ACPR/android_system_core
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
5698 commits 1 branch 0 tags 217 MiB
Commit graph

460 commits

Author SHA1 Message Date
Colin Cross
410f8c305b am 79b277ab: Merge "Set security context of /adb_keys and /data/misc/adb/adb_keys." 
* commit '79b277ab73711313690d03a9fb2e9cb3f9242b39':
  Set security context of /adb_keys and /data/misc/adb/adb_keys.
 2013-10-03 15:14:14 -07:00
Alex Klyubin
b1dd176520 am b42fc74f: Merge "Expose /dev/hw_random to group "system"." 
* commit 'b42fc74f0db60e1e86deaf527b3b7e7ec53dcc54':
  Expose /dev/hw_random to group "system".
 2013-10-03 15:14:13 -07:00
Colin Cross
79b277ab73 Merge "Set security context of /adb_keys and /data/misc/adb/adb_keys." 2013-10-03 22:13:06 +00:00
Alex Klyubin
b2478a713a Expose /dev/hw_random to group "system". 
This is needed to let EntropyMixer (runs inside system_server) read
from /dev/hw_random.

Change-Id: Ifde851004301ffd41b2189151a64a0c5989c630f
 2013-10-03 13:32:36 -07:00
Colin Cross
230252d5cd am 61afb07b: Merge "Trigger a policy reload from post-fs-data." 
* commit '61afb07b9b14233f76a969840f74ce1ced22bf58':
  Trigger a policy reload from post-fs-data.
 2013-10-01 18:50:18 -07:00
Stephen Smalley
deb41e5127 Set security context of /adb_keys and /data/misc/adb/adb_keys. 
I97b3d86a69681330bba549491a2fb39df6cf20ef introduced a separate type
for the adb_keys file.  Set the security context of the adb_keys file
accordingly by adding restorecon commands to init.rc.

Change-Id: I30e4d2a1ae223a03eadee58a883c79932fff59fe
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
 2013-10-01 09:21:47 -04:00
Colin Cross
61afb07b9b Merge "Trigger a policy reload from post-fs-data." 2013-09-30 20:04:12 +00:00
Nick Kralevich
2e9402863b am 0f507339: Merge "Do not change ownership of /sys/fs/selinux/load to system UID." 
* commit '0f507339ec474a2f67227466efc9045630f1f1a4':
  Do not change ownership of /sys/fs/selinux/load to system UID.
 2013-09-19 08:50:21 -07:00
Stephen Smalley
cc13e8ab87 Do not change ownership of /sys/fs/selinux/load to system UID. 
Policy reload is handled by setting the selinux.reload_policy property
and letting the init process perform the actual loading of policy into
the kernel.  Thus, there should be no need for the system UID to directly
write to /sys/fs/selinux/load.

Change-Id: I240c5bb2deaee757a2e1e396e14dea9e5d9286f5
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
 2013-09-19 11:26:26 -04:00
Stephen Smalley
6552f6885f Trigger a policy reload from post-fs-data. 
Once userdata is available and decrypted, trigger a policy reload to pick
up any policy update files stored under /data/security.

Change-Id: Ic2b3121c3395429b108c40d1d7f5a3124a5896c5
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
 2013-08-26 10:45:05 -04:00
Colin Cross
a1af5cf6d1 am d8d99c45: Merge "Handle policy reloads within ueventd rather than restarting it." 
* commit 'd8d99c45b704399d50ae0a5e4df938d825c70cfa':
  Handle policy reloads within ueventd rather than restarting it.
 2013-08-23 14:33:46 -07:00
Stephen Smalley
e2eb69db6d Handle policy reloads within ueventd rather than restarting it. 
Restarting ueventd upon policy reloads has reportedly created
stability problems for some users and could cause events to be lost.
Stop restarting ueventd and instead handle policy reloads within ueventd.

Also stops restarting installd upon policy reloads.

Change-Id: Ic7f310d69a7c420e48fbc974000cf4a5b9ab4a3b
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
 2013-07-26 15:39:41 -04:00
Robert Greenwalt
dafa66afdd am 2aa33a3d: Add writable data space for radio. 
* commit '2aa33a3dbd1147558098d9a2948450d363ffe468':
  Add writable data space for radio.
 2013-07-19 13:42:54 -07:00
Robert Greenwalt
2aa33a3dbd Add writable data space for radio. 
Storing carrier provisioning urls updates in /data/misc/radio.
bug:9623159

Change-Id: I8d62d4638229733dea0f11f1729c4d22ae2295d1
I36697ed341353b7a3dbec5afe20241102e76f6f1
 2013-07-16 17:18:46 -07:00
Nick Kralevich
9a4913d422 init.rc: remove "on fs" section 
This was only ever used by the emulator. Now the emulator
uses an fstab file.

Change-Id: I1a071e567e1f1a379f9c8079cc2dc17660d8455f
 2013-07-12 13:48:50 -07:00
Nick Kralevich
2713be91a8 am fb1c9cf6: Merge "use ext4 instead of yaffs" 
* commit 'fb1c9cf6fa4efafb3e0c6b0bc93c7f087d926a48':
  use ext4 instead of yaffs
 2013-07-12 11:18:26 -07:00
Nick Kralevich
f4c1512db8 use ext4 instead of yaffs 
This is needed to allow the emulator to use ext4 images.

Bug: https://code.google.com/p/android/issues/detail?id=38561
Change-Id: I02fde6382ad67cf7f4f3b695396841f70bb9301d
 2013-07-09 18:06:11 -07:00
Colin Cross
fafcabd0dd Merge "Added net.dns1 prop for emulator, as Android emulator ignores it by default." 2013-07-03 22:35:42 +00:00
Colin Cross
5f1a938e9c am 3d8e8c14: am 9246f8d6: Merge "init.rc: remove duplicated led-related nodes" 
* commit '3d8e8c147b41dbc6a5e4edf6da1610a83623b5b2':
  init.rc: remove duplicated led-related nodes
 2013-05-20 18:24:21 -07:00
Colin Cross
3d8e8c147b am 9246f8d6: Merge "init.rc: remove duplicated led-related nodes" 
* commit '9246f8d6def40a50933a980fac773a909f2138d7':
  init.rc: remove duplicated led-related nodes
 2013-05-20 18:16:45 -07:00
gcondra@google.com
253e91b4ff am 477e35d6: Revert "Add persistent property for SELinux enforcment status." 
* commit '477e35d6d56c7fe9b2305becdf3ed4f590ddfbd6':
  Revert "Add persistent property for SELinux enforcment status."
 2013-05-20 15:52:28 -07:00
gcondra@google.com
43329bc1c9 am 8a387870: Revert "Reload policy after setting up the data partition." 
* commit '8a3878700eb9cd8ecf495cd01f15face5c3879c8':
  Revert "Reload policy after setting up the data partition."
 2013-05-20 15:52:27 -07:00
gcondra@google.com
b9866649e2 am 52351300: Revert "Add a version check for SELinux policy on device." 
* commit '52351300d156826bf22c493828571f45a1cea16a':
  Revert "Add a version check for SELinux policy on device."
 2013-05-20 15:52:26 -07:00
Sungmin Choi
a8d392da91 init.rc: remove duplicated led-related nodes 
Change-Id: Ibee7ef9137594fc4c30d3ab6ee7bdf3515836c62
 2013-05-19 21:56:36 -07:00
repo sync
477e35d6d5 Revert "Add persistent property for SELinux enforcment status." 
This reverts commit b89bdfde42.
 2013-05-17 12:48:18 -07:00
repo sync
8a3878700e Revert "Reload policy after setting up the data partition." 
This reverts commit fee250d27a.
 2013-05-17 12:47:04 -07:00
repo sync
52351300d1 Revert "Add a version check for SELinux policy on device." 
This reverts commit 921be8b656.
 2013-05-17 12:46:00 -07:00
Ron Munitz
b1b45b9bd4 Added net.dns1 prop for emulator, as Android emulator ignores it by default. 
This commit sets up the system property which is actually used by the
Connectivity Service
(frameworks/base/services/java/com/android/server/ConnectivityService.java).
It fixes an (obsolete?) convention where the dns was affected directly by
the interface (i.e. "net.eth0.dns1=10.0.2.3"), which causes the Android
Emulator (goldfish) to ignore this value, and effectively have no DNS
resolving at all.

An immediate fix can be either add reference to net.eth%s.dns%s in the
ConnectivityService and possibly on the dhcp code as well which would be
bloated, or just stick to the apparant new convention.

I chose the latter as a one line fix which gets the job done.

Change-Id: Id4364129e9a82c1f48403068a837aca54de07944
 2013-05-17 17:58:02 +00:00
gcondra@google.com
5a98566d58 am 921be8b6: Add a version check for SELinux policy on device. 
* commit '921be8b6568df0057c4eacbac2e1022b71e09620':
  Add a version check for SELinux policy on device.
 2013-05-14 23:43:56 -07:00
repo sync
921be8b656 Add a version check for SELinux policy on device. 
This helps to ensure that when a new system image is installed,
old userdata policy isn't applied over the top of it.

Bug: 8841348
Change-Id: I135af32250aa62979763e775842ce0af3c8b6f9f
 2013-05-14 21:05:03 -07:00
Colin Cross
cb4b9605cb am 8794b2ee: Merge "Fix perms on /data/security" 
* commit '8794b2eeb2bbd717ca18b8bef5d853f99334aabc':
  Fix perms on /data/security
 2013-04-30 21:12:29 -07:00
Colin Cross
8794b2eeb2 Merge "Fix perms on /data/security" 2013-05-01 03:49:47 +00:00
gcondra@google.com
63577d9280 am fee250d2: Reload policy after setting up the data partition. 
* commit 'fee250d27a9c03af1ba439047b976d89563b1887':
  Reload policy after setting up the data partition.
 2013-04-30 17:04:53 -07:00
repo sync
fee250d27a Reload policy after setting up the data partition. 
This forces a policy reload + fixcon to deal with dynamically
delivered policy changing labels on device nodes.

It's implemented as a new keyword in init.

Bug: 8702843
Change-Id: I803cf1ecf6ff8318ce25dcc5cda4f292adc9738c
 2013-04-30 11:40:22 -07:00
Kenny Root
d14586e35a resolved conflicts for merge of a69af5af to jb-mr2-dev-plus-aosp 
Change-Id: If41560f0fef3103cad2172061a7988ceb5556377
 2013-04-29 23:20:37 -07:00
Kenny Root
ca0404b83e Track change to JSSE provider 
Change-Id: Iff9103fff3591983f2b172f83fd2a6e924986aa7
 2013-04-29 14:20:43 -07:00
gcondra@google.com
14ad786183 am 538b5d4e: Merge "Add persistent property for SELinux enforcment status." into jb-mr2-dev 
* commit '538b5d4e8e4c480b2120aa957fe3e11a2836a1b3':
  Add persistent property for SELinux enforcment status.
 2013-04-26 13:37:52 -07:00
repo sync
538b5d4e8e Merge "Add persistent property for SELinux enforcment status." into jb-mr2-dev 2013-04-26 20:31:21 +00:00
repo sync
b89bdfde42 Add persistent property for SELinux enforcment status. 
Also adds triggers for going between enforcing and
permissive status.

Bug: 8702843
Change-Id: I841d80999b96acf6b6fd0a5408fb074952d6ae72
 2013-04-25 14:19:16 -07:00
Jeff Tinker
9e9ed1b400 am 131ee07b: Merge "Add a new group for MediaDrm engine plugins" into jb-mr2-dev 
* commit '131ee07b77e0250c16cebe2b0e226c5bff8e9587':
  Add a new group for MediaDrm engine plugins
 2013-04-24 21:55:23 -07:00
Jeff Tinker
131ee07b77 Merge "Add a new group for MediaDrm engine plugins" into jb-mr2-dev 2013-04-25 04:54:02 +00:00
Matthew Xie
0db6600a60 am 7ee2e26e: Remove DBUS from make and header files 
* commit '7ee2e26eb98da10eaddf5a8e864d508cceab946b':
  Remove DBUS from make and header files
 2013-04-24 14:21:52 -07:00
Jeff Tinker
08d64308b9 Add a new group for MediaDrm engine plugins 
bug: 8702754
Change-Id: I3b7988b64b1dcf4685624e4c1af938e132b82696
 2013-04-23 19:54:17 -07:00
Matthew Xie
7ee2e26eb9 Remove DBUS from make and header files 
DBUS had been needed by bluetooth bluz stack. It is not needed after
we replaced bluez stack with bluedroid stack.
bug 6872904

Change-Id: I3fa41c1dd4ac80bc679d5950b3b20c7f6d12265f
 2013-04-23 14:02:16 -07:00
William Roberts
d43bab7b98 Fix perms on /data/security 
installd and zygote need to be able
to search the directory to access
the policy files.

Change-Id: I0679fd2084d2664dfb5a594f493317eff058415d
 2013-04-15 13:56:22 -07:00
Keun-young Park
ad999a09ab Merge "rootdir: goldfish: mount debugfs on boot time" 2013-04-05 16:19:20 +00:00
Brian Carlstrom
76c674451c Merge "resolved conflicts for merge of 02e8d730 to jb-mr2-dev-plus-aosp" into jb-mr2-dev-plus-aosp 2013-04-03 21:05:34 +00:00
Brian Carlstrom
d3f0e0ae37 resolved conflicts for merge of 02e8d730 to jb-mr2-dev-plus-aosp 
Change-Id: I63d6a2f975a6c0df5c238a2f7592f357441eb767
 2013-04-03 14:03:13 -07:00
Geremy Condra
c2594f36e7 Give system ownership of selinux load and enforce files. 
This is necessary to enable remote updates.

Change-Id: I05fb979c0360eca4cc6e4add48bb42f712a1ba17
 2013-04-03 11:58:12 -07:00
jwilson
8637e8186a Add OkHttp to the boot classpath. 
Change-Id: I185b803b5b804ff8680ef928ce5163727adbf0bd
 2013-04-02 16:23:48 -07:00