Avoid breaking internal code when AOSP automerges to internal.
This will be reverted after fixing up the uses on the other end.
Bug: http://b/35858739
Test: treehugger
Change-Id: If1ee03d8d7c218d3ad9f451cfe9a9077753dda02
This change makes init's SELinux policy compilation step target the
highest SELinux policy language version supported by the kernel.
Prior to this change the version was simply hard-coded in init.
P. S. clang-format (part of presubmit for this change) is being
counter-productive trying to format the section with secilc
parameters. The resulting layout is harder to read. This commit thus
disables clang-format for this section of code and formats the code
for improved readability.
Test: Remove precompiled policy, device boots up, no new denials.
Added log statement to print out the policy version passed
into secilc -- it printed 30, as expected.
Bug: 31363362
Change-Id: I151017b5211712861bafb662525e794a44026dd2
This change makes the init process to always attempts to enable
transient trigger for vibrator. This allows the exported properties to
change the ownership later at the on boot stage.
Test: device vibrates with the driver supports ledtrig-transient
Change-Id: If5eb7b7feaefe803f2ead634fbe4fc7b48da84ea
Signed-off-by: David Lin <dtwlin@google.com>
We still do not have any users of the 'frontend' interface, let's
right a wrong and rename it to 'transport' as it makes more sense.
Renames android_log_set_frontend, android_log_get_frontend and
include/log/log_frontend.h.
SideEffects: None
Test: gTest liblog-unit-tests
Bug: 27405083
Change-Id: I7c1c0f3dfdc7cf047285403e306edbd16ad1324d
The original default /fstab.{ro.hardware} might be moved to
/vendor/etc/. or /odm/etc/. Use the new API to get the default
fstab instead of using the hard-coded /fstab.{ro.hardware}.
Bug: 35811655
Test: boot marlin with /vendor/etc/fstab.marlin
Change-Id: I8a9c70eda7f68b174ec355910d0fa1eb18a46e21
fstab contains device- and soc- specific content that should reside in
/odm or /vendor partition. This change searches the fstab.${ro.hardware}
file from /odm/etc, /vendor/etc and /, then use the first one found.
Bug: 35811655
Test: boot sailfish
Change-Id: I82f89b41a849faedb64072a7cfc52d7424e1aaa1
With the early mount support in init, fstab entries of verified partitions
(e.g., /system, /vendor) will be moved into device tree in kernel image.
Those early mount fstab entries will be removed from the fstab file to
prevent duplicated and/or inconsistent settings.
This change adds a new function: fs_mgr_read_fstab_with_dt(), to return
the combined results from both places. It also removes
fs_mgr_read_fstab_file() from the public APIs and makes it as an
internal function.
Bug: 35811655
Test: early mount /vendor with dm-verity on sailfish
Change-Id: I2fba3614685bf9f852a789cda6f53013e2164e60
We statically link libwinpthread into Windows binaries, but soong
currently can't specify notice files for toolchain_libraries. Add
libwinpthread's COPYING info directly to adb's as a hack.
Bug: http://b/36073965
Test: `make PRODUCT-sdk-win_sdk` + manual inspection of NOTICE.txt
Change-Id: I58d6be0ecf5626b67308f7e94128a2cd44dab161
Previously all libsync calls would try first the modern/mainline uapi
and if that failed try the legacy uapi, or vice versa. This is
inefficient, and confusing when looking at strace. With this change,
after the first successful syscall, libsync know's what uapi version
the kernel supports, and will only try that version in the future.
Test: sync-unit-tests on bullhead
Change-Id: I8b5de0194da0cfc6c080c0180318e16bb673d3c9
Build file_contexts.bin on legacy builds.
Test: Marlin and Bullhead build and boot with no new denials.
Test: Marlin and Bullhead recovery boots with no new denials.
Test: Bullhead boots with file_contexts.bin in /
Test: Marlin boot with /system/etc/selinux/plat_file_contexts and
/vendor/etc/selinux/nonplat_file_contexts.
Bug: 36002414
Change-Id: I66f138fc3ad808df0480e0467cee03fd40177f31
This will help avoid certain crash (null dereference),
and return an error instead. This is useful for
app developers as java language apps are not
expected to crash when passed bad arguments
This doesn’t fix bug 36065206, but was prompted
by it.
Test: compile / run
Bug: 36065206
Change-Id: I329874821f5cd780eeaacf8945859af5ab790cf4
NOTE: This change affects only devices which use SELinux kernel policy
split over system and vendor directories/partitions.
Prior to this change, init compiled sepolicy from *.cil files on every
boot, thus slowing boot down by about 400 ms. This change enables init
to skip the step compilation and thus avoid spending the 400 ms. The
skipping occurs only if the device's vendor partition includes an
acceptable precompiled policy file. If no acceptable policy is found,
the compilation step takes place same as before.
Because such devices support updating system and vendor partitions
independently of each other, the vendor partition's precompiled policy
is only used if it was compiled against the system partition's policy.
The exact mechanism is that both partitions include a file containing
the SHA-256 digest of the system partition's policy
(plat_sepolicy.cil) and the precompiled policy is considered usable
only if the two digests are identical.
Test: Device with monolithic policy boots up just fine
Test: Device with split policy and with matching precompiled policy
boots up just fine and getprop ro.boottime.init.selinux returns
a number below 100 ms. No "Compiling SELinux policy" message in
dmesg.
Test: Device with split policy and with non-matching precompiled
policy boots up just fine and getpropr ro.boottime.init.selinux
returns a number above 400 ms. There is a "Compiling SELinux
policy" message in dmesg. The non-matching policy was obtained
by adding an allow rule to system/sepolicy, building a new
system image using make systemimage and then flashing it onto
the device.
Bug: 31363362
Change-Id: Ic2e81a83051689b5cd5ef1299ba6aaa1b1df1bdc
Alex Klyubin