| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
Otherwise, ueventd's oom_adj value would have been 0 and it could
easily get killed early during low memory events
Change-Id: I1adbd18c37215b26ae77e70f7b8dbd1e143fc2d4
Signed-off-by: Dima Zavin <dima@android.com>
|
|
|
|
|
|
|
|
| |
-window size optimized for hspa
-Patchset2 : space removed
Change-Id: Ia4d1043d1a93c929721a4d7cca60ce9ff8bbf67a
Signed-off-by: sinikang <sinikang@samsung.com>
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add log group to ril-daemon service. rild is the best place to
know the issue on the modem in many time. It would be helpful
if rild alone can capture the snapshot of logcat buffers at
the moment of problem.
Change-Id: Ie0dcda126fb748a00e650427de35541672359287
|
|\ \
| |/
|/|
| | |
drm rpc calls"
|
| |
| |
| |
| |
| |
| | |
Bug 4598045 Implementing secure video path on TI OMAP4 chip for ICS
Change-Id: Iacfe3e79f067172085b96bb4cd4484101aa5be1e
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The qemu-props program is launched at boot to read a series of
system property assignments from the emulator and apply them.
This is necessary to deal with the dynamic nature of the emulated
platform (e.g. the screen density which depends on the skin and
cannot be hard-coded in the platform image).
This patch ensures that qemu-props is started before any other
service that may read one of these properties (e.g. surface flinger).
This is done by encapsulating the program into a 'core' service.
Core services are all stared before regular ones.
Before the patch, qemu-props was started manually inside a script
that is called from a late emulator-specific boot service
(goldfish-setup).
The problem was that sometimes qemu-props was run too late.
This resulted in random flakiness, especially when running
on a low-end host machine.
Fix for bug 2161189 (and probably a few others)
Change-Id: I2933a25dcb5fecbb1fc238f157264e621b8f295b
|
|
|
|
|
|
|
|
| |
The netfilter xt_qtaguid module uses a misc dev so that processes
that use the module can be tracked.
Every process that does socket tagging must open that dev.
Change-Id: I6af3e0f0180637b14455dd9607724523f142c402
|
|
|
|
|
|
|
| |
Set to 524288,1048576,2097152, 262144,524288,1048576.
bug:5226360
Change-Id: Id9d4257c51a355d78246b4ca59ab462fbe5b72be
|
|
|
|
|
|
|
|
|
|
|
|
| |
Introduces a 'charger' section that is processed when androidboot.mode
supplied on the kernel commandline is "charger".
In this mode, sections such as fs, post-fs, etc are skipped. Only the
'early-init' and 'init' sections of the init rc files are processed before
processing the 'charger' section.
Change-Id: If9eb6334de18f04cbcf2aab784578e2993615242
Signed-off-by: Dima Zavin <dima@android.com>
|
|
|
|
|
|
|
|
|
| |
The mediaserver needs to do communication on behalf of other apps
(browser, ...).
It needs to be able to tag sockets. The kernel will check for net_bw_acct
group membership.
Change-Id: I7fb063fdb7d9435d7f979df6622ff17f34049cbc
|
|\ |
|
| |
| |
| |
| |
| |
| |
| | |
All init needs to do is make these files writeable so that the
activity manager can set them.
Change-Id: Ieea43208fadc01504d813be379aecbafcadf0d34
|
|/
|
|
|
|
|
|
| |
Racoon still needs it after dropping root privilege, or pure IPSec VPN
will fail. Mtpd works without it because net_raw implies inet. However
it would be better to set all of them clearly without the assumption.
Change-Id: I50762af2c25ec9cc559e528c7b14f469494fd553
|
|
|
|
|
| |
Change-Id: Ib75ccfd9c4aa8aace936370c33f33a922ca3c51f
Signed-off-by: Mike Lockwood <lockwood@android.com>
|
|
|
|
|
|
|
| |
Removed system from mediaserver groups. Not needed anymore
now that AudioFlinger acquires wake locks via PowerManagerService.
Change-Id: I177b968a0a30557d871188bf3991b96d9b391d3c
|
|\
| |
| |
| |
| |
| |
| | |
readable, system writeable /data/resource-cache."
* commit 'aa4a66a16dd9b97fb876bb296366442b8745a10b':
Create world readable, system writeable /data/resource-cache.
|
| |\
| | |
| | |
| | |
| | |
| | |
| | | |
writeable /data/resource-cache."
* commit '1e5e2d7673a9ea915283f6626fa692cc169b0e67':
Create world readable, system writeable /data/resource-cache.
|
| | |
| | |
| | |
| | |
| | |
| | | |
/data/resource-cache is used to store idmap files.
Change-Id: I9b1dbc8d607333b71c05f55a4a402ae92193c36c
|
|\ \ \ |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
VPN no longer uses system properties to keep network parameters.
Besides, profiles are now stored and encrypted by keystore.
Change-Id: I7575f04f350b7d8d5ba7008eb874a72180d057e8
|
|\ \ \ \
| |/ / / |
|
| | | |
| | | |
| | | |
| | | | |
Change-Id: I3fa2a618ef27197315fc128738a284ac644e86c0
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
There was a regression caused by a change in Honeycomb that removed
mediaserver process from system group to improve security: This prevents
the audio HAL (which runs in mediaserver process) from taking wake locks
while audio is playing thus causing the pcm stream to get unexpectedly
suspended.
This temporary workaround is just to allow ICS dogfood in better conditions until
a real fix taking into account the security issue is implemented.
Change-Id: Ic19a23da4b4383559188b6f5c3a82604c3d95d74
|
|\ \ \ |
|
| | | |
| | | |
| | | |
| | | |
| | | | |
Change-Id: Id339d8359e592dbc1279e423d9a5adc3a775949d
Signed-off-by: Mike Lockwood <lockwood@android.com>
|
|\ \ \ \
| |/ / /
|/| | | |
|
| | | |
| | | |
| | | |
| | | | |
Change-Id: Ia3c60e6c5471e2b72d53c936de44b730c68095e0
|
|\ \ \ \
| |/ / /
|/| | | |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This reverts commit 6541ef1562ccf93e498d653598330a7fc80ad2b2.
Bug:4970237
Change-Id: I23a90eb89c1d19893d2ba7065fc624c0521cb06e
|
|/ / /
| | |
| | |
| | | |
Change-Id: Ia9ae45de5d58ba5e98821fd04add96c6062c1a18
|
|\ \ \
| |/ /
| | |
| | |
| | | |
* commit '6a18a07774123c409cefd9a92f1c4c6504f4edfd':
Move RILD to class main
|
| |\ \
| | | |
| | | |
| | | |
| | | | |
* commit '04cf629be5e99a3a920aecc0b059444bd07e9d84':
Move RILD to class main
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
-- This is needed so the modems (LTE & CDMA) are powered on and running
before unlocking encrypted devices
Change-Id: I842f5286499fd76abc554ded550fb837d12b324e
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The adb gadget driver used to reset the USB bus when the adbd daemon exited,
and the host side adb relied on this behavior to force it to reconnect
with the new adbd instance after init relaunches it. The new gadget
drivers no longer automatically reset the USB bus when adbd is restarted
which caused adb to hang since it was no longer forced to reconnect with the
device. We attempted to work around this on the host side adb, but that
work around has not been reliable.
This change adds a property trigger on the service.adb.root system property
which will reset the USB bus and restart the adbd daemon when adbd sets
the property to 1. This should be much closer to the previous behavior
and will hopefully fix some problems with automated testing.
Change-Id: I177c37400009a3d83f21a5f9431f94fd1cc19b9b
Signed-off-by: Mike Lockwood <lockwood@android.com>
|
| | | |
| | | |
| | | |
| | | |
| | | | |
Change-Id: I68fcf167c9fc71bb5f44793648a35d3181fd36d7
Signed-off-by: Mike Lockwood <lockwood@android.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Reordered bootclasspath to allow verification of all framework methods.
git cherry-pick --no-commit ec164a0170955fe63106c2576a65bc4ffb1df425
Address CVE-2011-1090.
git cherry-pick --no-commit 3365288d3c00072689cd9d733e055561cadc87b5
Change-Id: I6a89bc600ced06a0cb84ae1670cb7a6ea39de9c8
|
|\ \ \ \
| | | | |
| | | | |
| | | | | |
default TrustManager (6 of 6)"
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
TrustManager (6 of 6)
frameworks/base
Adding IKeyChainService APIs for CertInstaller and Settings use
keystore/java/android/security/IKeyChainService.aidl
libcore
Improve exceptions to include more information
luni/src/main/java/javax/security/auth/x500/X500Principal.java
Move guts of RootKeyStoreSpi to TrustedCertificateStore, leaving only KeyStoreSpi methods.
Added support for adding user CAs in a separate directory for system.
Added support for removing system CAs by placing a copy in a sytem directory
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/RootKeyStoreSpi.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustedCertificateStore.java
Formerly static methods on RootKeyStoreSpi are now instance methods on TrustedCertificateStore
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java
Added test for NativeCrypto.X509_NAME_hash_old and X509_NAME_hash
to make sure the implementing algorithms doe not change since
TrustedCertificateStore depend on X509_NAME_hash_old (OpenSSL
changed the algorithm from MD5 to SHA1 when moving from 0.9.8 to
1.0.0)
luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java
Extensive test of new TrustedCertificateStore behavior
luni/src/test/java/org/apache/harmony/xnet/provider/jsse/TrustedCertificateStoreTest.java
TestKeyStore improvements
- Refactored TestKeyStore to provide simpler createCA method (and
internal createCertificate)
- Cleaned up to remove use of BouncyCastle specific X509Principal
in the TestKeyStore API when the public X500Principal would do.
- Cleaned up TestKeyStore support methods to not throw Exception
to remove need for static blocks for catch clauses in tests.
support/src/test/java/libcore/java/security/TestKeyStore.java
luni/src/test/java/libcore/java/security/KeyStoreTest.java
luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java
Added private PKIXParameters contructor for use by
IndexedPKIXParameters to avoid wart of having to lookup and pass
a TrustAnchor to satisfy the super-class sanity check.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/IndexedPKIXParameters.java
luni/src/main/java/java/security/cert/PKIXParameters.java
packages/apps/CertInstaller
Change CertInstaller to call IKeyChainService.installCertificate
for CA certs to pass them to the KeyChainServiceTest which will
make them available to all apps through the
TrustedCertificateStore. Change PKCS12 extraction to use AsyncTask.
src/com/android/certinstaller/CertInstaller.java
Added installCaCertsToKeyChain and hasCaCerts accessor for use by
CertInstaller. Use hasUserCertificate() internally. Cleanup coding
style.
src/com/android/certinstaller/CredentialHelper.java
packages/apps/KeyChain
Added MANAGE_ACCOUNTS so that IKeyChainService.reset
implementation can remove KeyChain accounts.
AndroidManifest.xml
Implement new IKeyChainService methods:
- Added IKeyChainService.installCaCertificate to install certs
provided by CertInstaller using the TrustedCertificateStore.
- Added IKeyChainService.reset to allow Settings to remove the
KeyChain accounts so that any app granted access to keystore
credentials are revoked when the keystore is reset.
src/com/android/keychain/KeyChainService.java
packages/apps/Settings
Changed com.android.credentials.RESET credential reset action to
also call IKeyChainService.reset to remove any installed user CAs
and remove KeyChain accounts to have AccountManager revoke
credential granted to private keys removed during the RESET.
src/com/android/settings/CredentialStorage.java
Added toast text value for failure case
res/values/strings.xml
system/core
Have init create world readable /data/misc/keychain to allow apps
to access user added CA certificates installed by the CertInstaller.
rootdir/init.rc
Change-Id: I768ca8e8e990ff333ce0f7069a0935173498c5ed
|
|/ / /
| | |
| | |
| | | |
Change-Id: Ie8ad60047fc7160997100bd28a0abb439406806a
|
|\ \ \
| |/ /
|/| /
| |/ |
Change-Id: I159dd58c403bc38f9637163d8cd5e6270e4f201c
|
| |\
| | |
| | |
| | |
| | | |
* commit '52a64057b60b0ad242e95fdc285ec60e0191d5b5':
ueventd.rc: Move /dev/qemu_trace to ueventd.goldfish.rc
|
| | |
| | |
| | |
| | |
| | |
| | | |
+ Add /dev/qemu_pipe line for QEMU pipes.
Change-Id: If3c5c675bfc1585a1d6ffcd1042aaedbc2e94763
|
| | |
| | |
| | |
| | |
| | |
| | | |
ueventd.stingray.rc
Change-Id: Ie8a287620d22b5c1bdc459fb288b7403589ab474
|
| | |
| | |
| | |
| | | |
Change-Id: I90111567564397ca08e87dcfcbdf23337bf79ae6
|
| | |
| | |
| | |
| | | |
Change-Id: If9a325b9e716abe00f3ad6f20b012861308abd2d
|
|\ \ \
| | | |
| | | |
| | | | |
into honeycomb-mr1
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Fix for bug 3415286. The persistent properties are normally read early
in the boot process after /data is mounted. However, for an encrypted
system, at that point /data is a tmpfs ramdisk. This change adds a new
command to init (load_persist_props) to read the persistent properties,
and adds an action to init.rc to load the persistent properties. This
action is triggered by setting a property in vold, but that's in a
different CL.
Change-Id: I74b3057974ee6029c29d956b76fef5566700d471
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This is to allow OpenGL ES rendering from the system process,
and help with debugging.
Bug: 4086003
Change-Id: I732e95f4fcaa358f430cc195d8e63a69263bffdc
|
|\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
the SD card"
* commit '663268caac636e32b19173743594899e52df0830':
x86: Add vold.fstab to mount the SD card
|