This helps to ensure that when a new system image is installed,
old userdata policy isn't applied over the top of it.
Bug: 8841348
Change-Id: I135af32250aa62979763e775842ce0af3c8b6f9f
This forces a policy reload + fixcon to deal with dynamically
delivered policy changing labels on device nodes.
It's implemented as a new keyword in init.
Bug: 8702843
Change-Id: I803cf1ecf6ff8318ce25dcc5cda4f292adc9738c
DBUS had been needed by bluetooth bluz stack. It is not needed after
we replaced bluez stack with bluedroid stack.
bug 6872904
Change-Id: I3fa41c1dd4ac80bc679d5950b3b20c7f6d12265f
Adding a new location for policy files under
/data, the new location is /data/security. The
new location is used before attempting to use
any other location.
This requires a new directory to be created by
the init script and an update to the location of
the property_contexts file for property service.
Change-Id: I955a722ac3e51fa6c1b97201b8bdef3f601cf09d
Adding a new location for policy files under
/data, the new location is /data/security. The
new location is used before attempting to use
any other location.
This requires a new directory to be created by
the init script and an update to the location of
the property_contexts file for property service.
Change-Id: I955a722ac3e51fa6c1b97201b8bdef3f601cf09d
goldfish is ported to linux-3.4 and have capability to run atrace.
But can't run atrace yet because debugfs is not mounted on boot time.
Change-Id: I0ce23bde3b8d1b2a88d4238272123e3ab8cb6970
Signed-off-by: Young-Ho Cha <ganadist@gmail.com>
Allow userspace programs to create IPPROTO_ICMP sockets.
This socket type allows an unprivileged program to safely
send ICMP_ECHO messages and receive the corresponding
ICMP_ECHOREPLY messages, without relying on raw sockets or
setuid programs.
Please see http://lwn.net/Articles/443051/ for details.
In particular, this allows us to use a version of ping
which doesn't have any capabilities
(https://android-review.googlesource.com/52072).
In addition, this allows us to safely implement an IPv4 ICMP
based version of InetAddress.isReachable()
(https://code.google.com/p/android/issues/detail?id=20106)
Change-Id: I876718151efa8219c4f34f573e35e21256fe2316
This can cause init to be stucked in a loop in very rare cases where
persist.sys.usb.config is set to "none" (because the "setprop
sys.usb.config none" action is added twice to the action list).
The original issue on encrypted devices has been fixed differently
by change # I350c5aab986f8ca86b95f316398d03012553e581
This reverts commit 80828af3de.
Change-Id: Id0a7af8dd861c8d10b80a13b540c8a339b432007
This will help get rid of android_aid.h in the kernel.
The group of the proc entries will be used in place of the default
values picked up by the xt_qtaguid netfilter module
(AID_NET_BW_STATS, AID_NET_BW_ACCT).
This change has no effect until the matching kernel changes are submitted.
Change-Id: I3c177e7b5caf9c59300eba6bd4a976634b333674
On encrypted devices, persistent properties are loaded after the device
is decrypted. To properly change sys.usb.config to its persistent value,
it must first be set to "none" and then to ${persist.sys.usb.config}.
Bug: 7678835
Change-Id: I4f91245cedc04e3178ce9cee21390f5b657733c9
