Use a symlink to .clang-format-4 from the parent directory now that we
have it, instead of the custom .clang-format in this directory.
The changes between these files are,
Old:
ConstructorInitializerAllOnOneLineOrOnePerLine: false
TabWidth: 8
New:
ConstructorInitializerAllOnOneLineOrOnePerLine: true
TabWidth: 4
There is no reason to keep a custom .clang-format for these two
changes, and setting ConstructorInitializerAllOnOneLineOrOnePerLine to
true will be beneficial.
Test: Run clang-format and see that its output is sane
Change-Id: I5b357949eb02a60577cf57a783c0a80997b24e75
Fix two formatting issues in Action::DumpState(),
Old:
on ro.crypto.state=encrypted ro.crypto.type=file zygote-start
New:
on ro.crypto.state=encrypted && ro.crypto.type=file && zygote-start
Old:
on boot
%sifup lo
%shostname localhost
%sdomainname localdomain
%swrite /proc/sys/vm/overcommit_memory 1
New:
on boot
ifup lo
hostname localhost
domainname localdomain
write /proc/sys/vm/overcommit_memory 1
Also, now that we're importing many small rc files, it no longer makes
sense to call Parser::DumpState() after each import. Therefore, move
the conditional to call Parser::DumpState() to after /init.rc and its
imports are parsed and after the late imports are parsed.
Test: Boot bullhead with DumpState() enabled and check the output
Change-Id: I0b81305b8938aa1a7133d7dd2055f34f47609cf9
* changes:
init: replacing fs_mgr_read_fstab() with fs_mgr_read_fstab_default()
fs_mgr: support reading fstab file from /odm or /vendor partition
fs_mgr: add fs_mgr_read_fstab_with_dt() API
This change makes init's SELinux policy compilation step target the
highest SELinux policy language version supported by the kernel.
Prior to this change the version was simply hard-coded in init.
P. S. clang-format (part of presubmit for this change) is being
counter-productive trying to format the section with secilc
parameters. The resulting layout is harder to read. This commit thus
disables clang-format for this section of code and formats the code
for improved readability.
Test: Remove precompiled policy, device boots up, no new denials.
Added log statement to print out the policy version passed
into secilc -- it printed 30, as expected.
Bug: 31363362
Change-Id: I151017b5211712861bafb662525e794a44026dd2
The original default /fstab.{ro.hardware} might be moved to
/vendor/etc/. or /odm/etc/. Use the new API to get the default
fstab instead of using the hard-coded /fstab.{ro.hardware}.
Bug: 35811655
Test: boot marlin with /vendor/etc/fstab.marlin
Change-Id: I8a9c70eda7f68b174ec355910d0fa1eb18a46e21
Build file_contexts.bin on legacy builds.
Test: Marlin and Bullhead build and boot with no new denials.
Test: Marlin and Bullhead recovery boots with no new denials.
Test: Bullhead boots with file_contexts.bin in /
Test: Marlin boot with /system/etc/selinux/plat_file_contexts and
/vendor/etc/selinux/nonplat_file_contexts.
Bug: 36002414
Change-Id: I66f138fc3ad808df0480e0467cee03fd40177f31
NOTE: This change affects only devices which use SELinux kernel policy
split over system and vendor directories/partitions.
Prior to this change, init compiled sepolicy from *.cil files on every
boot, thus slowing boot down by about 400 ms. This change enables init
to skip the step compilation and thus avoid spending the 400 ms. The
skipping occurs only if the device's vendor partition includes an
acceptable precompiled policy file. If no acceptable policy is found,
the compilation step takes place same as before.
Because such devices support updating system and vendor partitions
independently of each other, the vendor partition's precompiled policy
is only used if it was compiled against the system partition's policy.
The exact mechanism is that both partitions include a file containing
the SHA-256 digest of the system partition's policy
(plat_sepolicy.cil) and the precompiled policy is considered usable
only if the two digests are identical.
Test: Device with monolithic policy boots up just fine
Test: Device with split policy and with matching precompiled policy
boots up just fine and getprop ro.boottime.init.selinux returns
a number below 100 ms. No "Compiling SELinux policy" message in
dmesg.
Test: Device with split policy and with non-matching precompiled
policy boots up just fine and getpropr ro.boottime.init.selinux
returns a number above 400 ms. There is a "Compiling SELinux
policy" message in dmesg. The non-matching policy was obtained
by adding an allow rule to system/sepolicy, building a new
system image using make systemimage and then flashing it onto
the device.
Bug: 31363362
Change-Id: Ic2e81a83051689b5cd5ef1299ba6aaa1b1df1bdc
This patch makes ueventd create by-name symlinks for virtual block
devices when Android is running as a Xen guest OS.
The symlinks will be created under /dev/block/vbd/. For example:
/dev/block/vbd/768/by-name/
Change-Id: Id45da560d13f641d7c8419511c154de9ae8a4ec9
Test: manual
Signed-off-by: Jeremy Compostella <jeremy.compostella@intel.com>
This makes init log stderr of secilc invoked to compile SELinux
policy. Having an explanation for why secilc failed is very useful for
debugging boot issues.
Test: Device with PRODUCT_FULL_TREBLE boots up just fine
Test: Modified init.cpp to reference non-existent .cil file on a device
with PRODUCT_FULL_TREBLE and confirmed that dmesg now contains the
error message from secilc saying that the file was not found.
Bug: 31363362
Change-Id: I6a3b3576daf0d6fd09e2c79bc43ae63850f44a00
- three properties: .early, .default, .late
- for tracking critical early boot times
bug: 35949600
Test: manual, getprop after boot
Change-Id: I851891518428e6e21cb43a2a6f982ab7db281d4c
The three CIL files comprising split sepolicy are being moved from the
root directory to system and vendor directories based on whether the
file is for platform/system policy or non-platform/vendor policy.
Test: Device boots, no additional SELinux denials. This test was run
for a device which has split policy and for a device which has
monolithic policy.
Bug: 31363362
Change-Id: Ica49f0beae56be0f1cea7117e48bf2f6af8b848b
This makes the build system include split SELinux policy (three CIL
files and the secilc compiler needed to compile them) if
PRODUCT_FULL_TREBLE is set to true. Otherwise, the monolitic SELinux
policy is included.
Split policy currently adds around 400 ms to boot time (measured on
marlin/sailfish and bullhead) because the policy needs to be compiled
during boot. This is the main reason why we include split policy only
on devices which require it.
Test: Device boots, no additional SELinux denials. This test is
performed on a device with PRODUCT_FULL_TREBLE set to true, and
on a device with PRODUCT_FULL_TREBLE set to false.
Test: Device with PRODUCT_FULL_TREBLE set to true contains secilc and
the three *.cil files, but does not contain the sepolicy file.
Device with PRODUCT_FULL_TREBLE set to false contains sepolicy
file but does not contain the secilc file or any *.cil files.
Bug: 31363362
Change-Id: I419aa35bad6efbc7f936bddbdc776de5633846fc
- for security reason, only notify ready state instead of
passing time info to hidl clients
Bug: 35178781
Bug: 34274385
Test: reboot
Change-Id: I2d64bd6da81139945bd0224079af9376f1d90da7
This modifies init's loading of SELinux policy into the kernel to
load the split (platform/system vs non-platform/vendor) policy if it's
present. If the split policy is not present, the usual monolithic
policy is loaded into the kernel, same as before.
Split policy is loaded by first compiling it from CIL form using
secilc compiler into the conventional monolithic/compiled form which
is then loaded into the kernel.
The build system has not yet been modified to place split policy onto
devices. Thus, this commit currently has no effect. For testing split
policy, build plat_sepolicy.cil, nonplat_sepolicy.cil, and
mapping_sepolicy.cil, and place them into the root directory of the
device.
The following tests were performed for a device with monolithic policy
and for the same device with split policy.
Test: Device boots, no new denials
Test: Play Movies plays back movies
Test: Load ip6.me im Chrome
Bug: 31363362
Change-Id: I9a75a48ac88f3392abc36669f91b0803e88cd147
We don't need early mount in recovery mode for security considerations,
e.g., users should explicitly select 'mount /system' from the recovery
menu. This CL checks the existence of file "/sbin/recovery" and skip
early mount when it is found.
Bug: 35853576
Test: early mount /vendor without dm-verity on sailfish
Test: early mount not happen in recovery mode on sailfish
Change-Id: I69cc96f6fd0de6ce493082921738a958dd571115
- allows components relying on persisted props to wait for this property.
bug: 35178781
Test: reboots
Change-Id: I06cbf2a6b375654fcc277a2699fceeb23846a241
Current early mount has some hard-coded paths that are not easy to extend
when we switch verified boot to AVB (external/avb/libavb). This CL uses some
C++ containers to replace those fixed paths.
Bug: 33254008
Test: early mount /vendor with dm-verity on sailfish
Test: early mount /vendor without dm-verity on sailfish
Test: early mount /vendor with dm-verity on bullhead
Change-Id: I32a22fe486d7649e33bb23c9018ddc0428df6069
Treblization requires to locate partner-specific modules in its own
partition. So their own init.rc file could be located in /odm or
/vendor.
This CL is to support those locations for the init.rc.
Additionally thic CL modified import parser to support importing a
relative path.
Test: building succeeded and tested on sailfish with enabling early
mount.
Bug: 35269867
Change-Id: I1bce924a32c8a2b53fb5d981d35d758cf9ddd9a6
With init parsing fstab fragments from kernel separately, the fs_mgr
would completely miss the device tree entries. That leads to things like
'adb remount' to go through without warning for verity even if /system
is verified. This happens because 'verity_update_state' completely
misses the partitions passed to android through the device tree.
solution is to teach fs_mgr about device tree fstab entries and add 2
new public APIs.
1. fs_mgr_read_fstab_dt() - reads device tree and returns fstab
generated from it.
2. fs_mgr_read_fstab_default() - reads both device tree fstab and
/fstab.{ro.hardware} and returns the combined table.
This also reduces the hardcoded /fstab.{ro.hardware} occurence only to
fs_mgr and for eveyone who wants to read the "default" fstab must be
changed to call fs_mgr_read_fstab_default() instead. e.g. adb.
b/27805372
Test: Angler was used since it has 2 early mounted partitions instead of
one. 1 verified and 1 unverified.
- Boot angler successfully without early mount
- Boot angler successfully with /vendor early mount and test if 'adb
remount' warns us about verity
- Boot angler successfully with both /system and /vendor early mounted
and ensure 'adb remount' warns us about verity.
- check partitions.system.verified status after /system early mount ot
ensure it is set to VERITY_MODE_DEFAULT.
- 'adb disable-verity' with early mounted /system doesn't work due to
missing changes in adb
TODO:
change adb to use the new fs_mgr_read_fstab_default() API
Change-Id: I82038d87c7a44488e938acce2cc1082c08f6f73a
Signed-off-by: Sandeep Patil <sspatil@google.com>
The clang static analyzer is complaining that we are not checking the
setegid() return value, so let's add these checks. We should never
fail to return to AID_ROOT, so fail hard in this case.
Bug: 26962034
Test: Boot bullhead
Test: export WITH_STATIC_ANALYZER=1 and run 'mm' in the project directory
Change-Id: I62e95b045c5734305c71502871b6cf17f152edbc
* changes:
fs_mgr: add a generic fs_mgr_get_boot_config internal API
init: early_mount: create device node for verity metadata partition
init: early_mount: disallow partitions to be verified at boot
init: early_mount: add support to mount verity enabled partitions early
fs_mgr: make fs_mgr_setup_verity public API
fs_mgr: fix the fs_mgr_setup_verity param name
init: refactor to allow successive device_init calls
fs_mgr: add fs_mgr_do_mount_one() API
Most devices pass the veritymode through 'androidboot.veritymode' kernel
cmdline partition. However, for those who don't, the verity state is
read from a different block device whose path it passed to "verify="
fs_mgr option in fstab.
This change add support for such a case if the partition that needs to
be mounted early requires this additional block device to load the
verity state from.
Note that, there can only be 1 partition to get the verity state
regardless of the number of partitions we enable verity for.
Bug: 27805372
Test: Test angler by removing the metdata argument in fstab when it
boots fine. Tested by adding the argument when it fails to boot as
veritymode gets set to EIO during early mount due to lack of access to
properties as expected.
TODO: fs_mgr must pull the veritymode from kernel cmdline or device tree
by itself
Change-Id: I9e62b8c1bf2c0ae0365677df697a0cbe9e5810c1
Signed-off-by: Sandeep Patil <sspatil@google.com>
While technically possible, the verification at boot basically will
block init for as long as the entire partition is read while nothing
else is running. Disallow that as this is not going to be used anywhere.
Bug: 27805372
Test: boot angler with verifyatboot fs_mgr option for early mounted
vendor partition. That resulted in a panic() as expected.
Change-Id: I9da5caa163cae8bce6dbfb630f0ed5605ea044a0
Signed-off-by: Sandeep Patil <sspatil@google.com>
support mounting partitions early regardless of their "verified" status.
uses the newly exported fs_mgr APIs to split verity setup and mount
operations.
b/27805372
Test:
Angler:
- Early mount /vendor without dm-verity
Sailfish:
- Early mount /vendor without dm-verity
- Early mount /vendor with dm-verity
TODO:
add support for metadata partition used in angler
to load dm-verity data
Change-Id: Ie2768d4d895c19d045293c573773ee7bb03fff99
Signed-off-by: Sandeep Patil <sspatil@google.com>
device_init opens the uevent socket and sehandle when called.
For early_mount however, depending on the fs_mgr flags we may call this
in order to run coldboot for device mapper, dm-verity devices etc.
So the change makes sure we don't try to re-open the uevent socket,
file context handle and selinux status on successive calls to
device_init from within the same process.
b/27805372
Test: Boot saifish successfully
Change-Id: Ifa0e665403211684183efb9be66e4e8d0d86a206
Signed-off-by: Sandeep Patil <sspatil@google.com>
Treble allows framework-only (system.img) OTA. To libavb statically
linked in init/fs_mgr cannot parse the AVB metadata of system.img, add
this property for the Treble OTA match process.
Bug: 35236019
Test: Normal boots, use 'adb shell getprop' to check the property is set.
Test: Recovery boots, press 'Mount system' and use 'adb shell getprop'
to check the property is set
Change-Id: I552be229c4efd45088d93252ac67176606f75d4d
* changes:
init: fstab: add support to read fstab entries from device tree
init: early_mount: add support to mount non-verity partitions early
init: remove the existing early_mount code
init: refactor: add support for doing early coldboot
ueventd: make selinux labeling optional for device creation
Use this for bootstat and init. This replaces the custom uptime parser in
bootstat.
This is a reland of aosp/332854 with a fix for Darwin.
Bug: 34352037
Test: chrono_utils_test
Change-Id: Ib2567d8df0e460ab59753ac1c053dd7f9f1008a7
for early mount, we need a way to tell init where to find vendor,
odm partitions (also system in case of non-A/B devices). Also, that
needs to be independent of kernel cmdline since the cmdline will likely
exceed its limit.
The change adds support for parse and create fstab entries that can be
directly sent to the fs_mgr for mounting partitions early in init first
stage.
Sample DT entry to mount vendor partition early on angler-
firmware {
android {
compatible = "android,firmware";
fstab {
compatible = "android,fstab";
vendor {
compatible = "android,vendor";
dev = "/dev/block/platform/soc.0/f9824900.sdhci/by-name/vendor";
type = "ext4";
mnt_flags = "ro,barrier=1,inode_readahead_blks=8";
fsmgr_flags = "wait";
};
};
};
};
b/27805372
Test: Boot angler and sailfish with early "vendor" partition mount by
adding aforementioned DT node and enable CONFIG_PROC_DEVICETREE in kernel
Change-Id: I669013e3fdb157e88719436534f63989dec95d60
Signed-off-by: Sandeep Patil <sspatil@google.com>
This is done by parsing 'androidboot.fstab=<fstab>' kernel cmdline
option to get the fstab file that *only* specifies partitions to be
mounted early (i.e. in init's first stage).
Note that, the same fstab file may not be used as an argument to
mount_all later in the boot as that will cause fs_mgr to fail with
EBUSY.
TODO:
- Possibly add a new mount_mode so the same fstab can be used for
early_mount, 'mount_all --early/--late' etc.
- Add support for dm-verity enabled partitions to mount early.
- Add support for getting fstab arguments through DT instead of kernel
cmdline.
Bug: 27805372
Test:
Boot angler by passing a seperate fstab file using the kernel
cmdline option to mount vendor partition early, remove the vendor
partition entry from the main fstab file for the test.
Boot sailfish by passing a seperate fstab entry via device tree
to mount vendor partition early. Remove vendor partition entry from
the main fstab file for the test
Change-Id: I18785b893c54c8cee960ab44d5e8f83e5d624aa8
Signed-off-by: Sandeep Patil <sspatil@google.com>
keeps parts of the code that are still needed for the fs_mgr
+ dt based implementation
b/27805372
Test: boot angler, sailfish without regressions
Change-Id: I1b08f8b7b4f2e67118d328443a5011c0f5ead919
Signed-off-by: Sandeep Patil <sspatil@google.com>
We don't want to spend time creating devices that are unncessesary
during early (init first-stage) mount. So, refactor the devices code
tha allows us to call into coldboot and has the
- ability to only create devices that are specified by the caller
- ability to stop coldboot cycle when all devices that the caller is
interested in
- ability to run coldboot for a specific syspath
- ability to run ueventd code unmodified
Test: Tested boot on angler, sailfish
Change-Id: Id8f3492380696760414eadc20d624d300c904f8e
Signed-off-by: Sandeep Patil <sspatil@google.com>
I find myself using something like this every time I add functionality
to init. I cannot possibly be the only one doing this. On the other
hand, if this hasn't been added for so long, maybe there's a reason
for that.
The advantage of using a test service versus modifying an existing
service is that the test service doesn't *require* any permissions or
privileges, so you can add and/or remove whatever you need to test
without breaking the service.
I found it useful to have the service check its own /proc/<pid>/status
from command-line arguments, so that's what the service does.
This CL also adds a .clang-format file for init.
Bug: None
Test: Service runs and exits successfully.
Change-Id: I3e7841a7283158e10c0bf55e0103c03902afb1f0
This is to setup a way for us to run coldboot during init first stage
and also at ueventd startup. We do not have all of the file context
during the first stage, so the "early" coldboot needs to proceed without
labelling the device nodes. However, the follow up in ueventd must label
these nodes. This change allows us to do both.
b/27805372
Test: Boot angler successfully and compare do before/after comparison of
the output of 'ls -AclpqRZ /dev' to ensure there are no differences.
Change-Id: I5e88bd7da8a1d2cc41e3abba30dda463ecbde32e
Signed-off-by: Sandeep Patil <sspatil@google.com>
While keeping the old /ueventd.$ro.hardware.rc configuration for devices
without early mount or vendor,odm split
b/34967636
Test: Boot angler and sailfish without regressions
Change-Id: I8d671911fd23fb1c0b5624ae209bad86137c88b7
Signed-off-by: Sandeep Patil <sspatil@google.com>
Add wait time log for exec service execution time
Fix memory leak when exec service failed to start
Test: on marlin
Bug: 34518530
Change-Id: I01736bd9b1429414f3dc91dd5d02d88a681f0985
This reverts commit db929bf9b7.
Seccomp is now inserted at the zygote level, not in init
Bug: 34710876
Test: Boots, seccomp policy in zygote & zygote64 but not init
Change-Id: I9075a79793171a4eaccf6228e9ff3398c791f8bd
Add syscalls required by sanitizers.
Bug: 34606909
Test: Make sure Android boots when built with SANITIZE_TARGET='address'
Change-Id: Ifa223fb663a4ff43c8b8df9b7bf9452e41079e2e
There are many use cases from vendors to exec service in background and then
use a shell scriprt to wait for the command done.
This CL is to add a wait_for_prop command to suppor those use cases.
Bug: 34746108
Test: on marlin
Change-Id: Ia81290b0928f9d375710d2daa546714f0cd65b72
Bug: 34813887
Bug: 34809883
Bug: 34767389
Bug: 34719286
Test: Device boots, the app in b/34719286 runs when it didn't before
Change-Id: Iad198e3ca620e7a07464b0d182f969bb807bd948
* Nanosecond precision ended up being harder to grok.
* This change modifies the Timer class to have duration_ms instead of
duration_ns.
Bug: 34466121
Test: adb logcat | grep bootstat
Change-Id: Ibd1c27dc3cb29d838a956e342281b2fb98d752a6
Bug: 33746484
Test: Successfully boot with original service and property contexts.
Test: Successfully boot with split serivce and property contexts.
Test: 'getprop -Z'
Change-Id: Ib9c087115040c1609aa64a3ed66d4e67e937e33d
Signed-off-by: Sandeep Patil <sspatil@google.com>
Used by 32-bit debuggers
Bug: 34716063
Test: Make sure a Chrome crash produces a valid stack trace in logcat
Change-Id: Ie42f035da7f19ace403eb2111524f02c0bbfd0d5
When handling a property control message to start a service, the
connection socket was being left open. The child socket FD would then be
inherited by the service from init as "/null".
Bug: 34698883
Test: adb shell start webview_zygote32; adb shell ls -l /proc/<pid>/fd,
no "/null" FD open.
Change-Id: I25f34e1bfc1414e6143acf23414b05f5a241cace
external/avb/libavb provides the new Android Verified Boot (AVB) flow.
It has different verity metadata format than previous formats in
fs_mgr_verity.cpp fs_mgr should support using libavb to read the metadata
(a.k.a. HASHTREE descriptor in AVB) to enable dm-verity in kernel.
Two important files in this commit:
- fs_mgr_avb_ops.c: an implementation of struct AvbOps* for libavb to do
platform dependent I/O operations, e.g., read_from_partition.
- fs_mgr_avb.cpp: it reads the metadata (a.k.a. vbmeta images in AVB) from
all partitions, verifies its integrity against the values of
androidboot.vbmeta.{hash_alg, size, digest} passed from bootloader in
kernel command line. Then enable dm-verity for partitions having the
corresponding HASHTREE descriptor and with an 'avb' fstab flag.
Bug: 31264231
Test: Enable dm-verity on /system partition
Test: Enable dm-verity with FEC on /system partition
Change-Id: I4652806984fe5a30c61be0839135b5ca78323d38
tkill and tgkill are syscalls that do not have glibc wrappers, but
they are required in order to send a signal to a specific thread.
Non-android software may call them directly with syscall(). Bionic
provides a wrapper for tgkill, so seccomp allows it, but not for
tkill. Add tkill to the whitelist.
This can be reproduced with:
sleep 1000 & sleep 1 ; strace -p $!
then hit ctrl-C, and the shell will print "Bad system call" because
the strace process died with SIGSYS
Bug: 34586922
Test: repro case is fixed
Change-Id: Ib6962a967f2cc757f2906de7905e75e1b6d6f39f
restart_syscall is used by the kernel whenever a syscall with a
timeout is interrupted. Whitelist it in seccomp to prevent
processes being killed with SIGSYS when being ptraced.
Bug: 34586922
Test: hwui_unit_tests
Change-Id: Ic47dcad33f3082eb5673c3c67fe17200d4daaf74
New protocol assumes that there is no limit on name or value
and effectively removed limit on property name length.
It also send back a uint32_t with error code (or 0 on success)
Bug: http://b/33926793
Test: mm, boot, run bionic-unit-tests --gtest_filter=prop*
Change-Id: Iac6290398ddc495e03f8fbbc3a79e923eff5df6f
Also ensure that it uses the highest supported value, and
abort if the value is not above a minimum threshold.
Test: Tested against the curent kernel (maximum value of 2,
set to 0 by the kernel initially) and against a
modified kernel (maximum value of 4, set to 4 by the
kernel initially)
Bug: 30368199
Change-Id: I608db577258b68b390ffe96f452e1f7c0bc9ad8a
The following files will be loaded additionally.
- /odm/default.prop and /vendor/default.prop for default props.
- /odm/build.prop for build props.
The props files must follow the following priority order.
- /default.prop > /odm/default.prop > /vendor/default.prop
- /system/build.prop > /odm/build.prop > /vendor/buid.prop
Test: tested default/build prop files with enabling early mount, but
didn't test files of odm partition because odm partition doesn't
exist now.
Bug: 34116668
Change-Id: I946d076dae38f2288865dd986fb16d801d4abcc0
SoC vendors and ODMs need a way to run different init scripts under
different boot modes. This patch adds a new ro.boot.init_rc kernel
cmdline argument to support this.
Bug: 26639863
Test: Tested on bullhead with androidboot.init_rc given a
non-existent .rc file which leads to expected boot failures.
Boot succeeds if androidboot.init_rc is not specified.
Change-Id: I2bca1cc3de6720feced041fe87266fb8afcce8b0
This now combines all the "libsparse" libraries into the same soong
target. A minor side-effect of this change is that the libsparse
static library depends on the libz shared library instead of the libz
static library. This minor change has no effect since targets using
the static libsparse library need to explicitly include either the
static libz or the shared one.
Bug: 34220783
Change-Id: I8f41586cf4c3336791cfa57ab4f5ae59a76d7ffa
SoC vendors and ODMs need a way to run different init scripts under
different boot modes. This patch adds a new ro.boot.init_rc kernel
cmdline argument to support this.
This patch also changes late-init trigger. Now late-init is only
triggered in "normal" boot (where boot mode is not specified). This is
to make AOSP init.rc re-usable in other boot modes as the operations
in late-init are less common.
Bug: 26639863
Test: Tested on bullhead with
androidboot.init_rc = {non-existent .rc file}
and/or
androidboot.init_rc = {none empty string}
both of which lead to expected boot failures.
Boot succeeds if androidboot.init_rc is not specified.
Change-Id: Ie5f08c3914f2f825ad3c401fde6741459668c523
Test: Ran script to test performance - https://b.corp.google.com/issues/32313202#comment3
Saw no significant regression with this change on or off
Removed chroot from SYSCALLS.TXT - chroot blocked
Boot time appears reasonable
Device boots with no SECCOMP blockings
Measured per syscall time of 100ns
Empirically counted <100,000 syscalls a second under heavy load
Bug: 32313202
Change-Id: Icfcfbcb72b2de1b38f1ad6a82e8ece3bd1c9e7ec
