1# Copyright (C) 2021 The Android Open Source Project
2#
3# init.rc for microdroid. This contains a minimal script plus basic service definitions (e.g. apexd)
4# needed for microdroid to run.
5# TODO(b/179340780): support APEX init scripts
6#
7# IMPORTANT: Do not create world writable files or directories.
8# This is a common source of Android security bugs.
9#
10
11import /init.environ.rc
12
13# Cgroups are mounted right before early-init using list from /etc/cgroups.json
14on early-init
15    # Android doesn't need kernel module autoloading, and it causes SELinux
16    # denials.  So disable it by setting modprobe to the empty string.  Note: to
17    # explicitly set a sysctl to an empty string, a trailing newline is needed.
18    write /proc/sys/kernel/modprobe \n
19
20    # set RLIMIT_NICE to allow priorities from 19 to -20
21    setrlimit nice 40 40
22
23    start ueventd
24
25    # Generate empty linker config to suppress warnings
26    write /linkerconfig/ld.config.txt \#
27    chmod 644 /linkerconfig/ld.config.txt
28
29    # Applies debug policy to decide whether to enable adb, adb root, and logcat.
30    # We don't directly exec the binary to specify stdio_to_kmsg.
31    exec_start init_debug_policy
32
33    # Wait for ueventd to have finished cold boot.
34    # This is needed by prng-seeder (at least).
35    # (In Android this happens inside apexd-bootstrap.)
36    wait_for_prop ro.cold_boot_done true
37
38on init
39    mkdir /mnt/apk 0755 root root
40    mkdir /mnt/extra-apk 0755 root root
41
42    # Allow the payload access to the console (default is 0600)
43    chmod 0666 /dev/console
44
45    # Microdroid_manager starts apkdmverity/zipfuse/apexd
46    start microdroid_manager
47
48    # Wait for apexd to finish activating APEXes before starting more processes.
49    # Microdroid starts apexd in VM mode in which apexd doesn't wait for init after setting
50    # apexd.status to activated, but immediately transitions to ready. Therefore, it's not safe to
51    # wait for the activated status, by the time this line is reached it may be already be ready.
52    wait_for_prop apexd.status ready
53    perform_apex_config
54
55    # Notify to microdroid_manager that perform_apex_config is done.
56    # Microdroid_manager shouldn't execute payload before this, because app
57    # payloads are not designed to run with bootstrap bionic
58    setprop apex_config.done true
59
60on property:microdroid_manager.init_done=1
61    # Stop ueventd to save memory
62    stop ueventd
63
64on init && property:ro.boot.microdroid.debuggable=1
65    # Mount tracefs (with GID=AID_READTRACEFS)
66    mount tracefs tracefs /sys/kernel/tracing gid=3012
67
68on property:init_debug_policy.adbd.enabled=1
69    start adbd
70
71# Mount filesystems and start core system services.
72on late-init
73    trigger early-fs
74
75    # Mount fstab in init.{$device}.rc by mount_all command. Optional parameter
76    # '--early' can be specified to skip entries with 'latemount'.
77    # /system and /vendor must be mounted by the end of the fs stage,
78    # while /data is optional.
79    trigger fs
80    trigger post-fs
81
82    # Mount fstab in init.{$device}.rc by mount_all with '--late' parameter
83    # to only mount entries with 'latemount'. This is needed if '--early' is
84    # specified in the previous mount_all command on the fs stage.
85    # With /system mounted and properties form /system + /factory available,
86    # some services can be started.
87    trigger late-fs
88
89    # Wait for microdroid_manager to finish setting up sysprops from the payload config.
90    # Some further actions in the boot sequence might depend on the sysprops from the payloag,
91    # e.g. microdroid.config.enable_authfs configures whether to run authfs_service after
92    # /data is mounted.
93    wait_for_prop microdroid_manager.config_done 1
94
95    trigger post-fs-data
96
97    trigger early-boot
98    trigger boot
99
100on post-fs
101    # Once everything is setup, no need to modify /.
102    # The bind+remount combination allows this to work in containers.
103    mount rootfs rootfs / remount bind ro nodev
104
105    # TODO(b/185767624): change the hard-coded size?
106    mount tmpfs tmpfs /data noatime nosuid nodev noexec rw size=128M
107
108    # We chown/chmod /data again so because mount is run as root + defaults
109    chown system system /data
110    chmod 0771 /data
111
112    # We restorecon /data in case the userdata partition has been reset.
113    restorecon /data
114
115    # set up misc directory structure first so that we can end early boot
116    # and start apexd
117    mkdir /data/misc 01771 system misc
118    # work around b/183668221
119    restorecon /data/misc
120
121    mkdir /data/misc/authfs 0700 root root
122
123on late-fs && property:ro.debuggable=1
124    # Ensure that tracefs has the correct permissions.
125    # This does not work correctly if it is called in post-fs.
126    chmod 0755 /sys/kernel/tracing
127    chmod 0755 /sys/kernel/debug/tracing
128
129on post-fs-data
130    mark_post_data
131
132    mkdir /data/vendor 0771 root root
133    mkdir /data/vendor_ce 0771 root root
134    mkdir /data/vendor_de 0771 root root
135    mkdir /data/vendor/hardware 0771 root root
136
137    # For security reasons, /data/local/tmp should always be empty.
138    # Do not place files or directories in /data/local/tmp
139    mkdir /data/local 0751 root root
140    mkdir /data/local/tmp 0771 shell shell
141
142on post-fs-data && property:microdroid_manager.authfs.enabled=1
143    start authfs_service
144
145on boot
146    # Mark boot completed. This will notify microdroid_manager to run payload.
147    setprop dev.bootcomplete 1
148
149service apexd-vm /system/bin/apexd --vm
150    user root
151    group system
152    oneshot
153    disabled
154    capabilities CHOWN DAC_OVERRIDE DAC_READ_SEARCH FOWNER SYS_ADMIN
155
156service ueventd /system/bin/ueventd
157    user root
158    group root
159    class core
160    critical
161    seclabel u:r:ueventd:s0
162    capabilities CHOWN DAC_OVERRIDE DAC_READ_SEARCH FOWNER FSETID MKNOD NET_ADMIN SETGID SETUID SYS_MODULE SYS_RAWIO SYS_ADMIN
163
164service console /system/bin/sh
165    class core
166    console
167    disabled
168    user shell
169    group shell log readproc
170    seclabel u:r:shell:s0
171    setenv HOSTNAME console
172
173service init_debug_policy /system/bin/init_debug_policy
174    user root
175    oneshot
176    disabled
177    stdio_to_kmsg
178