Commits

Show all
Author Commit Message Labels Comments Date
Elliott Hughes
Track the setsebool change in the emulator init.rc. setsebool's syntax changed in November. This is the sole caller in AOSP. Change-Id: I0da608ee974bc3a9060372ef68a71c52726a44a6
Tags
2 tags
Branches
seandroid-4.2
Stephen Smalley
Add support for socket security context specification. Add an optional argument to the socket option for specifying a SELinux security context for the socket. Normally the socket security context is automatically computed from the service security context or set using the seclabel option, but this facility allows dealing with two scenarios that cannot be addressed using the existing mechanisms: 1) Use of logwrapper to wrap a service. In this case, in…
Branches
seandroid-4.2
William Roberts
Fix perms on /data/security installd and zygote need to be able to search the directory to access the policy files. Change-Id: I0679fd2084d2664dfb5a594f493317eff058415d
Branches
seandroid-4.2
Stephen Smalley
sys/capability.h does not exist in the 4.2 bionic.
Branches
seandroid-4.2
Stephen Smalley
Sync with master auditd.
Branches
seandroid-4.2
Robert Craig
Correct run-as with seinfo parsing capability. Change-Id: I874ccf70bf4d113e294eeb3b7fa5ca7324ad52b3
Branches
seandroid-4.2
Stephen Smalley
Merge tag 'android-4.2.2_r1' into seandroid-4.2 Android 4.2.2 release 1
Branches
seandroid-4.2
William Roberts
Auditd initial commit Initial commit for an audit daemon that writes kernel audit messages to a log file. The daemon runs in uid "audit" or AID_AUDIT. The log files are located at /data/misc/audit/ The daemon maintains two files at this location: audit.log and optionally audit.old. On boot ( if the file is non-zero in size), or when a fixed threshold is hit, the daemon rotates audit.log to audit.old. Optionally, if p…
Branches
seandroid-4.2
William Roberts
Reserve AID_AUDIT AID_AUDIT will be used for an audit daemon for gathering and controlling the Linux audit subsystem. Change-Id: I95d597524b5547a60f3a59f692b4b0a6df0a9645 Conflicts: include/private/android_filesystem_config.h
Branches
seandroid-4.2
Stephen Smalley
Fix mode on /data/security.
Tags
seandroid-4.2.1_r1
Branches
seandroid-4.2
William Roberts
Create a new location for /data policy files Updating the location of policy files from /data/system to /data/securtiy. Requires a new directory to be created by init and an update to the location of the property_contexts file for property service. Change-Id: Ibac2a84dfb403339bd169787cb5b7f24655be429
Branches
seandroid-4.2
Todd Poynor
rootdir: init.rc: set perms for cpufreq governor boostpulse_duration Change-Id: I09b9a1ed548e4ffe1232f583e8ff5f026760f616
Tags
3 tags
Kenny Root
toolbox: silence some compiler warnings Comparison of signed and unsigned integers. Use parenthesis around a group of bitwise OR operations. Change-Id: Ia404380593ce2c2a291133c07c0fc7a016a3ad3f
Branches
seandroid-4.2
Stephen Smalley
Change setsebool syntax to be consistent with other init built-ins. Change setsebool syntax from name=value to name value. This is to make it consistent with setprop and similar commands. Update both the init built-in command and the toolbox command for consistency. Change-Id: I2c8e016ba26731c4a2ad4a49ae3b89362bf8f8a8 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Conflicts: init/builtins.c
Branches
seandroid-4.2
Ben Cheng
Merge "Fix ELF header parser bug." into jb-mr1.1-dev
Ben Cheng
Fix ELF header parser bug. [cherry-picked from AOSP] Program header size should be 32 instead of 40. Bug: 7696928 Change-Id: I48e411837ff8a571544b55ccc37e20202dca424c
Devin Kim
charger: Do not suspend when disconnecting from charger The device should be power off when disconnecting from charger. If the device enter to suspend, the device couldn't handle the power off process. So the device shouldn't suspend to handle the power off at that time Bug: 7429504 Change-Id: I9a0a60e53f315cd83550dc730a33bc7bd464ef67
Iliyan Malchev
charger: fix build Looks like libsuspend is not available on all platforms. Change-Id: Ic32dc93221f3c488e846da35235f247f4ddb4c69 Signed-off-by: Iliyan Malchev <malchev@google.com>
choongryeol.lee
charger: suspend enable in charger mode To reduce power consumption after charging completion, enable suspend when LCD is turned off. Bug: 7429504 Change-Id: I34731dc392661c9051a20cea74f70d94a8aaeb42 Signed-off-by: Iliyan Malchev <malchev@google.com>
benoitandroid
Merge "init.usb.rc: set sys.usb.config to none before changing it" into jb-mr1.1-dev
benoitandroid
init.usb.rc: set sys.usb.config to none before changing it On encrypted devices, persistent properties are loaded after the device is decrypted. To properly change sys.usb.config to its persistent value, it must first be set to "none" and then to ${persist.sys.usb.config}. Bug: 7678835 Change-Id: I4f91245cedc04e3178ce9cee21390f5b657733c9
Iliyan Malchev
libsuspend: compile as a static library Compile libsuspend as a static library as well, currently needed by the charger code in some cases. Related-to-bug: 7429504 Change-Id: I113017c2c855f915b77c76d8934b6e57c0bb532c Signed-off-by: Iliyan Malchev <malchev@google.com>
Stephen Smalley
Label sockets consistently with the seclabel value if specified. This is necessary to ensure that the adbd socket is created in the adbd domain rather than the init domain. Change-Id: Id4997d7f074aeefea62b41c87b46a6609e03f527 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Branches
seandroid-4.2
Robert Craig
Add persist.mac_enforcing_mode property Conflicts: init/property_service.c
Branches
seandroid-4.2
Stephen Smalley
Document the SELinux extensions to the Android init language. Change-Id: I9b066e0789c93e5147c28a60baeed91c44dd9359 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Branches
seandroid-4.2
Robert Craig
run-as: Get seinfo from packages.list and pass to libselinux.
Branches
seandroid-4.2
Stephen Smalley
run-as: set the SELinux security context. Before invoking the specified command or a shell, set the SELinux security context. Change-Id: Ifc7f91aed9d298290b95d771484b322ed7a4c594 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Branches
seandroid-4.2
Stephen Smalley
Allow system UID to setenforce and set booleans for SELinux. Allow system UID to setenforce and set booleans for SELinux. Boolean ownerships must also be reset upon policy reload as the boolean files in selinuxfs are regenerated to match the new policy.
Branches
seandroid-4.2
Stephen Smalley
Add support for -R (recurse) to init chown builtin. This is helpful for setting ownerships on entire directory trees, such as sysfs and selinuxfs, particularly when the precise set of files is dynamically generated at runtime. Change-Id: I81070ea36fd7ffcab4ee8b3ef1bb0028d4b7839c Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Branches
seandroid-4.2
Ken Sumrall
Merge "Fix fs_mgr to properly invoke e2fsck on encrypted devices" into jb-mr1.1-dev
  1. Prev
  2. Next