| Commit message (Collapse) | Author | Age | Files | Lines |
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
I97b3d86a69681330bba549491a2fb39df6cf20ef introduced a separate type
for the adb_keys file. Set the security context of the adb_keys file
accordingly by adding restorecon commands to init.rc.
Change-Id: I30e4d2a1ae223a03eadee58a883c79932fff59fe
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
|/
|
|
|
|
|
| |
This is needed to let EntropyMixer (runs inside system_server) read
from /dev/hw_random.
Change-Id: Ifde851004301ffd41b2189151a64a0c5989c630f
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| | |
Once userdata is available and decrypted, trigger a policy reload to pick
up any policy update files stored under /data/security.
Change-Id: Ic2b3121c3395429b108c40d1d7f5a3124a5896c5
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
|/
|
|
|
|
|
|
|
|
| |
Policy reload is handled by setting the selinux.reload_policy property
and letting the init process perform the actual loading of policy into
the kernel. Thus, there should be no need for the system UID to directly
write to /sys/fs/selinux/load.
Change-Id: I240c5bb2deaee757a2e1e396e14dea9e5d9286f5
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
|
|
|
|
|
|
|
|
|
|
| |
Restarting ueventd upon policy reloads has reportedly created
stability problems for some users and could cause events to be lost.
Stop restarting ueventd and instead handle policy reloads within ueventd.
Also stops restarting installd upon policy reloads.
Change-Id: Ic7f310d69a7c420e48fbc974000cf4a5b9ab4a3b
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
|
|
|
|
|
|
| |
This was only ever used by the emulator. Now the emulator
uses an fstab file.
Change-Id: I1a071e567e1f1a379f9c8079cc2dc17660d8455f
|
|\
| |
| |
| |
| | |
* commit 'fb1c9cf6fa4efafb3e0c6b0bc93c7f087d926a48':
use ext4 instead of yaffs
|
| |
| |
| |
| |
| |
| |
| | |
This is needed to allow the emulator to use ext4 images.
Bug: https://code.google.com/p/android/issues/detail?id=38561
Change-Id: I02fde6382ad67cf7f4f3b695396841f70bb9301d
|
| |\
| | |
| | |
| | | |
default."
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This commit sets up the system property which is actually used by the
Connectivity Service
(frameworks/base/services/java/com/android/server/ConnectivityService.java).
It fixes an (obsolete?) convention where the dns was affected directly by
the interface (i.e. "net.eth0.dns1=10.0.2.3"), which causes the Android
Emulator (goldfish) to ignore this value, and effectively have no DNS
resolving at all.
An immediate fix can be either add reference to net.eth%s.dns%s in the
ConnectivityService and possibly on the dhcp code as well which would be
bloated, or just stick to the apparant new convention.
I chose the latter as a one line fix which gets the job done.
Change-Id: Id4364129e9a82c1f48403068a837aca54de07944
|
|\ \ \
| | | |
| | | |
| | | |
| | | | |
* commit '3d8e8c147b41dbc6a5e4edf6da1610a83623b5b2':
init.rc: remove duplicated led-related nodes
|
| |\ \ \
| | |/ /
| | | |
| | | |
| | | | |
* commit '9246f8d6def40a50933a980fac773a909f2138d7':
init.rc: remove duplicated led-related nodes
|
| | |/
| | |
| | |
| | | |
Change-Id: Ibee7ef9137594fc4c30d3ab6ee7bdf3515836c62
|
|\ \ \
| | | |
| | | |
| | | |
| | | | |
* commit '477e35d6d56c7fe9b2305becdf3ed4f590ddfbd6':
Revert "Add persistent property for SELinux enforcment status."
|
| | | |
| | | |
| | | |
| | | | |
This reverts commit b89bdfde422eff751b3f939f10ab57e22af83eaa.
|
|\ \ \ \
| |/ / /
| | | |
| | | |
| | | | |
* commit '8a3878700eb9cd8ecf495cd01f15face5c3879c8':
Revert "Reload policy after setting up the data partition."
|
| | | |
| | | |
| | | |
| | | | |
This reverts commit fee250d27a9c03af1ba439047b976d89563b1887.
|
|\ \ \ \
| |/ / /
| | / /
| |/ /
|/| | |
* commit '52351300d156826bf22c493828571f45a1cea16a':
Revert "Add a version check for SELinux policy on device."
|
| | |
| | |
| | |
| | | |
This reverts commit 921be8b6568df0057c4eacbac2e1022b71e09620.
|
|\ \ \
| |/ /
| | |
| | |
| | | |
* commit '921be8b6568df0057c4eacbac2e1022b71e09620':
Add a version check for SELinux policy on device.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This helps to ensure that when a new system image is installed,
old userdata policy isn't applied over the top of it.
Bug: 8841348
Change-Id: I135af32250aa62979763e775842ce0af3c8b6f9f
|
|\ \ \
| | |/
| |/|
| | |
| | | |
* commit '8794b2eeb2bbd717ca18b8bef5d853f99334aabc':
Fix perms on /data/security
|
| |\ \ |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
installd and zygote need to be able
to search the directory to access
the policy files.
Change-Id: I0679fd2084d2664dfb5a594f493317eff058415d
|
|\ \ \ \
| | |_|/
| |/| |
| | | |
| | | | |
* commit 'fee250d27a9c03af1ba439047b976d89563b1887':
Reload policy after setting up the data partition.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This forces a policy reload + fixcon to deal with dynamically
delivered policy changing labels on device nodes.
It's implemented as a new keyword in init.
Bug: 8702843
Change-Id: I803cf1ecf6ff8318ce25dcc5cda4f292adc9738c
|
|\ \ \ \
| | |/ /
| |/| |
| | | | |
Change-Id: If41560f0fef3103cad2172061a7988ceb5556377
|
| | |/
| |/|
| | |
| | | |
Change-Id: Iff9103fff3591983f2b172f83fd2a6e924986aa7
|
| |\ \ |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
goldfish is ported to linux-3.4 and have capability to run atrace.
But can't run atrace yet because debugfs is not mounted on boot time.
Change-Id: I0ce23bde3b8d1b2a88d4238272123e3ab8cb6970
Signed-off-by: Young-Ho Cha <ganadist@gmail.com>
|
|\ \ \ \
| | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | | |
into jb-mr2-dev
* commit '538b5d4e8e4c480b2120aa957fe3e11a2836a1b3':
Add persistent property for SELinux enforcment status.
|
| |\ \ \ |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Also adds triggers for going between enforcing and
permissive status.
Bug: 8702843
Change-Id: I841d80999b96acf6b6fd0a5408fb074952d6ae72
|
|\ \ \ \ \
| |/ / / /
| | | | |
| | | | |
| | | | | |
* commit '131ee07b77e0250c16cebe2b0e226c5bff8e9587':
Add a new group for MediaDrm engine plugins
|
| |\ \ \ \
| | |/ / /
| |/| | | |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
bug: 8702754
Change-Id: I3b7988b64b1dcf4685624e4c1af938e132b82696
|
|\ \ \ \ \
| |/ / / /
| | | | |
| | | | |
| | | | | |
* commit '7ee2e26eb98da10eaddf5a8e864d508cceab946b':
Remove DBUS from make and header files
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
DBUS had been needed by bluetooth bluz stack. It is not needed after
we replaced bluez stack with bluedroid stack.
bug 6872904
Change-Id: I3fa41c1dd4ac80bc679d5950b3b20c7f6d12265f
|
|\ \ \ \
| |/ / /
|/| | |
| | | | |
into jb-mr2-dev-plus-aosp
|
| |\ \ \
| | |/ /
| | | |
| | | | |
Change-Id: I63d6a2f975a6c0df5c238a2f7592f357441eb767
|
| | | |
| | | |
| | | |
| | | | |
Change-Id: I185b803b5b804ff8680ef928ce5163727adbf0bd
|
|/ / /
| | |
| | |
| | |
| | |
| | | |
This is necessary to enable remote updates.
Change-Id: I05fb979c0360eca4cc6e4add48bb42f712a1ba17
|
| | |
| | |
| | |
| | | |
Change-Id: I7537d56a23ca787daf92a9d91778056f987097bd
|
|\ \ \
| |/ /
| | |
| | |
| | | |
* commit '4d71493e74ed1ea39e554146351cc39e47cb5d02':
Fix mode on /data/security.
|
| | |
| | |
| | |
| | |
| | | |
Change-Id: Id97d06a1c360c7871361db147f76b8a2eaceca42
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Adding a new location for policy files under
/data, the new location is /data/security. The
new location is used before attempting to use
any other location.
This requires a new directory to be created by
the init script and an update to the location of
the property_contexts file for property service.
Change-Id: I955a722ac3e51fa6c1b97201b8bdef3f601cf09d
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Adding a new location for policy files under
/data, the new location is /data/security. The
new location is used before attempting to use
any other location.
This requires a new directory to be created by
the init script and an update to the location of
the property_contexts file for property service.
Change-Id: I955a722ac3e51fa6c1b97201b8bdef3f601cf09d
|
| |
| |
| |
| | |
Change-Id: I16f024c24767cfa1f5800d568d39fb098a408127
|