tequilaOS/platform_system_core
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
platform_system_core/init/Android.mk

105 lines
2.3 KiB
Makefile
Raw Normal View History

auto import from //depot/cupcake/@135843
2009-03-04 04:32:55 +01:00
# Copyright 2005 The Android Open Source Project
LOCAL_PATH:= $(call my-dir)
Stop using #if for conditional compilation. Use regular 'if' to prevent bitrot. Also remove remaining typedefs. Change-Id: I2e6ca928e2db29b88b643cf990ff05cfb0be94a6
2015-02-04 23:46:36 +01:00
# --
ifneq (,$(filter userdebug eng,$(TARGET_BUILD_VARIANT)))
init: reboot to bootloader on crash for development builds Currently, if init crashes, the kernel panics. During development, we would like to catch this crash before the kernel panics and reboot into bootloader. This will prevent boot looping bad configurations, particularly desired in test labs where manual intervention would otherwise be required to reset the devices. Keep the existing behavior for user builds, as init crashes should be rare for production builds and rebooting the device is the correct behavior for end users. Bug: 34147472 Test: Boot bullhead userdebug, force init to crash, check that the device is in bootloader Test: Boot bullhead user, force init to crash, check that the kernel panics and the device reboots as it did previously Change-Id: Iab3d45ed0d1f82ffaad2a0835d9ca537c0516421
2017-03-10 23:46:38 +01:00
init_options += \
-DALLOW_LOCAL_PROP_OVERRIDE=1 \
-DALLOW_PERMISSIVE_SELINUX=1 \
crash_dump: during early boot, output to kmsg on userdebug. Crashes that happen before tombstoned is running are extremely hard to diagnose, because tombstones aren't written to disk, and the window of opportunity to get logs via `adb logcat` is small (potentially nonexistent). Solve this by adding a world-writable /dev/kmsg_debug on userdebug builds, and writing to it in addition to logcat when tombstoned hasn't started yet. Bug: http://b/36574794 Test: stop tombstoned; crasher; dmesg Change-Id: Ib22c02a002afb602933155fb2c9b7a8abbe9ed38
2017-03-28 22:07:15 +02:00
-DREBOOT_BOOTLOADER_ON_PANIC=1 \
poll umount completion from /proc/mounts - umount operation is asynchronous except for root partition. Returning from umount does not guarantee completion of umount. Poll /proc/mounts to confirm completion of umount. - Treat all devices mounting to /data as emulated devices. This is future proof when fs other than sdcardfs is used. - Drop quota sync from sync step. There is no differences in frequencies of quota error. - Run umount in reverse order from mounting order so that any hidden dependency can be auto-resolved. - Add dump of lsof and /proc/mounts when umount fails. lsof only runs when selinux is toggled into permissive mode. The dump is enabled only for non-user build. - Keep logcat until vold shutdown in case vold has any error to report. bug: 36551218 Test: python packages/services/Car/tools/bootanalyze/bootanalyze.py -r -c packages/services/Car/tools/bootanalyze/config.yaml -n 1000 -f -e 20 -w 30 Change-Id: I87b17b966d7004c205452d81460b02c6acf50d45
2017-03-29 21:54:40 +02:00
-DWORLD_WRITABLE_KMSG=1 \
-DDUMP_ON_UMOUNT_FAILURE=1
Stop using #if for conditional compilation. Use regular 'if' to prevent bitrot. Also remove remaining typedefs. Change-Id: I2e6ca928e2db29b88b643cf990ff05cfb0be94a6
2015-02-04 23:46:36 +01:00
else
init: reboot to bootloader on crash for development builds Currently, if init crashes, the kernel panics. During development, we would like to catch this crash before the kernel panics and reboot into bootloader. This will prevent boot looping bad configurations, particularly desired in test labs where manual intervention would otherwise be required to reset the devices. Keep the existing behavior for user builds, as init crashes should be rare for production builds and rebooting the device is the correct behavior for end users. Bug: 34147472 Test: Boot bullhead userdebug, force init to crash, check that the device is in bootloader Test: Boot bullhead user, force init to crash, check that the kernel panics and the device reboots as it did previously Change-Id: Iab3d45ed0d1f82ffaad2a0835d9ca537c0516421
2017-03-10 23:46:38 +01:00
init_options += \
-DALLOW_LOCAL_PROP_OVERRIDE=0 \
-DALLOW_PERMISSIVE_SELINUX=0 \
crash_dump: during early boot, output to kmsg on userdebug. Crashes that happen before tombstoned is running are extremely hard to diagnose, because tombstones aren't written to disk, and the window of opportunity to get logs via `adb logcat` is small (potentially nonexistent). Solve this by adding a world-writable /dev/kmsg_debug on userdebug builds, and writing to it in addition to logcat when tombstoned hasn't started yet. Bug: http://b/36574794 Test: stop tombstoned; crasher; dmesg Change-Id: Ib22c02a002afb602933155fb2c9b7a8abbe9ed38
2017-03-28 22:07:15 +02:00
-DREBOOT_BOOTLOADER_ON_PANIC=0 \
poll umount completion from /proc/mounts - umount operation is asynchronous except for root partition. Returning from umount does not guarantee completion of umount. Poll /proc/mounts to confirm completion of umount. - Treat all devices mounting to /data as emulated devices. This is future proof when fs other than sdcardfs is used. - Drop quota sync from sync step. There is no differences in frequencies of quota error. - Run umount in reverse order from mounting order so that any hidden dependency can be auto-resolved. - Add dump of lsof and /proc/mounts when umount fails. lsof only runs when selinux is toggled into permissive mode. The dump is enabled only for non-user build. - Keep logcat until vold shutdown in case vold has any error to report. bug: 36551218 Test: python packages/services/Car/tools/bootanalyze/bootanalyze.py -r -c packages/services/Car/tools/bootanalyze/config.yaml -n 1000 -f -e 20 -w 30 Change-Id: I87b17b966d7004c205452d81460b02c6acf50d45
2017-03-29 21:54:40 +02:00
-DWORLD_WRITABLE_KMSG=0 \
-DDUMP_ON_UMOUNT_FAILURE=0
Stop using #if for conditional compilation. Use regular 'if' to prevent bitrot. Also remove remaining typedefs. Change-Id: I2e6ca928e2db29b88b643cf990ff05cfb0be94a6
2015-02-04 23:46:36 +01:00
endif
set zero shutdown timeout for eng build - still it will take time to kill services, < 3 secs in tested device. bug: 36678028 Test: reboot Change-Id: I3f3eb83aede8cd950da12e3fcc259eeaf8517c3b
2017-03-28 18:41:36 +02:00
ifneq (,$(filter eng,$(TARGET_BUILD_VARIANT)))
init_options += \
-DSHUTDOWN_ZERO_TIMEOUT=1
else
init_options += \
-DSHUTDOWN_ZERO_TIMEOUT=0
endif
Clean up reading and writing in init. This isn't particularly useful in and of itself, but it does introduce the first (trivial) unit test, improves the documentation (including details about how to debug init crashes), and made me aware of how unpleasant the existing parser is. I also fixed a bug in passing --- unless you thought the "peboot" and "pm" commands were features... Bug: 19217569 Change-Id: I6ab76129a543ce3ed3dab52ef2c638009874c3de
2015-02-06 21:19:48 +01:00
init_options += -DLOG_UEVENTS=0
init_cflags += \
$(init_options) \
-Wall -Wextra \
-Wno-unused-parameter \
-Werror \
init: enable C++17 Test: Boot bullhead Change-Id: I40961ff765461e8aef211d27158ffb7c4be76493
2017-03-13 19:58:58 +01:00
-std=gnu++1z \
Stop using #if for conditional compilation. Use regular 'if' to prevent bitrot. Also remove remaining typedefs. Change-Id: I2e6ca928e2db29b88b643cf990ff05cfb0be94a6
2015-02-04 23:46:36 +01:00
# --
Clean up reading and writing in init. This isn't particularly useful in and of itself, but it does introduce the first (trivial) unit test, improves the documentation (including details about how to debug init crashes), and made me aware of how unpleasant the existing parser is. I also fixed a bug in passing --- unless you thought the "peboot" and "pm" commands were features... Bug: 19217569 Change-Id: I6ab76129a543ce3ed3dab52ef2c638009874c3de
2015-02-06 21:19:48 +01:00
include $(CLEAR_VARS)
LOCAL_CPPFLAGS := $(init_cflags)
Move all of init to libinit I'd be not doing this for a while since some of this code doesn't compile on host and libinit previously did. But after realizing the property_service.cpp (libinit) references symbols in init.cpp (init) and seeing a new linker error crop up due to that, it's time to make the fix. My only hold out previously was that libinit compiled on host bionic and some of init (builtins.cpp, etc) do not, however given that we don't actually have host bionic support or host bionic init tests, that isn't a good reason. We can and should mock out the libraries that aren't available with host bionic when ready. Test: build, unit tests, boot Change-Id: Ie49362ddb637924efc272540a4f32b693643fcdc
2018-01-19 23:25:48 +01:00
LOCAL_SRC_FILES := main.cpp
Build init as C++. This is just the minimal change to keep it building. Change-Id: I245c5b8413a1db114576c81462eb5737f5ffcef2
2015-02-04 02:12:07 +01:00
auto import from //depot/cupcake/@135843
2009-03-04 04:32:55 +01:00
LOCAL_MODULE:= init
load ro.recovery_id property from recovery partition Change-Id: I9dc1f325e353375d9c1c8ed949636e2404601076
2015-05-08 17:30:33 +02:00
auto import from //depot/cupcake/@135843
2009-03-04 04:32:55 +01:00
LOCAL_MODULE_PATH := $(TARGET_ROOT_OUT)
LOCAL_UNSTRIPPED_PATH := $(TARGET_ROOT_OUT_UNSTRIPPED)
Remove HAVE_SELINUX guards Change-Id: I8272c573b3c5dc663203bafab68fad5e94d89364
2012-10-17 08:07:05 +02:00
LOCAL_STATIC_LIBRARIES := \
Clean up reading and writing in init. This isn't particularly useful in and of itself, but it does introduce the first (trivial) unit test, improves the documentation (including details about how to debug init crashes), and made me aware of how unpleasant the existing parser is. I also fixed a bug in passing --- unless you thought the "peboot" and "pm" commands were features... Bug: 19217569 Change-Id: I6ab76129a543ce3ed3dab52ef2c638009874c3de
2015-02-06 21:19:48 +01:00
libinit \
init: use libbootloader_message. Bug: 29582118 Change-Id: I6285b29774a11d6dda8496c7c73e4c1d17a672bd (cherry picked from commit 0b1252cca0ecd5603e0fc0d5dadde91410b6b557)
2016-06-25 03:28:03 +02:00
libbootloader_message \
Clean up reading and writing in init. This isn't particularly useful in and of itself, but it does introduce the first (trivial) unit test, improves the documentation (including details about how to debug init crashes), and made me aware of how unpleasant the existing parser is. I also fixed a bug in passing --- unless you thought the "peboot" and "pm" commands were features... Bug: 19217569 Change-Id: I6ab76129a543ce3ed3dab52ef2c638009874c3de
2015-02-06 21:19:48 +01:00
libfs_mgr \
Error correction: Use libfec in fs_mgr Use libfec to read and parse verity metadata to protect against data corruption. Bug: 21893453 Change-Id: I3a3543e0d999316707302b3be8735a7133d22946
2015-05-22 16:43:50 +02:00
libfec \
libfec_rs \
init language extension for lazy HIDL services. This associates every service with a list of HIDL services it provides. If these are disabled, hwservicemanager will request for the service to startup. Bug: 64678982 Test: manual with the light service Change-Id: Ibf8a6f1cd38312c91c798b74574fa792f23c2df4
2017-10-06 03:50:22 +02:00
libhidl-gen-utils \
Revert "Revert "fs_mgr_verity: Add support for squashfs"" This reverts commit 7b97c7a3fa0f1bdae5b45a70f625ff48f9dab0c1. Change-Id: Id47e70479fe9247b7936f2e54d4dbfbb4f63f635
2015-04-09 02:59:19 +02:00
libsquashfs_utils \
Clean up reading and writing in init. This isn't particularly useful in and of itself, but it does introduce the first (trivial) unit test, improves the documentation (including details about how to debug init crashes), and made me aware of how unpleasant the existing parser is. I also fixed a bug in passing --- unless you thought the "peboot" and "pm" commands were features... Bug: 19217569 Change-Id: I6ab76129a543ce3ed3dab52ef2c638009874c3de
2015-02-06 21:19:48 +01:00
liblogwrap \
Remove "_static" and "_host" suffix from libext4_utils. Bug: 34220783 Change-Id: I967dbaa9c48ad1feed2369c3a40f745b86a350f8
2017-01-11 23:03:11 +01:00
libext4_utils \
init: add support for global seccomp boot option Setting androidboot.seccomp=global on the kernel command line shall enable seccomp for all processes rather than just in zygote. Doing this has a performance impact, for now it shall just be used to audit syscall usage during testing. Bug: 37960259 Change-Id: I6b9fc95e9bec5e2bcfe6ef0b4343a5b422e30152
2017-07-18 00:14:02 +02:00
libseccomp_policy \
libcrypto_utils: convert to Soong. Bug: http://b/30708454 Change-Id: Iaad64272ced766f87e67f2877e990afccc558065
2016-08-06 00:47:57 +02:00
libcrypto_utils \
Remove "_host" and "_static" suffix from libsparse definition. This now combines all the "libsparse" libraries into the same soong target. A minor side-effect of this change is that the libsparse static library depends on the libz shared library instead of the libz static library. This minor change has no effect since targets using the static libsparse library need to explicitly include either the static libz or the shared one. Bug: 34220783 Change-Id: I8f41586cf4c3336791cfa57ab4f5ae59a76d7ffa
2017-01-11 23:37:50 +01:00
libsparse \
Send property_service AVC messages to the kernel audit system The property service uses an SELinux userspace check to determine if a process is allowed to set a property. If the security check fails, a userspace SELinux denial is generated. Currently, these denials are only sent to dmesg. Instead of sending these denials to dmesg, send it to the kernel audit system. This will cause these userspace denials to be treated similarly to kernel generated denials (eg, logd will pick them up and process them). This will ensure that denials generated by the property service will show up in logcat / dmesg / event log. After this patch, running "setprop asdf asdf" from the unprivileged adb shell user will result in the following audit message: type=1107 audit(39582851.013:48): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=asdf pid=5537 uid=2000 gid=2000 scontext=u:r:shell:s0 tcontext=u:object_r:default_prop:s0 tclass=property_service' Test: manual Bug: 27878170 Change-Id: I0b8994888653501f2f315eaa63d9e2ba32d851ef
2017-01-03 17:37:54 +01:00
libprocessgroup \
Add libkeyutils. Also move init over to it. Bug: http://b/37991155 Test: builds+boots Change-Id: I5113a9d96a5ce0a0f3bad71134d6cc4f7b41a57e
2017-05-10 02:09:06 +02:00
libavb \
libkeyutils \
init: use protobuf for serialization of persistent properties I probably should have done this from the start... There's a shim to convert my manually serialized format to protobuf, and since that has not yet shipped, it'll be reverted in a short period of time. Test: init unit tests Test: upgrade from legacy and intermediate property formats successfully Change-Id: Iad25f6c30d0b44d294230a53dd6876222d1c785b
2017-09-16 00:44:04 +02:00
libprotobuf-cpp-lite \
Reland "Have property_service create a serialized property_contexts file" This reverts commit 9822f3c6cc5d85a462033cd545500bcc1c8b0927. Bug: 36001741 Change-Id: I27dd391fc06a3c78e88a65c7931c84de1699f157
2017-12-14 02:58:17 +01:00
libpropertyinfoserializer \
libpropertyinfoparser \
liblp: Allow building liblp as a shared library. Bug: 79173901 Test: system image, partition_tools both build Change-Id: I70f45d4cebfbddc39d03aa3fb3a56b6c48a20d7e
2018-07-28 01:05:31 +02:00
liblp \
Extend init and ueventd for SE Android. Add SE Android support for init and ueventd. init: - Load policy at boot. - Set the security context for service daemons and their sockets. - New built-in commands: setcon, setenforce, restorecon, setsebool. - New option for services: seclabel. ueventd: - Set the security context for device directories and nodes. Change-Id: I98ed752cde503c94d99dfa5b5a47e3c33db16aac
2012-01-13 14:48:47 +01:00
Build init with shared libraries recovery partition now supports shared librarys. Therefore, init can now be built as a dynamic executable both for normal and recovery modes. To save save in the recovery mode, not all libs are dynamically linked. Libs that are only used by init in the recovery mode are still statically linked. Note: init is still a static executable for legacy devices where system-as-root is not on, because the dynamic linker and shared libs which are in /system are not available when init starts. Bug: 63673171 Test: `adb reboot recovery; adb devices` shows the device ID Test: device boots to the UI in normal mode. Test: do that for both walleye (system-as-root) and bullhead (legacy ramdisk). Change-Id: I30c84ae6a8e507e507ad0bb71acad281316d9e90
2018-06-01 12:26:42 +02:00
shared_libs := \
libcutils \
libbase \
liblog \
libcrypto \
libdl \
libz \
libselinux is dynamically linked from init init is now dynamically linked to libselinux. This gives us about 100KB extra space, which is valuable in the recovery partition. Bug: 63673171 Test: m -j Test: adb reboot recovery Change-Id: I72c4f886cbbb9ce54f8221f05547f5b9f0e1adb0
2018-06-19 09:55:05 +02:00
libselinux \
Build init with shared libraries recovery partition now supports shared librarys. Therefore, init can now be built as a dynamic executable both for normal and recovery modes. To save save in the recovery mode, not all libs are dynamically linked. Libs that are only used by init in the recovery mode are still statically linked. Note: init is still a static executable for legacy devices where system-as-root is not on, because the dynamic linker and shared libs which are in /system are not available when init starts. Bug: 63673171 Test: `adb reboot recovery; adb devices` shows the device ID Test: device boots to the UI in normal mode. Test: do that for both walleye (system-as-root) and bullhead (legacy ramdisk). Change-Id: I30c84ae6a8e507e507ad0bb71acad281316d9e90
2018-06-01 12:26:42 +02:00
ifneq ($(BOARD_BUILD_SYSTEM_ROOT_IMAGE),true)
# init is static executable for non-system-as-root devices, because the dynamic linker
# and shared libs are not available before /system is mounted, but init has to run
# before the partition is mounted.
LOCAL_STATIC_LIBRARIES += $(shared_libs) libc++_static
LOCAL_FORCE_STATIC_EXECUTABLE := true
else
LOCAL_SHARED_LIBRARIES := $(shared_libs) libc++
endif
shared_libs :=
init: require e2fsdroid and mke2fs when building init init calls fs_mgr to format ext4 partitions. This requires e2fsdroid and mke2fs in /system/bin/ Bug: 35219933 Change-Id: Ia32fe438cd9b9332f8e18e0cbe7f61bd050adcb1 (cherry picked from commit 041f849548397803e2f458fd08d5e7b98909c8e4)
2017-07-06 20:43:45 +02:00
LOCAL_REQUIRED_MODULES := \
e2fsdroid \
mke2fs \
fastboot/fs_mgr/init: add sload_f2fs Change-Id: Iab1e4037cbb835aba97f941c8840b8971caf38e7 Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
2017-11-29 04:26:34 +01:00
sload_f2fs \
make_f2fs \
init: require e2fsdroid and mke2fs when building init init calls fs_mgr to format ext4 partitions. This requires e2fsdroid and mke2fs in /system/bin/ Bug: 35219933 Change-Id: Ia32fe438cd9b9332f8e18e0cbe7f61bd050adcb1 (cherry picked from commit 041f849548397803e2f458fd08d5e7b98909c8e4)
2017-07-06 20:43:45 +02:00
init: Add support for ambient capabilities. Ambient capabilities are inherited in a straightforward way across execve(2): " If you are nonroot but you have a capability, you can add it to pA. If you do so, your children get that capability in pA, pP, and pE. For example, you can set pA = CAP_NET_BIND_SERVICE, and your children can automatically bind low-numbered ports. " This will allow us to get rid of the special meaning for AID_NET_ADMIN and AID_NET_RAW, and if desired, to reduce the use of file capabilities (which grant capabilities to any process that can execute the file). An additional benefit of the latter is that a single .rc file can specify all properties for a service, without having to rely on a separate file for file capabilities. Ambient capabilities are supported starting with kernel 4.3 and have been backported to all Android common kernels back to 3.10. I chose to not use Minijail here (though I'm still using libcap) for two reasons: 1-The Minijail code is designed to work in situations where the process is holding any set of capabilities, so it's more complex. The situation when forking from init allows for simpler code. 2-The way Minijail is structured right now, we would not be able to make the required SELinux calls between UID/GID dropping and other priv dropping code. In the future, it will make sense to add some sort of "hook" to Minijail so that it can be used in situations where we want to do other operations between some of the privilege-dropping operations carried out by Minijail. Bug: 32438163 Test: Use sample service. Change-Id: I3226cc95769d1beacbae619cb6c6e6a5425890fb
2016-10-27 16:33:03 +02:00
# Create symlinks.
Use LOCAL_POST_INSTALL_CMD to simplify symlink creation. Change-Id: I67ad7248c26561d394e66901e90ef5814ec69fb3
2014-11-25 00:43:34 +01:00
LOCAL_POST_INSTALL_CMD := $(hide) mkdir -p $(TARGET_ROOT_OUT)/sbin; \
ln -sf ../init $(TARGET_ROOT_OUT)/sbin/ueventd; \
ln -sf ../init $(TARGET_ROOT_OUT)/sbin/watchdogd
ueventd: easier debug logging Move ueventd debug flag into the Android.mk. Boost klog level if event logging enabled. Change-Id: Iae48edbc43c487092c2424023576af29c76ff401
2014-03-07 00:07:42 +01:00
init: only use signed-integer-overflow sanitizer We've blown up twice in init due to the unsigned integer overflow sanitizer despite the overflows in question being both defined and intentional. Test: boot Change-Id: I08effe3202ac1367d858982ff5478b3a088bab37
2017-07-26 23:17:09 +02:00
LOCAL_SANITIZE := signed-integer-overflow
auto import from //depot/cupcake/@135843
2009-03-04 04:32:55 +01:00
include $(BUILD_EXECUTABLE)
Reference in a new issue Copy permalink