diff options
| author | Martijn Coenen <maco@google.com> | 2019-04-23 16:26:01 +0200 |
|---|---|---|
| committer | Martijn Coenen <maco@google.com> | 2019-04-26 11:54:19 +0200 |
| commit | f0bc58a42dff06213b60676c034b0d345e2b5344 (patch) | |
| tree | 74441d9e95e383c0d78c2d54b4d5c7116ebc7ec3 /rootdir | |
| parent | a04e48dbec87730af840b3df2b459c03b87479e8 (diff) | |
| download | system_core-f0bc58a42dff06213b60676c034b0d345e2b5344.tar.gz system_core-f0bc58a42dff06213b60676c034b0d345e2b5344.tar.bz2 system_core-f0bc58a42dff06213b60676c034b0d345e2b5344.zip | |
Support for stopping/starting post-data-mount class subsets.
On devices that use FDE and APEX at the same time, we need to bring up a
minimal framework to be able to mount the /data partition. During this
period, a tmpfs /data filesystem is created, which doesn't contain any
of the updated APEXEs. As a consequence, all those processes will be
using the APEXes from the /system partition.
This is obviously not desired, as APEXes in /system may be old and/or
contain security issues. Additionally, it would create a difference
between FBE and FDE devices at runtime.
Ideally, we restart all processes that have started after we created the
tmpfs /data. We can't (re)start based on class names alone, because some
classes (eg 'hal') contain services that are required to start apexd
itself and that shouldn't be killed (eg the graphics HAL).
To address this, keep track of which processes are started after /data
is mounted, with a new 'mark_post_data' keyword. Additionally, create
'class_reset_post_data', which resets all services in the class that
were created after the initial /data mount, and 'class_start_post_data',
which starts all services in the class that were started after /data was
mounted.
On a device with FBE, these keywords wouldn't be used; on a device with
FDE, we'd use them to bring down the right processes after the user has
entered the correct secret, and restart them.
Bug: 118485723
Test: manually verified process list
Change-Id: I16adb776dacf1dd1feeaff9e60639b99899905eb
Diffstat (limited to 'rootdir')
| -rw-r--r-- | rootdir/init.rc | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/rootdir/init.rc b/rootdir/init.rc index dfde53ccb..cb45c42f8 100644 --- a/rootdir/init.rc +++ b/rootdir/init.rc @@ -405,6 +405,8 @@ on late-fs class_start early_hal on post-fs-data + mark_post_data + # Start checkpoint before we touch data start vold exec - system system -- /system/bin/vdc checkpoint prepareCheckpoint @@ -753,9 +755,6 @@ on property:sys.init_log_level=* on charger class_start charger -on property:vold.decrypt=trigger_reset_main - class_reset main - on property:vold.decrypt=trigger_load_persist_props load_persist_props start logd @@ -773,6 +772,8 @@ on property:vold.decrypt=trigger_restart_min_framework on property:vold.decrypt=trigger_restart_framework # A/B update verifier that marks a successful boot. exec_start update_verifier + class_start_post_data hal + class_start_post_data core class_start main class_start late_start setprop service.bootanim.exit 0 @@ -781,6 +782,8 @@ on property:vold.decrypt=trigger_restart_framework on property:vold.decrypt=trigger_shutdown_framework class_reset late_start class_reset main + class_reset_post_data core + class_reset_post_data hal on property:sys.boot_completed=1 bootchart stop |