Commit graph

132 commits

Author SHA1 Message Date
Jeff Vander Stoep
5fdc4cc746 Revert "crash_dump: during early boot, output to kmsg on userdebug."
This reverts commit bf2dd48241.

Addresses:
avc: denied { relabelto } for name="kmsg_debug" dev="tmpfs" ino=10642
scontext=u:r:init:s0 tcontext=u:object_r:device:s0 tclass=chr_file

Bug: 62101480, 35197529
Test: build and boot device. Verify selinux denial no longer occurs.
Change-Id: I28ce16f50eec20ef15c1721f41b66f22a84e7cca
2017-06-23 13:37:54 -07:00
Tom Cherry
14fc01301d init: start move to Android.bp
Move libinit, init_tests, and test_service to Android.bp
Leave init in Android.mk as it has unfulfilled dependencies, but
create a comment in Android.bp for future use.
Remove libinit_parser and init_parser_tests as that code was never
used in init.

Bug: 36970783
Bug: 37512442
Test: Build, boot bullhead, init unit tests
Change-Id: Id81cd10ea09453a5fd762ba9189276aad79d5444
2017-05-22 13:30:04 -07:00
Elliott Hughes
81824ebf1f Merge "Add libkeyutils." 2017-05-13 00:28:28 +00:00
Elliott Hughes
f8627cea7f Add libkeyutils.
Also move init over to it.

Bug: http://b/37991155
Test: builds+boots
Change-Id: I5113a9d96a5ce0a0f3bad71134d6cc4f7b41a57e
2017-05-10 10:40:11 -07:00
Chih-Hung Hsieh
7275802917 Work around clang-tidy segmentation fault.
This should affect only builds that call clang-tidy.
Without this change, clang-tidy has segmentation fault
when compiling several files in the system/core/init directory.

Bug: 38002385
Test: build with WITH_TIDY=1
Change-Id: I63b898370c43e1d6b02671751137b1027ba4cdac
2017-05-04 16:30:14 -07:00
Tom Cherry
7da548578c init: add an initializer for keychord_id_
Add unit test to ensure all POD types of Service are initialized.

Bug: 37855222
Test: Ensure bugreport is triggered via keychord properly.
Test: New unit tests
Change-Id: If2cfea15a74ab417a7b909a60c264cb8eb990de7
2017-05-01 15:35:07 -07:00
Tom Cherry
960ed3ce1b Merge changes I1f70f2c4,I698ca962,Idbbf2682
* changes:
  init: remove unused parts of parser.cpp
  ueventd: replace ueventd_parser.cpp with init_parser.cpp
  init: add Parser::AddSingleLineParser()
2017-04-25 21:44:07 +00:00
Tom Cherry
fe062055cb ueventd: replace ueventd_parser.cpp with init_parser.cpp
Previously init_parser.cpp was made generic and capable of parsing any
number of differently named 'sections' or prefixed lines.  We now use
these capabilities to do the parsing for ueventd.

Bug: 36250207
Bug: 33785894

Test: boot bullhead and ensure the right /dev nodes exist
      with the right permissions set
Test: verify no boot time difference
Change-Id: I698ca962d414f8135af32f6c9cd778841b2b8b53
2017-04-25 11:24:24 -07:00
Treehugger Robot
bcd36a20d4 Merge "init: moving early mount logic into init_first_stage.cpp" 2017-04-25 00:31:27 +00:00
Bowgo Tsai
d262017fef init: moving early mount logic into init_first_stage.cpp
Also renames "early mount" to "first stage mount" to prevent confusion
with "mount_all --early", which is run in the init second stage.

Also creates a base class: FirstStageMount and two derived classes:
FirstStageMountVBootV1 and FirstStageMountVBootV2 to replace/refactor
existing functions:

   - early_mount() -> DoFirstStageMount() and FirstStageMount::DoFirstStageMount()

   - vboot_1_0_early_partitions -> FirstStageMountVBootV1::GetRequiredDevices()
   - vboot_2_0_early_partitions -> FirstStageMountVBootV2::GetRequiredDevices()

   - vboot_1_0_mount_partitions ->
       FirstStageMount::MountPartitions() and
       FirstStageMountVBootV1::SetUpDmVerity()

   - vboot_2_0_mount_partitions ->
       FirstStageMount::MountPartitions() and
       FirstStageMountVBootV2::SetUpDmVerity()

Bug: 37413399
Test: first stage mount /vendor with vboot 2.0 (avb) on bullhead
Test: first stage mount /system with without verity on bullhead
Test: first stage mount /vendor with with vboot 1.0 on sailfish
Change-Id: I6584bdf7d832c9fbc8740f97c9b8b94e68a90783
2017-04-24 23:10:10 +08:00
Tom Cherry
ad54d094cd init: create init_tests.cpp
Start a init_tests.cpp file for end-to-end tests that parse small init script
segments and verify that they act as expected.

The first tests ensure that the execution order of event triggers
happens appropriately.

Test: Boot bullhead, run unit tests

Change-Id: Ic446c02605ab796fd41e0596ce1fd381aee80ce0
2017-04-21 18:27:42 -07:00
Elliott Hughes
d8f9356bec Revert "Send property_service AVC messages to the kernel audit system"
This reverts commit 8adb4d9d12.

Change-Id: I0db29617f323ef31ca5a270d02b7668092e9c9e1
2017-04-14 12:53:19 -07:00
Treehugger Robot
d7381375bb Merge changes from topic 'avb-early-mount'
* changes:
  fs_mgr: support AVB in fs_mgr_update_verity_state()
  init: support early_mount with vboot 2.0 (external/avb/libavb)
2017-04-14 06:20:42 +00:00
Bowgo Tsai
aaf70e77dc fs_mgr: support AVB in fs_mgr_update_verity_state()
fs_mgr_update_verity_state() is invoked by 'verity_update_state' in
init.rc. It will then set property "partition.system.verified" and
"partition.vendor.verified" to verify_mode. We should support this for
AVB as well.

Also change the order of static libs in init to fix the build error
after this change:
  system/extras/ext4_utils/ext4_crypt.cpp:69: error: undefined reference to 'property_get'

Bug: 35416769
Test: Mount /system and /vendor with vboot 2.0 (AVB), check the following properties exist.
      - [partition.system.verified]: [2]
      - [partition.vendor.verified]: [2]
Test: Mount /system and /vendor with vboot 1.0, check the following properties exist.
      - [partition.system.verified]: [0]
      - [partition.vendor.verified]: [0]

Change-Id: I4328d66a8cb93f26e7960e620a0b2292d5f15900
2017-04-14 12:10:49 +08:00
Tom Cherry
060b74baad ueventd: convert mkdir_recursive() to std::string
Bug: 36250207

Test: Boot bullhead
Test: Boot sailfish, observe no boot time regression
Test: init unit tests

Change-Id: I5a2ac369d846e044230b709fd07eb21ad12d47bb
2017-04-12 16:36:44 -07:00
Keun-young Park
2ba5c8103d poll umount completion from /proc/mounts
- umount operation is asynchronous except for root partition.
  Returning from umount does not guarantee completion of
  umount. Poll /proc/mounts to confirm completion of umount.
- Treat all devices mounting to /data as emulated devices. This is
  future proof when fs other than sdcardfs is used.
- Drop quota sync from sync step. There is no differences in
  frequencies of quota error.
- Run umount in reverse order from mounting order so that any
  hidden dependency can be auto-resolved.
- Add dump of lsof and /proc/mounts when umount fails. lsof only runs
  when selinux is toggled into permissive mode. The dump is enabled
  only for non-user build.
- Keep logcat until vold shutdown in case vold has any error to report.

bug: 36551218
Test: python packages/services/Car/tools/bootanalyze/bootanalyze.py -r -c packages/services/Car/tools/bootanalyze/config.yaml -n 1000 -f -e 20 -w 30

Change-Id: I87b17b966d7004c205452d81460b02c6acf50d45
2017-04-10 15:41:15 -07:00
Josh Gao
72ca48e5cb Merge "crash_dump: during early boot, output to kmsg on userdebug." 2017-04-10 20:51:59 +00:00
Josh Gao
bf2dd48241 crash_dump: during early boot, output to kmsg on userdebug.
Crashes that happen before tombstoned is running are extremely hard to
diagnose, because tombstones aren't written to disk, and the window of
opportunity to get logs via `adb logcat` is small (potentially
nonexistent).

Solve this by adding a world-writable /dev/kmsg_debug on userdebug
builds, and writing to it in addition to logcat when tombstoned hasn't
started yet.

Bug: http://b/36574794
Test: stop tombstoned; crasher; dmesg
Change-Id: Ib22c02a002afb602933155fb2c9b7a8abbe9ed38
2017-04-06 15:00:52 -07:00
Tom Cherry
c44f6a4073 ueventd: Write tests for the get_*_symlinks() functions
Bug: 33785894
Bug: 36250207
Test: Boot bullhead + new unit tests
Change-Id: Ia0f290542eb1cffce5ae876dfedb453dde960253
2017-04-05 18:21:39 -07:00
Keun-young Park
c4ffa5c47d set zero shutdown timeout for eng build
- still it will take time to kill services, < 3 secs in tested device.

bug: 36678028
Test: reboot
Change-Id: I3f3eb83aede8cd950da12e3fcc259eeaf8517c3b
2017-03-29 12:25:33 -07:00
Jeff Vander Stoep
7ef28f4e4f Move selinux policy build decisions to sepolicy Makefile
Test: Test build/boot Marlin with split policy
Test: Test build/boot Bullhead with combined policy
Bug: 36138508
Change-Id: I84654d19c4d8e9fe9086fde742ee80cd043dfbe1
2017-03-26 07:56:29 -07:00
Keun-young Park
8d01f63f50 remove emergency shutdown and improve init's reboot logic
- Emergency shutdown just marks the fs as clean while leaving fs
  in the middle of any state. Do not use it anymore.

- Changed android_reboot to set sys.powerctl property so that
  all shutdown can be done by init.

- Normal reboot sequence changed to
    1. Terminate processes (give time to clean up). And wait for
      completion based on ro.build.shutdown_timeout.
        Default value (when not set) is changed to 3 secs. If it is 0, do not
        terminate processes.
    2. Kill all remaining services except critical services for shutdown.
    3. Shutdown vold using "vdc volume shutdown"
    4. umount all emulated partitions. If it fails, just detach.
       Wait in step 5 can handle it.
    5. Try umounting R/W block devices for up to max timeout.
      If it fails, try DETACH.
      If umount fails to complete before reboot, it can be detected when
      system reboots.
    6. Reboot

- Log shutdown time and umount stat to log so that it can be collected after reboot

- To umount emulated partitions, all pending writes inside kernel should
  be completed.
- To umount /data partition, all emulated partitions on top of /data should
  be umounted and all pending writes should be completed.
- umount retry will only wait up to timeout. If there are too many pending
  writes, reboot will discard them and e2fsck after reboot will fix any file system
  issues.

bug: 36004738
bug: 32246772

Test: many reboots combining reboot from UI and adb reboot. Check last_kmsg and
      fs_stat after reboot.

Change-Id: I6e74d6c68a21e76e08cc0438573d1586fd9aaee2
2017-03-22 11:23:31 -07:00
Tom Cherry
663fdfc1b2 init: reboot to bootloader on crash for development builds
Currently, if init crashes, the kernel panics.  During development, we
would like to catch this crash before the kernel panics and reboot
into bootloader. This will prevent boot looping bad configurations,
particularly desired in test labs where manual intervention would
otherwise be required to reset the devices.

Keep the existing behavior for user builds, as init crashes should be
rare for production builds and rebooting the device is the correct
behavior for end users.

Bug: 34147472
Test: Boot bullhead userdebug, force init to crash, check that the
      device is in bootloader
Test: Boot bullhead user, force init to crash, check that the kernel
      panics and the device reboots as it did previously
Change-Id: Iab3d45ed0d1f82ffaad2a0835d9ca537c0516421
2017-03-21 13:42:17 -07:00
Tom Cherry
2bc00140be init: enable C++17
Test: Boot bullhead
Change-Id: I40961ff765461e8aef211d27158ffb7c4be76493
2017-03-13 11:58:58 -07:00
Jeff Vander Stoep
0cbbb8381e Build split file_contexts on TREBLE builds
Build file_contexts.bin on legacy builds.
Test: Marlin and Bullhead build and boot with no new denials.
Test: Marlin and Bullhead recovery boots with no new denials.
Test: Bullhead boots with file_contexts.bin in /
Test: Marlin boot with /system/etc/selinux/plat_file_contexts and
      /vendor/etc/selinux/nonplat_file_contexts.
Bug: 36002414

Change-Id: I66f138fc3ad808df0480e0467cee03fd40177f31
2017-03-08 15:28:06 -08:00
Alex Klyubin
2d19aeb13a Use precompiled sepolicy when available
NOTE: This change affects only devices which use SELinux kernel policy
split over system and vendor directories/partitions.

Prior to this change, init compiled sepolicy from *.cil files on every
boot, thus slowing boot down by about 400 ms. This change enables init
to skip the step compilation and thus avoid spending the 400 ms. The
skipping occurs only if the device's vendor partition includes an
acceptable precompiled policy file. If no acceptable policy is found,
the compilation step takes place same as before.

Because such devices support updating system and vendor partitions
independently of each other, the vendor partition's precompiled policy
is only used if it was compiled against the system partition's policy.
The exact mechanism is that both partitions include a file containing
the SHA-256 digest of the system partition's policy
(plat_sepolicy.cil) and the precompiled policy is considered usable
only if the two digests are identical.

Test: Device with monolithic policy boots up just fine
Test: Device with split policy and with matching precompiled policy
      boots up just fine and getprop ro.boottime.init.selinux returns
      a number below 100 ms. No "Compiling SELinux policy" message in
      dmesg.
Test: Device with split policy and with non-matching precompiled
      policy boots up just fine and getpropr ro.boottime.init.selinux
      returns a number above 400 ms. There is a "Compiling SELinux
      policy" message in dmesg. The non-matching policy was obtained
      by adding an allow rule to system/sepolicy, building a new
      system image using make systemimage and then flashing it onto
      the device.
Bug: 31363362
Change-Id: Ic2e81a83051689b5cd5ef1299ba6aaa1b1df1bdc
2017-03-08 12:25:25 -08:00
Alex Klyubin
b51f9abf45 Include correct type of SELinux policy
This makes the build system include split SELinux policy (three CIL
files and the secilc compiler needed to compile them) if
PRODUCT_FULL_TREBLE is set to true. Otherwise, the monolitic SELinux
policy is included.

Split policy currently adds around 400 ms to boot time (measured on
marlin/sailfish and bullhead) because the policy needs to be compiled
during boot. This is the main reason why we include split policy only
on devices which require it.

Test: Device boots, no additional SELinux denials. This test is
      performed on a device with PRODUCT_FULL_TREBLE set to true, and
      on a device with PRODUCT_FULL_TREBLE set to false.
Test: Device with PRODUCT_FULL_TREBLE set to true contains secilc and
      the three *.cil files, but does not contain the sepolicy file.
      Device with PRODUCT_FULL_TREBLE set to false contains sepolicy
      file but does not contain the secilc file or any *.cil files.
Bug: 31363362

Change-Id: I419aa35bad6efbc7f936bddbdc776de5633846fc
2017-03-02 13:25:17 -08:00
Elliott Hughes
b005d90816 Address property service DoS.
Bug: http://b/35166374
Test: ran new test
Change-Id: I94cf5750f0d2dc87f4a118b2c63b16255ef30fd2
2017-02-22 14:54:15 -08:00
James Hawkins
c8ac067773 Revert "bootstat: Refactor init/utils/boot_clock into base/chrono_utils."
This reverts commit 7c92e48450.

Mac sdk still broken (despite testing locally).

Change-Id: I7d9206e15997cd0efe081bd3fa17d53d2b20ec32
2017-02-14 19:20:20 +00:00
James Hawkins
7c92e48450 bootstat: Refactor init/utils/boot_clock into base/chrono_utils.
Use this for bootstat and init. This replaces the custom uptime parser in
bootstat.

This is a reland of aosp/332854 with a fix for Darwin.

Bug: 34352037
Test: chrono_utils_test
Change-Id: Ib2567d8df0e460ab59753ac1c053dd7f9f1008a7
2017-02-13 15:47:21 -08:00
Jorge Lucangeli Obes
28e980b59c Add a sample service for testing init.
I find myself using something like this every time I add functionality
to init. I cannot possibly be the only one doing this. On the other
hand, if this hasn't been added for so long, maybe there's a reason
for that.

The advantage of using a test service versus modifying an existing
service is that the test service doesn't *require* any permissions or
privileges, so you can add and/or remove whatever you need to test
without breaking the service.

I found it useful to have the service check its own /proc/<pid>/status
from command-line arguments, so that's what the service does.

This CL also adds a .clang-format file for init.

Bug: None
Test: Service runs and exits successfully.

Change-Id: I3e7841a7283158e10c0bf55e0103c03902afb1f0
2017-02-09 18:23:09 -05:00
James Hawkins
0e3167e203 Revert "bootstat: Remove custom uptime parser in favor of elapsedRealtime."
This reverts commit 26f40c04c3.

This change broke the Darwin SDK target.

Test: none
Change-Id: Ia54fe2c31da8d8fa2825e023b035fb8321dcd457
2017-02-08 14:16:51 -08:00
James Hawkins
26f40c04c3 bootstat: Remove custom uptime parser in favor of elapsedRealtime.
Refactored init/utils/boot_clock into base/chrono_utils.

Bug: 34352037
Test: none
Change-Id: Ied0c00867336b85922369d7ff37520e3d28fc61e
2017-02-07 15:43:32 -08:00
Paul Lawrence
c4af05f8a3 Revert "Enable seccomp in init with generated policy"
This reverts commit db929bf9b7.

Seccomp is now inserted at the zygote level, not in init

Bug: 34710876
Test: Boots, seccomp policy in zygote & zygote64 but not init
Change-Id: I9075a79793171a4eaccf6228e9ff3398c791f8bd
2017-02-02 09:27:49 -08:00
bowgotsai
b51722b4e2 fs_mgr: support using libavb to enable dm-verity
external/avb/libavb provides the new Android Verified Boot (AVB) flow.
It has different verity metadata format than previous formats in
fs_mgr_verity.cpp fs_mgr should support using libavb to read the metadata
(a.k.a. HASHTREE descriptor in AVB) to enable dm-verity in kernel.

Two important files in this commit:

 - fs_mgr_avb_ops.c: an implementation of struct AvbOps* for libavb to do
   platform dependent I/O operations, e.g., read_from_partition.

 - fs_mgr_avb.cpp: it reads the metadata (a.k.a. vbmeta images in AVB) from
   all partitions, verifies its integrity against the values of
   androidboot.vbmeta.{hash_alg, size, digest} passed from bootloader in
   kernel command line. Then enable dm-verity for partitions having the
   corresponding HASHTREE descriptor and with an 'avb' fstab flag.

Bug: 31264231
Test: Enable dm-verity on /system partition
Test: Enable dm-verity with FEC on /system partition

Change-Id: I4652806984fe5a30c61be0839135b5ca78323d38
2017-01-25 18:03:20 +08:00
Treehugger Robot
cfb8800e18 Merge "Enable seccomp in init with generated policy" 2017-01-19 23:26:10 +00:00
Alex Deymo
b0c395955d Remove "_host" and "_static" suffix from libsparse definition.
This now combines all the "libsparse" libraries into the same soong
target. A minor side-effect of this change is that the libsparse
static library depends on the libz shared library instead of the libz
static library. This minor change has no effect since targets using
the static libsparse library need to explicitly include either the
static libz or the shared one.

Bug: 34220783
Change-Id: I8f41586cf4c3336791cfa57ab4f5ae59a76d7ffa
2017-01-11 19:15:11 -08:00
Alex Deymo
705353ae27 Remove "_static" and "_host" suffix from libext4_utils.
Bug: 34220783
Change-Id: I967dbaa9c48ad1feed2369c3a40f745b86a350f8
2017-01-11 14:05:42 -08:00
Paul Lawrence
db929bf9b7 Enable seccomp in init with generated policy
Test: Ran script to test performance - https://b.corp.google.com/issues/32313202#comment3
      Saw no significant regression with this change on or off
      Removed chroot from SYSCALLS.TXT - chroot blocked
      Boot time appears reasonable
      Device boots with no SECCOMP blockings
      Measured per syscall time of 100ns
      Empirically counted <100,000 syscalls a second under heavy load

Bug: 32313202
Change-Id: Icfcfbcb72b2de1b38f1ad6a82e8ece3bd1c9e7ec
2017-01-10 10:09:38 -08:00
Nick Kralevich
8adb4d9d12 Send property_service AVC messages to the kernel audit system
The property service uses an SELinux userspace check to determine if a
process is allowed to set a property. If the security check fails, a
userspace SELinux denial is generated. Currently, these denials are only
sent to dmesg.

Instead of sending these denials to dmesg, send it to the kernel audit
system. This will cause these userspace denials to be treated similarly
to kernel generated denials (eg, logd will pick them up and process
them). This will ensure that denials generated by the property service
will show up in logcat / dmesg / event log.

After this patch, running "setprop asdf asdf" from the unprivileged adb
shell user will result in the following audit message:

  type=1107 audit(39582851.013:48): pid=1 uid=0 auid=4294967295
  ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for
  property=asdf pid=5537 uid=2000 gid=2000 scontext=u:r:shell:s0
  tcontext=u:object_r:default_prop:s0 tclass=property_service'

Test: manual
Bug: 27878170
Change-Id: I0b8994888653501f2f315eaa63d9e2ba32d851ef
2017-01-03 13:50:13 -08:00
Daniel Cashman
a26a98726e Revert "Compile sepolicy on-device at early boot."
This reverts commit 2fae5d65d5.

Change-Id: Id8bfc0f85d19e98df3759a2fcc6b3a331b4eec29
2016-12-17 00:53:45 +00:00
dcashman
2fae5d65d5 Compile sepolicy on-device at early boot.
Compile policy from disparate sources at beginning of init and use to load
rather than relying on prebuilt policy.

Bug: 31363362
Test: Policy builds on-device and boots.
Change-Id: I681ec3f7da351d0b24d1f1e81e8a6b00c9c9d20c
2016-12-16 14:02:31 -08:00
Mark Salyzyn
978fd0ea25 init: service file command only opens existing files
Mixing open or create, along with attribute(MAC) and permissions(DAC)
is a security and confusion issue.

Fix an issue where fcntl F_SETFD was called to clear O_NONBLOCK, when
it should have been F_SETFL.  Did not present a problem because the
current user of this feature does writes and control messages only.

Test: gTest logd-unit-tests and check dmesg for logd content.
Bug: 32450474
Bug: 33242020
Change-Id: I23cb9a9be5ddb7e8e9c58c79838bc07536e766e6
2016-12-05 11:26:39 -08:00
Mark Salyzyn
62767fe29f init: service file keyword
Solve one more issue where privilege is required to open a file and
we do not want to grant such to the service. This is the service side
of the picture, android_get_control_file() in libcutils is the client.
The file's descriptor is placed into the environment as
"ANDROID_FILE_<path>".  For socket and files where non-alpha and
non-numeric characters in the <name/path> are replaced with _.  There
was an accompanying change in android_get_control_socket() to match
in commit 'libcutils: add android_get_control_socket() test'

Add a gTest unit test for this that tests create_file and
android_get_control_file().

Test: gTest init_tests --gtest_filter=util.create_file
Bug: 32450474
Change-Id: I96eb970c707db6d51a9885873329ba1cb1f23140
2016-11-03 13:34:26 -07:00
Jorge Lucangeli Obes
24b29132a0 init: Add support for ambient capabilities.
Ambient capabilities are inherited in a straightforward way across
execve(2):

"
If you are nonroot but you have a capability, you can add it to pA.
If you do so, your children get that capability in pA, pP, and pE.
For example, you can set pA = CAP_NET_BIND_SERVICE, and your
children can automatically bind low-numbered ports.
"

This will allow us to get rid of the special meaning for AID_NET_ADMIN
and AID_NET_RAW, and if desired, to reduce the use of file capabilities
(which grant capabilities to any process that can execute the file). An
additional benefit of the latter is that a single .rc file can specify
all properties for a service, without having to rely on a separate file
for file capabilities.

Ambient capabilities are supported starting with kernel 4.3 and have
been backported to all Android common kernels back to 3.10.

I chose to not use Minijail here (though I'm still using libcap) for
two reasons:

1-The Minijail code is designed to work in situations where the process
is holding any set of capabilities, so it's more complex. The situation
when forking from init allows for simpler code.

2-The way Minijail is structured right now, we would not be able to
make the required SELinux calls between UID/GID dropping and other priv
dropping code. In the future, it will make sense to add some sort of
"hook" to Minijail so that it can be used in situations where we want
to do other operations between some of the privilege-dropping
operations carried out by Minijail.

Bug: 32438163
Test: Use sample service.
Change-Id: I3226cc95769d1beacbae619cb6c6e6a5425890fb
2016-11-01 19:56:14 -04:00
Yabin Cui
1051e107f2 init: use libbootloader_message.
Bug: 29582118
Change-Id: I6285b29774a11d6dda8496c7c73e4c1d17a672bd
(cherry picked from commit 0b1252cca0)
2016-10-18 11:37:52 -07:00
Tao Bao
6d881d6db4 Update the header path for ext4_utils.
Test: `mmma system/core`

Change-Id: I6291d10d6c8d4972aeca55596baa83f555496193
2016-10-09 10:23:36 -07:00
Josh Gao
87ef590bc1 Merge "libcrypto_utils: convert to Soong."
am: c1a9a21ffe

Change-Id: I9cf76646d4537750c4d4080234d3384fb307e610
2016-08-08 18:33:49 +00:00
Josh Gao
47763c3a09 libcrypto_utils: convert to Soong.
Bug: http://b/30708454
Change-Id: Iaad64272ced766f87e67f2877e990afccc558065
2016-08-05 18:07:36 -07:00
Elliott Hughes
8d532e4737 resolve merge conflicts of cea1d04 to nyc-dev-plus-aosp
Change-Id: I41cdca717664a16f00fd1b28076dd752fa96653d
2016-06-06 21:19:55 -07:00