summaryrefslogtreecommitdiffstats
path: root/include/private
Commit message (Collapse)AuthorAgeFilesLines
* Pixelflinger: Fix issue of pointers being stored in intsAshok Bhat2013-12-121-2/+2
| | | | | | | | | | Pixelflinger's code makes assumptions, at certain places, that pointers can be stored as ints. This patch makes use of uintptr_t wherever pointers are stored as int or cast to int. Change-Id: Ie76f425cbc82ac038a747f77a95bd31774f4a8e8 Signed-off-by: Ashok Bhat <ashok.bhat@arm.com>
* Richer SD card permissions through FUSE.Jeff Sharkey2013-08-081-46/+61
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changes the FUSE daemon to synthesize an Android-specific set of filesystem permissions, even when the underlying media storage is permissionless. This is designed to support several features: First, apps can access their own files in /Android/data/com.example/ without requiring any external storage permissions. This is enabled by allowing o+x on parent directories, and assigning the UID owner based on the directory name (package name). The mapping from package to appId is parsed from packages.list, which is updated when apps are added/removed. Changes are observed through inotify. It creates missing package name directories when requested and valid. Second, support for separate permissions for photos and audio/video content on the device through new GIDs which are assigned based on top-level directory names. Finally, support for multi-user separation on the same physical media through new /Android/user/ directory, which will be bind-mounted into place. It recursively applies the above rules to each secondary user. rwxrwx--x root:sdcard_rw / rwxrwx--- root:sdcard_pics /Pictures rwxrwx--- root:sdcard_av /Music rwxrwx--x root:sdcard_rw /Android rwxrwx--x root:sdcard_rw /Android/data rwxrwx--- u0_a12:sdcard_rw /Android/data/com.example rwxrwx--x root:sdcard_rw /Android/obb/ rwxrwx--- u0_a12:sdcard_rw /Android/obb/com.example rwxrwx--- root:sdcard_all /Android/user rwxrwx--x root:sdcard_rw /Android/user/10 rwxrwx--- u10_a12:sdcard_rw /Android/user/10/Android/data/com.example These derived permissions are disabled by default. Switched option parsing to getopt(). Change-Id: I21bf5d79d13f0f07a6a116122b16395f4f97505b
* am 9e9ed1b4: am 131ee07b: Merge "Add a new group for MediaDrm engine ↵Jeff Tinker2013-04-241-0/+2
|\ | | | | | | | | | | | | plugins" into jb-mr2-dev * commit '9e9ed1b40010745e709157a6977ba6d053d46c49': Add a new group for MediaDrm engine plugins
| * Merge "Add a new group for MediaDrm engine plugins" into jb-mr2-devJeff Tinker2013-04-251-0/+2
| |\
| | * Add a new group for MediaDrm engine pluginsJeff Tinker2013-04-231-0/+2
| | | | | | | | | | | | | | | bug: 8702754 Change-Id: I3b7988b64b1dcf4685624e4c1af938e132b82696
* | | am 0db6600a: am 7ee2e26e: Remove DBUS from make and header filesMatthew Xie2013-04-241-1/+0
|\ \ \ | |/ / | | | | | | | | | * commit '0db6600a60e8d604aaef5e43db9ae52ed7380979': Remove DBUS from make and header files
| * | Remove DBUS from make and header filesMatthew Xie2013-04-231-1/+0
| |/ | | | | | | | | | | | | | | DBUS had been needed by bluetooth bluz stack. It is not needed after we replaced bluez stack with bluedroid stack. bug 6872904 Change-Id: I3fa41c1dd4ac80bc679d5950b3b20c7f6d12265f
* | Make init handle rebootsNick Kralevich2013-04-231-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Move the responsibility for rebooting the system from the reboot command to init. Init is in a better position to take actions to bring the system down cleanly, including making sure filesystems are mounted read-only. The only UIDs which can perform an init triggered reboot are root, system, and shell. Modify the reboot command so that it calls into init to perform the reboot. The reboot command no longer requires CAP_SYS_BOOT. Remove the -n reboot option and code which supports it. Anyone needing to do an unclean shutdown can just do a 'echo c > /proc/sysrq-trigger'. Modify adb so that it calls into init to perform a shutdown. Bug: 8646621 Change-Id: I84c0513acb549720cb0e8c9fcbda0050f5c396f5
* | toolbox: Make reboot a separate command from toolboxBenoit Goby2013-03-261-1/+2
|/ | | | | | | | Set the CAP_SYS_BOOT filesystem capability on the new reboot command and keep CAP_SYS_BOOT in adb bounding set so that the shell user can run it. Change-Id: I1dd6143445ee2a952254f0452ab6e544318431dd
* android_filesystem_config: add /vendorColin Cross2013-03-201-0/+2
| | | | | | | | Make /vendor have the same permissions as /system/vendor for devices that have a vendor partition. Bug: 8341435 Change-Id: I077a2caf9da41fc072a4d3e334be28c24b70c7cd
* android_filesystem_config.h: change ping and run-asNick Kralevich2013-03-012-8/+134
| | | | | | | | | | | | | | | | | | | | | | | /system/bin/ping no longer requires CAP_NET_RAW, as we're now using IPPROTO_ICMP. Please see the following for more details: * http://lwn.net/Articles/443051/ * https://android-review.googlesource.com/52090 * https://android-review.googlesource.com/52072 We can now make ping a normal, unprivileged program. /system/bin/run-as only requires CAP_SETUID and CAP_SETGID. Explicitly set the capabilities of this file, and remove the setuid bit. This is equivalent to running the following commands: * chmod 750 /system/bin/run-as * chown root:shell /system/bin/run-as * setcap cap_setgid,cap_setuid+ep /system/bin/run-as Change-Id: I65df858b45e6de4e2190ac9d6d592c06ea9d28cf
* fix mac sdk build.Nick Kralevich2013-02-221-1/+0
| | | | | | | For now, remove linux/capability.h . We're haven't started using capabilities yet, and this file doesn't exist on mac builds. Change-Id: Id6ec7fdb408bcdfdd538dac65187194c8ee226ff
* Add support for filesystem capabilities.Nick Kralevich2013-02-201-57/+61
| | | | | | | | Modify android_filesystem_config.h and add a capabilities field. This field can be used to add filesystem capabilities to a particular file. Change-Id: If8953a322457ea7275aa6df75660b714e6dc678a
* resolved conflicts for merge of 0fe9742e to jb-mr1-dev-plus-aospDoug Zongker2013-01-291-0/+2
|\ | | | | | | Change-Id: Ie7a8b642dec0f07d4c8bfd9d8f736fd66c4febe0
| * add AID_LOOP_RADIO for control of loop radio deviceDoug Zongker2013-01-291-0/+2
| | | | | | | | Change-Id: I1e996dfbaa0f187ec87b5318a214ab0b852193cc
* | android_filesystem_config: allow absolute pathsColin Cross2012-12-211-0/+4
| | | | | | | | | | | | | | SELinux policies use absolute paths, allow absolute paths in fs_config as well. Change-Id: Ic97ee0b4eb4df9eac965a8e819fde01df473de7e
* | am ee854b07: Merge "Allocate a UID for clatd"jp abgrall2012-11-121-0/+2
|\ \ | |/ |/| | | | | * commit 'ee854b077766a85279fa1849b537c50837d1a204': Allocate a UID for clatd
| * Allocate a UID for clatdDaniel Drown2012-10-151-0/+2
| | | | | | | | | | | | | | clatd(464xlat) runs as its own UID after it drops root privs Change-Id: I2392f8127dcd90d16b0f20ff31bcc5aa096db464 Signed-off-by: Daniel Drown <dan-android@drown.org>
* | Create bluetooth stack aid for sharing gid between all bluetooth processesMatthew Xie2012-10-041-0/+2
| | | | | | | | | | | | bug 6925422 Change-Id: I8d371f8307dd6bea3909a56643819413ea829a98
* | ISSUE 6849488 Bluedroid stack, remove system/bluetooth.Zhihai Xu2012-09-201-6/+0
|/ | | | | | | remove system/bluetooth stuff. bug 6849488 Change-Id: I81a94d34a4363562a74fa2e574828fd919cfe18c
* Add shared app gid to fs configKenny Root2012-09-131-0/+3
| | | | | | | This will allow native tools to be able to know where the shared app gids start and end. Change-Id: Ie4529baf36b361c51c42f079b259c352e316647f
* Merge "Add Mips architecture to system/core/include"Elliott Hughes2012-08-112-1/+287
|\
| * Add Mips architecture to system/core/includeDuane Sand2012-05-292-1/+287
| | | | | | | | Change-Id: Ief7bdbd8d09cabe3f11f3ed47a932a7faa81cad9
* | change /fstab.* perms to 0640Doug Zongker2012-05-071-1/+1
| | | | | | | | | | | | | | | | | | It's safe to change the permissions on files in the root partitions; incremental OTA now knows how to handle this case. This reverts commit 08c370cc50e4bdae5a59f4ddfd1e3874bb36579d. Change-Id: I503bf8ebd037fa9715494c6539e5430eee47acfe
* | change /fstab.* perms back to 0644, to unbreak incremental OTAsDoug Zongker2012-05-031-5/+5
| | | | | | | | Change-Id: I21a991148fd1de604ecf87abad0b49970d2abe84
* | A filesystem manager library to mount filesystems for init.Ken Sumrall2012-05-011-0/+2
| | | | | | | | | | | | | | | | | | Instead of specifying in init what to mount, and having various hacks in init itself to deal with encryption, use a filesystem manager library to do the work, that can also be invoked by vold when mounting an encrypted volume. Keep all the magic filesystem info an a device specific fstab file. Change-Id: Ib988f1e4fb0638ba1d5fd98407fa6d8cf862aaca
* | Add MDNS serviceRobert Greenwalt2012-04-061-2/+2
| | | | | | | | | | | | Adds both the new service and another socket for netd. Change-Id: Ie0271a2c48aa55217ae3fcdcc8e121b86b5a589b
* | Forget name for AID_SDCARD_R.Dianne Hackborn2012-03-121-0/+1
| | | | | | | | Change-Id: Ib65fdf4211bef77057009e31295e610f8ba64b44
* | Add AID_SDCARD_R.Dianne Hackborn2012-03-081-0/+1
| | | | | | | | Change-Id: I47f650e415e06c0b69790ffefea7f208c910ebd7
* | New user definitions for isolated sandboxes.Dianne Hackborn2012-02-091-1/+6
|/ | | | Change-Id: I302f89c102bc35dcd70168748e205b41fdbf6576
* Replace vendor specific NfcGoogle.apk with generic Nfc.apkNick Pelly2011-11-211-1/+2
| | | | | | | | | | | | | | The access control changes allow us to just use Nfc.apk with the regular platform certificate, instead of the custom signed NfcGoogle.apk. So we can compeltely get rid of vendor/google/apps/NfcGoogle and just build it out of packages/apps/Nfc now. The package name is also reverted from com.android.nfc3 to com.android.nfc The NFC uid needs to get bumped (25 to 27) to allow the cert change. Bug: 5608249 Change-Id: I5e178b469e5210cd231ba5f4ea57aa666b3d8893
* Create drmrpc group for security servicesJeffrey Tinker2011-09-301-0/+2
| | | | | | Bug 4598045 Change-Id: I5550203927146fd6864408b3ac2f5e6f5d2b1d77
* core: Add a standalone charger UI binaryDima Zavin2011-09-041-0/+1
| | | | | | | | | | | | | | | | | | This can be launched from an 'on charger' section in init, which is processed if androidboot.mode=charger is supplied on kernel command line. This is a standalone binary that has a simple "user interface" and allows the standard production kernel to run while charging. This removes the burden from the bootloader to get low-power mode working. Currently, the device will "power-on" (i.e. reboot) into normal mode if the power key is pressed for X seconds, and will also power down the device if the usb/ac cable is removed for Y seconds. Change-Id: I780594b99211cb09de7f8519a69c5962eb91348a Signed-off-by: Dima Zavin <dima@android.com>
* Revert "Add keychain user"Brian Carlstrom2011-07-011-2/+2
| | | | | | | This reverts commit 6541ef1562ccf93e498d653598330a7fc80ad2b2. Bug:4970237 Change-Id: I23a90eb89c1d19893d2ba7065fc624c0521cb06e
* Create groups to protect bandwidth statistics.Jeff Sharkey2011-06-221-0/+4
| | | | | | | | | Introduces new "net_bw_stats" group which will protect reading detailed bandwidth statistics. Also introduce "net_bw_acct" group which will enable specific applications to request that their network traffic be counted against other UIDs. Change-Id: Ic0ec04e0d2bb9573f3c2a094ebd6d6a8cae0aae6
* Add keychain userBrian Carlstrom2011-04-081-2/+2
| | | | Change-Id: Id6738d7c97dd58b2043e2cba018797e3b2b4d77a
* resolved conflicts for merge of 65475f89 to honeycomb-plus-aospJeff Hamilton2011-04-051-1/+2
|\ | | | | | | Change-Id: I9f77e84d887dbe84bb94de0fdd369d8de24fbec3
| * am 336bc321: Make the NFC UID forward compatible.Jeff Hamilton2011-04-041-1/+3
| |\ | | | | | | | | | | | | * commit '336bc321a6e978a273098148e13a82c5e7ec3be5': Make the NFC UID forward compatible.
| | * Make the NFC UID forward compatible.Jeff Hamilton2011-04-011-1/+3
| | | | | | | | | | | | Change-Id: Icfa302c22151b3d722ad0da7e58806f74730e1a3
| * | am a6a36c0b: Update the value for the NFC shared UID.Jeff Hamilton2011-03-241-1/+2
| |\ \ | | |/ | | | | | | | | | * commit 'a6a36c0b799b84d06b695027d205f21d13a3275b': Update the value for the NFC shared UID.
| | * Update the value for the NFC shared UID.Jeff Hamilton2011-03-241-1/+2
| | | | | | | | | | | | Change-Id: I47edf39dbdf2ebd41f44ca69aac250d8991dec4c
* | | Make optional valgrind binaries +x.Brad Fitzpatrick2011-03-011-0/+1
| | | | | | | | | | | | Change-Id: If3417e0c8728c7c74badb12de734cf06e794619d
* | | am 57cd87d9: am 1ace223f: Set default permissions for preloaded /data/media ↵Paul Eastham2011-02-071-0/+3
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | aka /sdcard content. * commit '57cd87d9ccf57a2c874fafd1a0b8cab7ebea646f': Set default permissions for preloaded /data/media aka /sdcard content.
| * | | Set default permissions for preloaded /data/media aka /sdcard content.Paul Eastham2011-02-031-0/+3
| | | | | | | | | | | | | | | | Change-Id: Ia67cbdbfbcd423cf163f0fce5c6edc215564e782
* | | | Bug 3361124 Remove drmioserverGlenn Kasten2011-01-201-2/+2
|/ / / | | | | | | | | | | | | Change-Id: Ie3b20b487c1466737921567ab2d043e230356bf4 Note: safe to re-use the drmio uid/gid as no files were ever created.
* | | Add separate permission and group for access to MTP USB driverMike Lockwood2011-01-101-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | Since the "usb" group and ACCESS_USB permission will be used by regular apps to access USB devices in host mode, we need a separate permission for the device side MTP driver. Change-Id: Ibb546b8726d61e041fc7c273f71929624ad1575b Signed-off-by: Mike Lockwood <lockwood@android.com>
* | | Add new AID_MEDIA_RW group to control write access to /data/mediaMike Lockwood2010-10-291-0/+2
| | | | | | | | | | | | | | | | | | | | | BUG: 3113970 Change-Id: I233bd57e36d1e65847ead503e378304a958f492d Signed-off-by: Mike Lockwood <lockwood@android.com>
* | | am 67672e04: Merge a775965b from gingerbreadJean-Baptiste Queru2010-10-171-0/+2
|\ \ \ | |/ / | | | | | | | | | | | | | | | Merge commit '67672e04111a6cfdf572023a154675749c3fb550' * commit '67672e04111a6cfdf572023a154675749c3fb550': Add AID_NFC for use by the NFC service.
| * | Merge a775965b from gingerbreadJean-Baptiste Queru2010-10-151-0/+2
| |\ \ | | |/ | | | | | | Change-Id: I8c08cca033ef3efe6badd2a7ba4674dfb02d6b60
| | * Add AID_NFC for use by the NFC service.Nick Pelly2010-10-151-0/+2
| | | | | | | | | | | | | | | Change-Id: I5b92f87dbacb9d855d99e10b3811f290fb64a144 Signed-off-by: Nick Pelly <npelly@google.com>
generated by cgit v1.1 at 2025-01-12 01:44:06 +0000