summaryrefslogtreecommitdiffstats
path: root/init/property_service.c
Commit message (Collapse)AuthorAgeFilesLines
* Merge "[GNSS] Add AID_GPS to property user white list"Colin Cross2013-09-041-0/+2
|\
| * [GNSS] Add AID_GPS to property user white listNicolas SUET2013-08-261-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | Add "gps." and "persist.gps." to property_perms white list. Change-Id: I7177170676d774c87e08d1548f5264ac27cba3ff Orig-Change-Id: I7a94caa26be4aefd2fe4f155908e2f8f09858bee Signed-off-by: Nicolas SUET <nicolas.suet@intel.com> Signed-off-by: jerome Pantaloni <jeromex.pantaloni@intel.com> Signed-off-by: Jian Luo <jian.luo@intel.com> Signed-off-by: Bruce Beare <bruce.j.beare@intel.com> Signed-off-by: Jack Ren <jack.ren@intel.com> Author-tracking-BZ: 118091
* | Merge "init: load factory properties"Dima Zavin2013-08-281-7/+14
|\ \ | |/ |/|
| * init: load factory propertiesAndrew Boie2013-08-201-7/+14
| | | | | | | | | | | | | | | | | | | | These properties are typically set at device provisioning time or in the factory. They contain unit-specific data that isn't touched by software updates or factory data reset. Only read-only properties can be read by this mechanism. Change-Id: Ifff9184f039072c3c0ce99f825c3075afb524514 Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
* | Add support for socket security context specification.Stephen Smalley2013-08-231-1/+1
|/ | | | | | | | | | | | | | | | | | | Add an optional argument to the socket option for specifying a SELinux security context for the socket. Normally the socket security context is automatically computed from the service security context or set using the seclabel option, but this facility allows dealing with two scenarios that cannot be addressed using the existing mechanisms: 1) Use of logwrapper to wrap a service. In this case, init cannot determine the service security context as it does not directly execute it and we do not want logwrapper to run in the same domain as the service. 2) Situations where a service has multiple sockets and we want to label them distinctly. Change-Id: I7ae9088c326a2140e56a8044bfb21a91505aea11 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
* resolved conflicts for merge of b6c60285 to stage-aosp-masterColin Cross2013-06-241-28/+5
|\ | | | | | | Change-Id: I5afba55b668065499fa28369cf217d4f5eafab4a
| * init: move initial property area allocation into bionicGreg Hackmann2013-06-191-28/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | bionic's __system_property_add() now expands the property area as needed by mapping in more pages. Rather than duplicate the mapping code, move it inside bionic and have bionic's __system_property_area_init() set up the first page. Signed-off-by: Greg Hackmann <ghackmann@google.com> (cherry picked from commit f14eef0c3c456bfe39f7e9d57c8f7ae4ec775972) Change-Id: Ieb94caab1527c71f2155efe3795490b0ea215a29
| * property_service: make /dev/__properties__ readableNick Kralevich2013-06-191-4/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, system properties are passed via the environment variable ANDROID_PROPERTY_WORKSPACE and a file descriptor passed from parent to child. This is insecure for setuid executables, as the environment variable can be changed by the caller. Make the /dev/__properties__ file accessible, so an app can get properties directly from the file, rather than relying on environment variables. Preserve the environment variable for compatibility with pre-existing apps. Bug: 8045561 (cherry picked from commit 7ece0a862cf97e85bbe69458a32a2bd165456874) Change-Id: I762da21ef4075f288745efed0ec7d16c2b71303c
* | resolved conflicts for merge of 95a41f6b to stage-aosp-masterColin Cross2013-06-171-65/+15
|\ \ | |/ | | | | Change-Id: Icfae29edf989fb43a7f0b8bda188a9807f76a3b9
| * init: verify size of property buffers passed to property_getColin Cross2013-06-171-1/+1
| | | | | | | | | | | | | | | | | | Verify that the buffer passed as the value parameter to property_get is always big enough. (cherry picked from commit 88ac54a4e8d2a63e4fd9c465e115795ace316776) Change-Id: Iacc2b42bfe4069e0bfcbb1c48474f30126a93139
| * init: move the system property writer implementationColin Cross2013-06-171-51/+8
| | | | | | | | | | | | | | | | | | Move the system property writer implementation into bionic to keep it next to the reader implementation and allow for better testing. (cherry picked from commit 9f5af635010a7ba92edf1fca543f7271cc9d75c8) Change-Id: Idf6100d1d0170751acd5163a22597912bff480f0
| * init: switch property_get to use __system_property_getColin Cross2013-06-171-14/+7
| | | | | | | | | | | | (cherry picked from commit 2deedfe0b1ac86ebd62d19cf7da9e7dcb508ab09) Change-Id: If3fba2cc1dd5c167b0924ddfe42dbe2e6387208a
* | am 7e723498: Merge "Add permission for bluetooth app in non-primary users" ↵Matthew Xie2013-05-221-0/+8
|\ \ | | | | | | | | | | | | | | | | | | into jb-mr2-dev * commit '7e72349865db83d62f98eec8bca4b170712fe0e0': Add permission for bluetooth app in non-primary users
| * \ Merge "Add permission for bluetooth app in non-primary users" into jb-mr2-devMatthew Xie2013-05-221-0/+8
| |\ \
| | * | Add permission for bluetooth app in non-primary usersMatthew Xie2013-05-221-0/+8
| | | | | | | | | | | | | | | | | | | | bug 8954114 Change-Id: Id6a42f5a5beefa22c3cc8eecfb39a2222017a3b4
* | | | am 477e35d6: Revert "Add persistent property for SELinux enforcment status."gcondra@google.com2013-05-201-1/+0
|\ \ \ \ | |/ / / | | | | | | | | | | | | * commit '477e35d6d56c7fe9b2305becdf3ed4f590ddfbd6': Revert "Add persistent property for SELinux enforcment status."
| * | | Revert "Add persistent property for SELinux enforcment status."repo sync2013-05-171-1/+0
| | | | | | | | | | | | | | | | This reverts commit b89bdfde422eff751b3f939f10ab57e22af83eaa.
* | | | am 8a387870: Revert "Reload policy after setting up the data partition."gcondra@google.com2013-05-201-0/+3
|\ \ \ \ | |/ / / | | | | | | | | | | | | * commit '8a3878700eb9cd8ecf495cd01f15face5c3879c8': Revert "Reload policy after setting up the data partition."
| * | | Revert "Reload policy after setting up the data partition."repo sync2013-05-171-0/+3
| |/ / | | | | | | | | | This reverts commit fee250d27a9c03af1ba439047b976d89563b1887.
* | | am 032be7a4: Merge "Log an error if property pool is exhausted"Colin Cross2013-04-301-1/+5
|\ \ \ | |/ / |/| / | |/ | | * commit '032be7a4c5be8c015063084d162d1f394279aa3d': Log an error if property pool is exhausted
| * Log an error if property pool is exhaustedJohan Redestig2013-04-291-1/+5
| | | | | | | | | | | | | | | | Failing to set properties due to an exhausted pool leads to difficult to debug problems. This change adds an error log to make the situation a bit easier to handle. Change-Id: Icc1d97a80882fb23e74428a0195f1d28dba68fa8
* | Reload policy after setting up the data partition.repo sync2013-04-301-3/+0
| | | | | | | | | | | | | | | | | | | | This forces a policy reload + fixcon to deal with dynamically delivered policy changing labels on device nodes. It's implemented as a new keyword in init. Bug: 8702843 Change-Id: I803cf1ecf6ff8318ce25dcc5cda4f292adc9738c
* | Add persistent property for SELinux enforcment status.repo sync2013-04-251-0/+1
| | | | | | | | | | | | | | | | Also adds triggers for going between enforcing and permissive status. Bug: 8702843 Change-Id: I841d80999b96acf6b6fd0a5408fb074952d6ae72
* | property_service: make /dev/__properties__ readableNick Kralevich2013-01-231-4/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, system properties are passed via the environment variable ANDROID_PROPERTY_WORKSPACE and a file descriptor passed from parent to child. This is insecure for setuid executables, as the environment variable can be changed by the caller. Make the /dev/__properties__ file accessible, so an app can get properties directly from the file, rather than relying on environment variables. Preserve the environment variable for compatibility with pre-existing apps. Bug: 8045561 Change-Id: If81e2b705eca43ddd8b491871aceff59c0e00387
* | Revert "init: make system properties more secure."Nick Kralevich2013-01-221-4/+20
| | | | | | | | | | | | This reverts commit 51e06618dbd87c4374c56d9193a5e567aa3d02ac. Bug: 8045561
* | init: make system properties more secure.Nick Kralevich2013-01-181-20/+4
|/ | | | | | | | | | | | | | | Currently, system properties are passed via the environment variable ANDROID_PROPERTY_WORKSPACE and a file descriptor passed from parent to child. This is insecure for setuid executables, as the environment variable can be changed by the caller. Modify system property handling so that we get the properties from a root owned properties file, rather than using an environment variable. Related to bug: 8029617 Change-Id: I18610128e11c4037ed6f4dec6eba20f69fa647eb
* am 8f98c4b5: Merge "Fix dirfd crash issue in property service"Nick Kralevich2012-10-231-1/+2
|\ | | | | | | | | * commit '8f98c4b5f011db8637ce1b9361e82d59b13434f4': Fix dirfd crash issue in property service
| * Fix dirfd crash issue in property serviceYi-wei Zhao2012-10-231-1/+2
| | | | | | | | | | | | | | | | | | | | | | In "init: harden property service" patch, dirfd() is invoked without checking whether opendir() return successfully. It may fail if load_persistent_properties() is invoked before userdata partition is mounted; then dirfd(NULL) will make init crash. This may happen if "is_charger" is true. Change-Id: I216fb743a3c9fa050f92fcb31b62e766346d84bb Signed-off-by: Yi-wei Zhao <gbjc64@motorola.com>
* | am 7b88a90d: Merge "Remove HAVE_SELINUX guards"Kenny Root2012-10-171-18/+0
|\ \ | |/ | | | | | | * commit '7b88a90da2a27e347fc16c14fa577f4ae1ef07fd': Remove HAVE_SELINUX guards
| * Remove HAVE_SELINUX guardsKenny Root2012-10-161-18/+0
| | | | | | | | Change-Id: I8272c573b3c5dc663203bafab68fad5e94d89364
* | am 33045b3d: am f9c05970: Merge "init: harden property service."Nick Kralevich2012-10-041-23/+43
|\ \ | |/ | | | | | | * commit '33045b3d7bd965f67e2e0b175976cf9934fb924f': init: harden property service.
| * init: harden property service.Nick Kralevich2012-10-041-23/+43
| | | | | | | | | | | | | | | | | | Don't create temporary files in a well-known location. Rather, use mkstemp(). Don't read persistent property files from insecure files. Change-Id: I81e2aca674a2a7ca54869f088737fb228d3af6d2
* | init: Don't read local properties if ro.debuggable=0Nick Kralevich2012-09-191-6/+12
| | | | | | | | | | Bug: 7195965 Change-Id: I29fdad61aa61f2c46d49db227cf7b84d9cc6f25d
* | bluetooth: bring up with bluedroid stackJeonghoon lim2012-08-151-1/+1
| | | | | | | | | | | | - change permission of "bluetooth." property to AID_BLUETOOTH Change-Id: Ifcd97f136cfc3372412fe500e4f800d1bbbd065c
* | am 11c783f1: am 9494f297: Merge "Implement SELinux/MAC checks for property ↵Kenny Root2012-08-131-11/+79
|\ \ | |/ | | | | | | | | | | service." * commit '11c783f1ead9f276e8854cb1adaebeed8517e8a1': Implement SELinux/MAC checks for property service.
| * Implement SELinux/MAC checks for property service.rpcraig2012-08-091-11/+79
| | | | | | | | | | | | | | | | | | | | This is a set of changes to the init property service implementation to apply a SELinux check over who can change what properties. Also included control hooks for the 'ctl' keys. Change-Id: I5a18809bf5536f6459a36b6bf0d622b9f5061aa0 Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
* | resolved conflicts for merge of 4dcd52ab to jb-mr1-devKenny Root2012-08-131-0/+6
|\ \ | |/ | | | | Change-Id: Ibd0c03a7883a2e31adab18543c016776b7b36866
| * Add support for reloading policy from /data/system.Stephen Smalley2012-08-091-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | To support runtime policy management, add support for reloading policy from /data/system. This can be triggered by setting the selinux.loadpolicy property to 1, whether from init.rc after mounting /data or from the system_server (e.g. upon invocation of a new device admin API for provisioning policy). ueventd and installd are restarted upon policy reloads to pick up the new policy configurations relevant to their operation. Change-Id: I97479aecef8cec23b32f60e09cc778cc5520b691 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
* | Allow AID_BLUETOOTH to update persist.service.bdroidRavi Nagarajan2012-08-061-0/+1
| | | | | | | | | | | | | | | | | | | | When devices are provisioned, bd address path is set in ro.bt.bdaddr_path. On devices where this property is not present, a random bd address is generated and saved to the property: persist.service.bdroid.bdaddr This change allows bluetooth process to update this property bug 6885309 Change-Id: I2e8a2471a0e890da82e6bbec6a2ef67ec8e1f8f4
* | bluetooth: add property permission for bluetoothjeonghoon.lim2012-07-161-0/+1
|/ | | | | | add property permission for bluetooth. Change-Id: I099f325f533d06c63ad43843dd6477ea81fc9781
* Let users with SYSTEM permission set debug. propertiesRomain Guy2012-04-271-0/+1
| | | | Change-Id: Ieda3f7dd5dca5f6a8fc50b07822e6a875db030ad
* Don't read /data/local.prop on user buildsNick Kralevich2012-01-181-0/+4
| | | | | | | | | Creating a root owned /data/local.prop is one of the most common ways to root an Android device. /data/local.prop is only intended to assist developers on debuggable devices, and is never intended to be used on production devices. Change-Id: Ifcfa21c2ee9914b0b54445218b4cf0fea0a98e9c
* init: export all androidboot cmd line values as ro.boot.xx propsDima Zavin2012-01-051-3/+6
| | | | | | | | Also, clean up how we initialize the ro.xx properties and process the kernel command line. Change-Id: Iedda6c90e31340a189171a44b2767480403354f7 Signed-off-by: Dima Zavin <dima@android.com>
* Delete dead code.Jeff Brown2011-11-181-15/+0
| | | | Change-Id: Icfb9bcee2c524026ecbeb7e30e943d8ca299a33a
* init: do not load default.prop from ramdisk in charger modeDima Zavin2011-09-061-2/+3
| | | | | Change-Id: Ic471b891829d7f857674b925c9948954972d9ecb Signed-off-by: Dima Zavin <dima@android.com>
* Allow radio to set sys.usb.configBenoit Goby2011-08-221-0/+1
| | | | | | This allows the ril to put the phone into diagnostic mode Change-Id: Iafc8164991550e7ab0ffda8b8da1d58e34a4225b
* Allow radio to set net.cdma* propertiesBenoit Goby2011-07-281-0/+1
| | | | Change-Id: I656abde9d06175eb158e84de4d08ede42620b46a
* Allow radio to set net.lte* propertiesBenoit Goby2011-07-251-0/+1
| | | | Change-Id: I4b7a280ba4c773673b28db8cfbbffcb360ee717f
* init: update permissions for VPN.Chia-chi Yeh2011-07-081-2/+0
| | | | | | | VPN no longer uses system properties to keep network parameters. Besides, profiles are now stored and encrypted by keystore. Change-Id: I7575f04f350b7d8d5ba7008eb874a72180d057e8
* init: Handle EINTR in handle_property_set_fd()Mike Lockwood2011-07-011-3/+3
| | | | | Change-Id: I5a6f1791eaf11e98b1d81697112d78c99822fba5 Signed-off-by: Mike Lockwood <lockwood@android.com>
generated by cgit v1.1 at 2025-01-14 12:56:08 +0000