Merge changes I138f3ace,I19f7fc51

* changes: init: V devices need to specify user init.usb.rc: specify user manually
2023-05-03 17:45:01 +00:00 · 2023-05-03 17:45:01 +00:00 · b8304d1502
commit b8304d1502
parent f9bdc146ff e5349196b2
3 changed files with 37 additions and 2 deletions
--- a/init/init_test.cpp
+++ b/init/init_test.cpp
@ -180,9 +180,11 @@ TEST(init, OverrideService) {
    std::string init_script = R"init(
 service A something
    class first
+    user nobody

 service A something
    class second
+    user nobody
    override

 )init";
@ -610,6 +612,31 @@ TEST(init, LazilyLoadedActionsCanBeTriggeredByTheNextTrigger) {
    EXPECT_EQ(2, num_executed);
 }

+TEST(init, RejectsNoUserStartingInV) {
+    std::string init_script =
+            R"init(
+service A something
+    class first
+)init";
+
+    TemporaryFile tf;
+    ASSERT_TRUE(tf.fd != -1);
+    ASSERT_TRUE(android::base::WriteStringToFd(init_script, tf.fd));
+
+    ServiceList service_list;
+    Parser parser;
+    parser.AddSectionParser("service",
+                            std::make_unique<ServiceParser>(&service_list, nullptr, std::nullopt));
+
+    ASSERT_TRUE(parser.ParseConfig(tf.path));
+
+    if (GetIntProperty("ro.vendor.api_level", 0) > __ANDROID_API_U__) {
+        ASSERT_EQ(1u, parser.parse_error_count());
+    } else {
+        ASSERT_EQ(0u, parser.parse_error_count());
+    }
+}
+
 TEST(init, RejectsCriticalAndOneshotService) {
    if (GetIntProperty("ro.product.first_api_level", 10000) < 30) {
        GTEST_SKIP() << "Test only valid for devices launching with R or later";
@ -619,6 +646,7 @@ TEST(init, RejectsCriticalAndOneshotService) {
            R"init(
 service A something
  class first
+  user root
  critical
  oneshot
 )init";
--- a/init/service_parser.cpp
+++ b/init/service_parser.cpp
@ -25,6 +25,7 @@

 #include <android-base/logging.h>
 #include <android-base/parseint.h>
+#include <android-base/properties.h>
 #include <android-base/strings.h>
 #include <hidl-util/FQName.h>
 #include <processgroup/processgroup.h>
@ -678,8 +679,13 @@ Result<void> ServiceParser::EndSection() {
    }

    if (service_->proc_attr_.parsed_uid == std::nullopt) {
-        LOG(WARNING) << "No user specified for service '" << service_->name()
-                     << "'. Defaults to root.";
+        if (android::base::GetIntProperty("ro.vendor.api_level", 0) > __ANDROID_API_U__) {
+            return Error() << "No user specified for service '" << service_->name()
+                           << "'. Defaults to root.";
+        } else {
+            LOG(WARNING) << "No user specified for service '" << service_->name()
+                         << "'. Defaults to root.";
+        }
    }

    if (interface_inheritance_hierarchy_) {
--- a/rootdir/init.usb.rc
+++ b/rootdir/init.usb.rc
@ -18,6 +18,7 @@ service adbd /system/bin/adbd --root_seclabel=u:r:su:s0
    disabled
    updatable
    seclabel u:r:adbd:s0
+    user root

 on property:vendor.sys.usb.adb.disabled=*
    setprop sys.usb.adb.disabled ${vendor.sys.usb.adb.disabled}