Gitiles
Code Review Sign In
review.blissroms.org / platform_vendor_bliss / f3de1c31aa9dd2ff4ee11ebe36aee44c1ecc03d9^2..f3de1c31aa9dd2ff4ee11ebe36aee44c1ecc03d9 / .
commitf3de1c31aa9dd2ff4ee11ebe36aee44c1ecc03d9[log] [tgz]
authorDark Eyes <Dark_Eyes_@hotmail.com>Sat Dec 19 05:29:53 2015 -0800
committerGerrit Code Review <gerrit2@buildbox.blissroms.com>Sat Dec 19 05:29:53 2015 -0800
tree64820657d325760691f73cdf04a1a539366c87c7
parent9d66f15921e06e29482ced6e36c26d62cfa8d569 [diff]
parentf3fb07edad611a8fec1824a59267500c34d697b1 [diff]
Merge "Remove CM account and wallpapers" into mm6.0
diff --git a/prebuilt/common/bin/otasigcheck.sh b/prebuilt/common/bin/otasigcheck.sh
index ad7f3a3..99fdaec 100644
--- a/prebuilt/common/bin/otasigcheck.sh
+++ b/prebuilt/common/bin/otasigcheck.sh

@@ -15,14 +15,71 @@
   exit 0
 fi
 
-if [ -f /data/system/packages.xml -a -f /tmp/releasekey ]; then
-  relCert=$(grep -A3 'package name="com.android.htmlviewer"' /data/system/packages.xml  | grep "cert index" | head -n 1 | sed -e 's|.*"\([[:digit:]][[:digit:]]*\)".*|\1|g')
+if [ -f "/data/system/packages.xml" -a -f "/tmp/releasekey" ]; then
+  relkey=$(cat "/tmp/releasekey")
+  OLDIFS="$IFS"
+  IFS=""
+  while read line; do
+    params=${line# *<package *}
+    if [ "$line" != "$params" ]; then
+      kvp=${params%% *}
+      params=${params#* }
+      while [ "$kvp" != "$params" ]; do
+        key=${kvp%%=*}
+        val=${kvp#*=}
+        vlen=$(( ${#val} - 2 ))
+        val=${val:1:$vlen}
+        if [ "$key" = "name" ]; then
+          package="$val"
+        fi
+        kvp=${params%% *}
+        params=${params#* }
+      done
+      continue
+    fi
+    params=${line# *<cert *}
+    if [ "$line" != "$params" ]; then
+      keyidx=""
+      keyval=""
+      kvp=${params%% *}
+      params=${params#* }
+      while [ "$kvp" != "$params" ]; do
+        key=${kvp%%=*}
+        val=${kvp#*=}
+        vlen=$(( ${#val} - 2 ))
+        val=${val:1:$vlen}
+        if [ "$key" = "index" ]; then
+          keyidx="$val"
+        fi
+        if [ "$key" = "key" ]; then
+          keyval="$val"
+        fi
+        kvp=${params%% *}
+        params=${params#* }
+      done
+      if [ -n "$keyidx" ]; then
+        if [ "$package" = "com.android.htmlviewer" ]; then
+          cert_idx="$keyidx"
+        fi
+      fi
+      if [ -n "$keyval" ]; then
+        eval "key_$keyidx=$keyval"
+      fi
+      continue
+    fi
+  done < "/data/system/packages.xml"
+  IFS="$OLDIFS"
 
   # Tools missing? Err on the side of caution and exit cleanly
-  if [ "z$relCert" == "z" ]; then exit 0; fi
+  if [ -z "$cert_idx" ]; then
+    echo "Package cert index not found; skipping signature check..."
+    exit 0
+  fi
 
-  grep "cert index=\"$relCert\"" /data/system/packages.xml | grep -q `cat /tmp/releasekey`
-  if [ $? -ne 0 ]; then
+  varname="key_$cert_idx"
+  eval "pkgkey=\$$varname"
+
+  if [ "$pkgkey" != "$relkey" ]; then
      echo "You have an installed system that isn't signed with this build's key, aborting..."
      exit 124
   fi

diff --git a/prebuilt/common/etc/init.local.rc b/prebuilt/common/etc/init.local.rc
index 3868785..e29b015 100644
--- a/prebuilt/common/etc/init.local.rc
+++ b/prebuilt/common/etc/init.local.rc

@@ -139,6 +139,9 @@
     keycodes 114 115 116
 
 # adb over network
+on property:adb.network.port=*
+    setprop service.adb.tcp.port ${adb.network.port}
+
 on property:service.adb.tcp.port=5555
     stop adbd
     start adbd

diff --git a/sepolicy/adbd.te b/sepolicy/adbd.te
deleted file mode 100644
index 39a87aa..0000000
--- a/sepolicy/adbd.te
+++ /dev/null

@@ -1 +0,0 @@
-allow adbd adbtcp_prop:property_service set;

diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index 7611478..e5ae776 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts

@@ -14,6 +14,9 @@
 /system/etc/init.d/90userinit           u:object_r:userinit_exec:s0
 /data/local/userinit.sh                 u:object_r:userinit_data_exec:s0
 
+# For F2FS partitions marked "formattable"
+/system/bin/mkfs\.f2fs    u:object_r:mkfs_exec:s0
+
 # For minivold in recovery
 /sbin/minivold            u:object_r:vold_exec:s0
 

diff --git a/sepolicy/init.te b/sepolicy/init.te
new file mode 100644
index 0000000..447c720
--- /dev/null
+++ b/sepolicy/init.te

@@ -0,0 +1,4 @@
+# Allow formatting userdata or cache partitions
+allow init block_device:dir search;
+allow init userdata_block_device:blk_file rw_file_perms;
+allow init cache_block_device:blk_file rw_file_perms;

diff --git a/sepolicy/mkfs.te b/sepolicy/mkfs.te
new file mode 100644
index 0000000..fe7c61b
--- /dev/null
+++ b/sepolicy/mkfs.te

@@ -0,0 +1,9 @@
+type mkfs, domain;
+type mkfs_exec, exec_type, file_type;
+
+init_daemon_domain(mkfs)
+
+# Allow formatting userdata or cache partitions
+allow mkfs block_device:dir search;
+allow mkfs userdata_block_device:blk_file rw_file_perms;
+allow mkfs cache_block_device:blk_file rw_file_perms;

diff --git a/sepolicy/property_contexts b/sepolicy/property_contexts
index f1fcfae..bd89e84 100644
--- a/sepolicy/property_contexts
+++ b/sepolicy/property_contexts

@@ -1,4 +1,4 @@
-service.adb.tcp.port          u:object_r:adbtcp_prop:s0
+adb.network.port              u:object_r:adbtcp_prop:s0
 recovery.perf.mode            u:object_r:recovery_prop:s0
 adb.secure                    u:object_r:recovery_prop:s0
 bliss.userinit.active         u:object_r:userinit_prop:s0

diff --git a/sepolicy/shell.te b/sepolicy/shell.te
deleted file mode 100644
index 48b4777..0000000
--- a/sepolicy/shell.te
+++ /dev/null

@@ -1 +0,0 @@
-allow shell adbtcp_prop:property_service set;