aboutsummaryrefslogtreecommitdiffstats
path: root/etc
Commit message (Collapse)AuthorAgeFilesLines
* Change init sequence to support file level encryptionPaul Lawrence2015-07-071-3/+3
| | | | | | | | | | | File level encryption must get the key between mounting userdata and calling post_fs_data when the directories are created. This requires access to keymaster, which in turn is found from a system property. Split property loaded into system and data, and load in right order. Bug: 22233063 Change-Id: I409c12e3f4a8cef474eb48818e96760fe292cc49
* Revert "Change init sequence to support file level encryption"Paul Lawrence2015-07-071-3/+3
| | | | | | This reverts commit 98c1a3de23ae8b589c36e74939193c44d25cac65. Change-Id: I524060418de18f97c3865ebc4435f501015e92ee
* Change init sequence to support file level encryptionPaul Lawrence2015-07-061-3/+3
| | | | | | | | | | | File level encryption must get the key between mounting userdata and calling post_fs_data when the directories are created. This requires access to keymaster, which in turn is found from a system property. Split property loaded into system and data, and load in right order. Bug: 22233063 Change-Id: I409c12e3f4a8cef474eb48818e96760fe292cc49
* Revert "Revert "init re-execs to set its security context now.""Elliott Hughes2015-04-241-7/+0
| | | | | | | This reverts commit c819dbe95bf80645178b0180f519ab2983da01a0. Bug: http://b/19702273 Change-Id: I5c75b148a12e644dd247a4df4f67dc9b4b9ff8cf
* Revert "init re-execs to set its security context now."Nick Kralevich2015-04-241-0/+7
| | | | | | | | shamu isn't booting now This reverts commit c57453d5377a13445c4b1d3f73c0e0ab19aa0c1e. Change-Id: I8efbf6260f5fcf983e5056fac6d03916415b944e
* init re-execs to set its security context now.Elliott Hughes2015-04-231-7/+0
| | | | Change-Id: I0a014f8dddfe775159903b5d6fa632733fef692c
* Bump up max_map_count value.Jesse Zhao2015-01-081-0/+1
| | | | | Change-Id: Id3e2c0795b817db9a85bc84cba2aa05d20179d39 Bug: 18503789
* init.rc: Inidicate that booting is complete wrt firwmare requestsJP Abgrall2014-10-201-1/+6
| | | | | | | | | | ueventd will wait for /dev/.booting to go away before giving up on loading firmware. The issue was introduced in Ifdd5dd1e95d7e064dde5c80b70198882d949a710 which forgot to update recovery's init.rc Bug: 17993625 Change-Id: I91205fe6eea50aaef9b401d650ec8d6843a92a57
* sideload without holding the whole package in RAMDoug Zongker2014-07-021-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Implement a new method of sideloading over ADB that does not require the entire package to be held in RAM (useful for low-RAM devices and devices using block OTA where we'd rather have more RAM available for binary patching). We communicate with the host using a new adb service called "sideload-host", which makes the host act as a server, sending us different parts of the package file on request. We create a FUSE filesystem that creates a virtual file "/sideload/package.zip" that is backed by the ADB connection -- users see a normal file, but when they read from the file we're actually fetching the data from the adb host. This file is then passed to the verification and installation systems like any other. To prevent a malicious adb host implementation from serving different data to the verification and installation phases of sideloading, the FUSE filesystem verifies that the contents of the file don't change between reads -- every time we fetch a block from the host we compare its hash to the previous hash for that block (if it was read before) and cause the read to fail if it changes. One necessary change is that the minadbd started by recovery in sideload mode no longer drops its root privileges (they're needed to mount the FUSE filesystem). We rely on SELinux enforcement to restrict the set of things that can be accessed. Change-Id: Ida7dbd3b04c1d4e27a2779d88c1da0c7c81fb114
* am 3e0fc39e: am 974fe112: Merge "Fix recovery mode."Riley Andrews2014-06-251-1/+19
|\ | | | | | | | | * commit '3e0fc39ec27c0ed96ffd2a617f1841fe3bf3c8f6': Fix recovery mode.
| * Fix recovery mode.Riley Andrews2014-06-241-1/+19
| | | | | | | | | | | | | | | | | | Duplicate changes made to init.rc for https://android-review.googlesource.com/98852 in the init.rc used for recovery mode. Bug 15849856 Change-Id: Ia376ddf6373a28718653f7fb1435bf7ecb33d813
* | recovery: enable panic_on_oopsColin Cross2014-06-241-0/+2
| | | | | | | | | | | | Set panic_on_oops=1 to reboot if the kernel panics. Change-Id: Id9e8689a570229db2ea2a3d72b52784f8a1ed107
* | am ed75be6d: am ac189bf6: Merge "recovery: Fix adb with linux 3.10"Benoit Goby2014-02-211-0/+6
|\ \ | |/ | | | | | | * commit 'ed75be6de9d883a2524065940d732593fa26ac19': recovery: Fix adb with linux 3.10
| * recovery: Fix adb with linux 3.10Benoit Goby2014-02-191-0/+6
| | | | | | | | | | | | | | | | In kernel 3.10, f_adb has been removed and adbd can use functionfs instead. Mount functionfs on boot for adbd. On older kernels, mount will fail silently and adbd will revert to f_adb. Change-Id: I5db57aaf35b35859ea88c7d0e0661d8c553e5811
* | am f4641299: am 295e74aa: Merge "adbd: switch to su domain when running as root"Nick Kralevich2014-01-241-1/+1
|\ \ | |/ | | | | | | * commit 'f464129950eaea49b1234fdcfd04ec8723e3c672': adbd: switch to su domain when running as root
| * adbd: switch to su domain when running as rootNick Kralevich2014-01-181-1/+1
| | | | | | | | | | | | | | | | | | | | | | When adbd runs as root, it should transition into the su domain. This is needed to run the adbd and shell domains in enforcing on userdebug / eng devices without breaking developer workflows. Use the new device_banner command line option. Change-Id: Ib33c0dd2dd6172035230514ac84fcaed2ecf44d6
* | am a01b6467: am 772f6e2a: Merge "correctly mount tmpfs as /tmp in recovery"Doug Zongker2014-01-141-2/+2
|\ \ | |/ | | | | | | * commit 'a01b646794fc207da657d7b8ef779c9d842acfde': correctly mount tmpfs as /tmp in recovery
| * correctly mount tmpfs as /tmp in recoveryDoug Zongker2014-01-141-2/+2
| | | | | | | | | | | | | | | | | | | | | | The syntax of init's mount command changed in April 2008 but recovery's init.rc was never updated, so recovery's /tmp has been on the root fs all this time. Fix. Also add /system/bin to the PATH in recovery, which is handy for debugging. Change-Id: I39f7ae435a8ce3bad691e4b7c307db0bd8de1302
* | am 7e0d3066: am fc729512: Merge "Set SELinux security contexts correctly for ↵Nick Kralevich2014-01-131-0/+11
|\ \ | |/ | | | | | | | | | | init and services." * commit '7e0d30667cf53a182525f87dd0c8cb0e2628a1ed': Set SELinux security contexts correctly for init and services.
| * Set SELinux security contexts correctly for init and services.Stephen Smalley2014-01-131-0/+11
| | | | | | | | | | | | | | | | Otherwise everything is left running in the kernel domain when booting recovery. Change-Id: Ie3d86547d5be0b68dd1875a97afe1e00fc3e4da1 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
* | start healthd in recovery modeTodd Poynor2013-09-131-1/+1
|/ | | | Change-Id: I431ece69b6856fd1ea6079c38cdeb593c15d7385
* fix secure adb in recoveryDoug Zongker2013-09-111-0/+1
| | | | | | | | Recovery's init.rc was missing a line (added to the main system's init.rc in change Ic97fd464440ff4a29fc9da7ad15949ac5215ade3) is required for secure adb to work. Change-Id: Id79b94d2abb4cbe3cca7cabeb4bc5faf7205e56b
* recovery: fix rebootingDoug Zongker2013-08-301-0/+3
| | | | | | | | Change I84c0513acb549720cb0e8c9fcbda0050f5c396f5 moved reboot functionality into init but did not update the recovery partition; so "adb reboot" and /system/bin/reboot in recovery are both broken. Change-Id: Ie2d14627a686ffb5064256b6c399723636dff116
* start healthd in recoveryTodd Poynor2013-06-181-0/+4
| | | | Change-Id: I16e3e0ddb8ca062431deb4be83c5be5eb786d76f
* recovery: import init.recovery.${ro.hardware}.rcColin Cross2012-08-081-0/+2
| | | | | | | | | Some devices need hardware specific services started in recovery, for example watchdogd. Import init.recovery.${ro.hardware}.rc from the recovery init.rc. Bug: 6953625 Change-Id: I4a4cee210238150ffaabe774a44340ec3c8ff78c
* run minadbd as shell userDoug Zongker2012-03-191-0/+3
| | | | | | | | Make minadbd drop its root privileges after initializing. We need to make the /tmp directory writable by the shell group so that it can drop the sideloaded file there. Change-Id: I67b292cf769383f0f67fb934e5a80d408a4c131d
* always initialize usb product, vendor, etc. for adb in recoveryDoug Zongker2012-01-101-7/+9
| | | | | | | Set these values even on non-debuggable builds, so that the mini-adb now in recovery can work. Change-Id: If4c915403e6f43bfe922aa347e350a8982443106
* recovery: convert all usages of $prop to ${prop}Dima Zavin2012-01-101-3/+3
| | | | | Change-Id: I9451b8350d33806097598fb9e575b28fd8b292ad Signed-off-by: Dima Zavin <dima@android.com>
* Add missing commands to recovery init.rcMichael Ward2011-07-071-0/+3
| | | | | | Wrote some missing items in recovery, most notably the serial number so that it shows up correctly on adb. Change-Id: If430c0b78191c8d77f781aa605b5081571451775
* init.rc: Simplify logic for starting adbd in recoveryMike Lockwood2011-06-291-25/+6
| | | | | | | | | | Always start adbd if ro.debuggable=1 rather than basing it on user preference in persistent system properties. Use new D001 product ID, which I just allocated for "android recovery mode" Change-Id: I6f1eac5257eaad2e538c0a8dd549ad89219efa3e Signed-off-by: Mike Lockwood <lockwood@android.com>
* fix adb root in recoveryDoug Zongker2011-06-231-0/+4
| | | | | | recovery's init.rc was missing lines that made adb root work. Change-Id: I300e6997e3b5cb9c7b542b2012eed61deb2550f1
* Fix starting adb in recovery modeMike Lockwood2011-06-191-3/+27
| | | | | Change-Id: I8444f44d3194ff16ce54121633d5b255231393f5 Signed-off-by: Mike Lockwood <lockwood@android.com>
* am ecc76ba5: Set adbd to be disabled by default in recoveryKenny Root2010-06-281-0/+1
|\ | | | | | | | | | | | | Merge commit 'ecc76ba5516d62a886f9c290906e0ca50702c9ab' into gingerbread * commit 'ecc76ba5516d62a886f9c290906e0ca50702c9ab': Set adbd to be disabled by default in recovery
| * Set adbd to be disabled by default in recoveryKenny Root2010-06-281-0/+1
| | | | | | | | Change-Id: I74fa6edc4b001247b20be52e8301d18407fede2c
* | recovery: Add ueventd serviceColin Cross2010-05-141-0/+4
|/ | | | Change-Id: Iad448bc1608f88c5db2108475f35b88ea2877b07
* auto import from //depot/cupcake/@135843The Android Open Source Project2009-03-032-0/+41
|
* auto import from //depot/cupcake/@135843The Android Open Source Project2009-03-032-41/+0
|
* Initial ContributionThe Android Open Source Project2008-10-212-0/+41