From 294ba38082a673c64651b393b0cf80979c6d26a4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arve=20Hj=C3=B8nnev=C3=A5g?= Date: Mon, 9 Oct 2023 16:03:13 -0700 Subject: [PATCH] trusty: rpmb_dev: Use socket from init and update init script Stop creating a socket on a persistent filesystem and use a socket created by init in /dev/socket/ instead. Many init script changes to make rpmb_dev.rc usable on cuttlefish. Test: Build and run aosp_cf_x86_64_phone_trusty_vm-trunk_staging-userdebug Bug: 309007107 Change-Id: Idc830211b3298d25bbb310dcb7489dd89fe5afc6 --- trusty/utils/rpmb_dev/Android.bp | 1 + trusty/utils/rpmb_dev/rpmb_dev.c | 27 ++++++++++++++----------- trusty/utils/rpmb_dev/rpmb_dev.rc | 33 ++++++++++++++++++------------- 3 files changed, 36 insertions(+), 25 deletions(-) diff --git a/trusty/utils/rpmb_dev/Android.bp b/trusty/utils/rpmb_dev/Android.bp index a2700876a..5e9caafee 100644 --- a/trusty/utils/rpmb_dev/Android.bp +++ b/trusty/utils/rpmb_dev/Android.bp @@ -24,6 +24,7 @@ cc_binary { ], shared_libs: [ "libc", + "libcutils", "liblog", "libcrypto", ], diff --git a/trusty/utils/rpmb_dev/rpmb_dev.c b/trusty/utils/rpmb_dev/rpmb_dev.c index 0a9e6a13f..cee3037de 100644 --- a/trusty/utils/rpmb_dev/rpmb_dev.c +++ b/trusty/utils/rpmb_dev/rpmb_dev.c @@ -19,6 +19,7 @@ #include "rpmb_protocol.h" #include +#include #include #include #include @@ -613,20 +614,24 @@ int main(int argc, char** argv) { return EXIT_FAILURE; } - cmdres_sock = socket(AF_UNIX, SOCK_STREAM, 0); + cmdres_sock = android_get_control_socket(socket_path); if (cmdres_sock < 0) { - ALOGE("rpmb_dev: Failed to create command/response socket: %s\n", strerror(errno)); - return EXIT_FAILURE; - } + ALOGW("android_get_control_socket(%s) failed, fall back to create it\n", socket_path); + cmdres_sock = socket(AF_UNIX, SOCK_STREAM, 0); + if (cmdres_sock < 0) { + ALOGE("rpmb_dev: Failed to create command/response socket: %s\n", strerror(errno)); + return EXIT_FAILURE; + } - cmdres_sockaddr.sun_family = AF_UNIX; - strncpy(cmdres_sockaddr.sun_path, socket_path, sizeof(cmdres_sockaddr.sun_path)); + cmdres_sockaddr.sun_family = AF_UNIX; + strncpy(cmdres_sockaddr.sun_path, socket_path, sizeof(cmdres_sockaddr.sun_path)); - ret = bind(cmdres_sock, (struct sockaddr*)&cmdres_sockaddr, sizeof(struct sockaddr_un)); - if (ret < 0) { - ALOGE("rpmb_dev: Failed to bind command/response socket: %s: %s\n", socket_path, - strerror(errno)); - return EXIT_FAILURE; + ret = bind(cmdres_sock, (struct sockaddr*)&cmdres_sockaddr, sizeof(struct sockaddr_un)); + if (ret < 0) { + ALOGE("rpmb_dev: Failed to bind command/response socket: %s: %s\n", socket_path, + strerror(errno)); + return EXIT_FAILURE; + } } ret = listen(cmdres_sock, 1); diff --git a/trusty/utils/rpmb_dev/rpmb_dev.rc b/trusty/utils/rpmb_dev/rpmb_dev.rc index 9e203b89c..33ec0f2c2 100644 --- a/trusty/utils/rpmb_dev/rpmb_dev.rc +++ b/trusty/utils/rpmb_dev/rpmb_dev.rc @@ -1,29 +1,34 @@ # RPMB Mock -on post-fs-data - mkdir /data/vendor/ss - chown root system /data/vendor/ss - chmod 0770 /data/vendor/ss - rm /data/vendor/ss/rpmb_sock - start rpmb_mock_init +on post-fs + mkdir /mnt/vendor/persist/ss 0770 root system + exec_start rpmb_mock_init start rpmb_mock +on post-fs-data + mkdir /data/vendor/ss 0770 root system + symlink /mnt/vendor/persist/ss /data/vendor/ss/persist + chown root system /data/vendor/ss/persist + chmod 0770 /data/vendor/ss/persist + # Storage proxy - start storageproxyd + restart storageproxyd -service storageproxyd /vendor/bin/storageproxyd -d /dev/trusty-ipc-dev0 \ - -r /data/vendor/ss/rpmb_sock -p /data/vendor/ss -t sock - class main - disabled - user root +service storageproxyd /vendor/bin/storageproxyd -d ${ro.hardware.trusty_ipc_dev:-/dev/trusty-ipc-dev0} \ + -r /dev/socket/rpmb_mock -p /data/vendor/ss -t sock + class early_hal + user system + group system -service rpmb_mock_init /vendor/bin/rpmb_dev --dev /data/vendor/ss/RPMB_DATA --init --size 2048 +service rpmb_mock_init /vendor/bin/rpmb_dev --dev /mnt/vendor/persist/ss/RPMB_DATA --init --size 2048 disabled user system group system oneshot -service rpmb_mock /vendor/bin/rpmb_dev --dev /data/vendor/ss/RPMB_DATA --sock /data/vendor/ss/rpmb_sock +service rpmb_mock /vendor/bin/rpmb_dev --dev /mnt/vendor/persist/ss/RPMB_DATA \ + --sock rpmb_mock class main disabled user system group system + socket rpmb_mock stream 660 system system