History log of /system/core/init/util.cpp
Revision Date Author Comments (<<< Hide modified files) (Show modified files >>>)
1635afe83d1ebd6b5f1fac1e9c6c6b5cd1c93204 16-Jul-2016 Jeff Sharkey <jsharkey@android.com> Only restorecon CE storage after unlocked.

On FBE devices, the filenames inside credential-encrypted directories
are mangled until the key is installed. This means the initial
restorecon at boot needs to skip these directories until the keys
are installed.

This CL changes the implementation of the "restorecon_recursive"
built-in command to use the new SKIPCE flag to avoid labeling files
in CE directories. vold will request a restorecon when the keys
are actually installed.

Bug: 30126557
Change-Id: I320584574a4d712c493b5bbd8a79b56c0c04aa58
/system/core/init/util.cpp
109d7d23c57dd740af188109ee84ef5fae14617a 07-Jun-2016 Mark Salyzyn <salyzyn@google.com> init: Add support for ${x.y:-default} expansion

commit 00ede7d2626f9343d330dc6f5286bba3e99e41d0 (init: do
expand_props before calling the builtins) broke logpersist

Bug: 28120456
Bug: 22654233
Bug: 28788401
Change-Id: Ib4d8231665b26ac083b02243177493fab41c8978
/system/core/init/util.cpp
ab5629c197ae278992039a9685df047fe34232b8 25-Feb-2016 Nick Kralevich <nnk@google.com> init: harden socket creation against symlinks

Instead of using chown, use the symlink safe lchown.

Instead of using chmod, use the symlink safe fchmodat
with AT_SYMLINK_NOFOLLOW.

Fix a bug where the SELinux filesystem creation context may
not be restored, and some memory not freed, if bind() fails.

Check the return values from the chown/chmod calls and unlink
the files if it ever fails.

Bug: 27337831
Change-Id: I3343786f5a4eefda7bbb8317f2eca16bd21003c0
/system/core/init/util.cpp
4f71319df011d796a60a43fc1bc68e16fbf7d321 05-Dec-2015 Elliott Hughes <enh@google.com> Track rename of base/ to android-base/.

Change-Id: Idf9444fece4aa89c93e15640de59a91f6e758ccf
/system/core/init/util.cpp
83ccb1c76b2b88f62bfba2c58e2edd419b089756 24-Nov-2015 Nick Kralevich <nnk@google.com> init: Don't ignore setsockcreatecon errors

The init language supports setting the creation context of a socket
as the 6th argument to the socket keyword. For example, in the
following service, the context associated with the netd socket
is u:r:netd:s0

service netd /system/bin/netd
class main
socket netd stream 0660 root system u:r:netd:s0
socket dnsproxyd stream 0660 root inet
socket mdns stream 0660 root system
socket fwmarkd stream 0660 root inet

The 6 argument form of the socket statement is rarely if ever used,
since the init code supplies a sensible default.

Currently, there's no error checking on the value supplied as
the 6th argument. For example, if you have the following socket
statement:

socket netd stream 0660 root system graphics

a socket will attempt to get created with an invalid "graphics"
context. When setsockcreatecon fails, it retains the default socket
creation context, which for init is u:r:init:s0. This results in a
socket being created which is in an unexpected context.

Check the return value from the setsockcreatecon() call. If an
invalid context is specified, return early and don't subsequently
attempt to create the socket with the default context.

Bug: 25851205
Change-Id: Ic66cd6f7efe3897fb247b587ddeac5d35e1602b7
/system/core/init/util.cpp
cda81d01c6d8df84c67e5a2391356bb8407921dc 01-Sep-2015 Tom Cherry <tomcherry@google.com> am 54c70ca1: Merge "init: Use classes for parsing and clean up memory allocations"

* commit '54c70ca15660529466b5b4e091209a20a3e75dff':
init: Use classes for parsing and clean up memory allocations
b7349902a945903f9e36a569051f5131beb0bc24 26-Aug-2015 Tom Cherry <tomcherry@google.com> init: Use classes for parsing and clean up memory allocations

Create a Parser class that uses multiple SectionParser interfaces to
handle parsing the different sections of an init rc.

Create an ActionParser and ServiceParser that implement SectionParser
and parse the sections corresponding to Action and Service
classes.

Remove the legacy keyword structure and replace it with std::map's
that map keyword -> (minimum args, maximum args, function pointer) for
Commands and Service Options.

Create an ImportParser that implements SectionParser and handles the
import 'section'.

Clean up the unsafe memory handling of the Action class by using
std::unique_ptr.

Change-Id: Ic5ea5510cb956dbc3f78745a35096ca7d6da7085
/system/core/init/util.cpp
42f669a144e2b92ff7473f802af66cd65dfd2a68 28-Jul-2015 Lee Campbell <leecam@google.com> am f75b5ff1: am fe39394e: Merge "init: Adding support to import directories"

* commit 'f75b5ff17529e3eb163b9c7c49fc49842d443126':
init: Adding support to import directories
f13b1b31399aa501514eb9beeef303d1ae2e0e14 25-Jul-2015 Lee Campbell <leecam@google.com> init: Adding support to import directories

Support added so init scripts can now import directories.

BUG: 22721249
Change-Id: I02b566bfb50ea84469f1ea0c6ad205435a1df286
TEST: Tested importing a folder on arm64 emulator
/system/core/init/util.cpp
7cba86656964f464c7500809c81bcb52f15b6759 19-Jun-2015 Nick Kralevich <nnk@google.com> am 8d855ba9: am d2e7f002: Merge "init/util.cpp: don\'t return a negative unsigned value"

* commit '8d855ba983d7e794fd75a20557ee92f4f8db2465':
init/util.cpp: don't return a negative unsigned value
d2104df69b464721a17c21b4cd27931dc3bca612 19-Jun-2015 Nick Kralevich <nnk@google.com> init/util.cpp: don't return a negative unsigned value

android_name_to_id() returns -1U on error, which causes a
crash when the following clang options are enabled:

-fsanitize=signed-integer-overflow,unsigned-integer-overflow
-ftrap-function=abort
-fsanitize-undefined-trap-on-error

Rather than returning a negative unsigned value (which doesn't
make a lot of sense, IMHO), return a positive unsigned value.

While we're here, add logging on decode_uid failures.

Bug: 21880301
Change-Id: I652e4c1daa07c7494cceca2b4e1656b9158f2604
/system/core/init/util.cpp
af02e2403af69769daee9ad4a06901bb3a05ac8d 27-May-2015 Elliott Hughes <enh@google.com> am 9fc83437: Don\'t use TEMP_FAILURE_RETRY on close in system/core.

* commit '9fc834377297cb2dcc418e4ce7e38e89dd09812b':
Don't use TEMP_FAILURE_RETRY on close in system/core.
9fc834377297cb2dcc418e4ce7e38e89dd09812b 16-May-2015 Elliott Hughes <enh@google.com> Don't use TEMP_FAILURE_RETRY on close in system/core.

Bug: http://b/20501816
Change-Id: I1839b48ee4f891b8431ecb809e37a4566a5b3e50
(cherry picked from commit 47b0134ec2b5e8c8b5b5671cd4a3e41261275532)
/system/core/init/util.cpp
604e75449d8a2138c920b2497c21dc400983f544 23-May-2015 Thierry Strudel <tstrudel@google.com> am 91cf41cf: init: wait_for_file use smaller time resolution

* commit '91cf41cf43847930a8e55b3789d4943a8e22f73a':
init: wait_for_file use smaller time resolution
91cf41cf43847930a8e55b3789d4943a8e22f73a 23-May-2015 Thierry Strudel <tstrudel@google.com> init: wait_for_file use smaller time resolution

As 1s timeout can be requested, using second resolution time to check
for timeout prevent from being accurate on the actual time we wait.
Use available gettime_ns instead.

Bug: 21374269
Change-Id: I8be1b69e02beacc7196427f97855e036addf54d1
Signed-off-by: Thierry Strudel <tstrudel@google.com>
/system/core/init/util.cpp
47b0134ec2b5e8c8b5b5671cd4a3e41261275532 16-May-2015 Elliott Hughes <enh@google.com> Don't use TEMP_FAILURE_RETRY on close in system/core.

Bug: http://b/20501816
Change-Id: I1839b48ee4f891b8431ecb809e37a4566a5b3e50
/system/core/init/util.cpp
2550355ceb2bd5e2815f333067e0ccff11fbf275 13-May-2015 Elliott Hughes <enh@google.com> resolved conflicts for merge of d410a9b3 to mnc-dev-plus-aosp

Change-Id: I2e8e6c9a2024e0a753d3912111ccd1c2bfbfef10
cce7e93b287835ffe9cdc3dad3fac52972d84560 12-May-2015 Tom Cherry <tomcherry@google.com> Fix insmod module size

read_file() used to append a new line character to the end of the buffer it
returns, because parse_config() isn't able to cope with input that's not
'\n'-terminated. Fix read_file() to be less insane, and push the workarounds
into the parse_config() callers.

Longer term we should rewrite parse_config().

Bug: http://b/21079470
Change-Id: Ie9d9a7adcd33b66621726aef20c4b8cc51c08be7
(cherry picked from commit eaa3b4ec6f79fe06163b8dd6fe8ba2581d3b9c0b)
/system/core/init/util.cpp
eaa3b4ec6f79fe06163b8dd6fe8ba2581d3b9c0b 12-May-2015 Tom Cherry <tomcherry@google.com> Fix insmod module size

read_file() used to append a new line character to the end of the buffer it
returns, because parse_config() isn't able to cope with input that's not
'\n'-terminated. Fix read_file() to be less insane, and push the workarounds
into the parse_config() callers.

Longer term we should rewrite parse_config().

Change-Id: Ie9d9a7adcd33b66621726aef20c4b8cc51c08be7
/system/core/init/util.cpp
b7f8b91040cc0910ca12b51ad7318515595705af 09-May-2015 Andres Morales <anmorales@google.com> am 86aeb11e: Merge "load ro.recovery_id property from recovery partition" into mnc-dev

* commit '86aeb11ed047b3698948c4eee8fbaccd20131ecb':
load ro.recovery_id property from recovery partition
cb3fce80fafa2848fd4962d9f242c21eef3d82f9 08-May-2015 Andres Morales <anmorales@google.com> load ro.recovery_id property from recovery partition

Change-Id: I9dc1f325e353375d9c1c8ed949636e2404601076
(cherry picked from commit db5f5d43679546ecde2b85151c0a8b8ccd605b07)
/system/core/init/util.cpp
db5f5d43679546ecde2b85151c0a8b8ccd605b07 08-May-2015 Andres Morales <anmorales@google.com> load ro.recovery_id property from recovery partition

Change-Id: I9dc1f325e353375d9c1c8ed949636e2404601076
/system/core/init/util.cpp
fdf2546ae7f5a58a0f846acd17c943cd9a2dadd8 07-May-2015 Elliott Hughes <enh@google.com> am a5aa7a11: am 55c2e1f4: Merge "Clean up init /proc/cmdline handling."

* commit 'a5aa7a11266f1d407275b78981fc864c6c863358':
Clean up init /proc/cmdline handling.
e5ce30fed81d1918a259be092dcd8bfffc3c2649 07-May-2015 Elliott Hughes <enh@google.com> Clean up init /proc/cmdline handling.

Helped debug a problem where the N9 bootloader incorrectly
concatenated the various command lines.

Bug: http://b/20906691
Change-Id: I0580b06f4185129c7eedf0bdf74b5ce17f88bf9c
/system/core/init/util.cpp
eab1e21996884fb1918e696efd21c175d96f6195 27-Apr-2015 Nick Kralevich <nnk@google.com> am ecf184c9: am 9c9280d8: Merge "init: get rid of the remaining double mounts"

* commit 'ecf184c901b78994773d687763c1478752e9375e':
init: get rid of the remaining double mounts
14adea307d86507fabdbb61a1ca27cf846f1f73e 27-Apr-2015 Nick Kralevich <nnk@google.com> am 45a49d0e: am ccac2be8: Merge "init: use SELinux /dev/null if available"

* commit '45a49d0eb7e2e9fc3d2c48884c84f6a6c7397720':
init: use SELinux /dev/null if available
ada332e4a01a3bb290be26f8a5b67993bd10af14 26-Apr-2015 Nick Kralevich <nnk@google.com> am ecf184c9: am 9c9280d8: Merge "init: get rid of the remaining double mounts"

* commit 'ecf184c901b78994773d687763c1478752e9375e':
init: get rid of the remaining double mounts
ec9bd166cc406d8079b7d33d04b3e04708183d96 26-Apr-2015 Nick Kralevich <nnk@google.com> am 45a49d0e: am ccac2be8: Merge "init: use SELinux /dev/null if available"

* commit '45a49d0eb7e2e9fc3d2c48884c84f6a6c7397720':
init: use SELinux /dev/null if available
f667a3247a7e814355feedbc08c6bbc92a9409b5 26-Apr-2015 Nick Kralevich <nnk@google.com> init: get rid of the remaining double mounts

Don't double mount /dev and its subdirectories anymore. Instead, the
first stage init is solely responsible for mounting it.

Don't have init prepare the property space. This is the responsibility
of the second stage init.

Don't have SELinux use the property space to determine how we should
be running. Instead, create a new function and extract the data we
need directly from /proc/cmdline. SELinux needs this information in
the first stage init process where the property service isn't available.

Change-Id: I5b4f3bec79463a7381a68f30bdda78b5cc122a96
/system/core/init/util.cpp
e34577ce1bd4a8de53ff3d9178b4f78c86086dc8 26-Apr-2015 Nick Kralevich <nnk@google.com> init: use SELinux /dev/null if available

SELinux provides it's own /dev/null character device at
/sys/fs/selinux/null. This character device is exactly the same
as /dev/null, including the same major/minor numbers, and can
be used wherever /dev/null is used.

Use /sys/fs/selinux/null instead of trying to create our own
/dev/__null__ device. This moves us one step closer to eliminating
all uses of mknod() by init.

/sys/fs/selinux/null is only available once the /sys/fs/selinux filesystem
is mounted. It's not available to the first stage init, so we
still have to fall back to mknod then.

Change-Id: Ic733767ea6220a130537de33cc478ae79578ce20
/system/core/init/util.cpp
2ae7d4eefddf2cd7ac4bba60fb6d057e2b01731b 26-Apr-2015 Nick Kralevich <nnk@google.com> am 6b6df173: am f8b0743e: Merge "init: fix write_file checkreqprot logic error"

* commit '6b6df1733711ace006e0f4f9d44c718f85d2f70d':
init: fix write_file checkreqprot logic error
eedbe81f753fd19e5eb2238187c5618e9153bf55 25-Apr-2015 Nick Kralevich <nnk@google.com> init: fix write_file checkreqprot logic error

write_file() returned -errno on error, not -1. Callers who check for
-1 would falsely believe that the write was successful when it wasn't.
Fixup write_file so that it return -1 on error consistent
with other functions.

Change-Id: Ic51aaf8678d8d97b2606bd171f11b3b11f642e39
/system/core/init/util.cpp
438443e742d9cfb91c1193144a3b41744ffad34b 14-Apr-2015 Ed Tam <etam@google.com> resolved conflicts for merge of 79f33846 to lmp-mr1-dev-plus-aosp

Change-Id: I24c60a2747931917a3ea09b953905ce0f4145280
da40c00137f75543a69972f1be506e2d14a41845 28-Mar-2015 Elliott Hughes <enh@google.com> Log more timing information from init.

Also make important events in init's life NOTICE rather than INFO,
and ensure that NOTICE events actually make it to the kernel log.

Also fix the logging so that if you have a printf format string
error, the compiler now catches it.

Also give messages from init, ueventd, and watchdogd distinct tags.
(Previously they'd all call themselves "init", and dmesg doesn't
include pids, so you couldn't untangle them.)

Also include the tag in SELinux messages.

Bug: 19544788
Change-Id: Ica6daea065bfdb80155c52c0b06f346a7df208fe
/system/core/init/util.cpp
bbc01d825448a738160716f95d9cc38f2be5f4f1 20-Mar-2015 Elliott Hughes <enh@google.com> Merge "Remove /proc/cpuinfo parsing"
c007bc3856a4cf86b8f610eb045f26a9dedc2894 16-Mar-2015 Dan Albert <danalbert@google.com> Revert "Revert "Create libbase.""

This reverts commit a7870d88167f619e758b5bcd15b410d16da7c16b.
/system/core/init/util.cpp
a7870d88167f619e758b5bcd15b410d16da7c16b 16-Mar-2015 Nicolas Geoffray <ngeoffray@google.com> Revert "Create libbase."

Breaks internal master.

This reverts commit 98ff77204cef9bb8f0f27420833233622060a09e.

Change-Id: I18dc6021cb43efff8aa88486c2d980dc2b8eedba
/system/core/init/util.cpp
98ff77204cef9bb8f0f27420833233622060a09e 14-Mar-2015 Dan Albert <danalbert@google.com> Create libbase.

Move StringPrintf and the string based file I/O from libutils to
libbase.

Change-Id: I0297a6063874b9d92100e0dd5123fddfbda932fe
/system/core/init/util.cpp
74b34f3cb79aa8f2c5ba6a9dcc46d0dd84cdac86 28-Feb-2015 Rom Lemarchand <romlem@android.com> Remove /proc/cpuinfo parsing

- Clean up the paths for ro.revision and ro.hardware parsing
- Use ro.hardwre in ueventd instead of parsing the kernel command line

(cherry-pick of 38b340a52f8e864650db8bae1eb88d5c00485db0.)

Bug: 19366018
Change-Id: I018a293f3d46e736a8b65132b5b00b0f7c20edae
/system/core/init/util.cpp
f682b4786a4093efb23bf80d69bf80eb274b145b 06-Feb-2015 Elliott Hughes <enh@google.com> Clean up reading and writing in init.

This isn't particularly useful in and of itself, but it does introduce the
first (trivial) unit test, improves the documentation (including details
about how to debug init crashes), and made me aware of how unpleasant the
existing parser is.

I also fixed a bug in passing --- unless you thought the "peboot" and "pm"
commands were features...

Bug: 19217569
Change-Id: I6ab76129a543ce3ed3dab52ef2c638009874c3de
/system/core/init/util.cpp
24627906bfee8c4a9eede3deefd12365a78351bf 04-Feb-2015 Elliott Hughes <enh@google.com> Use TEMP_FAILURE_RETRY, always build bootchart.cpp.

Also switch the revision parsing over to sscanf as promised. I haven't
done the hardware parsing because I don't yet know whether we actually need
to keep the space-stripping code.

Change-Id: Ic33378345cd515cb08d00c543acf44eb72673396
/system/core/init/util.cpp
f3cf438714aa1284d8a58e2f3b108ba93f6d3abb 04-Feb-2015 Elliott Hughes <enh@google.com> Build init as C++.

This is just the minimal change to keep it building.

Change-Id: I245c5b8413a1db114576c81462eb5737f5ffcef2
/system/core/init/util.cpp