init.rc revision 5c39e0ada89de6a945ad3df0a0e6181fc3325cca
1# Copyright (C) 2012 The Android Open Source Project 2# 3# IMPORTANT: Do not create world writable files or directories. 4# This is a common source of Android security bugs. 5# 6 7import /init.environ.rc 8import /init.usb.rc 9import /init.${ro.hardware}.rc 10import /init.${ro.zygote}.rc 11import /init.trace.rc 12 13on early-init 14 # Set init and its forked children's oom_adj. 15 write /proc/1/oom_score_adj -1000 16 17 # Apply strict SELinux checking of PROT_EXEC on mmap/mprotect calls. 18 write /sys/fs/selinux/checkreqprot 0 19 20 # Set the security context for the init process. 21 # This should occur before anything else (e.g. ueventd) is started. 22 setcon u:r:init:s0 23 24 # Set the security context of /adb_keys if present. 25 restorecon /adb_keys 26 27 start ueventd 28 29 # create mountpoints 30 mkdir /mnt 0775 root system 31 32on init 33 sysclktz 0 34 35 # Backward compatibility. 36 symlink /system/etc /etc 37 symlink /sys/kernel/debug /d 38 39 # Link /vendor to /system/vendor for devices without a vendor partition. 40 symlink /system/vendor /vendor 41 42 # Create cgroup mount point for cpu accounting 43 mkdir /acct 44 mount cgroup none /acct cpuacct 45 mkdir /acct/uid 46 47 # Create cgroup mount point for memory 48 mount tmpfs none /sys/fs/cgroup mode=0750,uid=0,gid=1000 49 mkdir /sys/fs/cgroup/memory 0750 root system 50 mount cgroup none /sys/fs/cgroup/memory memory 51 write /sys/fs/cgroup/memory/memory.move_charge_at_immigrate 1 52 chown root system /sys/fs/cgroup/memory/tasks 53 chmod 0660 /sys/fs/cgroup/memory/tasks 54 mkdir /sys/fs/cgroup/memory/sw 0750 root system 55 write /sys/fs/cgroup/memory/sw/memory.swappiness 100 56 write /sys/fs/cgroup/memory/sw/memory.move_charge_at_immigrate 1 57 chown root system /sys/fs/cgroup/memory/sw/tasks 58 chmod 0660 /sys/fs/cgroup/memory/sw/tasks 59 60 mkdir /system 61 mkdir /data 0771 system system 62 mkdir /cache 0770 system cache 63 mkdir /config 0500 root root 64 65 # See storage config details at http://source.android.com/tech/storage/ 66 mkdir /mnt/shell 0700 shell shell 67 mkdir /mnt/media_rw 0700 media_rw media_rw 68 mkdir /storage 0751 root sdcard_r 69 70 # Directory for putting things only root should see. 71 mkdir /mnt/secure 0700 root root 72 73 # Directory for staging bindmounts 74 mkdir /mnt/secure/staging 0700 root root 75 76 # Directory-target for where the secure container 77 # imagefile directory will be bind-mounted 78 mkdir /mnt/secure/asec 0700 root root 79 80 # Secure container public mount points. 81 mkdir /mnt/asec 0700 root system 82 mount tmpfs tmpfs /mnt/asec mode=0755,gid=1000 83 84 # Filesystem image public mount points. 85 mkdir /mnt/obb 0700 root system 86 mount tmpfs tmpfs /mnt/obb mode=0755,gid=1000 87 88 # memory control cgroup 89 mkdir /dev/memcg 0700 root system 90 mount cgroup none /dev/memcg memory 91 92 write /proc/sys/kernel/panic_on_oops 1 93 write /proc/sys/kernel/hung_task_timeout_secs 0 94 write /proc/cpu/alignment 4 95 write /proc/sys/kernel/sched_latency_ns 10000000 96 write /proc/sys/kernel/sched_wakeup_granularity_ns 2000000 97 write /proc/sys/kernel/sched_compat_yield 1 98 write /proc/sys/kernel/sched_child_runs_first 0 99 write /proc/sys/kernel/randomize_va_space 2 100 write /proc/sys/kernel/kptr_restrict 2 101 write /proc/sys/vm/mmap_min_addr 32768 102 write /proc/sys/net/ipv4/ping_group_range "0 2147483647" 103 write /proc/sys/net/unix/max_dgram_qlen 300 104 write /proc/sys/kernel/sched_rt_runtime_us 950000 105 write /proc/sys/kernel/sched_rt_period_us 1000000 106 107 # reflect fwmark from incoming packets onto generated replies 108 write /proc/sys/net/ipv4/fwmark_reflect 1 109 write /proc/sys/net/ipv6/fwmark_reflect 1 110 111 # set fwmark on accepted sockets 112 write /proc/sys/net/ipv4/tcp_fwmark_accept 1 113 114 # Create cgroup mount points for process groups 115 mkdir /dev/cpuctl 116 mount cgroup none /dev/cpuctl cpu 117 chown system system /dev/cpuctl 118 chown system system /dev/cpuctl/tasks 119 chmod 0666 /dev/cpuctl/tasks 120 write /dev/cpuctl/cpu.shares 1024 121 write /dev/cpuctl/cpu.rt_runtime_us 800000 122 write /dev/cpuctl/cpu.rt_period_us 1000000 123 124 mkdir /dev/cpuctl/bg_non_interactive 125 chown system system /dev/cpuctl/bg_non_interactive/tasks 126 chmod 0666 /dev/cpuctl/bg_non_interactive/tasks 127 # 5.0 % 128 write /dev/cpuctl/bg_non_interactive/cpu.shares 52 129 write /dev/cpuctl/bg_non_interactive/cpu.rt_runtime_us 700000 130 write /dev/cpuctl/bg_non_interactive/cpu.rt_period_us 1000000 131 132 # qtaguid will limit access to specific data based on group memberships. 133 # net_bw_acct grants impersonation of socket owners. 134 # net_bw_stats grants access to other apps' detailed tagged-socket stats. 135 chown root net_bw_acct /proc/net/xt_qtaguid/ctrl 136 chown root net_bw_stats /proc/net/xt_qtaguid/stats 137 138 # Allow everybody to read the xt_qtaguid resource tracking misc dev. 139 # This is needed by any process that uses socket tagging. 140 chmod 0644 /dev/xt_qtaguid 141 142 # Create location for fs_mgr to store abbreviated output from filesystem 143 # checker programs. 144 mkdir /dev/fscklogs 0770 root system 145 146 # pstore/ramoops previous console log 147 mount pstore pstore /sys/fs/pstore 148 chown system log /sys/fs/pstore/console-ramoops 149 chmod 0440 /sys/fs/pstore/console-ramoops 150 chown system log /sys/fs/pstore/pmsg-ramoops-0 151 chmod 0440 /sys/fs/pstore/pmsg-ramoops-0 152 153 # enable armv8_deprecated instruction hooks 154 write /proc/sys/abi/swp 1 155 156# Healthd can trigger a full boot from charger mode by signaling this 157# property when the power button is held. 158on property:sys.boot_from_charger_mode=1 159 class_stop charger 160 trigger late-init 161 162# Load properties from /system/ + /factory after fs mount. 163on load_all_props_action 164 load_all_props 165 start logd 166 start logd-reinit 167 168# Indicate to fw loaders that the relevant mounts are up. 169on firmware_mounts_complete 170 rm /dev/.booting 171 172# Mount filesystems and start core system services. 173on late-init 174 trigger early-fs 175 trigger fs 176 trigger post-fs 177 trigger post-fs-data 178 179 # Load properties from /system/ + /factory after fs mount. Place 180 # this in another action so that the load will be scheduled after the prior 181 # issued fs triggers have completed. 182 trigger load_all_props_action 183 184 # Remove a file to wake up anything waiting for firmware. 185 trigger firmware_mounts_complete 186 187 trigger early-boot 188 trigger boot 189 190 191on post-fs 192 start logd 193 # once everything is setup, no need to modify / 194 mount rootfs rootfs / ro remount 195 # mount shared so changes propagate into child namespaces 196 mount rootfs rootfs / shared rec 197 198 # We chown/chmod /cache again so because mount is run as root + defaults 199 chown system cache /cache 200 chmod 0770 /cache 201 # We restorecon /cache in case the cache partition has been reset. 202 restorecon_recursive /cache 203 204 # This may have been created by the recovery system with odd permissions 205 chown system cache /cache/recovery 206 chmod 0770 /cache/recovery 207 208 #change permissions on vmallocinfo so we can grab it from bugreports 209 chown root log /proc/vmallocinfo 210 chmod 0440 /proc/vmallocinfo 211 212 chown root log /proc/slabinfo 213 chmod 0440 /proc/slabinfo 214 215 #change permissions on kmsg & sysrq-trigger so bugreports can grab kthread stacks 216 chown root system /proc/kmsg 217 chmod 0440 /proc/kmsg 218 chown root system /proc/sysrq-trigger 219 chmod 0220 /proc/sysrq-trigger 220 chown system log /proc/last_kmsg 221 chmod 0440 /proc/last_kmsg 222 223 # make the selinux kernel policy world-readable 224 chmod 0444 /sys/fs/selinux/policy 225 226 # create the lost+found directories, so as to enforce our permissions 227 mkdir /cache/lost+found 0770 root root 228 229on post-fs-data 230 installkey /data 231 232 # We chown/chmod /data again so because mount is run as root + defaults 233 chown system system /data 234 chmod 0771 /data 235 # We restorecon /data in case the userdata partition has been reset. 236 restorecon /data 237 238 # Start bootcharting as soon as possible after the data partition is 239 # mounted to collect more data. 240 mkdir /data/bootchart 0755 shell shell 241 bootchart_init 242 243 # Avoid predictable entropy pool. Carry over entropy from previous boot. 244 copy /data/system/entropy.dat /dev/urandom 245 246 # create basic filesystem structure 247 mkdir /data/misc 01771 system misc 248 mkdir /data/misc/adb 02750 system shell 249 mkdir /data/misc/bluedroid 0770 bluetooth net_bt_stack 250 mkdir /data/misc/bluetooth 0770 system system 251 mkdir /data/misc/keystore 0700 keystore keystore 252 mkdir /data/misc/keychain 0771 system system 253 mkdir /data/misc/net 0750 root shell 254 mkdir /data/misc/radio 0770 system radio 255 mkdir /data/misc/sms 0770 system radio 256 mkdir /data/misc/zoneinfo 0775 system system 257 mkdir /data/misc/vpn 0770 system vpn 258 mkdir /data/misc/shared_relro 0771 shared_relro shared_relro 259 mkdir /data/misc/systemkeys 0700 system system 260 mkdir /data/misc/wifi 0770 wifi wifi 261 mkdir /data/misc/wifi/sockets 0770 wifi wifi 262 mkdir /data/misc/wifi/wpa_supplicant 0770 wifi wifi 263 mkdir /data/misc/ethernet 0770 system system 264 mkdir /data/misc/dhcp 0770 dhcp dhcp 265 mkdir /data/misc/user 0771 root root 266 # give system access to wpa_supplicant.conf for backup and restore 267 chmod 0660 /data/misc/wifi/wpa_supplicant.conf 268 mkdir /data/local 0751 root root 269 mkdir /data/misc/media 0700 media media 270 271 # For security reasons, /data/local/tmp should always be empty. 272 # Do not place files or directories in /data/local/tmp 273 mkdir /data/local/tmp 0771 shell shell 274 mkdir /data/data 0771 system system 275 mkdir /data/app-private 0771 system system 276 mkdir /data/app-asec 0700 root root 277 mkdir /data/app-lib 0771 system system 278 mkdir /data/app 0771 system system 279 mkdir /data/property 0700 root root 280 mkdir /data/tombstones 0771 system system 281 282 # create dalvik-cache, so as to enforce our permissions 283 mkdir /data/dalvik-cache 0771 root root 284 mkdir /data/dalvik-cache/profiles 0711 system system 285 286 # create resource-cache and double-check the perms 287 mkdir /data/resource-cache 0771 system system 288 chown system system /data/resource-cache 289 chmod 0771 /data/resource-cache 290 291 # create the lost+found directories, so as to enforce our permissions 292 mkdir /data/lost+found 0770 root root 293 294 # create directory for DRM plug-ins - give drm the read/write access to 295 # the following directory. 296 mkdir /data/drm 0770 drm drm 297 298 # create directory for MediaDrm plug-ins - give drm the read/write access to 299 # the following directory. 300 mkdir /data/mediadrm 0770 mediadrm mediadrm 301 302 mkdir /data/adb 0700 root root 303 304 # symlink to bugreport storage location 305 symlink /data/data/com.android.shell/files/bugreports /data/bugreports 306 307 # Separate location for storing security policy files on data 308 mkdir /data/security 0711 system system 309 310 # Create all remaining /data root dirs so that they are made through init 311 # and get proper encryption policy installed 312 mkdir /data/backup 0700 system system 313 mkdir /data/media 0770 media_rw media_rw 314 mkdir /data/ss 0700 system system 315 mkdir /data/system 0775 system system 316 mkdir /data/system/heapdump 0700 system system 317 mkdir /data/user 0711 system system 318 319 # Reload policy from /data/security if present. 320 setprop selinux.reload_policy 1 321 322 # Set SELinux security contexts on upgrade or policy update. 323 restorecon_recursive /data 324 325 # Check any timezone data in /data is newer than the copy in /system, delete if not. 326 exec u:r:tzdatacheck:s0 system system -- /system/bin/tzdatacheck /system/usr/share/zoneinfo /data/misc/zoneinfo 327 328 # If there is no fs-post-data action in the init.<device>.rc file, you 329 # must uncomment this line, otherwise encrypted filesystems 330 # won't work. 331 # Set indication (checked by vold) that we have finished this action 332 #setprop vold.post_fs_data_done 1 333 334on boot 335 # basic network init 336 ifup lo 337 hostname localhost 338 domainname localdomain 339 340 # set RLIMIT_NICE to allow priorities from 19 to -20 341 setrlimit 13 40 40 342 343 # Memory management. Basic kernel parameters, and allow the high 344 # level system server to be able to adjust the kernel OOM driver 345 # parameters to match how it is managing things. 346 write /proc/sys/vm/overcommit_memory 1 347 write /proc/sys/vm/min_free_order_shift 4 348 chown root system /sys/module/lowmemorykiller/parameters/adj 349 chmod 0220 /sys/module/lowmemorykiller/parameters/adj 350 chown root system /sys/module/lowmemorykiller/parameters/minfree 351 chmod 0220 /sys/module/lowmemorykiller/parameters/minfree 352 353 # Tweak background writeout 354 write /proc/sys/vm/dirty_expire_centisecs 200 355 write /proc/sys/vm/dirty_background_ratio 5 356 357 # Permissions for System Server and daemons. 358 chown radio system /sys/android_power/state 359 chown radio system /sys/android_power/request_state 360 chown radio system /sys/android_power/acquire_full_wake_lock 361 chown radio system /sys/android_power/acquire_partial_wake_lock 362 chown radio system /sys/android_power/release_wake_lock 363 chown system system /sys/power/autosleep 364 chown system system /sys/power/state 365 chown system system /sys/power/wakeup_count 366 chown radio system /sys/power/wake_lock 367 chown radio system /sys/power/wake_unlock 368 chmod 0660 /sys/power/state 369 chmod 0660 /sys/power/wake_lock 370 chmod 0660 /sys/power/wake_unlock 371 372 chown system system /sys/devices/system/cpu/cpufreq/interactive/timer_rate 373 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/timer_rate 374 chown system system /sys/devices/system/cpu/cpufreq/interactive/timer_slack 375 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/timer_slack 376 chown system system /sys/devices/system/cpu/cpufreq/interactive/min_sample_time 377 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/min_sample_time 378 chown system system /sys/devices/system/cpu/cpufreq/interactive/hispeed_freq 379 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/hispeed_freq 380 chown system system /sys/devices/system/cpu/cpufreq/interactive/target_loads 381 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/target_loads 382 chown system system /sys/devices/system/cpu/cpufreq/interactive/go_hispeed_load 383 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/go_hispeed_load 384 chown system system /sys/devices/system/cpu/cpufreq/interactive/above_hispeed_delay 385 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/above_hispeed_delay 386 chown system system /sys/devices/system/cpu/cpufreq/interactive/boost 387 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/boost 388 chown system system /sys/devices/system/cpu/cpufreq/interactive/boostpulse 389 chown system system /sys/devices/system/cpu/cpufreq/interactive/input_boost 390 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/input_boost 391 chown system system /sys/devices/system/cpu/cpufreq/interactive/boostpulse_duration 392 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/boostpulse_duration 393 chown system system /sys/devices/system/cpu/cpufreq/interactive/io_is_busy 394 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/io_is_busy 395 396 # Assume SMP uses shared cpufreq policy for all CPUs 397 chown system system /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq 398 chmod 0660 /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq 399 400 chown system system /sys/class/timed_output/vibrator/enable 401 chown system system /sys/class/leds/keyboard-backlight/brightness 402 chown system system /sys/class/leds/lcd-backlight/brightness 403 chown system system /sys/class/leds/button-backlight/brightness 404 chown system system /sys/class/leds/jogball-backlight/brightness 405 chown system system /sys/class/leds/red/brightness 406 chown system system /sys/class/leds/green/brightness 407 chown system system /sys/class/leds/blue/brightness 408 chown system system /sys/class/leds/red/device/grpfreq 409 chown system system /sys/class/leds/red/device/grppwm 410 chown system system /sys/class/leds/red/device/blink 411 chown system system /sys/class/timed_output/vibrator/enable 412 chown system system /sys/module/sco/parameters/disable_esco 413 chown system system /sys/kernel/ipv4/tcp_wmem_min 414 chown system system /sys/kernel/ipv4/tcp_wmem_def 415 chown system system /sys/kernel/ipv4/tcp_wmem_max 416 chown system system /sys/kernel/ipv4/tcp_rmem_min 417 chown system system /sys/kernel/ipv4/tcp_rmem_def 418 chown system system /sys/kernel/ipv4/tcp_rmem_max 419 chown root radio /proc/cmdline 420 421 # Define default initial receive window size in segments. 422 setprop net.tcp.default_init_rwnd 60 423 424 class_start core 425 426on nonencrypted 427 class_start main 428 class_start late_start 429 430on property:vold.decrypt=trigger_default_encryption 431 start defaultcrypto 432 433on property:vold.decrypt=trigger_encryption 434 start surfaceflinger 435 start encrypt 436 437on property:sys.init_log_level=* 438 loglevel ${sys.init_log_level} 439 440on charger 441 class_start charger 442 443on property:vold.decrypt=trigger_reset_main 444 class_reset main 445 446on property:vold.decrypt=trigger_load_persist_props 447 load_persist_props 448 start logd 449 start logd-reinit 450 451on property:vold.decrypt=trigger_post_fs_data 452 trigger post-fs-data 453 454on property:vold.decrypt=trigger_restart_min_framework 455 class_start main 456 457on property:vold.decrypt=trigger_restart_framework 458 installkey /data 459 class_start main 460 class_start late_start 461 462on property:vold.decrypt=trigger_shutdown_framework 463 class_reset late_start 464 class_reset main 465 466on property:sys.powerctl=* 467 powerctl ${sys.powerctl} 468 469# system server cannot write to /proc/sys files, 470# and chown/chmod does not work for /proc/sys/ entries. 471# So proxy writes through init. 472on property:sys.sysctl.extra_free_kbytes=* 473 write /proc/sys/vm/extra_free_kbytes ${sys.sysctl.extra_free_kbytes} 474 475# "tcp_default_init_rwnd" Is too long! 476on property:sys.sysctl.tcp_def_init_rwnd=* 477 write /proc/sys/net/ipv4/tcp_default_init_rwnd ${sys.sysctl.tcp_def_init_rwnd} 478 479 480## Daemon processes to be run by init. 481## 482service ueventd /sbin/ueventd 483 class core 484 critical 485 seclabel u:r:ueventd:s0 486 487service logd /system/bin/logd 488 class core 489 socket logd stream 0666 logd logd 490 socket logdr seqpacket 0666 logd logd 491 socket logdw dgram 0222 logd logd 492 493service logd-reinit /system/bin/logd --reinit 494 oneshot 495 disabled 496 497service healthd /sbin/healthd 498 class core 499 critical 500 seclabel u:r:healthd:s0 501 502service console /system/bin/sh 503 class core 504 console 505 disabled 506 user shell 507 group shell log 508 seclabel u:r:shell:s0 509 510on property:ro.debuggable=1 511 start console 512 513# adbd is controlled via property triggers in init.<platform>.usb.rc 514service adbd /sbin/adbd --root_seclabel=u:r:su:s0 515 class core 516 socket adbd stream 660 system system 517 disabled 518 seclabel u:r:adbd:s0 519 520# adbd on at boot in emulator 521on property:ro.kernel.qemu=1 522 start adbd 523 524service lmkd /system/bin/lmkd 525 class core 526 critical 527 socket lmkd seqpacket 0660 system system 528 529service servicemanager /system/bin/servicemanager 530 class core 531 user system 532 group system 533 critical 534 onrestart restart healthd 535 onrestart restart zygote 536 onrestart restart media 537 onrestart restart surfaceflinger 538 onrestart restart drm 539 540service vold /system/bin/vold 541 class core 542 socket vold stream 0660 root mount 543 ioprio be 2 544 545service netd /system/bin/netd 546 class main 547 socket netd stream 0660 root system 548 socket dnsproxyd stream 0660 root inet 549 socket mdns stream 0660 root system 550 socket fwmarkd stream 0660 root inet 551 552service debuggerd /system/bin/debuggerd 553 class main 554 555service debuggerd64 /system/bin/debuggerd64 556 class main 557 558service ril-daemon /system/bin/rild 559 class main 560 socket rild stream 660 root radio 561 socket rild-debug stream 660 radio system 562 user root 563 group radio cache inet misc audio log 564 565service surfaceflinger /system/bin/surfaceflinger 566 class core 567 user system 568 group graphics drmrpc 569 onrestart restart zygote 570 571service drm /system/bin/drmserver 572 class main 573 user drm 574 group drm system inet drmrpc 575 576service media /system/bin/mediaserver 577 class main 578 user media 579 group audio camera inet net_bt net_bt_admin net_bw_acct drmrpc mediadrm 580 ioprio rt 4 581 582# One shot invocation to deal with encrypted volume. 583service defaultcrypto /system/bin/vdc --wait cryptfs mountdefaultencrypted 584 disabled 585 oneshot 586 # vold will set vold.decrypt to trigger_restart_framework (default 587 # encryption) or trigger_restart_min_framework (other encryption) 588 589# One shot invocation to encrypt unencrypted volumes 590service encrypt /system/bin/vdc --wait cryptfs enablecrypto inplace default 591 disabled 592 oneshot 593 # vold will set vold.decrypt to trigger_restart_framework (default 594 # encryption) 595 596service bootanim /system/bin/bootanimation 597 class core 598 user graphics 599 group graphics audio 600 disabled 601 oneshot 602 603service installd /system/bin/installd 604 class main 605 socket installd stream 600 system system 606 607service flash_recovery /system/bin/install-recovery.sh 608 class main 609 oneshot 610 611service racoon /system/bin/racoon 612 class main 613 socket racoon stream 600 system system 614 # IKE uses UDP port 500. Racoon will setuid to vpn after binding the port. 615 group vpn net_admin inet 616 disabled 617 oneshot 618 619service mtpd /system/bin/mtpd 620 class main 621 socket mtpd stream 600 system system 622 user vpn 623 group vpn net_admin inet net_raw 624 disabled 625 oneshot 626 627service keystore /system/bin/keystore /data/misc/keystore 628 class main 629 user keystore 630 group keystore drmrpc 631 632service dumpstate /system/bin/dumpstate -s 633 class main 634 socket dumpstate stream 0660 shell log 635 disabled 636 oneshot 637 638service mdnsd /system/bin/mdnsd 639 class main 640 user mdnsr 641 group inet net_raw 642 socket mdnsd stream 0660 mdnsr inet 643 disabled 644 oneshot 645 646service pre-recovery /system/bin/uncrypt 647 class main 648 disabled 649 oneshot 650