This adds a system property for controlling unprivileged access to
perf_event_paranoid. It depends on adding kernel support for
perf_event_paranoid=3 based on grsecurity's PERF_HARDEN feature to
completely disable unprivileged access to perf. A minimal port of this
feature is used in the vanilla Debian kernel by default.
It hides the non-hardened value as an implementation detail, since while
it is currently 1, it will probably become 2 in the future.
Bug: 29054680
Change-Id: I6e3ae3cf18d8c76df94f879c34fb6fde519b89a9
In the case of adb enabled, When a usb function switch happens
e.g mtp,adb -> ptp,adb, framework will set sys.usb.config from
"mtp,adb" to "none" and stop adbd first.
At this time, the property "sys.usb.ffs.ready", which is set after
the ready of the perious start adbd, is still "1".
So , when framework goes on setting the sys.usb.config to "ptp,adb",
init.usb.configfs.rc will trigger actions to bind() f_fs without
waiting for adbd is actually ready.
This will produce some error messages:
------------
configfs-gadget ci_hdrc.0: failed to start g1: -19
init: write_file: Unable to write to '/config/usb_gadget/g1/UDC': No such device
------------
this error msg is caused by configFS start binding f_fs before adbd is ready.
Add setting the "sys.usb.ffs.ready" to "0" will help clear this error msg,
as the bind process in kernel gadget driver will wait for the set of
this property, which is the sign of adbd is ready.
Signed-off-by: Winter Wang <wente.wang@nxp.com>
This list contains libraries that should directly or indirectly
be accessible to apps for the platform. Note that this list is
not device specific but rather device class specific.
For now we have 2 separate lists; one for Android Phones and Tablets,
and another one for Android Wear devices.
Bug: http://b/27546414
Bug: http://b/22548808
Change-Id: I83de5e3cf67392d0e9af66f70123898bd5997146
(cherry picked from commit 4b0e963872)
Remove references to SELinux policy files in /data/security
from libselinux/android.c. In the process all code that is
apparently related to handling an alternate policy and/or
reloading the policy has been removed.
Bug: 26544104
Change-Id: I47bf76ac3c26c5d71f92a21ffac2b17ba14262ea
Enable debugfs on non "user" builds.
BUG=27520850
Change-Id: I2bcc72b686d0477b553c0605adfd4c023e72cbfb
Signed-off-by: Mihai Serban <mihai.serban@intel.com>
The new top level directory /postinstall is used by the A/B updater to
mount the new partition and run a post-install program before rebooting
into that new system.
init.rc was extended to label this new directory since the initrd has
no extended attributes.
Bug: 27177071
TEST=`ls -laZ /` shows the /postinstall directory on edison-eng
Change-Id: I6cdee7eb1d61ac7d447528962a4fad1a7bbf138d
The Linux kernel implicitly expects /dev/fd to symlink to /proc/self/fd.
This change fixes the exec/execveat.c kernel selftest.
Change-Id: Ia08d50023336fdbfc098527299c326d9d59039a9
Signed-off-by: Greg Hackmann <ghackmann@google.com>
Mix the contents of /proc/cmdline and /default.prop
into /dev/urandom. /proc/cmdline often contains
androidboot.serialno, a device-specific unique
identifier. Similarly, /default.prop contains the
build fingerprint and timestamp, which vary between
device families.
Change-Id: I8803b38c7089b2a1217b99a7c1808b29a3b138cf
Creation of /data/misc/vold was first introduced by commit 25775e8. It
then got reverted, probably inadvertently, by:
commit 2e24bcfdce
Author: Paul Lawrence <paullawrence@google.com>
Date: Fri May 22 18:31:55 2015 +0000
Revert "Set up crypto for user directories in init."
This folder is required by vold. In its absence, if one tries to format
an SD card as internal storage, an error will occur, with the following
message printed to logcat:
01-08 06:31:48.389 1002 1069 E vold : Failed to persist key
Restoring /data/misc/vold fixes this bug.
This fix has been verified on the emulator, which currently does not
allow its virtual SD card to be adopted, but another CL will be uploaded
to enable that.
Change-Id: Ibb87ee821630a038a6f9b7b6a9da50fe03ca690d
Signed-off-by: Yu Ning <yu.ning@intel.com>
* Added new kernel GID named "wakelock" (AID_WAKELOCK = 3010)
* Changed the group access for /sys/power/wake_lock and
/sys/power/wake_unlock from "system" to "wakelock"
* Added "wakelock" to the list of groups for the healthd process/service
Bug: 25864142
Change-Id: Ieabee9964cccec3107971a361a43aa9805164aa9
If /sys/kernel/debug is present, make sure it has all the appropriate
SELinux labels.
Labeling of /sys/kernel/debug depends on kernel support
added in commit https://android-review.googlesource.com/122130
This patch depends on an external/sepolicy change with the
same Change-Id as this patch.
Change-Id: Id1d6a9ad6d0759d6de839458890e8cb24685db6d
update_verifier verifies the updated partitions and marks the current
slot as having booted successfully. It needs to be triggered prior to
the start of the framework, otherwise it won't be able to fall back to
the old system without a data wipe.
Bug: 26039641
Change-Id: I6fd183cdd3dfcc72feff2a896368158875b28591
If / is not write-able and system.img contains system/vendor, symlink
for `/vendor/ -> /system/vendor/` that is otherwise done in init.rc
should be done at build time.
BUG=b:25512724
Change-Id: Iaa63d6440373a4fd754a933c9f1960b3787a6d98
Folders in the root directory are now created during the build,
as we may be building without a ramdisk, and when we do that,
the root directory will be read-only. With those changes,
these mkdirs will never need to run.
Change-Id: I49c63e8bfc71d28e3f938ed41f81d108359fa57a
Move foreground tasks to /sys/fs/cgroup/stune/boost/tasks (boosted
weight in EAS scheduler). Move background tasks to
/sys/fs/cgroup/stune/tasks (default weight). For services started
with init, set "foreground" services to boosted.
Change-Id: I0e489fad9510727c13e6754dabaf311c2391f395
system.img may contain the root directory as well. In that case, we
need to create some folders init.rc would during the build.
Change-Id: I312104ff926fb08d98ac8256b76d01b0a90ea5e5
system.img may contain the root directory as well. In that case, we
need to create some folders init.rc would during the build.
Change-Id: I157ccbebf36bee9916f3f584551704ec481ae1d1
Add the following mount options to the /proc filesystem:
hidepid=2,gid=3009
This change blocks /proc access unless you're in group 3009
(aka AID_READPROC).
Please see
https://github.com/torvalds/linux/blob/master/Documentation/filesystems/proc.txt
for documentation on the hidepid option.
hidepid=2 is preferred over hidepid=1 since it leaks less information
and doesn't generate SELinux ptrace denials when trying to access
/proc without being in the proper group.
Add AID_READPROC to processes which need to access /proc entries for
other UIDs.
Bug: 23310674
Change-Id: I22bb55ff7b80ff722945e224845215196f09dafa
Building without ramdisk requires a way to specify board specific
directoryies and symlinks in the root directory at build time.
Change-Id: I11301e98228bc4761f3aee177a546146651b9f25
(cherry picked from commit d7549c9a65cad886f672af41f5fca6f0bd0c12fa)
