Commit Graph

33 Commits

Author SHA1 Message Date
Nick Kralevich 4d87095ebf Remove calls to is_selinux_enabled()
d34e407aeb removed support for
running with SELinux completely disabled. SELinux must either be
in permissive or enforcing mode now.

Remove unnecessary calls to is_selinux_enabled(). It always returns
true now.

Change-Id: Ife3156b74b13b2e590afe4accf716fc7776567e5
2015-06-12 22:12:33 -07:00
Mark Salyzyn 17fff893c0 init: change exec parsing to make SECLABEL optional
Allow SECLABEL to be - to denote default

Change-Id: I58cdc6c805dc6e50dc42b7e13e72d0eaf4864f11
2015-06-02 15:17:52 -07:00
Elliott Hughes c7331d02d1 Reduce the coldboot timeout to 1s.
5s was already a ridiculously long time to delay booting, and some OEMs are
trying to make it even more insane:

  https://www.codeaurora.org/cgit/quic/la/platform/system/core/commit/?h=lp&id=fd23edd48272976d2fb333f377242173f92aa343

Let's at least ensure that Nexus and Android One devices don't take forever
to boot...

Bug: http://b/19899875
Change-Id: I9680c166a759360f34118e51cd0645e12b6bd5c8
2015-05-14 12:03:14 -07:00
Elliott Hughes e5ce30fed8 Clean up init /proc/cmdline handling.
Helped debug a problem where the N9 bootloader incorrectly
concatenated the various command lines.

Bug: http://b/20906691
Change-Id: I0580b06f4185129c7eedf0bdf74b5ce17f88bf9c
2015-05-07 11:02:08 -07:00
Nick Kralevich d34e407aeb init: remove support for disabled SELinux
Remove support for androidboot.selinux=disabled. Running with SELinux
disabled is not a supported configuration anymore. SELinux must be
in enforcing in shipping devices, but we also support permissive for
userdebug/eng builds.

Don't try security_setenforce() if we're already in enforcing mode.
A kernel compiled without CONFIG_SECURITY_SELINUX_DEVELOP does
not have a permissive mode, so the kernel will already be enforcing
once the policy is loaded.

Bug: 19702273
Change-Id: I07525a017ddb682020ec0d42e56a2702c053bdeb
2015-04-28 13:11:07 -07:00
Nick Kralevich f667a3247a init: get rid of the remaining double mounts
Don't double mount /dev and its subdirectories anymore. Instead, the
first stage init is solely responsible for mounting it.

Don't have init prepare the property space. This is the responsibility
of the second stage init.

Don't have SELinux use the property space to determine how we should
be running. Instead, create a new function and extract the data we
need directly from /proc/cmdline. SELinux needs this information in
the first stage init process where the property service isn't available.

Change-Id: I5b4f3bec79463a7381a68f30bdda78b5cc122a96
2015-04-25 18:29:26 -07:00
Nick Kralevich 178299fd45 Merge "init: don't double mount /proc and /sys" 2015-04-25 23:11:27 +00:00
Nick Kralevich 9dec93bfeb init: don't double mount /proc and /sys
The first stage init mounts /proc and /sys, and then the second
stage init also mounts /proc and /sys on top of the existing mount.
Only mount these two directories once, in the first stage init.

Not yet fixed: the double mounting of /dev. Removing the double
mounting doesn't work right now because both init stages are trying
to create a property space, and if the double mount of /dev goes away,
the property service in the second stage init fails to work.

Change-Id: I13719027a47526d074390c2b1a605ad99fb43a8f
2015-04-25 15:50:03 -07:00
Nick Kralevich eedbe81f75 init: fix write_file checkreqprot logic error
write_file() returned -errno on error, not -1. Callers who check for
-1 would falsely believe that the write was successful when it wasn't.
Fixup write_file so that it return -1 on error consistent
with other functions.

Change-Id: Ic51aaf8678d8d97b2606bd171f11b3b11f642e39
2015-04-25 15:36:13 -07:00
Nick Kralevich a1f6a4b139 init: remove mkdir /dev /proc /sys
These directories are already present in the initial ramdisk, and
these mkdir calls are no-ops.

Change-Id: I528f9e96a3471de904845a2f9e09c1b6ff83a708
2015-04-25 13:48:26 -07:00
Elliott Hughes 929f407076 Switch init to epoll.
Not just because it's what the cool kids are doing --- it also lets us
simplify the inner loop and decouple it from whatever systems want to
be woken to perform some activity if there's data to be read on some fd.

Currently this is just used to clean up the existing signal handling,
keychord, and property service code.

Change-Id: I4d7541a2c4386957ad877df69e3be08b96a7dec5
2015-04-24 21:13:44 -07:00
Elliott Hughes c6c26ed781 Clean up property service initialization.
All the code that was being delayed does is create a socket. We can
do that straight away, avoid the overhead, and simplify our main loop.

The keychord fd, on the other hand, seems a little tricky. It looks
like /dev/keychord isn't immediately available, at least not on N9;
we have to wait for ueventd to set us up the bomb.

Change-Id: I020e75b8e4b233497707f0a3cbbb6038b714161f
2015-04-24 19:15:20 -07:00
Elliott Hughes 9042cae40b Clean up init signal handling a little.
We can set it up earlier, and error reporting like this helped me find
the SELinux problem with the last change to this code.

Change-Id: If0f38bc5ff0465c4030e2d39d34f31f49b2d8487
2015-04-24 17:43:21 -07:00
Elliott Hughes 662baefbb7 Merge "Setup signal handler before any exec command" 2015-04-25 00:24:55 +00:00
Elliott Hughes f65730e620 Revert "Revert "Make init re-exec itself for its SELinux domain transition.""
This reverts commit 4217374611.

It turns out that the kernel passes any unrecognized arguments on to init,
and (at least) N6 and N9 have such arguments. My lazy check of argc was
thus insufficient to recognize what stage of init we were in, so we'd
skip to stage 2 and not set up SELinux. And apparently you can get a
very long way with SELinux off... We'll fix that in a later change.

Bug: 19702273
Change-Id: I43b3fb722fed35dd217cb529cbcac9a29aff4e4b
2015-04-24 12:26:05 -07:00
Nick Kralevich 4217374611 Revert "Make init re-exec itself for its SELinux domain transition."
shamu isn't booting.

This reverts commit adf0d1bbfa.

Change-Id: I89d568838cebbe14cc4a8ae3843f0f1ac54987af
2015-04-24 16:57:21 +00:00
Elliott Hughes adf0d1bbfa Make init re-exec itself for its SELinux domain transition.
Change-Id: I38adabe5789d671e3f7d21936071a758ec8cea8a
2015-04-23 15:20:51 -07:00
Johan Redestig 4f673306fc Setup signal handler before any exec command
Fixes init deadlock when an exec command was called
in an on-init section.

The exec command handling relies on that the signal handler
mechanism is working to know when to continue executing
commands.

Change-Id: Ib0ce75ffad7cf3bf926c93d0506b2fe3e5a92630
2015-04-18 14:18:25 +02:00
Elliott Hughes da40c00137 Log more timing information from init.
Also make important events in init's life NOTICE rather than INFO,
and ensure that NOTICE events actually make it to the kernel log.

Also fix the logging so that if you have a printf format string
error, the compiler now catches it.

Also give messages from init, ueventd, and watchdogd distinct tags.
(Previously they'd all call themselves "init", and dmesg doesn't
include pids, so you couldn't untangle them.)

Also include the tag in SELinux messages.

Bug: 19544788
Change-Id: Ica6daea065bfdb80155c52c0b06f346a7df208fe
2015-03-28 00:25:22 -07:00
Elliott Hughes db3f267c99 Clean up property setting code.
In particular, ensure that all property_set failures are reported.

Change-Id: Iab94a28bcba2346868c0f39bcfe26e55a2c55562
2015-03-20 10:03:32 -07:00
Elliott Hughes d679bc9e56 Lose bootmode and console globals.
Also remove some code marked "TODO: these are obsolete. We should delete
them".

Change-Id: I6255cee4cb6680bfcbc5b46366990309cba95037
2015-03-20 08:58:42 -07:00
Rom Lemarchand 6a52443d31 Parse boot properties from device tree
- Make sure compatible DT node is "android,firmware"
- Set ro.boot.* properties from firmware/android/ DT node

(cherry-pick of cbcbea27c70846a96f4bba2f7cb245f937de4d3f.)

Change-Id: If3d0716831516cb3d3fde1f75d57e2691d42d054
2015-03-19 16:32:02 -07:00
Elliott Hughes bbc01d8254 Merge "Remove /proc/cpuinfo parsing" 2015-03-19 23:21:29 +00:00
Elliott Hughes 0dccc888bd Remove useless memset from init.
Change-Id: Ia880810bb2c9a976dceeb0ffdba0cb98e69e3c6d
2015-03-18 20:17:31 -07:00
Elliott Hughes cc86fb2b29 Switch init over to _PATH_DEFPATH.
Bug: 19564110
Change-Id: I343b4a360b10319dca13ab01f2d411ff940e9052
2015-03-17 20:01:13 -07:00
Rom Lemarchand 74b34f3cb7 Remove /proc/cpuinfo parsing
- Clean up the paths for ro.revision and ro.hardware parsing
- Use ro.hardwre in ueventd instead of parsing the kernel command line

(cherry-pick of 38b340a52f8e864650db8bae1eb88d5c00485db0.)

Bug: 19366018
Change-Id: I018a293f3d46e736a8b65132b5b00b0f7c20edae
2015-03-14 11:05:48 -07:00
Elliott Hughes 58c3bacc38 Fix a printf format string (caught by clang but not GCC).
Change-Id: I665756615eef74b05ef92f5865d910f29ead0695
2015-03-11 12:31:53 -07:00
Elliott Hughes 8d82ea05cb Implement exec.
Change-Id: I20329bc9b378479d745b498d6a00eca0872cd5ab
2015-02-25 17:55:34 -08:00
Yabin Cui e2d63af002 Move sprintf to snprintf.
Bug: 19340053
Change-Id: Id0d866e6195ed4752b4be6081eeb2aab8b1dbe9a
2015-02-17 19:27:51 -08:00
Yongqin Liu a197ff12dd bootchart: fix bootchart can not be triggered problem
bootchart uses a file on the data partition to decide if it should collect
data for bootchart, but the data partition will be mounted by the mount_all
command in the "on fs" section, and it will be only added into the action
queue when command "trigger fs" is executed, but that's after the
bootchart_init action (late_init).

This change makes bootchart_init a builtin command of init,
and make it executed as the first command of "on post-fs" section
which will be triggered after the "on fs" section.

This change also refactors the bootchart code to all be in bootchart.cpp.

Change-Id: Ia74aa34ca5b785f51fcffdd383075a549b2a99d9
Signed-off-by: Yongqin Liu <yongqin.liu@linaro.org>
2015-02-12 12:13:24 -08:00
Elliott Hughes f682b4786a Clean up reading and writing in init.
This isn't particularly useful in and of itself, but it does introduce the
first (trivial) unit test, improves the documentation (including details
about how to debug init crashes), and made me aware of how unpleasant the
existing parser is.

I also fixed a bug in passing --- unless you thought the "peboot" and "pm"
commands were features...

Bug: 19217569
Change-Id: I6ab76129a543ce3ed3dab52ef2c638009874c3de
2015-02-06 14:20:30 -08:00
Elliott Hughes c0e919c920 Stop using #if for conditional compilation.
Use regular 'if' to prevent bitrot.

Also remove remaining typedefs.

Change-Id: I2e6ca928e2db29b88b643cf990ff05cfb0be94a6
2015-02-04 17:16:11 -08:00
Elliott Hughes f3cf438714 Build init as C++.
This is just the minimal change to keep it building.

Change-Id: I245c5b8413a1db114576c81462eb5737f5ffcef2
2015-02-04 08:59:10 -08:00