ACPR/android_system_core
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
5698 commits 1 branch 0 tags 217 MiB
Commit graph

332 commits

Author SHA1 Message Date
Colin Cross
410f8c305b am 79b277ab: Merge "Set security context of /adb_keys and /data/misc/adb/adb_keys." 
* commit '79b277ab73711313690d03a9fb2e9cb3f9242b39':
  Set security context of /adb_keys and /data/misc/adb/adb_keys.
 2013-10-03 15:14:14 -07:00
Colin Cross
230252d5cd am 61afb07b: Merge "Trigger a policy reload from post-fs-data." 
* commit '61afb07b9b14233f76a969840f74ce1ced22bf58':
  Trigger a policy reload from post-fs-data.
 2013-10-01 18:50:18 -07:00
Stephen Smalley
deb41e5127 Set security context of /adb_keys and /data/misc/adb/adb_keys. 
I97b3d86a69681330bba549491a2fb39df6cf20ef introduced a separate type
for the adb_keys file.  Set the security context of the adb_keys file
accordingly by adding restorecon commands to init.rc.

Change-Id: I30e4d2a1ae223a03eadee58a883c79932fff59fe
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
 2013-10-01 09:21:47 -04:00
Colin Cross
61afb07b9b Merge "Trigger a policy reload from post-fs-data." 2013-09-30 20:04:12 +00:00
Nick Kralevich
2e9402863b am 0f507339: Merge "Do not change ownership of /sys/fs/selinux/load to system UID." 
* commit '0f507339ec474a2f67227466efc9045630f1f1a4':
  Do not change ownership of /sys/fs/selinux/load to system UID.
 2013-09-19 08:50:21 -07:00
Stephen Smalley
cc13e8ab87 Do not change ownership of /sys/fs/selinux/load to system UID. 
Policy reload is handled by setting the selinux.reload_policy property
and letting the init process perform the actual loading of policy into
the kernel.  Thus, there should be no need for the system UID to directly
write to /sys/fs/selinux/load.

Change-Id: I240c5bb2deaee757a2e1e396e14dea9e5d9286f5
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
 2013-09-19 11:26:26 -04:00
Stephen Smalley
6552f6885f Trigger a policy reload from post-fs-data. 
Once userdata is available and decrypted, trigger a policy reload to pick
up any policy update files stored under /data/security.

Change-Id: Ic2b3121c3395429b108c40d1d7f5a3124a5896c5
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
 2013-08-26 10:45:05 -04:00
Colin Cross
a1af5cf6d1 am d8d99c45: Merge "Handle policy reloads within ueventd rather than restarting it." 
* commit 'd8d99c45b704399d50ae0a5e4df938d825c70cfa':
  Handle policy reloads within ueventd rather than restarting it.
 2013-08-23 14:33:46 -07:00
Stephen Smalley
e2eb69db6d Handle policy reloads within ueventd rather than restarting it. 
Restarting ueventd upon policy reloads has reportedly created
stability problems for some users and could cause events to be lost.
Stop restarting ueventd and instead handle policy reloads within ueventd.

Also stops restarting installd upon policy reloads.

Change-Id: Ic7f310d69a7c420e48fbc974000cf4a5b9ab4a3b
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
 2013-07-26 15:39:41 -04:00
Robert Greenwalt
dafa66afdd am 2aa33a3d: Add writable data space for radio. 
* commit '2aa33a3dbd1147558098d9a2948450d363ffe468':
  Add writable data space for radio.
 2013-07-19 13:42:54 -07:00
Robert Greenwalt
2aa33a3dbd Add writable data space for radio. 
Storing carrier provisioning urls updates in /data/misc/radio.
bug:9623159

Change-Id: I8d62d4638229733dea0f11f1729c4d22ae2295d1
I36697ed341353b7a3dbec5afe20241102e76f6f1
 2013-07-16 17:18:46 -07:00
Nick Kralevich
9a4913d422 init.rc: remove "on fs" section 
This was only ever used by the emulator. Now the emulator
uses an fstab file.

Change-Id: I1a071e567e1f1a379f9c8079cc2dc17660d8455f
 2013-07-12 13:48:50 -07:00
Nick Kralevich
2713be91a8 am fb1c9cf6: Merge "use ext4 instead of yaffs" 
* commit 'fb1c9cf6fa4efafb3e0c6b0bc93c7f087d926a48':
  use ext4 instead of yaffs
 2013-07-12 11:18:26 -07:00
Nick Kralevich
f4c1512db8 use ext4 instead of yaffs 
This is needed to allow the emulator to use ext4 images.

Bug: https://code.google.com/p/android/issues/detail?id=38561
Change-Id: I02fde6382ad67cf7f4f3b695396841f70bb9301d
 2013-07-09 18:06:11 -07:00
Colin Cross
5f1a938e9c am 3d8e8c14: am 9246f8d6: Merge "init.rc: remove duplicated led-related nodes" 
* commit '3d8e8c147b41dbc6a5e4edf6da1610a83623b5b2':
  init.rc: remove duplicated led-related nodes
 2013-05-20 18:24:21 -07:00
Colin Cross
3d8e8c147b am 9246f8d6: Merge "init.rc: remove duplicated led-related nodes" 
* commit '9246f8d6def40a50933a980fac773a909f2138d7':
  init.rc: remove duplicated led-related nodes
 2013-05-20 18:16:45 -07:00
gcondra@google.com
253e91b4ff am 477e35d6: Revert "Add persistent property for SELinux enforcment status." 
* commit '477e35d6d56c7fe9b2305becdf3ed4f590ddfbd6':
  Revert "Add persistent property for SELinux enforcment status."
 2013-05-20 15:52:28 -07:00
gcondra@google.com
43329bc1c9 am 8a387870: Revert "Reload policy after setting up the data partition." 
* commit '8a3878700eb9cd8ecf495cd01f15face5c3879c8':
  Revert "Reload policy after setting up the data partition."
 2013-05-20 15:52:27 -07:00
gcondra@google.com
b9866649e2 am 52351300: Revert "Add a version check for SELinux policy on device." 
* commit '52351300d156826bf22c493828571f45a1cea16a':
  Revert "Add a version check for SELinux policy on device."
 2013-05-20 15:52:26 -07:00
Sungmin Choi
a8d392da91 init.rc: remove duplicated led-related nodes 
Change-Id: Ibee7ef9137594fc4c30d3ab6ee7bdf3515836c62
 2013-05-19 21:56:36 -07:00
repo sync
477e35d6d5 Revert "Add persistent property for SELinux enforcment status." 
This reverts commit b89bdfde42.
 2013-05-17 12:48:18 -07:00
repo sync
8a3878700e Revert "Reload policy after setting up the data partition." 
This reverts commit fee250d27a.
 2013-05-17 12:47:04 -07:00
repo sync
52351300d1 Revert "Add a version check for SELinux policy on device." 
This reverts commit 921be8b656.
 2013-05-17 12:46:00 -07:00
gcondra@google.com
5a98566d58 am 921be8b6: Add a version check for SELinux policy on device. 
* commit '921be8b6568df0057c4eacbac2e1022b71e09620':
  Add a version check for SELinux policy on device.
 2013-05-14 23:43:56 -07:00
repo sync
921be8b656 Add a version check for SELinux policy on device. 
This helps to ensure that when a new system image is installed,
old userdata policy isn't applied over the top of it.

Bug: 8841348
Change-Id: I135af32250aa62979763e775842ce0af3c8b6f9f
 2013-05-14 21:05:03 -07:00
Colin Cross
cb4b9605cb am 8794b2ee: Merge "Fix perms on /data/security" 
* commit '8794b2eeb2bbd717ca18b8bef5d853f99334aabc':
  Fix perms on /data/security
 2013-04-30 21:12:29 -07:00
Colin Cross
8794b2eeb2 Merge "Fix perms on /data/security" 2013-05-01 03:49:47 +00:00
gcondra@google.com
63577d9280 am fee250d2: Reload policy after setting up the data partition. 
* commit 'fee250d27a9c03af1ba439047b976d89563b1887':
  Reload policy after setting up the data partition.
 2013-04-30 17:04:53 -07:00
repo sync
fee250d27a Reload policy after setting up the data partition. 
This forces a policy reload + fixcon to deal with dynamically
delivered policy changing labels on device nodes.

It's implemented as a new keyword in init.

Bug: 8702843
Change-Id: I803cf1ecf6ff8318ce25dcc5cda4f292adc9738c
 2013-04-30 11:40:22 -07:00
Kenny Root
d14586e35a resolved conflicts for merge of a69af5af to jb-mr2-dev-plus-aosp 
Change-Id: If41560f0fef3103cad2172061a7988ceb5556377
 2013-04-29 23:20:37 -07:00
Kenny Root
ca0404b83e Track change to JSSE provider 
Change-Id: Iff9103fff3591983f2b172f83fd2a6e924986aa7
 2013-04-29 14:20:43 -07:00
gcondra@google.com
14ad786183 am 538b5d4e: Merge "Add persistent property for SELinux enforcment status." into jb-mr2-dev 
* commit '538b5d4e8e4c480b2120aa957fe3e11a2836a1b3':
  Add persistent property for SELinux enforcment status.
 2013-04-26 13:37:52 -07:00
repo sync
538b5d4e8e Merge "Add persistent property for SELinux enforcment status." into jb-mr2-dev 2013-04-26 20:31:21 +00:00
repo sync
b89bdfde42 Add persistent property for SELinux enforcment status. 
Also adds triggers for going between enforcing and
permissive status.

Bug: 8702843
Change-Id: I841d80999b96acf6b6fd0a5408fb074952d6ae72
 2013-04-25 14:19:16 -07:00
Jeff Tinker
9e9ed1b400 am 131ee07b: Merge "Add a new group for MediaDrm engine plugins" into jb-mr2-dev 
* commit '131ee07b77e0250c16cebe2b0e226c5bff8e9587':
  Add a new group for MediaDrm engine plugins
 2013-04-24 21:55:23 -07:00
Jeff Tinker
08d64308b9 Add a new group for MediaDrm engine plugins 
bug: 8702754
Change-Id: I3b7988b64b1dcf4685624e4c1af938e132b82696
 2013-04-23 19:54:17 -07:00
William Roberts
d43bab7b98 Fix perms on /data/security 
installd and zygote need to be able
to search the directory to access
the policy files.

Change-Id: I0679fd2084d2664dfb5a594f493317eff058415d
 2013-04-15 13:56:22 -07:00
Brian Carlstrom
76c674451c Merge "resolved conflicts for merge of 02e8d730 to jb-mr2-dev-plus-aosp" into jb-mr2-dev-plus-aosp 2013-04-03 21:05:34 +00:00
Brian Carlstrom
d3f0e0ae37 resolved conflicts for merge of 02e8d730 to jb-mr2-dev-plus-aosp 
Change-Id: I63d6a2f975a6c0df5c238a2f7592f357441eb767
 2013-04-03 14:03:13 -07:00
Geremy Condra
c2594f36e7 Give system ownership of selinux load and enforce files. 
This is necessary to enable remote updates.

Change-Id: I05fb979c0360eca4cc6e4add48bb42f712a1ba17
 2013-04-03 11:58:12 -07:00
jwilson
8637e8186a Add OkHttp to the boot classpath. 
Change-Id: I185b803b5b804ff8680ef928ce5163727adbf0bd
 2013-04-02 16:23:48 -07:00
Todd Poynor
6b5de1cda2 init.rc: Set owner/perm for interactive governor io_is_busy 
Change-Id: I7537d56a23ca787daf92a9d91778056f987097bd
 2013-03-25 13:17:13 -07:00
Geremy Condra
fb39c0d198 am 4d71493e: am e849970c: Merge "Fix mode on /data/security." 
* commit '4d71493e74ed1ea39e554146351cc39e47cb5d02':
  Fix mode on /data/security.
 2013-03-22 20:54:52 -07:00
William Roberts
bfd71b489b Create a new location for /data policy files 
Adding a new location for policy files under
/data, the new location is /data/security. The
new location is used before attempting to use
any other location.
This requires a new directory to be created by
the init script and an update to the location of
the property_contexts file for property service.

Change-Id: I955a722ac3e51fa6c1b97201b8bdef3f601cf09d
 2013-03-21 14:26:12 -07:00
Stephen Smalley
c0317a7579 Fix mode on /data/security. 
Change-Id: Id97d06a1c360c7871361db147f76b8a2eaceca42
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
 2013-03-21 14:25:16 -04:00
William Roberts
46e1bd89b4 Create a new location for /data policy files 
Adding a new location for policy files under
/data, the new location is /data/security. The
new location is used before attempting to use
any other location.
This requires a new directory to be created by
the init script and an update to the location of
the property_contexts file for property service.

Change-Id: I955a722ac3e51fa6c1b97201b8bdef3f601cf09d
 2013-03-20 19:34:55 -07:00
Jeff Sharkey
fb4f7acefb Add symlink to bugreport storage location. 
Change-Id: I16f024c24767cfa1f5800d568d39fb098a408127
 2013-03-14 14:27:38 -07:00
Glenn Kasten
65e203070c Merge "Add directory for mediaserver" 2013-02-23 01:04:33 +00:00
Glenn Kasten
b0f908a957 Add directory for mediaserver 
Bug: 8223560
Change-Id: Iccc6d439a848445cac0f5b30d1d663aed3f5344e
 2013-02-22 14:54:45 -08:00
Nick Kralevich
fe8425b5c5 am c5ce4108: am 1b64957a: Merge "init.rc: allow IPPROTO_ICMP support" 
* commit 'c5ce4108facc5a1b94fcf9469a189b2cbdfd5e76':
  init.rc: allow IPPROTO_ICMP support
 2013-02-22 09:44:34 -08:00