summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNick Kralevich <nnk@google.com>2014-01-13 20:52:17 +0100
committerAndroid Git Automerger <android-git-automerger@android.com>2014-01-13 20:52:17 +0100
commit7e0d30667cf53a182525f87dd0c8cb0e2628a1ed (patch)
tree8effd2f8aa84d3b4297af291d07bd0578baa4a20
parentam 617d1cad: Merge "minui: do not use flexible array initialization" (diff)
parentMerge "Set SELinux security contexts correctly for init and services." (diff)
downloadandroid_bootable_recovery-7e0d30667cf53a182525f87dd0c8cb0e2628a1ed.tar
android_bootable_recovery-7e0d30667cf53a182525f87dd0c8cb0e2628a1ed.tar.gz
android_bootable_recovery-7e0d30667cf53a182525f87dd0c8cb0e2628a1ed.tar.bz2
android_bootable_recovery-7e0d30667cf53a182525f87dd0c8cb0e2628a1ed.tar.lz
android_bootable_recovery-7e0d30667cf53a182525f87dd0c8cb0e2628a1ed.tar.xz
android_bootable_recovery-7e0d30667cf53a182525f87dd0c8cb0e2628a1ed.tar.zst
android_bootable_recovery-7e0d30667cf53a182525f87dd0c8cb0e2628a1ed.zip
Diffstat (limited to '')
-rw-r--r--etc/init.rc11
1 files changed, 11 insertions, 0 deletions
diff --git a/etc/init.rc b/etc/init.rc
index 175489066..5f9ce80a2 100644
--- a/etc/init.rc
+++ b/etc/init.rc
@@ -1,6 +1,13 @@
import /init.recovery.${ro.hardware}.rc
on early-init
+ # Apply strict SELinux checking of PROT_EXEC on mmap/mprotect calls.
+ write /sys/fs/selinux/checkreqprot 0
+
+ # Set the security context for the init process.
+ # This should occur before anything else (e.g. ueventd) is started.
+ setcon u:r:init:s0
+
start ueventd
start healthd
@@ -43,15 +50,19 @@ on property:sys.powerctl=*
service ueventd /sbin/ueventd
critical
+ seclabel u:r:ueventd:s0
service healthd /sbin/healthd -n
critical
+ seclabel u:r:healthd:s0
service recovery /sbin/recovery
+ seclabel u:r:recovery:s0
service adbd /sbin/adbd recovery
disabled
socket adbd stream 660 system system
+ seclabel u:r:adbd:s0
# Always start adbd on userdebug and eng builds
on property:ro.debuggable=1