The code which triggers these events (via the SHELL_EXIT_NOTIFY_FD) are
only called from code which is already guarded by #if !ADB_HOST.
Change-Id: I184414f5e090c1f08ee117e4c8c434cd4a8b5221
When SELinux is in enforcing mode, any process executed by
init must have a domain transition defined. See
https://android-review.googlesource.com/108640 for details. This
prevents an executable spawned by init from remaining in init's
(very powerful) SELinux domain.
However, this is only enforced when SELinux is in enforcing mode.
During new device bringup, it's common to run an Android device
in globally permissive mode. In globally permissive mode, SELinux
denials are logged only, but otherwise ignored. If appropriate
SELinux domain transitions are not defined from init to init spawned
processes, this could cause misleading SELinux denials attributed
to init instead of the child process.
To help address these misleading denials, modify init to not spawn
processes unless a domain transition is defined. This essentially
enforces the rules in https://android-review.googlesource.com/108640
on both permissive and enforcing kernels.
While I'm here, change some "freecon()" calls to "free()", with the
long term goal of deleting freecon() entirely.
Change-Id: I3ef3a372bb85df61a3f6234cb1113cc25fc6506a
and run fsck with -f on clean shutdown instead.
With -f, fsck.f2fs always performs a full scan of the /data
partition regardless of whether the partition is clean or not.
The full scan takes more than 2 seconds on volantis-userdebug
and delays the OS boot.
With -a, the command does almost nothing when the partition
is clean and finishes within 20-30ms on volantis-userdebug.
When the partition has an error or its check point has
CP_FSCK_FLAG (aka "need_fsck"), the command does exactly the
same full scan as -f to fix it.
Bug: 21853106
Change-Id: I126263caf34c0f5bb8f5e6794454d4e72526ce38
We need to have partition.*.verified properties even when bootloader
is managing dm-verity mode, because we may have failed to set up the
verified partition and need a property to indicate this.
This means we still need to run fs_mgr_update_verity_state and walk
through all the partitions to verify the device mapper status, just
without updating verity mode.
Bug: 22489805
Change-Id: Iaf28185adb8b80e5452447e54e1f4e4417a34168
When launched with "-bootchart <timeout>", the Android emulator appends
"androidboot.bootchart=<timeout>" to the kernel command line, which
signals /init to start bootcharting. However, the current implementation
of bootchart_init() in init/bootchart.cpp does not parse the timeout
value correctly, preventing bootcharting to be enabled on the emulator.
This bug was introduced by commit 841b263 ("Further refactoring of the
bootchart code"). Fix it to honor the "androidboot.bootchart" trigger.
Change-Id: I221fe2c2f40a3a04bd478c3a083f7723bc309c8c
Signed-off-by: Yu Ning <yu.ning@intel.com>
system.img may contain the root directory as well. In that case, we
need to create some folders init.rc would during the build.
Change-Id: I312104ff926fb08d98ac8256b76d01b0a90ea5e5
This header pulls in glib dependencies which aren't used in these
codebases.
BUG=chromium:508218
TEST=trybots
Change-Id: Iecf8dfcdd8064b1feb694382eea55c3f0df572d3
Reviewed-on: https://chromium-review.googlesource.com/284053
Tested-by: Christopher Wiley <wiley@chromium.org>
Reviewed-by: Alex Vakulenko <avakulenko@chromium.org>
Commit-Queue: Christopher Wiley <wiley@chromium.org>
Trybot-Ready: Christopher Wiley <wiley@chromium.org>
"Logging.*" is not a good name.
Also remove unused function ReportDailyUse().
BUG=chromium:508535
TEST=it compiles
Change-Id: I070bada4857abd80989ecc746adcbf1dcf6239a3
Reviewed-on: https://chromium-review.googlesource.com/284610
Tested-by: Luigi Semenzato <semenzato@chromium.org>
Reviewed-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-by: Alexei Svitkine <asvitkine@chromium.org>
Commit-Queue: Luigi Semenzato <semenzato@chromium.org>
In isolatedProcess, the app_code_cache_dir is not needed
for native bridge. This commit allows native bridge to work
without a code cache in isolatedProcess.
Change-Id: I8580268d5ec6ca8d44e4500c3fafe10408e1e0d3
Signed-off-by: jgu21 <jinghui.gu@intel.com>
If the first read when dumping memory returns no data, skip ahead to
the next page boundary and try and read from there. This fixes a case
where the address at which to start dumping memory is unreadable, but
crosses back into readable memory.
Bug: 22234753
Change-Id: Ie28d5c027013577ca06f5396aba498366a3b6749
One of my build aliases doesn't play nice with USE_MINGW=1, so my build lied to me. Will revert until I fix it up.
This reverts commit 459df8f3a1.
Change-Id: I7905c5ae5ee85fb2d228ce63d81c79f140998c18
