Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit ca8e66a8 authored by Nick Kralevich's avatar Nick Kralevich
Browse files

Make init handle reboots 

Move the responsibility for rebooting the system from the
reboot command to init. Init is in a better position to take
actions to bring the system down cleanly, including making sure
filesystems are mounted read-only.

The only UIDs which can perform an init triggered reboot are
root, system, and shell.

Modify the reboot command so that it calls into init to perform
the reboot. The reboot command no longer requires CAP_SYS_BOOT.

Remove the -n reboot option and code which supports it.  Anyone needing
to do an unclean shutdown can just do a 'echo c > /proc/sysrq-trigger'.

Modify adb so that it calls into init to perform a shutdown.

Bug: 8646621
Change-Id: I84c0513acb549720cb0e8c9fcbda0050f5c396f5
parent ba4ac0cc

adb/adb.c

+1 −19
Original line number Original line Diff line number Diff line
@@ -1199,9 +1199,8 @@ static void drop_capabilities_bounding_set_if_needed() { 
#endif

#endif

    int i;

    int i;

    for (i = 0; prctl(PR_CAPBSET_READ, i, 0, 0, 0) >= 0; i++) {

    for (i = 0; prctl(PR_CAPBSET_READ, i, 0, 0, 0) >= 0; i++) {

        if (i == CAP_SETUID || i == CAP_SETGID || i == CAP_SYS_BOOT) {

        if (i == CAP_SETUID || i == CAP_SETGID) {

            // CAP_SETUID CAP_SETGID needed by /system/bin/run-as

            // CAP_SETUID CAP_SETGID needed by /system/bin/run-as

            // CAP_SYS_BOOT          needed by /system/bin/reboot

            continue;

            continue;

        }

        }

        int err = prctl(PR_CAPBSET_DROP, i, 0, 0, 0);

        int err = prctl(PR_CAPBSET_DROP, i, 0, 0, 0);
@@ -1302,13 +1301,6 @@ int adb_main(int is_daemon, int server_port) 
    /* don't listen on a port (default 5037) if running in secure mode */

    /* don't listen on a port (default 5037) if running in secure mode */

    /* don't run as root if we are running in secure mode */

    /* don't run as root if we are running in secure mode */

    if (should_drop_privileges()) {

    if (should_drop_privileges()) {

        struct __user_cap_header_struct header;

        struct __user_cap_data_struct cap[2];



        if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) != 0) {

            exit(1);

        }



        drop_capabilities_bounding_set_if_needed();

        drop_capabilities_bounding_set_if_needed();





        /* add extra groups:

        /* add extra groups:
@@ -1338,16 +1330,6 @@ int adb_main(int is_daemon, int server_port) 
            exit(1);

            exit(1);

        }

        }





        memset(&header, 0, sizeof(header));

        memset(cap, 0, sizeof(cap));



        /* set CAP_SYS_BOOT capability, so "adb reboot" will succeed */

        header.version = _LINUX_CAPABILITY_VERSION_3;

        header.pid = 0;

        cap[CAP_TO_INDEX(CAP_SYS_BOOT)].effective |= CAP_TO_MASK(CAP_SYS_BOOT);

        cap[CAP_TO_INDEX(CAP_SYS_BOOT)].permitted |= CAP_TO_MASK(CAP_SYS_BOOT);

        capset(&header, cap);



        D("Local port disabled\n");

        D("Local port disabled\n");

    } else {

    } else {

        char local_name[30];

        char local_name[30];

adb/services.c

+11 −2
Original line number Original line Diff line number Diff line
@@ -165,6 +165,7 @@ void restart_usb_service(int fd, void *cookie) 
void reboot_service(int fd, void *arg)

void reboot_service(int fd, void *arg)

{

{

    char buf[100];

    char buf[100];

    char property_val[PROPERTY_VALUE_MAX];

    int pid, ret;

    int pid, ret;





    sync();

    sync();
@@ -182,11 +183,19 @@ void reboot_service(int fd, void *arg) 
        waitpid(pid, &ret, 0);

        waitpid(pid, &ret, 0);

    }

    }





    ret = android_reboot(ANDROID_RB_RESTART2, 0, (char *) arg);

    ret = snprintf(property_val, sizeof(property_val), "reboot,%s", (char *) arg);

    if (ret >= (int) sizeof(property_val)) {

        snprintf(buf, sizeof(buf), "reboot string too long. length=%d\n", ret);

        writex(fd, buf, strlen(buf));

        goto cleanup;

    }



    ret = property_set(ANDROID_RB_PROPERTY, property_val);

    if (ret < 0) {

    if (ret < 0) {

        snprintf(buf, sizeof(buf), "reboot failed: %s\n", strerror(errno));

        snprintf(buf, sizeof(buf), "reboot failed: %d\n", ret);

        writex(fd, buf, strlen(buf));

        writex(fd, buf, strlen(buf));

    }

    }

cleanup:

    free(arg);

    free(arg);

    adb_close(fd);

    adb_close(fd);

}

}

include/cutils/android_reboot.h

+2 −3
Original line number Original line Diff line number Diff line
@@ -24,9 +24,8 @@ __BEGIN_DECLS 
#define ANDROID_RB_POWEROFF 0xDEAD0002

#define ANDROID_RB_POWEROFF 0xDEAD0002

#define ANDROID_RB_RESTART2 0xDEAD0003

#define ANDROID_RB_RESTART2 0xDEAD0003





/* Flags */

/* Properties */

#define ANDROID_RB_FLAG_NO_SYNC       0x1

#define ANDROID_RB_PROPERTY "sys.powerctl"

#define ANDROID_RB_FLAG_NO_REMOUNT_RO 0x2





int android_reboot(int cmd, int flags, char *arg);

int android_reboot(int cmd, int flags, char *arg);

include/private/android_filesystem_config.h

+0 −1
Original line number Original line Diff line number Diff line
@@ -230,7 +230,6 @@ static const struct fs_path_config android_files[] = { 




    /* the following files have enhanced capabilities and ARE included in user builds. */

    /* the following files have enhanced capabilities and ARE included in user builds. */

    { 00750, AID_ROOT,      AID_SHELL,     (1 << CAP_SETUID) | (1 << CAP_SETGID), "system/bin/run-as" },

    { 00750, AID_ROOT,      AID_SHELL,     (1 << CAP_SETUID) | (1 << CAP_SETGID), "system/bin/run-as" },

    { 00750, AID_ROOT,      AID_SHELL,     1 << CAP_SYS_BOOT, "system/bin/reboot" },





    { 00755, AID_ROOT,      AID_SHELL,     0, "system/bin/*" },

    { 00755, AID_ROOT,      AID_SHELL,     0, "system/bin/*" },

    { 00755, AID_ROOT,      AID_ROOT,      0, "system/lib/valgrind/*" },

    { 00755, AID_ROOT,      AID_ROOT,      0, "system/lib/valgrind/*" },

init/builtins.c

+38 −0
Original line number Original line Diff line number Diff line
@@ -32,6 +32,7 @@ 
#include <sys/wait.h>

#include <sys/wait.h>

#include <linux/loop.h>

#include <linux/loop.h>

#include <cutils/partition_utils.h>

#include <cutils/partition_utils.h>

#include <cutils/android_reboot.h>

#include <sys/system_properties.h>

#include <sys/system_properties.h>

#include <fs_mgr.h>

#include <fs_mgr.h>
@@ -599,6 +600,43 @@ int do_restart(int nargs, char **args) 
    return 0;

    return 0;

}

}





int do_powerctl(int nargs, char **args)

{

    char command[PROP_VALUE_MAX];

    int res;

    int len = 0;

    int cmd = 0;

    char *reboot_target;



    res = expand_props(command, args[1], sizeof(command));

    if (res) {

        ERROR("powerctl: cannot expand '%s'\n", args[1]);

        return -EINVAL;

    }



    if (strncmp(command, "shutdown", 8) == 0) {

        cmd = ANDROID_RB_POWEROFF;

        len = 8;

    } else if (strncmp(command, "reboot", 6) == 0) {

        cmd = ANDROID_RB_RESTART2;

        len = 6;

    } else {

        ERROR("powerctl: unrecognized command '%s'\n", command);

        return -EINVAL;

    }



    if (command[len] == ',') {

        reboot_target = &command[len + 1];

    } else if (command[len] == '\0') {

        reboot_target = "";

    } else {

        ERROR("powerctl: unrecognized reboot target '%s'\n", &command[len]);

        return -EINVAL;

    }



    return android_reboot(cmd, 0, reboot_target);

}



int do_trigger(int nargs, char **args)

int do_trigger(int nargs, char **args)

{

{

    action_for_each_trigger(args[1], action_add_queue_tail);

    action_for_each_trigger(args[1], action_add_queue_tail);