Commit graph

1014 commits

Author SHA1 Message Date
Greg Hackmann
40a96e4ba0 init.rc: add missing /dev/fd symlink
The Linux kernel implicitly expects /dev/fd to symlink to /proc/self/fd.

This change fixes the exec/execveat.c kernel selftest.

Change-Id: Ia08d50023336fdbfc098527299c326d9d59039a9
Signed-off-by: Greg Hackmann <ghackmann@google.com>
2016-02-01 10:02:19 -08:00
Kevin Cernekee
fa432b0e2f Merge "ueventd.rc: Document the different rule formats for /dev and /sys nodes" 2016-01-26 23:44:56 +00:00
Nick Kralevich
27cb410352 init.rc: mix device-specific data into the Linux RNG
Mix the contents of /proc/cmdline and /default.prop
into /dev/urandom. /proc/cmdline often contains
androidboot.serialno, a device-specific unique
identifier. Similarly, /default.prop contains the
build fingerprint and timestamp, which vary between
device families.

Change-Id: I8803b38c7089b2a1217b99a7c1808b29a3b138cf
2016-01-22 19:58:21 -08:00
Yu Ning
c1149ff0c3 init.rc: Reland "mkdir /data/misc/vold"
Creation of /data/misc/vold was first introduced by commit 25775e8. It
then got reverted, probably inadvertently, by:

 commit 2e24bcfdce
 Author: Paul Lawrence <paullawrence@google.com>
 Date:   Fri May 22 18:31:55 2015 +0000

     Revert "Set up crypto for user directories in init."

This folder is required by vold. In its absence, if one tries to format
an SD card as internal storage, an error will occur, with the following
message printed to logcat:

 01-08 06:31:48.389  1002  1069 E vold    : Failed to persist key

Restoring /data/misc/vold fixes this bug.

This fix has been verified on the emulator, which currently does not
allow its virtual SD card to be adopted, but another CL will be uploaded
to enable that.

Change-Id: Ibb87ee821630a038a6f9b7b6a9da50fe03ca690d
Signed-off-by: Yu Ning <yu.ning@intel.com>
2016-01-08 14:51:32 +08:00
Pavlin Radoslavov
17d80c84e1 Use GID "wakelock" to control access to kernel wakelock
* Added new kernel GID named "wakelock" (AID_WAKELOCK = 3010)
* Changed the group access for /sys/power/wake_lock and
  /sys/power/wake_unlock from "system" to "wakelock"
* Added "wakelock" to the list of groups for the healthd process/service

Bug: 25864142
Change-Id: Ieabee9964cccec3107971a361a43aa9805164aa9
2015-12-28 14:57:28 -08:00
Tao Bao
df13f60ce0 Merge "rootdir: Execute update_verifier for A/B update." 2015-12-09 19:50:31 +00:00
Nick Kralevich
070288241d Merge "init.rc: restorecon_recursive /sys/kernel/debug"
am: 6d85c06aa1

* commit '6d85c06aa1600e905cf3e0b093e939fa3866ee59':
  init.rc: restorecon_recursive /sys/kernel/debug
2015-12-08 04:48:06 +00:00
Nick Kralevich
715c4dc3f9 init.rc: restorecon_recursive /sys/kernel/debug
If /sys/kernel/debug is present, make sure it has all the appropriate
SELinux labels.

Labeling of /sys/kernel/debug depends on kernel support
added in commit https://android-review.googlesource.com/122130

This patch depends on an external/sepolicy change with the
same Change-Id as this patch.

Change-Id: Id1d6a9ad6d0759d6de839458890e8cb24685db6d
2015-12-07 17:00:40 -08:00
Tao Bao
97df395683 rootdir: Execute update_verifier for A/B update.
update_verifier verifies the updated partitions and marks the current
slot as having booted successfully. It needs to be triggered prior to
the start of the framework, otherwise it won't be able to fall back to
the old system without a data wipe.

Bug: 26039641
Change-Id: I6fd183cdd3dfcc72feff2a896368158875b28591
2015-12-07 16:23:13 -08:00
Junichi Uekawa
ef7197eefa Merge "Fix non-vendor.img configuration."
am: 1337349ea1

* commit '1337349ea11a6bb5c44ba5c5bb064c750bd626c5':
  Fix non-vendor.img configuration.
2015-11-17 03:36:23 +00:00
Junichi Uekawa
07b69961f2 Fix non-vendor.img configuration.
If / is not write-able and system.img contains system/vendor, symlink
for `/vendor/ -> /system/vendor/` that is otherwise done in init.rc
should be done at build time.

BUG=b:25512724

Change-Id: Iaa63d6440373a4fd754a933c9f1960b3787a6d98
2015-11-17 11:20:21 +09:00
Calin Juravle
2a095e186b Merge "Don\'t create profiles directory under dalvik-cache."
am: 942f8ea84f

* commit '942f8ea84f3f96c2e2556fe90ebba0ec76730553':
  Don't create profiles directory under dalvik-cache.
2015-11-16 11:21:48 +00:00
Calin Juravle
942f8ea84f Merge "Don't create profiles directory under dalvik-cache." 2015-11-16 11:08:46 +00:00
Calin Juravle
5d1a9688b8 Merge "Create a folder to store method traces activated with -Xmethod-trace"
am: 7605a56fbc

* commit '7605a56fbcf5706b6e2892da9d9dc0fd20efb395':
  Create a folder to store method traces activated with -Xmethod-trace
2015-11-11 18:12:03 +00:00
Calin Juravle
9b3e5d59fe Create a folder to store method traces activated with -Xmethod-trace
Bug: 25612377
Change-Id: I370b858594ccc88c12099b23a0d1aac22acd4969
2015-11-10 21:26:40 +00:00
Nick Kralevich
ea8452cc72 Merge "Enable hidepid=2 on /proc"
am: 2d8f1d4c47

* commit '2d8f1d4c478b9d921730d3fc9b290315e2ff9f04':
  Enable hidepid=2 on /proc
2015-11-09 20:29:44 +00:00
Nick Kralevich
c39ba5ae32 Enable hidepid=2 on /proc
Add the following mount options to the /proc filesystem:

  hidepid=2,gid=3009

This change blocks /proc access unless you're in group 3009
(aka AID_READPROC).

Please see
  https://github.com/torvalds/linux/blob/master/Documentation/filesystems/proc.txt
for documentation on the hidepid option.

hidepid=2 is preferred over hidepid=1 since it leaks less information
and doesn't generate SELinux ptrace denials when trying to access
/proc without being in the proper group.

Add AID_READPROC to processes which need to access /proc entries for
other UIDs.

Bug: 23310674
Change-Id: I22bb55ff7b80ff722945e224845215196f09dafa
2015-11-09 09:08:46 -08:00
Calin Juravle
933bc0a3d1 Don't create profiles directory under dalvik-cache.
Bug: 24698874
Bug: 17173268
Change-Id: Ic81258a8df90818fa6b4ee64fd1507ac18fe3f04
2015-11-04 14:59:41 +00:00
Bill Yi
1ec36aaeb0 Merge commit 'f85d6cd8045ce933dfdc19bc888228cd9382e48c' into HEAD 2015-11-03 14:30:40 -08:00
Daniel Rosenberg
64ea814c31 Merge "rootdir: Allow board specific folders and symlinks in root directory"
am: 6e699df21e

* commit '6e699df21e1b08aa2e9eb18ef1c44788549ae8ed':
  rootdir: Allow board specific folders and symlinks in root directory
2015-11-02 21:58:22 +00:00
Daniel Rosenberg
52b5915945 rootdir: Allow board specific folders and symlinks in root directory
Building without ramdisk requires a way to specify board specific
directoryies and symlinks in the root directory at build time.

Change-Id: I11301e98228bc4761f3aee177a546146651b9f25
(cherry picked from commit d7549c9a65cad886f672af41f5fca6f0bd0c12fa)
2015-11-02 12:47:46 -08:00
Evgenii Stepanov
ec6ff936b0 Merge "Disable container overflow detect on target." am: 151e49726b
am: 5562351b50

* commit '5562351b50fbbcda030ddfffcb3b2dbef82bcdc9':
  Disable container overflow detect on target.
2015-10-23 22:14:52 +00:00
Evgenii Stepanov
5562351b50 Merge "Disable container overflow detect on target."
am: 151e49726b

* commit '151e49726bf743bfbd7e44695f9d673735e62119':
  Disable container overflow detect on target.
2015-10-23 22:10:27 +00:00
Evgenii Stepanov
151e49726b Merge "Disable container overflow detect on target." 2015-10-23 22:03:52 +00:00
Evgenii Stepanov
f3009f21d5 Disable container overflow detect on target.
Container overflow annotations may cause false positives in partially
instrumented binaries.

Bug: 25228125, 25212198
Change-Id: Ic587d41698c02e306dece4ad7c6a2a8810c52dbd
2015-10-23 14:57:47 -07:00
Tim Murray
538697b315 Reorder init.rc to avoid a kernel warning. am: f429d37807
am: e56b566401

* commit 'e56b566401aad8e7175306b2969f78baa0b8f9c6':
  Reorder init.rc to avoid a kernel warning.
2015-10-20 22:14:47 +00:00
Tim Murray
f429d37807 Reorder init.rc to avoid a kernel warning.
3.18 has a warning in dmesg that appears when the parent cpuset's cpus
and mems are changed to something other than what the child has. Reorder
init.rc to prevent this warning from appearing.

bug 24941443

Change-Id: I49d8394063b23dce03222dcc9ddccdc32bb97ea2
2015-10-15 12:38:15 -07:00
Nick Kralevich
281071435a am 9e27cab6: Merge "init.rc: Disable sysrq from the keyboard"
* commit '9e27cab695b0e2a4910cf576d306a3379991f1f7':
  init.rc: Disable sysrq from the keyboard
2015-10-10 00:38:18 +00:00
Nick Kralevich
d28a535d9a init.rc: Disable sysrq from the keyboard
Don't allow the accidental triggering of sysrq functionality
from the keyboard. The only expected use of sysrq functionality
is via /proc/sysrq-trigger

Please see https://www.kernel.org/doc/Documentation/sysrq.txt for
additional information on /proc/sys/kernel/sysrq

Bug: 13435961
Change-Id: I60dc92a4b2b4706e8fa34a6cead9abd449f7375f
2015-10-09 17:09:10 -07:00
David Zeuthen
8c06f8ccd4 am 10bb4e51: Merge "init.rc: mkdir /data/misc/update_engine 0700 root root"
* commit '10bb4e5161ecca1a9660d1e5967b3fb5e7662839':
  init.rc: mkdir /data/misc/update_engine 0700 root root
2015-10-07 20:29:00 +00:00
David Zeuthen
10bb4e5161 Merge "init.rc: mkdir /data/misc/update_engine 0700 root root" 2015-10-07 20:18:36 +00:00
David Zeuthen
159147853e init.rc: mkdir /data/misc/update_engine 0700 root root
Ensure that /data/misc/update_engine exists since it will be referenced
by selinux policy.

Bug: 23186405
Change-Id: I96e4ff341086da6474ef7f7c934f1f35bffc1439
2015-10-07 14:00:55 -04:00
Mark Salyzyn
936d65f59b am cb2ab20d: am 87122ce1: Merge "logd: increase dgram_max_qlen to 600"
* commit 'cb2ab20d480cdf488e5b5bf37dc55ca7f0ddee67':
  logd: increase dgram_max_qlen to 600
2015-09-28 15:54:05 +00:00
Mark Salyzyn
cb2ab20d48 am 87122ce1: Merge "logd: increase dgram_max_qlen to 600"
* commit '87122ce1d60dd6fbc18e747d976db734d502f2bf':
  logd: increase dgram_max_qlen to 600
2015-09-28 15:50:02 +00:00
Mark Salyzyn
39944c89a9 logd: increase dgram_max_qlen to 600
Seeing liblog messages on system_server runtime restart
(too much system_server spam, 566 messages in 72ms)

Bug: 23788621
Change-Id: I5171f2c19a3538da190fc6c2b40e978d89bf0e20
2015-09-25 14:15:53 +00:00
Tom Cherry
984bd8323d resolved conflicts for 5caca3dd to mnc-dr-dev-plus-aosp
Change-Id: I773e514a8232b77cdd566dc36c9efc4e15f206f0
2015-09-21 14:25:34 -07:00
Evgenii Stepanov
fbaaddc588 am 19584247: am ee08fb53: Merge "asan: update condition to work with multiple SANITIZE_TARGET values."
* commit '195842474a6722fdf2d967446b81d8accbd4648c':
  asan: update condition to work with multiple SANITIZE_TARGET values.
2015-09-18 20:41:46 +00:00
Evgenii Stepanov
195842474a am ee08fb53: Merge "asan: update condition to work with multiple SANITIZE_TARGET values."
* commit 'ee08fb53bb59cb5037755d68de09e6e5bc3f8bc6':
  asan: update condition to work with multiple SANITIZE_TARGET values.
2015-09-18 20:31:52 +00:00
Tim Murray
cba6ad7449 add system-background cpuset
add a new cpuset for system services that should not run on
larger cores

bug 24144797

Change-Id: I21a54f0d6b46b3b8bd8c4564b8685c88cfc4a57d
2015-09-18 13:18:49 -07:00
Ivan Krasin
5039d8cd21 asan: update condition to work with multiple SANITIZE_TARGET values.
The goal is to enable SANITIZE_TARGET='address coverage', which
will be used by LLVMFuzzer.

Bug: 22850550
Change-Id: Iea756eaaedaa56aee4daf714510269efe3aaa553
2015-09-18 11:59:46 -07:00
Badhri Jagan Sridharan
4c96af5e5a am c939c61c: am a6c377b2: init: usb: Add configfs commands for USB gadget
* commit 'c939c61c71559271cbbd2c046e35e8a97b501b07':
  init: usb: Add configfs commands for USB gadget
2015-09-10 00:50:43 +00:00
Badhri Jagan Sridharan
a6c377b2f6 init: usb: Add configfs commands for USB gadget
Adds init support for:
accessory
audio_source
midi
adb
rndis

Bug=23633457

Change-Id: I12e68e25969adafcf3170769f91ae939d08b7dbc
2015-09-08 20:13:37 -07:00
Vincent Palatin
2a0481109b am 100de590: am 5e294902: Merge "init.usb.rc: fix USB typec property names" into mnc-dr-dev
* commit '100de590e7f82e1039eebc10e60ea554deeb1c3f':
  init.usb.rc: fix USB typec property names
2015-09-04 20:06:28 +00:00
Tom Cherry
4bc10de99f am cd1a65b6: am 30c13c49: Merge "move uncrypt from init.rc to uncrypt.rc"
* commit 'cd1a65b69ad2da81e654adab8edeead457a1b1f5':
  move uncrypt from init.rc to uncrypt.rc
2015-09-04 18:02:34 +00:00
Tom Cherry
c74403b4c9 am b00a8a06: am e8b0fcec: Merge "combine adbd.rc with init.usb.rc"
* commit 'b00a8a066f5b6ae5b8d0c03ee7f680389b38a260':
  combine adbd.rc with init.usb.rc
2015-09-04 18:02:32 +00:00
Tom Cherry
cd1a65b69a am 30c13c49: Merge "move uncrypt from init.rc to uncrypt.rc"
* commit '30c13c4954a959c2e6c5ba126f26d88b2e56be61':
  move uncrypt from init.rc to uncrypt.rc
2015-09-04 17:56:27 +00:00
Tom Cherry
b00a8a066f am e8b0fcec: Merge "combine adbd.rc with init.usb.rc"
* commit 'e8b0fcecf4a17cf37b5fefbcceef0920788f776e':
  combine adbd.rc with init.usb.rc
2015-09-04 17:56:25 +00:00
Tom Cherry
30c13c4954 Merge "move uncrypt from init.rc to uncrypt.rc" 2015-09-04 16:51:30 +00:00
Tom Cherry
008eb9b80a move uncrypt from init.rc to uncrypt.rc
Move uncrypt from /init.rc to /system/etc/init/uncrypt.rc using the
LOCAL_INIT_RC mechanism

Bug 23186545

Change-Id: Ibd838dd1d250c0e6536e44b69f11fb5ed42ba10b
2015-09-03 16:33:08 -07:00
Tom Cherry
2270dbbc84 combine adbd.rc with init.usb.rc
init.usb.rc and adbd.rc contain similar contents and belong in the same
file.

This file also belongs on the ramdisk as adbd is on the ramdisk, not the
system partition, therefore resolving to keep init.usb.rc in its current
location and combining the contents of adbd.rc is the best approach

Change-Id: I430f8fea58694679e7b8b7be69ce87daadd616f4
2015-09-03 16:19:04 -07:00