1) Implement documented but unimplemented read-only option.
2) Allow standard input to be used as the <device> by passing
"-". On some devices, opening the device has side effects.
Allowing standard input can prevent this by using a sequence
of something like:
# Open the device on file descriptor 3
exec 3<> /dev/something
ioctl -d - 0 0 <&3
ioctl -d - 1 0 <&3
dd if=myfile >&3
# Close file descriptor 3
exec 3>&-
Change-Id: If17ac3cffa7ccb159051550724b4ce7d8efa5feb
Signed-off-by: Scott Anderson <saa@android.com>
Move the liblog headers to log/ instead of cutils/ to complete
the separation of libcutils and liblog. cutils/log.h still
exists and includes log/log.h in order to support the many existing
modules that use cutils/log.h.
Change-Id: I2758c9f4aedcb809ca7ba8383d0f55041dd44345
When running with the -f option, do not stop recursion or proccessing
command line args if an error occurs. Continue trying to remove all
the items specified on the command line. However, still return an
error status if some files could not be removed.
Change-Id: I83d66babe833da8a68aad68248647ba0601c5d32
Add swap utilities (mkswap, swapon, swapoff) to the toolbox
Change-Id: If5ed6981670a1cdda6b528b587dbc1be7ccdf832
Signed-off-by: Rom Lemarchand <romlem@google.com>
Internally, replace the watchlist array with a hashmap since the array
assumes properties are enumerated in a consistent order and foreach()
probably won't. (find_nth() never guaranteed this either but it usually
worked in practice.)
Signed-off-by: Greg Hackmann <ghackmann@google.com>
(cherry picked from commit 389e358017)
Change-Id: I1db3137b130474f4bb205f01f0bdcf37cf974764
Internally, replace the watchlist array with a hashmap since the array
assumes properties are enumerated in a consistent order and foreach()
probably won't. (find_nth() never guaranteed this either but it usually
worked in practice.)
Change-Id: I83843facdd671edd09652edf472e88ec3d1edd3b
Signed-off-by: Greg Hackmann <ghackmann@google.com>
The third argument of strncat() tells how much data to append from
src, not the total size of the buffer.
Change uses of strncat() to strlcat(), which has the buffer overflow
protection behavior intended by the original author.
This fixes the following compiler warning:
In function 'strncat',
inlined from 'print_type' at system/core/toolbox/lsof.c:76:12:
bionic/libc/include/string.h:142:5: warning: call to __builtin___strncat_chk might overflow destination buffer [enabled by default]
Change-Id: Id69edc641de3cb87d1867a409cd57b04b12f90a7
Fix bug https://code.google.com/p/android/issues/detail?id=54192
which incorrectly calculated the length of a string.
Fix compiler warning:
system/core/toolbox/mount.c:59:2: warning: initializer-string for array of chars is too long [enabled by default]
system/core/toolbox/mount.c:59:2: warning: (near initialization for 'options[16].str') [enabled by default]
Change-Id: If8663f8311c6348a730fcf731d402b57fee10cb5
When a filesystem is mounted read-only, make the underlying
block device read-only too. This helps prevent an attacker
who is able to change permissions on the files in /dev
(for example, symlink attack) from modifying the block device.
In particular, this change would have stopped the LG Thrill / Optimus
3D rooting exploit
(http://vulnfactory.org/blog/2012/02/26/rooting-the-lg-thrill-optimus-3d/)
as that exploit modified the raw block device corresponding to /system.
This change also makes UID=0 less powerful. Block devices cannot
be made writable again without CAP_SYS_ADMIN, so an escalation
to UID=0 by itself doesn't give full root access.
adb/mount: Prior to mounting something read-write, remove the
read-only restrictions on the underlying block device. This avoids
messing up developer workflows.
Change-Id: I135098a8fe06f327336f045aab0d48ed9de33807
The offset variable in lseek is 32 bit and get easily overflow
when accessing with large offset in dd command.
Use lseek64 to resolve it.
Change-Id: Ib75d9dcb587004a6851365ab5bb8584ce1010b57
Set the CAP_SYS_BOOT filesystem capability on the new reboot
command and keep CAP_SYS_BOOT in adb bounding set so that the
shell user can run it.
Change-Id: I1dd6143445ee2a952254f0452ab6e544318431dd
Change setsebool syntax from name=value to name value.
This is to make it consistent with setprop and similar commands.
Update both the init built-in command and the toolbox command
for consistency.
Change-Id: I2c8e016ba26731c4a2ad4a49ae3b89362bf8f8a8
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
