It's 5 characters shorter, has no runtime costs, can be stored on a
read-only partition, and avoids problems like b/27262109 and b/27204904.
It allows makes some security hardening easier.
(cherry picked from commit c4084c6694)
Bug: 27262109
Bug: 27204904
Bug: 32799236
Test: verified new symlink created and old one not present
Change-Id: Ief362e13569ad9c868a7f0f9c4dbd6a328c96c6b
When building without vendor/... in the tree, we won't be creating a
vendorimage, so BOARD_VENDORIMAGE_FILE_SYSTEM_TYPE won't be defined. But
we still need to use the vendor image that will be present.
Bug: 31545062
Bug: 30040825
Change-Id: I756adc615aea11da60da4d3a4568caca9fed93ab
This will make it possible to start some key services before mounting
data partition
(cherry picked from commit abfbec342f)
Bug: 30118894
Change-Id: Ia9f8cc035de6cc0df9a61605864915efa0266d7f
persist.sys.usb.config stores the usb functions which need to be enabled
when the phone boots up. When the phone is actually booted, setting this
would also activate the following action trigger on sys.usb.config
From init.usb.rc:
Used to set USB configuration at boot and to switch the configuration
when changing the default configuration
on property:persist.sys.usb.config=*
setprop sys.usb.config ${persist.sys.usb.config}
sys.usb.config is anyways set to the actual functions by UsbDeviceManager
once it is set to none. Therefore add "on boot" condition to the above
action trigger so that persist.sys.usb.config does not race with
sys.usb.config.
BUG: 30440213
Change-Id: I3333d0b8334fb627469c7faad250bf3151bb1ebf
The sched_compat_yield option was eliminated in Linux 2.6.38 by commit
ac53db596cc0 ("sched: Use a buddy to implement yield_task_fair()") and
as a result, the following error is printed to the log during boot up.
init: write_file: Unable to open '/proc/sys/kernel/sched_compat_yield':
No such file or directory"
Bug: 30034121
Change-Id: Idbdb68de0cb3ab1f67d82a4d66af880bcfdfe261
(cherry picked from commit 724dfbac70)
Extend the asan.options file to read binary-specific configuration
from files out of /system. For early services, the system image
location is important as /data may not be available when they are
started.
Add a template that turns most sanitization off. At this point in
time, it is, however, impossible to get to a zero overhead state
after the fact. The template is meant to adapt a build after the
fact, and work around issues with LOCAL_SANITIZE := never.
Add a Make variable and rule copying the template to the path and
name expected by ASAN. Add SANITIZE_LITE to automatically add a
large set of options files.
Bug: 29498013
Change-Id: I8e9e6929a55cee3f3fa0acb377a886bfa7006c91
We will store OTA packages there for both A/B and non-A/B OTAs. The
directory will be accessed by GMSCore (for both), uncrypt (non-A/B),
update_engine (A/B), update_verifier (A/B) and possibly system server
(for non-A/B OTAs to clean up half-way uncrypt'd packages).
Bug: 28944800
Change-Id: I5aa8156ec5052bd15dfadd4d8c28925d464e4401
(Cherry picked from commit 2b22a66382)
This adds a system property for controlling unprivileged access to
perf_event_paranoid. It depends on adding kernel support for
perf_event_paranoid=3 based on grsecurity's PERF_HARDEN feature to
completely disable unprivileged access to perf. A minimal port of this
feature is used in the vanilla Debian kernel by default.
It hides the non-hardened value as an implementation detail, since while
it is currently 1, it will probably become 2 in the future.
Bug: 29054680
Change-Id: I6e3ae3cf18d8c76df94f879c34fb6fde519b89a9
When using EAS, the foreground tasks were all getting boosted
during touchboosts. Limit it to top-app tasks.
BUG: 28378389
Change-Id: I72b7158a614bfd9b6c61024774e408ceba61fc9c
Create symlink from /cache to /data/cache for devices
which have no cache partition.
Bug: 28747374
Change-Id: Ifb0c3250f1be345ce46fcdb78533e36c2250bb85
The old way (using triggers) starts defaultcrypto twice because
queue_property_triggers_action retriggers the action.
Bug: 27452459
Change-Id: I48c844836f551673d0dbfed6c33bd8ee1e035f40
We create per-user directories under this location, so it should
only be created once by init, similar to all the other user-specific
directories.
Bug: 27896918
Change-Id: I9ec55e4fd763c0eda6c6e50483694a6377344586
"You are in a maze of twisty little symlinks, all alike."
Restore the /mnt/sdcard symlink, for compatibility with older Android
apps. This symlink was suppose to have been removed in the Gingerbread
time frame, but lives on.
Note: The /mnt/sdcard symlink was originally created in device specific
*.rc files in the device/vendor/hardware/* directory. This change moves
the creation of the symlink into the common init.rc file.
Bug: 25801877
Bug: 28108983
Change-Id: I2f9bf71bddffadb587d7376dfdfc8a546c84ec28
It was dropped in the migration to the public.libraries format
NDK is the same on standard Android and Wear.
Bug: 27742249
Change-Id: I1eafbb649c0ccc5b9a93471fa387624d838bd3d0
This list contains libraries that should directly or indirectly
be accessible to apps for the platform. Note that this list is
not device specific but rather device class specific.
For now we have 2 separate lists; one for Android Phones and Tablets,
and another one for Android Wear devices.
Bug: http://b/27546414
Bug: http://b/22548808
Change-Id: I83de5e3cf67392d0e9af66f70123898bd5997146
The new top level directory /postinstall is used by the A/B updater to
mount the new partition and run a post-install program before rebooting
into that new system.
init.rc was extended to label this new directory since the initrd has
no extended attributes.
Bug: 27177071
TEST=`ls -laZ /` shows the /postinstall directory on edison-eng
(cherry picked from commit bb968fb04d)
Change-Id: Iff993135c7ce3a1a0f6450892ef7382da408fd5e
cameraserver from nyc uses cameraserver as its username.
thus this change is needed for AVD (android virtual device)'s
camera HAL which is attached to cameraserver to work as that
HAL writes some files to /data/misc/media. the backward compatibility
issue should be handled as separate changes. this approach is
preferred for finer-grained security isolation.
Change-Id: If028667d62df8fcac634ff1001759c39703b00dd
Current profiles (the ones which have not been used for
compilation) are stored in /data/misc/profiles/cur/0/pkgname/.
Reference profiles (the merged of all user profiles, used for
compilation) are stored in /data/misc/profiles/ref/pkgname/.
Add a method to get the shared app gid from an uid or appid.
Bug: 26719109
Bug: 26563023
Change-Id: I89601d7dbeb3041df882c141a9127dac200a645e
libprocessgroup checks whether it can use memory
cgroups for keeping track of forked processes by
seeing whether /dev/memcg/apps is writable. However,
on systems with memory cgroups disabled, SELinux
(correctly) no longer classifies this directory as a cgroup,
and starts denying zygote access. To fix this,
first check whether /dev/memcg/apps/tasks exists to
see if the cgroup is mounted; only then check whether
we can write to the directory.
Bug: 27046965
Change-Id: I6e44cd62d8c396e20ceb162c50606b3e86f2cb3e
The Shell app that stores bugreports now lives under DE storage for
all devices, both FBE and non-FBE.
Bug: 26668510
Change-Id: Iead1dcb98181a5caccf4d0c1e86de62abc6dc990
