Eliminates various warnings from SELinux-related code.
Bug: 12587913
Change-Id: I28921f0ebd934324436609540d95ccef58552b64
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
If userdata is default encrypted, we should mount it at boot
to avoid bringing the framework up and then down unnecessarily.
Needs matching vold changes from
https://googleplex-android-review.googlesource.com/#/c/412649/
Bug: 8769627
Change-Id: I4b8276befd832cd788e15c36edfbf8f0e18d7e6b
libselinux selinux_android_restorecon API is changing to the more
general interface with flags and dropping the older variants.
Also get rid of the old, no longer used selinux_android_setfilecon API
and rename selinux_android_setfilecon2 to it as it is the only API in use.
Change-Id: I1e71ec398ccdc24cac4ec76f1b858d0f680f4925
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Any app can
socket_local_client_connect(s, "property_service", ANDROID_SOCKET_NAMESPACE_RESERVED, SOCK_STREAM)
and just keep it open without sending anything.
From then on, the property_service.c::handle_property_set_fd() will
just recv() forever.
This prevents any other properties (i.e. property_set("sys.powerctl", "reboot"))
from being processed.
Now, we just poll() for 2 sec before recv(...,MSG_DONTWAIT).
Bug: 12061560
Change-Id: Iffea4ebb444c7100b59c43ed87aecc5c99f9d3e8
This requires telling libselinux to use the sehandle already
obtained by init rather than re-acquiring it internally. init
retains ownership of the sehandle because it performs the
initial load, uses the sehandle for other purposes (e.g. labeling
of directories created via mkdir and labeling of socket files),
and handles the policy reload property trigger.
Change-Id: I4a380caab7f8481c33eb64fcdb16b6cabe918ebd
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
This cleans up most of the size-related problems in system/core.
There are still a few changes needed for a clean 64-bit build,
but they look like they might require changes to things like the
fastboot protocol.
Change-Id: I1560425a289fa158e13e2e3173cc3e71976f92c0
Add a service called "pre-recovery" which is normally stopped but can
be started by the system server when we want to go into recovery. It
will do any preparation needed (currently needed to handle update
packages that reside on an encrypted /data partition) and then set
sys.powerctl when it's ready to actually reboot.
Bug: 12188746
Change-Id: I894a4cb200395a0f6d7fe643ed4c2ac0a45d2052
Currently, the restorecon_recursive("/sys") call in
init.c takes approx 2 seconds on hammerhead. This change
reduces the delay to 1.2 seconds.
1) Avoid double stat call when using nftw (time savings
of 0.3 seconds)
2) Avoid the repeated calls to is_selinux_enabled() (time
savings of 0.5 seconds)
Avoid calling lsetfilecon if the file is already properly
labeled. This doesn't speed up the restorecon on /sys,
but it should help when handling files on /data.
Bug: 11640230
Change-Id: Ie212ce4f4acade208c5676d60c1f03f50e2388a4
By default ueventd creates device nodes under /dev based on the ueventd
DEVPATH. Several subsystems have special rules which are hardcoded in
devices.c. Moving forward these special rules should go in ueventd.rc.
Special rules have the syntax:
subsystem <s>
devname (uevent_devname|uevent_devpath)
[dirname <dir>]
Devices matching SUBSYSTEM=<s> will be populated under <dir>. dirname
is optional and defaults to /dev. If dirname is provided, <dir> must
start with "/".
If devname is uevent_devname, ueventd will create the device node as
<dir>/DEVNAME. DEVNAME may include intermediate subdirectories, which
ueventd will automatically create.
If devname is uevent_devpath, ueventd will use the legacy behavior of
computing DEVPATH_BASE=basepath(DEVPATH), and creating the device node
as <dir>/DEVPATH_BASE.
The new parsing code is based on init_parser.c, with small tweaks to
handle commands which don't fall under a section header.
Change-Id: I3bd1b59d7e62dfc9d289cf6ae889e237fb5bd7c5
Signed-off-by: Greg Hackmann <ghackmann@google.com>
Log an error before discarding problematic events, and add a missing
truncation check to the usb subsystem's unique codepath
Change-Id: I0d05aa287ffc63b46d1752d2a7409d35dc8caca7
Signed-off-by: Greg Hackmann <ghackmann@google.com>
To prevent clashing with forthcoming changes to uevent_parser.c
Change-Id: I2ee183261c7f43e0e4104a16a280c7ee73d7df96
Signed-off-by: Greg Hackmann <ghackmann@google.com>
Under certain conditions, poll() may raise the POLLERR
flag along with POLLIN, in which case the check for
(ufd.revents == POLLIN) results in an endless busy loop.
The following fix was applied to
hardware/libhardware_legacy/uevent/uevent.c
to fix a similar bug:
commit 3aabb260ceef10377c31c9e45fb239247f5cfeba
Author: Mathias Agopian <mathias@google.com>
Date: Mon Oct 1 14:53:18 2012 -0700
fix a typo in uevent_next_eventi
Bug: 7114973
Change-Id: I15a4c714b59aeb1d02db00517d70b5f0e5ab22c2
Applying the same fix for two more poll loops in init
and ueventd.
Change-Id: I50693f6d3c904992ac4b8a9a14a83c7106e6b9e0
Obsolete RLE 565 logo is used nowhere,
because 565 framebuffer isn't used for years.
It's not necessary to keep this thing alive anymore.
Change-Id: Ie61e168790f791230530cd3eb1c68b1f7344c9a7
Functionally equivalent to the restorecon -R toolbox command.
A use case is given by:
I48eaa2b9901ac8c978192c14493ba1058a089423
Also, fix error handling and documentation for restorecon command.
Change-Id: Ia7fbcc82645baf52c6bff0490d3492f458881cbb
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Don't queue actions for "on property=*" if the property does not exist.
This fixes these errors on boot:
init: property 'sys.powerctl' doesn't exist while
expanding '${sys.powerctl}'
init: powerctl: cannot expand '${sys.powerctl}
Change-Id: I3bd354d73a860f856be5df2c654f940445f9efd9
Nick Kralevich