DBUS had been needed by bluetooth bluz stack. It is not needed after
we replaced bluez stack with bluedroid stack.
bug 6872904
Change-Id: I3fa41c1dd4ac80bc679d5950b3b20c7f6d12265f
Move the responsibility for rebooting the system from the
reboot command to init. Init is in a better position to take
actions to bring the system down cleanly, including making sure
filesystems are mounted read-only.
The only UIDs which can perform an init triggered reboot are
root, system, and shell.
Modify the reboot command so that it calls into init to perform
the reboot. The reboot command no longer requires CAP_SYS_BOOT.
Remove the -n reboot option and code which supports it. Anyone needing
to do an unclean shutdown can just do a 'echo c > /proc/sysrq-trigger'.
Modify adb so that it calls into init to perform a shutdown.
Bug: 8646621
Change-Id: I84c0513acb549720cb0e8c9fcbda0050f5c396f5
Adding a new location for policy files under
/data, the new location is /data/security. The
new location is used before attempting to use
any other location.
This requires a new directory to be created by
the init script and an update to the location of
the property_contexts file for property service.
Change-Id: I955a722ac3e51fa6c1b97201b8bdef3f601cf09d
Adding a new location for policy files under
/data, the new location is /data/security. The
new location is used before attempting to use
any other location.
This requires a new directory to be created by
the init script and an update to the location of
the property_contexts file for property service.
Change-Id: I955a722ac3e51fa6c1b97201b8bdef3f601cf09d
goldfish is ported to linux-3.4 and have capability to run atrace.
But can't run atrace yet because debugfs is not mounted on boot time.
Change-Id: I0ce23bde3b8d1b2a88d4238272123e3ab8cb6970
Signed-off-by: Young-Ho Cha <ganadist@gmail.com>
Allow userspace programs to create IPPROTO_ICMP sockets.
This socket type allows an unprivileged program to safely
send ICMP_ECHO messages and receive the corresponding
ICMP_ECHOREPLY messages, without relying on raw sockets or
setuid programs.
Please see http://lwn.net/Articles/443051/ for details.
In particular, this allows us to use a version of ping
which doesn't have any capabilities
(https://android-review.googlesource.com/52072).
In addition, this allows us to safely implement an IPv4 ICMP
based version of InetAddress.isReachable()
(https://code.google.com/p/android/issues/detail?id=20106)
Change-Id: I876718151efa8219c4f34f573e35e21256fe2316
This can cause init to be stucked in a loop in very rare cases where
persist.sys.usb.config is set to "none" (because the "setprop
sys.usb.config none" action is added twice to the action list).
The original issue on encrypted devices has been fixed differently
by change # I350c5aab986f8ca86b95f316398d03012553e581
This reverts commit 80828af3de.
Change-Id: Id0a7af8dd861c8d10b80a13b540c8a339b432007
This will help get rid of android_aid.h in the kernel.
The group of the proc entries will be used in place of the default
values picked up by the xt_qtaguid netfilter module
(AID_NET_BW_STATS, AID_NET_BW_ACCT).
This change has no effect until the matching kernel changes are submitted.
Change-Id: I3c177e7b5caf9c59300eba6bd4a976634b333674
On encrypted devices, persistent properties are loaded after the device
is decrypted. To properly change sys.usb.config to its persistent value,
it must first be set to "none" and then to ${persist.sys.usb.config}.
Bug: 7678835
Change-Id: I4f91245cedc04e3178ce9cee21390f5b657733c9
This is necessary for some HWC hals to be able to communicate with
secure side to grant protected access to hardware owned by the
hwc. This is necessary on some architectures to grant access to
secure buffers to overlay/csc hardware
Change-Id: I4e4becba5b4a80310ce8932edea5d0d046fa9b00
Signed-off-by: Dima Zavin <dima@android.com>
When vold mounts things in /mnt/secure/staging, it expects to MS_MOVE
those mountpoints when vetting is finished. However, the kernel
doesn't allow MS_MOVE when the source is shared to child namespaces.
To work around this, create a tmpfs at /mnt/secure and mark it as
private (not shared). Verified that vold can now successfully move
from the staging area.
Bug: 7094858
Change-Id: I5e05b1005c63efa277935c9bbd18cbf3ffdd47a3
Define /storage as top-level concept, so that we enforce permissions
uniformly. Moves external storage paths from headers to per-device
environment variables. Added missing mount flags, and we no longer
have adb-specific external storage.
Bug: 6925012
Change-Id: Ic7ca953be2f552d3f0ec9e69f89fef751daa1b29
Also remove mount() from adb, since it can come online long before
data partition is ready. Set EXTERNAL_STORAGE environment variable
to point to owner for backwards compatibility.
Bug: 7005701
Change-Id: I63444f6636624eb7ad89f053daa289663424639e
Remount rootfs as recursively shared, so that mount changes are
propagated into child namespaces. Mount external storage for access
from adb.
Clean multi-user dependencies for use in Dalvik. Also define
external storage paths.
Bug: 6925012
Change-Id: I375de581a63f4f36667894c56a34a9dd45361e8f
To support runtime policy management, add support for reloading
policy from /data/system. This can be triggered by setting the
selinux.loadpolicy property to 1, whether from init.rc after
mounting /data or from the system_server (e.g. upon invocation of
a new device admin API for provisioning policy). ueventd and
installd are restarted upon policy reloads to pick up the new
policy configurations relevant to their operation.
Change-Id: I97479aecef8cec23b32f60e09cc778cc5520b691
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
chown /proc/last_kmsg to user system group log during init, and
chmod it to readable only by user and group.
Bug: 6925227
Change-Id: I645b6a2d4fecc01a2bd4b7fa7ed6aae3ef638cb9
Set the security context for the init process.
Restore the security contexts of /cache and /data in case they were reset.
Specify the security context for services launched from the rootfs since
we cannot label their executables.
If on the emulator, set a policy boolean and restore the context of
/sys/qemu_trace to allow accesses not normally permitted on a device.
Change-Id: I166ffc267e8e0543732e7118eb0fd4b031efac3b
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
This device is required by libdrm for GPUs like IvyBridge.
Change-Id: I0ac47056a9cec2100f3e6eaa5591571fe6bbc145
Signed-off-by: Lukasz Anaczkowski <lukasz.anaczkowski@intel.com>
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
This change adds init.rc steps to:
* allow kernel tracing to be enabled via adb
* allow a limited set of kernel trace events to be enabled via adb
* allow the kernel trace to be read via adb
* allow all users to write to the kernel trace from userland
Bug: 6513400
Change-Id: Ic3c189b5697aa5edf88d2f507c932971bed6caff
With this change, the audio rr/fifo threads will just run in
the fg cgroup.
Also, the RR budget for the apps fg/bg threads has been bumped
to 80%. Ideally, the bg budget would be much smaller but there
are legacy libraries that seem to be very sensitive to this so
for now keep it at this value.
Bug: 6528015
Change-Id: I08f295e7ba195a449b96cd79d954b0529cee8636
Signed-off-by: Dima Zavin <dima@android.com>
GPS on yakju puts SCHED_RR threads in the fg and bg groups, and
is unhappy with 0.1% limits. Increase the limits to 10%.
Change-Id: I971c9b0a815890d41694b965fdd2b023937a4411
rt_runtime_us=0 can cause deadlocks if a SCHED_FIFO/SCHED_RR thread
is moved into the wrong cgroup.
Change-Id: I4633392fb529039dff6ba5d3a6b672e0de9fc2d9
DRM server process needs to be able to access movies on sdcard
to acquire rights.
related-to-bug: 6414503
Change-Id: If90404e32fd437b8fb7d5a6ec8dfb30a499ef733
CVE-2011-3918: Address denial of service attack against Android's
zygote process. This change enforces that only UID=system can
directly connect to zygote to spawn processes.
Change-Id: I89f5f05fa44ba8582920b66854df3e79527ae067
Forward locked apps on internal storage will be stored in ASEC
containers using ext4. This way permissions can be preserved whether on
internal or external storage.
Change-Id: I942f8f0743c210330a11e2b1d0204df7a5ddb2ae
This change adds init.rc steps to allow kernel tracing to support inserting
messages from any userland process.
Change-Id: I01970728d7132a25408fed09a213a015ac05ccaf
With newer Android kernels, anyone can read from the files in
/dev/log. If you're in the logs group (have the READ_LOGS) permission,
you'll see all entries. If you're not in that group, you'll see
log messages associated with your UID.
Relax the permissions on the files in /dev/log/ to allow an application
to read it's own log messages.
Bug: 5748848
Change-Id: Ie740284e96a69567dc73d738117316f938491777
This is part of the multi-project commit to move the filter-framework
from system/media/mca to frameworks/base/media/mca.
Note that the filter-framework will soon be replaced with a refactored
version currently under API review (also to go under frameworks/base).
This move is done now to unblock the PDK efforts.
Change-Id: I87d034a30bb4b98a85a028cb728e37fb97256039
Make the drm server run as UID=drm, GID=drm. This ensures that
any files created by the drmserver app do not have GID=system.
Bug: 5834297
Change-Id: I3409ad350e9cc82bb0982cdbe470ec1f10b1ca67
Android developers should never place files in /data/local/tmp.
Files or directories in /data/local/tmp can be minipulated by the
shell user.
Android developers should never create world-writable files
or directories. This is a common source of security vulnerabilities.
Change-Id: I6d2cd620ab49d8ca3f39282f7d2ed682a9ba91c3
The keystore service needs to access hardware crypto devices to
fulfill its function on devices with hardware crypto. This role
was assigned to the (now misnamed) drmrpc group.
Change-Id: Ia32f9e96b4372f0974984451680f9a0f6157aa01
CVE-2011-3918: Address denial of service attack against Android's
zygote process. This change enforces that only UID=system can
directly connect to zygote to spawn processes.
Change-Id: I89f5f05fa44ba8582920b66854df3e79527ae067
This removes the hardcoding of the file import in init and instead
allows the init.rc file to fully control what is loaded.
Change-Id: I933e5bbab57f1e8705a370d660f92c6508da94d2
Signed-off-by: Dima Zavin <dima@android.com>
This removes the hardcoding of the file import in init and instead
allows the init.rc file to fully control what is loaded.
Change-Id: I933e5bbab57f1e8705a370d660f92c6508da94d2
Signed-off-by: Dima Zavin <dima@android.com>
Set dmesg_restrict to 1 to help limit inadvertent information leaks
from the kernel to non-privileged programs. Root and programs with
CAP_SYSLOG will continue to have access to dmesg output.
See "dmesg_restrict" in Documentation/sysctl/kernel.txt from the
Linux kernel source code.
Bug: 5585365
Change-Id: Iffcf060ea4bd446ab9acf62b8b61d315d4ec4633
Otherwise, ueventd's oom_adj value would have been 0 and it could
easily get killed early during low memory events
Change-Id: I1adbd18c37215b26ae77e70f7b8dbd1e143fc2d4
Signed-off-by: Dima Zavin <dima@android.com>
To make writing kernel exploits harder, set /proc/sys/kernel/kptr_restrict
to "2". This prohibits users from accessing kernel symbols via /proc/kallsyms
Bug: 5555668
Change-Id: Ib31cb6fcb4d212a0b570ce9e73ae31f721ed801b
Add log group to ril-daemon service. rild is the best place to
know the issue on the modem in many time. It would be helpful
if rild alone can capture the snapshot of logcat buffers at
the moment of problem.
Change-Id: Ie0dcda126fb748a00e650427de35541672359287
The qemu-props program is launched at boot to read a series of
system property assignments from the emulator and apply them.
This is necessary to deal with the dynamic nature of the emulated
platform (e.g. the screen density which depends on the skin and
cannot be hard-coded in the platform image).
This patch ensures that qemu-props is started before any other
service that may read one of these properties (e.g. surface flinger).
This is done by encapsulating the program into a 'core' service.
Core services are all stared before regular ones.
Before the patch, qemu-props was started manually inside a script
that is called from a late emulator-specific boot service
(goldfish-setup).
The problem was that sometimes qemu-props was run too late.
This resulted in random flakiness, especially when running
on a low-end host machine.
Fix for bug 2161189 (and probably a few others)
Change-Id: I2933a25dcb5fecbb1fc238f157264e621b8f295b
The netfilter xt_qtaguid module uses a misc dev so that processes
that use the module can be tracked.
Every process that does socket tagging must open that dev.
Change-Id: I6af3e0f0180637b14455dd9607724523f142c402
Introduces a 'charger' section that is processed when androidboot.mode
supplied on the kernel commandline is "charger".
In this mode, sections such as fs, post-fs, etc are skipped. Only the
'early-init' and 'init' sections of the init rc files are processed before
processing the 'charger' section.
Change-Id: If9eb6334de18f04cbcf2aab784578e2993615242
Signed-off-by: Dima Zavin <dima@android.com>
The mediaserver needs to do communication on behalf of other apps
(browser, ...).
It needs to be able to tag sockets. The kernel will check for net_bw_acct
group membership.
Change-Id: I7fb063fdb7d9435d7f979df6622ff17f34049cbc
Racoon still needs it after dropping root privilege, or pure IPSec VPN
will fail. Mtpd works without it because net_raw implies inet. However
it would be better to set all of them clearly without the assumption.
Change-Id: I50762af2c25ec9cc559e528c7b14f469494fd553
Removed system from mediaserver groups. Not needed anymore
now that AudioFlinger acquires wake locks via PowerManagerService.
Change-Id: I177b968a0a30557d871188bf3991b96d9b391d3c
VPN no longer uses system properties to keep network parameters.
Besides, profiles are now stored and encrypted by keystore.
Change-Id: I7575f04f350b7d8d5ba7008eb874a72180d057e8
There was a regression caused by a change in Honeycomb that removed
mediaserver process from system group to improve security: This prevents
the audio HAL (which runs in mediaserver process) from taking wake locks
while audio is playing thus causing the pcm stream to get unexpectedly
suspended.
This temporary workaround is just to allow ICS dogfood in better conditions until
a real fix taking into account the security issue is implemented.
Change-Id: Ic19a23da4b4383559188b6f5c3a82604c3d95d74
-- This is needed so the modems (LTE & CDMA) are powered on and running
before unlocking encrypted devices
Change-Id: I842f5286499fd76abc554ded550fb837d12b324e
The adb gadget driver used to reset the USB bus when the adbd daemon exited,
and the host side adb relied on this behavior to force it to reconnect
with the new adbd instance after init relaunches it. The new gadget
drivers no longer automatically reset the USB bus when adbd is restarted
which caused adb to hang since it was no longer forced to reconnect with the
device. We attempted to work around this on the host side adb, but that
work around has not been reliable.
This change adds a property trigger on the service.adb.root system property
which will reset the USB bus and restart the adbd daemon when adbd sets
the property to 1. This should be much closer to the previous behavior
and will hopefully fix some problems with automated testing.
Change-Id: I177c37400009a3d83f21a5f9431f94fd1cc19b9b
Signed-off-by: Mike Lockwood <lockwood@android.com>
frameworks/base
Adding IKeyChainService APIs for CertInstaller and Settings use
keystore/java/android/security/IKeyChainService.aidl
libcore
Improve exceptions to include more information
luni/src/main/java/javax/security/auth/x500/X500Principal.java
Move guts of RootKeyStoreSpi to TrustedCertificateStore, leaving only KeyStoreSpi methods.
Added support for adding user CAs in a separate directory for system.
Added support for removing system CAs by placing a copy in a sytem directory
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/RootKeyStoreSpi.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustedCertificateStore.java
Formerly static methods on RootKeyStoreSpi are now instance methods on TrustedCertificateStore
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java
Added test for NativeCrypto.X509_NAME_hash_old and X509_NAME_hash
to make sure the implementing algorithms doe not change since
TrustedCertificateStore depend on X509_NAME_hash_old (OpenSSL
changed the algorithm from MD5 to SHA1 when moving from 0.9.8 to
1.0.0)
luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java
Extensive test of new TrustedCertificateStore behavior
luni/src/test/java/org/apache/harmony/xnet/provider/jsse/TrustedCertificateStoreTest.java
TestKeyStore improvements
- Refactored TestKeyStore to provide simpler createCA method (and
internal createCertificate)
- Cleaned up to remove use of BouncyCastle specific X509Principal
in the TestKeyStore API when the public X500Principal would do.
- Cleaned up TestKeyStore support methods to not throw Exception
to remove need for static blocks for catch clauses in tests.
support/src/test/java/libcore/java/security/TestKeyStore.java
luni/src/test/java/libcore/java/security/KeyStoreTest.java
luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java
Added private PKIXParameters contructor for use by
IndexedPKIXParameters to avoid wart of having to lookup and pass
a TrustAnchor to satisfy the super-class sanity check.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/IndexedPKIXParameters.java
luni/src/main/java/java/security/cert/PKIXParameters.java
packages/apps/CertInstaller
Change CertInstaller to call IKeyChainService.installCertificate
for CA certs to pass them to the KeyChainServiceTest which will
make them available to all apps through the
TrustedCertificateStore. Change PKCS12 extraction to use AsyncTask.
src/com/android/certinstaller/CertInstaller.java
Added installCaCertsToKeyChain and hasCaCerts accessor for use by
CertInstaller. Use hasUserCertificate() internally. Cleanup coding
style.
src/com/android/certinstaller/CredentialHelper.java
packages/apps/KeyChain
Added MANAGE_ACCOUNTS so that IKeyChainService.reset
implementation can remove KeyChain accounts.
AndroidManifest.xml
Implement new IKeyChainService methods:
- Added IKeyChainService.installCaCertificate to install certs
provided by CertInstaller using the TrustedCertificateStore.
- Added IKeyChainService.reset to allow Settings to remove the
KeyChain accounts so that any app granted access to keystore
credentials are revoked when the keystore is reset.
src/com/android/keychain/KeyChainService.java
packages/apps/Settings
Changed com.android.credentials.RESET credential reset action to
also call IKeyChainService.reset to remove any installed user CAs
and remove KeyChain accounts to have AccountManager revoke
credential granted to private keys removed during the RESET.
src/com/android/settings/CredentialStorage.java
Added toast text value for failure case
res/values/strings.xml
system/core
Have init create world readable /data/misc/keychain to allow apps
to access user added CA certificates installed by the CertInstaller.
rootdir/init.rc
Change-Id: I768ca8e8e990ff333ce0f7069a0935173498c5ed
Fix for bug 3415286. The persistent properties are normally read early
in the boot process after /data is mounted. However, for an encrypted
system, at that point /data is a tmpfs ramdisk. This change adds a new
command to init (load_persist_props) to read the persistent properties,
and adds an action to init.rc to load the persistent properties. This
action is triggered by setting a property in vold, but that's in a
different CL.
Change-Id: I74b3057974ee6029c29d956b76fef5566700d471
This is to allow OpenGL ES rendering from the system process,
and help with debugging.
Bug: 4086003
Change-Id: I732e95f4fcaa358f430cc195d8e63a69263bffdc
This change forces the start of the RIL daemon used to provide
3G connectivity to the system. It should normally be started
automatically by init.rc but there is a bug within
system/core/init/builtins.c that prevents this to happen.
Fixes the "No network connectivity" bug while the network
interface and route were properly setup.
Change-Id: Ieec0f513aabf92b8a59f0a86f64a16e97057c3c3
Now that rild can be killed in a reasonable amount of time, move it
from the core class to late_start. I was going to move it to main,
but it would get killed and restarted right after the disk crypto
password was entered, which is when the late_start class is started,
and I was seeing issues with rild not re-connecting to the network
when it was killed and restarted.
Change-Id: I60479ddb853953029890fc816538d615ef5a96ab
The net.eth0.gw system property is used by the ConnectivityService
to set the default route when it detects that 3G connectivity is
established. Because the property was undefined, the route was
unset which broke networking.
+ Format / document init.goldfish.sh
Change-Id: I1133cf6c093609300315cd0ea363c9e139b42521
This fixes the goldfish-specific config scripts used by init and ueventd
to properly setup the system under emulation. This fixes a lot of broken-ess
introduced by recent permission changes in the system.
Note that there are still several problems after this patch is applied, but
at least it becomes possible to get an adb connection to the emulated system,
Change-Id: Iff47bbf0fe5cb759fa93089284bb0f71e32405a2
Changes in init.stingray.rc now prevent rild from making sockets
or named pipes on /data. Now that rild no longer prevents /data
from being unmounted, we can put it in the core class, which doesn't
restart when we enable encryption. This speeds up the boot by 20+
seconds.
Change-Id: I737baf804e089f4ddbd664eaa1e675a7bd62e699
Changes in init.stingray.rc now prevent rild from making sockets
or named pipes on /data. Now that rild no longer prevents /data
from being unmounted, we can put it in the core class, which doesn't
restart when we enable encryption. This speeds up the boot by 20+
seconds.
Change-Id: I71c426dab1b725e401116234167d41c7ccd958c1
Since the "usb" group and ACCESS_USB permission will be used by regular apps
to access USB devices in host mode, we need a separate permission for the
device side MTP driver.
Change-Id: Ibb546b8726d61e041fc7c273f71929624ad1575b
Signed-off-by: Mike Lockwood <lockwood@android.com>
This is a dependency for the DNS proxy CLs.
This CL also adds a new socket for the netd process to inherit which
is owned by the inet group. (so only apps with the INTERNET
permission can use the DNS proxy...)
Change-Id: I8a51924e0ed56c6066f77e6f1b02d39bdadac51e
This fixes the goldfish-specific config scripts used by init and ueventd
to properly setup the system under emulation. This fixes a lot of broken-ess
introduced by recent permission changes in the system.
Note that there are still several problems after this patch is applied, but
at least it becomes possible to get an adb connection to the emulated system,
Change-Id: I1e8f5828b4d5cbb3a4338878df875dc718276b38
These are the changes to init and init.rc necessary to
support booting with and encrypted /data filesystem.
A corresponding change to init.<device>.rc goes along
with this change.
Change-Id: I0c7e2cc39568358014a82e317735c0eae14dd683
Ensure that we drop privileges for servicemanager
and drmioserver. These should not be running with
gid=0.
Bug: 3275526
Testing: Applied change and successfully rebooted
the device. No obvious bugs.
Change-Id: I782fbda812cb88e0a365788b45b3b32894623177
This was an inefficient way of doing things and was
temporary. There are now direct calls to Bluez to add reserved
SDP records.
This improves connection time after turning on BT by 6-8 secs.
Change-Id: I8750f44e1de73c9cc935d68710b8964e3f50c3a6
This is a dependency for the DNS proxy CLs.
This CL also adds a new socket for the netd process to inherit which
is owned by the inet group. (so only apps with the INTERNET
permission can use the DNS proxy...)
Change-Id: Ic3475c697913ba85805b4e49801b65e7a1d59289
Merge commit '33357f5477a24cb16bd3dd692fe5ca14755ab033'
* commit '33357f5477a24cb16bd3dd692fe5ca14755ab033':
Make netd restart when system server hangs on it.
Merge commit '6490257d116c35d3da927ee7b91179dde64ef713' into gingerbread-plus-aosp
* commit '6490257d116c35d3da927ee7b91179dde64ef713':
Make netd restart when system server hangs on it.
netd has been seen hanging (cause suspected but unconfirmed)
which then brings down the system server which blocks forever
on its main thread trying to connect to netd with its hung
event loop.
This then results in an infinite watchdog runtime restart loop
because the situation never improves: netd is still borked.
Instead, we should kill netd and give it another chance when
the system server dies.
Bug: 3018996
Bug: 3017876
Change-Id: Ibf9ecf0ffcb78e48c38e5167f21cbeefe0e2a47f
- look in /vendor/firmware/... in addition to /system/etc/firmware/... for firmware loading
- add /vendor/bin to path before /system/bin
- add /vendor/lib to ldpath before /system/lib
- configure appropriate permissions for /system/vendor/bin
- symlink /vendor -> /system/vendor
Change-Id: I0c06ca1e38a44f0c7024cee6cea8907aa93a4532
Merge commit '8df3a4a554184afba71887995c5f0983ce81196f'
* commit '8df3a4a554184afba71887995c5f0983ce81196f':
remount / as read-only only on post-fs to allow per-target config of /
Merge commit '4012c0a46ab2ebdf6a1298bc4e85ed3368d1b8a4' into gingerbread-plus-aosp
* commit '4012c0a46ab2ebdf6a1298bc4e85ed3368d1b8a4':
remount / as read-only only on post-fs to allow per-target config of /
Merge commit 'f2af88e81af5efb2d585963507f798d5a8b93d67' into gingerbread-plus-aosp
* commit 'f2af88e81af5efb2d585963507f798d5a8b93d67':
Tracking merge of dalvik-dev to gingerbread
This introduces some new buckets that will be used by the activity
manager, and adjusts the default levels to match what we had been
setting for Droid.
It turns out Passion has been using the old levels, which makes no
sense for how much memory it has. Also it is a problem with these
definitions spreading to other projects for different devices, so
I am going to update the defaults to be appropriate for our newer
devices, and put here a file to tune them down for something like
the sapphire.
Change-Id: Ia4f33c4c3b94aeb3656f60b9222072a1d11e9e68
Merge commit 'b1fb3bd13a4da8bc46a44ec5eef6de9cb952f163' into kraken
* commit 'b1fb3bd13a4da8bc46a44ec5eef6de9cb952f163':
Make /proc/kmsg and /proc/sysrq-trigger system-process-readable
This is so that the system process can capture kernel thread stacks when the
watchdog detects a deadlock. Previously, /proc/kmsg was root/root and mode
0400, and /proc/sysrq-trigger was root/root and mode 0200. With this
change, /proc/kmsg becomes root/system and 0440, and /proc/sysrq-trigger
becomes root/system and 0220.
Change-Id: Iac46bd10bd11d495024afeb5d693107ce5074791
init now creates files in /dev/bus/usb/ for user access to USB devices.
Files are chmod 660 with group AID_USB.
Signed-off-by: Mike Lockwood <lockwood@android.com>
Devices with non-MTD storage need to override the filesystem mounting
commands in init.rc. Moving them to a new "fs" init level allows a
custom init.<device>.rc to handle the mounting.
Change-Id: If0e655139b9734650fb798b6eb0a90e2241fc29b
This reverts commit a7d88224ff.
This cgroup subsys should be mounted on it's own mount-point, since it's
addition to /dev/cpuctl causes the cpu subsys to EPERM
Temporarily creating emulated encrypted directories manually.
Will remove those lines once a true encrypted FS is mounted, and proper
framework chanfes have been made. This is required for the feature to
work with the other changes.
Merge commit 'eb67fac4723892ac8ae3fae87c05e776c49029c5' into eclair-mr2-plus-aosp
* commit 'eb67fac4723892ac8ae3fae87c05e776c49029c5':
change /cache/recovery group to cache
Merge commit '5a8cf57eb7aa70f1647b28315a2419c4a6d36828' into eclair-mr2-plus-aosp
* commit '5a8cf57eb7aa70f1647b28315a2419c4a6d36828':
Make the RIL daemon part of the audio group so it can load region-specific
Merge commit '1dec5032cfadc1a3d7687ce5b6cd322e4151ce9d' into eclair-plus-aosp
* commit '1dec5032cfadc1a3d7687ce5b6cd322e4151ce9d':
Force the mediaserver process to restart whenever the zygote or system
Merge commit 'ea935c1d9771fa2cc00583720586c209463f2791' into eclair-plus-aosp
* commit 'ea935c1d9771fa2cc00583720586c209463f2791':
Make vmallocinfo readable by group log so we can put it in bugreports
Merge commit 'a0c98ef01a4c5a859fdde35fed7977b1eb919007' into eclair-plus-aosp
* commit 'a0c98ef01a4c5a859fdde35fed7977b1eb919007':
Ensure -user builds can run the dex preopt pass in the emulator.
This is done by ensuring that /init.goldfish.rc and /system/etc/init.goldfish.sh
are part of the system image, even if it lacks other emulator related bits.
Merge commit 'bb6f68c63d79bf58bd53f463de1bd23d49e5b8a4' into eclair-plus-aosp
* commit 'bb6f68c63d79bf58bd53f463de1bd23d49e5b8a4':
init.rc: mount debugfs for debugging
Merge commit '25f1a5aaffd1ef6e87d53d4fd3c14ea1b6c5b940' into eclair-plus-aosp
* commit '25f1a5aaffd1ef6e87d53d4fd3c14ea1b6c5b940':
init.rc: Adjust permissions on /data/dontpanic/ so dumpstate will not need root
Merge commit '2f21659d4565afd65da1be07c28317a3cb4287a1' into eclair-plus-aosp
* commit '2f21659d4565afd65da1be07c28317a3cb4287a1':
Fix a bug that prevented the "generic" product builds from working in the emulator.
Merge commit '9332482ed2945174d94615f0720f88702cb92667' into eclair-plus-aosp
* commit '9332482ed2945174d94615f0720f88702cb92667':
init.rc: Make /data/dontpanic files readable only by the system process.
This also ensures that emulator-specific files /init.goldfish.rc and
/system/etc/init.goldfish.sh are never part of -user builds, which
correspond to production devices.
Merge commit 'e991decf340e24203ed63f87d9313598cd09a46c' into eclair-plus-aosp
* commit 'e991decf340e24203ed63f87d9313598cd09a46c':
init.rc: Add dumpstate service
init: Add support for enforcing setprop by caller's group.
adb: "adb bugreport" now runs dumpstate via init rather than execing it in the shell.
This fixes both a typo and the fact that sh seems not to have
test or [.
(see also sh/builtins.def: ##testcmd commented out)
The handling of these properties was broken, having the effect
that the Modem in ... internal/telephony/test/Simulated*.java
was never run, even if it would have been the users/developers
intention.
See also issue #1380http://code.google.com/p/android/issues/detail?id=1380
Signed-off-by: Simon.Braunschmidt@gmail.com>
Merge commit 'ee40fc4e64e1656a16603778bee895ea389ec7d5'
* commit 'ee40fc4e64e1656a16603778bee895ea389ec7d5':
rootdir: init.rc: Bump up background cpu shares to 5.0%
Merge commit '160d4b0509e4566930ef9af4f2b9d63b33aebee5'
* commit '160d4b0509e4566930ef9af4f2b9d63b33aebee5':
rootdir: Remove ip-up-vpn script, which is replaced by an executable.
The touch command does not exist, and the chown commands are unnecessary because
the system_server is in the WIFI group.
Signed-off-by: Mike Lockwood <lockwood@android.com>
Merge commit 'eefef3234ae1e3b0f2db71415f134c7ec49899fa'
* commit 'eefef3234ae1e3b0f2db71415f134c7ec49899fa':
Set the permissions of wifi supplicant file so that system can access it.
Merge commit '5c49135b032235f82560d5e55b0e4c547506516b'
* commit '5c49135b032235f82560d5e55b0e4c547506516b':
rootdir: Modify init.rc to run mtpd/racoon as a non-root user.
In CFS, the (somewhat undefined) behavior of sched_yield() changed.
See: http://kerneltrap.org/Linux/CFS_and_sched_yield
This change enables 'compat' mode for sched_yield()
Signed-off-by: San Mehat <san@google.com>
Merge commit 'bfa2f8e9b506a4b710ebcefa7c1e324609b8ca34'
* commit 'bfa2f8e9b506a4b710ebcefa7c1e324609b8ca34':
init: Bump up the max cpu bandwidth shares ratio for background.
Merge commit 'd709b582604e7f9d53b97f9ae13c5e12b2466c56'
* commit 'd709b582604e7f9d53b97f9ae13c5e12b2466c56':
remove 3G timeout values from init.rc, this should be device specific
Merge commit '0bd9a9f5bcaefda8d7d37c9383b004b516009b85'
* commit '0bd9a9f5bcaefda8d7d37c9383b004b516009b85':
Add the ipcp scripts for pppd and racoon configuration for ipsec-tools.
Merge commit '3d6f16e5edc9834b13a0bcc8a33c98e25518d919'
* commit '3d6f16e5edc9834b13a0bcc8a33c98e25518d919':
init.rc: Set default cpu shares for background scheduler group to < 1%
-- changed the default mode to 0770 for keystore with the new user 'keystore'.
-- add the keystore service providing the basic key lookup/install/remove, but
only keystore user can access the key content.
In this initial commit, apps undergoing backup are treated equivalently
to apps hosting services: more important than anything other than the
foreground app.