| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
Only parse and honor the kernel command line on userdebug
or eng builds. On user builds, assume that selinux is always enabled
and enforcing.
Change-Id: I71c66e4365bdf2f226800634126a38b716d96599
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When deciding on which property_contexts policy to load
during a reload, an initial call is made to libselinux to
grab the correct policy index. This policy index represents
whether the /data/security or the rootfs version will
be used.
Change-Id: I4716039bb0f5ba1e961977a18350347a67969dca
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
|
|\ \ |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
To ensure that well-crafted removable media can't spoof the
internal partitions, for platform devices the controller id
is inside the generated path.
We now do the same for PCI devices. The generated path has
two levels; the PCI domain/bus, and then the peripheral ID.
This lets us get by-name symlinks for PCI media, such as the
SATA controllers on PC-like hardware. The symlinks will be
created under /dev/block/pci/. For example:
/dev/block/pci/pci0000:00/0000:00:1f.2/by-name/
Change-Id: Icee3e86bef5569c2bbd94c26bc00d49028345e3b
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
|
| | |
| | |
| | |
| | |
| | | |
Bug: 14903517
Change-Id: I5b0a418dd982f1a2fd90609b12bd8364f7f34996
|
| | |
| | |
| | |
| | | |
Change-Id: I10ed6275374f572da639f26611f607bf7607905c
|
|\ \ \ |
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
- AID_SYSTEM can set persist.logd.size
- AID_SYSTEM can issue command to /dev/socket/logd to
change the runtime global log sizes.
- Add support for ro.logd.size.* as populated by BoardConfig.mk
- Limit size to maximum ~3% of physical memory.
Bug: 14563261
Bug: 14627052
Change-Id: I606420db2e9d9d032296e71149e4a5b20cbd1137
|
|/ /
| |
| |
| |
| | |
Bug: 14970171
Change-Id: I6f54c35e265b849be914120f795c9f8e0cec34bb
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
enable <servicename>
Turns a disabled service into an enabled one as if the service did not
specify disabled in the rc file.
It will also start the service if needed.
Bug: 14472973
Change-Id: Id0b49cc687a2bc74f6f92e066c617724cc94908d
Signed-off-by: JP Abgrall <jpa@google.com>
|
| |
| |
| |
| |
| |
| | |
(cherry pick from Icc5344abc184adf4247175d85b2da08af4636e49)
Change-Id: I88b0c9b20720ac62ebae8359ded4ab77b4ebcdde
|
|/
|
|
|
|
|
|
|
|
|
|
| |
cpufreq
The owner and permissions for the sysfs file
/sys/devices/system/cpu*/cpufreq/scaling_max/min_freq is changed.
This would allow the PowerHAL to change the max/min cpufreq even after
the associated CPU's are hotplugged out and back in.
Change-Id: Ibe0b4aaf3db555ed48e89a7fcd0c5fd3a18cf233
Signed-off-by: Ruchi Kandoi <kandoiruchi@google.com>
|
|\
| |
| |
| | |
battery."
|
| |
| |
| | |
Change-Id: I83c5812c69db532f4675f5dbfa508e55999c8dfe
|
|/
|
|
| |
Change-Id: I1667371106be4b230ac3850e9819e4549eea2973
|
|
|
|
| |
Change-Id: Ib0acece15145cc0e868452ede8f3acbab419b965
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
During boot, allow a property file to import properties from another
file. Supports importing the entire file, a specific key, or any
keys matching a specific prefix. Here's some example syntax:
import /oem/oem.prop
import /oem/oem.prop foo.*
import /oem/oem.prop foo.bar
Bug: 13340779
Change-Id: I867f9a10ca09684326675d9f051f5cf2ae171617
|
|
|
|
|
|
| |
Bug: 12613118
Change-Id: I5a84b13d2151075d5136e3682431fbcc9307df13
(cherry picked from commit dc3a42bb11dc2aefee37f799b5a1cce87cf35aaf)
|
|
|
|
|
|
|
| |
Move ueventd debug flag into the Android.mk.
Boost klog level if event logging enabled.
Change-Id: Iae48edbc43c487092c2424023576af29c76ff401
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Modify liblog to send all messages to the new syslog user
space daemon.
Original-Change-Id: I0ce439738cd921efb2db4c1d6a289a96bdbc8bc2
Original-Change-Id: If4eb0d09409f7e9be3eb4bb7017073dc7e931ab4
Signed-off-by: Nick Kralevich <nnk@google.com>
* Add a TARGET_USES_LOGD make flag for BoardConfig.mk to manage
whether logd is enabled for use or not.
* rename syslog to logd to avert confusion with bionic syslog
* Add fake log support back in
* prefilter for logging messages from logd
* Fill in timestamps at logging source
* update abstract log reader
* switch from using suffix for id to v3 format
* log a message when creating devices that a deprecated interface
is being utilized.
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
(cherry pick from commit 099e2c1f6f706a8600c1cef74cce9066fc315480)
Change-Id: I47929a5432977a1d7235267a435cec0a7d6bd440
|
|
|
|
| |
Change-Id: I000aead8c82ec11151f69e6ce439dd09b0f0b4f4
|
|
|
|
|
|
|
|
| |
Eliminates various warnings from SELinux-related code.
Bug: 12587913
Change-Id: I28921f0ebd934324436609540d95ccef58552b64
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
|
|
|
|
|
|
|
|
|
|
| |
libselinux selinux_android_restorecon API is changing to the more
general interface with flags and dropping the older variants.
Also get rid of the old, no longer used selinux_android_setfilecon API
and rename selinux_android_setfilecon2 to it as it is the only API in use.
Change-Id: I1e71ec398ccdc24cac4ec76f1b858d0f680f4925
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This requires telling libselinux to use the sehandle already
obtained by init rather than re-acquiring it internally. init
retains ownership of the sehandle because it performs the
initial load, uses the sehandle for other purposes (e.g. labeling
of directories created via mkdir and labeling of socket files),
and handles the policy reload property trigger.
Change-Id: I4a380caab7f8481c33eb64fcdb16b6cabe918ebd
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
|
|
|
|
|
|
|
|
| |
This cleans up most of the size-related problems in system/core.
There are still a few changes needed for a clean 64-bit build,
but they look like they might require changes to things like the
fastboot protocol.
Change-Id: I1560425a289fa158e13e2e3173cc3e71976f92c0
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, the restorecon_recursive("/sys") call in
init.c takes approx 2 seconds on hammerhead. This change
reduces the delay to 1.2 seconds.
1) Avoid double stat call when using nftw (time savings
of 0.3 seconds)
2) Avoid the repeated calls to is_selinux_enabled() (time
savings of 0.5 seconds)
Avoid calling lsetfilecon if the file is already properly
labeled. This doesn't speed up the restorecon on /sys,
but it should help when handling files on /data.
Bug: 11640230
Change-Id: Ie212ce4f4acade208c5676d60c1f03f50e2388a4
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Under certain conditions, poll() may raise the POLLERR
flag along with POLLIN, in which case the check for
(ufd.revents == POLLIN) results in an endless busy loop.
The following fix was applied to
hardware/libhardware_legacy/uevent/uevent.c
to fix a similar bug:
commit 3aabb260ceef10377c31c9e45fb239247f5cfeba
Author: Mathias Agopian <mathias@google.com>
Date: Mon Oct 1 14:53:18 2012 -0700
fix a typo in uevent_next_eventi
Bug: 7114973
Change-Id: I15a4c714b59aeb1d02db00517d70b5f0e5ab22c2
Applying the same fix for two more poll loops in init
and ueventd.
Change-Id: I50693f6d3c904992ac4b8a9a14a83c7106e6b9e0
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Sample output on flo:
<3>[ 7.270568] init: Warning! Service irsc_util needs a SELinux domain defined; please fix!
<3>[ 8.290832] init: Warning! Service bootanim needs a SELinux domain defined; please fix!
Change-Id: If5514b188517917d58ee81c446af563b0443be45
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
By default ueventd creates device nodes under /dev based on the ueventd
DEVPATH. Several subsystems have special rules which are hardcoded in
devices.c. Moving forward these special rules should go in ueventd.rc.
Special rules have the syntax:
subsystem <s>
devname (uevent_devname|uevent_devpath)
[dirname <dir>]
Devices matching SUBSYSTEM=<s> will be populated under <dir>. dirname
is optional and defaults to /dev. If dirname is provided, <dir> must
start with "/".
If devname is uevent_devname, ueventd will create the device node as
<dir>/DEVNAME. DEVNAME may include intermediate subdirectories, which
ueventd will automatically create.
If devname is uevent_devpath, ueventd will use the legacy behavior of
computing DEVPATH_BASE=basepath(DEVPATH), and creating the device node
as <dir>/DEVPATH_BASE.
The new parsing code is based on init_parser.c, with small tweaks to
handle commands which don't fall under a section header.
Change-Id: I3bd1b59d7e62dfc9d289cf6ae889e237fb5bd7c5
Signed-off-by: Greg Hackmann <ghackmann@google.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
Log an error before discarding problematic events, and add a missing
truncation check to the usb subsystem's unique codepath
Change-Id: I0d05aa287ffc63b46d1752d2a7409d35dc8caca7
Signed-off-by: Greg Hackmann <ghackmann@google.com>
|
|\ \ |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
To prevent clashing with forthcoming changes to uevent_parser.c
Change-Id: I2ee183261c7f43e0e4104a16a280c7ee73d7df96
Signed-off-by: Greg Hackmann <ghackmann@google.com>
|
|/ /
| |
| |
| |
| | |
Bug: 11826724
Change-Id: I7c11f602447dbd6862decc51cdfe883003cf7d67
|
|\ \
| |/
|/|
| | |
Change-Id: I5c469a4b738629d99d721cad7ded02d6c35f56d5
|
| |\
| | |
| | |
| | |
| | |
| | |
| | | |
to init."
* commit '2f924ebe0b0891dba1996c246839427b23705018':
Add a restorecon_recursive built-in command to init.
|
| |\ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
nonexistent properties"
* commit '0b7d588d531691904530ba57d772b31fb24ed343':
init: Fix queue_all_property_triggers with nonexistent properties
|
| |\ \ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
long /proc/cpuinfo output"
* commit '8dc82eea7ebda374830ee7fa1802222a94eefd88':
init: Fix get_hardware_name() to cope with long /proc/cpuinfo output
|
| |\ \ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
* commit '5535b05120fa3fd3d68a09e01284aba35cc6e058':
write_file: introduce O_NOFOLLOW, use sane mask
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Don't follow symlinks when writing to a file.
Don't create world-writable files.
Bug: 10802869
Change-Id: Ifb55600d574307a535df878acb3347e02028cd30
|
| |\ \ \ \ \
| | |/ / / /
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
klp-dev
* commit '3a0d4b34816d65e21951f44e4d98a954c5c855ae':
property_service: better validate property names
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Don't allow unexpected characters in property names.
Don't allow double dots in property names.
Bug: 10733330
Change-Id: I8d69740d697efb791f2f201f90989576e13bac81
|
| |\ \ \ \ \
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
* commit '5951a3691eb0378ec65ea2e6a2e2fe77d24c5e55':
init: support longer command lines
|
| |\ \ \ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
* commit '9dd40e9756de23a25aaa9909c8d4055105621a76':
[GNSS] Add AID_GPS to property user white list
|
| |\ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
* commit '28e52c816d06d78fa823be2d310d9f4c25012c8f':
init: load factory properties
|
| |\ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
specification."
* commit '0cbaed4211b514dd2aaa4d28f8936ba58e83c6a5':
Add support for socket security context specification.
|
| |\ \ \ \ \ \ \ \ \
| | |_|_|_|_|/ / / /
| |/| | | | | | | |
| | | | | | | | | | |
Change-Id: I08e9898940f7cdd466469b76760807cc5d5c67e4
|
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
The Linux RNG may have little entropy during boot. As more and more
devices have a Hardware RNG, we mix in 512 bytes from Hardware RNG
(if present) into Linux RNG early during boot (after
wait_for_coldboot_done and before property_service_init actions in
init).
To avoid having to trust the output of Hardware RNG, we do not mix it
into the Linux RNG's primary pool or increase the Linux RNG's entropy
estimates.
Bug: 10362513
Change-Id: I80617f21710400747f5e7533e518d90ea74e2f11
|
| |\ \ \ \ \ \ \ \ \ |
|