fix：selinux、suspend、rk3568切换回合release

Signed-off-by: Nxionglei6 <xionglei6@huawei.com>

services/etc/param/ohos.para

@@ -17,7 +17,7 @@ build_version = 2.0
 hw_sc.build.os.enable=true
 
 # ohos API version number.
-hw_sc.build.os.apiversion=8
+hw_sc.build.os.apiversion=9
 
 # ohos system version.
 hw_sc.build.os.version=2.2.0
@@ -37,3 +37,48 @@ const.build.characteristics=default
 const.product.model=ohos
 const.product.name="OpenHarmony 2.0 Canary"
 persist.sys.usb.config=hdc
+const.sandbox=enable
+# const.build.characteristics=default
+const.product.devicetype=default
+# OHOS_SOFTWARE_MODEL[] = {"default"}
+const.software.model=default
+# OHOS_MANUFACTURE[] = {"default"}
+const.product.manufacturer=default
+# OHOS_BRAND[] = {"default"}
+const.product.brand=default
+# OHOS_PRODUCT_SERIES[] = {"default"}
+const.build.product=default
+# OHOS_HARDWARE_MODEL[] = {"default"}
+const.product.hardwareversion=default
+# OHOS_BOOTLOADER_VERSION[] = {"bootloader"}
+const.product.bootloader.version=bootloader
+# OHOS_ABI_LIST[] = {"default"}
+const.product.cpu.abilist=default
+# OHOS_SECURITY_PATCH_TAG[] = { "2020-09-01" }
+const.ohos.version.security_patch=2020-09-01
+# OHOS_DISPLAY_VERSION[] = {"OpenHarmony 3.1.5.2"}
+const.product.software.version=OpenHarmony 3.1.5.2
+# OHOS_INCREMENTAL_VERSION[] = {"default"}
+const.product.incremental.version=default
+# OHOS_FIRST_API_LEVEL = 1
+const.product.firstapiversion=1
+# OHOS_BUILD_TYPE[] = {"default"}
+const.product.build.type=default
+# OHOS_BUILD_USER[] = {"default"}
+const.product.build.user=default
+# OHOS_BUILD_HOST[] = {"default"}
+const.product.build.host=default
+# OHOS_BUILD_TIME[] = {"default"}
+const.product.build.date=default
+# OHOS_HARDWARE_PROFILE[] = {"default"}
+const.product.hardwareprofile=default
+# OHOS_RELEASE_TYPE[] = { "Canary1" }
+const.ohos.releasetype=Canary1
+# OHOS_SDK_API_LEVEL = 8;
+const.ohos.apiversion=8
+# OHOS_BUILD_ROOT_HASH[] = { "default" }
+const.ohos.buildroothash=default
+# OHOS_SDK_API_LEVEL = 8
+const.ohos.sdkapilevel=8
+# OHOS_OS_NAME[] = { "OpenHarmony" }
+const.ohos.name=OpenHarmony

services/etc/passwd

@@ -4,6 +4,7 @@ system:x:1000:1000:::/bin/false
 radio:x:1001:1001:::/bin/false
 bluetooth:x:1002:1002:::/bin/false
 graphics:x:1003:1003:::/bin/false
+samgr:x:1005:1005:::/bin/false
 file_manager:x:1006:1006:::/bin/false
 log:x:1007:1007:::/bin/false
 user_data_rw:x:1008:1008:::/bin/false
@@ -32,5 +33,6 @@ wakelock:x:3010:3010:::/bin/false
 uhid:x:3011:3011:::/bin/false
 ddms:x:3012:3012:::/bin/false
 access_token:x:3020:3020:::/bin/false
+dms:x:5522:5522:::/bin/false
 misc:x:9998:9998:::/bin/false
 app:x:10000:10000:::/bin/false

services/init/init_common_service.c

@@ -64,6 +64,12 @@ static int SetAllAmbientCapability(void)
 static int SetPerms(const Service *service)
 {
     INIT_CHECK_RETURN_VALUE(KeepCapability() == 0, SERVICE_FAILURE);
+
+    if (service->servPerm.gIDCnt == 0) {
+        // use uid as gid
+        INIT_ERROR_CHECK(setgid(service->servPerm.uID) == 0, return SERVICE_FAILURE,
+            "SetPerms, setgid for %s failed. %d", service->name, errno);
+    }
     if (service->servPerm.gIDCnt > 0) {
         INIT_ERROR_CHECK(setgid(service->servPerm.gIDArray[0]) == 0, return SERVICE_FAILURE,
             "SetPerms, setgid for %s failed. %d", service->name, errno);

services/init/init_service_manager.c

@@ -305,7 +305,10 @@ static int GetServiceGids(const cJSON *curArrItem, Service *curServ)
 {
     int gidCount;
     cJSON *arrItem = cJSON_GetObjectItemCaseSensitive(curArrItem, GID_STR_IN_CFG);
-    if (!cJSON_IsArray(arrItem)) {
+    if (!arrItem) {
+        curServ->servPerm.gIDCnt = 0;
+        return SERVICE_SUCCESS;
+    } else if (!cJSON_IsArray(arrItem)) {
         gidCount = 1;
     } else {
         gidCount = cJSON_GetArraySize(arrItem);

services/init/standard/init_cmds.c

@@ -14,6 +14,7 @@
  */
 #include "init_cmds.h"
 
+#include <dlfcn.h>
 #include <errno.h>
 #include <fcntl.h>
 #include <net/if.h>
@@ -180,6 +181,20 @@ static void DoExec(const struct CmdArgs *ctx)
     if (pid == 0) {
         INIT_ERROR_CHECK(ctx != NULL && ctx->argv[0] != NULL, _exit(0x7f),
             "DoExec: invalid arguments to exec \"%s\"", ctx->argv[0]);
+#ifdef SUPPORT_PROFILER_HIDEBUG
+        void* handle = dlopen("/system/lib/libhidebug.so", RTLD_LAZY);
+        if (handle == NULL) {
+            INIT_LOGE("Failed to dlopen libhidebug.so, %s\n", dlerror());
+            return;
+        }
+        bool (* initParam)();
+        initParam = (bool (*)())dlsym(handle, "InitEnvironmentParam");
+        if (initParam == NULL) {
+            INIT_LOGE("Failed to dlsym InitEnvironmentParam, %s\n", dlerror());
+            return;
+        }
+        (*initParam)(ctx->argv[0]);
+#endif
         int ret = execv(ctx->argv[0], ctx->argv);
         if (ret == -1) {
             INIT_LOGE("DoExec: execute \"%s\" failed: %d.", ctx->argv[0], errno);

services/init/standard/init_signal_handler.c

@@ -17,6 +17,7 @@
 
 #include "init_adapter.h"
 #include "init_log.h"
+#include "init_param.h"
 #include "init_service_manager.h"
 #include "loop_event.h"
 
@@ -48,7 +49,9 @@ static void ProcessSignal(const struct signalfd_siginfo *siginfo)
         }
         case SIGTERM: {
             INIT_LOGI("SigHandler, SIGTERM received.");
-            StopAllServices(0, NULL, 0, NULL);
+            SystemWriteParam("startup.device.ctl", "stop");
+            // exec reboot use toybox reboot cmd
+            ExecReboot("reboot");
             break;
         }
         default:

services/param/service/param_service.c

@@ -71,7 +71,9 @@ static int AddParam(WorkSpace *workSpace, const char *name, const char *value, u
         PARAM_CHECK(offset > 0, return PARAM_CODE_REACHED_MAX, "Failed to allocate name %s", name);
         SaveIndex(&node->dataIndex, offset);
     }
-    *dataIndex = node->dataIndex;
+    if (dataIndex != NULL) {
+        *dataIndex = node->dataIndex;
+    }
     return 0;
 }
 
@@ -115,13 +117,15 @@ static int CheckParamValue(const WorkSpace *workSpace, const ParamTrieNode *node
 
 int WriteParam(const WorkSpace *workSpace, const char *name, const char *value, uint32_t *dataIndex, int onlyAdd)
 {
-    PARAM_CHECK(workSpace != NULL && dataIndex != NULL, return PARAM_CODE_INVALID_PARAM, "Invalid workSpace");
+    PARAM_CHECK(workSpace != NULL, return PARAM_CODE_INVALID_PARAM, "Invalid workSpace");
     PARAM_CHECK(value != NULL && name != NULL, return PARAM_CODE_INVALID_PARAM, "Invalid name or value");
     ParamTrieNode *node = FindTrieNode(workSpace, name, strlen(name), NULL);
     int ret = CheckParamValue(workSpace, node, name, value);
     PARAM_CHECK(ret == 0, return ret, "Invalid param value param: %s=%s", name, value);
     if (node != NULL && node->dataIndex != 0) {
-        *dataIndex = node->dataIndex;
+        if (dataIndex != NULL) {
+            *dataIndex = node->dataIndex;
+        }
         if (onlyAdd) {
             return 0;
         }
@@ -168,7 +172,7 @@ static char *BuildKey(ParamWorkSpace *workSpace, const char *format, ...)
     size_t buffSize = sizeof(workSpace->buffer);
     int len = vsnprintf_s(workSpace->buffer, buffSize, buffSize - 1, format, vargs);
     va_end(vargs);
-    if (len > 0 && len < buffSize) {
+    if (len > 0 && (size_t)len < buffSize) {
         workSpace->buffer[len] = '\0';
         for (int i = 0; i < len; i++) {
             if (workSpace->buffer[i] == '|') {
@@ -535,35 +539,107 @@ PARAM_STATIC int ProcessMessage(const ParamTaskPtr worker, const ParamMessage *m
     return 0;
 }
 
+static int LoadOneParam_(char *line, uint32_t mode, const char *exclude[], uint32_t count)
+{
+    char *name;
+    char *value;
+    char *pos;
+
+    // Skip spaces
+    name = line;
+    while (isspace(*name) && (*name != '\0')) {
+        name++;
+    }
+    // Empty line
+    if (*name == '\0') {
+        return 0;
+    }
+    // Comment line
+    if (*name == '#') {
+        return 0;
+    }
+
+    value = name;
+    // find the first delimiter '='
+    while (*value != '\0') {
+        if (*value == '=') {
+            (*value) = '\0';
+            value = value + 1;
+            break;
+        }
+        value++;
+    }
+
+    // empty name, just ignore this line
+    if (*name == '\0') {
+        return 0;
+    }
+
+    // Trim the ending spaces of name
+    pos = value - 1;
+    pos -= 1;
+    while (isspace(*pos) && pos > name) {
+        (*pos) = '\0';
+        pos--;
+    }
+
+    // Filter excluded parameters
+    for (uint32_t i = 0; i < count; i++) {
+        if (strncmp(name, exclude[i], strlen(exclude[i])) == 0) {
+            return 0;
+        }
+    }
+
+    // Skip spaces for value
+    while (isspace(*value) && (*value != '\0')) {
+        value++;
+    }
+
+    // Trim the ending spaces of value
+    pos = value + strlen(value);
+    pos--;
+    while (isspace(*pos) && pos > value) {
+        (*pos) = '\0';
+        pos--;
+    }
+
+    // Strip starting and ending " for value
+    if ((*value == '"') && (pos > value) && (*pos == '"')) {
+        value = value + 1;
+        *pos = '\0';
+    }
+
+    int ret = CheckParamName(name, 0);
+    // Invalid name, just ignore
+    if (ret != 0) {
+        return 0;
+    }
+    PARAM_LOGV("Add default parameter [%s] [%s]", name, value);
+    return WriteParam(&g_paramWorkSpace.paramSpace,
+        name, value, NULL, mode & LOAD_PARAM_ONLY_ADD);
+}
+
 static int LoadDefaultParam_(const char *fileName, uint32_t mode, const char *exclude[], uint32_t count)
 {
+    // max length for each line of para files: max name length + max value length + spaces
+#define PARAM_LINE_MAX_LENGTH (PARAM_NAME_LEN_MAX + PARAM_CONST_VALUE_LEN_MAX + 10)
+
     uint32_t paramNum = 0;
     FILE *fp = fopen(fileName, "r");
-    PARAM_CHECK(fp != NULL, return -1, "Open file %s fail", fileName);
-    char *buff = calloc(1, sizeof(SubStringInfo) * (SUBSTR_INFO_VALUE + 1) + PARAM_BUFFER_SIZE);
-    PARAM_CHECK(buff != NULL, (void)fclose(fp);
-        return -1, "Failed to alloc memory for load %s", fileName);
-
-    SubStringInfo *info = (SubStringInfo *)(buff + PARAM_BUFFER_SIZE);
-    while (fgets(buff, PARAM_BUFFER_SIZE, fp) != NULL) {
-        buff[PARAM_BUFFER_SIZE - 1] = '\0';
-        int subStrNumber = GetSubStringInfo(buff, strlen(buff), '=', info, SUBSTR_INFO_VALUE + 1);
-        if (subStrNumber <= SUBSTR_INFO_VALUE) {
-            continue;
-        }
-        // 过滤
-        for (uint32_t i = 0; i < count; i++) {
-            if (strncmp(info[0].value, exclude[i], strlen(exclude[i])) == 0) {
-                PARAM_LOGI("Do not set %s parameters", info[0].value);
-                continue;
-            }
-        }
-        int ret = CheckParamName(info[0].value, 0);
-        PARAM_CHECK(ret == 0, continue, "Illegal param name %s", info[0].value);
-        PARAM_LOGV("Add default parameter %s  %s", info[0].value, info[1].value);
-        uint32_t dataIndex = 0;
-        ret = WriteParam(&g_paramWorkSpace.paramSpace,
-            info[0].value, info[1].value, &dataIndex, mode & LOAD_PARAM_ONLY_ADD);
+    if (fp == NULL) {
+        return -1;
+    }
+
+    char *buff = calloc(1, PARAM_LINE_MAX_LENGTH);
+    if (buff == NULL) {
+        (void)fclose(fp);
+        return -1;
+    }
+
+    while (fgets(buff, PARAM_LINE_MAX_LENGTH, fp) != NULL) {
+        buff[PARAM_LINE_MAX_LENGTH - 1] = '\0';
+
+        int ret = LoadOneParam_(buff, mode, exclude, count);
         PARAM_CHECK(ret == 0, continue, "Failed to set param %d %s", ret, buff);
         paramNum++;
     }
@@ -639,9 +715,8 @@ static int LoadParamFromCmdLine(void)
             PARAM_LOGV("Add param from cmdline %s %s", cmdLines[i], value);
             ret = CheckParamName(cmdLines[i], 0);
             PARAM_CHECK(ret == 0, break, "Invalid name %s", cmdLines[i]);
-            uint32_t dataIndex = 0;
             PARAM_LOGV("**** cmdLines[%d] %s, value %s", i, cmdLines[i], value);
-            ret = WriteParam(&g_paramWorkSpace.paramSpace, cmdLines[i], value, &dataIndex, 0);
+            ret = WriteParam(&g_paramWorkSpace.paramSpace, cmdLines[i], value, NULL, 0);
             PARAM_CHECK(ret == 0, break, "Failed to write param %s %s", cmdLines[i], value);
         } else {
             PARAM_LOGE("Can not find arrt %s", cmdLines[i]);

services/utils/init_utils.c

@@ -168,8 +168,9 @@ int GetProcCmdlineValue(const char *name, const char *buffer, char *value, int l
             endIndex = i;
             break;
         }
-        if (*tmp == ' ') {
+        if (*tmp == ' ' || *tmp == '\n' || *tmp == '\r' || *tmp == '\t') {
             endIndex = i;
+            break;
         }
         if (*tmp == '=') {
             if (endIndex != 0) { // for root=uuid=xxxx