Commit Graph

933 Commits

Author SHA1 Message Date
Dmitriy Ivanov 1e2bec489c resolved conflicts for merge of 3f95c89d to lmp-dev-plus-aosp
Change-Id: I5184dcfa91a11a210c60e60a4fffc26d2c9f116f
2014-10-14 10:50:59 -07:00
Riley Andrews 49d1ba1743 am d1380d64: am 33b33549: Merge "Make the default cgroup, the foreground cgroup." into lmp-mr1-dev
* commit 'd1380d645de163d34a6e590f82eb0ee40d51f408':
  Make the default cgroup, the foreground cgroup.
2014-10-08 20:55:04 +00:00
Dmitriy Ivanov c9f9f35efa Remove libsigchain from LD_PRELOADs
Bug: 15345057
Bug: 15426766
Change-Id: If0b7f59a59824e30aa0c33dad76c7a44932180de
2014-10-07 13:39:02 -07:00
Riley Andrews 522d72b702 Make the default cgroup, the foreground cgroup.
All kernel services will now be in the same cgroup as
foreground applications. This will now make kernel threads
not implicitly higher priority than android foreground
services.

Bug 17681097

Change-Id: I28e81c7aade50428d5395df86f00ce01c1e7af02
2014-10-07 19:24:54 +00:00
Mike Lockwood 157e3a4b22 am 6ee5d62a: am 67479c97: am 24e3e831: am 7569b7b3: Merge "Add bootanimation to audio group so it can play boot sound" into lmp-dev
* commit '6ee5d62ac00fa00d7b86072a7f19d58582a05d18':
  Add bootanimation to audio group so it can play boot sound
2014-10-06 19:48:28 +00:00
Mike Lockwood 7569b7b39f Merge "Add bootanimation to audio group so it can play boot sound" into lmp-dev 2014-10-06 18:40:46 +00:00
Mike Lockwood 7e58899bcf Add bootanimation to audio group so it can play boot sound
Bug: 17674304

Change-Id: I5d31bc024fa36fedac2c0ba5c4a8b100937183ad
2014-10-02 16:22:43 -07:00
Jesse Hall ca8079fd05 am 9ef98912: am 5a9d721b: am 10b13131: am c263e671: Merge "init.trace.rc: fix race condition with class_start core" into lmp-dev
* commit '9ef989128059ce840178b8f19cde1183d32d9cee':
  init.trace.rc: fix race condition with class_start core
2014-10-02 21:35:37 +00:00
Fred Fettinger 331a939bf8 init.trace.rc: fix race condition with class_start core
The systrace permissions from init.trace.rc and the "class_start core"
which launches surfaceflinger are both in an "on boot" section. However,
the init.trace.rc commands are parsed after all commands in init.rc.
This means that "class_start core" is executed before the chmod command
which allows processes to write to trace_marker. If any services
execute their first trace command before the chmod occurs, then that
service won't be able to write traces until the service is restarted.

To fix this, run all of the init.trace.rc commands in the "early-boot"
section to ensure they are completed first.

Bug: 17612265
Change-Id: Ibf544762173d5ba98272c66ef485d8eab7d70bf3
2014-10-01 12:29:29 -07:00
Badhri Jagan Sridharan da0500426f am 37441496: am 97b536f1: init.usb.rc: Change product id to for add only config
* commit '374414967a294db75c2706e691ba8b9af9aa1acb':
  init.usb.rc: Change product id to for add only config
2014-09-05 23:04:27 +00:00
Badhri Jagan Sridharan 97b536f1fb init.usb.rc: Change product id to for add only config
Change product id from D002 to 4EE7 when adb is the
only supported function

Change-Id: I8f6bcb9a1dc5ea6da0493a2dd730f9ac1f0bed24
2014-09-05 12:33:46 -07:00
Brian Carlstrom 074fc3ddfb am 68e0d185: am 24d2adba: am 188d4396: Merge "Change /dalvik-cache to be owned by root."
* commit '68e0d185f4640a8e1dc7b6d1aad17b51a802de37':
  Change /dalvik-cache to be owned by root.
2014-08-29 11:56:57 +00:00
Brian Carlstrom 68e0d185f4 am 24d2adba: am 188d4396: Merge "Change /dalvik-cache to be owned by root."
* commit '24d2adba7a2f9caa82a88be70ad2fe7397ab310a':
  Change /dalvik-cache to be owned by root.
2014-08-29 11:39:17 +00:00
Alex Light c692410e16 Change /dalvik-cache to be owned by root.
Bug: 16875245

(cherry picked from commit 3878ebd724)

Change-Id: I29a70215a2207bc4e0db02ab751d32a68edf4b66
2014-08-28 16:56:36 -07:00
Alex Light 3878ebd724 Change /dalvik-cache to be owned by root.
Bug: 16875245

Change-Id: I29a70215a2207bc4e0db02ab751d32a68edf4b66
2014-08-27 15:42:19 -07:00
Andres Morales 22b27ad718 am c28be8be: am 314313a9: Move bootanim and surfaceflinger to class core
* commit 'c28be8be68a55a50f20b42101f0f33d558f8a548':
  Move bootanim and surfaceflinger to class core
2014-08-26 23:04:48 +00:00
Andres Morales 314313a991 Move bootanim and surfaceflinger to class core
They have no dependencies on /data so can be started early.
This permits us to unmount /data while bootanimation is running,
allowing an uninterrupted first boot encryption sequence.

Bug: 17260550
Change-Id: I323fe23e8cf488d8bc136387efdd9fcea96625eb
2014-08-26 20:09:10 +00:00
Paul Lawrence ad5b54aa64 am a95e10fe: am a005e779: Merge "Enable not rebooting during default encryption" into lmp-dev
* commit 'a95e10fe3187d1dd3fbbd01d6653d7d9c2f9fc4d':
  Enable not rebooting during default encryption
2014-08-26 10:07:27 +00:00
Paul Lawrence a005e7795e Merge "Enable not rebooting during default encryption" into lmp-dev 2014-08-25 20:28:36 +00:00
Paul Lawrence c23074f386 Enable not rebooting during default encryption
Need to not set this property) during mount, since it can't
be changed later (ro property)

Also no reason to start class main on encryption cycle - we'll
show surfaceflinger, which is enough UI for this short cycle.

Bug: 17041092
Change-Id: Ica5339c54e45716d0fe20e23c0ab857f388d23ed
2014-08-25 19:24:10 +00:00
Robert Greenwalt 82b76249fb Remove obsolete tcp buffer size system properties.
Change-Id: If6fb6fdcf8975e6102e84594ee3f64a5be6166f6
2014-08-17 15:17:00 -07:00
Michael Wright 4fe327b902 Merge "Remove inputflinger from init. DO NOT MERGE" into lmp-dev 2014-08-16 03:51:48 +00:00
Michael Wright 1de92cffc7 Remove inputflinger from init. DO NOT MERGE
Change-Id: I6ae2815a0c3f6b9c69e712af3ed6ce9d455ef3d3
2014-08-19 13:02:47 -07:00
Narayan Kamath 1fabc35cb5 Export the new system_server classpath.
bug: 16555230

Change-Id: I99d2d219b5bd6dc4807cb53e44dc5715cc0815b3
2014-08-07 15:32:07 +01:00
Riley Andrews 67cb1aeaa5 Remove the /dev/.booting file before triggering boot.
On mako only, there is a race condition such that
core + main services must be started after releasing
ueventd (by removing /dev/.booting).

bug 16304711
bug 16333352
2014-07-22 00:23:30 -07:00
Riley Andrews d721f5fc21 Remove the /dev/.booting file before triggering boot.
On mako only, there is a race condition such that
core + main services must be started after releasing
ueventd (by removing /dev/.booting).

bug 16304711
bug 16333352
2014-07-16 03:59:53 +00:00
Riley Andrews 80c7a5e8a8 Move unlink("/dev/.booting") until after filesystems are mounted.
Move the unlink out of init.c and into init.rc, so that the file
will be removed after all the filesystems with firmware are up.

Change-Id: Ifdd5dd1e95d7e064dde5c80b70198882d949a710
2014-07-14 13:17:43 -07:00
Riley Andrews 9464e5a58d Move unlink("/dev/.booting") until after filesystems are mounted.
Move the unlink out of init.c and into init.rc, so that the file
will be removed after all the filesystems with firmware are up.

Change-Id: I7442df2042cc2788d0301f00e3c2fba7d6e0e1c7
2014-07-11 15:47:15 -07:00
Nick Kralevich ee0388e768 am f89ddf76: am d05245a4: am c87237f5: Merge "restorecon_recursive /cache"
* commit 'f89ddf76f9e3c10af9002cdb0d9b8eadcd59bf15':
  restorecon_recursive /cache
2014-07-09 20:03:29 +00:00
Nick Kralevich f89ddf76f9 am d05245a4: am c87237f5: Merge "restorecon_recursive /cache"
* commit 'd05245a4b10044670ed8456c5c869490fd90583f':
  restorecon_recursive /cache
2014-07-09 20:01:02 +00:00
Sreeram Ramachandran b12e40da25 am 0a7b44d5: am ab98d2e6: Merge "Create a data directory for netd and other network-related files."
* commit '0a7b44d55b9e9d038de390457246ec7fd0999cad':
  Create a data directory for netd and other network-related files.
2014-07-08 19:14:36 +00:00
Nick Kralevich e1695914d5 restorecon_recursive /cache
Make sure all files / directories within /cache are properly
labeled, not just the directory itself.

Addresses the following denial:

  type=1400 audit(0.0:26): avc: denied { getattr } for comm="Thread-85" path="/cache/lost+found" dev="mmcblk0p27" ino=11 scontext=u:r:untrusted_app:s0 tcontext=u:object_r:unlabeled:s0 tclass=dir

Change-Id: I5937b30043efeb696ffaa77258b7294d20d1494e
2014-07-09 12:40:13 -07:00
dcashman cddb15b8a9 am b4e74db7: am 3fa71b8e: Merge "Remove sshd."
* commit 'b4e74db79c9fda5e63ae49f299df3c0dd80a87f9':
  Remove sshd.
2014-07-08 15:13:30 +00:00
dcashman b4cbff47ad Remove sshd.
This may require changes to other code, such as fastbootd, which relies on this
service.  sshd is not currently, used, however, so this change will force any
such code to be changed.

Bug: 11594902
Change-Id: I07e52008290dab5825be2ad062cbe730fa7dff71
2014-07-07 23:42:15 +00:00
Sreeram Ramachandran b46efdb08e Create a data directory for netd and other network-related files.
Allows the 'shell' group (which is what dumpstate uses) to read the files in
this directory.

Change-Id: I69deb1a64d5d6647470823405bf0cc55b24b22de
2014-07-08 08:44:47 -07:00
Nick Kralevich 14253c1aab Merge "init.rc: add seclabel to flash_recovery" 2014-07-07 17:47:39 +00:00
Nick Kralevich a1d97e5d1c init.rc: add seclabel to flash_recovery
Make sure flash_recovery is always running in the
install_recovery SELinux domain.

Change-Id: I9495eedd03f6b5dfcf2e78c03d1102f6032b327a
2014-07-08 12:41:16 -07:00
Sreeram Ramachandran 85449d360f am b12e40da: am 0a7b44d5: am ab98d2e6: Merge "Create a data directory for netd and other network-related files."
* commit 'b12e40da2526881c1730a3d3387556e4600c7040':
  Create a data directory for netd and other network-related files.
2014-07-08 19:18:45 +00:00
dcashman 9f3a11edde am cddb15b8: am b4e74db7: am 3fa71b8e: Merge "Remove sshd."
* commit 'cddb15b8a9057e7efacf2de9c9a6a887fd666663':
  Remove sshd.
2014-07-08 15:19:50 +00:00
Riley Andrews 24912dc446 resolved conflicts for merge of fa6f2543 to master
Change-Id: I04ce82e5d245e90e2cc62b76d688ec902c1a471d
2014-06-26 20:49:46 -07:00
Riley Andrews fa6f25432b am 23340d8a: am 10f8cd1d: Merge changes Ia15b2110,I5498c725
* commit '23340d8adac7bf68a6e47064ab7b48c1e227a077':
  Add ability to adjust init log level at runtime.
  Improve init's debug printing.
2014-06-27 03:42:33 +00:00
Daniel Rosenberg f67d6bd3c0 Moved symlink back up.
Moving the vendor symlink down was causing issues with some devices.
Moved it back up, and adjusted mount to remove symlinks if necessary.

Change-Id: I77126d77cfbef32250012bea3960c99b55db4cbb
Signed-off-by: Daniel Rosenberg <drosen@google.com>
2014-06-26 22:07:37 +00:00
Riley Andrews 1bbef88e80 Add ability to adjust init log level at runtime.
+ Add a new property, sys.init_log_level, which can be set after init
  bootstrap. This will control the level at which init does prints to klog.

Change-Id: Ia15b2110157b5e6b713785ece9b0fb94889be6c8
2014-06-26 15:05:20 -07:00
Daniel Rosenberg f530c93c4a Added support for vendor partition and image
Modified fastboot to flash vendor.img as well. Moved symlink
for /vendor to occur after mounting partitions. Changed mount
to also create the mount point.

Change-Id: I78e1ba24e6bb8b4af96a67ee0569af579439e682
Signed-off-by: Daniel Rosenberg <drosen@google.com>
2014-06-24 21:51:31 +00:00
Riley Andrews 6bd4588d65 resolved conflicts for merge of 079c637f to master
Change-Id: Iab9a857026de954d7497d6b0eaf3751d2d3904c7
2014-06-23 15:20:51 -07:00
Riley Andrews 079c637f3d am 5b45e08a: am 7950fc47: Merge "Add ability to boot from charger mode."
* commit '5b45e08aabd6dcbab527d221584fe348c73c70d4':
  Add ability to boot from charger mode.
2014-06-23 21:40:54 +00:00
Riley Andrews e4b7b294f3 Add ability to boot from charger mode.
Add the ability to boot up directly from charger mode, instead of forcing
charger mode to initiate a full restart to launch 'full' android. This
should shave a few seconds off of boot time on supported devices (just
manta for now).

Change-Id: Ieec4494d929e92806e039f834d78b9002afd15c4
2014-06-20 16:43:00 -07:00
Riley Andrews aab0d57d18 am 94fa2005: am 4f5392cb: Merge "Make indentation sane in init.rc"
* commit '94fa20058fbd0e4f7e3c6d1381cdb9718dd90cde':
  Make indentation sane in init.rc
2014-06-20 01:35:47 +00:00
Riley Andrews 6dfdc7cd0c Make indentation sane in init.rc
Change-Id: Ic632fbe1423eeef7ec958877d74db7b87fc385c6
2014-06-19 17:13:30 -07:00
Riley Andrews 53f24c2f94 am aab0d57d: am 94fa2005: am 4f5392cb: Merge "Make indentation sane in init.rc"
* commit 'aab0d57d18b202d059fec57c832d6443faff6ee3':
  Make indentation sane in init.rc
2014-06-20 01:39:27 +00:00
Ying Wang fd9cfb4c22 am 68d97430: am 4924d10a: Merge "Regenerate init.environ.rc if PRODUCT_BOOTCLASSPATH changed."
* commit '68d97430dd2cc25bb753df748d859415520a7dcb':
  Regenerate init.environ.rc if PRODUCT_BOOTCLASSPATH changed.
2014-06-18 23:03:48 +00:00
Ying Wang 2359b3c162 Regenerate init.environ.rc if PRODUCT_BOOTCLASSPATH changed.
(cherry picked from commit 7011a85606)

Change-Id: I025fe1f64c87fd406b3a3bf3d20fd3b78be8a940
2014-06-18 15:43:29 -07:00
Ying Wang 7011a85606 Regenerate init.environ.rc if PRODUCT_BOOTCLASSPATH changed.
Change-Id: I4686c1239aa5ed361c918ce4e7a5abf9a1552ab4
2014-06-14 09:11:58 -07:00
Nick Kralevich 8ffe8eac5b am f8cb68e1: am 3bff77a8: am 875dc8f3: Merge "Create /data/dalvik-cache/profiles"
* commit 'f8cb68e15ba242200e3525fffa2f969960e18a50':
  Create /data/dalvik-cache/profiles
2014-06-12 23:17:38 +00:00
Nick Kralevich f8cb68e15b am 3bff77a8: am 875dc8f3: Merge "Create /data/dalvik-cache/profiles"
* commit '3bff77a8f90e673dbf41d97b7b842a3e4a6986bf':
  Create /data/dalvik-cache/profiles
2014-06-12 23:12:45 +00:00
Nick Kralevich 511998fcdb am 44aadc4d: am 1eebf538: am 59d16c9e: Merge "make console shell run as GID=shell"
* commit '44aadc4daf926155bf06bcf9d8f2daa96f861cdf':
  make console shell run as GID=shell
2014-06-12 19:46:43 +00:00
Nick Kralevich 44aadc4daf am 1eebf538: am 59d16c9e: Merge "make console shell run as GID=shell"
* commit '1eebf538d3e5465bbec84d86017bb9ca250a052b':
  make console shell run as GID=shell
2014-06-12 19:43:07 +00:00
Nick Kralevich f2cb352412 make console shell run as GID=shell
Change-Id: I240bec07b04de1b26eef14e4f590af56c1aaa276
2014-06-12 12:33:21 -07:00
Nick Kralevich 875dc8f3f3 Merge "Create /data/dalvik-cache/profiles" 2014-06-10 21:55:12 +00:00
Nick Kralevich 347ee511e4 Create /data/dalvik-cache/profiles
Make sure /data/dalvik-cache/profiles gets the correct
permissions and SELinux context, and ownership is properly
assigned to the system UID.

Change-Id: Ic1b44009faa30d704855e97631006c4b990a4ad3
2014-06-11 18:32:57 -07:00
Robin Lee a54b7ca156 am b7c07da2: am 33154817: am 46fbaf06: Merge "Create world-searchable /data/misc/user directory"
* commit 'b7c07da2f4606ca36b93c2b9221e43e6ebe68831':
  Create world-searchable /data/misc/user directory
2014-06-05 17:30:13 +00:00
Robin Lee b7c07da2f4 am 33154817: am 46fbaf06: Merge "Create world-searchable /data/misc/user directory"
* commit '33154817e274a4c7c381e2f5ef73ead7093e3985':
  Create world-searchable /data/misc/user directory
2014-06-05 17:26:31 +00:00
Robin Lee 46fbaf062f Merge "Create world-searchable /data/misc/user directory" 2014-06-05 17:07:43 +00:00
Dave Allison 664bdde0f1 am 01546ff2: am dec41a38: am 967729b7: Merge "Add LD_PRELOAD for libsigchain.so to the environment"
* commit '01546ff208cec5ac15f81cc84f507fb8c9a51d98':
  Add LD_PRELOAD for libsigchain.so to the environment
2014-05-29 21:10:00 +00:00
Dave Allison 01546ff208 am dec41a38: am 967729b7: Merge "Add LD_PRELOAD for libsigchain.so to the environment"
* commit 'dec41a388d58ae515c83df4ec084c1e38edb427a':
  Add LD_PRELOAD for libsigchain.so to the environment
2014-05-29 21:06:24 +00:00
Dave Allison dec41a388d am 967729b7: Merge "Add LD_PRELOAD for libsigchain.so to the environment"
* commit '967729b7ca675d6f2c895a1bd56216a62b217e50':
  Add LD_PRELOAD for libsigchain.so to the environment
2014-05-29 19:57:50 +00:00
Dave Allison 967729b7ca Merge "Add LD_PRELOAD for libsigchain.so to the environment" 2014-05-29 19:51:42 +00:00
Nick Kralevich e7fd4078a2 am 7206eccb: am c4ffa5f6: am c290bed0: Merge "Remove dmesg_restrict"
* commit '7206eccbd904508a199c7ec302d7395b3b674968':
  Remove dmesg_restrict
2014-05-28 18:02:27 +00:00
Torne (Richard Coles) f9ff246dd7 am 4f3ad823: am a8329a36: am 96109cf3: Merge "Add UID and directory for RELRO sharing support."
* commit '4f3ad823eaf97fcbcbb1afac67371aff76677b1d':
  Add UID and directory for RELRO sharing support.
2014-05-28 18:02:24 +00:00
Nick Kralevich 7206eccbd9 am c4ffa5f6: am c290bed0: Merge "Remove dmesg_restrict"
* commit 'c4ffa5f62ef256ff286122d0ceea61364aa67e13':
  Remove dmesg_restrict
2014-05-28 13:14:54 +00:00
Nick Kralevich c4ffa5f62e am c290bed0: Merge "Remove dmesg_restrict"
* commit 'c290bed0350cded5620ed8dbb68b1cfb07d9828c':
  Remove dmesg_restrict
2014-05-28 13:11:38 +00:00
Nick Kralevich c290bed035 Merge "Remove dmesg_restrict" 2014-05-28 13:09:34 +00:00
Torne (Richard Coles) 4f3ad823ea am a8329a36: am 96109cf3: Merge "Add UID and directory for RELRO sharing support."
* commit 'a8329a36ca0e5f5799ec2dd14ae360dc0656b9c9':
  Add UID and directory for RELRO sharing support.
2014-05-28 10:20:55 +00:00
Torne (Richard Coles) a8329a36ca am 96109cf3: Merge "Add UID and directory for RELRO sharing support."
* commit '96109cf36c3dd44e9ecfe4b810e21e77eaf834dc':
  Add UID and directory for RELRO sharing support.
2014-05-28 10:17:44 +00:00
Nick Kralevich 1a6184baf3 Remove dmesg_restrict
dmesg_restrict is too coarse of a control. In Android's case,
we want to allow the shell user to see dmesg output, but disallow
others from seeing it.

Rather than rely on dmesg_restrict, use SELinux to control access
to dmesg instead. See corresponding change in external/sepolicy .

Bug: 10020939
Change-Id: I9d4bbbd41cb02b707cdfee79f826a39c1ec2f177
2014-05-27 16:51:11 -07:00
Torne (Richard Coles) 234f696ea7 Add UID and directory for RELRO sharing support.
Define a UID to be used by the process responsible for creating shared
RELRO files for the WebView native library, and create a directory owned
by that UID to use to store the files.

Bug: 13005501
Change-Id: I5bbb1e1035405e5534b2681f554fe16f74e3da1a
2014-05-27 14:00:29 +01:00
Narayan Kamath ef386b3fb0 am b5d6c188: am 9196f5f2: am 5fe6fcc3: Merge "Add a zygote 64/32 bit config."
* commit 'b5d6c18859424d86339ce895a42084a9c08552fd':
  Add a zygote 64/32 bit config.
2014-05-27 11:13:44 +00:00
Narayan Kamath b5d6c18859 am 9196f5f2: am 5fe6fcc3: Merge "Add a zygote 64/32 bit config."
* commit '9196f5f2df7890100e8968983680e196e944bd05':
  Add a zygote 64/32 bit config.
2014-05-27 11:10:11 +00:00
Narayan Kamath 9196f5f2df am 5fe6fcc3: Merge "Add a zygote 64/32 bit config."
* commit '5fe6fcc35d10c88dd55213dc5b2303ea73c1883b':
  Add a zygote 64/32 bit config.
2014-05-27 11:04:38 +00:00
Jaewan Kim 373d9fa082 Support static IP config on Ethernet
Bug: 7606609
Bug: 8687763
Change-Id: I1d76b5783e8511a8e3f5d981e6b4b9fb4fbecdf4
2014-05-22 00:00:35 +00:00
Narayan Kamath 7cdbbcabda Add a zygote 64/32 bit config.
64 bit zygote is the "primary" and the system server is run
as a 64 bit process.

Change-Id: Ie1c2b0809faa92937bc407dd66e7a606ebb4f8f3
2014-05-21 11:20:42 +01:00
Dave Allison 50b6a4b1b7 Add LD_PRELOAD for libsigchain.so to the environment
To remove the need to modify the bionic dynamic linker, add the
signal chaining library as a preload in the environment.  This
will be picked up by the dynamic linker and will override
sigaction and sigprocmask to allow for signal chaining.

Change-Id: I6e2d0628b009bd01e0ed9aed0b311871b9c8363a
2014-05-15 20:35:11 -07:00
Narayan Kamath 8c56cebd44 am 08a15076: am a5f7aca8: am 75a8eeb1: Merge "Change app_process reference to app_process32."
* commit '08a1507603d63f07cfce65ead701330e1fe89894':
  Change app_process reference to app_process32.
2014-05-15 10:34:38 +00:00
Narayan Kamath 08a1507603 am a5f7aca8: am 75a8eeb1: Merge "Change app_process reference to app_process32."
* commit 'a5f7aca82e63942e9449804fd11eb11aec710419':
  Change app_process reference to app_process32.
2014-05-15 09:45:29 +00:00
Narayan Kamath a5f7aca82e am 75a8eeb1: Merge "Change app_process reference to app_process32."
* commit '75a8eeb1ecf9f748b1d53e5ff3a5e138a0cdbebd':
  Change app_process reference to app_process32.
2014-05-15 09:41:36 +00:00
Narayan Kamath 75a8eeb1ec Merge "Change app_process reference to app_process32." 2014-05-15 09:36:33 +00:00
Sreeram Ramachandran 066c9b5a00 am 9743f097: am 09eaad79: Merge "Introduce fwmarkd: a service to set the fwmark of sockets."
* commit '9743f09724162186fb280627c3c125a55534a219':
  Introduce fwmarkd: a service to set the fwmark of sockets.
2014-05-14 19:51:37 +00:00
Sreeram Ramachandran 9743f09724 am 09eaad79: Merge "Introduce fwmarkd: a service to set the fwmark of sockets."
* commit '09eaad793a8cec9196255d740ecb89a1426c0bf7':
  Introduce fwmarkd: a service to set the fwmark of sockets.
2014-05-14 19:48:10 +00:00
Sreeram Ramachandran e38d470714 Introduce fwmarkd: a service to set the fwmark of sockets.
(cherry picked from commit d5121e212c1f53b1cb6458ee83be892d94fdfef3)

Change-Id: Ieb049fe34ea2b21a7f6108f2099d1a8b8f2c28f7
2014-05-14 11:12:42 -07:00
Narayan Kamath b4932d592f Change app_process reference to app_process32.
Required due to change 5a7ee9ad63 which makes
app_process a symlink to the primary zygote.

Change-Id: I940f6302db97f74dd57112e310014e989dc586e5
2014-05-14 16:41:18 +01:00
Sreeram Ramachandran 76202a2dfa Introduce fwmarkd: a service to set the fwmark of sockets.
Change-Id: Ieb049fe34ea2b21a7f6108f2099d1a8b8f2c28f7
2014-05-14 04:12:12 -07:00
Sreeram Ramachandran 3c1c730f20 am ca61b484: am b8cfcf3d: am 32e4479d: Merge "Set kernel proc files for fwmark reflection and table numbers for RAs."
* commit 'ca61b484b6eb1bf92b05bc5386668ec51999e55a':
  Set kernel proc files for fwmark reflection and table numbers for RAs.
2014-05-13 22:43:58 +00:00
Sreeram Ramachandran ca61b484b6 am b8cfcf3d: am 32e4479d: Merge "Set kernel proc files for fwmark reflection and table numbers for RAs."
* commit 'b8cfcf3d9beb6ae09512941a182c326723b3ef41':
  Set kernel proc files for fwmark reflection and table numbers for RAs.
2014-05-13 22:38:30 +00:00
Sreeram Ramachandran b8cfcf3d9b am 32e4479d: Merge "Set kernel proc files for fwmark reflection and table numbers for RAs."
* commit '32e4479d5535887d03625b43b7e3574b458dfc8d':
  Set kernel proc files for fwmark reflection and table numbers for RAs.
2014-05-13 22:33:51 +00:00
Sreeram Ramachandran fd94922329 Set kernel proc files for fwmark reflection and table numbers for RAs.
(cherry picked from commit 2c2807ac1041751583e0c3b6892ca56eae423fa2)

Change-Id: I5f0d759cb9b8590555af7f5503f00d3e455ece54
2014-05-13 13:02:44 -07:00
Ruchi Kandoi f74cb95349 am 57569b3d: am 1abf4918: am c7580819: Merge "ueventd: Ueventd changes the permission of sysfs files for max/min cpufreq"
* commit '57569b3d3cea0b2096a15e8d25b41df9f836fd08':
  ueventd: Ueventd changes the permission of sysfs files for max/min cpufreq
2014-05-01 17:53:03 +00:00
Ruchi Kandoi 57569b3d3c am 1abf4918: am c7580819: Merge "ueventd: Ueventd changes the permission of sysfs files for max/min cpufreq"
* commit '1abf49180acece56ff7573d53b65c6a28d2a4cb2':
  ueventd: Ueventd changes the permission of sysfs files for max/min cpufreq
2014-05-01 17:48:51 +00:00
Ruchi Kandoi 1abf49180a am c7580819: Merge "ueventd: Ueventd changes the permission of sysfs files for max/min cpufreq"
* commit 'c7580819934b85e93f58001f9b59b12712bb61b8':
  ueventd: Ueventd changes the permission of sysfs files for max/min cpufreq
2014-05-01 17:45:20 +00:00
Ruchi Kandoi 75b287b771 ueventd: Ueventd changes the permission of sysfs files for max/min
cpufreq

The owner and permissions for the sysfs file
/sys/devices/system/cpu*/cpufreq/scaling_max/min_freq is changed.
This would allow the PowerHAL to change the max/min cpufreq even after
the associated CPU's are hotplugged out and back in.

Change-Id: Ibe0b4aaf3db555ed48e89a7fcd0c5fd3a18cf233
Signed-off-by: Ruchi Kandoi <kandoiruchi@google.com>
2014-05-01 17:30:41 +00:00
Bill Yi 1333e012ee Merge commit '4102af05a86aae36d2560fd8b3f740a52399342c' into HEAD 2014-04-29 16:07:40 -07:00
Robin Lee 3094f82a8a Create world-searchable /data/misc/user directory
installd will create a separate subdirectory for each user.

Change-Id: I95ec09169ea70f35443bbb3209237611e174ca29
2014-04-29 12:46:53 +01:00
Paul Lawrence 0aee64f614 Make Volantis devices encryptable
Volantis SurfaceFlinger holds open a file on data partition.
SurfaceFlinger is not running when we trigger_default_encryption
but if we start it before starting defaultcrypto it locks open
data, so we can't unmount it.

It will start anyway when main starts, so not starting it here
is safe - it will just cause a 1-2 second delay in the graphics
appearing.

Change-Id: Idd546a578e62a24f999367b1407b37ad0f00f3a2
2014-04-21 11:47:55 -07:00
JP Abgrall e29590b08b am 46e6b4f7: am b0397d55: am 9bb44b41: Merge "rootdir: init.rc: update max TCP window sizes for mobile networks"
* commit '46e6b4f7fd5f6488d0ba06a26d67888136b3ee3e':
  rootdir: init.rc: update max TCP window sizes for mobile networks
2014-04-18 21:18:41 +00:00
JP Abgrall 46e6b4f7fd am b0397d55: am 9bb44b41: Merge "rootdir: init.rc: update max TCP window sizes for mobile networks"
* commit 'b0397d55a2ff4b3c6664c9545be18ba88c07dea4':
  rootdir: init.rc: update max TCP window sizes for mobile networks
2014-04-18 21:15:33 +00:00
Narayan Reddy ce898489e4 rootdir: init.rc: update max TCP window sizes for mobile networks
GRPS: RTT=600ms, max tput=80kbps (class 12 GMSK 4+1)
EDGE: RTT=300ms, max tput=236kbps (class 12 8PSK)
UMTS: RTT=200ms, max tput=384kbps (R99)
HSDPA: RTT=75ms, max tput=14Mbps (cat 10)
HSUPA: RTT=50ms, max tput=14Mbps
HSPA: RTT=50ms, max tput=14Mbps
HSPA+: RTT=50ms, max tput=42Mbps (cat 20)
LTE: RTT=20ms, max tput=100Mbps (class 3)

bug 67569

Change-Id: I9d62359bbd11dc68e3649a7ea2295d0d4e25e3f2
Signed-off-by: Narayan Reddy <narayanr@nvidia.com>
Signed-off-by: Steve Lin <stlin@nvidia.com>
2014-04-18 19:19:44 +00:00
Paul Lawrence 391224c807 Merge "Fix forceencrypt" 2014-04-11 14:55:52 +00:00
Narayan Kamath 7bd273e04e am d85efaa0: am a73f7e92: am 822b1a02: Merge "Add a config for dual mode zygote."
* commit 'd85efaa068708b19db3cc647ba62c0a2feb7da23':
  Add a config for dual mode zygote.
2014-04-11 10:02:11 +00:00
Narayan Kamath d85efaa068 am a73f7e92: am 822b1a02: Merge "Add a config for dual mode zygote."
* commit 'a73f7e924abb8e7b1aa3f0d64d0177ce7d1c58e6':
  Add a config for dual mode zygote.
2014-04-11 09:57:24 +00:00
Narayan Kamath 822b1a024d Merge "Add a config for dual mode zygote." 2014-04-11 08:22:38 +00:00
Paul Lawrence f24aab7d74 Fix forceencrypt
When changing vdc cryptfs enablecrypto inplace default in
  https://googleplex-android-review.git.corp.google.com/#/c/445001/
forgot to change init.rc

Change-Id: I2a937d3c302ab8eab4829a36101145d6fe726ab1
2014-04-10 13:31:46 -07:00
Narayan Kamath 468b37c106 Add a config for dual mode zygote.
Note that init.zygote64.rc, which supports a "pure"
64 bit zygote is around only for testing.

The life cycles of both zygotes are controlled by init,
and the assumption here is that they will be available
always. We start the system_server in 32 bit mode.

Note that the distinction between "primary" and "secondary"
simply defines the order in which ABI support is queried,
there's no real requirement that the primary zygote supports
the primary ABI of the device.

bug: 13647418

Change-Id: Id0be001ea6f934c3c2022d89a63aae9fae66cc38
2014-04-10 10:45:37 +01:00
dcashman 11673a03e0 am 8b4ea5a4: am 39a5b812: am 2baf2886: Merge "Enable world-readable selinuxfs policy binary."
* commit '8b4ea5a49dda2767af87604713053e1bc418e96f':
  Enable world-readable selinuxfs policy binary.
2014-04-09 16:41:17 +00:00
dcashman 8b4ea5a49d am 39a5b812: am 2baf2886: Merge "Enable world-readable selinuxfs policy binary."
* commit '39a5b812904ec13390d6261bafccf823729ae21d':
  Enable world-readable selinuxfs policy binary.
2014-04-09 16:37:05 +00:00
dcashman 5822a4af84 Enable world-readable selinuxfs policy binary.
Change-Id: I1eefb457cea1164a8aa9eeb7683b3d99ee56ca99
2014-04-07 14:05:43 -07:00
Narayan Kamath dc9af896f0 resolved conflicts for merge of 6a949b45 to master
Change-Id: Ie123b4fff76ef43e2b1c0583731e88997504320e
2014-04-01 17:40:45 +01:00
Narayan Kamath 6a949b45e9 am ffca173c: am 5da2dbbc: Merge "Move zygote init config to its own file."
* commit 'ffca173c853a2e312610d87f40957f696ac8364a':
  Move zygote init config to its own file.
2014-04-01 16:29:57 +00:00
Narayan Kamath 5da2dbbc93 Merge "Move zygote init config to its own file." 2014-04-01 16:22:02 +00:00
Greg Hackmann 788b272268 am ae66fbbe: am 697bdc60: am a740b3bb: Merge "rootdir: reduce permissions on /dev/rtc0"
* commit 'ae66fbbe0e747cb2485bac0fa47c9223268a2fc9':
  rootdir: reduce permissions on /dev/rtc0
2014-03-31 20:30:26 +00:00
Greg Hackmann ae66fbbe0e am 697bdc60: am a740b3bb: Merge "rootdir: reduce permissions on /dev/rtc0"
* commit '697bdc604e8f266ebd6c94fc84eb5057b1a700e3':
  rootdir: reduce permissions on /dev/rtc0
2014-03-31 20:24:39 +00:00
Greg Hackmann a740b3bb40 Merge "rootdir: reduce permissions on /dev/rtc0" 2014-03-31 20:13:52 +00:00
Narayan Kamath 4456a55ce6 Move zygote init config to its own file.
This allows us to choose different configs depending on
whether or not the target is 64 capable, and what its preferred
default is.

bug: 13647418
Change-Id: Ie1ce4245a3add7544c87d27c635ee390f4062523
2014-03-31 12:31:11 +01:00
Greg Hackmann b34fed34af rootdir: reduce permissions on /dev/rtc0
Remove world-readable, reduce group permissions to readable by system
daemons

Change-Id: I6c7d7d78b8d8281960659bb8490a01cf7fde28b4
Signed-off-by: Greg Hackmann <ghackmann@google.com>
2014-03-27 15:52:01 -07:00
Paul Lawrence 5c789b8a31 Merge "Auto-encrypt drive at startup" 2014-03-24 22:18:58 +00:00
Paul Lawrence 166fa3de70 Auto-encrypt drive at startup
Modify fs_mgr to unmount encryptable drives after test mounting them and
then trigger an auto-encrypt via the init script

Needs matching vold changes from
 https://googleplex-android-review.googlesource.com/#/c/414200/

Feature is limited to list of serial numbers with this change

Bug: 11985952
Change-Id: I84f85a258b6a7e9809467c9149249302e203c41b
2014-03-24 15:00:53 -07:00
Mark Salyzyn bd28bb69c7 am b5f9e65a: am 0a0cc719: init.rc: Add lmkd service back
* commit 'b5f9e65ad127261df2f7c9ed40d73b9024f492f6':
  init.rc: Add lmkd service back
2014-03-24 19:36:37 +00:00
Mark Salyzyn 44983ace85 am 68b9d5f0: am bdef5499: resolved conflicts for merge of f8f0531b to klp-modular-dev-plus-aosp
* commit '68b9d5f07a443b44d81e09f65a45fea8c8f4984b':
  logd: core requirement
2014-03-24 19:36:32 +00:00
Mark Salyzyn 0a0cc7192e init.rc: Add lmkd service back
- not impressed with conflict for merge f8f0531b

Change-Id: I5b9a1a93ea0cf7eda4ced8dcfc9d0ad70f7aa6c8
2014-03-21 17:41:52 -07:00
Mark Salyzyn bdef5499d4 resolved conflicts for merge of f8f0531b to klp-modular-dev-plus-aosp
Change-Id: I87228aa0dbd0b909437c85812f2404ca8be39f38
2014-03-21 16:57:22 -07:00
Mark Salyzyn 9a305cd168 am f8f0531b: Merge "logd: core requirement"
* commit 'f8f0531bb69a90e87f1bafa875e665e3935610b1':
  logd: core requirement
2014-03-21 23:29:13 +00:00
Mark Salyzyn 3c253dc88f logd: core requirement
- has no dependency on /data, switch from main to core

Change-Id: I4bfe3e67d4cbd31e943c609f5626e533857a27a9
2014-03-21 16:06:54 -07:00
JP Abgrall d94ed2c8fe am 7283db6d: am efbf36f2: init.rc: prep tcp_default_init_rwnd, set the default to 60
* commit '7283db6d2694c8deae644a0d815cf292309a6176':
  init.rc: prep tcp_default_init_rwnd, set the default to 60
2014-03-14 16:32:41 +00:00
JP Abgrall 7283db6d26 am efbf36f2: init.rc: prep tcp_default_init_rwnd, set the default to 60
* commit 'efbf36f2dad8f083de6f48dbb682461d7cfa9781':
  init.rc: prep tcp_default_init_rwnd, set the default to 60
2014-03-14 16:28:05 +00:00
JP Abgrall 10f229d429 am efbf36f2: init.rc: prep tcp_default_init_rwnd, set the default to 60
* commit 'efbf36f2dad8f083de6f48dbb682461d7cfa9781':
  init.rc: prep tcp_default_init_rwnd, set the default to 60
2014-03-14 04:12:50 +00:00
JP Abgrall efbf36f2da init.rc: prep tcp_default_init_rwnd, set the default to 60
The kernel's default is between 4~20.

Prepare for javaland to modify the value at runtime.

It can be done via
  setprop sys.sysctl.tcp_def_init_rwnd  <value>


Bug: 12020135
Change-Id: Id34194b085206fd02e316401c0fbbb9eb52522d2
(cherry picked from commit 7c862c8b5e)
2014-03-13 00:25:51 +00:00
Mark Salyzyn f447c1b3ae am 858d0dd1: Merge "set /proc/sys/net/unix/max_dgram_qlen to large value"
* commit '858d0dd1e529575181abd8de607e46f7b273cc9d':
  set /proc/sys/net/unix/max_dgram_qlen to large value
2014-03-11 18:28:50 +00:00
Nick Kralevich 9509103cd4 am 9453bce4: Merge "Apply restorecon_recursive to all of /data."
* commit '9453bce4cff952aab5c90f5b30c6c12d3e1521e5':
  Apply restorecon_recursive to all of /data.
2014-03-11 18:08:38 +00:00
Mark Salyzyn 01c5199665 am e9c8fb90: Merge "logd: initial checkin."
* commit 'e9c8fb900a460699201208870ce9997a734261cc':
  logd: initial checkin.
2014-03-11 18:08:35 +00:00
Colin Cross dfda9b0b47 am 27fd413d: Merge "Start debuggerd64 for 64-bit processes"
* commit '27fd413d6d02a53c453cf926717b67e9a8d1eb32':
  Start debuggerd64 for 64-bit processes
2014-03-07 19:38:56 +00:00
Nick Kralevich c1f1eb374e am ba023b06: Merge "Move creation of /data/misc/wifi and /data/misc/dhcp to main init.rc file."
* commit 'ba023b063d25b73923f2df536b6258967f756ff6':
  Move creation of /data/misc/wifi and /data/misc/dhcp to main init.rc file.
2014-03-07 01:35:42 +00:00
Mark Salyzyn 1d39c53e29 am 00eaae3a: am 556c9c24: am 858d0dd1: Merge "set /proc/sys/net/unix/max_dgram_qlen to large value"
* commit '00eaae3aaa6ea3ca2c9c00e0559fa6937ce33e37':
  set /proc/sys/net/unix/max_dgram_qlen to large value
2014-03-04 01:00:21 +00:00
Mark Salyzyn 556c9c245d am 858d0dd1: Merge "set /proc/sys/net/unix/max_dgram_qlen to large value"
* commit '858d0dd1e529575181abd8de607e46f7b273cc9d':
  set /proc/sys/net/unix/max_dgram_qlen to large value
2014-03-04 00:14:13 +00:00
Mark Salyzyn 581edc1b6c set /proc/sys/net/unix/max_dgram_qlen to large value
- init: set /proc/sys/net/unix/max_dgram_qlen to 300
- libsysutils: Add listen backlog argument to startListener
- logd: set listen backlog to 300

Change-Id: Id6d37d6c937ba2d221e76258d89c9516619caeec
2014-03-03 12:48:00 -08:00
Stephen Smalley 5c3c77ed78 Move creation of /data/misc/wifi and /data/misc/dhcp to main init.rc file.
mkdir /data/misc/wifi subdirectories and /data/misc/dhcp is performed
in the various device-specific init*.rc files but seems generic.
Move it to the main init.rc file.

Drop the separate chown for /data/misc/dhcp as this is handled by mkdir
built-in if the directory already exists.

Add a restorecon_recursive /data/misc/wifi/sockets.

Change-Id: I51b09c5e40946673a38732ea9f601b2d047d3b62
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2014-02-28 10:23:01 -08:00
Nick Kralevich d7ce27e8ae am e6fb169f: am e570fd3a: am 9453bce4: Merge "Apply restorecon_recursive to all of /data."
* commit 'e6fb169fd69bfa6775737f37d45041c5b229321c':
  Apply restorecon_recursive to all of /data.
2014-02-26 22:39:07 +00:00
Nick Kralevich e570fd3a32 am 9453bce4: Merge "Apply restorecon_recursive to all of /data."
* commit '9453bce4cff952aab5c90f5b30c6c12d3e1521e5':
  Apply restorecon_recursive to all of /data.
2014-02-26 22:31:02 +00:00
Nick Kralevich 1bb3489e60 resolved conflicts for merge of e9c8fb90 to klp-modular-dev-plus-aosp
Change-Id: I9ee9908a915258937b343de90dce5774d914f03a
2014-02-26 14:02:02 -08:00
Nick Kralevich 9453bce4cf Merge "Apply restorecon_recursive to all of /data." 2014-02-26 21:36:30 +00:00
Mark Salyzyn 0175b0747a logd: initial checkin.
* Create a new userspace log daemon for handling logging messages.

Original-Change-Id: I75267df16359684490121e6c31cca48614d79856
Signed-off-by: Nick Kralevich <nnk@google.com>

* Merge conflicts
* rename new syslog daemon to logd to prevent confusion with bionic syslog
* replace racy getGroups call with KISS call to client->getGid()
* Timestamps are filed at logging source
* insert entries into list in timestamp order
* Added LogTimeEntry tail filtration handling
* Added region locking around LogWriter list
* separate threads for each writer
* /dev/socket/logd* permissions

Signed-off-by: Mark Salyzyn <salyzyn@google.com>

(cherry picked from commit 3e76e0a497)

Author: Nick Kralevich <nnk@google.com>
Change-Id: Ice88b1412d8f9daa7f9119b2b5aaf684a5e28098
2014-02-26 09:52:35 -08:00
JP Abgrall 7c862c8b5e init.rc: prep tcp_default_init_rwnd, set the default to 60
The kernel's default is between 4~20.

Prepare for javaland to modify the value at runtime.

It can be done via
  setprop sys.sysctl.tcp_def_init_rwnd  <value>


Bug: 12020135
Change-Id: Id34194b085206fd02e316401c0fbbb9eb52522d2
2014-02-21 12:05:01 -08:00
Mark Salyzyn 4046c132dc Merge changes I929dddc7,Ice88b141,I243b1338
* changes:
  logd: prune more aggressively when over the top
  logd: initial checkin.
  logcat: test: add clear and blocking check
2014-02-20 00:27:02 +00:00
Colin Cross b6391ce26b am ee9de136: am bb2da79f: am 27fd413d: Merge "Start debuggerd64 for 64-bit processes"
* commit 'ee9de136c52555e8775611ad32fc8ee47c75e3d1':
  Start debuggerd64 for 64-bit processes
2014-02-16 19:57:27 +00:00
Colin Cross bb2da79fda am 27fd413d: Merge "Start debuggerd64 for 64-bit processes"
* commit '27fd413d6d02a53c453cf926717b67e9a8d1eb32':
  Start debuggerd64 for 64-bit processes
2014-02-16 19:50:59 +00:00
Dan Willemsen 78ef91aa5e Start debuggerd64 for 64-bit processes
Change-Id: I2fc33d9eb2726b043d2f13bfab0c605dbb6083c7
2014-02-16 11:30:27 -08:00
Nick Kralevich 3e76e0a497 logd: initial checkin.
* Create a new userspace log daemon for handling logging messages.

Original-Change-Id: I75267df16359684490121e6c31cca48614d79856
Signed-off-by: Nick Kralevich <nnk@google.com>

* Merge conflicts
* rename new syslog daemon to logd to prevent confusion with bionic syslog
* replace racy getGroups call with KISS call to client->getGid()
* Timestamps are filed at logging source
* insert entries into list in timestamp order
* Added LogTimeEntry tail filtration handling
* Added region locking around LogWriter list
* separate threads for each writer
* /dev/socket/logd* permissions

Signed-off-by: Mark Salyzyn <salyzyn@google.com>

Change-Id: Ice88b1412d8f9daa7f9119b2b5aaf684a5e28098
2014-02-14 11:07:54 -08:00
Paul Lawrence b6e3b3cea2 Merge "Mount default encrypted devices at boot" 2014-02-14 15:24:41 +00:00
Nick Kralevich b3739735b8 lowmemorykiller: make perms 0220
Set

* /sys/module/lowmemorykiller/parameters/adj
* /sys/module/lowmemorykiller/parameters/minfree

to 0220. This better indicates that these files are only intended
to be written to, never read.

Change-Id: I9ef054f032b3955e04128fc1a472a17c7b1fa792
2014-02-13 13:58:21 -08:00
Paul Lawrence 13d5bb4bad Mount default encrypted devices at boot
If userdata is default encrypted, we should mount it at boot
to avoid bringing the framework up and then down unnecessarily.

Needs matching vold changes from
 https://googleplex-android-review.googlesource.com/#/c/412649/

Bug: 8769627
Change-Id: I4b8276befd832cd788e15c36edfbf8f0e18d7e6b
2014-02-07 07:23:11 -08:00
Stephen Smalley f2b7ee7655 Apply restorecon_recursive to all of /data.
With the following prior changes:
I77bf2a0c4c34b1feef6fdf4d6c3bd92dbf32f4a1
I698b1b2c3f00f31fbb2015edf23d33b51aa5bba1
I8dd915d9bb80067339621b905ea2b4ea0fa8d71e
it should now be safe (will correctly label all files)
and reasonably performant (will skip processing unless
file_contexts has changed since the last call) to call
restorecon_recursive /data from init.rc.

The call is placed after the setprop selinux.policy_reload 1 so that
we use any policy update under /data/security if present.

Change-Id: Ib8d9751a47c8e0238cf499fcec61898937945d9d
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2014-02-06 14:33:29 -05:00
Doug Zongker 6edd1bdf53 Merge "set permissions of recovery install script" 2014-02-04 22:01:29 +00:00
Doug Zongker 9526202d84 set permissions of recovery install script
The script that writes the recovery partition after a successful
update of system needs to be made executable.  This change also moves
it from /system/etc to /system/bin.

Bug: 12893978
Change-Id: I686e2392a2392515a6859a7381b735de1007b7ea
2014-02-04 12:33:08 -08:00
Nick Kralevich d9d8a60e42 am fbca9d94: am 7e3d72d9: am ba023b06: Merge "Move creation of /data/misc/wifi and /data/misc/dhcp to main init.rc file."
* commit 'fbca9d9449231839b805ef4b11e4b2d968e601e3':
  Move creation of /data/misc/wifi and /data/misc/dhcp to main init.rc file.
2014-02-04 19:02:48 +00:00
Nick Kralevich 7e3d72d974 am ba023b06: Merge "Move creation of /data/misc/wifi and /data/misc/dhcp to main init.rc file."
* commit 'ba023b063d25b73923f2df536b6258967f756ff6':
  Move creation of /data/misc/wifi and /data/misc/dhcp to main init.rc file.
2014-02-04 18:37:36 +00:00
Stephen Smalley 82e87ed479 Move creation of /data/misc/wifi and /data/misc/dhcp to main init.rc file.
mkdir /data/misc/wifi subdirectories and /data/misc/dhcp is performed
in the various device-specific init*.rc files but seems generic.
Move it to the main init.rc file.

Drop the separate chown for /data/misc/dhcp as this is handled by mkdir
built-in if the directory already exists.

Add a restorecon_recursive /data/misc/wifi/sockets.

Change-Id: I51b09c5e40946673a38732ea9f601b2d047d3b62
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2014-01-29 14:09:28 -05:00
Nick Kralevich 35ef36456d am c3af60af: am c7e28899: am 16384312: am 0620e3dd: Merge "adbd: switch to su domain when running as root"
* commit 'c3af60aff5d097c717b19721f143499891d5ca3d':
  adbd: switch to su domain when running as root
2014-01-24 18:14:51 +00:00
Nick Kralevich c7e28899c3 am 16384312: am 0620e3dd: Merge "adbd: switch to su domain when running as root"
* commit '16384312244b8dccd53478a7bdeeb9a492821807':
  adbd: switch to su domain when running as root
2014-01-24 18:09:26 +00:00
Nick Kralevich 1638431224 am 0620e3dd: Merge "adbd: switch to su domain when running as root"
* commit '0620e3ddb85582f66612d046d1295dc20bf1a4f5':
  adbd: switch to su domain when running as root
2014-01-24 10:06:46 -08:00
Nick Kralevich d49aa2537c adbd: switch to su domain when running as root
When adbd runs as root, it should transition into the
su domain. This is needed to run the adbd and shell
domains in enforcing on userdebug / eng devices without
breaking developer workflows.

Introduce a new device_banner command line option.

Change-Id: Ib33c0dd2dd6172035230514ac84fcaed2ecf44d6
2014-01-22 14:20:17 -08:00
Doug Zongker d0f2c265d8 Merge "add the pre-recovery service" 2014-01-16 22:41:24 +00:00
Doug Zongker 7baebf1345 add the pre-recovery service
Add a service called "pre-recovery" which is normally stopped but can
be started by the system server when we want to go into recovery.  It
will do any preparation needed (currently needed to handle update
packages that reside on an encrypted /data partition) and then set
sys.powerctl when it's ready to actually reboot.

Bug: 12188746
Change-Id: I894a4cb200395a0f6d7fe643ed4c2ac0a45d2052
2014-01-16 08:54:59 -08:00
Nick Kralevich 32a32c9eb2 am 11190d0c: am 4552987e: am c93904b4: am e847f429: Merge "restorecon /data/misc/media."
* commit '11190d0ccb1216307043ceecf5360f1a1a946cd1':
  restorecon /data/misc/media.
2014-01-15 20:22:16 +00:00
Nick Kralevich 4552987e6a am c93904b4: am e847f429: Merge "restorecon /data/misc/media."
* commit 'c93904b445830cd17fd9dd6d4fe236987577a478':
  restorecon /data/misc/media.
2014-01-15 20:15:56 +00:00
Nick Kralevich c93904b445 am e847f429: Merge "restorecon /data/misc/media."
* commit 'e847f429f43ae56aaa406697ca603c8469e2100b':
  restorecon /data/misc/media.
2014-01-15 12:13:20 -08:00
Stephen Smalley 9e9f05e5eb restorecon /data/misc/media.
Otherwise it will be mislabeled on upgrades with existing userdata.

Change-Id: Ibde88d5d692ead45b480bb34cfe0831baeffbf94
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2014-01-15 13:19:31 -05:00
Elliott Hughes c3149359a0 am af16bf4f: am 9c1cbe83: am 53cd1484: am aead003c: Merge "Don\'t set LD_LIBRARY_PATH globally."
* commit 'af16bf4f5160c03c858b32c40900f07f1e9c0366':
  Don't set LD_LIBRARY_PATH globally.
2014-01-15 00:14:43 +00:00
Elliott Hughes 9c1cbe8373 am 53cd1484: am aead003c: Merge "Don\'t set LD_LIBRARY_PATH globally."
* commit '53cd1484aa13c43b4d6973c1c203dbff9c996d14':
  Don't set LD_LIBRARY_PATH globally.
2014-01-15 00:08:39 +00:00
Elliott Hughes 53cd1484aa am aead003c: Merge "Don\'t set LD_LIBRARY_PATH globally."
* commit 'aead003c8bc677218329c535b063a5bb66695414':
  Don't set LD_LIBRARY_PATH globally.
2014-01-14 16:05:23 -08:00
Elliott Hughes bb07b536f5 Don't set LD_LIBRARY_PATH globally.
On a 64-bit system, 64-bit processes will want one path, 32-bit processes
another. The dynamic linker already provides the correct defaults for
native code, and we've coupled the VM and dynamic linker so that
LD_LIBRARY_PATH will be set correctly in any VM during startup if it's not
being manually overridden.

Change-Id: Icbffc0d451dbc242cdfb9267413d8bcac434e108
2014-01-13 16:49:54 -08:00
Colin Cross 0a05f002fb am 4082bf8c: am ce1340c6: am 5a369629: am cd0f824a: Merge "Fix tracing on user builds"
* commit '4082bf8c963dbd44fe2f6367fa687217cbac58d3':
  Fix tracing on user builds
2014-01-09 18:03:13 +00:00
Colin Cross ce1340c665 am 5a369629: am cd0f824a: Merge "Fix tracing on user builds"
* commit '5a3696297b2f8d463ba601772df7af5966321d2e':
  Fix tracing on user builds
2014-01-09 17:58:28 +00:00
Colin Cross 5a3696297b am cd0f824a: Merge "Fix tracing on user builds"
* commit 'cd0f824a7cfe91f4db24511830658228487ae919':
  Fix tracing on user builds
2014-01-09 09:56:04 -08:00
Colin Cross cd0f824a7c Merge "Fix tracing on user builds" 2014-01-09 17:50:34 +00:00
Nick Kralevich 0969ec3a55 am 218878d4: am df8d0ffd: am 72f269f3: am 8830b53b: Merge "Label existing /data/mediadrm files."
* commit '218878d447b58b357f0dc97bfe6b77196d35a729':
  Label existing /data/mediadrm files.
2014-01-08 23:49:18 +00:00
Nick Kralevich df8d0ffd73 am 72f269f3: am 8830b53b: Merge "Label existing /data/mediadrm files."
* commit '72f269f3050b3e5b2fd6be7d0a6a485114cc6ee7':
  Label existing /data/mediadrm files.
2014-01-08 17:44:32 +00:00
Nick Kralevich 72f269f305 am 8830b53b: Merge "Label existing /data/mediadrm files."
* commit '8830b53b76c05416c021df3eb0cea1dd541bc3ac':
  Label existing /data/mediadrm files.
2014-01-08 09:39:20 -08:00
rpcraig 2dcbb81d89 Label existing /data/mediadrm files.
Use restorecon_recursive to label devices
where the directory and subfiles have
already been built and labeled.

Change-Id: I0dfe1e542fb153ad20adf7b2b1f1c087b4956a12
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
2014-01-07 22:28:04 -05:00
Todd Poynor 950909c301 init.rc: start lmkd
Change-Id: Ibebab31e1f41a210821834a1d65f196b39bb6601
2014-01-04 00:29:10 +00:00
Nick Kralevich cb1f0147d7 am 88d040a3: am 3df76c0c: am 6bec36ec: am 5b8abdf6: Merge "Apply strict SELinux checking of PROT_EXEC on mmap/mprotect calls."
* commit '88d040a32feac727a7e11658198c32d9cc563d8e':
  Apply strict SELinux checking of PROT_EXEC on mmap/mprotect calls.
2014-01-02 21:08:36 +00:00
Nick Kralevich 6bec36ecc9 am 5b8abdf6: Merge "Apply strict SELinux checking of PROT_EXEC on mmap/mprotect calls."
* commit '5b8abdf6278a4142736d918d1371d10c54c91db3':
  Apply strict SELinux checking of PROT_EXEC on mmap/mprotect calls.
2014-01-02 13:03:03 -08:00
Nick Kralevich 5b8abdf627 Merge "Apply strict SELinux checking of PROT_EXEC on mmap/mprotect calls." 2014-01-02 20:58:35 +00:00
Colin Cross 3dd470552c am 469035b8: am fed48bb6: am 6604f2d1: am 2dcc2759: Merge "Run the console service shell in the shell domain."
* commit '469035b83546a847a1f12c1feca50a1c7e5e1062':
  Run the console service shell in the shell domain.
2013-12-27 20:28:52 +00:00
Colin Cross 6604f2d1ef am 2dcc2759: Merge "Run the console service shell in the shell domain."
* commit '2dcc275936aefbb5badf3b4822d492260077144d':
  Run the console service shell in the shell domain.
2013-12-27 12:21:24 -08:00
Stephen Smalley 5e1461dc90 Apply strict SELinux checking of PROT_EXEC on mmap/mprotect calls.
If checkreqprot == 1, SELinux only checks the protection flags passed
by the application, even if the kernel internally adds PROT_EXEC for
READ_IMPLIES_EXEC personality flags.  Switch to checkreqprot == 0
to check the final protection flags applied by the kernel.

Change-Id: Ic39242bbbd104fc9a1bcf2cd2ded7ce1aeadfac4
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-12-23 16:29:25 -05:00
Stephen Smalley 610653fe93 Run the console service shell in the shell domain.
This allows it to be permissive in userdebug/eng builds
but confined/enforcing in user builds.

Change-Id: Ie322eaa0acdbefea2de4e71ae386778c929d042b
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-12-23 14:11:44 -05:00
Greg Hackmann d9a5df44c5 am 5ae67beb: am c042bb01: am e25864b7: am 537f53b6: Merge "rootdir: add permissions for /dev/rtc0"
* commit '5ae67bebc46a4974869458eb35270b23633aba0c':
  rootdir: add permissions for /dev/rtc0
2013-12-18 00:31:30 +00:00
Greg Hackmann e25864b752 am 537f53b6: Merge "rootdir: add permissions for /dev/rtc0"
* commit '537f53b682eb0d99e90da2a3e7389ea474bc583d':
  rootdir: add permissions for /dev/rtc0
2013-12-17 16:23:31 -08:00
Greg Hackmann a585e662e0 rootdir: add permissions for /dev/rtc0
Change-Id: If9d853bdae2399b1e7434f45df375ba1fd6dbe9c
Signed-off-by: Greg Hackmann <ghackmann@google.com>
2013-12-17 14:45:39 -08:00
Nick Kralevich f7f823e46b am 8b0d10c8: am a24e9a86: am 02ad8700: am e4335483: Merge "Relabel /data/misc/zoneinfo"
* commit '8b0d10c870efbe8254f407e02c406c05bedfa0b5':
  Relabel /data/misc/zoneinfo
2013-12-16 17:12:22 +00:00
Nick Kralevich 02ad8700dd am e4335483: Merge "Relabel /data/misc/zoneinfo"
* commit 'e4335483e78292800e27c7bf0a67d23bee47dc84':
  Relabel /data/misc/zoneinfo
2013-12-16 09:04:04 -08:00
Nick Kralevich 354e9edbd7 Relabel /data/misc/zoneinfo
The files in zoneinfo changed from system_data_file to
zoneinfo_data_file. Fixup pre-existing files.

Change-Id: Idddbd6c2ecf66cd16b057a9ff288cd586a109949
2013-12-13 16:03:48 -08:00
Nick Kralevich 6b3867fc6b am 7d1f3a3d: am bdf53e2a: Merge "Do not change ownership on /sys/fs/selinux/enforce."
* commit '7d1f3a3daa721892b3247e847f72f1e948a0a68f':
  Do not change ownership on /sys/fs/selinux/enforce.
2013-12-09 18:42:14 +00:00
Nick Kralevich 7d1f3a3daa am bdf53e2a: Merge "Do not change ownership on /sys/fs/selinux/enforce."
* commit 'bdf53e2a59654d2b1e8469616f1b0175b275219d':
  Do not change ownership on /sys/fs/selinux/enforce.
2013-12-09 10:35:41 -08:00
Stephen Smalley 17bec835d5 Do not change ownership on /sys/fs/selinux/enforce.
There is no longer any reason to permit system UID to set enforcing mode.

Change-Id: Ie28beed1ca2b215c71f2847e2390cee1af1713c3
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-12-09 10:23:16 -05:00
The Android Open Source Project 7fc7a07b23 Merge commit '252d9030cd4b2e3e6cf13fa33f328eccedb5e26c' into HEAD 2013-12-05 12:38:34 -08:00
Carton He dd8fddd503 Fix tracing on user builds
Need the set correct permission for print-tgid option or tracing of
sched can't work on user build.

Change-Id: Ia88aabe58128b911afd78f01c27f7da884ed03f0
Signed-off-by: Carton He <carton.he@marvell.com>
2013-12-05 14:24:03 +08:00
Greg Hackmann bf5e7ed84e am 5ebd8e43: am b2406973: Merge changes I727d9135,I3bd1b59d,I0d05aa28
* commit '5ebd8e43ba992d12fcdac4aedf7da51b50d6b949':
  rootdir: add ueventd.rc rule for adf subsystem
  init: add subsystem rules to ueventd.rc
  init: handle ueventd path truncation better
2013-11-27 17:09:20 +00:00
Greg Hackmann 5ebd8e43ba am b2406973: Merge changes I727d9135,I3bd1b59d,I0d05aa28
* commit 'b240697339b1ff1f45217a48dc9d3fa8a2f21a2b':
  rootdir: add ueventd.rc rule for adf subsystem
  init: add subsystem rules to ueventd.rc
  init: handle ueventd path truncation better
2013-11-26 14:01:04 -08:00
Greg Hackmann 95b348c5d7 rootdir: add ueventd.rc rule for adf subsystem
Change-Id: I727d91355229692c11e0e309c0fcac051269eba3
Signed-off-by: Greg Hackmann <ghackmann@google.com>
2013-11-26 13:18:26 -08:00
The Android Open Source Project 66ed50af68 Merge commit '536dea9d61a032e64bbe584a97463c6638ead009' into HEAD
Change-Id: I5c469a4b738629d99d721cad7ded02d6c35f56d5
2013-11-22 13:44:43 -08:00
Todd Poynor fabe8716f8 am fd1dd864: am 479efb54: init.rc: mount pstore fs, set console-ramoops permissions
* commit 'fd1dd864a896bd6233ee8c75b84d9771148dd9b3':
  init.rc: mount pstore fs, set console-ramoops permissions
2013-11-22 10:45:49 -08:00
Todd Poynor fd1dd864a8 am 479efb54: init.rc: mount pstore fs, set console-ramoops permissions
* commit '479efb540a198a9b7cd278387b0d45009a05bb2b':
  init.rc: mount pstore fs, set console-ramoops permissions
2013-11-22 10:42:17 -08:00
Elliott Hughes 9350d80e70 am b6ee39bc: am 4a4616f6: am 048bb92f: Merge "split setptop ethernet tcp buffer from wifi"
* commit 'b6ee39bca4b774cf2ffbad8eb12dcfc13b8814c9':
  split setptop ethernet tcp buffer from wifi
2013-11-21 22:59:48 -08:00
Todd Poynor 479efb540a init.rc: mount pstore fs, set console-ramoops permissions
Change-Id: I44cb00f9123c6044a03de926b6a616da753bb549
2013-11-21 20:23:54 -08:00
Elliott Hughes b6ee39bca4 am 4a4616f6: am 048bb92f: Merge "split setptop ethernet tcp buffer from wifi"
* commit '4a4616f6450f191faf168a10b6e2ffaba14803bd':
  split setptop ethernet tcp buffer from wifi
2013-11-21 17:15:09 -08:00
Elliott Hughes 4a4616f645 am 048bb92f: Merge "split setptop ethernet tcp buffer from wifi"
* commit '048bb92f3f33196d96a51b446c73805e208a5333':
  split setptop ethernet tcp buffer from wifi
2013-11-20 18:10:49 -08:00
Jianzheng Zhou 52ea510f8f split setptop ethernet tcp buffer from wifi
Change-Id: I0582ec75fddb904ca14b9cbddf593ddbd4195c41
Signed-off-by: Jianzheng Zhou <jianzheng.zhou@freescale.com>
2013-11-15 13:44:00 +08:00
Jeff Sharkey fb7e395455 am 9b41f452: am a9e453f1: Merge "vold no longer does MS_MOVE; remove tmpfs." into klp-dev
* commit '9b41f452013123d0a394e696f597467da73108ed':
  vold no longer does MS_MOVE; remove tmpfs.
2013-10-17 18:50:43 -07:00
Jeff Sharkey 9b41f45201 am a9e453f1: Merge "vold no longer does MS_MOVE; remove tmpfs." into klp-dev
* commit 'a9e453f1b552699f69dca19599c7624a581089bd':
  vold no longer does MS_MOVE; remove tmpfs.
2013-10-17 18:48:45 -07:00
Jeff Sharkey 00c8e1a219 vold no longer does MS_MOVE; remove tmpfs.
MS_MOVE was used when staging external storage devices, which no
longer occurs.  In fact, having a writable tmpfs was masking a vold
bug around moving apps to SD cards.

Bug: 11175082
Change-Id: Ib2d7561c3a0b6fde94f651a496cb0c1f12f88d96
2013-10-17 16:47:20 -07:00
Jeff Sharkey eef6fca832 am a5fdea71: am e93a0517: Set GID required to write, media_rw mount point.
* commit 'a5fdea7189239d7edeafa528c299306cba55e6c6':
  Set GID required to write, media_rw mount point.
2013-10-08 16:02:41 -07:00
Jeff Sharkey a5fdea7189 am e93a0517: Set GID required to write, media_rw mount point.
* commit 'e93a0517f4c88310066ac39c6b268ebfcceef44e':
  Set GID required to write, media_rw mount point.
2013-10-08 14:12:38 -07:00
Jeff Sharkey e93a0517f4 Set GID required to write, media_rw mount point.
Add sdcard FUSE daemon flag to specify the GID required for a package
to have write access.  Normally sdcard_rw, but it will be media_rw
for secondary external storage devices, so DefaultContainerService
can still clean up package directories after uninstall.

Create /mnt/media_rw which is where vold will mount raw secondary
external storage devices before wrapping them in a FUSE instance.

Bug: 10330128, 10330229
Change-Id: I4385c36fd9035cdf56892aaf7b36ef4b81f4418a
2013-10-08 12:56:37 -07:00
Colin Cross ecb2e3903b am ad296139: am 410f8c30: am 79b277ab: Merge "Set security context of /adb_keys and /data/misc/adb/adb_keys."
* commit 'ad2961397f1c7b79b114672108a3bc9b87dc8174':
  Set security context of /adb_keys and /data/misc/adb/adb_keys.
2013-10-03 15:17:53 -07:00
Alex Klyubin dcf2771bb7 am ea1f56e7: am b1dd1765: am b42fc74f: Merge "Expose /dev/hw_random to group "system"."
* commit 'ea1f56e7ffec235cc5d48e7cd9cb7d39f4ba1598':
  Expose /dev/hw_random to group "system".
2013-10-03 15:17:53 -07:00
Colin Cross ad2961397f am 410f8c30: am 79b277ab: Merge "Set security context of /adb_keys and /data/misc/adb/adb_keys."
* commit '410f8c305b416484f17f068c37b785605a2f69eb':
  Set security context of /adb_keys and /data/misc/adb/adb_keys.
2013-10-03 15:15:43 -07:00
Alex Klyubin ea1f56e7ff am b1dd1765: am b42fc74f: Merge "Expose /dev/hw_random to group "system"."
* commit 'b1dd176520896efacbabd1df65d8bb56e1bfeb71':
  Expose /dev/hw_random to group "system".
2013-10-03 15:15:43 -07:00
Colin Cross 410f8c305b am 79b277ab: Merge "Set security context of /adb_keys and /data/misc/adb/adb_keys."
* commit '79b277ab73711313690d03a9fb2e9cb3f9242b39':
  Set security context of /adb_keys and /data/misc/adb/adb_keys.
2013-10-03 15:14:14 -07:00
Alex Klyubin b1dd176520 am b42fc74f: Merge "Expose /dev/hw_random to group "system"."
* commit 'b42fc74f0db60e1e86deaf527b3b7e7ec53dcc54':
  Expose /dev/hw_random to group "system".
2013-10-03 15:14:13 -07:00
Colin Cross 79b277ab73 Merge "Set security context of /adb_keys and /data/misc/adb/adb_keys." 2013-10-03 22:13:06 +00:00
Alex Klyubin b2478a713a Expose /dev/hw_random to group "system".
This is needed to let EntropyMixer (runs inside system_server) read
from /dev/hw_random.

Change-Id: Ifde851004301ffd41b2189151a64a0c5989c630f
2013-10-03 13:32:36 -07:00
Colin Cross 41c9fd6480 am 0d3ac55d: am 230252d5: am 61afb07b: Merge "Trigger a policy reload from post-fs-data."
* commit '0d3ac55d0654fe4f6d37923782dcd41f0590c741':
  Trigger a policy reload from post-fs-data.
2013-10-01 20:59:43 -07:00
Colin Cross 0d3ac55d06 am 230252d5: am 61afb07b: Merge "Trigger a policy reload from post-fs-data."
* commit '230252d5cd70f5be4c24046c7a409e9498ac97f5':
  Trigger a policy reload from post-fs-data.
2013-10-01 18:53:51 -07:00
Colin Cross 230252d5cd am 61afb07b: Merge "Trigger a policy reload from post-fs-data."
* commit '61afb07b9b14233f76a969840f74ce1ced22bf58':
  Trigger a policy reload from post-fs-data.
2013-10-01 18:50:18 -07:00
Stephen Smalley deb41e5127 Set security context of /adb_keys and /data/misc/adb/adb_keys.
I97b3d86a69681330bba549491a2fb39df6cf20ef introduced a separate type
for the adb_keys file.  Set the security context of the adb_keys file
accordingly by adding restorecon commands to init.rc.

Change-Id: I30e4d2a1ae223a03eadee58a883c79932fff59fe
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-10-01 09:21:47 -04:00
Colin Cross 61afb07b9b Merge "Trigger a policy reload from post-fs-data." 2013-09-30 20:04:12 +00:00
Ken Sumrall 6314401946 am dfcbf02b: am 6b1a0272: Merge "Create a separate copy of the fsck logs" into klp-dev
* commit 'dfcbf02bb0a6705e3714a59e42e052fbb0ce8799':
  Create a separate copy of the fsck logs
2013-09-24 10:25:31 -07:00
Ken Sumrall dfcbf02bb0 am 6b1a0272: Merge "Create a separate copy of the fsck logs" into klp-dev
* commit '6b1a027239689a817aa5ca44a2bcbfe48ed21408':
  Create a separate copy of the fsck logs
2013-09-23 18:59:39 -07:00
Ken Sumrall 6b1a027239 Merge "Create a separate copy of the fsck logs" into klp-dev 2013-09-23 20:06:57 +00:00
Todd Poynor 4676550b56 init.rc: use oom_score_adj instead of oom_adj
Use kernel oom_score_adj interface to make init and children unkillable.

Stop using older, deprecated oom_adj interface.

Use OOM_SCORE_ADJ_MIN to make the processes unkillable (previously the processes
were set to a very low score, but not unkillable).

Change-Id: I680965009585c2a5a580859fb946f2d0caa95d9c
2013-09-23 18:32:36 +00:00
Ken Sumrall 4eaf905858 Create a separate copy of the fsck logs
The log_target parameter of android_fork_execvp_ext() is now a
bit field, and multiple targets can be set to log to multiple
places at the same time.

The new target LOG_FILE will log to a file specified by the new
parameter file_path.

Set LOG_FILE and log to a file in /dev (the only writable filesystem
avilable when e2fsck runs) when invoking e2fsck in fs_mgr.

Bug: 10021342

Change-Id: I63baf644cc8c3afccc8345df27a74203b44d0400
2013-09-20 17:44:33 -07:00
Jeff Sharkey aa4a3228f0 am 9729b415: am 44d6342c: Remove mkdir() side effect, add .nomedia, utils.
* commit '9729b41574ca5e5e87c86b203a2096cbdc72cfea':
  Remove mkdir() side effect, add .nomedia, utils.
2013-09-20 15:59:37 -07:00
Jeff Sharkey 9729b41574 am 44d6342c: Remove mkdir() side effect, add .nomedia, utils.
* commit '44d6342caa0db1f613809e9ba1ea8d9af0183b74':
  Remove mkdir() side effect, add .nomedia, utils.
2013-09-20 15:57:58 -07:00
Jeff Sharkey 44d6342caa Remove mkdir() side effect, add .nomedia, utils.
Before this change, FUSE lookup() would have the side effect of
creating the directory on behalf of apps.  This resulted in most
directories being created just by Settings trying to measure disk
space.  Instead, we're switching to have vold do directory creation
when an app doesn't have enough permissions.

Create fs_mkdirs() utility to create all parent directories in a
path as needed.  Allow traversal (+x) into /storage directories.

Fix FUSE derived permissions to be case insensitive.  Mark well-known
directories as .nomedia when created.

Bug: 10577808, 10330221
Change-Id: I53114f2e63ffbe6de4ba6a72d94a232523231cad
2013-09-20 14:21:09 -07:00
Nick Kralevich 5660da25b9 am 1998e505: am 2e940286: am 0f507339: Merge "Do not change ownership of /sys/fs/selinux/load to system UID."
* commit '1998e505a98ad445bead87c2bb047053f1aea648':
  Do not change ownership of /sys/fs/selinux/load to system UID.
2013-09-19 08:54:12 -07:00
Nick Kralevich 1998e505a9 am 2e940286: am 0f507339: Merge "Do not change ownership of /sys/fs/selinux/load to system UID."
* commit '2e9402863b40fe8bf2ddd8169c62f2419d968ff9':
  Do not change ownership of /sys/fs/selinux/load to system UID.
2013-09-19 08:51:49 -07:00
Nick Kralevich 2e9402863b am 0f507339: Merge "Do not change ownership of /sys/fs/selinux/load to system UID."
* commit '0f507339ec474a2f67227466efc9045630f1f1a4':
  Do not change ownership of /sys/fs/selinux/load to system UID.
2013-09-19 08:50:21 -07:00
Stephen Smalley cc13e8ab87 Do not change ownership of /sys/fs/selinux/load to system UID.
Policy reload is handled by setting the selinux.reload_policy property
and letting the init process perform the actual loading of policy into
the kernel.  Thus, there should be no need for the system UID to directly
write to /sys/fs/selinux/load.

Change-Id: I240c5bb2deaee757a2e1e396e14dea9e5d9286f5
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-09-19 11:26:26 -04:00
Nick Kralevich 5d4be69093 am 0e7bd81c: am 4f18183b: Merge "Initialize /dev/urandom earlier in boot." into klp-dev
* commit '0e7bd81c938611cfa4ebf44870668300a5bba875':
  Initialize /dev/urandom earlier in boot.
2013-09-18 12:53:11 -07:00
Nick Kralevich 0e7bd81c93 am 4f18183b: Merge "Initialize /dev/urandom earlier in boot." into klp-dev
* commit '4f18183bd6d3d2ed5d698c176ecc239211bdb82e':
  Initialize /dev/urandom earlier in boot.
2013-09-18 12:50:32 -07:00
Nick Kralevich b410eb1913 Initialize /dev/urandom earlier in boot.
It's a security best practice to carry entropy across reboots.
(see "man 4 random"). Currently, entropy saving and mixing occur
in the system_server, via the EntropyMixer code. Unfortunately, the
EntropyMixer code runs fairly late in the boot process, which means
early boot doesn't have high quality entropy. This has caused security
problems in the past.

Load entropy data as soon as we can in the early boot process, so that
we can get /dev/random / /dev/urandom into a "random" state earlier.

Bug: 9983133
Change-Id: Id4a6f39e9060f30fe7497bd8f8085a9bec851e80
2013-09-18 07:53:51 -07:00
Todd Poynor 59e51e792a init.rc: no longer start healthd in charger mode
Being moved to healthd/charger mode in board-specific init.rc.

Change-Id: Ie9fc2e5abc1737fbffec8fb071c73f5fd96e4d17
2013-09-17 14:41:07 -07:00