Volantis SurfaceFlinger holds open a file on data partition.
SurfaceFlinger is not running when we trigger_default_encryption
but if we start it before starting defaultcrypto it locks open
data, so we can't unmount it.
It will start anyway when main starts, so not starting it here
is safe - it will just cause a 1-2 second delay in the graphics
appearing.
Change-Id: Idd546a578e62a24f999367b1407b37ad0f00f3a2
Note that init.zygote64.rc, which supports a "pure"
64 bit zygote is around only for testing.
The life cycles of both zygotes are controlled by init,
and the assumption here is that they will be available
always. We start the system_server in 32 bit mode.
Note that the distinction between "primary" and "secondary"
simply defines the order in which ABI support is queried,
there's no real requirement that the primary zygote supports
the primary ABI of the device.
bug: 13647418
Change-Id: Id0be001ea6f934c3c2022d89a63aae9fae66cc38
This allows us to choose different configs depending on
whether or not the target is 64 capable, and what its preferred
default is.
bug: 13647418
Change-Id: Ie1ce4245a3add7544c87d27c635ee390f4062523
Remove world-readable, reduce group permissions to readable by system
daemons
Change-Id: I6c7d7d78b8d8281960659bb8490a01cf7fde28b4
Signed-off-by: Greg Hackmann <ghackmann@google.com>
Modify fs_mgr to unmount encryptable drives after test mounting them and
then trigger an auto-encrypt via the init script
Needs matching vold changes from
https://googleplex-android-review.googlesource.com/#/c/414200/
Feature is limited to list of serial numbers with this change
Bug: 11985952
Change-Id: I84f85a258b6a7e9809467c9149249302e203c41b
The kernel's default is between 4~20.
Prepare for javaland to modify the value at runtime.
It can be done via
setprop sys.sysctl.tcp_def_init_rwnd <value>
Bug: 12020135
Change-Id: Id34194b085206fd02e316401c0fbbb9eb52522d2
(cherry picked from commit 7c862c8b5e)
- init: set /proc/sys/net/unix/max_dgram_qlen to 300
- libsysutils: Add listen backlog argument to startListener
- logd: set listen backlog to 300
Change-Id: Id6d37d6c937ba2d221e76258d89c9516619caeec
mkdir /data/misc/wifi subdirectories and /data/misc/dhcp is performed
in the various device-specific init*.rc files but seems generic.
Move it to the main init.rc file.
Drop the separate chown for /data/misc/dhcp as this is handled by mkdir
built-in if the directory already exists.
Add a restorecon_recursive /data/misc/wifi/sockets.
Change-Id: I51b09c5e40946673a38732ea9f601b2d047d3b62
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
* Create a new userspace log daemon for handling logging messages.
Original-Change-Id: I75267df16359684490121e6c31cca48614d79856
Signed-off-by: Nick Kralevich <nnk@google.com>
* Merge conflicts
* rename new syslog daemon to logd to prevent confusion with bionic syslog
* replace racy getGroups call with KISS call to client->getGid()
* Timestamps are filed at logging source
* insert entries into list in timestamp order
* Added LogTimeEntry tail filtration handling
* Added region locking around LogWriter list
* separate threads for each writer
* /dev/socket/logd* permissions
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
(cherry picked from commit 3e76e0a497)
Author: Nick Kralevich <nnk@google.com>
Change-Id: Ice88b1412d8f9daa7f9119b2b5aaf684a5e28098
The kernel's default is between 4~20.
Prepare for javaland to modify the value at runtime.
It can be done via
setprop sys.sysctl.tcp_def_init_rwnd <value>
Bug: 12020135
Change-Id: Id34194b085206fd02e316401c0fbbb9eb52522d2
* Create a new userspace log daemon for handling logging messages.
Original-Change-Id: I75267df16359684490121e6c31cca48614d79856
Signed-off-by: Nick Kralevich <nnk@google.com>
* Merge conflicts
* rename new syslog daemon to logd to prevent confusion with bionic syslog
* replace racy getGroups call with KISS call to client->getGid()
* Timestamps are filed at logging source
* insert entries into list in timestamp order
* Added LogTimeEntry tail filtration handling
* Added region locking around LogWriter list
* separate threads for each writer
* /dev/socket/logd* permissions
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Change-Id: Ice88b1412d8f9daa7f9119b2b5aaf684a5e28098
Set
* /sys/module/lowmemorykiller/parameters/adj
* /sys/module/lowmemorykiller/parameters/minfree
to 0220. This better indicates that these files are only intended
to be written to, never read.
Change-Id: I9ef054f032b3955e04128fc1a472a17c7b1fa792
If userdata is default encrypted, we should mount it at boot
to avoid bringing the framework up and then down unnecessarily.
Needs matching vold changes from
https://googleplex-android-review.googlesource.com/#/c/412649/
Bug: 8769627
Change-Id: I4b8276befd832cd788e15c36edfbf8f0e18d7e6b
With the following prior changes:
I77bf2a0c4c34b1feef6fdf4d6c3bd92dbf32f4a1
I698b1b2c3f00f31fbb2015edf23d33b51aa5bba1
I8dd915d9bb80067339621b905ea2b4ea0fa8d71e
it should now be safe (will correctly label all files)
and reasonably performant (will skip processing unless
file_contexts has changed since the last call) to call
restorecon_recursive /data from init.rc.
The call is placed after the setprop selinux.policy_reload 1 so that
we use any policy update under /data/security if present.
Change-Id: Ib8d9751a47c8e0238cf499fcec61898937945d9d
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
