system_core.git - system/core

	Commit message (Collapse)	Author	Age	Files	Lines
*	Convert all selinux_android_restorecon and _setfilecon calls to new API.	Stephen Smalley	2014-02-07	1	-2/+2
\| \| \| \| \| \| \| \| \| \| \|	libselinux selinux_android_restorecon API is changing to the more general interface with flags and dropping the older variants. Also get rid of the old, no longer used selinux_android_setfilecon API and rename selinux_android_setfilecon2 to it as it is the only API in use. Change-Id: I1e71ec398ccdc24cac4ec76f1b858d0f680f4925 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
*	Move restorecon and restorecon_recursive code to libselinux.	Stephen Smalley	2014-01-28	1	-51/+4
\| \| \| \| \| \| \| \| \| \| \| \|	This requires telling libselinux to use the sehandle already obtained by init rather than re-acquiring it internally. init retains ownership of the sehandle because it performs the initial load, uses the sehandle for other purposes (e.g. labeling of directories created via mkdir and labeling of socket files), and handles the policy reload property trigger. Change-Id: I4a380caab7f8481c33eb64fcdb16b6cabe918ebd Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
*	restorecon_recursive("/sys") speed boot time	Nick Kralevich	2014-01-10	1	-11/+34
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Currently, the restorecon_recursive("/sys") call in init.c takes approx 2 seconds on hammerhead. This change reduces the delay to 1.2 seconds. 1) Avoid double stat call when using nftw (time savings of 0.3 seconds) 2) Avoid the repeated calls to is_selinux_enabled() (time savings of 0.5 seconds) Avoid calling lsetfilecon if the file is already properly labeled. This doesn't speed up the restorecon on /sys, but it should help when handling files on /data. Bug: 11640230 Change-Id: Ie212ce4f4acade208c5676d60c1f03f50e2388a4
*	Merge "init: Fix get_hardware_name() to cope with long /proc/cpuinfo output"	Colin Cross	2013-09-18	1	-6/+30
\|\
\| *	init: Fix get_hardware_name() to cope with long /proc/cpuinfo output	Jon Medhurst	2012-12-10	1	-6/+30
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	get_hardware_name() uses a fixed size buffer to slurp the contents of /proc/cpuinfo into and with newer multicore systems this is not big enough, leading to the inability to pick up the hardware name. Fix this by using a dynamically allocated, exponentially growing buffer. Change-Id: I51c6c276b6e110f462839e205a4428adc6656e75 Signed-off-by: Jon Medhurst <tixy@linaro.org>
* \|	init: support longer command lines	Andrew Boie	2013-09-09	1	-2/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	The Linux kernel supports command lines up to 2048 bytes on x86, see COMMAND_LINE_SIZE in asm/setup.h. If any androidboot.xxxx arguments were past the 1024 byte limit here, they were lost. Change-Id: I6247c511a7de04109490fffa0125801d274a5501 Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
* \|	init: call restorecon on /sys	Nick Kralevich	2013-09-03	1	-0/+15
\| \| \| \| \| \| \| \| \| \| \| \|	Not all files on /sys are not getting labeled properly. Fix them. Change-Id: I9dcff76354e7f50d41f1b6e702836cfbbc149278
* \|	Add support for socket security context specification.	Stephen Smalley	2013-08-23	1	-6/+13
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Add an optional argument to the socket option for specifying a SELinux security context for the socket. Normally the socket security context is automatically computed from the service security context or set using the seclabel option, but this facility allows dealing with two scenarios that cannot be addressed using the existing mechanisms: 1) Use of logwrapper to wrap a service. In this case, init cannot determine the service security context as it does not directly execute it and we do not want logwrapper to run in the same domain as the service. 2) Situations where a service has multiple sockets and we want to label them distinctly. Change-Id: I7ae9088c326a2140e56a8044bfb21a91505aea11 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
* \|	Allow more characters in partition name links	Johan Redestig	2013-07-18	1	-3/+16
\|/ \| \| \| \| \| \| \| \| \| \| \| \|	We have several partitions with underscores in their names which would not be properly linked in: /dev/block/platform/msm_sdcc.1/by-name/ With this change more characters (_-.) are allowed in partition name links. Also, any other character is replaced with '_' so the resulting link names have the same length as the partition name. Change-Id: I746566c03db98b10326c755692362d2c10e528ae
*	Remove HAVE_SELINUX guards	Kenny Root	2012-10-16	1	-14/+1
\| \| \| \|	Change-Id: I8272c573b3c5dc663203bafab68fad5e94d89364
*	Merge "Fixed a discarded const qualifier warning"	Stephen Hines	2012-08-08	1	-1/+1
\|\
\| *	Fixed a discarded const qualifier warning	Edwin Vane	2012-08-02	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \|	Change-Id: I9007924d0bf49705363aa130e6e588a9e0ccdc31 Author: Edwin Vane <edwin.vane@intel.com> Reviewed-by: Tareq A Siraj <tareq.a.siraj@intel.com>
* \|	Merge "Set the SELinux security label on new directories."	Jean-Baptiste Queru	2012-08-08	1	-2/+51
\|\ \ \| \|/ \|/\|
\| *	Set the SELinux security label on new directories.	Stephen Smalley	2012-07-26	1	-2/+51
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Automatically set the SELinux security label on directories created by init.rc. This avoids the need to separately call restorecon on each such directory from the init.rc file. Also restorecon /dev and /dev/socket after initial policy load so that they are labeled correctly before any other dev nodes or sockets are created. Change-Id: If6af6c4887cdead949737cebdd673957e9273ead Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
* \|	am 3b04bde9: am ee79b455: am 93553073: Merge "Extend init and ueventd for SE ↵	Jean-Baptiste Queru	2012-02-24	1	-0/+22
\|\ \ \| \|/ \| \| \| \| \| \| \| \| \| \|	Android." * commit '3b04bde991d57765a830e06c6f5bb094722583bd': Extend init and ueventd for SE Android.
\| *	Extend init and ueventd for SE Android.	Stephen Smalley	2012-02-01	1	-0/+22
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Add SE Android support for init and ueventd. init: - Load policy at boot. - Set the security context for service daemons and their sockets. - New built-in commands: setcon, setenforce, restorecon, setsebool. - New option for services: seclabel. ueventd: - Set the security context for device directories and nodes. Change-Id: I98ed752cde503c94d99dfa5b5a47e3c33db16aac
* \|	Don't parse properties from unsafe files.	Nick Kralevich	2012-01-18	1	-0/+12
\|/ \| \| \| \| \| \|	Don't set properties from files that are unsafe (world-writable or group-writable) Change-Id: I8da539c6446b10596be1d7c2014e4b9aea13e3fd
*	Pick up on androidboot.hardware kernel cmd option	Vladimir Chtchetkine	2011-09-28	1	-0/+30
\| \| \| \| \| \| \|	x86 emulator passes hardware name through the androidboot.hardware kernel cmd option, and ueventd must pick up on it to locate proper ueventd.rc file for that hardware. Change-Id: Id61c5b67fe6275a15c7aa62556e0b89eda7968f8
*	init/cutils: move list utility code to cutils from init	Dima Zavin	2011-09-02	1	-21/+0
\| \| \| \| \|	Change-Id: I357ceee813700297d8343159f22a07659e768d41 Signed-off-by: Dima Zavin <dima@android.com>
*	init/cutils: move kernel logging interface to libcutils from init	Dima Zavin	2011-09-02	1	-36/+0
\| \| \| \| \|	Change-Id: Ia0f91b1fcd6cae69d76bf3dd841340958db938a8 Signed-off-by: Dima Zavin <dima@android.com>
*	merge from open-source master	The Android Open Source Project	2010-07-16	1	-2/+3
\|\ \| \| \| \| \| \|	Change-Id: I29602fecafc2b6d93b849ada89696a67cfd23353
* \|	init: Move uevent handling to an external ueventd process	Colin Cross	2010-04-21	1	-0/+65
\| \| \| \| \| \| \| \|	Change-Id: Iea6c56013062ade633a1754f7bcf8cf09b3dedc1
* \|	init: Add wait command and mount wait flag	Colin Cross	2010-04-21	1	-0/+12
\| \| \| \| \| \| \| \|	Change-Id: I6b4c10f8f246095a7fb7342388ec4f6ff97d5733
* \|	init: Move list and log handling to list.h and log.h	Colin Cross	2010-04-21	1	-1/+2
\| \| \| \| \| \| \| \|	Change-Id: I298f575c590d0f28b7ad78747f3ebdbba56b7a27
* \|	init: create symlinks to block device nodes	Colin Cross	2010-04-21	1	-0/+78
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	eMMC block device names may change based on the detection order of the eMMC device and any other SD bus devices, such as a removable SD card. This patch adds support to init for: * Symlinks to block devices. When a block device uevent is processed, if it starts with "/devices/platform", the platform driver name is parsed out, and symlinks to the block device are created in /dev/block/platform/<platform driver>/ * Symlinks based on partition name and number. If the uevent for a block device contains information on the partition name or number, symlinks are created under /dev/block/platform/<platform driver>/by-num/p<partition> and /dev/block/platform/<platform driver>/by-name/<partition name> init.rc can then use a device path like the following to mount an eMMC device: /dev/block/platform/<platform>/by-name/system /system ro Change-Id: Id11bb7cdf1e2ada7752a5bd671cbf87237b34ae2
* \|	init: Move gettime() to util.c	Colin Cross	2010-04-13	1	-0/+19
\| \| \| \| \| \| \| \|	Change-Id: I1df96964763f8baedbc1cea6875d3dfc5e48c065
* \|	init: Move mtd functions from init.c to util.c	Colin Cross	2010-04-13	1	-0/+71
\|/ \| \| \|	Change-Id: I04e8f0ae6cc88af974372872e5617d16e0b1a2c8
*	auto import from //depot/cupcake/@135843	The Android Open Source Project	2009-03-03	1	-0/+211
\|
*	auto import from //depot/cupcake/@135843	The Android Open Source Project	2009-03-03	1	-211/+0
\|
*	Initial Contribution	The Android Open Source Project	2008-10-21	1	-0/+211