- AID_SYSTEM can set persist.logd.size
- AID_SYSTEM can issue command to /dev/socket/logd to
change the runtime global log sizes.
- Add support for ro.logd.size.* as populated by BoardConfig.mk
- Limit size to maximum ~3% of physical memory.
Bug: 14563261
Bug: 14627052
Change-Id: I606420db2e9d9d032296e71149e4a5b20cbd1137
During boot, allow a property file to import properties from another
file. Supports importing the entire file, a specific key, or any
keys matching a specific prefix. Here's some example syntax:
import /oem/oem.prop
import /oem/oem.prop foo.*
import /oem/oem.prop foo.bar
Bug: 13340779
Change-Id: I867f9a10ca09684326675d9f051f5cf2ae171617
This cleans up most of the size-related problems in system/core.
There are still a few changes needed for a clean 64-bit build,
but they look like they might require changes to things like the
fastboot protocol.
Change-Id: I1560425a289fa158e13e2e3173cc3e71976f92c0
Add "gps." and "persist.gps." to property_perms white list.
Change-Id: I7177170676d774c87e08d1548f5264ac27cba3ff
Orig-Change-Id: I7a94caa26be4aefd2fe4f155908e2f8f09858bee
Signed-off-by: Nicolas SUET <nicolas.suet@intel.com>
Signed-off-by: jerome Pantaloni <jeromex.pantaloni@intel.com>
Signed-off-by: Jian Luo <jian.luo@intel.com>
Signed-off-by: Bruce Beare <bruce.j.beare@intel.com>
Signed-off-by: Jack Ren <jack.ren@intel.com>
Author-tracking-BZ: 118091
Add an optional argument to the socket option for specifying
a SELinux security context for the socket. Normally the socket
security context is automatically computed from the service security
context or set using the seclabel option, but this facility allows
dealing with two scenarios that cannot be addressed using the existing
mechanisms:
1) Use of logwrapper to wrap a service.
In this case, init cannot determine the service security context
as it does not directly execute it and we do not want logwrapper
to run in the same domain as the service.
2) Situations where a service has multiple sockets and we want to
label them distinctly.
Change-Id: I7ae9088c326a2140e56a8044bfb21a91505aea11
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
These properties are typically set at device provisioning time
or in the factory. They contain unit-specific data that isn't
touched by software updates or factory data reset. Only
read-only properties can be read by this mechanism.
Change-Id: Ifff9184f039072c3c0ce99f825c3075afb524514
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
bionic's __system_property_add() now expands the property area as needed
by mapping in more pages. Rather than duplicate the mapping code, move
it inside bionic and have bionic's __system_property_area_init() set up
the first page.
Signed-off-by: Greg Hackmann <ghackmann@google.com>
(cherry picked from commit f14eef0c3c)
Change-Id: Ieb94caab1527c71f2155efe3795490b0ea215a29
Currently, system properties are passed via the environment
variable ANDROID_PROPERTY_WORKSPACE and a file descriptor passed
from parent to child. This is insecure for setuid executables,
as the environment variable can be changed by the caller.
Make the /dev/__properties__ file accessible, so an app can
get properties directly from the file, rather than relying on
environment variables.
Preserve the environment variable for compatibility with pre-existing
apps.
Bug: 8045561
(cherry picked from commit 7ece0a862c)
Change-Id: I762da21ef4075f288745efed0ec7d16c2b71303c
bionic's __system_property_add() now expands the property area as needed
by mapping in more pages. Rather than duplicate the mapping code, move
it inside bionic and have bionic's __system_property_area_init() set up
the first page.
Change-Id: If9917d5f775c1a82eb89be55b84635395145ca49
Signed-off-by: Greg Hackmann <ghackmann@google.com>
Verify that the buffer passed as the value parameter to property_get
is always big enough.
(cherry picked from commit 88ac54a4e8)
Change-Id: Iacc2b42bfe4069e0bfcbb1c48474f30126a93139
Move the system property writer implementation into bionic to keep
it next to the reader implementation and allow for better testing.
(cherry picked from commit 9f5af63501)
Change-Id: Idf6100d1d0170751acd5163a22597912bff480f0
Move the system property writer implementation into bionic to keep
it next to the reader implementation and allow for better testing.
Change-Id: I9026e604109e30546b2849b60cab2e7e5ff00ba5
This forces a policy reload + fixcon to deal with dynamically
delivered policy changing labels on device nodes.
It's implemented as a new keyword in init.
Bug: 8702843
Change-Id: I803cf1ecf6ff8318ce25dcc5cda4f292adc9738c
Failing to set properties due to an exhausted pool leads
to difficult to debug problems. This change adds an
error log to make the situation a bit easier to handle.
Change-Id: Icc1d97a80882fb23e74428a0195f1d28dba68fa8
Move the responsibility for rebooting the system from the
reboot command to init. Init is in a better position to take
actions to bring the system down cleanly, including making sure
filesystems are mounted read-only.
The only UIDs which can perform an init triggered reboot are
root, system, and shell.
Modify the reboot command so that it calls into init to perform
the reboot. The reboot command no longer requires CAP_SYS_BOOT.
Remove the -n reboot option and code which supports it. Anyone needing
to do an unclean shutdown can just do a 'echo c > /proc/sysrq-trigger'.
Modify adb so that it calls into init to perform a shutdown.
Bug: 8646621
Change-Id: I84c0513acb549720cb0e8c9fcbda0050f5c396f5
Currently, system properties are passed via the environment
variable ANDROID_PROPERTY_WORKSPACE and a file descriptor passed
from parent to child. This is insecure for setuid executables,
as the environment variable can be changed by the caller.
Make the /dev/__properties__ file accessible, so an app can
get properties directly from the file, rather than relying on
environment variables.
Preserve the environment variable for compatibility with pre-existing
apps.
Bug: 8045561
Change-Id: If81e2b705eca43ddd8b491871aceff59c0e00387
Currently, system properties are passed via the environment
variable ANDROID_PROPERTY_WORKSPACE and a file descriptor passed
from parent to child. This is insecure for setuid executables,
as the environment variable can be changed by the caller.
Modify system property handling so that we get the properties
from a root owned properties file, rather than using an
environment variable.
Related to bug: 8029617
Change-Id: I18610128e11c4037ed6f4dec6eba20f69fa647eb
In "init: harden property service" patch, dirfd() is invoked
without checking whether opendir() return successfully. It may
fail if load_persistent_properties() is invoked before userdata
partition is mounted; then dirfd(NULL) will make init crash.
This may happen if "is_charger" is true.
Change-Id: I216fb743a3c9fa050f92fcb31b62e766346d84bb
Signed-off-by: Yi-wei Zhao <gbjc64@motorola.com>
Elliott Hughes