This change renames the IMemory raw pointer accessors to
unsecure*() to make it apparent to coders and code reviewers
that the returned buffer may potentially be shared with
untrusted processes, who may, after the fact, attempt to
read and/or modify the contents. This may lead to hard to
find security bugs and hopefully the rename makes it harder
to forget.
The change also attempts to fix all the callsites to make
everything build correctly, but in the processes, wherever the
callsite code was not obviously secure, I added a TODO requesting
the owners to either document why it's secure or to change the
code. Apologies in advance to the owners if there are some false
positives here - I don't have enough context to reason about all
the different callsites.
Test: Completely syntactic change. Made sure code still builds.
Change-Id: I5fb99aa797c488406083178a6b05355d98710d3b
The retroactive dump outputs historical snapshots of data that
correspond to important NBLog Events at the time they were read.
The standard printing format added is as follows: for each line, the
first column is the NBLog Event as a string, and the following columns
correspond to each field of the struct, or the type, that the NBLog
Event maps to. All columns are separated by commas.
Other changes:
Added option to Reader::getSnapshot() for flushing the buffer. This
makes it possible to always read the full buffer contents when doing a
dump of the raw log contents.
Test: dumpsys media.log with -r and --retro options
Bug: 68148948
Change-Id: I4bbbf6e2f9a3a86fae976986ac35a7eef79520de
Other Changes:
- added thread_params_t type to NBLog
- rearranged ordering of macros in TypedLogger.h
Test: dumpsys media.log with --json, --pa, and --plots options
Bug: 68148948
Change-Id: If97714271a085a99bba0ab3ae0c268a9f407f053
NBLog.cpp was deleted and split up into Entry.cpp, Merger.cpp,
Reader.cpp, Timeline.cpp, and Writer.cpp. NBLog.h was split up into
Entry.h, Events.h, Merger.h, Reader.h, Timeline.h, and Writer.h. NBLog.h
now includes all of these new headers except Merger.h, which is managed
exclusively by MediaLogService.
Other changes:
- changed NBLog from a class to a namespace
- changed NBLog::thread_info_t.type to enum and replaced magic numbers
- fixed some fragile build dependencies in libaudioclient and medialog
No other changes were made, and all functionalities that existed prior
to this commit remain the same.
Test: build, dumpsys media.log
Bug: 68148948
Change-Id: I1ce6dcb7b30d004f90584edfad7103a89f7bab0c
No new functionality was added, and no existing functionality was
removed.
Event types have been renamed and reorganized according to
functionality. A compile-time mapping from Event to C++ data type allows
for a generic Event log() template function to avoid the need to add a
new logging function when a new Event is added to enum NBLog::Event.
Most LockedWriter functions were deleted because they did not involve
accessing shared variables. Only the functions that accessed shared
variables were kept in LockedWriter.
Test: dumpsys media.log -r
Bug: 68148948
Change-Id: I8a27f1690795cdb0b84e92033b7cbf4588ba175e
ReportPerformance::writeToFile and the recording of PerformanceAnalysis
FastMixer timestamps are disabled for now.
Test: dumpsys media.log -r
Bug: 68148948
Change-Id: I4ba55fc20521ad2278348e6a3f713f9db04d951b
Prior to this commit, the dumping of log contents and histograms from
PerformanceAnalysis were in conflict because histograms obtained data
from the merger's buffer, and the merger used the same readers as the
log dumps. One read would consume the whole buffer, which would cause
either a lossy dump or an lossy merge. Now, both operations can exist
without loss of information from sharing the same reader.
The step of merging contents of each writer's local buffer into a bigger
buffer has effectively been removed. PerformanceAnalysis now directly
reads from each writer's buffer instead of reading from the merger's
bigger buffer.
Test: dumpsys media.log -r
Bug: 68148948
Change-Id: I6d8ea6a8f6a43555183a6d8f17af567506a102f1
Merging is temporarily disabled for now because the readers managed by
the merger are the same as the ones used for the dumpsys log dump, and
reading from the log effectively consumes the buffer. Eventually, the
readers for the two functionalities will need to be separated to avoid
conflict. The dump of the merged buffer is also disabled, which removes
the dumping of histograms.
The new types added are monotonic thread cycle time, CPU thread cycle
time, CPU frequency, and latency (which will need to be specified in
further detail later). Logging support is added only for monotonic
thread cycle time at the moment.
Test: build, log monotonic thread cycle time in FastThread, check output
in dumpsys media.log -r.
Change-Id: I1b781d6db102fb917fd0bac964eeebd0309234c0
Bug: 68148948
audio.h and its dependencies (audio-effect.h, sound_trigger.h...)
used to be shared between system and vendor code.
This led to multiple problems:
1) Such sharing contradicts the Treble policy of
strict independence of framework and vendor code.
2) When audio.h was changed, every vendor needed to update
its code in the next release. This meant that audio*.h
headers were mostly changed in backward compatible manner.
Nevertheless, for P the HIDL interface and thus the audio.h
interface are changed in backward incompatible way.
(Some enum are becoming 64 bit long).
3) As the headers were common, some API used only by the framework
needed to be visible to the vendors (mostly enum values).
4) Treble policy is to support at least one previous HAL version
As a result the audio*.h headers are now duplicated,
one set for the framework, and one for the vendor.
Each set will evolve independently. After this split,
the framework-only APIs will be removed from the vendor headers
and vice versa.
The split is implements as such:
+ for system code
- NOT moving the libaudio_system_headers
Eg: system/audio.h and system/audio_effects/effect_equalizer.h
are still in system/media/audio
- the legacy audio HAL API that were in libhardware headers
are now in libaudiohal_legacy_headers
Eg: hardware/audio.h and hardware/audio_effect.h
are now in frameworks/av/media/libaudiohal/legacy/
+ for vendor code
- moving libaudio_system_headers and the legacy audio HAL API
that were in libhardware_headers in
android.hardware.audio.common.legacy@2.0
Note that those headers are now versioned, so migrating to a @4.0
HIDL HAL will mean changing the legacy dependency too.
Eg: system/audio.h, system/audio-effect.h, hardware/audio.h
are now in hardware/interfaces/audio/common/2.0/legacy
- the legacy audio effect HAL API that was in libaudioeffects
is now moved in android.hardware.audio.effect.legacy@2.0
Eg: audio_effects/effect*.h are now in
hardware/interfaces/audio/effect/2.0/legacy
- the legacy sound trigger HAL API that were in libhardware_headers
is now moved in android.hardware.soundtrigger.legacy@2.0
Eg: hardware/sound_trigger.h is now in
hardware/interfaces/audio/effect/2.0/legacy
libaudioutil being used by both system and vendor, had
to be renamed for system to libaudioutil_system.
Vendor libs that now depend on the audio.h of a specific
version and are not extensively referenced in non google code,
append @2.0 to their name.
Note that headers that are not expected to change in the 4.0 HAL are
left in all-versions folder to avoid duplication.
This is an implementation detail as the versioned libraries export
the all-versions headers.
Note that strict vendor-system separation is enforced by the
build-system. The system headers are not available for vendor
libs and vice-versa.
Note that this patch is split between numerous git repository (>10),
all the commits having the same Change-id for searchability.
Note that audio_policy.h is no longer exposed to vendors
as the legacy audio policy HAL API was never officially supported.
As a result the audiopolicy stub implementation has been removed.
Test: compile taimen-userdebug walleye-userdebug
sailfish-userdebug marlin-userdebug
gce_x86_phone-userdebug gce_x86_phone
full-eng aosp_arm aosp_x86-eng
Test: check that the emulator booted and played audio
Test: full QA on sailfish-userdebug and taimen-userdebug
Bug: 38184704
Change-Id: I950f4e0a55613d72e32eba31bd563cb5bafe2d1a
Signed-off-by: Kevin Rocard <krocard@google.com>
The array index calculation in NBLog.cpp causes a runtime error on
integer overflow sanitized builds. Although kPreviousLengthOffset is now
ssize_t, sizeof() returns size_t, which is causing kPreviousLengthOffset
to be implicitly cast to size_t, resulting in the overflow.
runtime error: unsigned integer overflow: 27 + 4294967295 cannot be
represented in type 'unsigned int'
This restructures the buffer index to avoid the overflow all together.
Bug: 30969751
Test: Compiles, device boots.
Change-Id: I9abb858190ecdeeaede66cf502ceb586467d5c0c
An array index calculation in NBLog.cpp causes a runtime error on
integer overflow sanitized builds.
buffer[sizeof(buffer) + Entry::kPreviousLengthOffset] = ...
runtime error: unsigned integer overflow: 27 + 4294967295 cannot be
represented in type 'unsigned int'
This changes kPreviousLengthOffset to signed, which provides the same
effect without the overflow.
Bug: 30969751
Test: Compiles, device boots.
Change-Id: I25b232bba6a1940674d15a06483b2595eecc29e8
There is a potential signed integer overflow in logRound on the return
statement arithmetic which throws an error on integer sanitized builds.
runtime error: signed integer overflow: 94 * 1000000000 cannot be
represented in type 'int'
From the comments this looks like this is expected to overflow. For now,
disable sanitization in this function.
Bug: 30969751
Test: Build compiles with and without integer sanitization.
Change-Id: Idfb7eb46ec30f34de75ac3c912760e8fe9525299
nbaio is an acronym for "non-blocking audio I/O", and nblog means
"non-blocking logger" so nblog does not belong with nbaio.
There are a lot of improvements planned for nblog, and having the
restructuring done will make it clearer as more files are added.
Test: builds OK
Change-Id: Ib28bada2566c1d64bdbe9f5d7a5ce40e080178ef