Commit Graph

683 Commits

Author SHA1 Message Date
San Mehat 429721c5c4 init: Implement 'exec' command.
(cherry-pick of d05ab3952ec0e38f33a0e80ce6b9eb45b0064ba4.)

Change-Id: Id6d9bb32e51a0ad090ed8240cc505dc45b57b35d
2015-02-02 16:22:56 -08:00
Badhri Jagan Sridharan 0b41512a2e init: Add support "&&" operator in property triggers
"&&" operator can now be used to test the validity
of two of more properties.

For example:

on property:test.a=1 && property:test.b=1
    setprop test.c 1

The above stub sets the test.c to 1 only when
both test.a=1 and test.b=1

(cherry-pick of 162f7d797c67019a7a3f08c3b0f0ffc91d548ddc.)

Change-Id: I72c19f7aa92231372a416193618ee6c7fd368141
Signed-off-by: Badhri Jagan Sridharan <badhri@google.com>
2015-02-02 16:21:05 -08:00
Nick Kralevich 45a884f85f Add O_CLOEXEC to lots of open() calls.
and other related fixups.

Change-Id: Ia88fb37a07ff6777d00c49800081f5a519c0c78d
2015-02-02 14:37:22 -08:00
Nick Kralevich bc60954fae builtins.c: Don't require file open() for chmod/chown
42a9349dc4 modified init's
builtin chmod, chown, and mkdir calls to avoid following
symlinks. This addressed a number of attacks we were seeing
at the time where poorly written init scripts were following
attacker supplied symlinks resulting in rooting vulnerabilities.

To avoid race conditions, the previous implementation only ran
fchown / fchmod on file descriptors opened with open(O_NOFOLLOW).
Unfortunately, unlike the normal "chown" or "chmod" calls, this
requires read or write access to the underlying file. This
isn't ideal, as opening some files may have side effects, or
init may not have permission to open certain files (such as when
SELinux is enabled).

Instead of using open(O_NOFOLLOW) + fchown(), use lchown() instead.
As before, the target of the symlink won't be modified by chown.
This also supports setting the ownership of symlinks.

Instead of using open(O_NOFOLLOW) + fchmod(), use
fchmodat(AT_SYMLINK_NOFOLLOW) instead. As before, the target of the
symlink won't be modified by chmod.

This change will continue to ensure that chown/chmod/mkdir doesn't
follow symlinks, without requiring init to open every file in
read-only or read-write mode.

This change depends on bionic commit I1eba0cdb2c509d9193ceecf28f13118188a3cfa7

Addresses the following mako/occam SELinux denial:

  audit(1422770408.951:6): avc:  denied  { write } for  pid=1 comm="init" name="smd7" dev="tmpfs" ino=7207 scontext=u:r:init:s0 tcontext=u:object_r:radio_device:s0 tclass=chr_file

Change-Id: I14fde956784d65c44e7aa91dd7eea9a004df3081
2015-02-02 13:45:21 -08:00
Elliott Hughes 3d74d7a739 Add missing includes.
Change-Id: Iaa130c0a7eb2cbc0c8486546e5b622661b6d9e23
2015-01-29 21:31:23 -08:00
Chih-Hung Hsieh d3d4741584 Enable clang for init, after fix of global .mk files.
LOCAL_FORCE_STATIC_EXECUTABLE was not working properly for clang
because -Bstatic was ignored by clang. We can now enable clang
for init after the -static flag is added to link static executable
files in build/core/definitions.mk.

BUG: 18008984
Change-Id: I3f361b83c1e0b313914603dff33fd090cd3b116a
2015-01-22 15:28:56 -08:00
Andres Morales 1f1b058e35 property_service: Added vendor build properties to load_all_props
Change-Id: Id50a6dd7fd40752efff8a327ea6b4a45b07fc1b2
2015-01-13 18:18:41 -08:00
dcashman 05345bfdb0 Move property_context label handling to libselinux.
Resubmission of commit: dab91bd37af6be355163ee33ca6f1b00e7dd1b51

Change-Id: Iad9517d3f81f7c091307b3e7497675e2cdc32be5
2014-12-10 13:21:17 -08:00
Nick Kralevich 59f64ec31f Revert "Move property_context label handling to libselinux."
Emulator fails to boot.

This reverts commit 98069027bd.

Bug: 18692152
Change-Id: If362e1311bc3f07e033ba81190c05608ada7c361
2014-12-10 02:02:32 +00:00
dcashman 98069027bd Move property_context label handling to libselinux.
Change-Id: I76e2ed95d4e4f8618458e63d30ae82e37d1acf7b
2014-12-03 15:18:40 -08:00
Andreas Gampe a016c42b4f Init: Remove unused variables
For build-system CFLAGS clean-up, fix unused variables.

Use a #define instead of static variable in a header file.

Change-Id: Id47bf38e51644b61a9f3ac1893a16553695f1aac
2014-11-24 19:52:41 -08:00
Ying Wang dbb78d65c0 Use LOCAL_POST_INSTALL_CMD to simplify symlink creation.
Change-Id: I67ad7248c26561d394e66901e90ef5814ec69fb3
2014-11-24 15:43:34 -08:00
Tomasz Kondel fca58f4b18 Fix segfault in get_character_device_symlinks()
A segmentation fault will occur when strchr function returns NULL.

Change-Id: I76076acfff16056179bf24dff5df9f81d9a45125
2014-11-13 18:23:34 +00:00
Tomasz Kondel bfdcc40bff Close fd on error path in do_mount()
This fix closes a file descriptor before returning
error from do_mount()

Change-Id: Ib370229f16bf9ac385162d6b163cc5b079a1e73e
2014-11-13 18:20:55 +00:00
Daniel Rosenberg b95122205d property_service: Added vendor build properties to load_all_props
Change-Id: I267bd848e1f6e2978024c07e603b25f1f41f5fbf
Signed-off-by: Daniel Rosenberg <drosen@google.com>
2014-11-11 12:17:00 -08:00
Elliott Hughes 57583a789f init isn't built for platforms without dirent::d_type.
Change-Id: Icd4b431576f2ba619ff4ae6fb871bb0210d3b2f2
2014-11-10 15:00:00 -08:00
Chih-hung Hsieh 5d727710ba am 2d241ec8: am 3a387176: Merge "Don\'t build init with clang for now"
* commit '2d241ec8a86c56bbf8522eb007674d7b4e3d164d':
  Don't build init with clang for now
2014-10-16 16:32:17 +00:00
Bernhard Rosenkraenzer 84e07fb7a4 Don't build init with clang for now
init doesn't start when built with clang.
Set LOCAL_CLANG:=false until this is analyzed and fixed.

Change-Id: I5a7944aef676ce88defe5c0449e712d9812fb5f3
Signed-off-by: Bernhard Rosenkraenzer <Bernhard.Rosenkranzer@linaro.org>
2014-10-04 01:36:49 +02:00
Jeff Sharkey 380e3e67ba am 2b16bf88: Merge "Include reason when wiping data." into lmp-dev
* commit '2b16bf88c768003291f027fdfac94d84abe9dbe6':
  Include reason when wiping data.
2014-09-24 23:35:43 +00:00
Jeff Sharkey d26135b34d Include reason when wiping data.
This will help us track down who requested a data wipe.

Bug: 17412160
Change-Id: I40f73d2d0f08123d2afc044a3dde485151b400d9
2014-09-24 11:46:36 -07:00
Elliott Hughes 2e826dc2b1 am ae3a8961: am fed0f06b: Merge "init: Fix memory corruption when sanitizing platform paths"
* commit 'ae3a8961f01e436a70cab569483b8ebcc1f56c0c':
  init: Fix memory corruption when sanitizing platform paths
2014-09-23 02:16:48 +00:00
Christopher R. Palmer 07f3fee164 init: Fix memory corruption when sanitizing platform paths
This commit fixes code that incorrectly increments s when it
hits the terminator character of the string being sanitized.
This means it will randomly start trashing memory beyond the
end of the string being sanitized until it happens to hit two
NULs (\0\0) which will break it out of the loop.

Change-Id: I76553d7f183236a78a0bc7b408e92559b98f732f
2014-09-22 20:42:25 -04:00
Paul Lawrence 48fb175d22 am 40af0929: Fix charger mode on first boot of force encrypt devices
* commit '40af09297f9d60a3cfd4a186ff294cef6255a9df':
  Fix charger mode on first boot of force encrypt devices
2014-09-16 22:43:18 +00:00
Paul Lawrence 40af09297f Fix charger mode on first boot of force encrypt devices
waitpid breaks whenever child status signals. Need to loop, continuing
on errno EINTR

Bug: 17515976
Change-Id: Ibb29056a38b3c90dc7904de8c6aedb5a362e511d
2014-09-16 22:14:46 +00:00
Nick Kralevich 042ece12be am 465fc3b9: am 1cbf4329: Merge "Remove obsolete warning from restorecon_recursive documentation."
* commit '465fc3b974384feea3ea991a5e2f801ce1253e2f':
  Remove obsolete warning from restorecon_recursive documentation.
2014-09-02 15:59:17 +00:00
Stephen Smalley d9c19b0c15 Remove obsolete warning from restorecon_recursive documentation.
We originally included a warning to not invoke restorecon_recursive
with a path leading to a shell-writable or app-writable directory
due to concerns about the potential for mischief with symlinks during
the restorecon_recursive.  However, this warning was never necessary for
calling restorecon_recursive during system initialization before an adb
shell or app can run, and we have further prohibited init from
reading/following symlinks that can be created by shell or apps in
policy, so this warning is superfluous.  It also contradicts current
usage of restorecon_recursive in rootdir/init.rc, since it is called
there on /data.

Change-Id: I28a635e0b5991ced8adcef93e7a04f9d9e5634fd
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2014-09-02 09:34:53 -04:00
Elliott Hughes d546cb59ea am bf921c51: am 7a1973ec: Merge "remove examples of unimplemented triggers ( device-added device-removed ) from init/readme.txt"
* commit 'bf921c5112043b5e39b76e76f38f2818bc904b05':
  remove examples of unimplemented triggers ( device-added device-removed ) from init/readme.txt
2014-08-29 22:38:37 +00:00
Trevor Drake d028394a27 remove examples of unimplemented triggers ( device-added device-removed )
from init/readme.txt

Change-Id: I16e226d8f563a223ae20044fff30498883bc4ae2
2014-08-29 20:07:28 +01:00
Elliott Hughes a1e9ced56e am 8e207634: am d5f230af: Merge "Remove descriptions of unimplemented triggers."
* commit '8e207634c89e18a319c6514c39acd5aaff6d8f83':
  Remove descriptions of unimplemented triggers.
2014-08-28 17:15:26 +00:00
Trevor Drake d4a497714a Remove descriptions of unimplemented triggers.
device-added, device-removed and service-exited were described but
never implemented.

Change-Id: I6fbd05a85576d18d6741fc6dd549acc9132b0531
2014-08-28 15:38:52 +01:00
Paul Lawrence a95e10fe31 am a005e779: Merge "Enable not rebooting during default encryption" into lmp-dev
* commit 'a005e7795e3dfb7cc0bd2bc65208d2490bfc89d8':
  Enable not rebooting during default encryption
2014-08-26 04:53:43 +00:00
Paul Lawrence c23074f386 Enable not rebooting during default encryption
Need to not set this property) during mount, since it can't
be changed later (ro property)

Also no reason to start class main on encryption cycle - we'll
show surfaceflinger, which is enough UI for this short cycle.

Bug: 17041092
Change-Id: Ica5339c54e45716d0fe20e23c0ab857f388d23ed
2014-08-25 19:24:10 +00:00
Kenny Root c6c8b563e6 am cf2b944d: am 5a1d5a8c: Merge "ueventd: call _exit for safety"
* commit 'cf2b944df6d744d279a434ec280f9bd8cef03a5b':
  ueventd: call _exit for safety
2014-08-25 18:03:27 +00:00
Kenny Root 17baff480a ueventd: call _exit for safety
Make sure to call _exit instead of exit to avoid triggering exit
handlers that may have existed in the parent process.

Print out a log message when forking to process firmware events fails.

Change-Id: I2436bdf85d9a8ea26b718e62023f1dac89864667
2014-08-25 10:05:08 -07:00
Elliott Hughes 0fd33562d6 am 5d228392: am d24240fb: Merge "Fixed the pacing logic in bootchart data collection."
* commit '5d2283927a9527130cad15d33c1e2b360f4bd46f':
  Fixed the pacing logic in bootchart data collection.
2014-08-06 22:40:43 +00:00
Elliott Hughes d24240fb4f Merge "Fixed the pacing logic in bootchart data collection." 2014-08-06 17:15:22 +00:00
Bo (Andover) Zhang 3700373c67 Fixed the pacing logic in bootchart data collection.
Ideally bootchart collects system data every BOOTCHART_POLLING_MS ms.
However, the current bootchart pacing logic would collect data every
time the main loop in init.c is executed. This results in:

1. Multiple data samples being taken consecutively or prematurely. In
many cases, these data samples have the same timestamp (in jiffies).
The off-line data processing tool would complain about dividing by
zero "interval" and bail out.

2. Because of the ineffective pacing, bootchart data collection would
terminate prematurely. The total duration of data collection is usually
much shorter than what the user specifies.

The fix is to check whether BOOTCHART_POLLING_MS ms has elapsed
before taking a new data sample. For this purpose, /proc/uptime
is used to get the time values, consistent with the precision of
bootchart timestamps.

Change-Id: I106bf91dbda01059b719df6c73b8bd1cd54a64f0
Signed-off-by: Bo (Andover) Zhang <zhang@broadcom.com>
2014-07-29 21:09:01 -04:00
Elliott Hughes 0b6f8974c9 am 95ec9ae2: am bce3c0c7: Merge "Clarify init\'s write command."
* commit '95ec9ae2c6bad929853c8e0574a354f2eda9604b':
  Clarify init's write command.
2014-07-25 23:04:03 +00:00
Elliott Hughes afc08ce392 Clarify init's write command.
Bug: https://code.google.com/p/android/issues/detail?id=73996
Change-Id: I4f8d3927d17a4021a2436c2859aa732479c5a118
2014-07-25 14:57:47 -07:00
Elliott Hughes d41f1a7ae4 Clarify init's write command.
Bug: https://code.google.com/p/android/issues/detail?id=73996

(cherry picked from commit afc08ce392)

Change-Id: Id2fb11d5259957ef23cc839fba14af8452fc69e4
2014-07-25 15:49:44 -07:00
Riley Andrews 4aa98b0c7c am c6ac2793: am ebf9f8f1: Merge "Move unlink("/dev/.booting") until after filesystems are mounted."
* commit 'c6ac27937c632b00836ad72c83c9e7a640030aff':
  Move unlink("/dev/.booting") until after filesystems are mounted.
2014-07-14 20:11:41 +00:00
Riley Andrews 80c7a5e8a8 Move unlink("/dev/.booting") until after filesystems are mounted.
Move the unlink out of init.c and into init.rc, so that the file
will be removed after all the filesystems with firmware are up.

Change-Id: Ifdd5dd1e95d7e064dde5c80b70198882d949a710
2014-07-14 13:17:43 -07:00
Elliott Hughes ecba4dc037 am 85dfe988: am 796fccb8: Merge "Fix environment variable assignment in init"
* commit '85dfe98830c78f1c3d400ca7be4ac594bfcdd275':
  Fix environment variable assignment in init
2014-07-12 19:36:57 +00:00
Riley Andrews 9464e5a58d Move unlink("/dev/.booting") until after filesystems are mounted.
Move the unlink out of init.c and into init.rc, so that the file
will be removed after all the filesystems with firmware are up.

Change-Id: I7442df2042cc2788d0301f00e3c2fba7d6e0e1c7
2014-07-11 15:47:15 -07:00
James Morrissey 381341f5f7 Fix environment variable assignment in init
The init process allows environment variables to be specified in
the rc script globally, via 'export', and for a specific process,
via the 'setenv' option.

However, the mechanism for assembling the environment simply
appended the new variable without checking whether it was already
defined, so it was not possible to overwrite an existing entry.
This patch fixes that behaviour.

Limitations and concerns:

The limit of a maximum number of 31 variables is unchanged.

Currently, most callers of "add_environment" do not check the return
value, but the function now logs the failure rather than failing
silently.

Change-Id: Ie9a68c37a0f55c5b40e904e695cd35514f67f480
2014-07-10 11:22:46 -07:00
Nick Kralevich 3b4c0bda07 ueventd fixup_sys_perms: fixup SELinux labels unconditionally
Currently, the fixup code in fixup_sys_perms() scans through all
entries in uevent*.rc. If it finds a match, then it performs a fixup.
If there's no match in that file, no fixup is performed.

SELinux file labels are independently stored in /file_contexts,
with no relationship to the files in /ueventd.rc. Even when no
entries exist in ueventd.rc, we still want to fixup the SELinux
file label in /sys when a uevent message occurs.

Change-Id: I0ccb5395ec0be9282095b844a5022e8c0d8903ac
2014-07-07 11:14:59 -07:00
Colin Cross 09117c70f1 Merge "ueventd: allow matching symlink names when setting permissions" 2014-07-02 20:52:43 +00:00
Colin Cross 43d537e0de ueventd: allow matching symlink names when setting permissions
Change-Id: I5f6cc2a25f1236fbe2c7193b65363b7883b9ba2e
2014-07-02 13:56:55 -07:00
Nick Kralevich 4ef159a3c7 am 7367ecbc: am 06023134: am 8022ce1e: Merge "ueventd fixup_sys_perms: fixup SELinux labels unconditionally"
* commit '7367ecbc4839e3a608ab9b7742c659b58065209f':
  ueventd fixup_sys_perms: fixup SELinux labels unconditionally
2014-07-07 20:05:16 +00:00
Colin Cross 0c44584b47 am b18d44e4: am ab7e5752: am 09117c70: Merge "ueventd: allow matching symlink names when setting permissions"
* commit 'b18d44e458501f6b5b99349acc68d3d4e90e9d62':
  ueventd: allow matching symlink names when setting permissions
2014-07-02 23:13:48 +00:00
JP Abgrall cee206880e [HACK]fs_mgr+init: Format via recovery if encryptable /data is wiped
If the encryptable partition is wiped (4KB worth of 0 or 0xff),
then reboot into recovery to format /data+/cache

This is while waiting for the Mac OS support to format f2fs.
The flashstation running on Mac OS will currently just erase userdata
and not format it with f2fs.

Bug: 15720406
Bug: 15747366
Change-Id: Ib7cca3e1701483a09573457a835750f34da71ee0
2014-07-02 14:28:50 -07:00
JP Abgrall f22b745294 fs_mrg: clean up multi-type mount_all
Move the code that attempts to mount alternative fstab entries
into its own function.
Clarify return codes.
Suggest wipe via recovery in error messages.

Bug: 15747366
Change-Id: I3634477cd4d1d73f974f3e906c53285f0d9e0eac
Signed-off-by: JP Abgrall <jpa@google.com>
2014-07-02 13:39:44 -07:00
Elliott Hughes e61679c2fe am fac28281: am b13e4b5e: am 5a53ee05: Merge "Remove an unused #include of <sys/_properties.h>."
* commit 'fac2828161b6b14b7e862d94f2f4ef467621c832':
  Remove an unused #include of <sys/_properties.h>.
2014-06-30 19:41:05 +00:00
Elliott Hughes 11d783f1e7 Remove an unused #include of <sys/_properties.h>.
Bug: 15704351
Change-Id: I7841da7176d0638ae6737fe719cd187892bc38e6
2014-06-30 10:11:55 -07:00
Riley Andrews 24912dc446 resolved conflicts for merge of fa6f2543 to master
Change-Id: I04ce82e5d245e90e2cc62b76d688ec902c1a471d
2014-06-26 20:49:46 -07:00
Riley Andrews 1bbef88e80 Add ability to adjust init log level at runtime.
+ Add a new property, sys.init_log_level, which can be set after init
  bootstrap. This will control the level at which init does prints to klog.

Change-Id: Ia15b2110157b5e6b713785ece9b0fb94889be6c8
2014-06-26 15:05:20 -07:00
Riley Andrews 24a3b783d5 Improve init's debug printing.
+ Make prints of rc commands significantly more verbose. All commands
  will log all arguments, file/line number of the command, return value,
  and parent action which triggered the command.

init: command 'mount tmpfs tmpfs /mnt/obb mode=0755,gid=1000' action=init
      status=0 (/init.rc:89)
init: command 'setprop net.tcp.default_init_rwnd 60' action=boot status=0
      (/init.rc:403)

Change-Id: I5498c7258e4891706be4a12546df4231d14d86c4
2014-06-26 15:05:15 -07:00
Nick Kralevich f95244a9fc resolved conflicts for merge of dd8e63a4 to master
Change-Id: I5ee88d4a3846cb617ec115cb55c8192c8ecf2f4f
2014-06-26 05:13:39 -07:00
Nick Kralevich 64f5fe2796 Merge "property_service: get rid of hard coded property / control list" 2014-06-25 17:34:34 +00:00
Nick Kralevich 61be43907f am 471a7034: am aadf9f11: am 4ad20e55: Merge "Redirect libselinux logging to dmesg for ueventd."
* commit '471a7034b2fca93f174c88e275d3968032730aa7':
  Redirect libselinux logging to dmesg for ueventd.
2014-06-25 18:46:59 +00:00
Stephen Smalley 439224e275 Redirect libselinux logging to dmesg for ueventd.
We already do this for init, but had failed to do it for ueventd
and could not capture any logging from libselinux calls made by
ueventd.

Truly enabling non-error logging also requires uncommenting a line
in Android.mk:
LOCAL_CFLAGS += -DLOG_UEVENTS=1
which enables other logging and sets the default log level to INFO,
or otherwise changing the klog level in the ueventd code (is not
settable by init.rc loglevel).

Change-Id: I00e6f9d6271f2a21d9078c96368816d74d6d2850
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2014-06-24 14:11:59 -04:00
Riley Andrews 6bd4588d65 resolved conflicts for merge of 079c637f to master
Change-Id: Iab9a857026de954d7497d6b0eaf3751d2d3904c7
2014-06-23 15:20:51 -07:00
Ruchi Kandoi c603720aed ueventd: UEVENT_MSG_LEN changed to 2048 from 1048 in compliance with the
BUFFER_LEN in the kobject_uevent in kernel.

Change-Id: Ib98626f20a7c26e7718bbe4d5ec4513a1ae5d9b7
2014-06-23 11:22:09 -07:00
Riley Andrews e4b7b294f3 Add ability to boot from charger mode.
Add the ability to boot up directly from charger mode, instead of forcing
charger mode to initiate a full restart to launch 'full' android. This
should shave a few seconds off of boot time on supported devices (just
manta for now).

Change-Id: Ieec4494d929e92806e039f834d78b9002afd15c4
2014-06-20 16:43:00 -07:00
Daniel Leung c0c1ffea58 init/ueventd: adds wildcard matching for ueventd rules
The sysfs nodes can change from devices to devices for
a particular class of peripheral. Some of them even change
after suspend/resume, e.g. rfkill for USB bluetooth adapters.

This patch adds to the way how ueventd rules with wildcard are
handled. In addition to matching the prefix with a trailing
wildcard, now rules can have wildcard anywhere in the rule.
The wildcard matching is implemented using fnmatch(), where
its matching is simliar to shell pathname expansion. It suits
this particular usage model well. To avoid abuse, the number of
slashes has to match between path name and the rule.

For example, instead of creating a rule to match:

  /sys/devices/pci0000:00/0000:00:1d.0/usb2/2-1/2-1.3/2-1.3:1.0/bluetooth/hci0/rfkill*

, this would suffice:

  /sys/devices/pci0000:00/0000:00:1d.0/*/*/*/*/bluetooth/hci0/rfkill*

The prefix matching behavior is retained, such that those
rules do not have to pay for processing penalty with fnmatch().

Change-Id: I3ae6a39c838f6d12801cb71958e481b016f731f5
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
2014-06-20 09:28:37 -07:00
Colin Cross c7ee12d7ed am 105ecf71: am 72d9c0b1: am 56b1d74e: Merge "init/ueventd: adds wildcard matching for ueventd rules"
* commit '105ecf71c2a7f683d34995dc290a4bf50413cf15':
  init/ueventd: adds wildcard matching for ueventd rules
2014-06-21 00:28:53 +00:00
Nick Kralevich 528c13eb07 property_service: get rid of hard coded property / control list
Don't force people to make modifications to property_service.c
when handling properties. Exclusively use the SELinux rules,
which are more flexible and easily adjusted.

Change-Id: Ic0bbd01b5df2eef0040286ac59c0a01e9bd14315
2014-06-17 22:23:54 -07:00
Nick Kralevich 3a53b49075 am 545c6599: am a029d14d: am 2af91ffb: Merge "Extend ueventd to use the label-by-symlink support in libselinux."
* commit '545c6599fa2702a3a220f486367e9df42b20e0b6':
  Extend ueventd to use the label-by-symlink support in libselinux.
2014-06-17 18:53:56 +00:00
Stephen Smalley b4c5200f51 Extend ueventd to use the label-by-symlink support in libselinux.
When ueventd creates a device node, it may also create one or more
symlinks to the device node.  These symlinks may be the only stable
name for the device, e.g. if the partition is dynamically assigned.
A corresponding change with the same Change-Id to external/libselinux
introduces selabel_lookup_best_match() to support looking up the "best match"
for a device node based on its real path (key) and any links to it
(aliases).  This change updates ueventd to use this new interface
to find the best match for the device node when creating it.

Change-Id: Id6c2597eee2b6723a5089dcf7c450f8d0a4128f4
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2014-06-16 09:44:30 -04:00
Nick Kralevich d69f6b6f7a am 38fd5650: am 82015d4f: Merge "Only allow disabling SELinux on userdebug / eng builds"
* commit '38fd5650ea03b1f47ead2a12a655298ef2f70a91':
  Only allow disabling SELinux on userdebug / eng builds
2014-06-03 16:43:10 +00:00
Nick Kralevich f3c85b2488 Only allow disabling SELinux on userdebug / eng builds
Only parse and honor the kernel command line on userdebug
or eng builds. On user builds, assume that selinux is always enabled
and enforcing.

Change-Id: I71c66e4365bdf2f226800634126a38b716d96599
2014-06-02 20:56:04 -07:00
Nick Kralevich ab1816a6c0 am 4f04439f: am 6fb92bd8: am 252b0e2b: Merge "SELinux changes to check policy versions during a reload."
* commit '4f04439f0eab481d1b7938e78d8ee316dda4d641':
  SELinux changes to check policy versions during a reload.
2014-05-31 11:38:44 +00:00
Nick Kralevich 252b0e2b46 Merge "SELinux changes to check policy versions during a reload." 2014-05-31 05:03:05 +00:00
Colin Cross fd2442ebf9 am c34598aa: am 55c3401b: am 08befc3a: Merge "ueventd: support by-name symlinks for PCI block devices"
* commit 'c34598aa657121ed2feafdae35032e72aa1c9a80':
  ueventd: support by-name symlinks for PCI block devices
2014-05-22 19:26:44 +00:00
Colin Cross 08befc3a80 Merge "ueventd: support by-name symlinks for PCI block devices" 2014-05-22 19:17:15 +00:00
Elliott Hughes 6963176fb2 am 7bbfb8cb: am 337f94f1: am e9a6d0a0: Merge "Remove unnecessary #includes of <sys/atomics.h>."
* commit '7bbfb8cbaf52975a2d0ef9d448d8ea0fc74a590b':
  Remove unnecessary #includes of <sys/atomics.h>.
2014-05-22 18:27:56 +00:00
Elliott Hughes 617681d355 Remove unnecessary #includes of <sys/atomics.h>.
Bug: 14903517
Change-Id: I5b0a418dd982f1a2fd90609b12bd8364f7f34996
2014-05-22 10:00:35 -07:00
Colin Cross 14b667aa91 am f6309600: am 3277dc26: am 2d03a498: Merge "correct the setenv option judging condition"
* commit 'f630960088b2fbdb7f147bf9f7a137850df4c89c':
  correct the setenv option judging condition
2014-05-16 21:10:40 +00:00
Gavin.Chang c3a4676c7f correct the setenv option judging condition
Change-Id: I10ed6275374f572da639f26611f607bf7607905c
2014-05-16 20:46:58 +00:00
Mark Salyzyn 2bb25bf372 am 88a98149: am 13ee94c5: am 8b2d46a5: Merge "init: logd: Allow Developer settings to adjust logd size"
* commit '88a981497ac06046d6da8a99ba17136aa8361b34':
  init: logd: Allow Developer settings to adjust logd size
2014-05-16 00:37:12 +00:00
Mark Salyzyn 8b2d46a5fc Merge "init: logd: Allow Developer settings to adjust logd size" 2014-05-16 00:27:08 +00:00
Elliott Hughes 569e834602 am 7c633e6f: am 233bbd9d: am ed02fbf0: Merge "Clean up some unnecessary system_properties cruft."
* commit '7c633e6fe6f69006ca4299a475230dd583da38f3':
  Clean up some unnecessary system_properties cruft.
2014-05-15 00:08:58 +00:00
Elliott Hughes f94853f294 Clean up some unnecessary system_properties cruft.
Bug: 14970171
Change-Id: I6f54c35e265b849be914120f795c9f8e0cec34bb
2014-05-14 16:51:09 -07:00
Andrew Boie a885d04ec8 ueventd: support by-name symlinks for PCI block devices
To ensure that well-crafted removable media can't spoof the
internal partitions, for platform devices the controller id
is inside the generated path.

We now do the same for PCI devices. The generated path has
two levels; the PCI domain/bus, and then the peripheral ID.
This lets us get by-name symlinks for PCI media, such as the
SATA controllers on PC-like hardware. The symlinks will be
created under /dev/block/pci/. For example:

/dev/block/pci/pci0000:00/0000:00:1f.2/by-name/

Change-Id: Icee3e86bef5569c2bbd94c26bc00d49028345e3b
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
2014-05-13 11:23:34 -07:00
Mark Salyzyn 57a0af9313 init: logd: Allow Developer settings to adjust logd size
- AID_SYSTEM can set persist.logd.size
- AID_SYSTEM can issue command to /dev/socket/logd to
  change the runtime global log sizes.
- Add support for ro.logd.size.* as populated by BoardConfig.mk
- Limit size to maximum ~3% of physical memory.

Bug: 14563261
Bug: 14627052
Change-Id: I606420db2e9d9d032296e71149e4a5b20cbd1137
2014-05-13 07:42:15 -07:00
JP Abgrall d2e4281204 am d96f05d2: am a7bf5bd1: am 3c049bbe: Merge "init: add \'enable <service>\' to negate "service <service>... disabled""
* commit 'd96f05d2a7881dbb18fc86b765a67066560b7a1a':
  init: add 'enable <service>' to negate "service <service>... disabled"
2014-05-03 09:06:53 +00:00
JP Abgrall 3beec7e55f init: add 'enable <service>' to negate "service <service>... disabled"
enable <servicename>
   Turns a disabled service into an enabled one as if the service did not
   specify disabled in the rc file.
   It will also start the service if needed.

Bug: 14472973
Change-Id: Id0b49cc687a2bc74f6f92e066c617724cc94908d
Signed-off-by: JP Abgrall <jpa@google.com>
2014-05-03 00:14:59 -07:00
Mark Salyzyn ebf49f3e87 init: 64-bit build issue
(cherry pick from Icc5344abc184adf4247175d85b2da08af4636e49)

Change-Id: I88b0c9b20720ac62ebae8359ded4ab77b4ebcdde
2014-05-01 12:19:45 -07:00
Ruchi Kandoi f74cb95349 am 57569b3d: am 1abf4918: am c7580819: Merge "ueventd: Ueventd changes the permission of sysfs files for max/min cpufreq"
* commit '57569b3d3cea0b2096a15e8d25b41df9f836fd08':
  ueventd: Ueventd changes the permission of sysfs files for max/min cpufreq
2014-05-01 17:53:03 +00:00
Ruchi Kandoi 75b287b771 ueventd: Ueventd changes the permission of sysfs files for max/min
cpufreq

The owner and permissions for the sysfs file
/sys/devices/system/cpu*/cpufreq/scaling_max/min_freq is changed.
This would allow the PowerHAL to change the max/min cpufreq even after
the associated CPU's are hotplugged out and back in.

Change-Id: Ibe0b4aaf3db555ed48e89a7fcd0c5fd3a18cf233
Signed-off-by: Ruchi Kandoi <kandoiruchi@google.com>
2014-05-01 17:30:41 +00:00
Robert Craig 03daf05dcf SELinux changes to check policy versions during a reload.
When deciding on which property_contexts policy to load
during a reload, an initial call is made to libselinux to
grab the correct policy index. This policy index represents
whether the /data/security or the rootfs version will
be used.

Change-Id: I4716039bb0f5ba1e961977a18350347a67969dca
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
2014-04-28 22:06:38 +00:00
Jeff Sharkey 216fe16cb7 Let system UID define build fingerprint.
Some devices leave "ro.build.fingerprint" undefined at build time,
since they need to build it from the components at runtime.

Bug: 13340779
Change-Id: I033ff7600e68edffdea101fec30246135646b4b2
2014-04-28 08:55:37 -07:00
Colin Cross 99886266c2 am 4726ba24: am 40d49a02: am e99e5474: Merge "Sync persist property immediately,in case of suddenly remove the battery."
* commit '4726ba24087e83c841e0d0058df61dc908f01978':
  Sync persist property immediately,in case of suddenly remove the battery.
2014-04-18 21:18:40 +00:00
Colin Cross e99e5474e1 Merge "Sync persist property immediately,in case of suddenly remove the battery." 2014-04-18 18:49:17 +00:00
Mark Salyzyn d89c68e217 am 022fa5cc: am 7f92f390: am 5b0ad963: Merge "init: unused paramter warning messages"
* commit '022fa5cc85f80f828c203f344617365d867b9137':
  init: unused paramter warning messages
2014-04-02 00:03:25 +00:00
Mark Salyzyn 322445ce6d init: unused paramter warning messages
Change-Id: I1667371106be4b230ac3850e9819e4549eea2973
2014-04-01 15:35:14 -07:00
OPPO de73a0cfdf Sync persist property immediately,in case of suddenly remove the battery.
Change-Id: I83c5812c69db532f4675f5dbfa508e55999c8dfe
2014-03-31 09:55:16 +00:00
Paul Lawrence 166fa3de70 Auto-encrypt drive at startup
Modify fs_mgr to unmount encryptable drives after test mounting them and
then trigger an auto-encrypt via the init script

Needs matching vold changes from
 https://googleplex-android-review.googlesource.com/#/c/414200/

Feature is limited to list of serial numbers with this change

Bug: 11985952
Change-Id: I84f85a258b6a7e9809467c9149249302e203c41b
2014-03-24 15:00:53 -07:00
Alex Ray 597998e604 am 18ad82e0: am 9e3b7723: am 3fcd9ed6: Merge "ueventd: fix klog debug typo"
* commit '18ad82e03a3b7ae54a246085c10b7b0815ea4e32':
  ueventd: fix klog debug typo
2014-03-19 22:38:52 +00:00
Alex Ray 18ad82e03a am 9e3b7723: am 3fcd9ed6: Merge "ueventd: fix klog debug typo"
* commit '9e3b7723d43ac01f34c8b3e49e9ed8f3c84207e7':
  ueventd: fix klog debug typo
2014-03-19 22:34:07 +00:00
Alex Ray eb6ffc765b ueventd: fix klog debug typo
Change-Id: Ib0acece15145cc0e868452ede8f3acbab419b965
2014-03-19 15:17:59 -07:00
Colin Cross 299b2eecc5 am 12e3639a: am c383c6d1: Merge "Add "import" support to system property files."
* commit '12e3639a6e1cdd77af0964e10081311430fd065c':
  Add "import" support to system property files.
2014-03-19 20:45:37 +00:00
Jeff Sharkey 06f8c09542 Add "import" support to system property files.
During boot, allow a property file to import properties from another
file.  Supports importing the entire file, a specific key, or any
keys matching a specific prefix.  Here's some example syntax:

import /oem/oem.prop
import /oem/oem.prop foo.*
import /oem/oem.prop foo.bar

Bug: 13340779
Change-Id: I867f9a10ca09684326675d9f051f5cf2ae171617
2014-03-19 13:31:36 -07:00
Jeff Sharkey 36fb5fed1f Merge "Add "import" support to system property files." 2014-03-19 20:18:01 +00:00
Jeff Sharkey f96b044551 Add "import" support to system property files.
During boot, allow a property file to import properties from another
file.  Supports importing the entire file, a specific key, or any
keys matching a specific prefix.  Here's some example syntax:

import /oem/oem.prop
import /oem/oem.prop foo.*
import /oem/oem.prop foo.bar

Bug: 13340779
Change-Id: I867f9a10ca09684326675d9f051f5cf2ae171617
2014-03-19 13:00:43 -07:00
Geremy Condra 8c40dc90c5 Merge changes Ibea4c13a,I27215a3d
* changes:
  init: Add "partition.*.verified" properties to the property service.
  fs_mgr: Set the 'partition.*.verified' property for verified partitions.
2014-03-19 19:55:07 +00:00
Geremy Condra 0621d702a1 init: Add "partition.*.verified" properties to the property service.
These are intended to be used by the rest of the system as weak
indicators that the corresponding partition is verified. For
instance, if the "partition.system.verified" property is set then
using `adb remount` would be unwise.

These should not be used as the basis for security decisions.

Change-Id: Ibea4c13abd54f46537e2a406774412c25918b24d
2014-03-18 20:35:15 -07:00
Mark Salyzyn 914eec761f am 8299ff70: Merge "init: 64-bit build issue" into klp-volantis-dev
* commit '8299ff701b66caf513e6cc8807b413bf44b8c2f6':
  init: 64-bit build issue
2014-03-17 15:50:22 +00:00
Mark Salyzyn 0aff05eb8c init: 64-bit build issue
Change-Id: Icc5344abc184adf4247175d85b2da08af4636e49
2014-03-17 08:38:37 -07:00
Nick Kralevich de151571a4 don't load property_contexts from /data
Bug: 12613118
Change-Id: I5a84b13d2151075d5136e3682431fbcc9307df13
(cherry picked from commit dc3a42bb11)
2014-03-11 21:27:27 -07:00
Alex Ray 5103ac8a52 am 27514f6d: am f2d09863: am 9f4d558e: Merge "ueventd: easier debug logging"
* commit '27514f6de9d2ad039a187e5584f296ec05a4ef18':
  ueventd: easier debug logging
2014-03-08 05:46:40 +00:00
Alex Ray 27514f6de9 am f2d09863: am 9f4d558e: Merge "ueventd: easier debug logging"
* commit 'f2d09863204fc04c7f030ce7adf51deb5de952ce':
  ueventd: easier debug logging
2014-03-08 02:00:29 +00:00
Alex Ray f2d0986320 am 9f4d558e: Merge "ueventd: easier debug logging"
* commit '9f4d558e0c80602aa8707ec9d0bdd33a93aa4f16':
  ueventd: easier debug logging
2014-03-08 01:56:12 +00:00
Alex Ray 18ccc1b8ee ueventd: easier debug logging
Move ueventd debug flag into the Android.mk.
Boost klog level if event logging enabled.

Change-Id: Iae48edbc43c487092c2424023576af29c76ff401
2014-03-07 13:58:02 -08:00
Mark Salyzyn 7be31bbf67 am b0eaeb42: am a69270db: Merge "liblog: enable logging to logd."
* commit 'b0eaeb42cea7e3ee36e03ef461532b5b8556a26e':
  liblog: enable logging to logd.
2014-02-28 22:41:29 +00:00
Mark Salyzyn b0eaeb42ce am a69270db: Merge "liblog: enable logging to logd."
* commit 'a69270db05cea27bf185e60af46dd46e938c7e99':
  liblog: enable logging to logd.
2014-02-28 22:39:21 +00:00
Mark Salyzyn 154f4608aa liblog: enable logging to logd.
* Modify liblog to send all messages to the new syslog user
  space daemon.

Original-Change-Id: I0ce439738cd921efb2db4c1d6a289a96bdbc8bc2
Original-Change-Id: If4eb0d09409f7e9be3eb4bb7017073dc7e931ab4
Signed-off-by: Nick Kralevich <nnk@google.com>

* Add a TARGET_USES_LOGD make flag for BoardConfig.mk to manage
  whether logd is enabled for use or not.
* rename syslog to logd to avert confusion with bionic syslog
* Add fake log support back in
* prefilter for logging messages from logd
* Fill in timestamps at logging source
* update abstract log reader
* switch from using suffix for id to v3 format
* log a message when creating devices that a deprecated interface
  is being utilized.

Signed-off-by: Mark Salyzyn <salyzyn@google.com>

(cherry pick from commit 099e2c1f6f706a8600c1cef74cce9066fc315480)

Change-Id: I47929a5432977a1d7235267a435cec0a7d6bd440
2014-02-28 13:49:11 -08:00
Mark Salyzyn 1794710315 liblog: enable logging to logd.
* Modify liblog to send all messages to the new syslog user
  space daemon.

Original-Change-Id: I0ce439738cd921efb2db4c1d6a289a96bdbc8bc2
Original-Change-Id: If4eb0d09409f7e9be3eb4bb7017073dc7e931ab4
Signed-off-by: Nick Kralevich <nnk@google.com>

* Add a TARGET_USES_LOGD make flag for BoardConfig.mk to manage
  whether logd is enabled for use or not.
* rename syslog to logd to avert confusion with bionic syslog
* Add fake log support back in
* prefilter for logging messages from logd
* Fill in timestamps at logging source
* update abstract log reader
* switch from using suffix for id to v3 format
* log a message when creating devices that a deprecated interface
  is being utilized.

Signed-off-by: Mark Salyzyn <salyzyn@google.com>

Change-Id: I47929a5432977a1d7235267a435cec0a7d6bd440
2014-02-27 17:51:43 -08:00
Elliott Hughes 74c490ccf7 am c80c9dea: am 4ce33738: am d7590650: Merge "Remove an unused #include of <asm/page.h>."
* commit 'c80c9dea161dc1cd951a25caa9cebdf4c12d4b64':
  Remove an unused #include of <asm/page.h>.
2014-02-25 00:14:41 +00:00
Elliott Hughes c80c9dea16 am 4ce33738: am d7590650: Merge "Remove an unused #include of <asm/page.h>."
* commit '4ce337385f1cfd54809ba78e4d1d80fbb73b2c43':
  Remove an unused #include of <asm/page.h>.
2014-02-25 00:10:09 +00:00
Elliott Hughes 4ce337385f am d7590650: Merge "Remove an unused #include of <asm/page.h>."
* commit 'd7590650dc7b36557efde7f63a6e904878572e12':
  Remove an unused #include of <asm/page.h>.
2014-02-25 00:06:49 +00:00
Elliott Hughes 763bfce0b1 Remove an unused #include of <asm/page.h>.
Change-Id: I000aead8c82ec11151f69e6ce439dd09b0f0b4f4
2014-02-24 15:42:22 -08:00
Nick Kralevich 202be73b62 am f10492d8: am 066cde92: am 223e0798: Merge "Enable building init with -Wall -Werror."
* commit 'f10492d8c0c907fad6f87c871fec6b2fac41a02c':
  Enable building init with -Wall -Werror.
2014-02-19 19:23:13 +00:00
Nick Kralevich f10492d8c0 am 066cde92: am 223e0798: Merge "Enable building init with -Wall -Werror."
* commit '066cde92d267986424ff79f35881116da3c672f8':
  Enable building init with -Wall -Werror.
2014-02-19 19:19:06 +00:00
Nick Kralevich 066cde92d2 am 223e0798: Merge "Enable building init with -Wall -Werror."
* commit '223e07983718e1515f2a54542b9b0163a8f508ed':
  Enable building init with -Wall -Werror.
2014-02-19 19:13:39 +00:00
Stephen Smalley eb3f421e02 Enable building init with -Wall -Werror.
Eliminates various warnings from SELinux-related code.

Bug: 12587913
Change-Id: I28921f0ebd934324436609540d95ccef58552b64
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2014-02-19 09:15:09 -05:00
Paul Lawrence b6e3b3cea2 Merge "Mount default encrypted devices at boot" 2014-02-14 15:24:41 +00:00
Nick Kralevich 3049f23915 am e41420bd: am 488b5eaf: am 2e7347d6: Merge "Convert all selinux_android_restorecon and _setfilecon calls to new API."
* commit 'e41420bd8cbaa69f6eaca524b2412cb92a6d18a3':
  Convert all selinux_android_restorecon and _setfilecon calls to new API.
2014-02-13 00:19:47 +00:00
Nick Kralevich e41420bd8c am 488b5eaf: am 2e7347d6: Merge "Convert all selinux_android_restorecon and _setfilecon calls to new API."
* commit '488b5eafe368781077b367a9afd68db303bc8891':
  Convert all selinux_android_restorecon and _setfilecon calls to new API.
2014-02-13 00:12:52 +00:00
Nick Kralevich 488b5eafe3 am 2e7347d6: Merge "Convert all selinux_android_restorecon and _setfilecon calls to new API."
* commit '2e7347d617b02b13d227bb4cecf6bd69b7b20fa9':
  Convert all selinux_android_restorecon and _setfilecon calls to new API.
2014-02-12 23:19:02 +00:00
Paul Lawrence 13d5bb4bad Mount default encrypted devices at boot
If userdata is default encrypted, we should mount it at boot
to avoid bringing the framework up and then down unnecessarily.

Needs matching vold changes from
 https://googleplex-android-review.googlesource.com/#/c/412649/

Bug: 8769627
Change-Id: I4b8276befd832cd788e15c36edfbf8f0e18d7e6b
2014-02-07 07:23:11 -08:00
Stephen Smalley 27a93650c0 Convert all selinux_android_restorecon and _setfilecon calls to new API.
libselinux selinux_android_restorecon API is changing to the more
general interface with flags and dropping the older variants.

Also get rid of the old, no longer used selinux_android_setfilecon API
and rename selinux_android_setfilecon2 to it as it is the only API in use.

Change-Id: I1e71ec398ccdc24cac4ec76f1b858d0f680f4925
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2014-02-07 09:38:32 -05:00
JP Abgrall 073e62e4ee am cdecfcbb: Merge "init: prevent waiting forever when a setprop is incomplete." into klp-volantis-dev
* commit 'cdecfcbb33fc3cc85ac7210ec53f6f1f90a6ffee':
  init: prevent waiting forever when a setprop is incomplete.
2014-01-31 23:07:20 +00:00
JP Abgrall 4515d81e7e init: prevent waiting forever when a setprop is incomplete.
Any app can
  socket_local_client_connect(s, "property_service", ANDROID_SOCKET_NAMESPACE_RESERVED, SOCK_STREAM)
and just keep it open without sending anything.
From then on, the property_service.c::handle_property_set_fd() will
just recv() forever.
This prevents any other properties (i.e. property_set("sys.powerctl", "reboot"))
from being processed.

Now, we just poll() for 2 sec before recv(...,MSG_DONTWAIT).

Bug: 12061560
Change-Id: Iffea4ebb444c7100b59c43ed87aecc5c99f9d3e8
2014-01-31 14:53:21 -08:00
Nick Kralevich 8ca9400c0a am f2869381: am 11322efd: am acd96b11: am 12db3eb6: Merge "Move restorecon and restorecon_recursive code to libselinux."
* commit 'f286938177390ec058ea39b308c9b9498b011c7c':
  Move restorecon and restorecon_recursive code to libselinux.
2014-01-28 21:19:32 +00:00
Nick Kralevich acd96b1118 am 12db3eb6: Merge "Move restorecon and restorecon_recursive code to libselinux."
* commit '12db3eb6db3b80011043e404530012612a1d0fbf':
  Move restorecon and restorecon_recursive code to libselinux.
2014-01-28 21:02:57 +00:00
Stephen Smalley dbd37f2e1d Move restorecon and restorecon_recursive code to libselinux.
This requires telling libselinux to use the sehandle already
obtained by init rather than re-acquiring it internally.  init
retains ownership of the sehandle because it performs the
initial load, uses the sehandle for other purposes (e.g. labeling
of directories created via mkdir and labeling of socket files),
and handles the policy reload property trigger.

Change-Id: I4a380caab7f8481c33eb64fcdb16b6cabe918ebd
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2014-01-28 10:42:24 -05:00
Nick Kralevich ca53f0a084 don't load property_contexts from /data
Bug: 12613118

(cherry picked from commit dc3a42bb11)

Change-Id: If630478b0e3fdda8c1c14b3f41b717085acf9914
2014-01-22 12:17:36 -08:00
Nick Kralevich 349f894e52 Merge "don't load property_contexts from /data" 2014-01-19 18:29:01 +00:00
Nick Kralevich dc3a42bb11 don't load property_contexts from /data
Bug: 12613118
Change-Id: I5a84b13d2151075d5136e3682431fbcc9307df13
2014-01-18 15:28:11 -08:00
Elliott Hughes ab88481dc7 Merge "resolved conflicts for merge of ec9e5891 to master" 2014-01-16 22:43:20 +00:00
Elliott Hughes b70375abc2 resolved conflicts for merge of ec9e5891 to master
Change-Id: I704e3159d529e436e060cb66c1739ef8e7b612d4
2014-01-16 14:42:35 -08:00
Elliott Hughes ccecf14254 system/core 64-bit cleanup.
This cleans up most of the size-related problems in system/core.
There are still a few changes needed for a clean 64-bit build,
but they look like they might require changes to things like the
fastboot protocol.

Change-Id: I1560425a289fa158e13e2e3173cc3e71976f92c0
2014-01-16 12:54:18 -08:00
Doug Zongker 7baebf1345 add the pre-recovery service
Add a service called "pre-recovery" which is normally stopped but can
be started by the system server when we want to go into recovery.  It
will do any preparation needed (currently needed to handle update
packages that reside on an encrypted /data partition) and then set
sys.powerctl when it's ready to actually reboot.

Bug: 12188746
Change-Id: I894a4cb200395a0f6d7fe643ed4c2ac0a45d2052
2014-01-16 08:54:59 -08:00
Nick Kralevich da1f43f075 am 5b5b1f9b: am d896c195: am 45f3ed05: am 105f6b66: Merge "restorecon_recursive("/sys") speed boot time"
* commit '5b5b1f9b48f966942be3cda8d4ecfb7d910f12a0':
  restorecon_recursive("/sys") speed boot time
2014-01-14 00:37:28 +00:00
Nick Kralevich a613819a96 restorecon_recursive("/sys") speed boot time
Currently, the restorecon_recursive("/sys") call in
init.c takes approx 2 seconds on hammerhead. This change
reduces the delay to 1.2 seconds.

1) Avoid double stat call when using nftw (time savings
of 0.3 seconds)
2) Avoid the repeated calls to is_selinux_enabled() (time
savings of 0.5 seconds)

Avoid calling lsetfilecon if the file is already properly
labeled. This doesn't speed up the restorecon on /sys,
but it should help when handling files on /data.

Bug: 11640230
Change-Id: Ie212ce4f4acade208c5676d60c1f03f50e2388a4
2014-01-10 19:49:14 -08:00
Colin Cross dab375bcba am 764daa33: am 21ff8257: am bb96da43: am 268cc540: Merge "ueventd: fix a busy loop while reading uevents"
* commit '764daa33c06b5fd699bf0c8162b18dd39b00795a':
  ueventd: fix a busy loop while reading uevents
2013-12-30 18:08:59 +00:00
Colin Cross 268cc54089 Merge "ueventd: fix a busy loop while reading uevents" 2013-12-28 20:09:53 +00:00
Nick Kralevich 81fcdd250e am b470d404: am b988e95c: am 6fec3a23: Merge "Log a warning on services that lack SELinux domains."
* commit 'b470d404e58bbe89c5c2822120b220e45ff72b42':
  Log a warning on services that lack SELinux domains.
2013-12-10 17:56:01 +00:00
Stephen Smalley af06c6745b Log a warning on services that lack SELinux domains.
Sample output on flo:
<3>[    7.270568] init: Warning!  Service irsc_util needs a SELinux domain defined; please fix!
<3>[    8.290832] init: Warning!  Service bootanim needs a SELinux domain defined; please fix!

Change-Id: If5514b188517917d58ee81c446af563b0443be45
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-12-09 15:40:24 -05:00