init-debug.rc: don't mount debugfs

Motivation: 1. Reduce skew between userdebug and user builds. 2. Make the decision to mount debugfs on debug builds on a per-device basis. 3. Prepare to not mount it at all to reduce the attack surface of the kernel, reduce boot time, and free up memory. 4. Remove the selinux denial on devices that mount twice, i.e. unconditionally in the device specific .rc file and in the init-debug.rc file. avc: denied { mounton } for path="/sys/kernel/debug" dev="debugfs" ino=1 scontext=u:r:init:s0 tcontext=u:object_r:debugfs:s0 tclass=dir permissive=0 If desired, debugfs may be mounted in device specific rc files instead. Bug: 31856701 Bug: 35197529 Test: Build and boot Marlin. Selinux denial no longer observed. Change-Id: Ie0d954f77f7cf70ed2b94f67a57a6c9eba45ba8e
2017-03-14 17:35:31 -07:00 · 2017-03-14 17:35:31 -07:00 · 082807f3b4
commit 082807f3b4
parent e3aef3dd99
1 changed files with 0 additions and 3 deletions
--- a/rootdir/init-debug.rc
+++ b/rootdir/init-debug.rc
@ -6,6 +6,3 @@ on property:persist.mmc.max_write_speed=*

 on property:persist.mmc.cache_size=*
    write /sys/block/mmcblk0/cache_size ${persist.mmc.cache_size}
-
-on early-init
-    mount debugfs debugfs /sys/kernel/debug