Change allows the proper seinfo value to be passed
to libselinux to switch to the proper app security
context before running the shell.
Change-Id: I9d7ea47c920b1bc09a19008345ed7fd0aa426e87
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
Adding a new location for policy files under
/data, the new location is /data/security. The
new location is used before attempting to use
any other location.
This requires a new directory to be created by
the init script and an update to the location of
the property_contexts file for property service.
Change-Id: I955a722ac3e51fa6c1b97201b8bdef3f601cf09d
File descriptors remain open across an exec unless FD_CLOEXEC is
set. Add O_CLOEXEC to the open() call to prevent file descriptor
leakage.
In particular, the following program will eventually run out of
file descriptors:
int main(int argc, char **argv) {
printf("===== entering main =====\n");
ALOGW("entering main");
system("ls -l /proc/self/fd/");
execv(argv[0], argv);
printf("exec failed\n");
return -1;
}
Change-Id: I5be43ab3b9f82a05f242b1f586454c50568af388
When using device tree, platform devices may not have a
/devices/platform/ path prefix, but can be rooted in
/devices/.
Modify the platform device tracking code to store the device
path as well as the name. This way, when we create symlinks, we
can correctly skip the base platform device prefix and get to the
proper device node path.
Change-Id: I939ef8fbcb45c5c803cd9a054e40136a912efc72
Signed-off-by: Dima Zavin <dima@android.com>
This logic has been moved to platform/frameworks/base commit
8a0a929422682ba3eb6a205dc6c0638e68b909de and is no longer needed
here.
This reverts commit 01b1dee0ab.
Backtracing through eh_frame section is more effective allowing to reuse
ebp register for other purposes within routine. GCC with turned on
optimizations (-O1 and above) implicitly defines -fomit-frame-pointer
anyway. eh_frame sections are generated by default with GCC on any
optimization level.
This change implements remote unwinding (separate process unwinding).
Local unwinding is already implemented through _Unwind_Backtrace call
which is implemented in libgcc.
Change-Id: I1aea1ecd19c21710f9cf5f05dc272fc51b67b7aa
Signed-off-by: Pavel Chupin <pavel.v.chupin@intel.com>
By now these sizes are very common, so make sure we support them.
Change-Id: Ib1963fbabc4ec0b4623f2045a3cbeedffbad7ee8
Signed-off-by: Ithamar R. Adema <ithamar@upgrade-android.com>
goldfish is ported to linux-3.4 and have capability to run atrace.
But can't run atrace yet because debugfs is not mounted on boot time.
Change-Id: I0ce23bde3b8d1b2a88d4238272123e3ab8cb6970
Signed-off-by: Young-Ho Cha <ganadist@gmail.com>
The adb sideload utility referes to the filename as 'sideload' in some
places. This patch changes the printouts to display the filename instead.
Change-Id: I38ada01a08bed53a8d9697c03f55ce8cee2abe12
Signed-off-by: Magnus Eriksson <eriksson.mag@gmail.com>
/system/bin/ping no longer requires CAP_NET_RAW, as we're now
using IPPROTO_ICMP. Please see the following for more details:
* http://lwn.net/Articles/443051/
* https://android-review.googlesource.com/52090
* https://android-review.googlesource.com/52072
We can now make ping a normal, unprivileged program.
/system/bin/run-as only requires CAP_SETUID and CAP_SETGID.
Explicitly set the capabilities of this file, and remove
the setuid bit.
This is equivalent to running the following commands:
* chmod 750 /system/bin/run-as
* chown root:shell /system/bin/run-as
* setcap cap_setgid,cap_setuid+ep /system/bin/run-as
Change-Id: I65df858b45e6de4e2190ac9d6d592c06ea9d28cf
For now, remove linux/capability.h . We're haven't started using
capabilities yet, and this file doesn't exist on mac builds.
Change-Id: Id6ec7fdb408bcdfdd538dac65187194c8ee226ff
Allow userspace programs to create IPPROTO_ICMP sockets.
This socket type allows an unprivileged program to safely
send ICMP_ECHO messages and receive the corresponding
ICMP_ECHOREPLY messages, without relying on raw sockets or
setuid programs.
Please see http://lwn.net/Articles/443051/ for details.
In particular, this allows us to use a version of ping
which doesn't have any capabilities
(https://android-review.googlesource.com/52072).
In addition, this allows us to safely implement an IPv4 ICMP
based version of InetAddress.isReachable()
(https://code.google.com/p/android/issues/detail?id=20106)
Change-Id: I876718151efa8219c4f34f573e35e21256fe2316
Elliott Hughes