Commit Graph

410 Commits

Author SHA1 Message Date
Geremy Condra c2594f36e7 Give system ownership of selinux load and enforce files.
This is necessary to enable remote updates.

Change-Id: I05fb979c0360eca4cc6e4add48bb42f712a1ba17
2013-04-03 11:58:12 -07:00
Todd Poynor 6b5de1cda2 init.rc: Set owner/perm for interactive governor io_is_busy
Change-Id: I7537d56a23ca787daf92a9d91778056f987097bd
2013-03-25 13:17:13 -07:00
Geremy Condra fb39c0d198 am 4d71493e: am e849970c: Merge "Fix mode on /data/security."
* commit '4d71493e74ed1ea39e554146351cc39e47cb5d02':
  Fix mode on /data/security.
2013-03-22 20:54:52 -07:00
William Roberts bfd71b489b Create a new location for /data policy files
Adding a new location for policy files under
/data, the new location is /data/security. The
new location is used before attempting to use
any other location.
This requires a new directory to be created by
the init script and an update to the location of
the property_contexts file for property service.

Change-Id: I955a722ac3e51fa6c1b97201b8bdef3f601cf09d
2013-03-21 14:26:12 -07:00
Stephen Smalley c0317a7579 Fix mode on /data/security.
Change-Id: Id97d06a1c360c7871361db147f76b8a2eaceca42
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-03-21 14:25:16 -04:00
William Roberts 46e1bd89b4 Create a new location for /data policy files
Adding a new location for policy files under
/data, the new location is /data/security. The
new location is used before attempting to use
any other location.
This requires a new directory to be created by
the init script and an update to the location of
the property_contexts file for property service.

Change-Id: I955a722ac3e51fa6c1b97201b8bdef3f601cf09d
2013-03-20 19:34:55 -07:00
Jeff Sharkey fb4f7acefb Add symlink to bugreport storage location.
Change-Id: I16f024c24767cfa1f5800d568d39fb098a408127
2013-03-14 14:27:38 -07:00
Keun young Park f5eb803543 move goldfish stuffs to device/generic/goldfish
- each files will be pulled in emulator.mk as PRODUCT_COPY_FILES

Change-Id: I4772e2fd863e6d2663f477c3acd8a90cb95b498a
2013-03-05 11:16:36 -08:00
Glenn Kasten 65e203070c Merge "Add directory for mediaserver" 2013-02-23 01:04:33 +00:00
Glenn Kasten b0f908a957 Add directory for mediaserver
Bug: 8223560
Change-Id: Iccc6d439a848445cac0f5b30d1d663aed3f5344e
2013-02-22 14:54:45 -08:00
Nick Kralevich fe8425b5c5 am c5ce4108: am 1b64957a: Merge "init.rc: allow IPPROTO_ICMP support"
* commit 'c5ce4108facc5a1b94fcf9469a189b2cbdfd5e76':
  init.rc: allow IPPROTO_ICMP support
2013-02-22 09:44:34 -08:00
Nick Kralevich be341cc348 init.rc: allow IPPROTO_ICMP support
Allow userspace programs to create IPPROTO_ICMP sockets.

This socket type allows an unprivileged program to safely
send ICMP_ECHO messages and receive the corresponding
ICMP_ECHOREPLY messages, without relying on raw sockets or
setuid programs.

Please see http://lwn.net/Articles/443051/ for details.

In particular, this allows us to use a version of ping
which doesn't have any capabilities
(https://android-review.googlesource.com/52072).
In addition, this allows us to safely implement an IPv4 ICMP
based version of InetAddress.isReachable()
(https://code.google.com/p/android/issues/detail?id=20106)

Change-Id: I876718151efa8219c4f34f573e35e21256fe2316
2013-02-21 19:28:13 -08:00
Wink Saville 38a260547b Merge "Delete frameworks/base/voip use voip-common from frameworks/opt/net/voip" 2013-01-29 03:10:58 +00:00
Wink Saville c0d399df69 Delete frameworks/base/voip use voip-common from frameworks/opt/net/voip
Add voip-common to BOOTCLASSPATH

Change-Id: Ieaba759a0f69b45c4b8839cbed1fe757cdf190c5
2013-01-28 15:28:20 -08:00
Benoit Goby 31c8095cac Revert "init.usb.rc: set sys.usb.config to none before changing it"
This can cause init to be stucked in a loop in very rare cases where
persist.sys.usb.config is set to "none" (because the "setprop
sys.usb.config none" action is added twice to the action list).
The original issue on encrypted devices has been fixed differently
by change # I350c5aab986f8ca86b95f316398d03012553e581

This reverts commit 80828af3de.

Change-Id: Id0a7af8dd861c8d10b80a13b540c8a339b432007
2013-01-15 17:37:32 -08:00
JP Abgrall a444041547 am ba900f2e: am fb69c2e2: Merge "init.rc: setup qtaguid group ownership of ctrl and stat files"
* commit 'ba900f2e708f0b654cdaa827804cbb21af4e4fb4':
  init.rc: setup qtaguid group ownership of ctrl and stat files
2013-01-04 18:12:56 -08:00
JP Abgrall ba900f2e70 am fb69c2e2: Merge "init.rc: setup qtaguid group ownership of ctrl and stat files"
* commit 'fb69c2e2577e056bb7a054343a9f6d781cedbf3d':
  init.rc: setup qtaguid group ownership of ctrl and stat files
2013-01-04 18:08:24 -08:00
JP Abgrall 3e54aabc63 init.rc: setup qtaguid group ownership of ctrl and stat files
This will help get rid of android_aid.h in the kernel.
The group of the proc entries will be used in place of the default
values picked up by the xt_qtaguid netfilter module
(AID_NET_BW_STATS, AID_NET_BW_ACCT).
This change has no effect until the matching kernel changes are submitted.

Change-Id: I3c177e7b5caf9c59300eba6bd4a976634b333674
2013-01-04 15:31:20 -08:00
Todd Poynor 2b5b3bb103 rootdir: init.rc: set perms for new interactive governor attrs
/sys/devices/system/cpu/cpufreq/interactive/timer_slack
/sys/devices/system/cpu/cpufreq/interactive/target_loads

Change-Id: Ia5d5c3d615ad64bab3a1317e5de2ac9a6d61679e
2013-01-02 15:05:33 -08:00
Elliott Hughes e2aab2cce8 am 38219ee6: Merge "Track the setsebool change in the emulator init.rc."
* commit '38219ee6116943269b0501a1a0210c76e2ba69c3':
  Track the setsebool change in the emulator init.rc.
2012-12-21 18:15:01 -08:00
Elliott Hughes 334ad0ed49 Track the setsebool change in the emulator init.rc.
setsebool's syntax changed in November. This is the sole
caller in AOSP.

Change-Id: I0da608ee974bc3a9060372ef68a71c52726a44a6
2012-12-21 14:45:27 -08:00
Todd Poynor 191af2f2c3 am 367f1e4b: am 4f247d75: rootdir: init.rc: set perms for cpufreq governor boostpulse_duration
* commit '367f1e4b0aaaf7f725e686b5b40845cbb5c07a42':
  rootdir: init.rc: set perms for cpufreq governor boostpulse_duration
2012-12-20 15:42:59 -08:00
Todd Poynor 4f247d753a rootdir: init.rc: set perms for cpufreq governor boostpulse_duration
Change-Id: I09b9a1ed548e4ffe1232f583e8ff5f026760f616
2012-12-19 18:15:03 -08:00
Benoit Goby 9e2182adc2 am 6d3e6099: am a2411eed: Merge "init.usb.rc: set sys.usb.config to none before changing it" into jb-mr1.1-dev
* commit '6d3e6099770c9f78264f573897a8b1923edbee63':
  init.usb.rc: set sys.usb.config to none before changing it
2012-12-06 19:00:23 -08:00
Benoit Goby 80828af3de init.usb.rc: set sys.usb.config to none before changing it
On encrypted devices, persistent properties are loaded after the device
is decrypted. To properly change sys.usb.config to its persistent value,
it must first be set to "none" and then to ${persist.sys.usb.config}.

Bug: 7678835
Change-Id: I4f91245cedc04e3178ce9cee21390f5b657733c9
2012-12-05 18:04:01 -08:00
Kenny Root 92781808ba Switch keystore to binder
Change-Id: I1607bc1f14af5115cefd6727be3815cdcce670a8
2012-11-13 12:19:47 -08:00
Elliott Hughes 066d3f9b3b resolved conflicts for merge of 3e5e9e9e to jb-mr1-dev-plus-aosp
Change-Id: I621d0e984a266478b4297a25afd164c1275e30f9
2012-10-22 14:35:12 -07:00
Elliott Hughes f820e85164 Add a directory for tzdata updates.
Bug: 7012465
Change-Id: I7e2c9965a4bcad125ca4fb788b842bd114b5619c
2012-10-19 18:10:05 -07:00
Zhihai Xu 9f239afc35 second user doesnot pickup input operations from A2DP
bug 7335014

Change-Id: I39e450d254647f0b84a07f38f2f2571711fca075
2012-10-16 17:32:51 -07:00
Todd Poynor 4ef6e4baa9 init.trace.rc: Set perms for power/clock_set_rate events
Bug: 7351763

Change-Id: I1ee3d7c9b55d1b55df6cafb1bf21f9139d964646
2012-10-15 17:16:55 -07:00
Matthew Xie bdec5ead74 Change dev/uhid group id from bluetooth to net_bt_stack
Secondary user need that group id to access the file to support hid
bug 7315419

Change-Id: I9d2d3d5a5114d289dc4d83c697421622db4beae6
2012-10-10 15:18:28 -07:00
Dima Zavin c6f8bd3966 Merge "rootdir: init.rc: add drmrpc to surfaceflinger supplemental groups" into jb-mr1-dev 2012-10-08 11:30:36 -07:00
Dima Zavin ece565cca2 rootdir: init.rc: add drmrpc to surfaceflinger supplemental groups
This is necessary for some HWC hals to be able to communicate with
secure side to grant protected access to hardware owned by the
hwc. This is necessary on some architectures to grant access to
secure buffers to overlay/csc hardware

Change-Id: I4e4becba5b4a80310ce8932edea5d0d046fa9b00
Signed-off-by: Dima Zavin <dima@android.com>
2012-10-04 17:02:28 -07:00
Matthew Xie 971153aa4a Create bluetooth stack aid for sharing gid between all bluetooth processes
bug 6925422

Change-Id: I8d371f8307dd6bea3909a56643819413ea829a98
2012-10-04 12:38:51 -07:00
Robert Greenwalt d6d478058f Add writable data space for radio.
Storing Premium SMS regex's in /data/misc/sms.
bug:7221402

Change-Id: Ica8ba7be8aa5321f3e6ed820a0dddc01f77d2cfb
2012-09-27 08:16:58 -07:00
Dima Zavin 9481266ea3 init.rc: chmod slabinfo to 440 to capture slabinfo in BRs
Bug: 7232205
Change-Id: I0d785302818a37b722e79bf740644ede52c60148
Signed-off-by: Dima Zavin <dima@android.com>
2012-09-25 14:22:04 -07:00
Todd Poynor f1c50bf638 init: import init.trace.rc after h/w-specific rc
Board-specific .rc file mounts debugfs, then fixup perms on tracing
sysfs files for systrace.

Change-Id: Ifbedb4ecdb543cd6c48df00b1a34415349951b6f
2012-09-24 14:26:31 -07:00
Kenny Root 5054417c10 Add /data/app-lib for native library sharing
Change-Id: I7419676d987178fd2422c50d74f966e27af9f62e
2012-09-08 22:39:44 -07:00
Jeff Sharkey 58d3980f31 Keep /mnt/secure private to default namespace.
When vold mounts things in /mnt/secure/staging, it expects to MS_MOVE
those mountpoints when vetting is finished.  However, the kernel
doesn't allow MS_MOVE when the source is shared to child namespaces.

To work around this, create a tmpfs at /mnt/secure and mark it as
private (not shared).  Verified that vold can now successfully move
from the staging area.

Bug: 7094858
Change-Id: I5e05b1005c63efa277935c9bbd18cbf3ffdd47a3
2012-09-06 14:15:46 -07:00
Mike Lockwood 35ea5e4f23 import init.${ro.hardware}.rc last to allow overriding default USB configuration
Change-Id: I2194466fb7cf7ff5313d146601155ebe6043fd42
2012-08-28 10:25:13 -07:00
Wink Saville f824ad7b35 am 582b1152: am baba9984: Merge "Define TCP buffer sizes for HSPAP, HSDPA, HSUPA and EVDO"
* commit '582b11527cd6d968f163fbee73f92d82b679e330':
  Define TCP buffer sizes for HSPAP, HSDPA, HSUPA and EVDO
2012-08-23 14:11:35 -07:00
Jeff Sharkey 42a1e6c9d8 Merge "Iteration on multi-user external storage." into jb-mr1-dev 2012-08-22 18:17:23 -07:00
Wink Saville 582b11527c am baba9984: Merge "Define TCP buffer sizes for HSPAP, HSDPA, HSUPA and EVDO"
* commit 'baba99840400f5b835d44b6d91e2190136277988':
  Define TCP buffer sizes for HSPAP, HSDPA, HSUPA and EVDO
2012-08-22 15:32:17 -07:00
Wink Saville baba998404 Merge "Define TCP buffer sizes for HSPAP, HSDPA, HSUPA and EVDO" 2012-08-22 15:00:00 -07:00
Jeff Sharkey bfcd810b79 Iteration on multi-user external storage.
Define /storage as top-level concept, so that we enforce permissions
uniformly.  Moves external storage paths from headers to per-device
environment variables.  Added missing mount flags, and we no longer
have adb-specific external storage.

Bug: 6925012
Change-Id: Ic7ca953be2f552d3f0ec9e69f89fef751daa1b29
2012-08-22 14:28:37 -07:00
Jeff Sharkey 61f1359486 Remove sdcard groups from services.
Even with the groups, services no longer have access.

Change-Id: I2b4871b276ffd309c08c404b1211b33406dbebd5
2012-08-20 14:31:47 -07:00
Jeff Sharkey 5dd0f86fbf Migrate sdcard0 to shell-accessible location.
Also remove mount() from adb, since it can come online long before
data partition is ready.  Set EXTERNAL_STORAGE environment variable
to point to owner for backwards compatibility.

Bug: 7005701
Change-Id: I63444f6636624eb7ad89f053daa289663424639e
2012-08-20 13:11:11 -07:00
Jeff Sharkey 2be5338a84 Merge "Multi-user external storage support." into jb-mr1-dev 2012-08-16 14:33:00 -07:00
Scott Anderson edb2d634b3 Merge "ueventd.rc: Add /dev/uhid for bluedroid" into jb-mr1-dev 2012-08-16 12:22:51 -07:00
Jeff Sharkey 885342a0f2 Multi-user external storage support.
Remount rootfs as recursively shared, so that mount changes are
propagated into child namespaces.  Mount external storage for access
from adb.

Clean multi-user dependencies for use in Dalvik.  Also define
external storage paths.

Bug: 6925012
Change-Id: I375de581a63f4f36667894c56a34a9dd45361e8f
2012-08-15 21:10:07 -07:00