Don't use apexd when TARGET_FLATTEN_APEX == true
/system/apex/com.android.runtime is labeled as runtime_apex_dir and init is allowed to mount on it. When TARGET_FLATTEN_APEX is true (= ro.apex.updatable is unset or set to false), apexd is not used to activate the built-in flattened APEXes. Init simply bind-mounts /system/apex to /apex. However, there is a special case here. The runtime APEX is installed as either /system/apex/com.android.runtime.debug or /system/apex/com.android.runtime.release, whereas it should be activated on /apex/com.android.runtime - without the .debug or .release suffix. To handle that case, the build system creates an empty directory /system/apex/com.android.runtime and the .debug or .release directory is bind-mounted to the empty directory by init at runtime. Bug: 132413565 Test: marlin is bootable Change-Id: I3fde5ff831429723fecd1fa5c10e44f636a63f09
This commit is contained in:
parent
2c38836281
commit
99902a175b
6 changed files with 9 additions and 0 deletions
|
@ -136,6 +136,7 @@
|
|||
recovery_socket
|
||||
role_service
|
||||
runas_app
|
||||
runtime_apex_dir
|
||||
runtime_service
|
||||
secure_element
|
||||
secure_element_device
|
||||
|
|
|
@ -123,6 +123,7 @@
|
|||
recovery_socket
|
||||
role_service
|
||||
runas_app
|
||||
runtime_apex_dir
|
||||
runtime_service
|
||||
secure_element
|
||||
secure_element_device
|
||||
|
|
|
@ -114,6 +114,7 @@
|
|||
rss_hwm_reset_exec
|
||||
runas_app
|
||||
runas_app_tmpfs
|
||||
runtime_apex_dir
|
||||
runtime_service
|
||||
sdcard_block_device
|
||||
sensor_privacy_service
|
||||
|
|
|
@ -179,6 +179,7 @@
|
|||
# System files
|
||||
#
|
||||
/system(/.*)? u:object_r:system_file:s0
|
||||
/system/apex/com.android.runtime u:object_r:runtime_apex_dir:s0
|
||||
/system/lib(64)?(/.*)? u:object_r:system_lib_file:s0
|
||||
/system/lib(64)?/bootstrap(/.*)? u:object_r:system_bootstrap_lib_file:s0
|
||||
/system/bin/atrace u:object_r:atrace_exec:s0
|
||||
|
|
|
@ -172,6 +172,8 @@ type vendor_cgroup_desc_file, vendor_file_type, file_type;
|
|||
type task_profiles_file, system_file_type, file_type;
|
||||
# Vendor task profiles file under /vendor/etc/task_profiles.json
|
||||
type vendor_task_profiles_file, vendor_file_type, file_type;
|
||||
# Type for /system/apex/com.android.runtime
|
||||
type runtime_apex_dir, system_file_type, file_type;
|
||||
|
||||
# Default type for directories search for
|
||||
# HAL implementations
|
||||
|
|
|
@ -92,6 +92,9 @@ allow init device:dir mounton;
|
|||
# Mount tmpfs on /apex
|
||||
allow init apex_mnt_dir:dir mounton;
|
||||
|
||||
# Bind-mount on /system/apex/com.android.runtime
|
||||
allow init runtime_apex_dir:dir mounton;
|
||||
|
||||
# Create and remove symlinks in /.
|
||||
allow init rootfs:lnk_file { create unlink };
|
||||
|
||||
|
|
Loading…
Reference in a new issue