- When raising the ProGuard sdk version for platform build, use
TARGET_DEFAULT_JAVA_LIBRARIES instead of just framework.
- Also added SUPPORT_LIBRARY_ROOT to reference support library resource
dir.
Bug: 20658265
Change-Id: Ib008d8e70508723db91431a062cac691367f2f6c
The goldfish-setup service (essentially /system/etc/init.goldfish.sh)
executes the following commands when certain conditions are met:
setprop ro.radio.noril yes
stop ril-daemon
so as to stop the RIL daemon and emulate a WiFi-only device. Both would
fail, though, because goldfish-setup does not have the permissions to
set relevant properties.
This CL modifies the emulator's SELinux policy to grant the necessary
permissions. It is a step towards fixing the ril-daemon-keeps-getting-
killed-and-restarted problem with the new ("ranchu") emulator, which
does not support telephony emulation yet. (The other step is to have
init start goldfish-setup, which will be done in a seperate CL.)
(cherrypicked from commit 33dca8090f)
Change-Id: Ice7e7898804b7353ac4a8c49d871b1b2571d7a5f
Signed-off-by: Yu Ning <yu.ning@intel.com>
(cherrypicked from commit cccc901639)
Change-Id: I630ba0178439c935d08062892990d43a3cc1239e
Signed-off-by: William Roberts <william.c.roberts@linux.intel.com>
* commit '9cf9a6c6dcd9d58024dc115a703feb7bc47098bd':
Change "M Preview" tab to "Preview", change "monetize" subtab to "Earn". Highlight preview subtab on preview pages. Change "About" link to latest version of Android.
In goldfish kernel 3.10, the goldfish_tty device instantiates virtual
serial ports as /dev/ttyGF* (e.g. /dev/ttyGF0), not as /dev/ttyS* as in
goldfish kernel 3.4. However, in the emulator's SELinux security policy,
there is no specific security context assigned to /dev/ttyGF*, and the
one inherited from /dev (u:object_r:device:s0) prevents services such as
qemud and goldfish-logcat from reading and writing ttyGF*. Consequently,
qemud terminates abnormally on the classic x86_64 emulator:
init: Service 'qemud' (pid XXX) exited with status 1
Fix this issue by assigning /dev/ttyGF* the same security context as
/dev/ttyS*.
(cherrypicked from commit 4783467922)
Change-Id: Ia7394dc217bd82f566c4d1b7eda3cc8ce3ac612f
Signed-off-by: Yu Ning <yu.ning@intel.com>
* commit 'a8bbfca3d0ba7da40f9348eeb38badda575fe411':
Change "M Preview" tab to "Preview", change "monetize" subtab to "Earn". Highlight preview subtab on preview pages. Change "About" link to latest version of Android.
In goldfish kernel 3.10, qemu_pipe has been renamed to goldfish_pipe.
However, in the emulator's SELinux policy, there is no specific security
context assigned to /dev/goldfish_pipe, and the one inherited from /dev
(u:object_r:device:s0) prevents various processes (qemud, qemu-props,
etc.) from reading and writing goldfish_pipe. Consequently, the classic
x86_64 emulator will not boot if GPU emulation is enabled ("-gpu host"),
and does not render the UI correctly if launched with "-gpu off".
Fix this issue by assigning /dev/goldfish_pipe the same security context
as /dev/qemu_pipe.
This CL also benefits the new ("ranchu") emulator, where all supported
ABIs (arm64, mips64, x86 and x86_64) use 3.10-based kernels. Without
this fix, the new emulator boots and works, but there are avc denials
related to goldfish_pipe.
Last but not least, it is now possible to boot the classic x86 emulator
with a 3.10-based kernel instead of the current 3.4-based one, without
disabling SELinux.
(cherry-pick of commit: a5053e6b35)
Change-Id: I52e75c94d3ae3758cbbf5bc0e1d84254fdf5c6cb
Signed-off-by: Yu Ning <yu.ning@intel.com>
* commit '7a72fdd4e46c907c7deac8e6cd75df156ec244f0':
Style and template updates to support responsive layout, mobile nav, email signup, updated styles (sync2).
* commit 'f97b2ef21a9940ec7a41c9116a79f9b2a36e0c1d':
Style and template updates to support responsive layout, mobile nav, email signup, updated styles (sync2).
In ext4 filesystems, some blocks might be changed even being mounted
R/O, such as the superblock (block 0). We need to exclude such blocks
from integrity verification. Plus such blocks should always be
written to the target by copying instead of patching.
Bug: http://b/20939131
Change-Id: I657025b7b1ad50d4365e7b18dc39308facfe864e
(cherry picked from commit ff7778166b)
Commit 28acbeab18f6083299c07f9ebe769d22e49f8107 removed the dependency of
sepolicy-analyze on libc++, eliminating the only consumer of the library for the
cts host-side tests. Remove the library since it is no longer needed but leave
the ability to add other shared libs in the future.
(cherry-pick of commit: 214a171424)
Bug: 19566396
Change-Id: I36f45c3e92c2d6370e98baa4c527835af66691fa
ASan runtime library (when using dynamic linking) must be the first
dependency of the main executable to achieve correct symbol
interposition. This matches how the clang driver works.
In multilib setup, ASan-RT name depends on the target arch:
/system/lib/libclang_rt.asan-arm-android.so
/system/lib64/libclang_rt.asan-arm64-android.so
We also set RPATH to /system/lib/asan or /system/lib64/asan
to have a place for ASan-only versions of system libraries.
Change-Id: I937d202077b6e433ba476c075d31be818b662d53
Always link libm with asan. Hasn't been a problem before because ASAN
was only ever used when libc++ was as well, which already links libm.
Pass --no-as-needed for host modules.
These aren't needed for the target builds because the target uses the
shared RTL.
Change-Id: I3b95c8682c0f63bac6b726f8cd15c638aaa98311
Define BOARD_SEPOLICY_DIRS for the arm64, mips64, and x86_64
emulator targets. As a first cut, simply inherit from the
existing policy directories used for generic and generic_x86.
We may need further board-specific policy added for these targets
but testing will require first enabling SELinux in the relevant
kernel configs.
(cherrypicked from commit 21ebc213bb)
Change-Id: I7b4459b32298698fc2908cbbdd0e3afadbe5ac24
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
In order to work around the zip 2GiB limit, we need to wrap the related
functions in zipfile. Calls to those functions should always be replaced
with calls to the wrappers instead.
Bug: 18015246
Change-Id: I499574cee51ec4804bc10cbefe0b17940afed918
(cherry picked from commit 2ed665a033)
