Commit Graph

920 Commits

Author SHA1 Message Date
Tom Cherry 1563d6546c Remove property_area_initialized
This is deadcode as property_init() will only ever be called once and
the only remaining caller of properties_initialized() is
Service::NotifyStateChange() which can only be called after properties
have been initialized.

Change-Id: Ie071af84fcdbead72d259890fc8fb8db624282e7
2015-12-07 17:53:39 -08:00
Tom Cherry c68998441c Merge "Remove ANDROID_PROPERTY_WORKSPACE" 2015-12-08 01:29:53 +00:00
Elliott Hughes 4f71319df0 Track rename of base/ to android-base/.
Change-Id: Idf9444fece4aa89c93e15640de59a91f6e758ccf
2015-12-04 22:00:26 -08:00
Tom Cherry 265f525e21 Remove ANDROID_PROPERTY_WORKSPACE
Bug 23290008

Change-Id: I95babe735444ada10c67594ace700cae5d1ec0b3
2015-12-04 14:11:02 -08:00
Tom Cherry 6036114f93 Abort if __system_property_area_init fails
If __system_property_area_init() fails, there is a fundamental issue
with the system and we should abort from init.

Bug: 21852512
Change-Id: I05d7978ba3bcc347027a6d9443de7cdd229033d2
2015-12-02 11:29:12 -08:00
Tom Cherry e36a85cdcc restorecon /property_contexts
/property_contexts exists before selinux policies are loaded, so we must
restorecon before other processes can access it

Bug: 21852512
Change-Id: Ie983caac635eb928ab19eea996a5625f3673de39
2015-12-01 17:47:35 -08:00
Nick Kralevich 83ccb1c76b init: Don't ignore setsockcreatecon errors
The init language supports setting the creation context of a socket
as the 6th argument to the socket keyword. For example, in the
following service, the context associated with the netd socket
is u:r:netd:s0

service netd /system/bin/netd
    class main
    socket netd stream 0660 root system u:r:netd:s0
    socket dnsproxyd stream 0660 root inet
    socket mdns stream 0660 root system
    socket fwmarkd stream 0660 root inet

The 6 argument form of the socket statement is rarely if ever used,
since the init code supplies a sensible default.

Currently, there's no error checking on the value supplied as
the 6th argument. For example, if you have the following socket
statement:

  socket netd stream 0660 root system graphics

a socket will attempt to get created with an invalid "graphics"
context. When setsockcreatecon fails, it retains the default socket
creation context, which for init is u:r:init:s0. This results in a
socket being created which is in an unexpected context.

Check the return value from the setsockcreatecon() call. If an
invalid context is specified, return early and don't subsequently
attempt to create the socket with the default context.

Bug: 25851205
Change-Id: Ic66cd6f7efe3897fb247b587ddeac5d35e1602b7
2015-11-23 17:09:49 -08:00
Nick Kralevich 2d8f1d4c47 Merge "Enable hidepid=2 on /proc" 2015-11-09 20:05:22 +00:00
Nick Kralevich c39ba5ae32 Enable hidepid=2 on /proc
Add the following mount options to the /proc filesystem:

  hidepid=2,gid=3009

This change blocks /proc access unless you're in group 3009
(aka AID_READPROC).

Please see
  https://github.com/torvalds/linux/blob/master/Documentation/filesystems/proc.txt
for documentation on the hidepid option.

hidepid=2 is preferred over hidepid=1 since it leaks less information
and doesn't generate SELinux ptrace denials when trying to access
/proc without being in the proper group.

Add AID_READPROC to processes which need to access /proc entries for
other UIDs.

Bug: 23310674
Change-Id: I22bb55ff7b80ff722945e224845215196f09dafa
2015-11-09 09:08:46 -08:00
Rom Lemarchand 1dcf325844 init: skip "name" DT entry
DTs have a standard "name" entry which is not to be
turned into an android property, so skip it.

Change-Id: I79f6638b4123358c8d80510c1666cf5d4561160e
2015-11-08 17:51:50 -08:00
Daniel Cashman 27ff12443d Merge "init/adb: correct static lib dependencies for libselinux"
am: 38aee48fc6

* commit '38aee48fc695c25e15435e4ef235c8bc2e0afde9':
  init/adb: correct static lib dependencies for libselinux
2015-10-22 23:12:22 +00:00
Daniel Cashman 38aee48fc6 Merge "init/adb: correct static lib dependencies for libselinux" 2015-10-22 23:03:51 +00:00
William Roberts bd2d961cc2 init/adb: correct static lib dependencies for libselinux
Now that libselinux uses libpackagelistparser, in order
for libpackagelistparser to be properly statically linked
liblog must come after libselinux for all the liblog
references to be defined in libpackagelistparser which
is included in libselinux. This patch corrects that order.

Change-Id: I7aee10c9395310919779ed2463aab6b2f8b380cc
Signed-off-by: William Roberts <william.c.roberts@intel.com>
2015-10-22 15:21:26 -07:00
Dan Willemsen eea68c6f98 Merge "Remove __DATE__/__TIME__ from init and debuggerd"
am: 512b0e60b4

* commit '512b0e60b4fb33ec5535c1784a99a27539787790':
  Remove __DATE__/__TIME__ from init and debuggerd
2015-10-22 22:00:20 +00:00
Dan Willemsen 30622bbb20 Remove __DATE__/__TIME__ from init and debuggerd
Keeping these means that every build has different init and debuggerd
binaries, even if the source was the same. So OTAs that don't touch
these sources would still need to update the binaries.

Both of these messages are only informational, so can be safely removed.
Bootchart already encodes build-specific information from the system
properties.

Bug: 24204119
Change-Id: I7ebd65a20a3e031e7528c9f741616e20b3cd7446
2015-10-22 13:12:18 -07:00
Sami Tolvanen 234aedfaf1 am b8cc70a9: Merge "Error correction: Use libfec in fs_mgr"
* commit 'b8cc70a94bcbf7b920465d92da6889f0db6d6fa5':
  Error correction: Use libfec in fs_mgr
2015-10-16 05:53:55 +00:00
Sami Tolvanen 99e3a927e8 Error correction: Use libfec in fs_mgr
Use libfec to read and parse verity metadata to protect against data
corruption.

Bug: 21893453
Change-Id: I3a3543e0d999316707302b3be8735a7133d22946
2015-10-14 22:12:04 +01:00
Sami Tolvanen 415f1bdcbf am 4bd3148e: Merge "Revert "Error correction: Use libfec in fs_mgr""
* commit '4bd3148e0f509efb75256a01959c9c1af9ffa845':
  Revert "Error correction: Use libfec in fs_mgr"
2015-10-14 19:52:24 +00:00
Sami Tolvanen 0923453462 Revert "Error correction: Use libfec in fs_mgr"
This reverts commit 3de3a0f351.

Change-Id: I1f121cbc4431b8d8ff146eab29832a8dda1eb8ba
2015-10-14 19:46:16 +00:00
Sami Tolvanen 81ef65827c am a2cfddd3: Merge "Error correction: Use libfec in fs_mgr"
* commit 'a2cfddd37e950ed75d72e6a968d7be974aac405f':
  Error correction: Use libfec in fs_mgr
2015-10-14 16:40:33 +00:00
Sami Tolvanen 3de3a0f351 Error correction: Use libfec in fs_mgr
Use libfec to read and parse verity metadata to protect against data
corruption.

Bug: 21893453
Change-Id: Ieee6a1441e2f68148ba635235216e36c69b13db1
2015-10-13 15:53:25 +01:00
Nick Kralevich 545b7c9e39 am 2fb90dc8: Merge changes from topic \'userspace-audit\'
* commit '2fb90dc8b2b590e674c5e433e8bf3d3f08a887c8':
  debuggerd: audit pid, uid and gid on SE Linux denial
  property_service: log pid,uid and gid of setprop client
2015-10-10 20:11:08 +00:00
Nick Kralevich 2fb90dc8b2 Merge changes from topic 'userspace-audit'
* changes:
  debuggerd: audit pid, uid and gid on SE Linux denial
  property_service: log pid,uid and gid of setprop client
2015-10-10 20:07:24 +00:00
Elliott Hughes 17ac480df2 am 55793400: Merge "init shouldn\'t call DumpState by default."
* commit '55793400f20e5160eaab6c85e5df621f48373ec2':
  init shouldn't call DumpState by default.
2015-10-09 21:30:35 +00:00
Elliott Hughes 1946d3bca8 init shouldn't call DumpState by default.
The cost of generating and throwing away a bunch of stuff that no one
normally sees is high enough to be worth avoiding.

Here's AOSP ToT on N9...

 init: (Parsing /system/etc/init/atrace.rc took 0.0112s.)
 init: (Parsing /system/etc/init/bootanim.rc took 0.0094s.)
 init: (Parsing /system/etc/init/crash_reporter.rc took 0.0103s.)
 init: (Parsing /system/etc/init/debuggerd.rc took 0.0090s.)
 init: (Parsing /system/etc/init/debuggerd64.rc took 0.0085s.)
 init: (Parsing /system/etc/init/drmserver.rc took 0.0078s.)
 init: (Parsing /system/etc/init/dumpstate.rc took 0.0073s.)
 init: (Parsing /system/etc/init/gatekeeperd.rc took 0.0063s.)
 init: (Parsing /system/etc/init/installd.rc took 0.0067s.)
 init: (Parsing /system/etc/init/keystore.rc took 0.0060s.)
 init: (Parsing /system/etc/init/lmkd.rc took 0.0060s.)
 init: (Parsing /system/etc/init/logcatd.rc took 0.0059s.)
 init: (Parsing /system/etc/init/logd.rc took 0.0068s.)
 init: (Parsing /system/etc/init/mdnsd.rc took 0.0057s.)
 init: (Parsing /system/etc/init/mediaserver.rc took 0.0064s.)
 init: (Parsing /system/etc/init/metrics_daemon.rc took 0.0063s.)
 init: (Parsing /system/etc/init/mtpd.rc took 0.0055s.)
 init: (Parsing /system/etc/init/netd.rc took 0.0066s.)
 init: (Parsing /system/etc/init/perfprofd.rc took 0.0057s.)
 init: (Parsing /system/etc/init/racoon.rc took 0.0054s.)
 init: (Parsing /system/etc/init/rild.rc took 0.0061s.)
 init: (Parsing /system/etc/init/servicemanager.rc took 0.0063s.)
 init: (Parsing /system/etc/init/surfaceflinger.rc took 0.0061s.)
 init: (Parsing /system/etc/init/uncrypt.rc took 0.0068s.)
 init: (Parsing /system/etc/init/vdc.rc took 0.0065s.)
 init: (Parsing /system/etc/init/vold.rc took 0.0063s.)

0.0112+0.0094+0.0103+0.0090+0.0085+0.0078+0.0073+0.0063+0.0067+0.0060+
0.0060+0.0059+0.0068+0.0057+0.0064+0.0063+0.0055+0.0066+0.0057+0.0054+
0.0061+0.0063+0.0061+0.0068+0.0065+0.0063 = 0.1809

And here it is again with the logging disabled:

 init: (Parsing /system/etc/init/atrace.rc took 0.0021s.)
 init: (Parsing /system/etc/init/bootanim.rc took 0.0006s.)
 init: (Parsing /system/etc/init/crash_reporter.rc took 0.0007s.)
 init: (Parsing /system/etc/init/debuggerd.rc took 0.0004s.)
 init: (Parsing /system/etc/init/debuggerd64.rc took 0.0005s.)
 init: (Parsing /system/etc/init/drmserver.rc took 0.0005s.)
 init: (Parsing /system/etc/init/dumpstate.rc took 0.0005s.)
 init: (Parsing /system/etc/init/gatekeeperd.rc took 0.0005s.)
 init: (Parsing /system/etc/init/installd.rc took 0.0005s.)
 init: (Parsing /system/etc/init/keystore.rc took 0.0013s.)
 init: (Parsing /system/etc/init/lmkd.rc took 0.0006s.)
 init: (Parsing /system/etc/init/logcatd.rc took 0.0013s.)
 init: (Parsing /system/etc/init/logd.rc took 0.0007s.)
 init: (Parsing /system/etc/init/mdnsd.rc took 0.0005s.)
 init: (Parsing /system/etc/init/mediaserver.rc took 0.0009s.)
 init: (Parsing /system/etc/init/metrics_daemon.rc took 0.0008s.)
 init: (Parsing /system/etc/init/mtpd.rc took 0.0011s.)
 init: (Parsing /system/etc/init/netd.rc took 0.0005s.)
 init: (Parsing /system/etc/init/perfprofd.rc took 0.0005s.)
 init: (Parsing /system/etc/init/racoon.rc took 0.0005s.)
 init: (Parsing /system/etc/init/rild.rc took 0.0005s.)
 init: (Parsing /system/etc/init/servicemanager.rc took 0.0005s.)
 init: (Parsing /system/etc/init/surfaceflinger.rc took 0.0005s.)
 init: (Parsing /system/etc/init/uncrypt.rc took 0.0005s.)
 init: (Parsing /system/etc/init/vdc.rc took 0.0005s.)
 init: (Parsing /system/etc/init/vold.rc took 0.0006s.)

0.0021+0.0006+0.0007+0.0004+0.0005+0.0005+0.0005+0.0005+0.0005+0.0013+
0.0006+0.0013+0.0007+0.0005+0.0009+0.0008+0.0011+0.0005+0.0005+0.0005+
0.0005+0.0005+0.0005+0.0005+0.0005+0.0006 = 0.0181

It's less than a second, but one problem is that the cost of the current
dumping is proportional to the number of init.rc files, so the more
cleanly you factor things, the more it would cost.

Change-Id: Id96f59e7d0b082d8cfdba4bdbff43a922ba4eeee
2015-10-09 14:03:14 -07:00
William Roberts d7aea443d9 property_service: log pid,uid and gid of setprop client
When auditing setprop denials, it is often unclear of who the process is
in a multi-process domain. To help identify the invoker, log the pid, uid,
and gid of the caller.

Before:
avc:  denied  { set } for property=wifi.xxx ...

After:
avc:  denied  { set } for property=wifi.xxx pid=30691 uid=123 gid=345 ...

Change-Id: I5cdcb3d18fbd52e0987b5e1497b9f6620c6c742a
Signed-off-by: William Roberts <william.c.roberts@intel.com>
2015-10-05 11:39:56 -07:00
Yasuhiro Matsuda 4bc228e317 am f656b683: am ada7fa06: Merge "Fix perfboot.py to work with the recent change."
* commit 'f656b683a6a09dd2ed2934de2e1d5c2044c1fbe2':
  Fix perfboot.py to work with the recent change.
2015-09-16 02:58:28 +00:00
Yasuhiro Matsuda f656b683a6 am ada7fa06: Merge "Fix perfboot.py to work with the recent change."
* commit 'ada7fa063e4d8e2b8014a138bdf58d7729ce0ee9':
  Fix perfboot.py to work with the recent change.
2015-09-16 02:49:31 +00:00
Yasuhiro Matsuda 6ee194013a Fix perfboot.py to work with the recent change.
device.shell() was changed to return a (stdout, stderr) tuple in
the following CL.

https://android-review.googlesource.com/170420

This CL fixes perfboot.py to work with the return value.

Change-Id: I85d72fc63c1f96257fb19c3051482991a7b4049d
2015-09-15 14:00:10 +09:00
Tom Cherry a2bdc2d91e am f23ef77f: am 4aa9dbab: Merge "init: Update readme.txt to reflect recent changes to init."
* commit 'f23ef77ffe4700221bc47c70ea1b7f1473d0d902':
  init: Update readme.txt to reflect recent changes to init.
2015-09-02 19:48:22 +00:00
Tom Cherry f23ef77ffe am 4aa9dbab: Merge "init: Update readme.txt to reflect recent changes to init."
* commit '4aa9dbab6f78a1acae02d39b96fa572fbfc7b6ed':
  init: Update readme.txt to reflect recent changes to init.
2015-09-02 19:37:35 +00:00
Tom Cherry 3be66edc59 init: Update readme.txt to reflect recent changes to init.
Updates are as follows:

A detailed explanation of event triggers and property triggers
including how they can now be used

A new section describing .rc files, their locations, and the
intentions for each of these locations

A new section describing the import keyword and how it is not a
command but rather its own section

Removal of deprecated or incorrect text

Change-Id: If0a37375ac92a857900f3303ada4ba742360daff
2015-09-01 15:32:33 -07:00
Tom Cherry af20a7cb12 resolved conflicts for merge of cda81d01 to mnc-dr-dev-plus-aosp
Change-Id: I747b279bc49f9f82b8f8859c49b3fc2a4e3b4977
2015-09-01 15:30:56 -07:00
Tom Cherry cda81d01c6 am 54c70ca1: Merge "init: Use classes for parsing and clean up memory allocations"
* commit '54c70ca15660529466b5b4e091209a20a3e75dff':
  init: Use classes for parsing and clean up memory allocations
2015-09-01 21:42:01 +00:00
Tom Cherry b7349902a9 init: Use classes for parsing and clean up memory allocations
Create a Parser class that uses multiple SectionParser interfaces to
handle parsing the different sections of an init rc.

Create an ActionParser and ServiceParser that implement SectionParser
and parse the sections corresponding to Action and Service
classes.

Remove the legacy keyword structure and replace it with std::map's
that map keyword -> (minimum args, maximum args, function pointer) for
Commands and Service Options.

Create an ImportParser that implements SectionParser and handles the
import 'section'.

Clean up the unsafe memory handling of the Action class by using
std::unique_ptr.

Change-Id: Ic5ea5510cb956dbc3f78745a35096ca7d6da7085
2015-09-01 12:26:02 -07:00
Tom Cherry 25c22bb9e7 am 08a6775f: am 2d8be6c2: Merge "init: import init rc scripts from file systems after mount_all"
* commit '08a6775f8cdadf48e7b5f4f4d710180fda43b2b6':
  init: import init rc scripts from file systems after mount_all
2015-08-21 21:47:03 +00:00
Tom Cherry d64bf33890 am 08a6775f: am 2d8be6c2: Merge "init: import init rc scripts from file systems after mount_all"
* commit '08a6775f8cdadf48e7b5f4f4d710180fda43b2b6':
  init: import init rc scripts from file systems after mount_all
2015-08-21 21:44:37 +00:00
Tom Cherry c7676b5037 am 54b22ca2: am ff5be396: Merge changes from topic \'init-rc-breakup\'
* commit '54b22ca2488e4901265c99a42b5c5e0725a99199':
  init: Queue Triggers instead of Actions
  bundle init.rc contents with its service
2015-08-21 18:24:18 +00:00
Tom Cherry 60eb73ed6a am 54b22ca2: am ff5be396: Merge changes from topic \'init-rc-breakup\'
* commit '54b22ca2488e4901265c99a42b5c5e0725a99199':
  init: Queue Triggers instead of Actions
  bundle init.rc contents with its service
2015-08-21 18:20:22 +00:00
Tom Cherry b8dd0272e5 init: import init rc scripts from file systems after mount_all
Import /{system,vendor,odm}/etc/init/... after file systems are mounted

Bug: 23186545
Change-Id: Idb0cae9773f904c0330054c8b3e31eb87b2fb7cb
2015-08-21 10:14:43 -07:00
Tom Cherry cb716f976b init: Queue Triggers instead of Actions
When init queues a trigger, it actually enqueues all of the Actions
that match with that given trigger.  This works currently because
all init scripts are loaded and therefore all Actions are available
before init starts queueing any triggers.

To support loading init scripts after init has started queueing
triggers, this change enqueues Trigger objects instead of their
matching Actions.  Each Trigger object then matches its associated
Actions during its execution.

Additionally, this makes a few cosmetic clean ups related to triggers.

Bug: 23186545
Change-Id: I5d177458e6df1c4b32b1072cf77e87ef952c87e4
2015-08-21 10:14:43 -07:00
Yusuke Sato 2ef82cffad am d1b11a04: am e656be33: Merge "Add |opts| argument to android_fork_execvp_ext"
* commit 'd1b11a04903be74ba6a47307d8c3ef2731e3f4ab':
  Add |opts| argument to android_fork_execvp_ext
2015-08-19 22:31:08 +00:00
Yusuke Sato 9962b04d00 am d1b11a04: am e656be33: Merge "Add |opts| argument to android_fork_execvp_ext"
* commit 'd1b11a04903be74ba6a47307d8c3ef2731e3f4ab':
  Add |opts| argument to android_fork_execvp_ext
2015-08-19 22:20:29 +00:00
Yusuke Sato d81c3c6c45 Add |opts| argument to android_fork_execvp_ext
to allow the caller to send data to the child's stdin.

Bug: 21725996
Change-Id: I818f5cf61045286c8d64a91b6d50f05740329be1
2015-08-19 11:00:37 -07:00
Yusuke Sato c52f66b548 am 885400fd: am 4d09db9d: Merge "perfboot.py: Add --end-tag option"
* commit '885400fdbabf9850bd680725c591cc00f2aa71fe':
  perfboot.py: Add --end-tag option
2015-08-18 05:55:34 +00:00
Yusuke Sato 8e9a1ae593 am 885400fd: am 4d09db9d: Merge "perfboot.py: Add --end-tag option"
* commit '885400fdbabf9850bd680725c591cc00f2aa71fe':
  perfboot.py: Add --end-tag option
2015-08-18 05:55:28 +00:00
Yusuke Sato 3966ebb74d perfboot.py: Add --end-tag option
The current behavior, which is to use tags[-1] for end_tag, is good
enough in most cases, but sometime it makes more sense to use a
different one as end_tag.

For example, when optimizing APK scanning code in package manager,
using 'boot_progress_pms_scan_end' as end_tag would give us quicker
benchmark iterations as well as more relevant numbers possibly with
a smaller standard deviation.

Change-Id: Ic6371c936b36d1d87e9742502fd8958682a3b7d5
2015-08-17 22:07:34 -07:00
Nick Kralevich d717f86a3e am 64c30a79: am 084c00b8: Merge "init: add LOCAL_SANITIZE := integer"
* commit '64c30a79def4dc29749a86c00a970243a2a45f1e':
  init: add LOCAL_SANITIZE := integer
2015-08-17 01:15:17 +00:00
Nick Kralevich d7f0a73f8d am 64c30a79: am 084c00b8: Merge "init: add LOCAL_SANITIZE := integer"
* commit '64c30a79def4dc29749a86c00a970243a2a45f1e':
  init: add LOCAL_SANITIZE := integer
2015-08-17 01:15:05 +00:00
Nick Kralevich 084c00b804 Merge "init: add LOCAL_SANITIZE := integer" 2015-08-16 15:37:35 +00:00