diff options
author | Maciej Żenczykowski <maze@google.com> | 2020-06-24 03:26:00 +0000 |
---|---|---|
committer | Maciej Zenczykowski <maze@google.com> | 2020-06-24 03:26:12 +0000 |
commit | 20f74bc41aae49f5e82272ad6c39dfeb2dcc580e (patch) | |
tree | 1f0677c3f188df1a24b670b233f3d4538a762bcc | |
parent | 2d12844a4e2605886539d5011d94ae94b090c897 (diff) | |
download | platform_system_bpf-20f74bc41aae49f5e82272ad6c39dfeb2dcc580e.tar.gz platform_system_bpf-20f74bc41aae49f5e82272ad6c39dfeb2dcc580e.tar.bz2 platform_system_bpf-20f74bc41aae49f5e82272ad6c39dfeb2dcc580e.zip |
launch bpfloader earlier, and reboot the device on bpfloader failure
should eliminate netd crash loops due to boottime bpfloader failure
Test: built and booted on cuttlefish, atest of various net tests
Bug: 150040815
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Original-Change: https://android-review.googlesource.com/1344769
Merged-In: If11d491d78958ff18290e826011d2593f58d217d
Change-Id: If11d491d78958ff18290e826011d2593f58d217d
-rw-r--r-- | bpfloader/bpfloader.rc | 39 |
1 files changed, 30 insertions, 9 deletions
diff --git a/bpfloader/bpfloader.rc b/bpfloader/bpfloader.rc index 836ec63..fec7530 100644 --- a/bpfloader/bpfloader.rc +++ b/bpfloader/bpfloader.rc @@ -1,5 +1,31 @@ +# zygote-start is what officially starts netd (see //system/core/rootdir/init.rc) +# However, on some hardware it's started from post-fs-data as well, which is just +# a tad earlier. There's no benefit to that though, since on 4.9+ P+ devices netd +# will just block until bpfloader finishes and sets the bpf.progs_loaded property. +# +# It is important that we start bpfloader after: +# - /sys/fs/bpf is already mounted, +# - apex (incl. rollback) is initialized (so that in the future we can load bpf +# programs shipped as part of apex mainline modules) +# - system properties have been set, this is because isBpfSupported() calls +# getUncachedBpfSupportLevel() which depends on +# ro.kernel.ebpf.supported, ro.product.first_api_level & ro.build.version.sdk +# - logd is ready for us to log stuff +# +# At the same time we want to be as early as possible to reduce races and thus +# failures (before memory is fragmented, and cpu is busy running tons of other +# stuff) and we absolutely want to be before netd and the system boot slot is +# considered to have booted successfully. +# +on load_bpf_programs + # Enable the eBPF JIT -- but do note that on 64-bit kernels it is likely + # already force enabled by the kernel config option BPF_JIT_ALWAYS_ON + write /proc/sys/net/core/bpf_jit_enable 1 + # Enable JIT kallsyms export for privileged users only + write /proc/sys/net/core/bpf_jit_kallsyms 1 + exec_start bpfloader + service bpfloader /system/bin/bpfloader - class main capabilities CHOWN SYS_ADMIN # # Set RLIMIT_MEMLOCK to 1GiB for bpfloader @@ -31,11 +57,6 @@ service bpfloader /system/bin/bpfloader # rlimit memlock 1073741824 1073741824 oneshot - -# Need to make sure this runs *before* the bpfloader. -on early-init - # Enable the eBPF JIT -- but do note that it is likely already force enabled - # by the kernel config option BPF_JIT_ALWAYS_ON - write /proc/sys/net/core/bpf_jit_enable 1 - # Enable JIT kallsyms export for privileged users only - write /proc/sys/net/core/bpf_jit_kallsyms 1 + reboot_on_failure reboot,bpfloader-failed + # we're not really updatable, but want to be able to load bpf programs shipped in apexes + updatable |