Commits

Show all
Author Commit Message Labels Comments Date
Robert Craig
Remove policy loading functionality. Moved the sepolicy loading functionality to libselinux. However, the property_contexts loading remains here in init per the comments by AOSP. Conflicts: init/init.c
Tags
seandroid-4.1.1_r4
Robert Craig
Remove file_context option from restorecon. Also get sehandle object from new libselinux function.
Robert Craig
Minor mods to init and ueventd. Remove unneeded headers. Add android.h instead.
Robert Craig
Changes per AOSP comments 39810. Just some minor style issues.
Robert Craig
Changes per AOSP comments 36321. Move file_contexts loading into libselinux. Change selinux.loadpolicy property key name to selinux.reload_policy Conflicts: init/init.c
Stephen Smalley
Use chown -R to set ownerships on selinuxfs.
Stephen Smalley
Add support for -R (recurse) to init chown builtin. This is helpful for setting ownerships on entire directory trees, such as sysfs and selinuxfs, particularly when the precise set of files is dynamically generated at runtime. Change-Id: I81070ea36fd7ffcab4ee8b3ef1bb0028d4b7839c Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Stephen Smalley
Revisions based on AOSP comments on 37860 and 31054. Move restorecon of /dev and /dev/socket from init.rc to init code. Add comments to explain why we use restorecon in init.rc. Ensure that directories created by mkdir_recursive are labeled correctly.
Robert Craig
restorecon tombstone directory
Robert Craig
Fix a potential memory leak.
Stephen Smalley
Merge branch 'jb-release' into seandroid-4.1.1
Tags
seandroid-4.1.1_r3
Jeff Sharkey
Grant sdcard_r to ril-daemon. Bug: 6793799 Change-Id: Ife23c98c30d7b08479d75798c7075005bf281119
Tags
5 tags
Stephen Smalley
Allow system UID to set enforce and booleans. As chown -R was rejected by AOSP, enumerate the booleans. Need to revisit.
Tags
seandroid-4.1.1_r1
Robert Craig
Add persist.mac_enforcing_mode property
Joshua Brindle
add SELinux network labeling script to startup Change-Id: I47100243b04d9629d44c8962eafeacabdcd0e6d2 Signed-off-by: Joshua Brindle <jbrindle@tresys.com>
Stephen Smalley
Skip the ro. prefix before any MAC permission checks.
Stephen Smalley
Implement SELinux/MAC permission checks for the init property service. Requires updated libselinux, sepolicy, and build. Conflicts: init/init.c
Stephen Smalley
Add support for reloading policy from /data/system. To support runtime policy management, add support for reloading policy from /data/system. This can be triggered by setting the selinux.loadpolicy property to 1, whether from init.rc after mounting /data or from the system_server (e.g. upon invocation of a new device admin API for provisioning policy). ueventd and installd are restarted upon policy reloads to pick up the new policy configurations …
Stephen Smalley
Modify init.rc and init.goldfish.rc for SE Android. Set the security context for the init process. Restore the security contexts of various runtime directories and files. Specify the security context for services launched from the rootfs since we cannot label their executables. If on the emulator, set a policy boolean and restore the context of /sys/qemu_trace to allow accesses not normally permitted on a device. Change-Id: I166ffc267e8e0543732e71…
Stephen Smalley
Set the SELinux security label on new directories. Automatically set the SELinux security label on directories created by init.rc. This avoids the need to separately call restorecon on each such directory from the init.rc file. Change-Id: If6af6c4887cdead949737cebdd673957e9273ead Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
The Android Automerger
merge in jb-release history after reset to jb-dev
Tags
3 tags
benoitandroid
adb: Fix adb tcpip command When running "adb tcpip 5555", adb create a service socket named "tcpip:5555". Only compare the 6 first chars "tcpip:" to decide if we enable exit_on_close. Bug: 6650130 Change-Id: I0835973de044f1cfde0e859ff0277c0ccc2630a3
Tags
android-cts-4.1_r1
The Android Automerger
merge in jb-release history after reset to jb-dev
Jamie Gennis
Merge "Enable tracing on user builds" into jb-dev
The Android Automerger
merge in jb-release history after reset to jb-dev
Jamie Gennis
Enable tracing on user builds This change adds init.rc steps to: * allow kernel tracing to be enabled via adb * allow a limited set of kernel trace events to be enabled via adb * allow the kernel trace to be read via adb * allow all users to write to the kernel trace from userland Bug: 6513400 Change-Id: Ic3c189b5697aa5edf88d2f507c932971bed6caff
Jeff Brown
Remove a stray newline in the backtrace output. Bug: 6615693 Change-Id: I1ac1746286afb77c3f5c4042c4592333ebb08a51
Jeff Brown
Enhance native stack dumps. Provides a new mechanism for dumpstate (while running as root) to request that debuggerd dump the stacks of native processes that we care about in bug reports. In this mode, the backtrace is formatted to look similar to a Dalvik backtrace. Moved the tombstone generating code into a separate file to make it easier to maintain. Fixed a bug where sometimes the stack traces would be incomplete beca…
The Android Automerger
merge in jb-release history after reset to jb-dev
Dima Zavin
rootdir: init.rc: remove audio app/sys groups, merge to fg With this change, the audio rr/fifo threads will just run in the fg cgroup. Also, the RR budget for the apps fg/bg threads has been bumped to 80%. Ideally, the bg budget would be much smaller but there are legacy libraries that seem to be very sensitive to this so for now keep it at this value. Bug: 6528015 Change-Id: I08f295e7ba195a449b96cd79d954b0529cee8636 Signed-off-by: Dima Zavin <dima@andr…
  1. Prev
  2. Next