88c5a130b4
This ensures that the property is always set by init prior to starting any other process, which avoids the need for the bionic systrace code to try to set the property if it has not already been set to avoid the full cost of searching for an undefined property each time. See change I30ed5b377c91ca4c36568a0e647ddf95d4e4a61a for the relevant bionic code. The problem with the current bionic code is that it can trigger an attempt to set this property from any random process, which will be denied unless the process is already authorized to set debug properties. This is visible in the form of various SELinux avc: denied messages and init sys_prop: permission denied messages in dmesg output. Allowing all domains to set such properties is undesirable. Change-Id: I6d953c0c281fd72ad3eba8a479fd258023579b5b Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
88 lines
2.1 KiB
Makefile
88 lines
2.1 KiB
Makefile
#
|
|
# Copyright (C) 2009 The Android Open Source Project
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
#
|
|
|
|
# This is a build configuration for a very minimal build of the
|
|
# Open-Source part of the tree.
|
|
|
|
PRODUCT_PACKAGES += \
|
|
adb \
|
|
adbd \
|
|
bootanimation \
|
|
debuggerd \
|
|
dumpstate \
|
|
dumpsys \
|
|
gralloc.default \
|
|
gzip \
|
|
healthd \
|
|
init \
|
|
init.environ.rc \
|
|
init.rc \
|
|
libEGL \
|
|
libETC1 \
|
|
libFFTEm \
|
|
libGLESv1_CM \
|
|
libGLESv2 \
|
|
libbinder \
|
|
libc \
|
|
libcutils \
|
|
libdl \
|
|
libgui \
|
|
libhardware \
|
|
libhardware_legacy \
|
|
libjpeg \
|
|
liblog \
|
|
libm \
|
|
libpixelflinger \
|
|
libpower \
|
|
libstdc++ \
|
|
libstlport \
|
|
libsurfaceflinger \
|
|
libsurfaceflinger_ddmconnection \
|
|
libsysutils \
|
|
libui \
|
|
libutils \
|
|
linker \
|
|
logcat \
|
|
logwrapper \
|
|
mkshrc \
|
|
reboot \
|
|
service \
|
|
servicemanager \
|
|
sh \
|
|
surfaceflinger \
|
|
toolbox \
|
|
libsigchain
|
|
|
|
# SELinux packages
|
|
PRODUCT_PACKAGES += \
|
|
sepolicy \
|
|
file_contexts \
|
|
seapp_contexts \
|
|
property_contexts \
|
|
mac_permissions.xml \
|
|
selinux_version \
|
|
service_contexts
|
|
|
|
# Ensure that this property is always defined so that bionic_systrace.cpp
|
|
# can rely on it being initially set by init.
|
|
PRODUCT_DEFAULT_PROPERTY_OVERRIDES += \
|
|
debug.atrace.tags.enableflags=0
|
|
|
|
PRODUCT_COPY_FILES += \
|
|
system/core/rootdir/init.usb.rc:root/init.usb.rc \
|
|
system/core/rootdir/init.trace.rc:root/init.trace.rc \
|
|
system/core/rootdir/ueventd.rc:root/ueventd.rc \
|
|
system/core/rootdir/etc/hosts:system/etc/hosts
|