diff options
| author | Elliott Hughes <enh@google.com> | 2015-04-24 18:38:17 +0000 |
|---|---|---|
| committer | Elliott Hughes <enh@google.com> | 2015-04-24 12:26:05 -0700 |
| commit | f65730e620dde083133b8c1ab61c0d07b4dd8c2f (patch) | |
| tree | a92c5688fc45a24edfc25c9a709086d9d752da05 /rootdir | |
| parent | 34dd04dbb53bc6dc1ec4f9c6639b10acb7c53c72 (diff) | |
| download | system_core-f65730e620dde083133b8c1ab61c0d07b4dd8c2f.tar.gz system_core-f65730e620dde083133b8c1ab61c0d07b4dd8c2f.tar.bz2 system_core-f65730e620dde083133b8c1ab61c0d07b4dd8c2f.zip | |
Revert "Revert "Make init re-exec itself for its SELinux domain transition.""
This reverts commit 4217374611ada50f33aee544f015f6f9dfbf7ced.
It turns out that the kernel passes any unrecognized arguments on to init,
and (at least) N6 and N9 have such arguments. My lazy check of argc was
thus insufficient to recognize what stage of init we were in, so we'd
skip to stage 2 and not set up SELinux. And apparently you can get a
very long way with SELinux off... We'll fix that in a later change.
Bug: 19702273
Change-Id: I43b3fb722fed35dd217cb529cbcac9a29aff4e4b
Diffstat (limited to 'rootdir')
| -rw-r--r-- | rootdir/init.rc | 7 |
1 files changed, 0 insertions, 7 deletions
diff --git a/rootdir/init.rc b/rootdir/init.rc index d3c562f20..c00c590aa 100644 --- a/rootdir/init.rc +++ b/rootdir/init.rc @@ -14,13 +14,6 @@ on early-init # Set init and its forked children's oom_adj. write /proc/1/oom_score_adj -1000 - # Apply strict SELinux checking of PROT_EXEC on mmap/mprotect calls. - write /sys/fs/selinux/checkreqprot 0 - - # Set the security context for the init process. - # This should occur before anything else (e.g. ueventd) is started. - setcon u:r:init:s0 - # Set the security context of /adb_keys if present. restorecon /adb_keys |