summaryrefslogtreecommitdiffstats
path: root/init
Commit message (Collapse)AuthorAgeFilesLines
* Remove /system from the dirs to relabel.repo sync2013-05-071-1/+0
| | | | | Bug: 8841348 Change-Id: Ia1545288e8a8184feffaaa6158faad62f95cbcce
* Reload policy after setting up the data partition.repo sync2013-04-304-3/+9
| | | | | | | | | | This forces a policy reload + fixcon to deal with dynamically delivered policy changing labels on device nodes. It's implemented as a new keyword in init. Bug: 8702843 Change-Id: I803cf1ecf6ff8318ce25dcc5cda4f292adc9738c
* Add persistent property for SELinux enforcment status.repo sync2013-04-251-0/+1
| | | | | | | | Also adds triggers for going between enforcing and permissive status. Bug: 8702843 Change-Id: I841d80999b96acf6b6fd0a5408fb074952d6ae72
* Add logic to fixup file contexts after a policy update.Geremy Condra2013-04-151-1/+6
| | | | | | | | Bug: 8116902 (cherry picked from commit 47677a506febfe386d186f8f854d967f165a342f) Change-Id: I2a50f68a53aee2c94d03d3e5ced1ea36337fde33
* fs_mgr: Capture the output of e2fsck and add to the kernel logKen Sumrall2013-04-141-0/+2
| | | | | | | | | | | | | | | | Currently, the output of e2fsck is not saved, and we have no insight into how many errors e2fsck is finding and fixing. Using the new abbreviated logging feature in liblogwrap, up to the first 100 lines, and last 4K bytes of the output of e2fsck is captured by fs_mgr, and added to the kernel log. Usually, the filesystem will be clean, and this will only add a few lines to the kernel log on boot, but when things go wrong, it should save enough to indicate what the problem is, without potentially filling the kernel log with only e2fsck output if the filesystem is really corrupted. Change-Id: I9c264798e6fe721c8f818b5ce15d0975027ddbdd
* Only handle keycodes when adb is enabled.Jeff Sharkey2013-04-041-6/+2
| | | | | | | This prevents accidental bugreports on userdebug/eng devices. Bug: 8541006 Change-Id: Iefd15826090fd91434403f197cfd166e64400224
* Apply the correct SELinux label for the properties workspace.Geremy Condra2013-04-031-0/+1
| | | | Change-Id: Ibb9c8044caa9d39ee6ec9fe06d54bb9dc4b56ff3
* am bed08333: am c0e1bc1c: Merge "Drop /data/system as a policy file location"Geremy Condra2013-03-271-1/+0
|\ | | | | | | | | * commit 'bed08333d921e97bc60b81c0f183816386709d79': Drop /data/system as a policy file location
| * Drop /data/system as a policy file locationWilliam Roberts2013-03-261-1/+0
| | | | | | | | | | | | | | /data/system is no longer used as a policy file location. Use /data/security instead. Change-Id: Ie77be9e25c67c8a2157c7b6c468f3215a49ead52
| * Create a new location for /data policy filesWilliam Roberts2013-03-201-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | Adding a new location for policy files under /data, the new location is /data/security. The new location is used before attempting to use any other location. This requires a new directory to be created by the init script and an update to the location of the property_contexts file for property service. Change-Id: I955a722ac3e51fa6c1b97201b8bdef3f601cf09d
| * ueventd: allow platform devices to have just a /devices/ prefixDima Zavin2013-03-141-39/+44
| | | | | | | | | | | | | | | | | | | | | | | | | | | | When using device tree, platform devices may not have a /devices/platform/ path prefix, but can be rooted in /devices/. Modify the platform device tracking code to store the device path as well as the name. This way, when we create symlinks, we can correctly skip the base platform device prefix and get to the proper device node path. Change-Id: I939ef8fbcb45c5c803cd9a054e40136a912efc72 Signed-off-by: Dima Zavin <dima@android.com>
* | Create a new location for /data policy filesWilliam Roberts2013-03-211-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | Adding a new location for policy files under /data, the new location is /data/security. The new location is used before attempting to use any other location. This requires a new directory to be created by the init script and an update to the location of the property_contexts file for property service. Change-Id: I955a722ac3e51fa6c1b97201b8bdef3f601cf09d
* | am 9573a175: am dbf4937b: Merge "Revert "init: Set ADDR_COMPAT_LAYOUT before ↵Nick Kralevich2013-03-141-16/+0
|\ \ | |/ | | | | | | | | | | spawning processes."" * commit '9573a1755c4ef0f6f86277fcf2ff95645bb1dfb4': Revert "init: Set ADDR_COMPAT_LAYOUT before spawning processes."
| * Revert "init: Set ADDR_COMPAT_LAYOUT before spawning processes."Nick Kralevich2013-03-141-16/+0
| | | | | | | | | | | | | | | | This logic has been moved to platform/frameworks/base commit 8a0a929422682ba3eb6a205dc6c0638e68b909de and is no longer needed here. This reverts commit 01b1dee0ab7ad649760f9d8a7cead2a3f6d9cf70.
* | ueventd: allow platform devices to have just a /devices/ prefix - DO NOT MERGEDima Zavin2013-03-111-39/+44
| | | | | | | | | | | | | | | | | | | | | | | | | | | | When using device tree, platform devices may not have a /devices/platform/ path prefix, but can be rooted in /devices/. Modify the platform device tracking code to store the device path as well as the name. This way, when we create symlinks, we can correctly skip the base platform device prefix and get to the proper device node path. Change-Id: I939ef8fbcb45c5c803cd9a054e40136a912efc72 Signed-off-by: Dima Zavin <dima@android.com>
* | init: prevent action being added to the action_queue twiceColin Cross2013-03-071-1/+6
| | | | | | | | | | | | | | | | | | | | Property triggers may cause an action to be queued twice, resulting in a loop in the action queue. Keep actions that are not on the queue in the list_empty state (act->qlist->next == act->qlist), and only add them to the list if they are in that state. Bug: 8335133 Change-Id: I3a3ec18176cf19cbaa3a45220a03c7560eacfe79
* | fs_mgr: support a unified fstab format.Ken Sumrall2013-02-191-1/+4
| | | | | | | | | | | | | | Update fs_mgr to support more flags needed to unify the 3 fstabs currently in android into one. Change-Id: Ie46cea61a5b19882c55098bdd70f39e78fb603be
* | Merge "Revert "Revert "init: Set ADDR_COMPAT_LAYOUT before spawning ↵Dave Burke2013-02-121-0/+16
|\ \ | | | | | | | | | processes."""
| * | Revert "Revert "init: Set ADDR_COMPAT_LAYOUT before spawning processes.""Dave Burke2013-02-111-0/+16
| | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 87980b5c9fab12737196b8505e948186a210d96e Getting more reports of app crashes (e.g. 7990090), so given timeline for MR2, want to revert. Change-Id: Ic2d101d2d1156b3864d5c9b88aa8c94cd5aa345f
* | | am 7480c007: am b2639f40: Merge "Label sockets consistently with the ↵Colin Cross2013-02-011-19/+27
|\ \ \ | | |/ | |/| | | | | | | | | | | | | | | | | | | seclabel value if specified." # By Stephen Smalley # Via Android Git Automerger (1) and others * commit '7480c0079d8c7fcfd5b3d9decfdabfebde162781': Label sockets consistently with the seclabel value if specified.
| * | Merge "Label sockets consistently with the seclabel value if specified."Colin Cross2013-02-011-19/+27
| |\ \
| | * | Label sockets consistently with the seclabel value if specified.Stephen Smalley2012-11-161-19/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is necessary to ensure that the adbd socket is created in the adbd domain rather than the init domain. Change-Id: Id4997d7f074aeefea62b41c87b46a6609e03f527 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
* | | | property_service: make /dev/__properties__ readableNick Kralevich2013-01-231-4/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, system properties are passed via the environment variable ANDROID_PROPERTY_WORKSPACE and a file descriptor passed from parent to child. This is insecure for setuid executables, as the environment variable can be changed by the caller. Make the /dev/__properties__ file accessible, so an app can get properties directly from the file, rather than relying on environment variables. Preserve the environment variable for compatibility with pre-existing apps. Bug: 8045561 Change-Id: If81e2b705eca43ddd8b491871aceff59c0e00387
* | | | Revert "init: make system properties more secure."Nick Kralevich2013-01-223-4/+26
| | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 51e06618dbd87c4374c56d9193a5e567aa3d02ac. Bug: 8045561
* | | | init: make system properties more secure.Nick Kralevich2013-01-183-26/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, system properties are passed via the environment variable ANDROID_PROPERTY_WORKSPACE and a file descriptor passed from parent to child. This is insecure for setuid executables, as the environment variable can be changed by the caller. Modify system property handling so that we get the properties from a root owned properties file, rather than using an environment variable. Related to bug: 8029617 Change-Id: I18610128e11c4037ed6f4dec6eba20f69fa647eb
* | | | am 3f8d6cde: am d084ec96: Merge "ueventd: Increase uevent buffer size"jp abgrall2013-01-041-2/+2
|\ \ \ \ | |/ / / | | | | | | | | | | | | * commit '3f8d6cded84bd526f7e648905565a1d262ca9906': ueventd: Increase uevent buffer size
| * | | ueventd: Increase uevent buffer sizeAndrew Boie2013-01-041-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As it turns out, no, 64K is not enough. A device provisioning tool was generating many uevents as it manipulated the GPT, causing events near the end of the process (including events as a result of the final BLKRRPART ioctl()) to get lost. It's not clear what the best value for this should be, but increasing to 256K fixed the problem in this case. Change-Id: I4883b34e96c89e8a6fa581bc9cd121bb021b5694 Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
* | | | am 7ec62dbd: am 82ea44f8: Merge "Change setsebool syntax to be consistent ↵Dima Zavin2012-12-193-24/+19
|\ \ \ \ | |/ / / | | | | | | | | | | | | | | | | | | | | with other init built-ins." * commit '7ec62dbd9d2bd7369fa074bf002f642b03e6dd39': Change setsebool syntax to be consistent with other init built-ins.
| * | | Change setsebool syntax to be consistent with other init built-ins.Stephen Smalley2012-12-133-24/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Change setsebool syntax from name=value to name value. This is to make it consistent with setprop and similar commands. Update both the init built-in command and the toolbox command for consistency. Change-Id: I2c8e016ba26731c4a2ad4a49ae3b89362bf8f8a8 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
* | | | am 27888a5d: am 9b82ce20: Merge "Document the SELinux extensions to the ↵Kenny Root2012-11-271-0/+26
|\ \ \ \ | |/ / / | | | | | | | | | | | | | | | | | | | | Android init language." * commit '27888a5ded21182e1f15b19010fd2527fb7e1ef0': Document the SELinux extensions to the Android init language.
| * | | Merge "Document the SELinux extensions to the Android init language."Kenny Root2012-11-271-0/+26
| |\ \ \ | | |/ / | |/| |
| | * | Document the SELinux extensions to the Android init language.Stephen Smalley2012-11-021-0/+26
| | | | | | | | | | | | | | | | | | | | Change-Id: I9b066e0789c93e5147c28a60baeed91c44dd9359 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
* | | | am 6575a162: am 8f98c4b5: Merge "Fix dirfd crash issue in property service"Nick Kralevich2012-10-231-1/+2
|\ \ \ \ | |/ / / | | | | | | | | | | | | * commit '6575a1625ac585b46f90c6f036db9231db50c969': Fix dirfd crash issue in property service
| * | | am 8f98c4b5: Merge "Fix dirfd crash issue in property service"Nick Kralevich2012-10-231-1/+2
| |\ \ \ | | |/ / | | | | | | | | | | | | * commit '8f98c4b5f011db8637ce1b9361e82d59b13434f4': Fix dirfd crash issue in property service
| | * | Fix dirfd crash issue in property serviceYi-wei Zhao2012-10-231-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In "init: harden property service" patch, dirfd() is invoked without checking whether opendir() return successfully. It may fail if load_persistent_properties() is invoked before userdata partition is mounted; then dirfd(NULL) will make init crash. This may happen if "is_charger" is true. Change-Id: I216fb743a3c9fa050f92fcb31b62e766346d84bb Signed-off-by: Yi-wei Zhao <gbjc64@motorola.com>
* | | | am 2a36ae56: am 7b88a90d: Merge "Remove HAVE_SELINUX guards"Kenny Root2012-10-178-91/+13
|\ \ \ \ | |/ / / | | | / | |_|/ |/| | * commit '2a36ae5608e9d655b2bb14ce538f6fbdb910cada': Remove HAVE_SELINUX guards
| * | am 7b88a90d: Merge "Remove HAVE_SELINUX guards"Kenny Root2012-10-178-91/+13
| |\ \ | | |/ | | | | | | | | | * commit '7b88a90da2a27e347fc16c14fa577f4ae1ef07fd': Remove HAVE_SELINUX guards
| | * Remove HAVE_SELINUX guardsKenny Root2012-10-168-91/+13
| | | | | | | | | | | | Change-Id: I8272c573b3c5dc663203bafab68fad5e94d89364
* | | Revert "init: Set ADDR_COMPAT_LAYOUT before spawning processes."Nick Kralevich2012-10-051-16/+0
|/ / | | | | | | | | | | | | This reverts commit 01b1dee0ab7ad649760f9d8a7cead2a3f6d9cf70. Bug: 7188322 Change-Id: Ia159eab36e9e7373f470d20a3796b63868ea5689
* | am 7f3de6a4: am d282dfc4: Merge "init: Set ADDR_COMPAT_LAYOUT before ↵Nick Kralevich2012-10-051-0/+16
|\ \ | | | | | | | | | | | | | | | | | | spawning processes." into jb-mr1-dev * commit '7f3de6a450f025245bb27fdc13f5bbc1dc22624d': init: Set ADDR_COMPAT_LAYOUT before spawning processes.
| * | init: Set ADDR_COMPAT_LAYOUT before spawning processes.Nick Kralevich2012-10-051-0/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | Some Android programs have problems with memory which grows from the top down. Temporarily set ADDR_COMPAT_LAYOUT to avoid breaking those programs. Bug: 7188322 Change-Id: I61760500e670b4563838c63b82d4a0b6e354a86e
* | | am 33045b3d: am f9c05970: Merge "init: harden property service."Nick Kralevich2012-10-041-23/+43
|\ \ \ | |/ / |/| / | |/ | | * commit '33045b3d7bd965f67e2e0b175976cf9934fb924f': init: harden property service.
| * init: harden property service.Nick Kralevich2012-10-041-23/+43
| | | | | | | | | | | | | | | | | | Don't create temporary files in a well-known location. Rather, use mkstemp(). Don't read persistent property files from insecure files. Change-Id: I81e2aca674a2a7ca54869f088737fb228d3af6d2
* | init: Don't read local properties if ro.debuggable=0Nick Kralevich2012-09-191-6/+12
| | | | | | | | | | Bug: 7195965 Change-Id: I29fdad61aa61f2c46d49db227cf7b84d9cc6f25d
* | am 3af04b71: am 7c386a61: Merge "Extend and document the "wait" command"Jean-Baptiste Queru2012-08-202-2/+9
|\ \ | |/ | | | | | | * commit '3af04b71e51e89af02a1fe526e4fc32dce0100d3': Extend and document the "wait" command
| * Merge "Extend and document the "wait" command"Jean-Baptiste Queru2012-08-202-2/+9
| |\
| | * Extend and document the "wait" commandPatrick McCormick2012-07-242-2/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The wait command was currently implemented but undocumented and only used internally. This change adds a second option toi (optionally) override the default timeout of 5 seconds. The wait command can be used to wait for a file to appear during the boot process, for example a disk or other device, and is a better alternative than an unconditional sleep. Change-Id: Ia11d8419c0ea84deec0e1bf5adfca5bc76ff38b7 Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
* | | am e3bdaeb6: am 2765e4fb: Merge "Use sigemptyset to initialise signal mask ↵Jean-Baptiste Queru2012-08-151-3/+1
|\ \ \ | |/ / | | | | | | | | | | | | | | | as it is more portable. Referencing sa_restorer fails on MIPS" * commit 'e3bdaeb603ab7ac941b35b41856c6b8ebf47c6bb': Use sigemptyset to initialise signal mask as it is more portable. Referencing sa_restorer fails on MIPS
| * | Use sigemptyset to initialise signal mask as it is more portable.Chris Dearman2012-08-141-3/+1
| | | | | | | | | | | | | | | | | | | | | Referencing sa_restorer fails on MIPS Change-Id: I81c9ed5ef027a9d5258942ffcecb96e3f787e93c Signed-off-by: Chris Dearman <chris@mips.com>
* | | Merge "bluetooth: bring up with bluedroid stack" into jb-mr1-devIliyan Malchev2012-08-151-1/+1
|\ \ \