init.cpp revision fc86f2442f99fcfc43527531768f69f56596f24a
1/* 2 * Copyright (C) 2008 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17#include <ctype.h> 18#include <dirent.h> 19#include <errno.h> 20#include <fcntl.h> 21#include <inttypes.h> 22#include <libgen.h> 23#include <paths.h> 24#include <signal.h> 25#include <stdarg.h> 26#include <stdio.h> 27#include <stdlib.h> 28#include <string.h> 29#include <sys/epoll.h> 30#include <sys/mount.h> 31#include <sys/socket.h> 32#include <sys/stat.h> 33#include <sys/sysmacros.h> 34#include <sys/types.h> 35#include <sys/un.h> 36#include <sys/wait.h> 37#include <unistd.h> 38 39#include <selinux/selinux.h> 40#include <selinux/label.h> 41#include <selinux/android.h> 42 43#include <android-base/file.h> 44#include <android-base/stringprintf.h> 45#include <android-base/strings.h> 46#include <cutils/fs.h> 47#include <cutils/iosched_policy.h> 48#include <cutils/list.h> 49#include <cutils/sockets.h> 50#include <private/android_filesystem_config.h> 51 52#include <fstream> 53#include <memory> 54 55#include "action.h" 56#include "bootchart.h" 57#include "devices.h" 58#include "fs_mgr.h" 59#include "import_parser.h" 60#include "init.h" 61#include "init_parser.h" 62#include "keychords.h" 63#include "log.h" 64#include "property_service.h" 65#include "service.h" 66#include "signal_handler.h" 67#include "ueventd.h" 68#include "util.h" 69#include "watchdogd.h" 70 71using android::base::StringPrintf; 72 73struct selabel_handle *sehandle; 74struct selabel_handle *sehandle_prop; 75 76static int property_triggers_enabled = 0; 77 78static char qemu[32]; 79 80std::string default_console = "/dev/console"; 81static time_t process_needs_restart_at; 82 83const char *ENV[32]; 84 85bool waiting_for_exec = false; 86 87static int epoll_fd = -1; 88 89static std::unique_ptr<Timer> waiting_for_prop(nullptr); 90static std::string wait_prop_name; 91static std::string wait_prop_value; 92 93void register_epoll_handler(int fd, void (*fn)()) { 94 epoll_event ev; 95 ev.events = EPOLLIN; 96 ev.data.ptr = reinterpret_cast<void*>(fn); 97 if (epoll_ctl(epoll_fd, EPOLL_CTL_ADD, fd, &ev) == -1) { 98 PLOG(ERROR) << "epoll_ctl failed"; 99 } 100} 101 102/* add_environment - add "key=value" to the current environment */ 103int add_environment(const char *key, const char *val) 104{ 105 size_t n; 106 size_t key_len = strlen(key); 107 108 /* The last environment entry is reserved to terminate the list */ 109 for (n = 0; n < (arraysize(ENV) - 1); n++) { 110 111 /* Delete any existing entry for this key */ 112 if (ENV[n] != NULL) { 113 size_t entry_key_len = strcspn(ENV[n], "="); 114 if ((entry_key_len == key_len) && (strncmp(ENV[n], key, entry_key_len) == 0)) { 115 free((char*)ENV[n]); 116 ENV[n] = NULL; 117 } 118 } 119 120 /* Add entry if a free slot is available */ 121 if (ENV[n] == NULL) { 122 char* entry; 123 asprintf(&entry, "%s=%s", key, val); 124 ENV[n] = entry; 125 return 0; 126 } 127 } 128 129 LOG(ERROR) << "No env. room to store: '" << key << "':'" << val << "'"; 130 131 return -1; 132} 133 134bool wait_property(const char *name, const char *value) 135{ 136 if (waiting_for_prop) { 137 return false; 138 } 139 if (property_get(name) != value) { 140 // Current property value is not equal to expected value 141 wait_prop_name = name; 142 wait_prop_value = value; 143 waiting_for_prop.reset(new Timer()); 144 } else { 145 LOG(INFO) << "wait_property(\"" << name << "\", \"" << value << "\"): already set"; 146 } 147 return true; 148} 149 150void property_changed(const char *name, const char *value) 151{ 152 if (property_triggers_enabled) 153 ActionManager::GetInstance().QueuePropertyTrigger(name, value); 154 if (waiting_for_prop) { 155 if (wait_prop_name == name && wait_prop_value == value) { 156 wait_prop_name.clear(); 157 wait_prop_value.clear(); 158 LOG(INFO) << "Wait for property took " << *waiting_for_prop; 159 waiting_for_prop.reset(); 160 } 161 } 162} 163 164static void restart_processes() 165{ 166 process_needs_restart_at = 0; 167 ServiceManager::GetInstance().ForEachServiceWithFlags(SVC_RESTARTING, [](Service* s) { 168 s->RestartIfNeeded(&process_needs_restart_at); 169 }); 170} 171 172void handle_control_message(const std::string& msg, const std::string& name) { 173 Service* svc = ServiceManager::GetInstance().FindServiceByName(name); 174 if (svc == nullptr) { 175 LOG(ERROR) << "no such service '" << name << "'"; 176 return; 177 } 178 179 if (msg == "start") { 180 svc->Start(); 181 } else if (msg == "stop") { 182 svc->Stop(); 183 } else if (msg == "restart") { 184 svc->Restart(); 185 } else { 186 LOG(ERROR) << "unknown control msg '" << msg << "'"; 187 } 188} 189 190static int wait_for_coldboot_done_action(const std::vector<std::string>& args) { 191 Timer t; 192 193 LOG(VERBOSE) << "Waiting for " COLDBOOT_DONE "..."; 194 195 // Historically we had a 1s timeout here because we weren't otherwise 196 // tracking boot time, and many OEMs made their sepolicy regular 197 // expressions too expensive (http://b/19899875). 198 199 // Now we're tracking boot time, just log the time taken to a system 200 // property. We still panic if it takes more than a minute though, 201 // because any build that slow isn't likely to boot at all, and we'd 202 // rather any test lab devices fail back to the bootloader. 203 if (wait_for_file(COLDBOOT_DONE, 60s) < 0) { 204 LOG(ERROR) << "Timed out waiting for " COLDBOOT_DONE; 205 panic(); 206 } 207 208 property_set("ro.boottime.init.cold_boot_wait", std::to_string(t.duration_ms()).c_str()); 209 return 0; 210} 211 212/* 213 * Writes 512 bytes of output from Hardware RNG (/dev/hw_random, backed 214 * by Linux kernel's hw_random framework) into Linux RNG's via /dev/urandom. 215 * Does nothing if Hardware RNG is not present. 216 * 217 * Since we don't yet trust the quality of Hardware RNG, these bytes are not 218 * mixed into the primary pool of Linux RNG and the entropy estimate is left 219 * unmodified. 220 * 221 * If the HW RNG device /dev/hw_random is present, we require that at least 222 * 512 bytes read from it are written into Linux RNG. QA is expected to catch 223 * devices/configurations where these I/O operations are blocking for a long 224 * time. We do not reboot or halt on failures, as this is a best-effort 225 * attempt. 226 */ 227static int mix_hwrng_into_linux_rng_action(const std::vector<std::string>& args) 228{ 229 int result = -1; 230 int hwrandom_fd = -1; 231 int urandom_fd = -1; 232 char buf[512]; 233 ssize_t chunk_size; 234 size_t total_bytes_written = 0; 235 236 hwrandom_fd = TEMP_FAILURE_RETRY( 237 open("/dev/hw_random", O_RDONLY | O_NOFOLLOW | O_CLOEXEC)); 238 if (hwrandom_fd == -1) { 239 if (errno == ENOENT) { 240 LOG(ERROR) << "/dev/hw_random not found"; 241 // It's not an error to not have a Hardware RNG. 242 result = 0; 243 } else { 244 PLOG(ERROR) << "Failed to open /dev/hw_random"; 245 } 246 goto ret; 247 } 248 249 urandom_fd = TEMP_FAILURE_RETRY( 250 open("/dev/urandom", O_WRONLY | O_NOFOLLOW | O_CLOEXEC)); 251 if (urandom_fd == -1) { 252 PLOG(ERROR) << "Failed to open /dev/urandom"; 253 goto ret; 254 } 255 256 while (total_bytes_written < sizeof(buf)) { 257 chunk_size = TEMP_FAILURE_RETRY( 258 read(hwrandom_fd, buf, sizeof(buf) - total_bytes_written)); 259 if (chunk_size == -1) { 260 PLOG(ERROR) << "Failed to read from /dev/hw_random"; 261 goto ret; 262 } else if (chunk_size == 0) { 263 LOG(ERROR) << "Failed to read from /dev/hw_random: EOF"; 264 goto ret; 265 } 266 267 chunk_size = TEMP_FAILURE_RETRY(write(urandom_fd, buf, chunk_size)); 268 if (chunk_size == -1) { 269 PLOG(ERROR) << "Failed to write to /dev/urandom"; 270 goto ret; 271 } 272 total_bytes_written += chunk_size; 273 } 274 275 LOG(INFO) << "Mixed " << total_bytes_written << " bytes from /dev/hw_random into /dev/urandom"; 276 result = 0; 277 278ret: 279 if (hwrandom_fd != -1) { 280 close(hwrandom_fd); 281 } 282 if (urandom_fd != -1) { 283 close(urandom_fd); 284 } 285 return result; 286} 287 288static void security_failure() { 289 LOG(ERROR) << "Security failure..."; 290 panic(); 291} 292 293static bool set_highest_available_option_value(std::string path, int min, int max) 294{ 295 std::ifstream inf(path, std::fstream::in); 296 if (!inf) { 297 LOG(ERROR) << "Cannot open for reading: " << path; 298 return false; 299 } 300 301 int current = max; 302 while (current >= min) { 303 // try to write out new value 304 std::string str_val = std::to_string(current); 305 std::ofstream of(path, std::fstream::out); 306 if (!of) { 307 LOG(ERROR) << "Cannot open for writing: " << path; 308 return false; 309 } 310 of << str_val << std::endl; 311 of.close(); 312 313 // check to make sure it was recorded 314 inf.seekg(0); 315 std::string str_rec; 316 inf >> str_rec; 317 if (str_val.compare(str_rec) == 0) { 318 break; 319 } 320 current--; 321 } 322 inf.close(); 323 324 if (current < min) { 325 LOG(ERROR) << "Unable to set minimum option value " << min << " in " << path; 326 return false; 327 } 328 return true; 329} 330 331#define MMAP_RND_PATH "/proc/sys/vm/mmap_rnd_bits" 332#define MMAP_RND_COMPAT_PATH "/proc/sys/vm/mmap_rnd_compat_bits" 333 334/* __attribute__((unused)) due to lack of mips support: see mips block 335 * in set_mmap_rnd_bits_action */ 336static bool __attribute__((unused)) set_mmap_rnd_bits_min(int start, int min, bool compat) { 337 std::string path; 338 if (compat) { 339 path = MMAP_RND_COMPAT_PATH; 340 } else { 341 path = MMAP_RND_PATH; 342 } 343 344 return set_highest_available_option_value(path, min, start); 345} 346 347/* 348 * Set /proc/sys/vm/mmap_rnd_bits and potentially 349 * /proc/sys/vm/mmap_rnd_compat_bits to the maximum supported values. 350 * Returns -1 if unable to set these to an acceptable value. 351 * 352 * To support this sysctl, the following upstream commits are needed: 353 * 354 * d07e22597d1d mm: mmap: add new /proc tunable for mmap_base ASLR 355 * e0c25d958f78 arm: mm: support ARCH_MMAP_RND_BITS 356 * 8f0d3aa9de57 arm64: mm: support ARCH_MMAP_RND_BITS 357 * 9e08f57d684a x86: mm: support ARCH_MMAP_RND_BITS 358 * ec9ee4acd97c drivers: char: random: add get_random_long() 359 * 5ef11c35ce86 mm: ASLR: use get_random_long() 360 */ 361static int set_mmap_rnd_bits_action(const std::vector<std::string>& args) 362{ 363 int ret = -1; 364 365 /* values are arch-dependent */ 366#if defined(__aarch64__) 367 /* arm64 supports 18 - 33 bits depending on pagesize and VA_SIZE */ 368 if (set_mmap_rnd_bits_min(33, 24, false) 369 && set_mmap_rnd_bits_min(16, 16, true)) { 370 ret = 0; 371 } 372#elif defined(__x86_64__) 373 /* x86_64 supports 28 - 32 bits */ 374 if (set_mmap_rnd_bits_min(32, 32, false) 375 && set_mmap_rnd_bits_min(16, 16, true)) { 376 ret = 0; 377 } 378#elif defined(__arm__) || defined(__i386__) 379 /* check to see if we're running on 64-bit kernel */ 380 bool h64 = !access(MMAP_RND_COMPAT_PATH, F_OK); 381 /* supported 32-bit architecture must have 16 bits set */ 382 if (set_mmap_rnd_bits_min(16, 16, h64)) { 383 ret = 0; 384 } 385#elif defined(__mips__) || defined(__mips64__) 386 // TODO: add mips support b/27788820 387 ret = 0; 388#else 389 LOG(ERROR) << "Unknown architecture"; 390#endif 391 392 if (ret == -1) { 393 LOG(ERROR) << "Unable to set adequate mmap entropy value!"; 394 security_failure(); 395 } 396 return ret; 397} 398 399#define KPTR_RESTRICT_PATH "/proc/sys/kernel/kptr_restrict" 400#define KPTR_RESTRICT_MINVALUE 2 401#define KPTR_RESTRICT_MAXVALUE 4 402 403/* Set kptr_restrict to the highest available level. 404 * 405 * Aborts if unable to set this to an acceptable value. 406 */ 407static int set_kptr_restrict_action(const std::vector<std::string>& args) 408{ 409 std::string path = KPTR_RESTRICT_PATH; 410 411 if (!set_highest_available_option_value(path, KPTR_RESTRICT_MINVALUE, KPTR_RESTRICT_MAXVALUE)) { 412 LOG(ERROR) << "Unable to set adequate kptr_restrict value!"; 413 security_failure(); 414 } 415 return 0; 416} 417 418static int keychord_init_action(const std::vector<std::string>& args) 419{ 420 keychord_init(); 421 return 0; 422} 423 424static int console_init_action(const std::vector<std::string>& args) 425{ 426 std::string console = property_get("ro.boot.console"); 427 if (!console.empty()) { 428 default_console = "/dev/" + console; 429 } 430 return 0; 431} 432 433static void import_kernel_nv(const std::string& key, const std::string& value, bool for_emulator) { 434 if (key.empty()) return; 435 436 if (for_emulator) { 437 // In the emulator, export any kernel option with the "ro.kernel." prefix. 438 property_set(StringPrintf("ro.kernel.%s", key.c_str()).c_str(), value.c_str()); 439 return; 440 } 441 442 if (key == "qemu") { 443 strlcpy(qemu, value.c_str(), sizeof(qemu)); 444 } else if (android::base::StartsWith(key, "androidboot.")) { 445 property_set(StringPrintf("ro.boot.%s", key.c_str() + 12).c_str(), value.c_str()); 446 } 447} 448 449static void export_oem_lock_status() { 450 if (property_get("ro.oem_unlock_supported") != "1") { 451 return; 452 } 453 454 std::string value = property_get("ro.boot.verifiedbootstate"); 455 456 if (!value.empty()) { 457 property_set("ro.boot.flash.locked", value == "orange" ? "0" : "1"); 458 } 459} 460 461static void export_kernel_boot_props() { 462 struct { 463 const char *src_prop; 464 const char *dst_prop; 465 const char *default_value; 466 } prop_map[] = { 467 { "ro.boot.serialno", "ro.serialno", "", }, 468 { "ro.boot.mode", "ro.bootmode", "unknown", }, 469 { "ro.boot.baseband", "ro.baseband", "unknown", }, 470 { "ro.boot.bootloader", "ro.bootloader", "unknown", }, 471 { "ro.boot.hardware", "ro.hardware", "unknown", }, 472 { "ro.boot.revision", "ro.revision", "0", }, 473 }; 474 for (size_t i = 0; i < arraysize(prop_map); i++) { 475 std::string value = property_get(prop_map[i].src_prop); 476 property_set(prop_map[i].dst_prop, (!value.empty()) ? value.c_str() : prop_map[i].default_value); 477 } 478} 479 480static constexpr char android_dt_dir[] = "/proc/device-tree/firmware/android"; 481 482static bool is_dt_compatible() { 483 std::string dt_value; 484 std::string file_name = StringPrintf("%s/compatible", android_dt_dir); 485 486 android::base::ReadFileToString(file_name, &dt_value); 487 if (!dt_value.compare("android,firmware")) { 488 LOG(ERROR) << "firmware/android is not compatible with 'android,firmware'"; 489 return false; 490 } 491 492 return true; 493} 494 495static bool is_dt_fstab_compatible() { 496 std::string dt_value; 497 std::string file_name = StringPrintf("%s/%s/compatible", android_dt_dir, "fstab"); 498 499 android::base::ReadFileToString(file_name, &dt_value); 500 if (!dt_value.compare("android,fstab")) { 501 LOG(ERROR) << "firmware/android/fstab is not compatible with 'android,fstab'"; 502 return false; 503 } 504 505 return true; 506} 507 508static void process_kernel_dt() { 509 if (!is_dt_compatible()) return; 510 511 std::unique_ptr<DIR, int(*)(DIR*)>dir(opendir(android_dt_dir), closedir); 512 if (!dir) return; 513 514 std::string dt_file; 515 struct dirent *dp; 516 while ((dp = readdir(dir.get())) != NULL) { 517 if (dp->d_type != DT_REG || !strcmp(dp->d_name, "compatible") || !strcmp(dp->d_name, "name")) { 518 continue; 519 } 520 521 std::string file_name = StringPrintf("%s/%s", android_dt_dir, dp->d_name); 522 523 android::base::ReadFileToString(file_name, &dt_file); 524 std::replace(dt_file.begin(), dt_file.end(), ',', '.'); 525 526 std::string property_name = StringPrintf("ro.boot.%s", dp->d_name); 527 property_set(property_name.c_str(), dt_file.c_str()); 528 } 529} 530 531static void process_kernel_cmdline() { 532 // The first pass does the common stuff, and finds if we are in qemu. 533 // The second pass is only necessary for qemu to export all kernel params 534 // as properties. 535 import_kernel_cmdline(false, import_kernel_nv); 536 if (qemu[0]) import_kernel_cmdline(true, import_kernel_nv); 537} 538 539static int property_enable_triggers_action(const std::vector<std::string>& args) 540{ 541 /* Enable property triggers. */ 542 property_triggers_enabled = 1; 543 return 0; 544} 545 546static int queue_property_triggers_action(const std::vector<std::string>& args) 547{ 548 ActionManager::GetInstance().QueueBuiltinAction(property_enable_triggers_action, "enable_property_trigger"); 549 ActionManager::GetInstance().QueueAllPropertyTriggers(); 550 return 0; 551} 552 553static void selinux_init_all_handles(void) 554{ 555 sehandle = selinux_android_file_context_handle(); 556 selinux_android_set_sehandle(sehandle); 557 sehandle_prop = selinux_android_prop_context_handle(); 558} 559 560enum selinux_enforcing_status { SELINUX_PERMISSIVE, SELINUX_ENFORCING }; 561 562static selinux_enforcing_status selinux_status_from_cmdline() { 563 selinux_enforcing_status status = SELINUX_ENFORCING; 564 565 import_kernel_cmdline(false, [&](const std::string& key, const std::string& value, bool in_qemu) { 566 if (key == "androidboot.selinux" && value == "permissive") { 567 status = SELINUX_PERMISSIVE; 568 } 569 }); 570 571 return status; 572} 573 574static bool selinux_is_enforcing(void) 575{ 576 if (ALLOW_PERMISSIVE_SELINUX) { 577 return selinux_status_from_cmdline() == SELINUX_ENFORCING; 578 } 579 return true; 580} 581 582static int audit_callback(void *data, security_class_t /*cls*/, char *buf, size_t len) { 583 584 property_audit_data *d = reinterpret_cast<property_audit_data*>(data); 585 586 if (!d || !d->name || !d->cr) { 587 LOG(ERROR) << "audit_callback invoked with null data arguments!"; 588 return 0; 589 } 590 591 snprintf(buf, len, "property=%s pid=%d uid=%d gid=%d", d->name, 592 d->cr->pid, d->cr->uid, d->cr->gid); 593 return 0; 594} 595 596static void selinux_initialize(bool in_kernel_domain) { 597 Timer t; 598 599 selinux_callback cb; 600 cb.func_log = selinux_klog_callback; 601 selinux_set_callback(SELINUX_CB_LOG, cb); 602 cb.func_audit = audit_callback; 603 selinux_set_callback(SELINUX_CB_AUDIT, cb); 604 605 if (in_kernel_domain) { 606 LOG(INFO) << "Loading SELinux policy..."; 607 if (selinux_android_load_policy() < 0) { 608 PLOG(ERROR) << "failed to load policy"; 609 security_failure(); 610 } 611 612 bool kernel_enforcing = (security_getenforce() == 1); 613 bool is_enforcing = selinux_is_enforcing(); 614 if (kernel_enforcing != is_enforcing) { 615 if (security_setenforce(is_enforcing)) { 616 PLOG(ERROR) << "security_setenforce(%s) failed" << (is_enforcing ? "true" : "false"); 617 security_failure(); 618 } 619 } 620 621 if (!write_file("/sys/fs/selinux/checkreqprot", "0")) { 622 security_failure(); 623 } 624 625 // init's first stage can't set properties, so pass the time to the second stage. 626 setenv("INIT_SELINUX_TOOK", std::to_string(t.duration_ms()).c_str(), 1); 627 } else { 628 selinux_init_all_handles(); 629 } 630} 631 632// Set the UDC controller for the ConfigFS USB Gadgets. 633// Read the UDC controller in use from "/sys/class/udc". 634// In case of multiple UDC controllers select the first one. 635static void set_usb_controller() { 636 std::unique_ptr<DIR, decltype(&closedir)>dir(opendir("/sys/class/udc"), closedir); 637 if (!dir) return; 638 639 dirent* dp; 640 while ((dp = readdir(dir.get())) != nullptr) { 641 if (dp->d_name[0] == '.') continue; 642 643 property_set("sys.usb.controller", dp->d_name); 644 break; 645 } 646} 647 648static std::string import_dt_fstab() { 649 std::string fstab; 650 if (!is_dt_compatible() || !is_dt_fstab_compatible()) { 651 return fstab; 652 } 653 654 std::string fstabdir_name = StringPrintf("%s/fstab", android_dt_dir); 655 std::unique_ptr<DIR, int (*)(DIR*)> fstabdir(opendir(fstabdir_name.c_str()), closedir); 656 if (!fstabdir) return fstab; 657 658 dirent* dp; 659 while ((dp = readdir(fstabdir.get())) != NULL) { 660 // skip over name and compatible 661 if (dp->d_type != DT_DIR) { 662 continue; 663 } 664 665 // skip if its not 'vendor', 'odm' or 'system' 666 if (strcmp(dp->d_name, "odm") && strcmp(dp->d_name, "system") && 667 strcmp(dp->d_name, "vendor")) { 668 continue; 669 } 670 671 // create <dev> <mnt_point> <type> <mnt_flags> <fsmgr_flags>\n 672 std::vector<std::string> fstab_entry; 673 std::string file_name; 674 std::string value; 675 file_name = StringPrintf("%s/%s/dev", fstabdir_name.c_str(), dp->d_name); 676 if (!android::base::ReadFileToString(file_name, &value)) { 677 LOG(ERROR) << "dt_fstab: Failed to find device for partition " << dp->d_name; 678 fstab.clear(); 679 break; 680 } 681 // trim the terminating '\0' out 682 value.resize(value.size() - 1); 683 fstab_entry.push_back(value); 684 fstab_entry.push_back(StringPrintf("/%s", dp->d_name)); 685 686 file_name = StringPrintf("%s/%s/type", fstabdir_name.c_str(), dp->d_name); 687 if (!android::base::ReadFileToString(file_name, &value)) { 688 LOG(ERROR) << "dt_fstab: Failed to find type for partition " << dp->d_name; 689 fstab.clear(); 690 break; 691 } 692 value.resize(value.size() - 1); 693 fstab_entry.push_back(value); 694 695 file_name = StringPrintf("%s/%s/mnt_flags", fstabdir_name.c_str(), dp->d_name); 696 if (!android::base::ReadFileToString(file_name, &value)) { 697 LOG(ERROR) << "dt_fstab: Failed to find type for partition " << dp->d_name; 698 fstab.clear(); 699 break; 700 } 701 value.resize(value.size() - 1); 702 fstab_entry.push_back(value); 703 704 file_name = StringPrintf("%s/%s/fsmgr_flags", fstabdir_name.c_str(), dp->d_name); 705 if (!android::base::ReadFileToString(file_name, &value)) { 706 LOG(ERROR) << "dt_fstab: Failed to find type for partition " << dp->d_name; 707 fstab.clear(); 708 break; 709 } 710 value.resize(value.size() - 1); 711 fstab_entry.push_back(value); 712 713 fstab += android::base::Join(fstab_entry, " "); 714 fstab += '\n'; 715 } 716 717 return fstab; 718} 719 720/* Early mount vendor and ODM partitions. The fstab is read from device-tree. */ 721static bool early_mount() { 722 std::string fstab = import_dt_fstab(); 723 if (fstab.empty()) { 724 LOG(INFO) << "Early mount skipped (missing fstab in device tree)"; 725 return true; 726 } 727 728 std::unique_ptr<FILE, decltype(&fclose)> fstab_file( 729 fmemopen(static_cast<void*>(const_cast<char*>(fstab.c_str())), fstab.length(), "r"), fclose); 730 if (!fstab_file) { 731 PLOG(ERROR) << "Early mount failed to open fstab file in memory"; 732 return false; 733 } 734 735 std::unique_ptr<struct fstab, decltype(&fs_mgr_free_fstab)> tab( 736 fs_mgr_read_fstab_file(fstab_file.get()), fs_mgr_free_fstab); 737 if (!tab) { 738 LOG(ERROR) << "Early mount fsmgr failed to load fstab from kernel:" << std::endl << fstab; 739 return false; 740 } 741 742 // find out fstab records for odm, system and vendor 743 fstab_rec* odm_rec = fs_mgr_get_entry_for_mount_point(tab.get(), "/odm"); 744 fstab_rec* system_rec = fs_mgr_get_entry_for_mount_point(tab.get(), "/system"); 745 fstab_rec* vendor_rec = fs_mgr_get_entry_for_mount_point(tab.get(), "/vendor"); 746 if (!odm_rec && !system_rec && !vendor_rec) { 747 // nothing to early mount 748 return true; 749 } 750 751 // assume A/B device if we find 'slotselect' in any fstab entry 752 bool is_ab = ((odm_rec && fs_mgr_is_slotselect(odm_rec)) || 753 (system_rec && fs_mgr_is_slotselect(system_rec)) || 754 (vendor_rec && fs_mgr_is_slotselect(vendor_rec))); 755 bool found_odm = !odm_rec; 756 bool found_system = !system_rec; 757 bool found_vendor = !vendor_rec; 758 int count_odm = 0, count_vendor = 0, count_system = 0; 759 760 // create the devices we need.. 761 device_init(nullptr, [&](uevent* uevent) -> coldboot_action_t { 762 if (!strncmp(uevent->subsystem, "firmware", 8)) { 763 return COLDBOOT_CONTINUE; 764 } 765 766 // we need platform devices to create symlinks 767 if (!strncmp(uevent->subsystem, "platform", 8)) { 768 return COLDBOOT_CREATE; 769 } 770 771 // Ignore everything that is not a block device 772 if (strncmp(uevent->subsystem, "block", 5)) { 773 return COLDBOOT_CONTINUE; 774 } 775 776 coldboot_action_t ret; 777 bool create_this_node = false; 778 if (uevent->partition_name) { 779 // prefix match partition names so we create device nodes for 780 // A/B-ed partitions 781 if (!found_odm && !strncmp(uevent->partition_name, "odm", 3)) { 782 LOG(VERBOSE) << "early_mount: found (" << uevent->partition_name << ") partition"; 783 784 // wait twice for A/B-ed partitions 785 count_odm++; 786 if (!is_ab) { 787 found_odm = true; 788 } else if (count_odm == 2) { 789 found_odm = true; 790 } 791 792 create_this_node = true; 793 } else if (!found_system && !strncmp(uevent->partition_name, "system", 6)) { 794 LOG(VERBOSE) << "early_mount: found (" << uevent->partition_name << ") partition"; 795 796 count_system++; 797 if (!is_ab) { 798 found_system = true; 799 } else if (count_system == 2) { 800 found_system = true; 801 } 802 803 create_this_node = true; 804 } else if (!found_vendor && !strncmp(uevent->partition_name, "vendor", 6)) { 805 LOG(VERBOSE) << "early_mount: found (" << uevent->partition_name << ") partition"; 806 count_vendor++; 807 if (!is_ab) { 808 found_vendor = true; 809 } else if (count_vendor == 2) { 810 found_vendor = true; 811 } 812 813 create_this_node = true; 814 } 815 } 816 817 // if we found all other partitions already, create this 818 // node and stop coldboot. If this is a prefix matched 819 // partition, create device node and continue. For everything 820 // else skip the device node 821 if (found_odm && found_system && found_vendor) { 822 ret = COLDBOOT_STOP; 823 } else if (create_this_node) { 824 ret = COLDBOOT_CREATE; 825 } else { 826 ret = COLDBOOT_CONTINUE; 827 } 828 829 return ret; 830 }); 831 832 // TODO: add support to mount partitions w/ verity 833 834 int ret = 0; 835 if (odm_rec && 836 (ret = fs_mgr_do_mount(tab.get(), odm_rec->mount_point, odm_rec->blk_device, NULL))) { 837 PLOG(ERROR) << "early_mount: fs_mgr_do_mount returned error for mounting odm"; 838 return false; 839 } 840 841 if (vendor_rec && 842 (ret = fs_mgr_do_mount(tab.get(), vendor_rec->mount_point, vendor_rec->blk_device, NULL))) { 843 PLOG(ERROR) << "early_mount: fs_mgr_do_mount returned error for mounting vendor"; 844 return false; 845 } 846 847 device_close(); 848 849 return true; 850} 851 852int main(int argc, char** argv) { 853 if (!strcmp(basename(argv[0]), "ueventd")) { 854 return ueventd_main(argc, argv); 855 } 856 857 if (!strcmp(basename(argv[0]), "watchdogd")) { 858 return watchdogd_main(argc, argv); 859 } 860 861 boot_clock::time_point start_time = boot_clock::now(); 862 863 // Clear the umask. 864 umask(0); 865 866 add_environment("PATH", _PATH_DEFPATH); 867 868 bool is_first_stage = (getenv("INIT_SECOND_STAGE") == nullptr); 869 870 // Don't expose the raw commandline to unprivileged processes. 871 chmod("/proc/cmdline", 0440); 872 873 // Get the basic filesystem setup we need put together in the initramdisk 874 // on / and then we'll let the rc file figure out the rest. 875 if (is_first_stage) { 876 mount("tmpfs", "/dev", "tmpfs", MS_NOSUID, "mode=0755"); 877 mkdir("/dev/pts", 0755); 878 mkdir("/dev/socket", 0755); 879 mount("devpts", "/dev/pts", "devpts", 0, NULL); 880 #define MAKE_STR(x) __STRING(x) 881 mount("proc", "/proc", "proc", 0, "hidepid=2,gid=" MAKE_STR(AID_READPROC)); 882 gid_t groups[] = { AID_READPROC }; 883 setgroups(arraysize(groups), groups); 884 mount("sysfs", "/sys", "sysfs", 0, NULL); 885 mount("selinuxfs", "/sys/fs/selinux", "selinuxfs", 0, NULL); 886 mknod("/dev/kmsg", S_IFCHR | 0600, makedev(1, 11)); 887 mknod("/dev/random", S_IFCHR | 0666, makedev(1, 8)); 888 mknod("/dev/urandom", S_IFCHR | 0666, makedev(1, 9)); 889 } 890 891 // Now that tmpfs is mounted on /dev and we have /dev/kmsg, we can actually 892 // talk to the outside world... 893 InitKernelLogging(argv); 894 895 LOG(INFO) << "init " << (is_first_stage ? "first" : "second") << " stage started!"; 896 897 if (is_first_stage) { 898 if (!early_mount()) { 899 LOG(ERROR) << "Failed to mount required partitions early ..."; 900 panic(); 901 } 902 903 // Set up SELinux, loading the SELinux policy. 904 selinux_initialize(true); 905 906 // We're in the kernel domain, so re-exec init to transition to the init domain now 907 // that the SELinux policy has been loaded. 908 if (restorecon("/init") == -1) { 909 PLOG(ERROR) << "restorecon failed"; 910 security_failure(); 911 } 912 913 setenv("INIT_SECOND_STAGE", "true", 1); 914 915 static constexpr uint32_t kNanosecondsPerMillisecond = 1e6; 916 uint64_t start_ms = start_time.time_since_epoch().count() / kNanosecondsPerMillisecond; 917 setenv("INIT_STARTED_AT", StringPrintf("%" PRIu64, start_ms).c_str(), 1); 918 919 char* path = argv[0]; 920 char* args[] = { path, nullptr }; 921 if (execv(path, args) == -1) { 922 PLOG(ERROR) << "execv(\"" << path << "\") failed"; 923 security_failure(); 924 } 925 } else { 926 // Indicate that booting is in progress to background fw loaders, etc. 927 close(open("/dev/.booting", O_WRONLY | O_CREAT | O_CLOEXEC, 0000)); 928 929 property_init(); 930 931 // If arguments are passed both on the command line and in DT, 932 // properties set in DT always have priority over the command-line ones. 933 process_kernel_dt(); 934 process_kernel_cmdline(); 935 936 // Propagate the kernel variables to internal variables 937 // used by init as well as the current required properties. 938 export_kernel_boot_props(); 939 940 // Make the time that init started available for bootstat to log. 941 property_set("ro.boottime.init", getenv("INIT_STARTED_AT")); 942 property_set("ro.boottime.init.selinux", getenv("INIT_SELINUX_TOOK")); 943 944 // Clean up our environment. 945 unsetenv("INIT_SECOND_STAGE"); 946 unsetenv("INIT_STARTED_AT"); 947 unsetenv("INIT_SELINUX_TOOK"); 948 949 // Now set up SELinux for second stage. 950 selinux_initialize(false); 951 } 952 953 // These directories were necessarily created before initial policy load 954 // and therefore need their security context restored to the proper value. 955 // This must happen before /dev is populated by ueventd. 956 LOG(INFO) << "Running restorecon..."; 957 restorecon("/dev"); 958 restorecon("/dev/kmsg"); 959 restorecon("/dev/socket"); 960 restorecon("/dev/random"); 961 restorecon("/dev/urandom"); 962 restorecon("/dev/__properties__"); 963 restorecon("/plat_property_contexts"); 964 restorecon("/nonplat_property_contexts"); 965 restorecon("/sys", SELINUX_ANDROID_RESTORECON_RECURSE); 966 restorecon("/dev/block", SELINUX_ANDROID_RESTORECON_RECURSE); 967 restorecon("/dev/device-mapper"); 968 969 epoll_fd = epoll_create1(EPOLL_CLOEXEC); 970 if (epoll_fd == -1) { 971 PLOG(ERROR) << "epoll_create1 failed"; 972 exit(1); 973 } 974 975 signal_handler_init(); 976 977 property_load_boot_defaults(); 978 export_oem_lock_status(); 979 start_property_service(); 980 set_usb_controller(); 981 982 const BuiltinFunctionMap function_map; 983 Action::set_function_map(&function_map); 984 985 Parser& parser = Parser::GetInstance(); 986 parser.AddSectionParser("service",std::make_unique<ServiceParser>()); 987 parser.AddSectionParser("on", std::make_unique<ActionParser>()); 988 parser.AddSectionParser("import", std::make_unique<ImportParser>()); 989 std::string bootscript = property_get("ro.boot.init_rc"); 990 if (bootscript.empty()) { 991 parser.ParseConfig("/init.rc"); 992 } else { 993 parser.ParseConfig(bootscript); 994 } 995 996 ActionManager& am = ActionManager::GetInstance(); 997 998 am.QueueEventTrigger("early-init"); 999 1000 // Queue an action that waits for coldboot done so we know ueventd has set up all of /dev... 1001 am.QueueBuiltinAction(wait_for_coldboot_done_action, "wait_for_coldboot_done"); 1002 // ... so that we can start queuing up actions that require stuff from /dev. 1003 am.QueueBuiltinAction(mix_hwrng_into_linux_rng_action, "mix_hwrng_into_linux_rng"); 1004 am.QueueBuiltinAction(set_mmap_rnd_bits_action, "set_mmap_rnd_bits"); 1005 am.QueueBuiltinAction(set_kptr_restrict_action, "set_kptr_restrict"); 1006 am.QueueBuiltinAction(keychord_init_action, "keychord_init"); 1007 am.QueueBuiltinAction(console_init_action, "console_init"); 1008 1009 // Trigger all the boot actions to get us started. 1010 am.QueueEventTrigger("init"); 1011 1012 // Repeat mix_hwrng_into_linux_rng in case /dev/hw_random or /dev/random 1013 // wasn't ready immediately after wait_for_coldboot_done 1014 am.QueueBuiltinAction(mix_hwrng_into_linux_rng_action, "mix_hwrng_into_linux_rng"); 1015 1016 // Don't mount filesystems or start core system services in charger mode. 1017 std::string bootmode = property_get("ro.bootmode"); 1018 if (bootmode == "charger") { 1019 am.QueueEventTrigger("charger"); 1020 } else { 1021 am.QueueEventTrigger("late-init"); 1022 } 1023 1024 // Run all property triggers based on current state of the properties. 1025 am.QueueBuiltinAction(queue_property_triggers_action, "queue_property_triggers"); 1026 1027 while (true) { 1028 if (!(waiting_for_exec || waiting_for_prop)) { 1029 am.ExecuteOneCommand(); 1030 restart_processes(); 1031 } 1032 1033 // By default, sleep until something happens. 1034 int epoll_timeout_ms = -1; 1035 1036 // If there's a process that needs restarting, wake up in time for that. 1037 if (process_needs_restart_at != 0) { 1038 epoll_timeout_ms = (process_needs_restart_at - time(nullptr)) * 1000; 1039 if (epoll_timeout_ms < 0) epoll_timeout_ms = 0; 1040 } 1041 1042 // If there's more work to do, wake up again immediately. 1043 if (am.HasMoreCommands()) epoll_timeout_ms = 0; 1044 1045 epoll_event ev; 1046 int nr = TEMP_FAILURE_RETRY(epoll_wait(epoll_fd, &ev, 1, epoll_timeout_ms)); 1047 if (nr == -1) { 1048 PLOG(ERROR) << "epoll_wait failed"; 1049 } else if (nr == 1) { 1050 ((void (*)()) ev.data.ptr)(); 1051 } 1052 } 1053 1054 return 0; 1055} 1056