Merge "init.rc: Add nodev,noexec,nosuid to /config"
diff --git a/base/properties.cpp b/base/properties.cpp
index cde4d69..ca8e96f 100644
--- a/base/properties.cpp
+++ b/base/properties.cpp
@@ -23,6 +23,7 @@
#include <algorithm>
#include <chrono>
+#include <limits>
#include <string>
#include <android-base/parseint.h>
@@ -109,7 +110,7 @@
static void DurationToTimeSpec(timespec& ts, const std::chrono::milliseconds d) {
auto s = std::chrono::duration_cast<std::chrono::seconds>(d);
auto ns = std::chrono::duration_cast<std::chrono::nanoseconds>(d - s);
- ts.tv_sec = s.count();
+ ts.tv_sec = std::min<std::chrono::seconds::rep>(s.count(), std::numeric_limits<time_t>::max());
ts.tv_nsec = ns.count();
}
diff --git a/libion/ion_test.c b/libion/ion_test.c
index b7d5583..f3874ae 100644
--- a/libion/ion_test.c
+++ b/libion/ion_test.c
@@ -250,7 +250,7 @@
case 'p':
prot = 0;
prot |= strstr(optarg, "MAP_PRIVATE") ? MAP_PRIVATE : 0;
- prot |= strstr(optarg, "MAP_SHARED") ? MAP_PRIVATE : 0;
+ prot |= strstr(optarg, "MAP_SHARED") ? MAP_SHARED : 0;
break;
case 'f':
alloc_flags = atol(optarg);
diff --git a/rootdir/init.rc b/rootdir/init.rc
index 0bed51b..a213ffb 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -82,7 +82,7 @@
# Mount staging areas for devices managed by vold
# See storage config details at http://source.android.com/tech/storage/
- mount tmpfs tmpfs /mnt mode=0755,uid=0,gid=1000
+ mount tmpfs tmpfs /mnt nodev noexec nosuid mode=0755,uid=0,gid=1000
restorecon_recursive /mnt
mount configfs none /config nodev noexec nosuid
@@ -318,8 +318,9 @@
start hwservicemanager
start vndservicemanager
- # once everything is setup, no need to modify /
- mount rootfs rootfs / ro remount
+ # Once everything is setup, no need to modify /.
+ # The bind+ro combination avoids modifying any other mount flags.
+ mount rootfs rootfs / remount bind ro
# Mount shared so changes propagate into child namespaces
mount rootfs rootfs / shared rec
# Mount default storage into root namespace