Adding a new location for policy files under
/data, the new location is /data/security. The
new location is used before attempting to use
any other location.
This requires a new directory to be created by
the init script and an update to the location of
the property_contexts file for property service.
Change-Id: I955a722ac3e51fa6c1b97201b8bdef3f601cf09d
Adding a new location for policy files under
/data, the new location is /data/security. The
new location is used before attempting to use
any other location.
This requires a new directory to be created by
the init script and an update to the location of
the property_contexts file for property service.
Change-Id: I955a722ac3e51fa6c1b97201b8bdef3f601cf09d
When using device tree, platform devices may not have a
/devices/platform/ path prefix, but can be rooted in
/devices/.
Modify the platform device tracking code to store the device
path as well as the name. This way, when we create symlinks, we
can correctly skip the base platform device prefix and get to the
proper device node path.
Change-Id: I939ef8fbcb45c5c803cd9a054e40136a912efc72
Signed-off-by: Dima Zavin <dima@android.com>
This logic has been moved to platform/frameworks/base commit
8a0a929422682ba3eb6a205dc6c0638e68b909de and is no longer needed
here.
This reverts commit 01b1dee0ab.
When using device tree, platform devices may not have a
/devices/platform/ path prefix, but can be rooted in
/devices/.
Modify the platform device tracking code to store the device
path as well as the name. This way, when we create symlinks, we
can correctly skip the base platform device prefix and get to the
proper device node path.
Change-Id: I939ef8fbcb45c5c803cd9a054e40136a912efc72
Signed-off-by: Dima Zavin <dima@android.com>
Property triggers may cause an action to be queued twice, resulting
in a loop in the action queue. Keep actions that are not on the queue
in the list_empty state (act->qlist->next == act->qlist), and only
add them to the list if they are in that state.
Bug: 8335133
Change-Id: I3a3ec18176cf19cbaa3a45220a03c7560eacfe79
This reverts commit 87980b5c9f
Getting more reports of app crashes (e.g. 7990090), so given timeline for MR2, want to revert.
Change-Id: Ic2d101d2d1156b3864d5c9b88aa8c94cd5aa345f
# By Stephen Smalley
# Via Android Git Automerger (1) and others
* commit '7480c0079d8c7fcfd5b3d9decfdabfebde162781':
Label sockets consistently with the seclabel value if specified.
Currently, system properties are passed via the environment
variable ANDROID_PROPERTY_WORKSPACE and a file descriptor passed
from parent to child. This is insecure for setuid executables,
as the environment variable can be changed by the caller.
Make the /dev/__properties__ file accessible, so an app can
get properties directly from the file, rather than relying on
environment variables.
Preserve the environment variable for compatibility with pre-existing
apps.
Bug: 8045561
Change-Id: If81e2b705eca43ddd8b491871aceff59c0e00387
Currently, system properties are passed via the environment
variable ANDROID_PROPERTY_WORKSPACE and a file descriptor passed
from parent to child. This is insecure for setuid executables,
as the environment variable can be changed by the caller.
Modify system property handling so that we get the properties
from a root owned properties file, rather than using an
environment variable.
Related to bug: 8029617
Change-Id: I18610128e11c4037ed6f4dec6eba20f69fa647eb
As it turns out, no, 64K is not enough. A device provisioning
tool was generating many uevents as it manipulated the GPT,
causing events near the end of the process (including events
as a result of the final BLKRRPART ioctl()) to get lost.
It's not clear what the best value for this should be, but
increasing to 256K fixed the problem in this case.
Change-Id: I4883b34e96c89e8a6fa581bc9cd121bb021b5694
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Change setsebool syntax from name=value to name value.
This is to make it consistent with setprop and similar commands.
Update both the init built-in command and the toolbox command
for consistency.
Change-Id: I2c8e016ba26731c4a2ad4a49ae3b89362bf8f8a8
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
This is necessary to ensure that the adbd socket is created in the
adbd domain rather than the init domain.
Change-Id: Id4997d7f074aeefea62b41c87b46a6609e03f527
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
In "init: harden property service" patch, dirfd() is invoked
without checking whether opendir() return successfully. It may
fail if load_persistent_properties() is invoked before userdata
partition is mounted; then dirfd(NULL) will make init crash.
This may happen if "is_charger" is true.
Change-Id: I216fb743a3c9fa050f92fcb31b62e766346d84bb
Signed-off-by: Yi-wei Zhao <gbjc64@motorola.com>
Some Android programs have problems with memory which grows
from the top down. Temporarily set ADDR_COMPAT_LAYOUT to
avoid breaking those programs.
Bug: 7188322
Change-Id: I61760500e670b4563838c63b82d4a0b6e354a86e
* commit 'e3bdaeb603ab7ac941b35b41856c6b8ebf47c6bb':
Use sigemptyset to initialise signal mask as it is more portable. Referencing sa_restorer fails on MIPS
On first boot, the directory is created with root:root ownership and
then chowned. chown clears the ISUID and ISGID bits, so we need to chmod
the directory again after chown.
Change-Id: I02dfe7a19a637678256b4e7cc09e6b5431e6f11e
