am 390c1203: am 1cddc209: Ignore ro.adb.secure in user builds.
* commit '390c1203145121497256d12ea99da61483933e8b':
Ignore ro.adb.secure in user builds.
diff --git a/gatekeeperd/tests/gatekeeper_test.cpp b/gatekeeperd/tests/gatekeeper_test.cpp
index 15b2b69..47a8bfa 100644
--- a/gatekeeperd/tests/gatekeeper_test.cpp
+++ b/gatekeeperd/tests/gatekeeper_test.cpp
@@ -14,11 +14,12 @@
* limitations under the License.
*/
-#include <gtest/gtest.h>
-#include <UniquePtr.h>
+#include <arpa/inet.h>
#include <iostream>
+#include <gtest/gtest.h>
#include <hardware/hw_auth_token.h>
+#include <UniquePtr.h>
#include "../SoftGateKeeper.h"
diff --git a/init/builtins.cpp b/init/builtins.cpp
index ca31c50..58e9087 100644
--- a/init/builtins.cpp
+++ b/init/builtins.cpp
@@ -839,18 +839,31 @@
return 0;
}
+static bool is_file_crypto() {
+ char prop_value[PROP_VALUE_MAX] = {0};
+ property_get("ro.crypto.type", prop_value);
+ return strcmp(prop_value, "file") == 0;
+}
+
int do_installkey(int nargs, char **args)
{
if (nargs != 2) {
return -1;
}
-
- char prop_value[PROP_VALUE_MAX] = {0};
- property_get("ro.crypto.type", prop_value);
- if (strcmp(prop_value, "file")) {
+ if (!is_file_crypto()) {
return 0;
}
-
return e4crypt_create_device_key(args[1],
do_installkeys_ensure_dir_exists);
}
+
+int do_setusercryptopolicies(int nargs, char **args)
+{
+ if (nargs != 2) {
+ return -1;
+ }
+ if (!is_file_crypto()) {
+ return 0;
+ }
+ return e4crypt_set_user_crypto_policies(args[1]);
+}
diff --git a/init/init_parser.cpp b/init/init_parser.cpp
index 956ed25..ed77b6f 100644
--- a/init/init_parser.cpp
+++ b/init/init_parser.cpp
@@ -187,6 +187,7 @@
if (!strcmp(s, "etenv")) return K_setenv;
if (!strcmp(s, "etprop")) return K_setprop;
if (!strcmp(s, "etrlimit")) return K_setrlimit;
+ if (!strcmp(s, "etusercryptopolicies")) return K_setusercryptopolicies;
if (!strcmp(s, "ocket")) return K_socket;
if (!strcmp(s, "tart")) return K_start;
if (!strcmp(s, "top")) return K_stop;
diff --git a/init/keywords.h b/init/keywords.h
index e637d7d..d5c7667 100644
--- a/init/keywords.h
+++ b/init/keywords.h
@@ -22,6 +22,7 @@
int do_rmdir(int nargs, char **args);
int do_setprop(int nargs, char **args);
int do_setrlimit(int nargs, char **args);
+int do_setusercryptopolicies(int nargs, char **args);
int do_start(int nargs, char **args);
int do_stop(int nargs, char **args);
int do_swapon_all(int nargs, char **args);
@@ -86,6 +87,7 @@
KEYWORD(setenv, OPTION, 2, 0)
KEYWORD(setprop, COMMAND, 2, do_setprop)
KEYWORD(setrlimit, COMMAND, 3, do_setrlimit)
+ KEYWORD(setusercryptopolicies, COMMAND, 1, do_setusercryptopolicies)
KEYWORD(socket, OPTION, 0, 0)
KEYWORD(start, COMMAND, 1, do_start)
KEYWORD(stop, COMMAND, 1, do_stop)
diff --git a/rootdir/init.rc b/rootdir/init.rc
index 0be8d4c..d53f4f9 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -258,6 +258,7 @@
# Emulated internal storage area
mkdir /data/media 0770 media_rw media_rw
+
# Start bootcharting as soon as possible after the data partition is
# mounted to collect more data.
mkdir /data/bootchart 0755 shell shell
@@ -292,6 +293,7 @@
chmod 0660 /data/misc/wifi/wpa_supplicant.conf
mkdir /data/local 0751 root root
mkdir /data/misc/media 0700 media media
+ mkdir /data/misc/vold 0700 root root
# For security reasons, /data/local/tmp should always be empty.
# Do not place files or directories in /data/local/tmp
@@ -341,6 +343,8 @@
mkdir /data/system/heapdump 0700 system system
mkdir /data/user 0711 system system
+ setusercryptopolicies /data/user
+
# Reload policy from /data/security if present.
setprop selinux.reload_policy 1
@@ -559,6 +563,7 @@
onrestart restart zygote
onrestart restart media
onrestart restart surfaceflinger
+ onrestart restart inputflinger
onrestart restart drm
service vold /system/bin/vold \
@@ -596,6 +601,12 @@
group graphics drmrpc
onrestart restart zygote
+service inputflinger /system/bin/inputflinger
+ class main
+ user system
+ group input
+# onrestart restart zygote
+
service drm /system/bin/drmserver
class main
user drm