libselinux log messages usually end with a new line character. Android
log system does not require the new line character and will include the
character as-is in the log buffer.
This trimming was already implemented when the message is typed as
SELINUX_AVC (see SelinuxAvcLog). Move the truncation one level up so it
is occurring for all types of logs.
Test: boot & adb logcat & inspect SELinux logs
Change-Id: I360359c1b178ef24d555dd41f8d4a18b293a175c
Two threaded property controls were introduced in ag/21063815 to prevent
DOS for power controls. However, this causes deadlocks, so limit the
second thread to just sys.powerctl messages.
Bug: 273785601
Test: Boots, power messages work
Ignore-AOSP-First: Security fix
Change-Id: Ie27dc3b0cd9e2d28e94f2ad398c55ee27bc35835
Bazel's intermediates/inputs are symlinks in its execution root, unlike Soong.
e.g.
$ file $(readlink -f out/bazel/output/execroot/__main__/packages/modules/adb/apex/adbd.rc)
/usr/local/google/home/jingwen/aosp/master-with-phones/packages/modules/adb/apex/adbd.rc:
ASCII text
Test: presubmits
Change-Id: I3977a37ee989e07bee56abb019a21055b8cef567
Don't continue with a specific run if a service
is already dead.
Bug: 272618190
Test: init_kill_services_test
Change-Id: I1b1c0b4e87fd7a5200bd6e6e6af2eb9686d7367d
No longer installed on device, so we need to include
it as a static lib. This library was actually specified
as a dependency on vts_ibase_test in two places, so this
is the second CL doing the same thing but in another
project.
Fixes: 270497432
Test: readelf -d $ANDROID_BUILD_TOP/out/target/product/vsoc_x86_64/data/nativetest/vts_ibase_test/vts_ibase_test
no longer shows libhidl-gen-utils
Change-Id: Icf427085e3978906e82231c8faacb7bdbcbf4569
After introducing ro.boot.serialconsole=0, the console will no longer be
spawned, but a step was missed to disable the service to prevent
respawns.
Bug: 266982931
Bug: 223797063
Bug: 267428635
Change-Id: I12b159eaa1999781aec31c05ce431b55e2ba4017
Let the CheckShutdown() method clear the do_shutdown_ member instead of
clearing that member separately from calling CheckShutdown().
Bug: 266255006
Change-Id: Ifc1cff2be92a45db7f91be2fdb812930d2fd1ad5
Signed-off-by: Bart Van Assche <bvanassche@google.com>
The DebugRebootLogging() function was introduced to help with
root-causing b/150863651. Remove this function since this logging
functionality is no longer needed. Also remove the functions and methods
that are only used by DebugRebootLogging().
Change-Id: Ia150604c6cd70f42b13d655ba43b95445a55b6e2
Signed-off-by: Bart Van Assche <bvanassche@google.com>
Combine two if-statements. This change is fine because:
* The code between the two if-statements does not queue actions.
* If an action is queued from another thread then WakeMainInitThread()
is called after the action has been queued.
Bug: 266255006
Change-Id: Id4b9565ff4fdb3ee2a2bbca316c8c78e0f2d38dd
Signed-off-by: Bart Van Assche <bvanassche@google.com>
We could combine this with the existing log, but I
wouldn't want to make that appear later.
Ironically, adding this log to try to reduce logs.
Bug: 36785118
Test: :) adb logcat -d | grep "started service" | wc -l
131
Change-Id: I38f4e9740871aa256eef0c62e897038eb46871a5
Make the code that creates BuiltinArguments instances easier to read by
using initializer lists instead of constructor calls. Remove the
BuiltinArguments constructors.
Change-Id: I6cf215a81d298cf7e524e22fb75db820e0225c9a
Signed-off-by: Bart Van Assche <bvanassche@google.com>
For many years, services declaring "console" would only be started if the
console device specified by androidboot.console= was present under /dev.
However, they would also be started if the /dev/console node existed.
This fallback causes problems with newer GKI kernel images which now
hard-code "console=ttynull" via CONFIG_CMDLINE, which essentially means
/dev/console always exists, even though this console points nowhere.
It also causes problems on devices where the androidboot.console was not
the same as the kernel dmesg console ("console="), such as cuttlefish,
because those platforms could not simultaneously enable kernel logging
but disable the interactive serial console feature. The framework just
assumed both would be muxed on the same serial port. Cuttlefish had a
workaround, to use "androidboot.console=invalid" to avoid the fallback,
but this doesn't work on devices which still want to mux the kernel logs
and interactive serial console.
This change resolves the issue in a better way, by introducing a new
boolean property called "androidboot.serialconsole". Setting this to "0"
will disable the console services, regardless of whether the
/dev/console or /dev/${ro.boot.console} devices exist. Older kernels
and bootloaders don't need to set this and can rely on the old behavior
in init, but bootloaders booting newer kernels must set it to avoid the
"performance is impacted" message due to console services being started.
Bug: 266982931
Bug: 223797063
Bug: 267428635
Test: "launch_cvd" with "androidboot.console=invalid" removed;
See the "performance is impacted" message.
Test: "launch_cvd" with "androidboot.serialconsole=0";
The "performance is impacted" message is gone.
Change-Id: Iaad4d27ffe4df74ed49606d3cabe83483c350df4
There can be more than one fstab entry of system partition.
For example, the filesystem of one entry is ext4 and another is erofs.
system /system ext4 ro wait,slotselect,avb=vbmeta_system,logical,first_stage_mount,avb_keys=/avb/q-gsi.avbpubkey:/avb/r-gsi.avbpubkey:/avb/s-gsi.avbpubkey
system /system erofs ro wait,slotselect,avb=vbmeta_system,logical,first_stage_mount,avb_keys=/avb/q-gsi.avbpubkey:/avb/r-gsi.avbpubkey:/avb/s-gsi.avbpubkey
If both filesystems of system and system_ext paritions are erofs,
only the ext4 fstab entry will be returned by GetEntryForMountPoint,
and system_ext cann't be mounted.
So we need to return both of the fstab entries and try all of them.
Signed-off-by: Lianjun Huang <huanglianjun@xiaomi.com>
Change-Id: I407553d48b1749cd0554f057a6bfd38daa96fdcb
Signed-off-by: Lianjun Huang <huanglianjun@xiaomi.corp-partner.google.com>
Let the compiler verify that lock_ is held when any of the data members
are accessed.
Bug: 266255006
Change-Id: I71b341815d84ab530627d934ad4d4681b652b9d8
Signed-off-by: Bart Van Assche <bvanassche@google.com>
Let the compiler verify that shutdown_command_lock_ is held when
shutdown_command_ is accessed.
Bug: 266255006
Change-Id: Ibd05137ab65e20f247f35bbb2bb1865e05f51f41
Signed-off-by: Bart Van Assche <bvanassche@google.com>
Wait until strace has attached to the service instead of assuming that
it has attached after one second.
Change-Id: Ifb71fa2419563e1334d8500ea867ec92121395e0
Signed-off-by: Bart Van Assche <bvanassche@google.com>
Remove the ConvertToArgv() function. Do not cast the std::string::find()
result. Make the strace path absolute.
Change-Id: If329e91275c834ba375863e40901f6be07a5f347
Signed-off-by: Bart Van Assche <bvanassche@google.com>
Without root, Service::Start() fails due to lack of permissions.
Bug: 267559075
Test: run cts -m CtsInitTestCases -t init#GentleKill
atest init#GentleKill
Will skip under cts, pass under atest
Change-Id: I69e8be7000718bdba1c2acd9675b5645c0891afc
PropertyInit loads the build.prop files and set the system properties.
Set the SELinux log callback before that to show the avc denials for debugging.
Test: $ make init_system
Push this module and ensure system property set denials are shown during boot
Bug: 185920634
Bug: 211547922
Change-Id: If9f34d469d3da2ebdfe64bb611de85a3ca37e000
It is easy to dos the property_service socket, since it will wait for a
complete data packet from one command before moving on to the next one.
To prevent low privilege apps interfering with system and root apps,
add a second property_service socket that only they can use
Bug: 262237198
Test: Run POC in one shell, set properties as root and system in another
Ignore-AOSP-First: Security fix
Change-Id: I1d6fec833fc24352546bb90f770d3c4b675f5716
