Fix bug https://code.google.com/p/android/issues/detail?id=54192
which incorrectly calculated the length of a string.
Fix compiler warning:
system/core/toolbox/mount.c:59:2: warning: initializer-string for array of chars is too long [enabled by default]
system/core/toolbox/mount.c:59:2: warning: (near initialization for 'options[16].str') [enabled by default]
Change-Id: If8663f8311c6348a730fcf731d402b57fee10cb5
When a filesystem is mounted read-only, make the underlying
block device read-only too. This helps prevent an attacker
who is able to change permissions on the files in /dev
(for example, symlink attack) from modifying the block device.
In particular, this change would have stopped the LG Thrill / Optimus
3D rooting exploit
(http://vulnfactory.org/blog/2012/02/26/rooting-the-lg-thrill-optimus-3d/)
as that exploit modified the raw block device corresponding to /system.
This change also makes UID=0 less powerful. Block devices cannot
be made writable again without CAP_SYS_ADMIN, so an escalation
to UID=0 by itself doesn't give full root access.
adb/mount: Prior to mounting something read-write, remove the
read-only restrictions on the underlying block device. This avoids
messing up developer workflows.
Change-Id: I135098a8fe06f327336f045aab0d48ed9de33807
The offset variable in lseek is 32 bit and get easily overflow
when accessing with large offset in dd command.
Use lseek64 to resolve it.
Change-Id: Ib75d9dcb587004a6851365ab5bb8584ce1010b57
Set the CAP_SYS_BOOT filesystem capability on the new reboot
command and keep CAP_SYS_BOOT in adb bounding set so that the
shell user can run it.
Change-Id: I1dd6143445ee2a952254f0452ab6e544318431dd
Change setsebool syntax from name=value to name value.
This is to make it consistent with setprop and similar commands.
Update both the init built-in command and the toolbox command
for consistency.
Change-Id: I2c8e016ba26731c4a2ad4a49ae3b89362bf8f8a8
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Comparison of signed and unsigned integers. Use parenthesis around a
group of bitwise OR operations.
Change-Id: Ia404380593ce2c2a291133c07c0fc7a016a3ad3f
'df' command used to display filesystem usage statistics as integer
values, in most cases rounding the actual value down. Because of
that 'df' tended to display faulty size values.
This fix to 'df' utility calculates the fractional part of the size,
then it rounds it when needed to the nearest one-digit integer value
and displays after decimal dot.
Change-Id: I9bc52635d45d3e55ce61b3b1c6b80d1267516e75
Define /storage as top-level concept, so that we enforce permissions
uniformly. Moves external storage paths from headers to per-device
environment variables. Added missing mount flags, and we no longer
have adb-specific external storage.
Bug: 6925012
Change-Id: Ic7ca953be2f552d3f0ec9e69f89fef751daa1b29
To support runtime policy management, add support for reloading
policy from /data/system. This can be triggered by setting the
selinux.loadpolicy property to 1, whether from init.rc after
mounting /data or from the system_server (e.g. upon invocation of
a new device admin API for provisioning policy). ueventd and
installd are restarted upon policy reloads to pick up the new
policy configurations relevant to their operation.
Change-Id: I97479aecef8cec23b32f60e09cc778cc5520b691
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Nick Kralevich