, and choosing the
default interface (or using different interfaces at the same
time for different types of traffic) can be done using
appropriate ip rules.
The sysctl behaves as follows:
- = 0: default. Put routes into RT6_TABLE_MAIN as before.
- > 0: manual. Put routes into the specified table.
- < 0: automatic. Add the absolute value of the sysctl to the
device's ifindex, and use that table.
The automatic mode is most useful in conjunction with
net.ipv6.conf.default.accept_ra_rt_table. A connection manager
or distribution could set it to, say, -100 on boot, and
thereafter just use IP rules.
Change-Id: I82d16e3737d9cdfa6489e649e247894d0d60cbb1
Signed-off-by: Lorenzo Colitti <lorenzo@google.com>
[AmitP: Refactored original changes to align with
the changes introduced by upstream commit
830218c1add1 ("net: ipv6: Fix processing of RAs in presence of VRF")
Also folded following android-4.9 commit changes into this patch
be65fb01da4d ("ANDROID: net: ipv6: remove unused variable ifindex in")]
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
JP Abgrall [Thu, 29 Sep 2011 22:36:49 +0000 (15:36 -0700)]
ANDROID: net: ipv6: fix crash caused by ipv6_find_hdr()
When calling:
ipv6_find_hdr(skb, &thoff, -1, NULL)
on a fragmented packet, thoff would be left with a random
value causing callers to read random memory offsets with:
skb_header_pointer(skb, thoff, ...)
Now we force ipv6_find_hdr() to return a failure in this case.
Calling:
ipv6_find_hdr(skb, &thoff, -1, &fragoff)
will set fragoff as expected, and not return a failure.
Change-Id: Ib474e8a4267dd2b300feca325811330329684a88
Signed-off-by: JP Abgrall <jpa@google.com>
JP Abgrall [Sat, 8 Feb 2014 02:40:10 +0000 (18:40 -0800)]
ANDROID: net: ipv4: tcp: add a sysctl to config the tcp_default_init_rwnd
The default initial rwnd is hardcoded to 10.
Now we allow it to be controlled via
/proc/sys/net/ipv4/tcp_default_init_rwnd
which limits the values from 3 to 100
This is somewhat needed because ipv6 routes are
autoconfigured by the kernel.
See "An Argument for Increasing TCP's Initial Congestion Window"
in https://developers.google.com/speed/articles/tcp_initcwnd_paper.pdf
Change-Id: I386b2a9d62de0ebe05c1ebe1b4bd91b314af5c54
Signed-off-by: JP Abgrall <jpa@google.com>
Conflicts:
net/ipv4/sysctl_net_ipv4.c
net/ipv4/tcp_input.c
[AmitP: Folded following android-4.9 commit changes into this patch
3823c8b26e6e ("ANDROID: tcp: fix tcp_default_init_rwnd() for 4.1")]
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
Robert Love [Thu, 31 Jul 2008 15:12:44 +0000 (11:12 -0400)]
ANDROID: net: ipv4: sysfs_net_ipv4: Add sysfs-based knobs for controlling TCP window size
Add a family of knobs to /sys/kernel/ipv4 for controlling the TCP window size:
tcp_wmem_min
tcp_wmem_def
tcp_wmem_max
tcp_rmem_min
tcp_rmem_def
tcp_rmem_max
This six values mirror the sysctl knobs in /proc/sys/net/ipv4/tcp_wmem and
/proc/sys/net/ipv4/tcp_rmem.
Sysfs, unlike sysctl, allows us to set and manage the files' permissions and
owners.
Signed-off-by: Robert Love <rlove@google.com>
Lorenzo Colitti [Wed, 26 Mar 2014 04:03:12 +0000 (13:03 +0900)]
ANDROID: net: ip-sysctl: Document tcp_fwmark_accept
This documentation patch is the part of original tcp_fwmark_accept
implementation, Change-Id: I26bc1eceefd2c588d73b921865ab70e4645ade57
("net: support marking accepting TCP sockets").
The implementation since then got upstreamed,
84f39b08d786
("net: support marking accepting TCP sockets"), without this
documentation part.
Change-Id: I26bc1eceefd2c588d73b921865ab70e4645ade57
Signed-off-by: Lorenzo Colitti <lorenzo@google.com>
[AmitP: Refactored the commit log.
Fixes:
84f39b08d786 ("net: support marking accepting TCP sockets")
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
John Stultz [Fri, 25 Aug 2017 23:41:26 +0000 (16:41 -0700)]
ANDROID: net: paranoid: commoncap: Begin to warn users of implicit PARANOID_NETWORK capability grants
CAP_NET_ADMIN and CAP_NET_RAW are implicity granted to the "special"
Android groups net_admin and net_raw.
This is a byproduct of the init system not being able to specify
capabilities back in the day, but has now been resolved and .rc files
can explictly specify the capabilities to be granted to a service.
Thus, we should start to remove this implict capability grant, and the
first step is to warn when a process doesn't have explicit capablity
but is a member of the implicitly granted group, when that capability
is checked.
This will allow for the PARANOID_NETWORK checks in commoncap.c to
be totally removed in a future kernel.
Change-Id: I6dac90e23608b6dba14a8f2049ba29ae56cb7ae4
Signed-off-by: John Stultz <john.stultz@linaro.org>
Tushar Behera [Mon, 26 Mar 2012 11:24:15 +0000 (16:54 +0530)]
ANDROID: net: paranoid: security: Add proper checks for Android specific capability checks
Commit
b641072 ("security: Add AID_NET_RAW and AID_NET_ADMIN capability
check in cap_capable().") introduces additional checks for AID_NET_xxx
macros. Since the header file including those macros are conditionally
included, the checks should also be conditionally executed.
Change-Id: Iaec5208d5b95a46b1ac3f2db8449c661e803fa5b
Signed-off-by: Tushar Behera <tushar.behera@linaro.org>
Signed-off-by: Andrey Konovalov <andrey.konovalov@linaro.org>
Chia-chi Yeh [Fri, 15 Jul 2011 22:32:57 +0000 (15:32 -0700)]
ANDROID: net: paranoid: Only NET_ADMIN is allowed to fully control TUN interfaces.
Signed-off-by: Chia-chi Yeh <chiachi@android.com>
Chia-chi Yeh [Tue, 30 Jun 2009 03:23:04 +0000 (11:23 +0800)]
ANDROID: net: paranoid: Replace AID_NET_RAW checks with capable(CAP_NET_RAW).
Signed-off-by: Chia-chi Yeh <chiachi@android.com>
Chia-chi Yeh [Thu, 18 Jun 2009 23:15:05 +0000 (07:15 +0800)]
ANDROID: net: paranoid: security: Add AID_NET_RAW and AID_NET_ADMIN capability check in cap_capable().
Signed-off-by: Chia-chi Yeh <chiachi@android.com>
Robert Love [Wed, 15 Oct 2008 19:35:44 +0000 (15:35 -0400)]
ANDROID: net: Paranoid network.
With CONFIG_ANDROID_PARANOID_NETWORK, require specific uids/gids to instantiate
network sockets.
Signed-off-by: Robert Love <rlove@google.com>
paranoid networking: Use in_egroup_p() to check group membership
The previous group_search() caused trouble for partners with module builds.
in_egroup_p() is also cleaner.
Signed-off-by: Nick Pelly <npelly@google.com>
Fix 2.6.29 build.
Signed-off-by: Arve Hjønnevåg <arve@android.com>
net: Fix compilation of the IPv6 module
Fix compilation of the IPv6 module -- current->euid does not exist anymore,
current_euid() is what needs to be used.
Signed-off-by: Steinar H. Gunderson <sesse@google.com>
net: bluetooth: Remove the AID_NET_BT* gid numbers
Removed bluetooth checks for AID_NET_BT and AID_NET_BT_ADMIN
which are not useful anymore.
This is in preparation for getting rid of all the AID_* gids.
Change-Id: I879d7181f07532784499ef152288d12a03ab6354
Signed-off-by: JP Abgrall <jpa@google.com>
[AmitP: Folded following android-4.9 commit changes into this patch
a2624d7b9d73 ("ANDROID: Add android_aid.h")]
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
Dmitry Shmidt [Thu, 7 Oct 2010 21:39:16 +0000 (14:39 -0700)]
ANDROID: mmc: core: Add "ignore mmc pm notify" functionality
Change-Id: I20821a82831b07ca037973d5d92e832372c6b583
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Colin Cross [Tue, 27 Oct 2015 23:42:08 +0000 (16:42 -0700)]
ANDROID: mm: add a field to store names for private anonymous memory
Userspace processes often have multiple allocators that each do
anonymous mmaps to get memory. When examining memory usage of
individual processes or systems as a whole, it is useful to be
able to break down the various heaps that were allocated by
each layer and examine their size, RSS, and physical memory
usage.
This patch adds a user pointer to the shared union in
vm_area_struct that points to a null terminated string inside
the user process containing a name for the vma. vmas that
point to the same address will be merged, but vmas that
point to equivalent strings at different addresses will
not be merged.
Userspace can set the name for a region of memory by calling
prctl(PR_SET_VMA, PR_SET_VMA_ANON_NAME, start, len, (unsigned long)name);
Setting the name to NULL clears it.
The names of named anonymous vmas are shown in /proc/pid/maps
as [anon:<name>] and in /proc/pid/smaps in a new "Name" field
that is only present for named vmas. If the userspace pointer
is no longer valid all or part of the name will be replaced
with "<fault>".
The idea to store a userspace pointer to reduce the complexity
within mm (at the expense of the complexity of reading
/proc/pid/mem) came from Dave Hansen. This results in no
runtime overhead in the mm subsystem other than comparing
the anon_name pointers when considering vma merging. The pointer
is stored in a union with fieds that are only used on file-backed
mappings, so it does not increase memory usage.
Includes fix from Jed Davis <jld@mozilla.com> for typo in
prctl_set_vma_anon_name, which could attempt to set the name
across two vmas at the same time due to a typo, which might
corrupt the vma list. Fix it to use tmp instead of end to limit
the name setting to a single vma at a time.
Change-Id: I9aa7b6b5ef536cd780599ba4e2fba8ceebe8b59f
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
[AmitP: Fix get_user_pages_remote() call to align with upstream commit
5b56d49fc31d ("mm: add locked parameter to get_user_pages_remote()")]
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
Greg Hackmann [Tue, 25 Oct 2016 20:59:59 +0000 (13:59 -0700)]
ANDROID: Kbuild, LLVMLinux: allow overriding clang target triple
Android has an unusual setup where the kernel needs to target
[arch]-linux-gnu to avoid Android userspace-specific flags and
optimizations, but AOSP doesn't ship a matching binutils.
Add a new variable CLANG_TRIPLE which can override the "-target" triple
used to compile the kernel, while using a different CROSS_COMPILE to
pick the binutils/gcc installation. For Android you'd do something
like:
export CLANG_TRIPLE=aarch64-linux-gnu-
export CROSS_COMPILE=aarch64-linux-android-
If you don't need something like this, leave CLANG_TRIPLE unset and it
will default to CROSS_COMPILE.
Change-Id: I85d63599c6ab8ed458071cdf9197d85b1f7f150b
Signed-off-by: Greg Hackmann <ghackmann@google.com>
Matthias Kaehlcke [Fri, 21 Apr 2017 21:04:28 +0000 (14:04 -0700)]
CHROMIUM: kbuild: clang: Disable the 'duplicate-decl-specifier' warning
clang generates plenty of these warnings in different parts of the code.
They are mostly caused by container_of() and other macros which declare
a "const <type> *" variable for their internal use which triggers a
"duplicate 'const' specifier" warning if the <type> is already const
qualified.
Change-Id: I3ad9d33e31b7b40f926554eed2afeea1ebb7e961
Wording-mostly-from: Michael Davidson <md@google.com>
Signed-off-by: Matthias Kaehlcke <mka@chromium.org>
Amit Pundir [Tue, 5 Jan 2016 12:06:31 +0000 (17:36 +0530)]
ANDROID: kbuild: Makefile.clean: make Kbuild and Makefile optional
AOSP commit
b13ce9f4aa6f "ARM64: add option to build
Image.gz/dtb combo" broke archclean / mrproper build
targets and we run into:
----------
./scripts/Makefile.clean:14: arch/arm64/boot/amd/Makefile: No such file or directory
make[2]: *** No rule to make target `arch/arm64/boot/amd/Makefile'. Stop.
make[1]: *** [arch/arm64/boot/amd] Error 2
make: *** [archclean] Error 2
----------
This patch skip the missing Kbuild/Makefile reporting
error. It does the job (i.e cleanup dts/*/*.dtb and
do not spit out missing file error messages as well).
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
Rom Lemarchand [Fri, 6 Feb 2015 00:07:59 +0000 (16:07 -0800)]
ANDROID: kbuild: make it possible to specify the module output dir
Make modinst_dir user-defined on the command line.
This allows to do things like:
make MODLIB=output/ modinst_dir=. modules_install
to ensure all the .ko are in the output/ directory.
Change-Id: I2bc007eea27ee744d35289e26e4a8ac43ba04151
Signed-off-by: Rom Lemarchand <romlem@android.com>
Eric Ernst [Fri, 2 Sep 2016 23:12:06 +0000 (16:12 -0700)]
ANDROID: input: keyreset: switch to orderly_reboot
Prior restart function would make a call to sys_sync and then
execute a kernel reset. Rather than call the sync directly,
thus necessitating this driver to be builtin, call orderly_reboot,
which will take care of the file system sync.
Note: since CONFIG_INPUT Kconfig is tristate, this driver can be built
as module, despite being marked bool.
Signed-off-by: Eric Ernst <eric.ernst@linux.intel.com>
Daniel Rosenberg [Fri, 27 Jun 2014 23:39:35 +0000 (16:39 -0700)]
ANDROID: input: keyreset: Made keyreset more robust
Switched do_restart to run in a seperate workqueue to handle
cases where kernel_restart hangs.
Change-Id: I1ecd61f8d0859f1a86d37c692351d644b5db9c69
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Daniel Rosenberg [Wed, 7 May 2014 21:17:47 +0000 (14:17 -0700)]
ANDROID: input: keyreset: Changed keyreset to act as a wrapper for keycombo.
keyreset now registers a keycombo driver that acts as the old
keyreset driver acted.
Change-Id: I08f5279e3a33b267571b699697f9f54508868983
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Daniel Rosenberg [Wed, 7 May 2014 23:52:10 +0000 (16:52 -0700)]
ANDROID: input: keycombo: add keycombo, a general key combo driver.
Keycombo lets you provide a key up and key down function, and an
optional time delay for key down. The driver will call the key
down function after the specified key combo has been held for the
speicified time delay. After you release the combo, if the key down
has happened, it calls key up.
Change-Id: I6a9a94e96a8f58fadd908fd1dc7944b9102a089f
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Arve Hjønnevåg [Sat, 22 Nov 2008 05:47:23 +0000 (21:47 -0800)]
ANDROID: input: keyreset: Add keyreset driver.
Add a platform device in the board file to specify a reset key-combo.
The first time the key-combo is detected a work function that syncs
the filesystems is scheduled. If all the keys are released and then
pressed again, it calls panic. Reboot on panic should be set for
this to work.
Change-Id: I9d54283ca1fba45e4b1ae1a407524cdda8171143
Signed-off-by: Arve Hjønnevåg <arve@android.com>
Dmitry Shmidt [Thu, 12 Jan 2017 20:34:22 +0000 (12:34 -0800)]
ANDROID: input: gpio_matrix: Remove wakelock.h dependencies
Change-Id: I228bcdebf28f5c67765002043d3f919718827316
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Todd Poynor [Wed, 20 Jun 2012 04:06:47 +0000 (21:06 -0700)]
ANDROID: input: gpio_input: convert from wakelocks to wakeup sources
And add device names to wakeup source names
Change-Id: Ia5f2723319a2e749f00d6ec7d846edff6af6d5c2
Signed-off-by: Todd Poynor <toddpoynor@google.com>
Colin Cross [Thu, 2 Feb 2012 04:26:28 +0000 (20:26 -0800)]
ANDROID: input: gpio_event: remove early suspend
Remove the early suspend handler. Leave the suspend functions
for now, they should eventually get called through a userspace
interface.x
Change-Id: I67f9dafe32fe32577bab93c42b95824db96c215c
Signed-off-by: Colin Cross <ccross@android.com>
Arve Hjønnevåg [Thu, 16 Oct 2008 01:23:47 +0000 (18:23 -0700)]
ANDROID: input: Generic GPIO Input devices
Supports keyboard matrixces, direct inputs, direct outputs and axes connected to gpios.
Change-Id: I5e921e6e3a1cc169316ee3b665f4cc21b5735114
Signed-off-by: Arve Hjønnevåg <arve@android.com>
Signed-off-by: Nick Pelly <npelly@google.com>
[AmitP: Use ktime directly to align with upstream commit
2456e8553544 ("ktime: Get rid of the union")]
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
Rom Lemarchand [Mon, 6 Jul 2015 23:50:33 +0000 (16:50 -0700)]
ANDROID: initramfs: Add skip_initramfs command line option
Add a skip_initramfs option to allow choosing whether to boot using
the initramfs or not at runtime.
Change-Id: If30428fa748c1d4d3d7b9d97c1f781de5e4558c3
Signed-off-by: Rom Lemarchand <romlem@google.com>
Jin Qian [Mon, 12 Sep 2016 22:51:35 +0000 (15:51 -0700)]
ANDROID: build: add build server configs for goldfish
Change-Id: Icd7a8d44df2b09394be5c6230c64ecb374cae236
[AmitP: Folded following android-4.9 commit changes into this patch
d7d2efab84d5 ("ANDROID: build: fix build config kernel_dir")]
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
Jin Qian [Fri, 7 Oct 2016 23:20:47 +0000 (16:20 -0700)]
ANDROID: goldfish: add ranchu defconfigs
Change-Id: I73ef1b132b6203ae921a1e1d4850eaadf58f8926
[AmitP: Folded following android-4.9 commit changes into this patch
b821439faf75 ("ANDROID: arm64: rename ranchu defconfig to ranchu64")
1a03fc05a569 ("ANDROID: goldfish: enable CONFIG_INET_DIAG_DESTROY")
2bed6160b367 ("ANDROID: goldfish: disable GOLDFISH_SYNC")
ec6a764367a4 ("ANDROID: goldfish_sync: update defconfig for 4.9-compatible version")]
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
Christian Poetzsch [Fri, 24 Jul 2015 15:42:58 +0000 (16:42 +0100)]
ANDROID: fs: Fix for in kernel emergency remount when loop mounts are used
adb reboot calls /proc/sysrq-trigger to force an emergency remount (ro) of all
mounted disks. This is executed in the order of the time the mount was originally
done. Because we have a test system which loop mount images from an extra
partition, we see errors cause the loop mounted partitions gets remounted after
this physical partition was set to read only already.
Fix this by reversing the order of the emergency remount. This will remount the
disk first which have been mounted last.
So instead of remounting in this order:
/dev/sda1
/dev/loop1
/dev/loop2
we now remount in this order:
/dev/loop2
/dev/loop1
/dev/sda1
Change-Id: I68fe7e16cc9400ab5278877af70c9ea1d9b57936
Signed-off-by: Christian Poetzsch <christian.potzsch@imgtec.com>
Mohan Srinivasan [Fri, 10 Feb 2017 22:26:23 +0000 (14:26 -0800)]
ANDROID: fs: Refactor FS readpage/write tracepoints.
Refactor the fs readpage/write tracepoints to move the
inode->path lookup outside the tracepoint code, and pass a pointer
to the path into the tracepoint code instead. This is necessary
because the tracepoint code runs non-preemptible. Thanks to
Trilok Soni for catching this in 4.4.
Signed-off-by: Mohan Srinivasan <srmohan@google.com>
[AmitP: Folded following android-4.9 commit changes into this patch
a5c4dbb05ab7 ("ANDROID: Replace spaces by '_' for some android filesystem tracepoints.")]
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
Mohan Srinivasan [Thu, 15 Dec 2016 00:39:51 +0000 (16:39 -0800)]
ANDROID: fs: FS tracepoints to track IO.
Adds tracepoints in ext4/f2fs/mpage to track readpages/buffered
write()s. This allows us to track files that are being read/written
to PIDs. (Merged from android4.4-common).
Signed-off-by: Mohan Srinivasan <srmohan@google.com>
Jin Qian [Thu, 2 Mar 2017 21:32:59 +0000 (13:32 -0800)]
ANDROID: fs: sched: add a counter to track fsync
Change-Id: I6c138de5b2332eea70f57e098134d1d141247b3f
Signed-off-by: Jin Qian <jinqian@google.com>
[AmitP: Refactored changes to align with changes from upstream commit
9a07000400c8 ("sched/headers: Move CONFIG_TASK_XACCT bits from <linux/sched.h> to <linux/sched/xacct.h>")]
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
Colin Cross [Mon, 6 May 2013 23:50:16 +0000 (23:50 +0000)]
ANDROID: fs: epoll: use freezable blocking call
Avoid waking up every thread sleeping in an epoll_wait call during
suspend and resume by calling a freezable blocking call. Previous
patches modified the freezer to avoid sending wakeups to threads
that are blocked in freezable blocking calls.
This call was selected to be converted to a freezable call because
it doesn't hold any locks or release any resources when interrupted
that might be needed by another freezing task or a kernel driver
during suspend, and is a common site where idle userspace tasks are
blocked.
Change-Id: I848d08d28c89302fd42bbbdfa76489a474ab27bf
Acked-by: Tejun Heo <tj@kernel.org>
Signed-off-by: Colin Cross <ccross@android.com>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
Arve Hjønnevåg [Sat, 3 May 2014 03:23:21 +0000 (20:23 -0700)]
ANDROID: fs: pstore: ram: Add ramoops_console_write_buf api
Allow writing into the ramoops console buffer.
Change-Id: Iff0d69b562e4dae33ea7f8d19412227bebb17e47
Signed-off-by: Arve Hjønnevåg <arve@android.com>
Keun-young Park [Tue, 15 Nov 2016 02:25:15 +0000 (18:25 -0800)]
ANDROID: dm: verity: add minimum prefetch size
- For device like eMMC, it gives better performance to read more hash
blocks at a time.
- For android, set it to default 128.
For other devices, set it to 1 which is the same as now.
- saved boot-up time by 300ms in tested device
bug:
32246564
Change-Id: Ibc0401a0cddba64b862a80445844b4e595213621
Cc: Sami Tolvanen <samitolvanen@google.com>
Signed-off-by: Keun-young Park <keunyoung@google.com>
Badhri Jagan Sridharan [Fri, 3 Jun 2016 20:16:59 +0000 (13:16 -0700)]
ANDROID: dm: android-verity: mark dev as rw for linear target
Mark as rw when adding as linear target to allow changes
to the underlying filesystem through adb disable verity
and adb remount.
(Cherry-picked from
https://partner-android-review.googlesource.com/#/c/613573/
79a3032bb62da65a5d724eb70c8bdc662945d475)
BUG:
28845874
Signed-off-by: Badhri Jagan Sridharan <Badhri@google.com>
Change-Id: If41e9cad8e0f054f4778c09a6e2f0cb8af6fddaf
Bowgo Tsai [Thu, 2 Mar 2017 10:54:15 +0000 (18:54 +0800)]
ANDROID: dm: android-verity: allow disable dm-verity for Treble VTS
To start Treble VTS test, a single AOSP system.img will be flashed onto
the device. The size of AOSP system.img might be different than the
system partition size on device, making locating verity metadata fail
(at the last fixed size of the partition).
This change allows disabling dm-verity on system partition when the
device is unlocked (orange device state) with invalid metadata.
BUG:
35603549
Test: boot device with a different-sized system.img, checks verity is
not enabled via:
"adb shell getprop | grep partition.system.verified"
Change-Id: Ide78dca4eefde4ab019e4b202d3f590dcb1bb506
Signed-off-by: Bowgo Tsai <bowgotsai@google.com>
Greg Hackmann [Mon, 14 Nov 2016 17:48:02 +0000 (09:48 -0800)]
ANDROID: dm: android-verity: fix table_make_digest() error handling
If table_make_digest() fails, verify_verity_signature() would try to
pass the returned ERR_PTR() to kfree().
This fixes the smatch error:
drivers/md/dm-android-verity.c:601 verify_verity_signature() error: 'pks' dereferencing possible ERR_PTR()
Change-Id: I9b9b7764b538cb4a5f94337660e9b0f149b139be
Signed-off-by: Greg Hackmann <ghackmann@google.com>
Badhri Jagan Sridharan [Fri, 13 Jan 2017 19:05:00 +0000 (11:05 -0800)]
ANDROID: dm: android-verity: rebase for 4.9
Export the direct_access method of dm_linear target for
dm-android-verity target.
Signed-off-by: Badhri Jagan Sridharan <Badhri@google.com>
Change-Id: I46556d882305e5194352946264cbc9c06e5038e4
[AmitP: Rebased the changes for v4.14]
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
OSDN Git Service
