If checkreqprot == 1, SELinux only checks the protection flags passed
by the application, even if the kernel internally adds PROT_EXEC for
READ_IMPLIES_EXEC personality flags. Switch to checkreqprot == 0
to check the final protection flags applied by the kernel.
Change-Id: Ic39242bbbd104fc9a1bcf2cd2ded7ce1aeadfac4
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
This allows it to be permissive in userdebug/eng builds
but confined/enforcing in user builds.
Change-Id: Ie322eaa0acdbefea2de4e71ae386778c929d042b
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
* changes:
libion: update to latest uapi header
libion: return -errno from ion_close
libion: add include for size_t
libion: add NULL checks
libion: clean up whitespace
libion: move ion.h into local include directory
Pull the uapi headers from android-3.10 directly into libion.
No other modules should be directly calling ion kernel
interfaces, so there is no reason to have those interfaces
exposed.
Change-Id: I2d3fef08f6bb381522ecf7bcffea2b8280d5e737
- Replacing struct ion_handle * with ion_user_handle_t
- Replacing heap_mask field name with heap_id_mask
Change-Id: Iaba1ccc62b9398a7b37c5a734bc21a9ecbbc8277
On devices with an up-to-date kernel, the back-in-time bug affecting
clock_gettime() has been fixed and it can safely be used as an
alternative to the ANDROID_ALARM_GET_TIME ioctl. To ensure consistent
behavior on existing devices, make clock_gettime() a fallback for when
the alarm driver isn't available.
Change-Id: I384af5e7ec9e73e0bad4b6b0f987a8ea4583cba6
Signed-off-by: Greg Hackmann <ghackmann@google.com>
Use uintptr_t instead of uint32_t when pointer is cast
to an integer type.
Change-Id: I03dd4c7ff66611661af466dfb7b393d461bb2d7d
Signed-off-by: Ashok Bhat <ashok.bhat@arm.com>
handle_packet() in adb.c didn't check that when an A_WRTE packet is
received, the sender's local-id matches the socket's peer id.
This meant that a compromised adbd server could sent packets to
the host adb server, spoofing the identity of another connected
device if it could "guess" the right host socket id.
This patch gets rid of the issue by enforcing even more checks
to ensure that all packets comply with the description in
protocol.txt.
+ Fix a bug where closing a local socket associated with a
remote one would always send an A_CLSE(0, remote-id, "")
message, though protocol.txt says that should only happen
for failed opens.
The issue was that local_socket_close() called
remote_socket_close() after clearing the remote socket's
'peer' field.
The fix introduces a new asocket optional callback,
named 'shutdown' that is called before that, and is
used to send the A_CLSE() message with the right ID
in remote_socket_shutdown().
Also add some code in handle_packet() to detect
invalid close commands.
Change-Id: I9098bc8c6e81f8809334b060e5dca4fc92e6fbc9
The files in zoneinfo changed from system_data_file to
zoneinfo_data_file. Fixup pre-existing files.
Change-Id: Idddbd6c2ecf66cd16b057a9ff288cd586a109949
We would always write uncompressed data at offset 0 instead
of the current filedescriptor offset.
Also adds a unit-test & a clarifying comment on the API.
Change-Id: If44757e96dde504ce63d81b4dec7115fc6f6d5fb
See the comment-block at the top of Aarch64Assembler.cpp
for overview on how AArch64 support has been implemented
In addition, this commit contains
[x] AArch64 inline asm versions of gglmul series of
functions and a new unit test bench to test the
functions
[x] Assembly implementations of scanline_col32cb16blend
and scanline_t32cb16blend for AArch64, with unit
test bench
Change-Id: I915cded9e1d39d9a2a70bf8a0394b8a0064d1eb4
Signed-off-by: Ashok Bhat <ashok.bhat@arm.com>
GGLAssembler assumes addresses to be 32-bit and uses ARM 32-bit
instructions to load/store/manipulate addresses. To support, 64-bit
architectures, following changes has been done
1. ARMAssemblerInterface has been extended to support four new
operations ADDR_LDR, ADDR_STR, ADDR_SUB, ADDR_ADD. Base class
implements these virtual functions to use 32bit equivalent
function. This avoids existing 32-bit Assembler backend
implementations like ARMAssembler and MIPSAssembler from
mapping the new functions to existing equivalent routines.
This also allows 64-bit Architectures like AArch64 to override
the function in their assembler backend implementations.
2. GGLAssembler code (spread over GGLAssembler.cpp, GGLAssembler.h
and texturing.cpp) has been changed to use the new operations
for address operations.
Change-Id: I3d7eace4691e3e47cef737d97ac67ce6ef4fb18d
Signed-off-by: Ashok Bhat <ashok.bhat@arm.com>
Pixelflinger's code makes assumptions, at certain places,
that pointers can be stored as ints. This patch makes use
of uintptr_t wherever pointers are stored as int or cast
to int.
Change-Id: Ie76f425cbc82ac038a747f77a95bd31774f4a8e8
Signed-off-by: Ashok Bhat <ashok.bhat@arm.com>
We don't need a warning if an entry isn't found in a zip
file. It can happen as part of normal operation.
Change-Id: I86c132a040371f36f0dd981b49c02b3173821439
