diff options
Diffstat (limited to 'rootdir')
| -rw-r--r-- | rootdir/Android.mk | 10 | ||||
| -rw-r--r-- | rootdir/init.environ.rc.in | 1 | ||||
| -rw-r--r-- | rootdir/init.rc | 153 | ||||
| -rw-r--r-- | rootdir/init.zygote32.rc | 8 | ||||
| -rw-r--r-- | rootdir/init.zygote32_64.rc | 12 | ||||
| -rw-r--r-- | rootdir/init.zygote64.rc | 8 | ||||
| -rw-r--r-- | rootdir/init.zygote64_32.rc | 12 | ||||
| -rw-r--r-- | rootdir/ueventd.rc | 2 |
8 files changed, 145 insertions, 61 deletions
diff --git a/rootdir/Android.mk b/rootdir/Android.mk index 2c16084..aca08bf 100644 --- a/rootdir/Android.mk +++ b/rootdir/Android.mk @@ -30,9 +30,17 @@ LOCAL_POST_INSTALL_CMD := mkdir -p $(addprefix $(TARGET_ROOT_OUT)/, \ include $(BUILD_SYSTEM)/base_rules.mk -$(LOCAL_BUILT_MODULE): $(LOCAL_PATH)/init.environ.rc.in +# Regenerate init.environ.rc if PRODUCT_BOOTCLASSPATH has changed. +bcp_md5 := $(word 1, $(shell echo $(PRODUCT_BOOTCLASSPATH) | $(MD5SUM))) +bcp_dep := $(intermediates)/$(bcp_md5).bcp.dep +$(bcp_dep) : + $(hide) mkdir -p $(dir $@) && rm -rf $(dir $@)*.bcp.dep && touch $@ + +$(LOCAL_BUILT_MODULE): $(LOCAL_PATH)/init.environ.rc.in $(bcp_dep) @echo "Generate: $< -> $@" @mkdir -p $(dir $@) $(hide) sed -e 's?%BOOTCLASSPATH%?$(PRODUCT_BOOTCLASSPATH)?g' $< >$@ +bcp_md5 := +bcp_dep := ####################################### diff --git a/rootdir/init.environ.rc.in b/rootdir/init.environ.rc.in index 927c33d..1f964e3 100644 --- a/rootdir/init.environ.rc.in +++ b/rootdir/init.environ.rc.in @@ -9,3 +9,4 @@ on init export ASEC_MOUNTPOINT /mnt/asec export LOOP_MOUNTPOINT /mnt/obb export BOOTCLASSPATH %BOOTCLASSPATH% + export LD_PRELOAD libsigchain.so diff --git a/rootdir/init.rc b/rootdir/init.rc index 90c8187..b59e31f 100644 --- a/rootdir/init.rc +++ b/rootdir/init.rc @@ -7,6 +7,7 @@ import /init.environ.rc import /init.usb.rc import /init.${ro.hardware}.rc +import /init.${ro.zygote}.rc import /init.trace.rc on early-init @@ -25,29 +26,28 @@ on early-init start ueventd -# create mountpoints + # create mountpoints mkdir /mnt 0775 root system on init + sysclktz 0 -sysclktz 0 + loglevel 3 -loglevel 3 - -# Backward compatibility + # Backward compatibility symlink /system/etc /etc symlink /sys/kernel/debug /d -# Right now vendor lives on the same filesystem as system, -# but someday that may change. + # Right now vendor lives on the same filesystem as system, + # but someday that may change. symlink /system/vendor /vendor -# Create cgroup mount point for cpu accounting + # Create cgroup mount point for cpu accounting mkdir /acct mount cgroup none /acct cpuacct mkdir /acct/uid -# Create cgroup mount point for memory + # Create cgroup mount point for memory mount tmpfs none /sys/fs/cgroup mode=0750,uid=0,gid=1000 mkdir /sys/fs/cgroup/memory 0750 root system mount cgroup none /sys/fs/cgroup/memory memory @@ -101,13 +101,20 @@ loglevel 3 write /proc/sys/kernel/sched_child_runs_first 0 write /proc/sys/kernel/randomize_va_space 2 write /proc/sys/kernel/kptr_restrict 2 - write /proc/sys/kernel/dmesg_restrict 1 write /proc/sys/vm/mmap_min_addr 32768 write /proc/sys/net/ipv4/ping_group_range "0 2147483647" + write /proc/sys/net/unix/max_dgram_qlen 300 write /proc/sys/kernel/sched_rt_runtime_us 950000 write /proc/sys/kernel/sched_rt_period_us 1000000 -# Create cgroup mount points for process groups + # reflect fwmark from incoming packets onto generated replies + write /proc/sys/net/ipv4/fwmark_reflect 1 + write /proc/sys/net/ipv6/fwmark_reflect 1 + + # set fwmark on accepted sockets + write /proc/sys/net/ipv4/tcp_fwmark_accept 1 + + # Create cgroup mount points for process groups mkdir /dev/cpuctl mount cgroup none /dev/cpuctl cpu chown system system /dev/cpuctl @@ -132,25 +139,50 @@ loglevel 3 write /dev/cpuctl/apps/bg_non_interactive/cpu.rt_runtime_us 700000 write /dev/cpuctl/apps/bg_non_interactive/cpu.rt_period_us 1000000 -# qtaguid will limit access to specific data based on group memberships. -# net_bw_acct grants impersonation of socket owners. -# net_bw_stats grants access to other apps' detailed tagged-socket stats. + # qtaguid will limit access to specific data based on group memberships. + # net_bw_acct grants impersonation of socket owners. + # net_bw_stats grants access to other apps' detailed tagged-socket stats. chown root net_bw_acct /proc/net/xt_qtaguid/ctrl chown root net_bw_stats /proc/net/xt_qtaguid/stats -# Allow everybody to read the xt_qtaguid resource tracking misc dev. -# This is needed by any process that uses socket tagging. + # Allow everybody to read the xt_qtaguid resource tracking misc dev. + # This is needed by any process that uses socket tagging. chmod 0644 /dev/xt_qtaguid -# Create location for fs_mgr to store abbreviated output from filesystem -# checker programs. + # Create location for fs_mgr to store abbreviated output from filesystem + # checker programs. mkdir /dev/fscklogs 0770 root system -# pstore/ramoops previous console log + # pstore/ramoops previous console log mount pstore pstore /sys/fs/pstore chown system log /sys/fs/pstore/console-ramoops chmod 0440 /sys/fs/pstore/console-ramoops +# Healthd can trigger a full boot from charger mode by signaling this +# property when the power button is held. +on property:sys.boot_from_charger_mode=1 + class_stop charger + trigger late-init + +# Load properties from /system/ + /factory after fs mount. +on load_all_props_action + load_all_props + +# Mount filesystems and start core system services. +on late-init + trigger early-fs + trigger fs + trigger post-fs + trigger post-fs-data + + # Load properties from /system/ + /factory after fs mount. Place + # this in another action so that the load will be scheduled after the prior + # issued fs triggers have completed. + trigger load_all_props_action + + trigger early-boot + trigger boot + on post-fs # once everything is setup, no need to modify / mount rootfs rootfs / ro remount @@ -161,13 +193,11 @@ on post-fs chown system cache /cache chmod 0770 /cache # We restorecon /cache in case the cache partition has been reset. - restorecon /cache + restorecon_recursive /cache # This may have been created by the recovery system with odd permissions chown system cache /cache/recovery chmod 0770 /cache/recovery - # This may have been created by the recovery system with the wrong context. - restorecon /cache/recovery #change permissions on vmallocinfo so we can grab it from bugreports chown root log /proc/vmallocinfo @@ -184,6 +214,9 @@ on post-fs chown system log /proc/last_kmsg chmod 0440 /proc/last_kmsg + # make the selinux kernel policy world-readable + chmod 0444 /sys/fs/selinux/policy + # create the lost+found directories, so as to enforce our permissions mkdir /cache/lost+found 0770 root root @@ -220,26 +253,22 @@ on post-fs-data mkdir /data/misc/bluetooth 0770 system system mkdir /data/misc/keystore 0700 keystore keystore mkdir /data/misc/keychain 0771 system system + mkdir /data/misc/net 0750 root shell mkdir /data/misc/radio 0770 system radio mkdir /data/misc/sms 0770 system radio mkdir /data/misc/zoneinfo 0775 system system - restorecon_recursive /data/misc/zoneinfo mkdir /data/misc/vpn 0770 system vpn + mkdir /data/misc/shared_relro 0771 shared_relro shared_relro mkdir /data/misc/systemkeys 0700 system system mkdir /data/misc/wifi 0770 wifi wifi mkdir /data/misc/wifi/sockets 0770 wifi wifi - restorecon_recursive /data/misc/wifi/sockets mkdir /data/misc/wifi/wpa_supplicant 0770 wifi wifi mkdir /data/misc/dhcp 0770 dhcp dhcp + mkdir /data/misc/user 0771 root root # give system access to wpa_supplicant.conf for backup and restore chmod 0660 /data/misc/wifi/wpa_supplicant.conf mkdir /data/local 0751 root root mkdir /data/misc/media 0700 media media - restorecon_recursive /data/misc/media - - # Set security context of any pre-existing /data/misc/adb/adb_keys file. - restorecon /data/misc/adb - restorecon /data/misc/adb/adb_keys # For security reasons, /data/local/tmp should always be empty. # Do not place files or directories in /data/local/tmp @@ -250,11 +279,10 @@ on post-fs-data mkdir /data/app-lib 0771 system system mkdir /data/app 0771 system system mkdir /data/property 0700 root root - mkdir /data/ssh 0750 root shell - mkdir /data/ssh/empty 0700 root root # create dalvik-cache, so as to enforce our permissions mkdir /data/dalvik-cache 0771 system system + mkdir /data/dalvik-cache/profiles 0711 system system # create resource-cache and double-check the perms mkdir /data/resource-cache 0771 system system @@ -271,7 +299,6 @@ on post-fs-data # create directory for MediaDrm plug-ins - give drm the read/write access to # the following directory. mkdir /data/mediadrm 0770 mediadrm mediadrm - restorecon_recursive /data/mediadrm # symlink to bugreport storage location symlink /data/data/com.android.shell/files/bugreports /data/bugreports @@ -282,6 +309,9 @@ on post-fs-data # Reload policy from /data/security if present. setprop selinux.reload_policy 1 + # Set SELinux security contexts on upgrade or policy update. + restorecon_recursive /data + # If there is no fs-post-data action in the init.<device>.rc file, you # must uncomment this line, otherwise encrypted filesystems # won't work. @@ -289,17 +319,17 @@ on post-fs-data #setprop vold.post_fs_data_done 1 on boot -# basic network init + # basic network init ifup lo hostname localhost domainname localdomain -# set RLIMIT_NICE to allow priorities from 19 to -20 + # set RLIMIT_NICE to allow priorities from 19 to -20 setrlimit 13 40 40 -# Memory management. Basic kernel parameters, and allow the high -# level system server to be able to adjust the kernel OOM driver -# parameters to match how it is managing things. + # Memory management. Basic kernel parameters, and allow the high + # level system server to be able to adjust the kernel OOM driver + # parameters to match how it is managing things. write /proc/sys/vm/overcommit_memory 1 write /proc/sys/vm/min_free_order_shift 4 chown root system /sys/module/lowmemorykiller/parameters/adj @@ -375,22 +405,22 @@ on boot chown system system /sys/kernel/ipv4/tcp_rmem_max chown root radio /proc/cmdline -# Define TCP buffer sizes for various networks -# ReadMin, ReadInitial, ReadMax, WriteMin, WriteInitial, WriteMax, + # Define TCP buffer sizes for various networks + # ReadMin, ReadInitial, ReadMax, WriteMin, WriteInitial, WriteMax, setprop net.tcp.buffersize.default 4096,87380,110208,4096,16384,110208 setprop net.tcp.buffersize.wifi 524288,1048576,2097152,262144,524288,1048576 setprop net.tcp.buffersize.ethernet 524288,1048576,3145728,524288,1048576,2097152 setprop net.tcp.buffersize.lte 524288,1048576,2097152,262144,524288,1048576 - setprop net.tcp.buffersize.umts 4094,87380,110208,4096,16384,110208 - setprop net.tcp.buffersize.hspa 4094,87380,262144,4096,16384,262144 - setprop net.tcp.buffersize.hsupa 4094,87380,262144,4096,16384,262144 - setprop net.tcp.buffersize.hsdpa 4094,87380,262144,4096,16384,262144 - setprop net.tcp.buffersize.hspap 4094,87380,1220608,4096,16384,1220608 - setprop net.tcp.buffersize.edge 4093,26280,35040,4096,16384,35040 - setprop net.tcp.buffersize.gprs 4092,8760,11680,4096,8760,11680 + setprop net.tcp.buffersize.umts 58254,349525,1048576,58254,349525,1048576 + setprop net.tcp.buffersize.hspa 40778,244668,734003,16777,100663,301990 + setprop net.tcp.buffersize.hsupa 40778,244668,734003,16777,100663,301990 + setprop net.tcp.buffersize.hsdpa 61167,367002,1101005,8738,52429,262114 + setprop net.tcp.buffersize.hspap 122334,734003,2202010,32040,192239,576717 + setprop net.tcp.buffersize.edge 4093,26280,70800,4096,16384,70800 + setprop net.tcp.buffersize.gprs 4092,8760,48000,4096,8760,48000 setprop net.tcp.buffersize.evdo 4094,87380,262144,4096,16384,262144 -# Define default initial receive window size in segments. + # Define default initial receive window size in segments. setprop net.tcp.default_init_rwnd 60 class_start core @@ -399,6 +429,9 @@ on boot on nonencrypted class_start late_start +on property:sys.init_log_level=* + loglevel ${sys.init_log_level} + on charger class_start charger @@ -430,6 +463,7 @@ on property:sys.powerctl=* # So proxy writes through init. on property:sys.sysctl.extra_free_kbytes=* write /proc/sys/vm/extra_free_kbytes ${sys.sysctl.extra_free_kbytes} + # "tcp_default_init_rwnd" Is too long! on property:sys.sysctl.tcp_def_init_rwnd=* write /proc/sys/net/ipv4/tcp_default_init_rwnd ${sys.sysctl.tcp_def_init_rwnd} @@ -442,6 +476,13 @@ service ueventd /sbin/ueventd critical seclabel u:r:ueventd:s0 +service logd /system/bin/logd + class core + socket logd stream 0666 logd logd + socket logdr seqpacket 0666 logd logd + socket logdw dgram 0222 logd logd + seclabel u:r:logd:s0 + service healthd /sbin/healthd class core critical @@ -457,7 +498,7 @@ service console /system/bin/sh console disabled user shell - group log + group shell log seclabel u:r:shell:s0 on property:ro.debuggable=1 @@ -500,10 +541,14 @@ service netd /system/bin/netd socket netd stream 0660 root system socket dnsproxyd stream 0660 root inet socket mdns stream 0660 root system + socket fwmarkd stream 0660 root inet service debuggerd /system/bin/debuggerd class main +service debuggerd64 /system/bin/debuggerd64 + class main + service ril-daemon /system/bin/rild class main socket rild stream 660 root radio @@ -517,14 +562,6 @@ service surfaceflinger /system/bin/surfaceflinger group graphics drmrpc onrestart restart zygote -service zygote /system/bin/app_process -Xzygote /system/bin --zygote --start-system-server - class main - socket zygote stream 660 root system - onrestart write /sys/android_power/request_state wake - onrestart write /sys/power/state on - onrestart restart media - onrestart restart netd - service drm /system/bin/drmserver class main user drm @@ -578,10 +615,6 @@ service dumpstate /system/bin/dumpstate -s disabled oneshot -service sshd /system/bin/start-ssh - class main - disabled - service mdnsd /system/bin/mdnsd class main user mdnsr diff --git a/rootdir/init.zygote32.rc b/rootdir/init.zygote32.rc new file mode 100644 index 0000000..75961e6 --- /dev/null +++ b/rootdir/init.zygote32.rc @@ -0,0 +1,8 @@ +service zygote /system/bin/app_process -Xzygote /system/bin --zygote --start-system-server + class main + socket zygote stream 660 root system + onrestart write /sys/android_power/request_state wake + onrestart write /sys/power/state on + onrestart restart media + onrestart restart netd + diff --git a/rootdir/init.zygote32_64.rc b/rootdir/init.zygote32_64.rc new file mode 100644 index 0000000..68c0668 --- /dev/null +++ b/rootdir/init.zygote32_64.rc @@ -0,0 +1,12 @@ +service zygote /system/bin/app_process32 -Xzygote /system/bin --zygote --start-system-server --socket-name=zygote + class main + socket zygote stream 660 root system + onrestart write /sys/android_power/request_state wake + onrestart write /sys/power/state on + onrestart restart media + onrestart restart netd + +service zygote_secondary /system/bin/app_process64 -Xzygote /system/bin --zygote --socket-name=zygote_secondary + class main + socket zygote_secondary stream 660 root system + onrestart restart zygote diff --git a/rootdir/init.zygote64.rc b/rootdir/init.zygote64.rc new file mode 100644 index 0000000..afb6d63 --- /dev/null +++ b/rootdir/init.zygote64.rc @@ -0,0 +1,8 @@ +service zygote /system/bin/app_process64 -Xzygote /system/bin --zygote --start-system-server + class main + socket zygote stream 660 root system + onrestart write /sys/android_power/request_state wake + onrestart write /sys/power/state on + onrestart restart media + onrestart restart netd + diff --git a/rootdir/init.zygote64_32.rc b/rootdir/init.zygote64_32.rc new file mode 100644 index 0000000..979ab3b --- /dev/null +++ b/rootdir/init.zygote64_32.rc @@ -0,0 +1,12 @@ +service zygote /system/bin/app_process64 -Xzygote /system/bin --zygote --start-system-server --socket-name=zygote + class main + socket zygote stream 660 root system + onrestart write /sys/android_power/request_state wake + onrestart write /sys/power/state on + onrestart restart media + onrestart restart netd + +service zygote_secondary /system/bin/app_process32 -Xzygote /system/bin --zygote --socket-name=zygote_secondary + class main + socket zygote_secondary stream 660 root system + onrestart restart zygote diff --git a/rootdir/ueventd.rc b/rootdir/ueventd.rc index b8fe716..eff24c3 100644 --- a/rootdir/ueventd.rc +++ b/rootdir/ueventd.rc @@ -91,3 +91,5 @@ subsystem adf /sys/devices/virtual/input/input* enable 0660 root input /sys/devices/virtual/input/input* poll_delay 0660 root input /sys/devices/virtual/usb_composite/* enable 0664 root system +/sys/devices/system/cpu/cpu* cpufreq/scaling_max_freq 0664 system system +/sys/devices/system/cpu/cpu* cpufreq/scaling_min_freq 0664 system system |