Commit graph

4087 commits

Author SHA1 Message Date
Thiébaud Weksteen
a2d51c9cad Merge "Remove SeamendcHostTest from TEST_MAPPING" into main am: 9fb6b49131 am: baced3df83 am: c12a550175 am: c41121c1f5 am: 72bfc28e8e
Original change: https://android-review.googlesource.com/c/platform/system/core/+/2735076

Change-Id: I7b44c43b9cd71effa13510e448196acc5b3a0c92
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-09-05 09:43:02 +00:00
Thiébaud Weksteen
9fb6b49131 Merge "Remove SeamendcHostTest from TEST_MAPPING" into main 2023-09-05 05:10:01 +00:00
Treehugger Robot
6bdf0a9789 Merge "Ignore 16K kernel modules when running on 4K kernel" into main am: a5c51c9cee am: 149bfa5bdf am: 28e80be0a0 am: a62be17708 am: 54b1f5d71a
Original change: https://android-review.googlesource.com/c/platform/system/core/+/2726056

Change-Id: I997218dc4ab7f4f28889b5426301f04e2fb5362d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-09-02 01:43:41 +00:00
Kelvin Zhang
dba385edda Ignore 16K kernel modules when running on 4K kernel
Test: th
Bug: 293313353
Change-Id: I02ea01c8e67b9ded164c7492eea3be0aead75de1
2023-09-01 09:55:35 -07:00
Thiébaud Weksteen
18ff56d8d7 Remove SeamendcHostTest from TEST_MAPPING
Bug: 297794885
Test: TH
Change-Id: I49c6caa575ccd570085de15ddf51ea9a71abe90f
2023-08-31 14:22:48 +10:00
Treehugger Robot
165514b757 Merge "Increase the number of service supplementary group" into main am: 89b4f96d50 am: 0b3c8ca0b2 am: 12534709d7 am: fa7b5ed0e8 am: e564787c53
Original change: https://android-review.googlesource.com/c/platform/system/core/+/2727414

Change-Id: I63f0186472f7e71e06c49d417accae2e2ecb832a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-08-25 12:54:00 +00:00
Yinchu Chen
3343ca2380 Increase the number of service supplementary group
OEM can add self-owned groups, but the system init cannot support if the group numbers are over than 12, relax some restrictions as appropriate.

Bug: b/296826987

Signed-off-by: Haichao Li <liuhc3@motorola.com>
Change-Id: I231d9f6c82e93c08bc97ca32df70e5b28760acbc
2023-08-25 04:24:48 +00:00
Treehugger Robot
ab708f1791 Merge "init: reset errno in do_start" into main am: 0508911496 am: 6011f614b4 am: 3698ced0a9 am: c815e16bd0 am: 1e32ba8037
Original change: https://android-review.googlesource.com/c/platform/system/core/+/2720693

Change-Id: I6f072ecbfc2c49df54e1c97f2d3b1664c49a15e3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-08-22 11:23:07 +00:00
Jooyung Han
8e917091d4 Merge "init: clean up DelayService()" into main am: fdbf5a5eac am: 30e996b9a4 am: 31f88e858a am: 4ff5fd38cc am: e8b1a33e9b
Original change: https://android-review.googlesource.com/c/platform/system/core/+/2719034

Change-Id: Iba057e17a66aafc68841743e00e7b27d901dcff9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-08-22 01:46:41 +00:00
Jooyung Han
d6b65fb307 init: reset errno in do_start
do_start() ignores ENOENT intentionally to avoid logspam. It's
implemented in ErrorIgnoreEnoent. However, without resetting errno,
ErrorIgnoreEnoent will ignore unrelated errors from Service::Start() due
to the sticking errono set from other commands.

Bug: 296821716
Test: launch_cvd
Change-Id: I71d3113bdb69bdca82e2ff4f3a793301749f6c08
2023-08-22 09:59:26 +09:00
Treehugger Robot
098408abd5 Merge "Load kernel modules from /lib/modules/uname -r_$(page_size) if present" into main am: d4e75d578b am: 41d7f15c4d am: 0b835794c3 am: aa4df415e2 am: 4941111fe1
Original change: https://android-review.googlesource.com/c/platform/system/core/+/2717339

Change-Id: Icec34b381dcffcb4c81405d6a2d48d02344ef9dc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-08-21 23:26:39 +00:00
Jooyung Han
fdbf5a5eac Merge "init: clean up DelayService()" into main 2023-08-21 22:52:01 +00:00
Jooyung Han
646e001bb5 init: clean up DelayService()
ServiceList's services_update_finished flag was overlapped with the
global flag: is_default_mount_namespace_ready. Now DelayService() relies
on the is_default_mount_namespace_ready flag.

Add a service description with 'updatable' flag and invoke 'start
<name>' in 'on init' block (which comes before APEX activation).
See the log for "Cannot start an updatable service".

Bug: 293535323
Test: see the comment
Change-Id: I9341ba1a95d9b3b7c6081b530850d61f105f0a56
2023-08-21 18:37:23 +09:00
Kelvin Zhang
d479afa037 Load kernel modules from /lib/modules/uname -r_$(page_size) if present
To support booting from both 4k/16k kernels, init need to tell which
kernel we are currently booting and load the right modules. To resolve
this issue, we store 16K modules into /lib/modules/`uname -r`_16k
directory.

Test: th
Bug: 293313353
Change-Id: I4a8296384537a71e16cd20e76e6c5dfb9074f574
2023-08-18 17:04:39 -07:00
Treehugger Robot
cb9c393606 Merge "Fix uninitialized var compiler warnings" into main am: d1e04d2123 am: 5dd9d64608 am: 80c8c7f404 am: 539d0b92e4 am: caf68ba391
Original change: https://android-review.googlesource.com/c/platform/system/core/+/2715844

Change-Id: Ie19f3236e37c6542ba303af020d6a2a308ff2877
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-08-18 02:11:47 +00:00
Kelvin Zhang
4b503b968c Fix uninitialized var compiler warnings
Test: th
Bug: 293313353
Change-Id: I87420a21a9c2ce1987179bf70767ea15b26cd5a5
2023-08-17 15:12:49 -07:00
Eric Biggers
6fb848e89d Merge "Avoid two SELinux related error messages at boot time" into main am: 87d6c8a1d5 am: 5236858bf8 am: db34b3e5e3 am: 212f1f06ac am: 301a1ecd68
Original change: https://android-review.googlesource.com/c/platform/system/core/+/2705761

Change-Id: I89ec6fec6e4e7b6075251bec5e962eeb600bf26d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-08-14 21:46:42 +00:00
Eric Biggers
87d6c8a1d5 Merge "Avoid two SELinux related error messages at boot time" into main 2023-08-14 17:33:15 +00:00
Jooyung Han
8531d97f70 Merge "Dedup apex-scanning" into main am: 5a2d8514de am: 00144f0aa2 am: 5f05732c8a am: 5b89d16aff am: 5bcce33843
Original change: https://android-review.googlesource.com/c/platform/system/core/+/2705093

Change-Id: I164baced1382ecdbee0075eb5c0f36a956a0fbc3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-08-14 12:24:08 +00:00
Eric Biggers
141c6a886c Avoid two SELinux related error messages at boot time
It is expected that /metadata/ota/rollback-indicator and /metadata/gsi
don't always exist, so don't call selinux_android_restorecon() on them
when they don't exist.  This eliminates the following error messages:

0     0 E selinux : SELinux: Could not get canonical path for /metadata/ota/rollback-indicator restorecon: No such file or directory.
0     0 E selinux : SELinux:  Could not stat /metadata/gsi: No such file or directory.

Test: Booted Cuttlefish and verified the error messages are gone
Change-Id: I94c998556c85adde5f11f134178219ba7880c2be
2023-08-11 21:12:16 +00:00
Treehugger Robot
84b330cd97 Merge changes from topic "read-bootstrap-apex" into main am: 236dbc30fc am: 35f325002c am: 67df2ad230 am: 4a072e07c5 am: cbc3ed0dc1
Original change: https://android-review.googlesource.com/c/platform/system/core/+/2702894

Change-Id: I510514aa99e88450ede8f643b40119e285ff5e20
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-08-11 08:18:07 +00:00
Jooyung Han
2982f09d57 Dedup apex-scanning
create_apex_data_dirs() now uses GetApexListFrom(dir) in
apex_init_util.cpp.

This is essentially a refactoring, but there are a few behavioral
changes, which I think make more sense.
- Emits no error when opendir(/apex) fails.
- Emits errors when mkdir fails for each apex.
- Does not abort `perform_apex_config` even though create_apex_data_dirs
  fails.

Bug: 293546778
Test: check /data/misc/apexdata/ after boot
Change-Id: I9d1a9710a6a626eec087c8c0fb1768667ffb036e
2023-08-11 14:14:37 +09:00
Jooyung Han
55ef3d6104 Skip bootstrap APEX RC files for the second round
Reading .rc files from bootstrap APEXes causes "double loading".
This works for services because init just ignores duplicates. But it
emits error logs, which can mislead even though there's no actual
errors. Besides, for actions, duplicates can cause a problem when
commands are not idempotent.

So, when loading RC files from APEXes for the second time, we'd better
skip those bootstrap APEXes.

Bug: 290148081
Test: VendorApexHostTestCases
Change-Id: Ia630dbd14046064b5e5c612c01ebacf57091c8d4
2023-08-11 10:02:08 +09:00
Jooyung Han
5c4217cf6e Read .rc files from bootstrap apexes
To start an early_hal service from a bootstrap vendor apex, init now
reads .rc files from bootstrap apexes as well.

In this change, perform_apex_config command is re-purposed to support
bootstrap mode. Now we have some similarity between two apexd calls:

- for bootstrap apexes (in the bootstrap mount namespace):

  exec_start apexd-bootstrap
  perform_apex_config --bootstrap

- for normal apexes (in the default mount namespace):

  restart apexd
  ...
  wait_for_prop apexd.status activated
  perform_apex_config

Note that some tasks in perform_apex_config are not needed in the
bootstrap.  For example, we don't need to create apexdata directories
for bootstrap apexes.

Bug: 290148081
Test: VendorApexHostTestCases
Change-Id: I8f683a4dcd7cd9a2466a4b1b417d84c025c37761
2023-08-10 15:40:06 +09:00
Jooyung Han
895e18b5a3 Merge "Use /bootstrap-apex for bootstrap APEXes" into main am: 370ee1bbda am: ef8229fb0b am: 468238cf48 am: 10f274258c am: 28e468a6dc
Original change: https://android-review.googlesource.com/c/platform/system/core/+/2700774

Change-Id: I70441af22849ceb9989b49807a2f748e2dcb3323
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-08-10 05:26:52 +00:00
Jooyung Han
566c65239f Use /bootstrap-apex for bootstrap APEXes
This new directory is bind-mounted to /apex in the bootstrap mount
namespace so that apexd-bootstrap mounts bootstrap APEXes there via
/apex.

The directory is shared between two mount namespaces, hence visible
in the default mount namespace.

Bug: 290148078
Test: VendorApexHostTestCases
Change-Id: I841480e41be8def5a4c6a4aa874c4e21465a71d3
2023-08-09 17:27:39 +09:00
Yi-Yo Chiang
d6a5db7545 Merge "init: Use libfs_mgr kernel cmdline parser" into main am: 63a3f34e4c am: 3cffba1bed am: 3224ee59b6 am: 456e3f8da7 am: 87a59dcfc8
Original change: https://android-review.googlesource.com/c/platform/system/core/+/2687407

Change-Id: Ia44430d1bf86f46b8af11a6a27dc682990e3d34f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-08-04 07:21:19 +00:00
Yi-Yo Chiang
420bdf2377 Merge "init: Unify kernel bootconfig parser with libfs_mgr" into main am: f2368d0744 am: 67e3e637a4 am: 710ae65506 am: 614b091ef4 am: 2336e5f06b
Original change: https://android-review.googlesource.com/c/platform/system/core/+/2682016

Change-Id: I01a0568bf9198c6007102829d4579ee42fc4441a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-08-03 11:58:24 +00:00
Yi-Yo Chiang
da5323e2d6 init: Use libfs_mgr kernel cmdline parser
Bug: 293695109
Test: CtsFsMgrTestCases
Change-Id: Ie2567d84cb80c392ad68aef0c438d8acc03a311e
2023-08-02 17:59:05 +08:00
Yi-Yo Chiang
79ad1e2e9b init: Unify kernel bootconfig parser with libfs_mgr
Right now there are two bootconfig parsers that gets linked into `init`.
One is from libinit itself and the other is from libfs_mgr.

The one in libinit removes all space characters between list elements,
so `key = "val1", "val2"` gets unquoted and squeezed into:
  `key=val1,val2`
The one in libfs_mgr doesn't remove spaces, it only unquotes:
  `key=val1, val2`

The libinit behavior is due to existing systems (such as sysprop)
expect the config value to be in the same format as kernel cmdline.
(aosp/1757971)
THe libfs_mgr behavior is due to the `androidboot.boot_device[s]`
format explicitly allows quoted comma appear in its list value, thus
relies on space, not comma, as the list value delimeter.

This commit merges the two parsers into libfs_mgr. Since all usages in
libfs_mgr besides `boot_device[s]` do not care about how list value are
delimited, and most usages in init expects the bootconfig value format
to be the same format as cmdline. We just special case the
`boot_device` scenario.

Also harden the test cases to cover all the different config value
format and expected result.

Note:
The format of kernel bootconfig is described here
https://docs.kernel.org/admin-guide/bootconfig.html

Bug: 293695109
Test: CtsFsMgrTestCases
Change-Id: I42b9bf626e8de38a60e8e09fac0693126b7efd91
2023-08-02 09:57:37 +00:00
Yi-Yo Chiang
0b30e34a04 Merge "init: Unify duplicated get_android_dt_dir with libfs_mgr" into main 2023-08-02 09:56:36 +00:00
Yi-Yo Chiang
ca52a5f2cb Merge "init: Unify duplicated get_android_dt_dir with libfs_mgr" into main 2023-08-02 08:35:08 +00:00
Jooyung Han
6c84b05a94 Merge "Revert "Use /bootstrap-apex for bootstrap APEXes"" into main am: deff223842 am: 2e438b3a5d am: 4c8b9529a5 am: 68c1dc5bd9 am: 25020cbaaf
Original change: https://android-review.googlesource.com/c/platform/system/core/+/2685548

Change-Id: If05a81daac01d12daf00dcdb6107eba28dc6e99a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-08-01 13:25:40 +00:00
Jooyung Han
deff223842 Merge "Revert "Use /bootstrap-apex for bootstrap APEXes"" into main 2023-08-01 10:44:45 +00:00
Yi-Yo Chiang
b8c23259b1 init: Unify duplicated get_android_dt_dir with libfs_mgr
init and libfs_mgr both defines get_android_dt_dir() with subtle
differences. Merge the two implementations into libfs_mgr to reduce code
duplication (in terms of source code and code gen)

Note:
init's implementation checks the kernel cmdline first and then the
kernel bootconfig, while libfs_mgr's order is the opposite.
Realistically I don't think this order matter much though. If any, we
should prioritize bootconfig over kernel cmdline most of the time.

Bug: 293695109
Test: Presubmit
Merged-In: Ic8d2c965c62f9e873ccdaf77d67c7708f25a7b56
Change-Id: Ic8d2c965c62f9e873ccdaf77d67c7708f25a7b56
2023-08-01 10:15:05 +00:00
Yi-Yo Chiang
f4b1d698b1 init: Unify duplicated get_android_dt_dir with libfs_mgr
init and libfs_mgr both defines get_android_dt_dir() with subtle
differences. Merge the two implementations into libfs_mgr to reduce code
duplication (in terms of source code and code gen)

Note:
init's implementation checks the kernel cmdline first and then the
kernel bootconfig, while libfs_mgr's order is the opposite.
Realistically I don't think this order matter much though. If any, we
should prioritize bootconfig over kernel cmdline most of the time.

Bug: 293695109
Test: Presubmit
Change-Id: Ic8d2c965c62f9e873ccdaf77d67c7708f25a7b56
(cherry picked from https://android-review.googlesource.com/q/commit:d7c67b40a9b6a5e72d54adf37da22238381182f7)
Ignore-AOSP-First: Fix merge conflict
2023-08-01 09:27:25 +00:00
Jooyung Han
840691be71 Revert "Use /bootstrap-apex for bootstrap APEXes"
Revert submission 2666915-share-bootstrap

Reason for revert: b/293949266 vold_prepare_subdirs fails to create apexdata directories.

Reverted changes: /q/submissionid:2666915-share-bootstrap

Change-Id: I3e97e8511755844de4b54f51ff20afc154bd8e74
2023-08-01 09:06:47 +00:00
Jooyung Han
e2c091a772 Merge "Use /bootstrap-apex for bootstrap APEXes" into main am: 58ba0b44c2 am: 6b0c2c3cc6 am: 3249f9ff35 am: b47809dd10 am: dd90936be1
Original change: https://android-review.googlesource.com/c/platform/system/core/+/2666915

Change-Id: I4eec4f989dad5dff76ee77f9da429ed469e313f7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-08-01 01:18:27 +00:00
Jooyung Han
389348d0e1 Merge "init: move MarkServicesUpdate later" into main am: e90d93ab6e am: ae91cd0dd6 am: 83a2197c80 am: 85d9528574 am: 27288f97f1
Original change: https://android-review.googlesource.com/c/platform/system/core/+/2680615

Change-Id: If75033d40151025d8db4e18dca0183afdecd8915
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-08-01 01:18:06 +00:00
Jooyung Han
58ba0b44c2 Merge "Use /bootstrap-apex for bootstrap APEXes" into main 2023-07-31 21:53:57 +00:00
Jooyung Han
201801ce8e Use /bootstrap-apex for bootstrap APEXes
This new directory is bind-mounted to /apex in the bootstrap mount
namespace so that apexd-bootstrap mounts bootstrap APEXes there via
/apex.

The directory is detached from /apex in the default mount namespace but
still visible in case bootstrap APEXes are needed.

However, there are (mostly, virtual) devices which don't need two mount
namespaces. Those devices don't need to make /bootstrap-apex directory
at all.

Bug: 290148078
Test: atest VendorApexHostTestCases
Test: atest MicrodroidTests
Change-Id: I541cec71d9970b14971d46e01e4808b23590dbed
2023-07-31 18:16:46 +09:00
Jooyung Han
5ffd88f26f init: move MarkServicesUpdate later
MarkServicesUpdate() starts delayed services which are mostly for
APEXes. (e.g. start a service from APEX). But before
"DefaultNamespaceReady", services are started in "bootstrap" mount
namespace, which makes services from non-bootstrap APEXes fail to start.

This is a quick fix for the problem before coming up with better
solution in the future.

Bug: 293535323
Test: add 'start adbd' before 'perform_apex_config' in init.rc
      adbd starts successfully.
Change-Id: I846689f7c38cdca83c1f7faec0106b8174527e09
2023-07-28 17:28:27 +09:00
Yi-Yo Chiang
9859eed09a Merge "init_first_stage: Disable ThinLTO" into main am: 6b57c885d3 am: fe0b2355fc am: 6e6b357d4e am: 01d9118143 am: 2518f622ca
Original change: https://android-review.googlesource.com/c/platform/system/core/+/2667055

Change-Id: Ic88795fb5a907e7f47b75d7a75f761e94d1999fb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-07-21 08:35:52 +00:00
Yi-Yo Chiang
6b57c885d3 Merge "init_first_stage: Disable ThinLTO" into main 2023-07-21 05:08:13 +00:00
Jakob Vukalović
58ce74c55d Merge "ueventd: Fix creation of VFIO dev nodes" into main am: 998c3b4fbe am: fcd6f0fb11 am: 1fae39537b am: a87a4a1c73 am: b4e0fbcef1
Original change: https://android-review.googlesource.com/c/platform/system/core/+/2664635

Change-Id: Ic2f51817a3f307b394e936f4cef7e702a076b042
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-07-20 12:24:37 +00:00
Yi-Yo Chiang
4d6fa8ccaf init_first_stage: Disable ThinLTO
Static executables + x86 target build + ThinLTO produces bug behavior.
Global variables are not constructor initialized, resulting in faulty
runtime behavior.

Bug: 169004486
Bug: 291033685
Test: Treehugger
Change-Id: I777016cceb4851f2b432a37bc4d29aed56c23804
2023-07-20 18:47:16 +08:00
Treehugger Robot
11e2ebbc53 Merge "Listen on property_service_for_system socket for powerctl messages" into main 2023-07-19 22:18:07 +00:00
Jakob Vukalovic
e377432924 ueventd: Fix creation of VFIO dev nodes
VFIO nodes, both the container (`vfio`) node and group (numbered)
nodes, should be located in `/dev/vfio`. This change prevents
ueventd from flattening that structure.

Test: Bind a device to VFIO driver to create a VFIO group
Change-Id: I635e9febe6bb52718df263e735479f361eacad4c
2023-07-19 10:03:10 +01:00
Paul Lawrence
689adfad37 Listen on property_service_for_system socket for powerctl messages
It is easy to dos the property_service socket, since it will wait for a
complete data packet from one command before moving on to the next one.

To prevent low privilege apps interfering with system and root apps,
add a second property_service socket that only they can use.

However, since writes to properties are not thread-safe, limit use of
this second socket to just sys.powerctl messages. These are the messages
that this security issue is concerned about, and they do not actually
write to the properties, rather they are acted upon immediately.

Bug: 262208935
Test: Builds, boots
Ignore-AOSP-First: Security fix
Change-Id: I32835de31bb42c91b6479051ddf4b26b5c0b163f
2023-07-18 08:48:52 -07:00
Eric Biggers
53ed745e3f init: avoid ERROR log due to missing SEPolicy.zip
One of the first ERROR messages in logcat of a normal boot of Cuttlefish
is from failure to open SEPolicy.zip.  This condition is expected.
Therefore don't try to load SEPolicy.zip when it doesn't exist.  This
replaces the following log messages:

0     0 I init    : Error: Apex SEPolicy failed signature check
0     0 I init    : Loading APEX Sepolicy from /system/etc/selinux/apex/SEPolicy.zip
0     0 E init    : Failed to open package /system/etc/selinux/apex/SEPolicy.zip: No such file or directory

... with just:

0     0 I init    : No APEX Sepolicy found

Change-Id: If3a77407c35130165df5782b9ef91912e8374dbf
2023-07-17 20:45:44 +00:00