Age | Commit message (Collapse) | Author | |
---|---|---|---|
2015-12-18 | Fix mips64 build.android-cts_7.1_r1android-cts-7.1_r9android-cts-7.1_r8android-cts-7.1_r7android-cts-7.1_r6android-cts-7.1_r5android-cts-7.1_r4android-cts-7.1_r3android-cts-7.1_r29android-cts-7.1_r28android-cts-7.1_r27android-cts-7.1_r26android-cts-7.1_r25android-cts-7.1_r24android-cts-7.1_r23android-cts-7.1_r22android-cts-7.1_r21android-cts-7.1_r20android-cts-7.1_r2android-cts-7.1_r19android-cts-7.1_r18android-cts-7.1_r17android-cts-7.1_r16android-cts-7.1_r15android-cts-7.1_r14android-cts-7.1_r13android-cts-7.1_r12android-cts-7.1_r11android-cts-7.1_r10android-cts-7.1_r1android-cts-7.0_r9android-cts-7.0_r8android-cts-7.0_r7android-cts-7.0_r6android-cts-7.0_r5android-cts-7.0_r4android-cts-7.0_r33android-cts-7.0_r32android-cts-7.0_r31android-cts-7.0_r30android-cts-7.0_r3android-cts-7.0_r29android-cts-7.0_r28android-cts-7.0_r27android-cts-7.0_r26android-cts-7.0_r25android-cts-7.0_r24android-cts-7.0_r23android-cts-7.0_r22android-cts-7.0_r21android-cts-7.0_r20android-cts-7.0_r2android-cts-7.0_r19android-cts-7.0_r18android-cts-7.0_r17android-cts-7.0_r16android-cts-7.0_r15android-cts-7.0_r14android-cts-7.0_r13android-cts-7.0_r12android-cts-7.0_r11android-cts-7.0_r10android-cts-7.0_r1android-7.1.2_r9android-7.1.2_r8android-7.1.2_r6android-7.1.2_r5android-7.1.2_r4android-7.1.2_r39android-7.1.2_r38android-7.1.2_r37android-7.1.2_r36android-7.1.2_r33android-7.1.2_r32android-7.1.2_r30android-7.1.2_r3android-7.1.2_r29android-7.1.2_r28android-7.1.2_r27android-7.1.2_r25android-7.1.2_r24android-7.1.2_r23android-7.1.2_r2android-7.1.2_r19android-7.1.2_r18android-7.1.2_r17android-7.1.2_r16android-7.1.2_r15android-7.1.2_r14android-7.1.2_r13android-7.1.2_r12android-7.1.2_r11android-7.1.2_r10android-7.1.2_r1android-7.1.1_r9android-7.1.1_r8android-7.1.1_r7android-7.1.1_r61android-7.1.1_r60android-7.1.1_r6android-7.1.1_r59android-7.1.1_r58android-7.1.1_r57android-7.1.1_r56android-7.1.1_r55android-7.1.1_r54android-7.1.1_r53android-7.1.1_r52android-7.1.1_r51android-7.1.1_r50android-7.1.1_r49android-7.1.1_r48android-7.1.1_r47android-7.1.1_r46android-7.1.1_r45android-7.1.1_r44android-7.1.1_r43android-7.1.1_r42android-7.1.1_r41android-7.1.1_r40android-7.1.1_r4android-7.1.1_r39android-7.1.1_r38android-7.1.1_r35android-7.1.1_r33android-7.1.1_r32android-7.1.1_r31android-7.1.1_r3android-7.1.1_r28android-7.1.1_r27android-7.1.1_r26android-7.1.1_r25android-7.1.1_r24android-7.1.1_r23android-7.1.1_r22android-7.1.1_r21android-7.1.1_r20android-7.1.1_r2android-7.1.1_r17android-7.1.1_r16android-7.1.1_r15android-7.1.1_r14android-7.1.1_r13android-7.1.1_r12android-7.1.1_r11android-7.1.1_r10android-7.1.1_r1android-7.1.0_r7android-7.1.0_r6android-7.1.0_r5android-7.1.0_r4android-7.1.0_r3android-7.1.0_r2android-7.1.0_r1android-7.0.0_r9android-7.0.0_r8android-7.0.0_r7android-7.0.0_r6android-7.0.0_r5android-7.0.0_r4android-7.0.0_r36android-7.0.0_r35android-7.0.0_r34android-7.0.0_r33android-7.0.0_r32android-7.0.0_r31android-7.0.0_r30android-7.0.0_r3android-7.0.0_r29android-7.0.0_r28android-7.0.0_r27android-7.0.0_r24android-7.0.0_r21android-7.0.0_r19android-7.0.0_r17android-7.0.0_r15android-7.0.0_r14android-7.0.0_r13android-7.0.0_r12android-7.0.0_r11android-7.0.0_r10android-7.0.0_r1nougat-releasenougat-mr2.3-releasenougat-mr2.2-releasenougat-mr2.1-releasenougat-mr2-security-releasenougat-mr2-releasenougat-mr2-pixel-releasenougat-mr2-devnougat-mr1.8-releasenougat-mr1.7-releasenougat-mr1.6-releasenougat-mr1.5-releasenougat-mr1.4-releasenougat-mr1.3-releasenougat-mr1.2-releasenougat-mr1.1-releasenougat-mr1-volantis-releasenougat-mr1-security-releasenougat-mr1-releasenougat-mr1-flounder-releasenougat-mr1-devnougat-mr1-cts-releasenougat-mr0.5-releasenougat-dr1-releasenougat-devnougat-cts-releasenougat-bugfix-release | Elliott Hughes | |
am: 8e4be28465 * commit '8e4be28465ee3c7732074443359cad925a9bf264': Fix mips64 build. | |||
2015-12-18 | Fix mips64 build.android-wear-n-preview-3android-wear-n-preview-2android-wear-n-preview-1android-wear-7.1.1_r1android-n-preview-5android-n-preview-4android-n-preview-3android-n-preview-2android-n-preview-1android-n-iot-preview-2nougat-mr1-wear-releasen-iot-preview-2brillo-m9-releasebrillo-m9-devbrillo-m10-releasebrillo-m10-dev | Elliott Hughes | |
Change-Id: I2cdc6527921915005c630aba7a183c6523d7f2c6 | |||
2015-12-16 | Add MIPS little endian architectures and fix preprocessor indentation | Chris Dearman | |
am: ce31a91f92 * commit 'ce31a91f92f677e2712d1a7f03da607db17a6b82': Add MIPS little endian architectures and fix preprocessor indentation | |||
2015-12-14 | Add MIPS little endian architectures and fix preprocessor indentation | Chris Dearman | |
MIPS has distinct architecture identifiers for big endian and little endian. This change adds the little endian identifiers and updates the preprocessor indentation to consistently use 2 spaces. Change-Id: Ia48ec946a5b4619cf29f83deef8de2adc0136af5 | |||
2015-11-04 | tlsdate: prevent unnecessary rebuilds | Colin Cross | |
am: 75bc1ed95f * commit '75bc1ed95f269e1274dee1c13a1ce63bb6065ddb': tlsdate: prevent unnecessary rebuilds | |||
2015-11-04 | tlsdate: prevent unnecessary rebuildsbrillo-m8-releasebrillo-m8-dev | Colin Cross | |
tlsdate rebuilds every time the makefiles are reparsed because it embeds the output of a shell date command into the command line, and ninja reruns the command every time it changes. Replace $(shell date +%sL) with $$$(BUILD_NUMBER_FROM_FILE)L, which will read the build date from $(OUT_DIR)/build_date.txt. This date file will be updated on every build, but will not cause a rebuild if it changes, so the date from the most recent time the file was recompiled for other reasons will be used. Bug: 24790431 Change-Id: Ib93ead6512706e13ae6dbd271e7560a3e8c00e8a | |||
2015-10-21 | Fix /data dir creation, \'tlsdated\' service class. | Jorge Lucangeli Obes | |
am: 46e11a8543 * commit '46e11a854350ef2e36aaef2d9daf34f8d7af31f1': Fix /data dir creation, 'tlsdated' service class. | |||
2015-10-20 | Fix /data dir creation, 'tlsdated' service class.brillo-m7-releasebrillo-m7-mr-devbrillo-m7-dev | Jorge Lucangeli Obes | |
/data is not guaranteed to be mounted when 'boot' triggers. 'post-fs-data' guarantees that. Also, move the daemon to class 'late_start', since post-fs-data will not happen in time for class 'main'. Bug: 25122706 Change-Id: I2a636df27461ebc21270dd2380c6d5d69f253d3d | |||
2015-10-13 | am fa9e6d3c: Remove verbose logging in \'tlsdated\' and \'tlsdate\'. | Jorge Lucangeli Obes | |
* commit 'fa9e6d3cc3048f13a629e50808fc914a0f1a331a': Remove verbose logging in 'tlsdated' and 'tlsdate'. | |||
2015-10-12 | Remove verbose logging in 'tlsdated' and 'tlsdate'. | Jorge Lucangeli Obes | |
'tlsdated' and 'tlsdate' account for more than 50% of all logcat output in any Brillo build. Now that tlsdate is working, remove verbose logging. Bug: None Change-Id: I7c0461620df66a6dcc3ed2b391b2bada577a6a07 | |||
2015-10-02 | am e690a81d: Use a dedicated UID/GID for unprivileged execution. | Gilad Arnold | |
* commit 'e690a81d99d4c1c88abf235b306ead73bbfaa012': Use a dedicated UID/GID for unprivileged execution. | |||
2015-10-02 | Use a dedicated UID/GID for unprivileged execution. | Gilad Arnold | |
Bug: 23651876 Change-Id: Ie924bbe5cee74e3095876d6386a6ea21399b8d97 | |||
2015-10-01 | am 1632583d: Remove \'seclabel\' option. | Jorge Lucangeli Obes | |
* commit '1632583d26b8e926d84afec05f0e0d9bdf9ab0ca': Remove 'seclabel' option. | |||
2015-10-01 | Remove 'seclabel' option. | Jorge Lucangeli Obes | |
The executable is already labelled in the filesystem. Bug: 24571067 Change-Id: Ic6b9f85628ca391fc8e9d3232bc74d2df730be35 | |||
2015-09-04 | am e9132c01: Make tlsdated persist and load last set time. | Gilad Arnold | |
* commit 'e9132c014d2a05e410f98cb777a4806dddde3e8e': Make tlsdated persist and load last set time. | |||
2015-09-04 | Make tlsdated persist and load last set time. | Gilad Arnold | |
This enables use of a timestamp file. Note the fchmod(2) call after file opening/creation, used for working around unfavorable umask settings. Bug: 22373707 Change-Id: Id759d3eda55c9c2215991268291ceeac490373d6 | |||
2015-09-01 | am 4a0ae017: Relocate a function to fix a build failure. | Gilad Arnold | |
* commit '4a0ae0177f07c62d336268082539dd64149aa288': Relocate a function to fix a build failure. | |||
2015-09-01 | am 727698b6: Free memory for supplementary groups as soon as possible. | Gilad Arnold | |
* commit '727698b640dad91c1016d26e6cac74e5bc893598': Free memory for supplementary groups as soon as possible. | |||
2015-09-01 | am 9451a040: Drop privileges to nobody:nobody, use supplementary groups as ↵ | Gilad Arnold | |
needed. * commit '9451a040340733ef044493ca396d8fb087df59e0': Drop privileges to nobody:nobody, use supplementary groups as needed. | |||
2015-09-01 | Relocate a function to fix a build failure. | Gilad Arnold | |
This ensures that parse_supp_groups() is only built with main(). Bug: 22373707 Change-Id: I81ab8b7718592d43a8ccccb1ee1e694367205463 | |||
2015-09-01 | Free memory for supplementary groups as soon as possible. | Gilad Arnold | |
Bug: 22373707 Bug: 23651876 Change-Id: I51112d65f53489ff04a0f14b31c198ee4f49c0a3 | |||
2015-09-01 | Drop privileges to nobody:nobody, use supplementary groups as needed. | Gilad Arnold | |
This ensures that, by default, tlsdated runs with the least privileges. We use the new supplementary groups feature to allow use of specific system resources (TCP sockets, DBus). Bug: 22373707 Bug: 23651876 Change-Id: I157f40c0fb42158bbc8f5233af49fe368d23892b | |||
2015-09-01 | am aab93822: Support for dropping privileges with supplementary groups. | Gilad Arnold | |
* commit 'aab9382297008c1d1b7cef361159a44885d52af0': Support for dropping privileges with supplementary groups. | |||
2015-09-01 | am 98fc05cb: Run tlsdated without DBus. | Gilad Arnold | |
* commit '98fc05cbb94eed6925d76de5a75e993296252e7c': Run tlsdated without DBus. | |||
2015-09-01 | am 5dc2a431: Run tlsdated as root. | Gilad Arnold | |
* commit '5dc2a431699336ef28d568ca41563e9f6ab84093': Run tlsdated as root. | |||
2015-09-01 | am e779a4ea: Check whether DBus is initialized before attempting platform init. | Gilad Arnold | |
* commit 'e779a4ea234801eb279f378b6999705f10cd5abc': Check whether DBus is initialized before attempting platform init. | |||
2015-09-01 | am b470cc18: Run as non-root; drop privileges to inet:inet. | Gilad Arnold | |
* commit 'b470cc18ef58c7c6d7e99f80559a69f65f5167e3': Run as non-root; drop privileges to inet:inet. | |||
2015-09-01 | am f73a0e44: Do not open a BIO on stdout. | Gilad Arnold | |
* commit 'f73a0e44adc986e575e9cb8e92a70f406e9d88f9': Do not open a BIO on stdout. | |||
2015-09-01 | am 6b0a9342: Build tlsdate-helper in AOSP. | Gilad Arnold | |
* commit '6b0a9342d07cce9b66dea2d3230f9bdadb9d44d9': Build tlsdate-helper in AOSP. | |||
2015-09-01 | am 5f27bdda: Better handling of EVP_PKEY types. | Gilad Arnold | |
* commit '5f27bddadbe222956e963686151a993ab07c7f94': Better handling of EVP_PKEY types. | |||
2015-09-01 | am 6b31c0f5: Stop using SSL BIO. | Gilad Arnold | |
* commit '6b31c0f559f7e7e9f3ccf29b4ffc4e7dbde420f3': Stop using SSL BIO. | |||
2015-09-01 | Support for dropping privileges with supplementary groups. | Gilad Arnold | |
On Android, we need support for supplementary groups when dropping privileges in order to retain permissions for accessing system resources such as the DBus socket. This CL: 1) Adds a flag -G to tlsdated for listing supplementary groups used when dropping privileges. 2) Adds '-G dbus' to tlsdated Android init script. Bug: 22373707 Bug: 23651876 Change-Id: I0769d5ef496d073c20016c3252c5edbfead2aaa5 | |||
2015-08-31 | Run tlsdated without DBus. | Gilad Arnold | |
Due to dropping privileges early on in its execution, and due to Android's restricted access to DBus and limitations on supplementary GID setup, we temporarily disable tlsdated's connection to DBus. Bug: 22373707 Bug: 23651876 Change-Id: I392d41381e7515223a098457583d3019d65dc6e1 | |||
2015-08-31 | Run tlsdated as root. | Gilad Arnold | |
This is actually needed so it can drop privileges shortly after starting. Bug: 22373707 Change-Id: Ie114a96b80bc5e50525411904c1266fa7072ded0 | |||
2015-08-31 | Check whether DBus is initialized before attempting platform init. | Gilad Arnold | |
Otherwise, we segfault. Bug: 22373707 Change-Id: I94601696055e5f649334f470f4827f92614ff74a | |||
2015-08-31 | Run as non-root; drop privileges to inet:inet. | Gilad Arnold | |
1) We are adding a specific file capability (CAP_SYS_TIME) that allows tlsdated to start as user 'system', like other services. Hence, switching to use the standard init template. 2) Our unprivileged execution needs to connect a socket so we're reusing the existing 'inet' user/group. In the long run, we should have dedicated UID/GID for tlsdated that will provide these privileges. Bug: 22373707 Change-Id: I85f9a5ee744be71691f1187030021d3178ca0861 | |||
2015-08-29 | Do not open a BIO on stdout. | Gilad Arnold | |
The returned object isn't used anyway. Bug: 22373707 Change-Id: I93fb7ef9c64ab4ffc60eed242264fe375ec55a95 | |||
2015-08-29 | Build tlsdate-helper in AOSP. | Gilad Arnold | |
Bug: 22373707 Change-Id: I3b6cc6febc272926edaaf0a98fdd2908155a9ec1 | |||
2015-08-29 | Better handling of EVP_PKEY types. | Gilad Arnold | |
1) EVP_PKEY_bits already returns the number of bits of keys of any type, so no need for case-by-case handling. 2) Some EVP_PKEY constants are not defined in BoringSSL, so we only test them if they're defined. The conversion from key types values to strings was moved to a separate function. Bug: 22373707 Change-Id: I73c383367147afb316fa6e92e456f24078d48c32 | |||
2015-08-28 | Stop using SSL BIO. | Gilad Arnold | |
This type of BIO is not support in BoringSSL. Also, it is not really needed: the same can achieved with an ordinary connect BIO that is added to an SSL object. This form is backward compatible with OpenSSL and therefore preferable. Bug: 22373707 Change-Id: Ib140da3ce534c687dec1502c2cb1bb0b846bcad1 | |||
2015-08-28 | am 6198a2fa: Rename init.tlsdated.rc and tie it to the correct build target. | Gilad Arnold | |
* commit '6198a2fae5cc4f2ccd3ee29160605cab75d7418c': Rename init.tlsdated.rc and tie it to the correct build target. | |||
2015-08-28 | Rename init.tlsdated.rc and tie it to the correct build target. | Gilad Arnold | |
1) With the new Android initrc installation schema, all init files are simply named <daemon_name>.rc. No reason to be different. 2) Actually tie it to tlsdated (and not tlsdated_unittest). Bug: 22373707 Change-Id: Icb0bc5794da81b81683982f5cae3056c2859877c | |||
2015-08-28 | am 793a8117: Add init.tlsdated.rc. | Gilad Arnold | |
* commit '793a81172b131dda5b85e009496344e24cfeab9f': Add init.tlsdated.rc. | |||
2015-08-27 | Add init.tlsdated.rc. | Gilad Arnold | |
Bug: 22373707 Change-Id: I6431bc535cbf19738c5b109f3ab56bcef1ad8fdd | |||
2015-08-27 | am c31964b2: Use a group name that actually exists. | Gilad Arnold | |
* commit 'c31964b2951090a14d1135e4738fe724e6136403': Use a group name that actually exists. | |||
2015-08-27 | am 4def3543: More signed/unsigned comparison and function pointer fixes. | Gilad Arnold | |
* commit '4def35436a9e7d8531fb29b1e6e8c511cf556822': More signed/unsigned comparison and function pointer fixes. | |||
2015-08-27 | am 7a429cf7: Build tlsdated unit tests. | Gilad Arnold | |
* commit '7a429cf71b1332a1096b2f737610969e9c4c9a6d': Build tlsdated unit tests. | |||
2015-08-27 | am e6832d33: Eliminate GNU old-style field initialization. | Gilad Arnold | |
* commit 'e6832d33664c3188b623bf6f058029f229d364c3': Eliminate GNU old-style field initialization. | |||
2015-08-27 | am 838d8b3f: Properly handle legacy/new syscalls. | Gilad Arnold | |
* commit '838d8b3ff0194a05fdac52e2ad66e12d8572aa4e': Properly handle legacy/new syscalls. | |||
2015-08-27 | am a0f9aa39: Handle absence of BIO_CTRL_DUP. | Gilad Arnold | |
* commit 'a0f9aa398cbd2dc7e8e9d2fe6310fb422641655d': Handle absence of BIO_CTRL_DUP. |