summaryrefslogtreecommitdiffstats
path: root/rootdir
Commit message (Collapse)AuthorAgeFilesLines
* Merge tag 'android-6.0.1_r61' into HEADJessica Wagantall2016-08-021-0/+5
|\ | | | | | | | | | | Android 6.0.1 Release 61 (MOB30Z) Change-Id: I84413f1198957a53433955e617a7226639262f40
| * add a property for controlling perf_event_paranoidDaniel Micay2016-06-231-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds a system property for controlling unprivileged access to perf_event_paranoid. It depends on adding kernel support for perf_event_paranoid=3 based on grsecurity's PERF_HARDEN feature to completely disable unprivileged access to perf. A minimal port of this feature is used in the vanilla Debian kernel by default. It hides the non-hardened value as an implementation detail, since while it is currently 1, it will probably become 2 in the future. (Cherry picked from commit 2b22a66382db8a2fdf5ed7a685085a6d7d67cf12) Bug: 29054680 Change-Id: I6e3ae3cf18d8c76df94f879c34fb6fde519b89a9
* | rootdir: Put bootanimation service in system-background groupSteve Kondik2016-05-161-0/+1
| | | | | | | | | | | | | | * This keeps it from hogging the big cores and heating up the device. Change-Id: I0ba6abef537ad65978dd77ec706f6e3777cac804
* | rootdir: Remove cpufreq mode settingsSteve Kondik2016-04-301-39/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * AFAIK we no longer should have anything which depends on system server or settings writing to the cpufreq controls. Since new devices have their cpufreq config nodes nested per-cpu, this configuration is no longer valid. It also depends on sketchy kernel patches which only work when the moon is in the correct phase. Additionally, I see a lot of random logspam when devices are hotplugged. * If a device needs this functionality, a better way to do it is via a userspace daemon which is dedicated to the task since it can poll() on the various states and get notified in realtime. Change-Id: Ib526663d760d6cb758e13f1fa29e7d6229de3daa
* | Merge tag 'android-6.0.1_r22' of ↵Steve Kondik2016-03-112-3/+12
|\ \ | | | | | | | | | | | | | | | | | | | | | https://android.googlesource.com/platform/system/core into cm-13.0 Android 6.0.1 release 22 Change-Id: Ia61f8e863f7413a67fe65f41ea2a30c086528df4
| * \ Mount debugfs earlier regardless build variantChing Tzung Lin2016-01-111-0/+2
| |\ \ | | | | | | | | | | | | | | | | | | | | | | | | am: df2d782368 * commit 'df2d78236834f5f6a99e88c8cd629b09d8292bb6': Mount debugfs earlier regardless build variant
| | * | Mount debugfs earlier regardless build variantChing Tzung Lin2016-01-111-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | ag/835596 can be reverted after this CL is merged. BUG:26455292 Change-Id: I453b0f1d08d822f8cd2d4d33f1c1b21f0d7f543a
| * | | logcatd: up size from 16MB to 256MBAlain Vongsouvanh2015-12-151-2/+2
| |\ \ \ | | |/ / | | | | | | | | | | | | | | | | | | | | am: 2f18b54502 * commit '2f18b5450293c2360f688cd059989e36ba5a988c': logcatd: up size from 16MB to 256MB
| | * | logcatd: up size from 16MB to 256MBAlain Vongsouvanh2015-12-081-2/+2
| | |/ | | | | | | | | | | | | | | | Based on: https://android-review.googlesource.com/#/c/172084 Change-Id: Idaa4177618acef31806b4d8f6a2f5caa859e8992
| * | DO NOT MERGE: add support for new sched tracepointTim Murray2015-11-301-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | This tracepoint gives systrace the means to display the reason for uninterruptible sleep. bug 23350688 Change-Id: Iaf9c929fe1169f8872a7f8135343950aa322b0f5
| * | Improve cpuset support for surfaceflinger.Tim Murray2015-11-181-1/+6
| |/ | | | | | | | | | | | | | | | | | | | | | | | | SurfaceFlinger needs some of its threads in the system-background cpuset and some of its threads (the binder pool) outside of the system-background cpuset in order to improve UI perf/power consumption. Remove surfaceflinger from the system-background cpuset in init.rc and allow a thread to place itself in the system-background cpuset given enough permissions. bug 25745866 Change-Id: I85f7e41c5439e6ad7cc2d355e51f5dfb3a0c7088
* | Add optional target-specific LD_PRELOAD to environmentDavid Ng2016-03-012-3/+9
| | | | | | | | | | | | | | | | | | | | Append additional libraries defined in TARGET_LDPRELOAD to the LD_PRELOAD environment if it is defined. Conflicts: rootdir/init.environ.rc.in Change-Id: I15f083df87605d2b708b56311430e11409a09dd7
* | rootdir: Update cpufreq permissions when governor changesSteve Kondik2016-01-221-0/+40
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Requires a kernel change to send the uevent. * This should alleviate some frustration that the performance/kernel folks have expressed regarding the Power HAL. Change-Id: I31e6e13534159214a3b600082b7c0e4249433364 rootdir: Tighten permissions on boostpulse nodes * New PowerHAL code will only write to this as the system user, so remove the need for it to be world writable. Change-Id: Ia9e69a6feff7c5ef1ff34a1180225e4008e8130f rootdir: Set perms on interactive governor's min_sample_time Change-Id: I75e9f424af731bdf1ca222eee2f4f18b20a6552b rootdir: set perms on ondemand governor's up_threshold Change-Id: I0a042a81be677821fa4099a3e19281d390dd27c3 Set permissions on io_is_busy node for interactive governor Change-Id: I9dce40b0680fdb594f415aade22dbd92ebffa43c rootdir: Set permissions for additional ondemand sysfs nodes Change-Id: Id39cab7ab69ea8f67de99f5b4ee342e2c52ebedd ueventd: Add rules for governors and cpufreq This change requires a kernel patch in cpufreq to work. Change-Id: I6281645291ca4516748f65d0799e14971c5fb2ea rootdir: Remove duplicate rule Change-Id: I1e7d06daa1d2092d9522a6a49842eb479da267fd
* | Merge tag 'android-6.0.1_r3' of ↵Steve Kondik2015-12-071-10/+14
|\ \ | |/ | | | | | | | | | | | | https://android.googlesource.com/platform/system/core into HEAD Android 6.0.1 release 3 Change-Id: I8b65c0223e3444360432abd871a9d8f007831ba0
| * Merge "Don't show UI on default encryption" into mnc-dr-devPaul Lawrence2015-10-211-1/+1
| |\
| | * Don't show UI on default encryptionPaul Lawrence2015-09-091-1/+1
| | | | | | | | | | | | | | | Bug: 22989588 Change-Id: I8e7023767f1da80c872adc45871be1f8851926ad
| * | Reorder init.rc to avoid a kernel warning.Tim Murray2015-10-151-9/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 3.18 has a warning in dmesg that appears when the parent cpuset's cpus and mems are changed to something other than what the child has. Reorder init.rc to prevent this warning from appearing. bug 24941443 Change-Id: I49d8394063b23dce03222dcc9ddccdc32bb97ea2
* | | Merge tag 'android-6.0.0_r26' into cm-13.0Ricardo Cerqueira2015-11-057-14/+264
|\ \ \ | |/ / | | | | | | | | | | | | Android 6.0.0 release 26 Change-Id: I93d1e3767cbacab2b18cff360065c91b9eaf1d96
| * | add system-background cpusetTim Murray2015-09-181-0/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | add a new cpuset for system services that should not run on larger cores bug 24144797 Change-Id: I21a54f0d6b46b3b8bd8c4564b8685c88cfc4a57d
| * | init: usb: Add configfs commands for USB gadgetBadhri Jagan Sridharan2015-09-081-16/+134
| |/ | | | | | | | | | | | | | | | | | | | | | | | | Adds init support for: accessory audio_source midi adb rndis Bug=23633457 Change-Id: I12e68e25969adafcf3170769f91ae939d08b7dbc
| * init.usb.rc: fix USB typec property namesVincent Palatin2015-09-031-4/+4
| | | | | | | | | | | | | | | | Fix typos in the usb typec properties (sys.usb.typec.*), so the data_role and the power_role can be written properly in the sysfs. Bug: 23790832 Change-Id: I90f591ab37825a07e0610ef1fec0e831eb19515d
| * Add zygote to the foreground cpuset.Tim Murray2015-09-024-2/+6
| | | | | | | | | | | | | | | | | | This ensures that newly forked zygote processes will end up in the corret cpuset. bug 23751126 Change-Id: I987a2828cf2504963f1317d17f0b51d26cf22a70
| * init: usb: Add init scripts for configfs commandsBadhri Jagan Sridharan2015-09-012-0/+58
| | | | | | | | | | | | | | | | | | | | | | This CL adds a new init script init.usb.configfs.rc to add generic configfs commands. Setting sys.usb.configfs in init.usb.{hardware}.rc enables executing commands in this script Bug=23633457 Change-Id: Iaae844a7957d6c9bf510648aaff86d56aa0c6243
| * init.usb.rc: Add new system property for configfsBadhri Jagan Sridharan2015-09-011-8/+11
| | | | | | | | | | | | | | | | | | | | | | This CL helps to execute a different set of commands for the usb configs specified in init.usb.rc. Aimed at using configfs based commands over android composition driver. Bug=23633457 Change-Id: Ifa5f804e1cff93d15ad57d0ed553300bc5868936
| * Add foreground/boost cpuset.Tim Murray2015-08-251-0/+6
| | | | | | | | | | | | | | | | | | | | This is used for app launches (and maybe other high priority tasks in the future). It's to be set to whatever cores should be used for short term high-priority tasks. bug 21915482 Change-Id: Id0ab0499146c09e860b97f4cb8095834cb12dd50
| * Use init to write usb typec propsTim Kilbourn2015-08-171-0/+31
| | | | | | | | | | | | | | The sysfs nodes are owned by root, so use init to write role changes. Bug: 21615151 Change-Id: I39ad03a23af0be9ac859d4fb79a46edc27e30f4e
| * am b9f438ff: Protect runtime storage mount points.Jeff Sharkey2015-08-061-8/+9
| |\ | | | | | | | | | | | | * commit 'b9f438ff841f87c8ffbca85b13a533718a18e15f': Protect runtime storage mount points.
| * \ am 26f0f657: Merge "init.rc: add healthd to system group to allow write to ↵Jeffrey Vander Stoep2015-07-281-0/+1
| |\ \ | | | | | | | | | | | | | | | | | | | | | | | | /dev/cpuset" into mnc-dev * commit '26f0f657ec027430bde7d2237890ba59b3fd174a': init.rc: add healthd to system group to allow write to /dev/cpuset
| * \ \ am 3f62a020: logd: allow logd to write to /dev/cpuset filesJeff Vander Stoep2015-07-251-3/+4
| |\ \ \ | | | | | | | | | | | | | | | | | | | | * commit '3f62a020c48d5d812fb2898759b93a59dc24d310': logd: allow logd to write to /dev/cpuset files
| * | | | Disable scaling of the cfs tunables.Riley Andrews2015-07-211-0/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The cfs tunables auto-scale with the number of active cpus by default. Given that the tunable settings are in device-independent code and it's not known how many cores are currently active when the init.rc file runs, the cfs tunables can vary pretty significantly across devices depending on the state at boot. Disable scaling of the the tunables so that we can get more consistent behavior of cfs across devices. If we want to do per-device tuning of these values, we can override what's written here in device specific files. Bug: 22634118 Change-Id: Id19b24ef819fef762521e75af55e6d4378cfc949
| * | | | Merge "Set up user directory crypto in init." into mnc-dr-devPaul Crowley2015-07-131-0/+2
| |\ \ \ \
| | * | | | Set up user directory crypto in init.Paul Crowley2015-06-231-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (cherry-picked from commit b94032b79c3cded501e2d5f7c328cf8c0c3911c4) Bug: 19704432 Change-Id: Ife4928ffbee39c8ae69e6ba66d9ce5ef5a0beb76
| * | | | | Change init sequence to support file level encryptionPaul Lawrence2015-07-071-4/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | File level encryption must get the key between mounting userdata and calling post_fs_data when the directories are created. This requires access to keymaster, which in turn is found from a system property. Split property loaded into system and data, and load in right order. Bug: 22233063
* | | | | | init.rc: drop world writable on cgroups to pass ctsScott Mertz2015-10-181-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | Change-Id: I14f391d86055cd5f5158f17354132a35055b6ca3
* | | | | | init: Make restorecon_recursive work for /data/Christopher R. Palmer2015-10-181-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In the following commit: commit f2b7ee765516c84a9995e3acdc8fbcd7dc1b33cc Author: Stephen Smalley <sds@tycho.nsa.gov> Date: Thu Feb 6 13:52:52 2014 -0500 Apply restorecon_recursive to all of /data. they removed all the adhoc restorecon_recursive of subdirectories of /data/ and replaced it with: # Set SELinux security contexts on upgrade or policy update. restorecon_recursive /data Unfortunately, that is a no-op because restorecon doesn't recurse through /data/ unless you add a FORCE flag. Since the expectation seems to be that the recursive restorecon in init will actually work, update the built-in to add the force flag and a flag to allow /data/data to also be recursed through. [RC: Removed the DATADATA flag. It throws a ton of errors, and it's supposed to be handled by seapp_contexts, not file_contexts. The actual root paths, however, now get their individual restorecon calls so that installd can deal with them] Change-Id: I435c505188e924b27ef2e6a2e0ee0a6951e43f0e
* | | | | | init.rc: Import CM's init rcRicardo Cerqueira2015-10-181-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | Change-Id: Ia0d2ba653ceeaf0139c20b49e034f39aed33cb03
* | | | | | init: update recovery when enabled in settingsBrint E. Kriebel2015-10-181-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update the recovery image only if the option is enabled under Developer options This reverts commit 231e0a9e6a1da6fa4a188840f68af649669e417f. Change-Id: I928f7ee8bb3eaf5581bb8225661d253ecca0c4ef Change CM recovery install script filename [2/2] This is part 2/2 to maintain backwards compatibility with CWM's verify_root_and_recovery() function. CWM checks if install-recovery.sh exists and has an executable flag set, then offers to disable the script for the user. CM now controls this with the persist.sys.recovery_update property which is configurable via settings, so we don't need to double-check this. This changes the name of the recovery install script to install-cm-recovery.sh. Change-Id: I275dd358b46c626dfcb8fe02c583a308d5a89c56 init: Move install-recovery.sh back to the standard location L moved the location of install-recovery.sh from /system/etc/ to /system/bin. Since CWM recovery isn't looking for this location anyway, let's return the file to this standard location. This allows all other code in L to function properly. Maintain the change to the init to allow flash_recovery to be disabled in settings. Change-Id: I8a85db8addeb75a2fd60d809c5ed4edc619ef7ed
* | | | | | audio: update mediasever to have qcom_diag group permissionsDhananjay Kumar2015-10-061-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Update mediaserver to have qcom_diag group permissions instead of diag group permissions, as /dev/diag node is updated to qcom_diag group. Change-Id: I33637ed68fc2f23999d07ee89682dbaa8c4383ce
* | | | | | RIL: Add qcom_diag permission to rildSooraj Sasindran2015-10-061-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add qcom diag permission to rild Change-Id: I6a898868f7beaeee17e2183529344eddcf08be28
* | | | | | diag: Add new qcom_diag group to access /dev/diagSreelakshmi Gownipalli2015-10-061-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This change adds the definition of qcom_diag and also modify the /dev/diag node group to qcom_diag. Change-Id: I07bd099c76f3fd2685f3a6698e37314a0a2c8f44
* | | | | | init.rc: Add qcom_diag permissions to mediaserverYamit Mehta2015-10-061-1/+1
| |_|_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Diag permissions are needed in mediaserver to enable the QACT tool which allows users to calibrate audio. Change-Id: I3cb8fe807426b9f68669f34d214b7f6d089acb30
* | | | | Protect runtime storage mount points.Jeff Sharkey2015-08-061-8/+9
| |_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We have a bunch of magic that mounts the correct view of storage access based on the runtime permissions of an app, but we forgot to protect the real underlying data sources; oops. This series of changes just bumps the directory heirarchy one level to give us /mnt/runtime which we can mask off as 0700 to prevent people from jumping to the exposed internals. Also add CTS tests to verify that we're protecting access to internal mount points like this. Bug: 22964288 Change-Id: I32068e63a3362b37e8ebca1418f900bb8537b498
* | | | Merge "init.rc: add healthd to system group to allow write to /dev/cpuset" ↵Jeffrey Vander Stoep2015-07-281-0/+1
|\ \ \ \ | |_|_|/ |/| | | | | | | into mnc-dev
| * | | init.rc: add healthd to system group to allow write to /dev/cpusetJeff Vander Stoep2015-07-281-0/+1
| |/ / | | | | | | | | | | | | | | | | | | Also add to root group to avoid introducting new bugs. Bug: 22699101 Change-Id: I9da31e0cc955efd711df3f4c6b17e39d74c01549
* | | logd: allow logd to write to /dev/cpuset filesJeff Vander Stoep2015-07-241-3/+4
|/ / | | | | | | | | | | | | | | | | | | | | | | Required by logd on devices with USE_CPUSETS defined. Make /dev/cpuset/background, /dev/cpuset/foreground and /dev/cpuset/task writeable by system gid. Add logd to system group for writing to cpuset files and to root group to avoid regressions. When dropping privs, also drop supplementary groups. Bug: 22699101 Change-Id: Icc01769b18b5e1f1649623da8325a8bfabc3a3f0
* | Merge "Revert "Change init sequence to support file level encryption"" into ↵Paul Lawrence2015-07-071-8/+4
|\ \ | | | | | | | | | mnc-dev
| * | Revert "Change init sequence to support file level encryption"Paul Lawrence2015-07-071-8/+4
| | | | | | | | | | | | | | | | | | This reverts commit d815178b7512cb44d8b5f234e3f823b5a3e44dea. Change-Id: I7e3f55d3092fcd04ea9f62f1971c9d42570f096c
* | | Merge "[init] start gatekeeperd after device decryption" into mnc-devAndres Morales2015-07-061-1/+1
|\ \ \ | |/ / |/| |
| * | [init] start gatekeeperd after device decryptionAndres Morales2015-07-061-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | gatekeeperd depends on having /data to determine whether to call setup routines for qcom HALs. Bug: 22298552 Change-Id: I6c552016dc863bbb04bd5a949a2317a720c8263f
* | | Change init sequence to support file level encryptionPaul Lawrence2015-07-061-4/+8
|/ / | | | | | | | | | | | | | | | | | | | | File level encryption must get the key between mounting userdata and calling post_fs_data when the directories are created. This requires access to keymaster, which in turn is found from a system property. Split property loaded into system and data, and load in right order. Bug: 22233063 Change-Id: I8a6c40d44e17de386417a443c9dfc3b4e7fe59a5
generated by cgit v1.1 at 2024-05-18 19:38:53 +0000