Loading init/Android.bp +55 −0 Original line number Diff line number Diff line Loading @@ -194,4 +194,59 @@ cc_benchmark { static_libs: ["libinit"], } // Host Verifier // ------------------------------------------------------------------------------ genrule { name: "generated_stub_builtin_function_map", out: ["generated_stub_builtin_function_map.h"], srcs: ["builtins.cpp"], cmd: "sed -n '/Builtin-function-map start/{:a;n;/Builtin-function-map end/q;p;ba}' $(in) | sed -e 's/do_[^}]*/do_stub/g' > $(out)" } cc_binary { name: "host_init_verifier", host_supported: true, cpp_std: "experimental", cflags: [ "-Wall", "-Wextra", "-Wno-unused-parameter", "-Werror", ], static_libs: [ "libbase", "libselinux", ], whole_static_libs: ["libcap"], shared_libs: [ "libprotobuf-cpp-lite", "libhidl-gen-utils", "libprocessgroup", "liblog", "libcutils", ], srcs: [ "action.cpp", "action_manager.cpp", "action_parser.cpp", "capabilities.cpp", "descriptors.cpp", "import_parser.cpp", "host_init_parser.cpp", "host_init_stubs.cpp", "parser.cpp", "rlimit_parser.cpp", "tokenizer.cpp", "service.cpp", "subcontext.cpp", "subcontext.proto", "util.cpp", ], proto: { type: "lite", }, generated_headers: ["generated_stub_builtin_function_map"], } subdirs = ["*"] init/action.cpp +6 −1 Original line number Diff line number Diff line Loading @@ -18,11 +18,16 @@ #include <android-base/chrono_utils.h> #include <android-base/logging.h> #include <android-base/properties.h> #include <android-base/strings.h> #include "util.h" #if defined(__ANDROID__) #include <android-base/properties.h> #else #include "host_init_stubs.h" #endif using android::base::Join; namespace android { Loading init/action_parser.cpp +6 −1 Original line number Diff line number Diff line Loading @@ -16,11 +16,16 @@ #include "action_parser.h" #include <android-base/properties.h> #include <android-base/strings.h> #include "stable_properties.h" #if defined(__ANDROID__) #include <android-base/properties.h> #else #include "host_init_stubs.h" #endif using android::base::GetBoolProperty; using android::base::StartsWith; Loading init/builtins.cpp +4 −2 Original line number Diff line number Diff line Loading @@ -968,8 +968,8 @@ static Result<Success> do_wait_for_prop(const BuiltinArguments& args) { const char* value = args[2].c_str(); size_t value_len = strlen(value); if (!is_legal_property_name(name)) { return Error() << "is_legal_property_name(" << name << ") failed"; if (!IsLegalPropertyName(name)) { return Error() << "IsLegalPropertyName(" << name << ") failed"; } if (value_len >= PROP_VALUE_MAX) { return Error() << "value too long"; Loading Loading @@ -1018,6 +1018,7 @@ static Result<Success> do_init_user0(const BuiltinArguments& args) { {"exec", "/system/bin/vdc", "--wait", "cryptfs", "init_user0"}); } // Builtin-function-map start const BuiltinFunctionMap::Map& BuiltinFunctionMap::map() const { constexpr std::size_t kMax = std::numeric_limits<std::size_t>::max(); // clang-format off Loading Loading @@ -1075,6 +1076,7 @@ const BuiltinFunctionMap::Map& BuiltinFunctionMap::map() const { // clang-format on return builtin_functions; } // Builtin-function-map end } // namespace init } // namespace android init/capabilities.cpp +10 −1 Original line number Diff line number Diff line Loading @@ -14,7 +14,6 @@ #include "capabilities.h" #include <sys/capability.h> #include <sys/prctl.h> #include <map> Loading Loading @@ -72,10 +71,15 @@ static const std::map<std::string, int> cap_map = { static_assert(CAP_LAST_CAP == CAP_AUDIT_READ, "CAP_LAST_CAP is not CAP_AUDIT_READ"); static bool ComputeCapAmbientSupported() { #if defined(__ANDROID__) return prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_IS_SET, CAP_CHOWN, 0, 0) >= 0; #else return true; #endif } static unsigned int ComputeLastValidCap() { #if defined(__ANDROID__) // Android does not support kernels < 3.8. 'CAP_WAKE_ALARM' has been present since 3.0, see // http://lxr.free-electrons.com/source/include/linux/capability.h?v=3.0#L360. unsigned int last_valid_cap = CAP_WAKE_ALARM; Loading @@ -83,6 +87,9 @@ static unsigned int ComputeLastValidCap() { // |last_valid_cap| will be the first failing value. return last_valid_cap - 1; #else return CAP_LAST_CAP; #endif } static bool DropBoundingSet(const CapSet& to_keep) { Loading Loading @@ -139,6 +146,7 @@ static bool SetProcCaps(const CapSet& to_keep, bool add_setpcap) { } static bool SetAmbientCaps(const CapSet& to_raise) { #if defined(__ANDROID__) for (size_t cap = 0; cap < to_raise.size(); ++cap) { if (to_raise.test(cap)) { if (prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_RAISE, cap, 0, 0) != 0) { Loading @@ -147,6 +155,7 @@ static bool SetAmbientCaps(const CapSet& to_raise) { } } } #endif return true; } Loading Loading
init/Android.bp +55 −0 Original line number Diff line number Diff line Loading @@ -194,4 +194,59 @@ cc_benchmark { static_libs: ["libinit"], } // Host Verifier // ------------------------------------------------------------------------------ genrule { name: "generated_stub_builtin_function_map", out: ["generated_stub_builtin_function_map.h"], srcs: ["builtins.cpp"], cmd: "sed -n '/Builtin-function-map start/{:a;n;/Builtin-function-map end/q;p;ba}' $(in) | sed -e 's/do_[^}]*/do_stub/g' > $(out)" } cc_binary { name: "host_init_verifier", host_supported: true, cpp_std: "experimental", cflags: [ "-Wall", "-Wextra", "-Wno-unused-parameter", "-Werror", ], static_libs: [ "libbase", "libselinux", ], whole_static_libs: ["libcap"], shared_libs: [ "libprotobuf-cpp-lite", "libhidl-gen-utils", "libprocessgroup", "liblog", "libcutils", ], srcs: [ "action.cpp", "action_manager.cpp", "action_parser.cpp", "capabilities.cpp", "descriptors.cpp", "import_parser.cpp", "host_init_parser.cpp", "host_init_stubs.cpp", "parser.cpp", "rlimit_parser.cpp", "tokenizer.cpp", "service.cpp", "subcontext.cpp", "subcontext.proto", "util.cpp", ], proto: { type: "lite", }, generated_headers: ["generated_stub_builtin_function_map"], } subdirs = ["*"]
init/action.cpp +6 −1 Original line number Diff line number Diff line Loading @@ -18,11 +18,16 @@ #include <android-base/chrono_utils.h> #include <android-base/logging.h> #include <android-base/properties.h> #include <android-base/strings.h> #include "util.h" #if defined(__ANDROID__) #include <android-base/properties.h> #else #include "host_init_stubs.h" #endif using android::base::Join; namespace android { Loading
init/action_parser.cpp +6 −1 Original line number Diff line number Diff line Loading @@ -16,11 +16,16 @@ #include "action_parser.h" #include <android-base/properties.h> #include <android-base/strings.h> #include "stable_properties.h" #if defined(__ANDROID__) #include <android-base/properties.h> #else #include "host_init_stubs.h" #endif using android::base::GetBoolProperty; using android::base::StartsWith; Loading
init/builtins.cpp +4 −2 Original line number Diff line number Diff line Loading @@ -968,8 +968,8 @@ static Result<Success> do_wait_for_prop(const BuiltinArguments& args) { const char* value = args[2].c_str(); size_t value_len = strlen(value); if (!is_legal_property_name(name)) { return Error() << "is_legal_property_name(" << name << ") failed"; if (!IsLegalPropertyName(name)) { return Error() << "IsLegalPropertyName(" << name << ") failed"; } if (value_len >= PROP_VALUE_MAX) { return Error() << "value too long"; Loading Loading @@ -1018,6 +1018,7 @@ static Result<Success> do_init_user0(const BuiltinArguments& args) { {"exec", "/system/bin/vdc", "--wait", "cryptfs", "init_user0"}); } // Builtin-function-map start const BuiltinFunctionMap::Map& BuiltinFunctionMap::map() const { constexpr std::size_t kMax = std::numeric_limits<std::size_t>::max(); // clang-format off Loading Loading @@ -1075,6 +1076,7 @@ const BuiltinFunctionMap::Map& BuiltinFunctionMap::map() const { // clang-format on return builtin_functions; } // Builtin-function-map end } // namespace init } // namespace android
init/capabilities.cpp +10 −1 Original line number Diff line number Diff line Loading @@ -14,7 +14,6 @@ #include "capabilities.h" #include <sys/capability.h> #include <sys/prctl.h> #include <map> Loading Loading @@ -72,10 +71,15 @@ static const std::map<std::string, int> cap_map = { static_assert(CAP_LAST_CAP == CAP_AUDIT_READ, "CAP_LAST_CAP is not CAP_AUDIT_READ"); static bool ComputeCapAmbientSupported() { #if defined(__ANDROID__) return prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_IS_SET, CAP_CHOWN, 0, 0) >= 0; #else return true; #endif } static unsigned int ComputeLastValidCap() { #if defined(__ANDROID__) // Android does not support kernels < 3.8. 'CAP_WAKE_ALARM' has been present since 3.0, see // http://lxr.free-electrons.com/source/include/linux/capability.h?v=3.0#L360. unsigned int last_valid_cap = CAP_WAKE_ALARM; Loading @@ -83,6 +87,9 @@ static unsigned int ComputeLastValidCap() { // |last_valid_cap| will be the first failing value. return last_valid_cap - 1; #else return CAP_LAST_CAP; #endif } static bool DropBoundingSet(const CapSet& to_keep) { Loading Loading @@ -139,6 +146,7 @@ static bool SetProcCaps(const CapSet& to_keep, bool add_setpcap) { } static bool SetAmbientCaps(const CapSet& to_raise) { #if defined(__ANDROID__) for (size_t cap = 0; cap < to_raise.size(); ++cap) { if (to_raise.test(cap)) { if (prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_RAISE, cap, 0, 0) != 0) { Loading @@ -147,6 +155,7 @@ static bool SetAmbientCaps(const CapSet& to_raise) { } } } #endif return true; } Loading
