diff --git a/README.md b/README.md
index aefa8107229112376537a3c974ae3bd8e398c086..4ab9187dca06b5d5521718445bd4716abd19f08e 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
-# init\_lite
+# init
- [Introduction](#section469617221261)
- [Directory Structure](#section15884114210197)
@@ -8,27 +8,27 @@
## Introduction
-The init\_lite module starts system service processes from the time the kernel loads the first user-space process to the time the first application is started. In addition to loading key system processes, the module needs to configure their permissions during the startup and keep the specified process alive after sub-processes are started. If a process exits abnormally, the module needs to restart it, and to perform system reset for a special process.
+The init module starts system service processes from the time the kernel loads the first user-space process to the time the first application is started. In addition to loading key system processes, the module needs to configure their permissions during the startup and keep the specified process alive after sub-processes are started. If a process exits abnormally, the module needs to restart it, and to perform system reset for a special process.
## Directory Structure
```
-base/startup/init_lite/ # init_lite module
+base/startup/init/ # init module
├── LICENSE
└── services
- ├── include # Header files for the init_lite module
- ├── src # Source files for the init_lite module
- └── test # Source files of the test cases for the init_lite module
+ ├── include # Header files for the init module
+ ├── src # Source files for the init module
+ └── test # Source files of the test cases for the init module
└── unittest
vendor
└──huawei
└──camera
- └──init_configs # init_lite configuration files (in JSON format, and deployed in /etc/init.cfg after image burning)
+ └──init_configs # init configuration files (in JSON format, and deployed in /etc/init.cfg after image burning)
```
## Constraints
-Currently, the init\_lite module applies only to small-system devices \(reference memory ≥ 1 MB\), for example, Hi3516D V300 and Hi3518E V300.
+Currently, the init module applies only to small-system devices \(reference memory ≥ 1 MB\), for example, Hi3516D V300 and Hi3518E V300.
## Usage
diff --git a/README_zh.md b/README_zh.md
index 57643232b50fcb25f81c4087edfc48c94f5fd4f9..ae08aca61a201156328499e8a7e5f1f5898d4cb5 100644
--- a/README_zh.md
+++ b/README_zh.md
@@ -14,7 +14,7 @@ init组件负责处理从内核加载第一个用户态进程开始,到第一
## 目录
```
-base/startup/init_lite/ # init组件
+base/startup/init/ # init组件
├── device_info
├── initsync
├── interfaces # init提供的对外接口
@@ -84,7 +84,7 @@ init将系统启动分为三个阶段:
每个沙盒环境的分为只读资源和可写资源,只读资源由init在初始化时创建好,通过mount bind把只读文件指向全局FS中对应的目录,然后启动相应沙盒进程时通过SetNamespace跳入到沙盒环境运行。对于可写目录,通过对全局/data目录进行划分,由存储服务进行统一管理分配,通过mnt namespace完成可写目录的沙盒化。
-init的关键配置文件init.cfg位于代码仓库base/startup/init_lite/service/etc目录,部署在/etc/下,采用json格式,文件大小目前限制在100KB以内。
+init的关键配置文件init.cfg位于代码仓库base/startup/init/service/etc目录,部署在/etc/下,采用json格式,文件大小目前限制在100KB以内。
配置文件格式和内容说明如下所示:
diff --git a/bundle.json b/bundle.json
index 8ba9de9655d7fef333e539419e713e3813a0e6db..27f6f7d7376f5cfcd7d0df86451a6237396a3fb3 100755
--- a/bundle.json
+++ b/bundle.json
@@ -7,7 +7,7 @@
"repository": "https://gitee.com/openharmony/startup_init_lite",
"publishAs": "code-segment",
"segment": {
- "destPath": "base/startup/init_lite"
+ "destPath": "base/startup/init"
},
"dirs": {},
"scripts": {},
@@ -23,7 +23,7 @@
"components": [
"startup",
"safwk",
- "utils_base",
+ "c_utils",
"napi",
"ipc",
"config_policy",
@@ -45,21 +45,21 @@
},
"build": {
"sub_component": [
- "//base/startup/init_lite/services:startup_init",
- "//base/startup/init_lite/ueventd:startup_ueventd",
- "//base/startup/init_lite/watchdog:watchdog",
- "//base/startup/init_lite/services/begetctl:begetctl_cmd",
- "//base/startup/init_lite/services/loopevent:loopeventgroup",
- "//base/startup/init_lite/services/modules:modulesgroup",
- "//base/startup/init_lite/services/param:parameter",
- "//base/startup/init_lite/interfaces/innerkits:innergroup",
- "//base/startup/init_lite/device_info:device_info_group",
- "//base/startup/init_lite/interfaces/kits:kitsgroup"
+ "//base/startup/init/services:startup_init",
+ "//base/startup/init/ueventd:startup_ueventd",
+ "//base/startup/init/watchdog:watchdog",
+ "//base/startup/init/services/begetctl:begetctl_cmd",
+ "//base/startup/init/services/loopevent:loopeventgroup",
+ "//base/startup/init/services/modules:modulesgroup",
+ "//base/startup/init/services/param:parameter",
+ "//base/startup/init/interfaces/innerkits:innergroup",
+ "//base/startup/init/device_info:device_info_group",
+ "//base/startup/init/interfaces/kits:kitsgroup"
],
"inner_kits": [
{
"header": {
- "header_base": "//base/startup/init_lite/interfaces/innerkits/include/",
+ "header_base": "//base/startup/init/interfaces/innerkits/include/",
"header_files": [
"init_socket.h",
"init_file.h",
@@ -75,31 +75,40 @@
"syspara/sysversion.h"
]
},
- "name": "//base/startup/init_lite/interfaces/innerkits:libbegetutil"
+ "name": "//base/startup/init/interfaces/innerkits:libbegetutil"
},
{
"header": {
- "header_base": "//base/startup/init_lite/interfaces/innerkits/include/",
+ "header_base": "//base/startup/init/interfaces/innerkits/include/",
"header_files": [
"service_watcher.h",
"syspara/parameter.h",
"syspara/sysparam_errno.h"
]
},
- "name": "//base/startup/init_lite/interfaces/innerkits:libbeget_proxy"
+ "name": "//base/startup/init/interfaces/innerkits:libbeget_proxy"
},
{
"header": {
- "header_base": "//base/startup/init_lite/interfaces/innerkits",
+ "header_base": "//base/startup/init/interfaces/innerkits",
"header_files": [
"init_module_engine/include/init_module_engine.h"
]
},
- "name": "//base/startup/init_lite/interfaces/innerkits/init_module_engine:libinit_module_engine"
+ "name": "//base/startup/init/interfaces/innerkits/init_module_engine:libinit_module_engine"
+ },
+ {
+ "header": {
+ "header_base": "//base/startup/init/interfaces/innerkits/seccomp/include/",
+ "header_files": [
+ "seccomp_policy.h"
+ ]
+ },
+ "name": "//base/startup/init/interfaces/innerkits/seccomp:seccomp"
}
],
"test": [
- "//base/startup/init_lite/test:testgroup"
+ "//base/startup/init/test:testgroup"
]
}
}
diff --git a/device_info/BUILD.gn b/device_info/BUILD.gn
index b9a32135a49e567c2222727a119e4f07da8a5778..4cadccb4ec8b536ca64029381a17dc4811223585 100644
--- a/device_info/BUILD.gn
+++ b/device_info/BUILD.gn
@@ -10,7 +10,7 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-import("//base/startup/init_lite/begetd.gni")
+import("//base/startup/init/begetd.gni")
if (!defined(ohos_lite)) {
import("//build/ohos.gni")
import("//build/ohos/sa_profile/sa_profile.gni")
@@ -28,17 +28,18 @@ if (!defined(ohos_lite)) {
ohos_shared_library("deviceinfoservice") {
sources = [
- "//base/startup/init_lite/interfaces/innerkits/syspara/param_comm.c",
+ "//base/startup/init/interfaces/innerkits/syspara/param_comm.c",
"device_info_stub.cpp",
]
include_dirs = [
+ "//foundation/distributedschedule/samgr/interfaces/innerkits/samgr_proxy/include/",
".",
- "//base/startup/init_lite/services/include/param",
- "//base/startup/init_lite/interfaces/innerkits/include",
- "//base/startup/init_lite/interfaces/innerkits/include/syspara",
- "//base/startup/init_lite/interfaces/innerkits/syspara",
- "//base/startup/init_lite/interfaces/hals",
+ "//base/startup/init/services/include/param",
+ "//base/startup/init/interfaces/innerkits/include",
+ "//base/startup/init/interfaces/innerkits/include/syspara",
+ "//base/startup/init/interfaces/innerkits/syspara",
+ "//base/startup/init/interfaces/hals",
]
defines = [
"INIT_AGENT",
@@ -46,18 +47,16 @@ if (!defined(ohos_lite)) {
"USE_MBEDTLS",
]
deps = [
- "//base/startup/init_lite/interfaces/innerkits:libbegetutil",
+ "//base/startup/init/interfaces/innerkits:libbegetutil",
"//third_party/bounds_checking_function:libsec_shared",
"//third_party/mbedtls:mbedtls_shared",
]
external_deps = [
"access_token:libaccesstoken_sdk",
- "hilog_native:libhilog",
+ "c_utils:utils",
"ipc:ipc_core",
"safwk:system_ability_fwk",
- "samgr_standard:samgr_proxy",
- "utils_base:utils",
]
install_images = [ "system" ]
part_name = "init"
diff --git a/device_info/device_info_load.cpp b/device_info/device_info_load.cpp
index 4aa7fec53f775ae0195dacf5d085ffd7e4a1111c..be591a983674b610d19223d6df87e33429a36f3f 100644
--- a/device_info/device_info_load.cpp
+++ b/device_info/device_info_load.cpp
@@ -28,7 +28,7 @@ void DeviceInfoLoad::OnLoadSystemAbilitySuccess(int32_t systemAbilityId,
const sptr& remoteObject)
{
DINFO_CHECK(systemAbilityId == SYSPARAM_DEVICE_SERVICE_ID, return,
- "start aystemabilityId is not deviceinfo! %d", systemAbilityId);
+ "start systemabilityId is not deviceinfo! %d", systemAbilityId);
DINFO_CHECK(remoteObject != nullptr, return, "remoteObject is null.");
DINFO_LOGI("OnLoadSystemAbilitySuccess start systemAbilityId: %d success!", systemAbilityId);
@@ -38,7 +38,7 @@ void DeviceInfoLoad::OnLoadSystemAbilitySuccess(int32_t systemAbilityId,
void DeviceInfoLoad::OnLoadSystemAbilityFail(int32_t systemAbilityId)
{
DINFO_CHECK(systemAbilityId == SYSPARAM_DEVICE_SERVICE_ID, return,
- "start aystemabilityId is not deviceinfo! %d", systemAbilityId);
+ "start systemabilityId is not deviceinfo! %d", systemAbilityId);
DINFO_LOGI("OnLoadSystemAbilityFail systemAbilityId: %d failed.", systemAbilityId);
diff --git a/device_info/device_info_stub.cpp b/device_info/device_info_stub.cpp
index a231d34d23f2c44dab89250bbc6e32cf0dd1f538..89876e057733e7d471de927f6dd57146302c6397 100644
--- a/device_info/device_info_stub.cpp
+++ b/device_info/device_info_stub.cpp
@@ -72,13 +72,11 @@ bool DeviceInfoStub::CheckPermission(MessageParcel &data, const std::string &per
AccessTokenID callerToken = IPCSkeleton::GetCallingTokenID();
int32_t result = TypePermissionState::PERMISSION_GRANTED;
int32_t tokenType = AccessTokenKit::GetTokenTypeFlag(callerToken);
- if (tokenType == TOKEN_NATIVE) {
- result = AccessTokenKit::VerifyNativeToken(callerToken, permission);
- } else if (tokenType == TOKEN_HAP) {
- result = AccessTokenKit::VerifyAccessToken(callerToken, permission);
- } else {
+ if (tokenType == TOKEN_INVALID) {
DINFO_LOGE("AccessToken type:%d, permission:%d denied!", tokenType, callerToken);
return false;
+ } else {
+ result = AccessTokenKit::VerifyAccessToken(callerToken, permission);
}
if (result == TypePermissionState::PERMISSION_DENIED) {
DINFO_LOGE("AccessTokenID:%d, permission:%s denied!", callerToken, permission.c_str());
diff --git a/initsync/BUILD.gn b/initsync/BUILD.gn
index 7c57f697e50016087424eef57faeb91595038a4b..a2906bd47140d4866af7807b48ce560994f1b235 100644
--- a/initsync/BUILD.gn
+++ b/initsync/BUILD.gn
@@ -14,19 +14,19 @@
import("//build/lite/config/component/lite_component.gni")
lite_component("initsync") {
- features = [ "//base/startup/init_lite/initsync:libinitsync_shared" ]
+ features = [ "//base/startup/init/initsync:libinitsync_shared" ]
}
shared_library("libinitsync_shared") {
sources = [ "src/init_sync.c" ]
include_dirs = [
- "//base/startup/init_lite/initsync/include",
- "//base/startup/init_lite/interfaces/kits/syscap",
- "//base/startup/init_lite/services/log",
- "//base/startup/init_lite/interfaces/innerkits/include",
+ "//base/startup/init/initsync/include",
+ "//base/startup/init/interfaces/kits/syscap",
+ "//base/startup/init/services/log",
+ "//base/startup/init/interfaces/innerkits/include",
]
public_deps = [
- "//base/startup/init_lite/services/log:init_log",
+ "//base/startup/init/services/log:init_log",
"//third_party/bounds_checking_function:libsec_shared",
]
}
@@ -34,10 +34,10 @@ shared_library("libinitsync_shared") {
static_library("libinitsync_static") {
sources = [ "src/init_sync.c" ]
include_dirs = [
- "//base/startup/init_lite/initsync/include",
- "//base/startup/init_lite/interfaces/kits/syscap",
- "//base/startup/init_lite/services/log",
- "//base/startup/init_lite/interfaces/innerkits/include",
+ "//base/startup/init/initsync/include",
+ "//base/startup/init/interfaces/kits/syscap",
+ "//base/startup/init/services/log",
+ "//base/startup/init/interfaces/innerkits/include",
]
public_deps = [ "//third_party/bounds_checking_function:libsec_static" ]
}
diff --git a/interfaces/innerkits/BUILD.gn b/interfaces/innerkits/BUILD.gn
index d9b20443cbf15d01a86a382f7b259b78e7908c21..7706c5212ec68a76732f9b8602c9d014e707d4a3 100755
--- a/interfaces/innerkits/BUILD.gn
+++ b/interfaces/innerkits/BUILD.gn
@@ -10,7 +10,7 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-import("//base/startup/init_lite/begetd.gni")
+import("//base/startup/init/begetd.gni")
if (!defined(ohos_lite) || enable_ohos_startup_init_feature_begetctl_liteos) {
syspara_sources = [
"syscap/init_syscap.c",
@@ -23,12 +23,12 @@ if (!defined(ohos_lite) || enable_ohos_startup_init_feature_begetctl_liteos) {
config("exported_header_files") {
visibility = [ ":*" ]
include_dirs = [
- "//base/startup/init_lite/interfaces/innerkits/include",
- "//base/startup/init_lite/interfaces/innerkits/include/syspara",
- "//base/startup/init_lite/interfaces/innerkits/include/fs_manager",
- "//base/startup/init_lite/interfaces/innerkits/include/token",
- "//base/startup/init_lite/interfaces/innerkits/include/sandbox/include",
- "//base/startup/init_lite/services/include",
+ "//base/startup/init/interfaces/innerkits/include",
+ "//base/startup/init/interfaces/innerkits/include/syspara",
+ "//base/startup/init/interfaces/innerkits/include/fs_manager",
+ "//base/startup/init/interfaces/innerkits/include/token",
+ "//base/startup/init/interfaces/innerkits/include/sandbox/include",
+ "//base/startup/init/services/include",
]
}
@@ -36,14 +36,14 @@ include_common = [
"./include",
"//base/hiviewdfx/hilog_lite/interfaces/native/kits",
"//third_party/bounds_checking_function/include",
- "//base/startup/init_lite/services/include",
- "//base/startup/init_lite/services/include/param",
- "//base/startup/init_lite/interfaces/innerkits/fd_holder",
- "//base/startup/init_lite/services/param/include",
- "//base/startup/init_lite/interfaces/innerkits/include",
- "//base/startup/init_lite/interfaces/innerkits/include/syspara",
- "//base/startup/init_lite/interfaces/hals",
- "//base/startup/init_lite/interfaces/innerkits/syspara",
+ "//base/startup/init/services/include",
+ "//base/startup/init/services/include/param",
+ "//base/startup/init/interfaces/innerkits/fd_holder",
+ "//base/startup/init/services/param/include",
+ "//base/startup/init/interfaces/innerkits/include",
+ "//base/startup/init/interfaces/innerkits/include/syspara",
+ "//base/startup/init/interfaces/hals",
+ "//base/startup/init/interfaces/innerkits/syspara",
]
if (defined(ohos_lite)) {
@@ -67,8 +67,8 @@ if (defined(ohos_lite)) {
"//third_party/mbedtls:mbedtls_shared",
]
deps += [
- "//base/startup/init_lite/services/log:init_log",
- "//base/startup/init_lite/services/utils:libinit_utils",
+ "//base/startup/init/services/log:init_log",
+ "//base/startup/init/services/utils:libinit_utils",
]
if (enable_ohos_startup_init_feature_begetctl_liteos) {
sources += syspara_sources
@@ -79,16 +79,15 @@ if (defined(ohos_lite)) {
}
if (ohos_kernel_type == "liteos_a") {
defines += [ "__LITEOS_A__" ]
- deps += [
- "//base/startup/init_lite/services/param/liteos:param_client_lite",
- ]
+ deps +=
+ [ "//base/startup/init/services/param/liteos:param_client_lite" ]
} else if (ohos_kernel_type == "linux") {
sources += [ "socket/init_socket.c" ]
defines += [ "__LINUX__" ]
deps += [
- "//base/startup/init_lite/services/loopevent:loopevent",
- "//base/startup/init_lite/services/param/base:parameterbase",
- "//base/startup/init_lite/services/param/linux:param_client",
+ "//base/startup/init/services/loopevent:loopevent",
+ "//base/startup/init/services/param/base:parameterbase",
+ "//base/startup/init/services/param/linux:param_client",
]
}
}
@@ -123,9 +122,9 @@ if (defined(ohos_lite)) {
}
if (enable_ohos_startup_init_feature_begetctl_liteos) {
deps += [
- "//base/startup/init_lite/services/log:init_log",
- "//base/startup/init_lite/services/param/liteos:param_client_lite",
- "//base/startup/init_lite/services/utils:libinit_utils",
+ "//base/startup/init/services/log:init_log",
+ "//base/startup/init/services/param/liteos:param_client_lite",
+ "//base/startup/init/services/utils:libinit_utils",
]
}
}
@@ -140,8 +139,7 @@ if (defined(ohos_lite)) {
lib_extension = ".so"
}
deps = [ ":libbegetutil" ]
- head_files =
- [ "//base/startup/init_lite/interfaces/innerkits/include/syspara" ]
+ head_files = [ "//base/startup/init/interfaces/innerkits/include/syspara" ]
}
group("libbeget_proxy") {
@@ -174,24 +172,24 @@ if (defined(ohos_lite)) {
include_dirs = include_common
deps = [
- "//base/startup/init_lite/interfaces/innerkits/control_fd:libcontrolfd",
- "//base/startup/init_lite/interfaces/innerkits/fd_holder:fdholder",
- "//base/startup/init_lite/interfaces/innerkits/file:libfile",
- "//base/startup/init_lite/interfaces/innerkits/fs_manager:libfsmanager_static",
- "//base/startup/init_lite/interfaces/innerkits/sandbox:sandbox",
- "//base/startup/init_lite/interfaces/innerkits/socket:libsocket",
- "//base/startup/init_lite/services/log:agent_log",
- "//base/startup/init_lite/services/loopevent:loopevent",
- "//base/startup/init_lite/services/param/base:parameterbase",
- "//base/startup/init_lite/services/param/linux:param_client",
- "//base/startup/init_lite/services/utils:libinit_utils",
+ "//base/startup/init/interfaces/innerkits/control_fd:libcontrolfd",
+ "//base/startup/init/interfaces/innerkits/fd_holder:fdholder",
+ "//base/startup/init/interfaces/innerkits/file:libfile",
+ "//base/startup/init/interfaces/innerkits/fs_manager:libfsmanager_static",
+ "//base/startup/init/interfaces/innerkits/sandbox:sandbox",
+ "//base/startup/init/interfaces/innerkits/socket:libsocket",
+ "//base/startup/init/services/log:agent_log",
+ "//base/startup/init/services/loopevent:loopevent",
+ "//base/startup/init/services/param/base:parameterbase",
+ "//base/startup/init/services/param/linux:param_client",
+ "//base/startup/init/services/utils:libinit_utils",
"//third_party/bounds_checking_function:libsec_shared",
"//third_party/cJSON:cjson",
"//third_party/mbedtls:mbedtls_shared",
]
external_deps = [
+ "c_utils:utils",
"hilog_native:libhilog_base",
- "utils_base:utils",
]
public_configs = [ ":exported_header_files" ]
part_name = "init"
@@ -209,7 +207,7 @@ if (defined(ohos_lite)) {
"USE_MBEDTLS",
]
sources = [
- "//base/startup/init_lite/device_info/device_info.cpp",
+ "//base/startup/init/device_info/device_info.cpp",
"service_watcher/service_watcher.c",
]
@@ -221,14 +219,14 @@ if (defined(ohos_lite)) {
if (enable_ohos_startup_init_feature_watcher) {
sources += [
- "//base/startup/init_lite/services/param/watcher/agent/watcher.cpp",
- "//base/startup/init_lite/services/param/watcher/agent/watcher_manager_kits.cpp",
- "//base/startup/init_lite/services/param/watcher/agent/watcher_manager_proxy.cpp",
- "//base/startup/init_lite/services/param/watcher/agent/watcher_stub.cpp",
+ "//base/startup/init/services/param/watcher/agent/watcher.cpp",
+ "//base/startup/init/services/param/watcher/agent/watcher_manager_kits.cpp",
+ "//base/startup/init/services/param/watcher/agent/watcher_manager_proxy.cpp",
+ "//base/startup/init/services/param/watcher/agent/watcher_stub.cpp",
]
include_dirs += [
- "//base/startup/init_lite/services/param/watcher/include",
- "//base/startup/init_lite/services/log",
+ "//base/startup/init/services/param/watcher/include",
+ "//base/startup/init/services/log",
]
} else {
defines += [ "NO_PARAM_WATCHER" ]
@@ -236,22 +234,21 @@ if (defined(ohos_lite)) {
if (enable_ohos_startup_init_feature_deviceinfo) {
sources += [
- "//base/startup/init_lite/device_info/device_info_kits.cpp",
- "//base/startup/init_lite/device_info/device_info_load.cpp",
- "//base/startup/init_lite/device_info/device_info_proxy.cpp",
+ "//base/startup/init/device_info/device_info_kits.cpp",
+ "//base/startup/init/device_info/device_info_load.cpp",
+ "//base/startup/init/device_info/device_info_proxy.cpp",
]
defines += [ "PARAM_FEATURE_DEVICEINFO" ]
} else {
- sources += [
- "//base/startup/init_lite/interfaces/innerkits/syspara/param_comm.c",
- ]
+ sources +=
+ [ "//base/startup/init/interfaces/innerkits/syspara/param_comm.c" ]
}
external_deps = [
+ "c_utils:utils",
"hilog_native:libhilog_base",
"ipc:ipc_core",
"samgr_standard:samgr_proxy",
- "utils_base:utils",
]
public_configs = [ ":exported_header_files" ]
part_name = "init"
@@ -273,17 +270,17 @@ if (defined(ohos_lite)) {
include_dirs = include_common
deps = [
- "//base/startup/init_lite/services/log:agent_log",
- "//base/startup/init_lite/services/loopevent:loopevent",
- "//base/startup/init_lite/services/param/base:parameterbase",
- "//base/startup/init_lite/services/param/linux:param_client",
- "//base/startup/init_lite/services/utils:libinit_utils",
+ "//base/startup/init/services/log:agent_log",
+ "//base/startup/init/services/loopevent:loopevent",
+ "//base/startup/init/services/param/base:parameterbase",
+ "//base/startup/init/services/param/linux:param_client",
+ "//base/startup/init/services/utils:libinit_utils",
"//third_party/bounds_checking_function:libsec_shared",
"//third_party/mbedtls:mbedtls_shared",
]
external_deps = [
+ "c_utils:utils",
"hilog_native:libhilog_base",
- "utils_base:utils",
]
part_name = "init"
}
@@ -291,6 +288,9 @@ if (defined(ohos_lite)) {
group("innergroup") {
deps = [ ":libbegetutil" ]
+ if (build_seccomp) {
+ deps += [ "seccomp:seccomp" ]
+ }
if (!defined(ohos_lite)) {
deps += [
":libbeget_proxy",
diff --git a/interfaces/innerkits/control_fd/BUILD.gn b/interfaces/innerkits/control_fd/BUILD.gn
index 42103a77858b8ef2c0bcaf9a0e15047463782600..8c934844fcf40a4de1f4c64a488b6a5fc298fd65 100644
--- a/interfaces/innerkits/control_fd/BUILD.gn
+++ b/interfaces/innerkits/control_fd/BUILD.gn
@@ -11,14 +11,14 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-import("//base/startup/init_lite/begetd.gni")
+import("//base/startup/init/begetd.gni")
import("//build/ohos.gni")
config("exported_header_files") {
visibility = [ ":*" ]
include_dirs = [
- "//base/startup/init_lite/interfaces/innerkits/include",
- "//base/startup/init_lite/interfaces/innerkits/control_fd",
+ "//base/startup/init/interfaces/innerkits/include",
+ "//base/startup/init/interfaces/innerkits/control_fd",
]
}
@@ -31,8 +31,8 @@ ohos_static_library("libcontrolfd") {
include_dirs = [
".",
"//third_party/bounds_checking_function/include",
- "//base/startup/init_lite/services/include",
- "//base/startup/init_lite/services/loopevent/include",
+ "//base/startup/init/services/include",
+ "//base/startup/init/services/loopevent/include",
]
part_name = "init"
}
diff --git a/interfaces/innerkits/control_fd/control_fd_client.c b/interfaces/innerkits/control_fd/control_fd_client.c
index 914585434bd0e6f93af4fe975d052b5142caed1c..7011d9a9e15653460350ad22c3c19b73ad3d215a 100644
--- a/interfaces/innerkits/control_fd/control_fd_client.c
+++ b/interfaces/innerkits/control_fd/control_fd_client.c
@@ -31,11 +31,11 @@ static void ProcessPtyWrite(const WatcherHandle taskHandle, int fd, uint32_t *ev
}
CmdAgent *agent = (CmdAgent *)context;
char rbuf[PTY_BUF_SIZE] = {0};
- int rlen = read(fd, rbuf, PTY_BUF_SIZE - 1);
+ ssize_t rlen = read(fd, rbuf, PTY_BUF_SIZE - 1);
int ret = fflush(stdin);
BEGET_ERROR_CHECK(ret == 0, return, "[control_fd] Failed fflush err=%d", errno);
if (rlen > 0) {
- int wlen = write(agent->ptyFd, rbuf, rlen);
+ ssize_t wlen = write(agent->ptyFd, rbuf, rlen);
BEGET_ERROR_CHECK(wlen == rlen, return, "[control_fd] Failed write fifo err=%d", errno);
}
ret = fflush(stdout);
@@ -51,7 +51,7 @@ static void ProcessPtyRead(const WatcherHandle taskHandle, int fd, uint32_t *eve
}
CmdAgent *agent = (CmdAgent *)context;
char buf[PTY_BUF_SIZE] = {0};
- int readlen = read(fd, buf, PTY_BUF_SIZE - 1);
+ long readlen = read(fd, buf, PTY_BUF_SIZE - 1);
if (readlen > 0) {
fprintf(stdout, "%s", buf);
} else {
@@ -68,9 +68,9 @@ static void CmdOnRecvMessage(const TaskHandle task, const uint8_t *buffer, uint3
BEGET_LOGI("[control_fd] CmdOnRecvMessage %s len %d.", (char *)buffer, buffLen);
}
-static void CmdOnConntectComplete(const TaskHandle client)
+static void CmdOnConnectComplete(const TaskHandle client)
{
- BEGET_LOGI("[control_fd] CmdOnConntectComplete");
+ BEGET_LOGI("[control_fd] CmdOnConnectComplete");
}
static void CmdOnClose(const TaskHandle task)
@@ -105,8 +105,8 @@ static CmdAgent *CmdAgentCreate(const char *server)
info.server = (char *)server;
info.baseInfo.userDataSize = sizeof(CmdAgent);
info.baseInfo.close = CmdOnClose;
- info.disConntectComplete = CmdDisConnectComplete;
- info.connectComplete = CmdOnConntectComplete;
+ info.disConnectComplete = CmdDisConnectComplete;
+ info.connectComplete = CmdOnConnectComplete;
info.sendMessageComplete = CmdOnSendMessageComplete;
info.recvMessage = CmdOnRecvMessage;
LE_STATUS status = LE_CreateStreamClient(LE_GetDefaultLoop(), &task, &info);
diff --git a/interfaces/innerkits/control_fd/control_fd_service.c b/interfaces/innerkits/control_fd/control_fd_service.c
index 79682449058adcf03173104a0846c6b3ccc50382..f955cd0141e6428a896cac07dc0bed0f8bc8748f 100644
--- a/interfaces/innerkits/control_fd/control_fd_service.c
+++ b/interfaces/innerkits/control_fd/control_fd_service.c
@@ -13,11 +13,6 @@
* limitations under the License.
*/
#include
-#include
-#include
-#include
-#include
-#include
#include
#include "beget_ext.h"
@@ -93,14 +88,14 @@ static int SendMessage(LoopHandle loop, TaskHandle task, const char *message)
return 0;
}
-static int CmdOnIncommingConntect(const LoopHandle loop, const TaskHandle server)
+static int CmdOnIncommingConnect(const LoopHandle loop, const TaskHandle server)
{
TaskHandle client = NULL;
LE_StreamInfo info = {};
info.baseInfo.flags = TASK_STREAM | TASK_PIPE | TASK_CONNECT;
info.baseInfo.close = OnClose;
info.baseInfo.userDataSize = sizeof(CmdTask);
- info.disConntectComplete = NULL;
+ info.disConnectComplete = NULL;
info.sendMessageComplete = NULL;
info.recvMessage = CmdOnRecvMessage;
int ret = LE_AcceptStreamClient(LE_GetDefaultLoop(), server, &client, &info);
@@ -127,8 +122,8 @@ void CmdServiceInit(const char *socketPath, CallbackControlFdProcess func)
info.server = (char *)socketPath;
info.socketId = -1;
info.baseInfo.close = NULL;
- info.disConntectComplete = NULL;
- info.incommingConntect = CmdOnIncommingConntect;
+ info.disConnectComplete = NULL;
+ info.incommingConnect = CmdOnIncommingConnect;
info.sendMessageComplete = NULL;
info.recvMessage = NULL;
g_controlFdFunc = func;
diff --git a/interfaces/innerkits/fd_holder/BUILD.gn b/interfaces/innerkits/fd_holder/BUILD.gn
index 44a27b743915e318b2f92b03094b0f9abccfc544..b2327fc6916e1b2f70f63c930f262bf6fabf4efc 100644
--- a/interfaces/innerkits/fd_holder/BUILD.gn
+++ b/interfaces/innerkits/fd_holder/BUILD.gn
@@ -16,17 +16,17 @@ import("//build/ohos.gni")
config("exported_header_files") {
visibility = [ ":*" ]
include_dirs = [
- "//base/startup/init_lite/interfaces/innerkits/include",
- "//base/startup/init_lite/interfaces/innerkits/fd_holder",
+ "//base/startup/init/interfaces/innerkits/include",
+ "//base/startup/init/interfaces/innerkits/fd_holder",
]
}
ohos_static_library("fdholder") {
sources = [ "fd_holder_internal.c" ]
include_dirs = [
- "//base/startup/init_lite/services/loopevent/include",
+ "//base/startup/init/services/loopevent/include",
"//third_party/bounds_checking_function/include",
- "//base/startup/init_lite/interfaces/innerkits/include",
+ "//base/startup/init/interfaces/innerkits/include",
]
public_configs = [ ":exported_header_files" ]
part_name = "init"
diff --git a/interfaces/innerkits/file/BUILD.gn b/interfaces/innerkits/file/BUILD.gn
index c5f8832931c5eb893143da26c026e4d1d4218a06..25517b57587021876ab173dbe669ba8bfc98cf62 100644
--- a/interfaces/innerkits/file/BUILD.gn
+++ b/interfaces/innerkits/file/BUILD.gn
@@ -13,14 +13,14 @@
import("//build/ohos.gni")
config("exported_header_files") {
visibility = [ ":*" ]
- include_dirs = [ "//base/startup/init_lite/interfaces/innerkits/include" ]
+ include_dirs = [ "//base/startup/init/interfaces/innerkits/include" ]
}
ohos_static_library("libfile") {
sources = [ "init_file.c" ]
include_dirs = [
- "//base/startup/init_lite/services/log",
- "//base/startup/init_lite/services/include",
+ "//base/startup/init/services/log",
+ "//base/startup/init/services/include",
"//third_party/bounds_checking_function/include",
]
public_configs = [ ":exported_header_files" ]
diff --git a/interfaces/innerkits/file/init_file.c b/interfaces/innerkits/file/init_file.c
index bd18304844848db247bfe3a9481bd87e85c70bde..e6f6100427312b4f6daa62051164fc1308d7fb73 100644
--- a/interfaces/innerkits/file/init_file.c
+++ b/interfaces/innerkits/file/init_file.c
@@ -19,8 +19,6 @@
#include
#include
#include
-#include
-#include
#include "beget_ext.h"
#include "init_utils.h"
diff --git a/interfaces/innerkits/fs_manager/BUILD.gn b/interfaces/innerkits/fs_manager/BUILD.gn
index 396f2bd35332432910451539e6413fdb64fb514a..f46dc36ac8457ed9748f2bb809df4a4be514b392 100644
--- a/interfaces/innerkits/fs_manager/BUILD.gn
+++ b/interfaces/innerkits/fs_manager/BUILD.gn
@@ -16,7 +16,7 @@ import("//build/ohos.gni")
config("libfsmanager_exported_configs") {
visibility = [ ":*" ]
include_dirs =
- [ "//base/startup/init_lite/interfaces/innerkits/include/fs_manager" ]
+ [ "//base/startup/init/interfaces/innerkits/include/fs_manager" ]
}
ohos_static_library("libfsmanager_static") {
@@ -25,11 +25,11 @@ ohos_static_library("libfsmanager_static") {
"fstab_mount.c",
]
include_dirs = [
- "//base/startup/init_lite/interfaces/innerkits/include",
+ "//base/startup/init/interfaces/innerkits/include",
"//third_party/bounds_checking_function/include",
- "//base/startup/init_lite/services/log",
- "//base/startup/init_lite/services/include",
- "//base/startup/init_lite/services/param/include",
+ "//base/startup/init/services/log",
+ "//base/startup/init/services/include",
+ "//base/startup/init/services/param/include",
]
public_configs = [ ":libfsmanager_exported_configs" ]
part_name = "init"
diff --git a/interfaces/innerkits/fs_manager/fstab.c b/interfaces/innerkits/fs_manager/fstab.c
index af9a6180f5b759db6533137e1831f217f5ace544..a35878f3fe58bf8ce13238b7680c8eaedd2323cc 100644
--- a/interfaces/innerkits/fs_manager/fstab.c
+++ b/interfaces/innerkits/fs_manager/fstab.c
@@ -14,16 +14,13 @@
*/
#include
-#include
#include
#include
#include
#include
#include
#include
-#include
#include
-#include
#include "beget_ext.h"
#include "fs_manager/fs_manager.h"
#include "init_utils.h"
@@ -45,6 +42,8 @@ struct MountFlags {
unsigned long flags;
};
+static char *g_fscryptPolicy = NULL;
+
static unsigned int ConvertFlags(char *flagBuffer)
{
static struct FsManagerFlags fsFlags[] = {
@@ -387,7 +386,60 @@ static unsigned long ParseDefaultMountFlag(const char *str)
return flags;
}
-unsigned long GetMountFlags(char *mountFlag, char *fsSpecificData, size_t fsSpecificDataSize)
+static bool IsFscryptOption(const char *option)
+{
+ BEGET_LOGI("IsFscryptOption start");
+ if (!option) {
+ return false;
+ }
+ char *fscryptPre = "fscrypt=";
+ if (strncmp(option, fscryptPre, strlen(fscryptPre)) == 0) {
+ return true;
+ }
+ return false;
+}
+
+static void StoreFscryptPolicy(const char *option)
+{
+ if (option == NULL) {
+ return;
+ }
+ if (g_fscryptPolicy != NULL) {
+ BEGET_LOGW("StoreFscryptPolicy:inited policy is not empty");
+ free(g_fscryptPolicy);
+ }
+ g_fscryptPolicy = strdup(option);
+ if (g_fscryptPolicy == NULL) {
+ BEGET_LOGE("StoreFscryptPolicy:no memory");
+ return;
+ }
+ BEGET_LOGI("StoreFscryptPolicy:store fscrypt policy, %s", option);
+}
+
+int LoadFscryptPolicy(char *buf, size_t size)
+{
+ BEGET_LOGI("LoadFscryptPolicy start");
+ if (buf == NULL || g_fscryptPolicy == NULL) {
+ BEGET_LOGE("LoadFscryptPolicy:buf or fscrypt policy is empty");
+ return -ENOMEM;
+ }
+ if (size <= 0) {
+ BEGET_LOGE("LoadFscryptPloicy:size is invalid");
+ return -EINVAL;
+ }
+ if (strcpy_s(buf, size, g_fscryptPolicy) != 0) {
+ BEGET_LOGE("loadFscryptPolicy:strcmp failed, error = %d", errno);
+ return -EFAULT;
+ }
+ free(g_fscryptPolicy);
+ g_fscryptPolicy = NULL;
+ BEGET_LOGI("LoadFscryptPolicy success");
+
+ return 0;
+}
+
+unsigned long GetMountFlags(char *mountFlag, char *fsSpecificData, size_t fsSpecificDataSize,
+ const char *mountPoint)
{
unsigned long flags = 0;
BEGET_CHECK_RETURN_VALUE(mountFlag != NULL && fsSpecificData != NULL, 0);
@@ -411,6 +463,11 @@ unsigned long GetMountFlags(char *mountFlag, char *fsSpecificData, size_t fsSpec
if (IsDefaultMountFlags(p)) {
flags |= ParseDefaultMountFlag(p);
} else {
+ if (IsFscryptOption(p) &&
+ !strncmp(mountPoint, "/data", strlen("/data"))) {
+ StoreFscryptPolicy(p + strlen("fscrypt="));
+ continue;
+ }
if (strncat_s(fsSpecificData, fsSpecificDataSize - 1, p, strlen(p)) != EOK) {
BEGET_LOGW("Failed to append mount flag \" %s \", ignore it.", p);
continue;
diff --git a/interfaces/innerkits/fs_manager/fstab_mount.c b/interfaces/innerkits/fs_manager/fstab_mount.c
index 8ce8a3fc033958940a899261d50df13bf726a610..2ffa4120f0e109392270cd5d84ce47899996bd60 100644
--- a/interfaces/innerkits/fs_manager/fstab_mount.c
+++ b/interfaces/innerkits/fs_manager/fstab_mount.c
@@ -293,7 +293,8 @@ int MountOneItem(FstabItem *item)
unsigned long mountFlags;
char fsSpecificData[FS_MANAGER_BUFFER_SIZE] = {0};
- mountFlags = GetMountFlags(item->mountOptions, fsSpecificData, sizeof(fsSpecificData));
+ mountFlags = GetMountFlags(item->mountOptions, fsSpecificData, sizeof(fsSpecificData),
+ item->mountPoint);
if (!IsSupportedFilesystem(item->fsType)) {
BEGET_LOGE("Unsupported file system \" %s \"", item->fsType);
return 0;
diff --git a/interfaces/innerkits/include/beget_ext.h b/interfaces/innerkits/include/beget_ext.h
index 41b90c641efaff2fe285f7e5c803b8ebc7e3e276..f3bdb3a51285be15008d73e4fea1282fbe220f8a 100644
--- a/interfaces/innerkits/include/beget_ext.h
+++ b/interfaces/innerkits/include/beget_ext.h
@@ -65,7 +65,7 @@ INIT_PUBLIC_API void SetInitCommLog(InitCommLog logFunc);
#define STARTUP_LOGF(domain, tag, fmt, ...) \
StartupLog(INIT_FATAL, domain, tag, "[%s:%d]" fmt, (FILE_NAME), (__LINE__), ##__VA_ARGS__)
-#define BASE_DOMAIN 0xA000
+#define BASE_DOMAIN 0xD002C00
#ifndef BEGET_DOMAIN
#define BEGET_DOMAIN (BASE_DOMAIN + 0xb)
#endif
diff --git a/interfaces/innerkits/include/fs_manager/fs_manager.h b/interfaces/innerkits/include/fs_manager/fs_manager.h
index bb078cf76690dac79fbf1c5f2f80abc511474dff..225557a2b044e745756ab468d52ecc70a561d149 100644
--- a/interfaces/innerkits/include/fs_manager/fs_manager.h
+++ b/interfaces/innerkits/include/fs_manager/fs_manager.h
@@ -70,9 +70,13 @@ MountStatus GetMountStatusForMountPoint(const char *mp);
int MountAllWithFstabFile(const char *fstabFile, bool required);
int MountAllWithFstab(const Fstab *fstab, bool required);
int UmountAllWithFstabFile(const char *file);
-unsigned long GetMountFlags(char *mountFlag, char *fsSpecificFlags, size_t fsSpecificFlagSize);
+unsigned long GetMountFlags(char *mountFlag, char *fsSpecificFlags, size_t fsSpecificFlagSize,
+ const char *mountPoint);
int GetBlockDevicePath(const char *partName, char *path, int size);
+
+// Get fscrypt policy if exist
+int LoadFscryptPolicy(char *buf, size_t size);
#ifdef __cplusplus
#if __cplusplus
}
diff --git a/interfaces/innerkits/include/modulemgr.h b/interfaces/innerkits/include/modulemgr.h
index 5f788e4da20a28bc358175ab94b93ade4e807ca5..2f2967c9f747f9bda62b3d84040f00c053268b08 100755
--- a/interfaces/innerkits/include/modulemgr.h
+++ b/interfaces/innerkits/include/modulemgr.h
@@ -75,7 +75,7 @@ void ModuleMgrDestroy(MODULE_MGR *moduleMgr);
/**
* @brief Install a module
*
- * The final module path is: /system/lib/{moduleMgrPath}/{moduleNmae}.z.so
+ * The final module path is: /system/lib/{moduleMgrPath}/{moduleName}.z.so
*
* @param moduleMgr module manager handle
* @param moduleName module name
diff --git a/interfaces/innerkits/include/service_control.h b/interfaces/innerkits/include/service_control.h
index 45ef77279ad12769d50dc205afc79738e519c025..ada09cbf0cc6174ef4c94652f224f5b961883266 100644
--- a/interfaces/innerkits/include/service_control.h
+++ b/interfaces/innerkits/include/service_control.h
@@ -37,7 +37,7 @@ typedef enum {
SERVICE_SUSPENDED,
SERVICE_FREEZED,
SERVICE_DISABLED,
- SERVICE_CRITIAL
+ SERVICE_CRITICAL
} ServiceStatus;
enum ServiceAction {
diff --git a/interfaces/innerkits/init_module_engine/BUILD.gn b/interfaces/innerkits/init_module_engine/BUILD.gn
index 6c91e673e656efcee4f12249a24ad0c61b79d44a..320d0d6fba88fafae0094d1d48eced99597bc31b 100755
--- a/interfaces/innerkits/init_module_engine/BUILD.gn
+++ b/interfaces/innerkits/init_module_engine/BUILD.gn
@@ -25,9 +25,9 @@ if (defined(ohos_lite)) {
visibility = [ ":*" ]
include_dirs = [
"include/",
- "//base/startup/init_lite/services/include",
- "//base/startup/init_lite/interfaces/innerkits/include",
- "//base/startup/init_lite/services/log",
+ "//base/startup/init/services/include",
+ "//base/startup/init/interfaces/innerkits/include",
+ "//base/startup/init/services/log",
"//third_party/cJSON",
]
}
@@ -62,10 +62,10 @@ if (defined(ohos_lite)) {
config("init_module_engine_sources_config") {
include_dirs = [
- "//base/startup/init_lite/interfaces/innerkits/init_module_engine/include",
- "//base/startup/init_lite/interfaces/innerkits/include",
- "//base/startup/init_lite/services/include",
- "//base/startup/init_lite/services/log",
+ "//base/startup/init/interfaces/innerkits/init_module_engine/include",
+ "//base/startup/init/interfaces/innerkits/include",
+ "//base/startup/init/services/include",
+ "//base/startup/init/services/log",
"//third_party/cJSON",
]
}
diff --git a/interfaces/innerkits/reboot/init_reboot_innerkits.c b/interfaces/innerkits/reboot/init_reboot_innerkits.c
index 38e136a39febeed48cf9a1104a418e23d043c587..e686b41d5e72e6d7db39d71cb098972c0edf35c4 100644
--- a/interfaces/innerkits/reboot/init_reboot_innerkits.c
+++ b/interfaces/innerkits/reboot/init_reboot_innerkits.c
@@ -15,7 +15,6 @@
#include "init_reboot.h"
#include
-#include
#include
#include "beget_ext.h"
diff --git a/interfaces/innerkits/sandbox/BUILD.gn b/interfaces/innerkits/sandbox/BUILD.gn
index a125a21d4f53c957ae45bbbb97094f0e714c4b9f..1032602a666cf0da93323e63098766e17f41f9de 100644
--- a/interfaces/innerkits/sandbox/BUILD.gn
+++ b/interfaces/innerkits/sandbox/BUILD.gn
@@ -11,13 +11,12 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-import("//base/startup/init_lite/begetd.gni")
+import("//base/startup/init/begetd.gni")
import("//build/ohos.gni")
config("exported_header_files") {
visibility = [ ":*" ]
- include_dirs =
- [ "//base/startup/init_lite/interfaces/innerkits/sandbox/include" ]
+ include_dirs = [ "//base/startup/init/interfaces/innerkits/sandbox/include" ]
}
ohos_static_library("sandbox") {
@@ -28,8 +27,8 @@ ohos_static_library("sandbox") {
public_configs = [ ":exported_header_files" ]
include_dirs = [
"//third_party/bounds_checking_function/include",
- "//base/startup/init_lite/services/include",
- "//base/startup/init_lite/interfaces/innerkits/include",
+ "//base/startup/init/services/include",
+ "//base/startup/init/interfaces/innerkits/include",
"//third_party/cJSON",
]
if (target_cpu == "arm64") {
diff --git a/interfaces/innerkits/sandbox/sandbox.c b/interfaces/innerkits/sandbox/sandbox.c
index 5985328bafe9c12953a54d90602b9be97ef7a0a1..a650c202f32945c8002f0b78f91dc93d94f745c5 100755
--- a/interfaces/innerkits/sandbox/sandbox.c
+++ b/interfaces/innerkits/sandbox/sandbox.c
@@ -22,7 +22,6 @@
#include
#include
#include
-#include
#include
#include "beget_ext.h"
#include "init_utils.h"
diff --git a/interfaces/innerkits/sandbox/sandbox_namespace.c b/interfaces/innerkits/sandbox/sandbox_namespace.c
index 353302dc4669702f178cb46e3ecece69d62dc6e2..380bc75f770c6e98fe4acea36c90bb2844b38c76 100644
--- a/interfaces/innerkits/sandbox/sandbox_namespace.c
+++ b/interfaces/innerkits/sandbox/sandbox_namespace.c
@@ -17,7 +17,6 @@
#include
#include
#include
-#include
#include
#include "beget_ext.h"
diff --git a/interfaces/innerkits/sandbox/system-sandbox.json b/interfaces/innerkits/sandbox/system-sandbox.json
index 201f8961a45fc5772805c43796614aab2ee72d03..be331edfa520ecc95b34d7cda7bc08b24322b3c5 100644
--- a/interfaces/innerkits/sandbox/system-sandbox.json
+++ b/interfaces/innerkits/sandbox/system-sandbox.json
@@ -73,6 +73,14 @@
"src-path" : "/sys_prod",
"sandbox-path" : "/sys_prod",
"sandbox-flags" : [ "bind", "rec", "private" ]
+ }, {
+ "src-path" : "/vendor",
+ "sandbox-path" : "/chipset",
+ "sandbox-flags" : [ "bind", "rec", "private" ]
+ }, {
+ "src-path" : "/chip_prod",
+ "sandbox-path" : "/chip_prod",
+ "sandbox-flags" : [ "bind", "rec", "private" ]
}
],
"mount-bind-files" : [{
diff --git a/interfaces/innerkits/sandbox/system-sandbox64.json b/interfaces/innerkits/sandbox/system-sandbox64.json
index 82f97e4d490d77a17624004acf701e60fe4ab5db..f58896da59623de53e22b37b6f5a6372c88ed41d 100644
--- a/interfaces/innerkits/sandbox/system-sandbox64.json
+++ b/interfaces/innerkits/sandbox/system-sandbox64.json
@@ -80,6 +80,14 @@
"src-path" : "/sys_prod",
"sandbox-path" : "/sys_prod",
"sandbox-flags" : [ "bind", "rec", "private" ]
+ }, {
+ "src-path" : "/vendor",
+ "sandbox-path" : "/chipset",
+ "sandbox-flags" : [ "bind", "rec", "private" ]
+ }, {
+ "src-path" : "/chip_prod",
+ "sandbox-path" : "/chip_prod",
+ "sandbox-flags" : [ "bind", "rec", "private" ]
}
],
"mount-bind-files" : [{
diff --git a/interfaces/innerkits/seccomp/BUILD.gn b/interfaces/innerkits/seccomp/BUILD.gn
new file mode 100755
index 0000000000000000000000000000000000000000..170b62d6bf9297a79661f80223540df3bebbfec1
--- /dev/null
+++ b/interfaces/innerkits/seccomp/BUILD.gn
@@ -0,0 +1,43 @@
+# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import("//build/ohos.gni")
+
+config("seccomp_public_config") {
+ include_dirs = [ "//base/startup/init/interfaces/innerkits/seccomp/include" ]
+}
+
+ohos_shared_library("seccomp") {
+ sources = [ "//base/startup/init/services/modules/seccomp/seccomp_policy.c" ]
+
+ public_configs = [ ":seccomp_public_config" ]
+
+ include_dirs = [ "//base/startup/init/services/modules/seccomp" ]
+
+ deps = [
+ "//base/startup/init/interfaces/innerkits:libbegetutil",
+ "//base/startup/init/services/modules/seccomp:appspawn_filter",
+ "//base/startup/init/services/modules/seccomp:system_filter",
+ ]
+
+ license_file = "//base/startup/init/LICENSE"
+
+ part_name = "init"
+
+ install_enable = true
+ install_images = [
+ "system",
+ "updater",
+ "ramdisk",
+ ]
+}
diff --git a/interfaces/innerkits/seccomp/include/seccomp_policy.h b/interfaces/innerkits/seccomp/include/seccomp_policy.h
new file mode 100644
index 0000000000000000000000000000000000000000..1f724ad7c33e5c2fa9a2d444081b68b61c31a068
--- /dev/null
+++ b/interfaces/innerkits/seccomp/include/seccomp_policy.h
@@ -0,0 +1,42 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef SECCOMP_POLICY_H
+#define SECCOMP_POLICY_H
+
+#include
+#include
+
+#ifdef __cplusplus
+#if __cplusplus
+extern "C" {
+#endif
+#endif
+
+typedef enum {
+ SYSTEM,
+ APPSPAWN,
+ APP
+} PolicyType;
+
+bool SetSeccompPolicy(PolicyType policy);
+
+#ifdef __cplusplus
+#if __cplusplus
+}
+#endif
+#endif
+
+#endif // SECCOMP_POLICY_H
diff --git a/interfaces/innerkits/service_watcher/service_watcher.c b/interfaces/innerkits/service_watcher/service_watcher.c
index 46e7e98ca84aa2206f8572fcabe6242f10433007..7efc5a8bf100df3857918cdb65b8ceafe48f8b3e 100644
--- a/interfaces/innerkits/service_watcher/service_watcher.c
+++ b/interfaces/innerkits/service_watcher/service_watcher.c
@@ -16,7 +16,6 @@
#include
#include
-#include
#include
#include "beget_ext.h"
diff --git a/interfaces/innerkits/socket/BUILD.gn b/interfaces/innerkits/socket/BUILD.gn
index 06fff8070020c0cc2603743d31a25cb8c6710e76..b989622cef39033eac41e2cf8bfc79f4c21afa08 100644
--- a/interfaces/innerkits/socket/BUILD.gn
+++ b/interfaces/innerkits/socket/BUILD.gn
@@ -12,10 +12,10 @@
# limitations under the License.
service_socket_sources =
- [ "//base/startup/init_lite/interfaces/innerkits/socket/init_socket.c" ]
+ [ "//base/startup/init/interfaces/innerkits/socket/init_socket.c" ]
service_socket_include = [
- "//base/startup/init_lite/interfaces/innerkits/include",
- "//base/startup/init_lite/services/log",
+ "//base/startup/init/interfaces/innerkits/include",
+ "//base/startup/init/services/log",
"//third_party/bounds_checking_function/include",
]
diff --git a/interfaces/innerkits/socket/init_socket.c b/interfaces/innerkits/socket/init_socket.c
index 9e223897bff7abb3a0483c3ef0e8c48bc497c6a6..a1870ae49bae2485ddae5b1237d920bca122f8a7 100644
--- a/interfaces/innerkits/socket/init_socket.c
+++ b/interfaces/innerkits/socket/init_socket.c
@@ -14,14 +14,9 @@
*/
#include "init_socket.h"
-#include
#include
#include
-#include
-#include
#include
-#include
-#include
#include
#include "beget_ext.h"
#include "securec.h"
diff --git a/interfaces/innerkits/syscap/BUILD.gn b/interfaces/innerkits/syscap/BUILD.gn
index bec0497a39ef0fec2c4d8b8092ed4e5a93cbbe30..95952dccdfab16ae2469288fec032b84507ca362 100755
--- a/interfaces/innerkits/syscap/BUILD.gn
+++ b/interfaces/innerkits/syscap/BUILD.gn
@@ -22,10 +22,10 @@ ohos_shared_library("syscap") {
include_dirs = [
"../include",
- "//base/startup/init_lite/services/include/param",
+ "//base/startup/init/services/include/param",
]
deps = [
- "//base/startup/init_lite/interfaces/innerkits:libbegetutil",
+ "//base/startup/init/interfaces/innerkits:libbegetutil",
"//third_party/bounds_checking_function:libsec_shared",
]
diff --git a/interfaces/innerkits/syspara/param_comm.c b/interfaces/innerkits/syspara/param_comm.c
index 8ce2f490f02db92fbe15635780c02fa64ec4ae12..a7f3135eae5c0e773b3c084f0cb8fd15511bf7a8 100644
--- a/interfaces/innerkits/syspara/param_comm.c
+++ b/interfaces/innerkits/syspara/param_comm.c
@@ -15,7 +15,6 @@
#include "param_comm.h"
-#include
#include
#include
@@ -33,8 +32,6 @@
#include "securec.h"
#include "beget_ext.h"
-static const char *g_emptyStr = "";
-
INIT_LOCAL_API int IsValidParamValue(const char *value, uint32_t len)
{
if ((value == NULL) || (strlen(value) + 1 > len)) {
@@ -73,11 +70,11 @@ INIT_LOCAL_API const char *GetProperty(const char *key, const char **paramHolder
int ret = SystemGetParameter(key, NULL, &len);
if (ret == 0 && len > 0) {
char *res = (char *)malloc(len + 1);
- BEGET_CHECK(res != NULL, return g_emptyStr);
+ BEGET_CHECK(res != NULL, return NULL);
ret = SystemGetParameter(key, res, &len);
if (ret != 0) {
free(res);
- return g_emptyStr;
+ return NULL;
}
*paramHolder = res;
}
@@ -154,14 +151,14 @@ INIT_LOCAL_API const char *GetSerial_(void)
#ifdef LITEOS_SUPPORT
return HalGetSerial();
#else
- static char *ohos_serial = NULL;
- if (ohos_serial == NULL) {
- BEGET_CHECK((ohos_serial = (char *)calloc(1, PARAM_VALUE_LEN_MAX)) != NULL, return NULL);
+ static char *ohosSerial = NULL;
+ if (ohosSerial == NULL) {
+ BEGET_CHECK((ohosSerial = (char *)calloc(1, PARAM_VALUE_LEN_MAX)) != NULL, return NULL);
}
uint32_t len = PARAM_VALUE_LEN_MAX;
- int ret = SystemGetParameter("ohos.boot.sn", ohos_serial, &len);
+ int ret = SystemGetParameter("ohos.boot.sn", ohosSerial, &len);
BEGET_CHECK(ret == 0, return NULL);
- return ohos_serial;
+ return ohosSerial;
#endif
}
diff --git a/interfaces/innerkits/syspara/param_wrapper.cpp b/interfaces/innerkits/syspara/param_wrapper.cpp
index af2d4462cd8f0260ab0f79aab3354cc07948fae9..18dc6bdc699f07e832bb3c0a7fc8759f26db9752 100644
--- a/interfaces/innerkits/syspara/param_wrapper.cpp
+++ b/interfaces/innerkits/syspara/param_wrapper.cpp
@@ -17,7 +17,6 @@
#include
#include
-#include
#include "beget_ext.h"
#include "param_comm.h"
diff --git a/interfaces/innerkits/syspara/parameter.c b/interfaces/innerkits/syspara/parameter.c
index b29b56c3799bd30dc5459857bb6cc66aaa17fb9f..cf17e5067e4e487c4ffed4811564859802eeaf51 100644
--- a/interfaces/innerkits/syspara/parameter.c
+++ b/interfaces/innerkits/syspara/parameter.c
@@ -226,17 +226,24 @@ int GetDevUdid(char *udid, int size)
static const char *BuildOSFullName(void)
{
const char release[] = "Release";
- char value[OS_FULL_NAME_LEN] = {0};
const char *releaseType = GetOsReleaseType();
- const char *fillname = GetFullName_();
- if ((releaseType != NULL) && (strncmp(releaseType, release, sizeof(release) - 1) != 0)) {
- int length = sprintf_s(value, OS_FULL_NAME_LEN, "%s(%s)", fillname, releaseType);
+ const char *fullName = GetFullName_();
+ if (fullName == NULL || releaseType == NULL) {
+ return NULL;
+ }
+ if (strncmp(releaseType, release, sizeof(release) - 1) != 0) {
+ char *value = calloc(1, OS_FULL_NAME_LEN);
+ if (value == NULL) {
+ return NULL;
+ }
+ int length = sprintf_s(value, OS_FULL_NAME_LEN, "%s(%s)", fullName, releaseType);
if (length < 0) {
- return EMPTY_STR;
+ free(value);
+ return NULL;
}
+ return value;
}
- const char *osFullName = strdup(value);
- return osFullName;
+ return strdup(fullName);
}
const char *GetOSFullName(void)
@@ -255,13 +262,16 @@ const char *GetOSFullName(void)
static const char *BuildVersionId(void)
{
char value[VERSION_ID_MAX_LEN] = {0};
+ if (GetDeviceType() == NULL) {
+ return NULL;
+ }
int len = sprintf_s(value, VERSION_ID_MAX_LEN, "%s/%s/%s/%s/%s/%s/%s/%s/%s/%s",
GetDeviceType(), GetManufacture(), GetBrand(), GetProductSeries(),
GetOSFullName(), GetProductModel(), GetSoftwareModel(),
GetSdkApiVersion_(), GetIncrementalVersion(), GetBuildType());
if (len <= 0) {
- return EMPTY_STR;
+ return NULL;
}
const char *versionId = strdup(value);
return versionId;
diff --git a/interfaces/innerkits/syspara/sysversion.c b/interfaces/innerkits/syspara/sysversion.c
index 11e632697faf733042595e71d136584ea29108d6..c28e6afbac3f15b7cb1cdd583d8b5144929dd6f2 100644
--- a/interfaces/innerkits/syspara/sysversion.c
+++ b/interfaces/innerkits/syspara/sysversion.c
@@ -14,13 +14,11 @@
*/
#include "sysversion.h"
-#include
#include
#include
#include "beget_ext.h"
#include "param_comm.h"
-#include "parameter.h"
#include "securec.h"
/* *
diff --git a/interfaces/innerkits/token/BUILD.gn b/interfaces/innerkits/token/BUILD.gn
index d0d8f99cedd0db103518d1c22ce0634737c34bdb..d0aaff46c296c5f8e8e2b8e1de6c2ef010de8cc5 100755
--- a/interfaces/innerkits/token/BUILD.gn
+++ b/interfaces/innerkits/token/BUILD.gn
@@ -12,17 +12,17 @@
# See the License for the specific language governing permissions and
# limitations under the License.
#
-import("//base/startup/init_lite/begetd.gni")
+import("//base/startup/init/begetd.gni")
import("//build/lite/config/component/lite_component.gni")
import("//build/lite/ndk/ndk.gni")
if (ohos_kernel_type == "liteos_a" || ohos_kernel_type == "linux") {
shared_library("token_shared") {
include_dirs = [
- "//base/startup/init_lite/interfaces/innerkits/include",
- "//base/startup/init_lite/interfaces/innerkits/include/token",
+ "//base/startup/init/interfaces/innerkits/include",
+ "//base/startup/init/interfaces/innerkits/include/token",
"//utils/native/lite/include",
- "//base/startup/init_lite/interfaces/innerkits/token",
+ "//base/startup/init/interfaces/innerkits/token",
]
sources = [ "src/token_impl_posix/token.c" ]
@@ -38,10 +38,10 @@ if (ohos_kernel_type == "liteos_m") {
sources = [ "src/token_impl_hal/token.c" ]
include_dirs = [
- "//base/startup/init_lite/interfaces/innerkits/include",
- "//base/startup/init_lite/interfaces/innerkits/include/token",
+ "//base/startup/init/interfaces/innerkits/include",
+ "//base/startup/init/interfaces/innerkits/include/token",
"//utils/native/lite/include",
- "//base/startup/init_lite/interfaces/innerkits/token",
+ "//base/startup/init/interfaces/innerkits/token",
"//base/hiviewdfx/hilog_lite/interfaces/native/kits/hilog_lite",
]
@@ -67,8 +67,7 @@ ndk_lib("token_notes") {
lib_extension = ".so"
}
if (ohos_kernel_type != "liteos_m") {
- deps +=
- [ "//base/startup/init_lite/interfaces/innerkits/token:token_shared" ]
+ deps += [ "//base/startup/init/interfaces/innerkits/token:token_shared" ]
}
- head_files += [ "//base/startup/init_lite/interfaces/include/token" ]
+ head_files += [ "//base/startup/init/interfaces/include/token" ]
}
diff --git a/interfaces/kits/BUILD.gn b/interfaces/kits/BUILD.gn
index 3d4e7753ad07ba9b083bc694f2bf0d4bc6aa2420..ea0ac6f9ac619d8849048b65e817e7c8e1053e45 100755
--- a/interfaces/kits/BUILD.gn
+++ b/interfaces/kits/BUILD.gn
@@ -16,8 +16,8 @@ import("//build/ohos.gni")
group("kitsgroup") {
if (!defined(ohos_lite)) {
deps = [
- "//base/startup/init_lite/interfaces/innerkits:libbeget_proxy",
- "//base/startup/init_lite/interfaces/innerkits:libbegetutil",
+ "//base/startup/init/interfaces/innerkits:libbeget_proxy",
+ "//base/startup/init/interfaces/innerkits:libbegetutil",
]
deps += [ "syscap:deviceinfo_ndk" ]
if (support_jsapi) {
diff --git a/interfaces/kits/jskits/BUILD.gn b/interfaces/kits/jskits/BUILD.gn
index 7c28fc5085a0354c385b429bdda0b3ab7033a2f4..bc451637b5c5596c05e82837a8fa7ac375b5c00b 100755
--- a/interfaces/kits/jskits/BUILD.gn
+++ b/interfaces/kits/jskits/BUILD.gn
@@ -14,18 +14,15 @@
import("//build/ohos.gni")
ohos_shared_library("deviceinfo") {
- include_dirs = [ "//base/startup/init_lite/interfaces/innerkits/include" ]
+ include_dirs = [ "//base/startup/init/interfaces/innerkits/include" ]
sources = [ "src/native_deviceinfo_js.cpp" ]
deps = [
- "//base/startup/init_lite/interfaces/innerkits:libbeget_proxy",
- "//base/startup/init_lite/interfaces/innerkits:libbegetutil",
- ]
- external_deps = [
- "hiviewdfx_hilog_native:libhilog",
- "napi:ace_napi",
+ "//base/startup/init/interfaces/innerkits:libbeget_proxy",
+ "//base/startup/init/interfaces/innerkits:libbegetutil",
]
+ external_deps = [ "napi:ace_napi" ]
relative_install_dir = "module"
subsystem_name = "startup"
part_name = "init"
@@ -43,14 +40,11 @@ ohos_shared_library("systemparameter") {
]
deps = [
- "//base/startup/init_lite/interfaces/innerkits:libbeget_proxy",
- "//base/startup/init_lite/interfaces/innerkits:libbegetutil",
+ "//base/startup/init/interfaces/innerkits:libbeget_proxy",
+ "//base/startup/init/interfaces/innerkits:libbegetutil",
]
- external_deps = [
- "hiviewdfx_hilog_native:libhilog",
- "napi:ace_napi",
- ]
+ external_deps = [ "napi:ace_napi" ]
relative_install_dir = "module"
subsystem_name = "startup"
part_name = "init"
diff --git a/interfaces/kits/syscap/BUILD.gn b/interfaces/kits/syscap/BUILD.gn
index 7ab2b22ca27c1a962b53503988538fdb82e6c8b9..76b75bdd45c0f57bfd5194b6ed3a4f3f891ae52f 100755
--- a/interfaces/kits/syscap/BUILD.gn
+++ b/interfaces/kits/syscap/BUILD.gn
@@ -16,7 +16,7 @@ import("//build/ohos.gni")
ohos_shared_library("deviceinfo_ndk") {
sources = [ "src/syscap_ndk.c" ]
include_dirs = [ "./include" ]
- deps = [ "//base/startup/init_lite/interfaces/innerkits:libbegetutil" ]
+ deps = [ "//base/startup/init/interfaces/innerkits:libbegetutil" ]
part_name = "init"
}
diff --git a/services/BUILD.gn b/services/BUILD.gn
index e48002ee1431ebc5da6a755871bd417089a3f4f1..87e82bbedeb20e53eb361feb306a971b180d2326 100755
--- a/services/BUILD.gn
+++ b/services/BUILD.gn
@@ -10,7 +10,7 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-import("//base/startup/init_lite/begetd.gni")
+import("//base/startup/init/begetd.gni")
group("startup_init") {
deps = []
@@ -23,7 +23,7 @@ group("startup_init") {
# for unittest
if (ohos_build_type == "debug") {
- deps += [ "//base/startup/init_lite/test/unittest/lite:init_test" ]
+ deps += [ "//base/startup/init/test/unittest/lite:init_test" ]
}
}
@@ -35,9 +35,9 @@ group("startup_init") {
]
if (enable_ohos_startup_init_feature_watcher) {
deps += [
- "//base/startup/init_lite/services/param/watcher:param_watcher",
- "//base/startup/init_lite/services/param/watcher:param_watcher.rc",
- "//base/startup/init_lite/services/param/watcher/sa_profile:param_watcher_profile",
+ "//base/startup/init/services/param/watcher:param_watcher",
+ "//base/startup/init/services/param/watcher:param_watcher.rc",
+ "//base/startup/init/services/param/watcher/sa_profile:param_watcher_profile",
]
}
}
diff --git a/services/begetctl/BUILD.gn b/services/begetctl/BUILD.gn
index 6b3d876f708da7f4e157df00c34ae4c4ba6cd4aa..7b5d8702d12bf1b367424a84fb36bb20c0d222de 100755
--- a/services/begetctl/BUILD.gn
+++ b/services/begetctl/BUILD.gn
@@ -10,21 +10,21 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-import("//base/startup/init_lite/begetd.gni")
+import("//base/startup/init/begetd.gni")
common_include_dirs = [
- "//base/startup/init_lite/services/begetctl",
- "//base/startup/init_lite/services/begetctl/shell",
- "//base/startup/init_lite/services/param/include",
- "//base/startup/init_lite/services/param/adapter",
- "//base/startup/init_lite/services/param/linux",
- "//base/startup/init_lite/services/param/base",
- "//base/startup/init_lite/services/include/param",
- "//base/startup/init_lite/services/include",
- "//base/startup/init_lite/services/loopevent/include",
- "//base/startup/init_lite/services/init/include",
- "//base/startup/init_lite/services/log",
- "//base/startup/init_lite/interfaces/innerkits/include",
+ "//base/startup/init/services/begetctl",
+ "//base/startup/init/services/begetctl/shell",
+ "//base/startup/init/services/param/include",
+ "//base/startup/init/services/param/adapter",
+ "//base/startup/init/services/param/linux",
+ "//base/startup/init/services/param/base",
+ "//base/startup/init/services/include/param",
+ "//base/startup/init/services/include",
+ "//base/startup/init/services/loopevent/include",
+ "//base/startup/init/services/init/include",
+ "//base/startup/init/services/log",
+ "//base/startup/init/interfaces/innerkits/include",
"//third_party/bounds_checking_function/include",
]
@@ -42,14 +42,14 @@ if (defined(ohos_lite)) {
"OHOS_LITE",
]
if (param_test) {
- sources += [ "//base/startup/init_lite/test/moduletest/syspara.cpp" ]
+ sources += [ "//base/startup/init/test/moduletest/syspara.cpp" ]
}
include_dirs = common_include_dirs
deps = [
"//base/hiviewdfx/hilog_lite/frameworks/featured:hilog_shared",
- "//base/startup/init_lite/interfaces/innerkits:libbegetutil",
- "//base/startup/init_lite/services/utils:libinit_utils",
+ "//base/startup/init/interfaces/innerkits:libbegetutil",
+ "//base/startup/init/services/utils:libinit_utils",
"//build/lite/config/component/cJSON:cjson_static",
"//third_party/bounds_checking_function:libsec_static",
]
@@ -79,23 +79,23 @@ if (defined(ohos_lite)) {
include_dirs = [
"//third_party/bounds_checking_function/include",
- "//base/startup/init_lite/interfaces/innerkits/sandbox/include",
- "//base/startup/init_lite/interfaces/innerkits/control_fd",
+ "//base/startup/init/interfaces/innerkits/sandbox/include",
+ "//base/startup/init/interfaces/innerkits/control_fd",
]
include_dirs += common_include_dirs
deps = [
- "//base/startup/init_lite/interfaces/innerkits:libbegetutil",
- "//base/startup/init_lite/interfaces/innerkits/control_fd:libcontrolfd",
+ "//base/startup/init/interfaces/innerkits:libbegetutil",
+ "//base/startup/init/interfaces/innerkits/control_fd:libcontrolfd",
"//third_party/bounds_checking_function:libsec_shared",
]
- external_deps = [ "utils_base:utils" ]
+ external_deps = [ "c_utils:utils" ]
if (param_test) {
sources += [
- "//base/startup/init_lite/test/moduletest/param_test_cmds.c",
- "//base/startup/init_lite/test/moduletest/syspara.cpp",
+ "//base/startup/init/test/moduletest/param_test_cmds.c",
+ "//base/startup/init/test/moduletest/syspara.cpp",
]
- deps += [ "//base/startup/init_lite/interfaces/innerkits:libbeget_proxy" ]
+ deps += [ "//base/startup/init/interfaces/innerkits:libbeget_proxy" ]
defines += [
"OHOS_SERVICE_DUMP",
"INIT_TEST",
@@ -139,7 +139,7 @@ if (defined(ohos_lite)) {
defines = [ "_GNU_SOURCE" ]
include_dirs = common_include_dirs
deps = [
- "//base/startup/init_lite/interfaces/innerkits:libbegetutil",
+ "//base/startup/init/interfaces/innerkits:libbegetutil",
"//third_party/bounds_checking_function:libsec_static",
]
@@ -151,10 +151,10 @@ if (defined(ohos_lite)) {
if (param_test) {
sources += [
- "//base/startup/init_lite/test/moduletest/param_test_cmds.c",
- "//base/startup/init_lite/test/moduletest/syspara.cpp",
+ "//base/startup/init/test/moduletest/param_test_cmds.c",
+ "//base/startup/init/test/moduletest/syspara.cpp",
]
- deps += [ "//base/startup/init_lite/interfaces/innerkits:libbeget_proxy" ]
+ deps += [ "//base/startup/init/interfaces/innerkits:libbeget_proxy" ]
defines += [
"OHOS_SERVICE_DUMP",
"INIT_TEST",
@@ -181,17 +181,17 @@ if (defined(ohos_lite)) {
include_dirs = common_include_dirs
deps = [
- "//base/startup/init_lite/services/log:agent_log",
- "//base/startup/init_lite/services/loopevent:loopevent",
- "//base/startup/init_lite/services/param/base:parameterbase",
- "//base/startup/init_lite/services/param/linux:param_client",
- "//base/startup/init_lite/services/utils:libinit_utils",
+ "//base/startup/init/services/log:agent_log",
+ "//base/startup/init/services/loopevent:loopevent",
+ "//base/startup/init/services/param/base:parameterbase",
+ "//base/startup/init/services/param/linux:param_client",
+ "//base/startup/init/services/utils:libinit_utils",
"//third_party/bounds_checking_function:libsec_static",
]
external_deps = [
+ "c_utils:utils",
"hilog_native:libhilog_base",
- "utils_base:utils",
]
if (build_selinux) {
deps += [ "//third_party/selinux:libselinux" ]
diff --git a/services/begetctl/dump_service.c b/services/begetctl/dump_service.c
index b6245de8df3fdd7c63e8bf72f4dc3564754e66ca..7bc697d73df5238775569495ff2746eaef75747e 100644
--- a/services/begetctl/dump_service.c
+++ b/services/begetctl/dump_service.c
@@ -18,7 +18,6 @@
#include "begetctl.h"
#include "control_fd.h"
-#include "init_utils.h"
#define DUMP_SERVICE_INFO_CMD_ARGS 2
static int main_cmd(BShellHandle shell, int argc, char **argv)
diff --git a/services/begetctl/main.c b/services/begetctl/main.c
index b206d93b8b65c1f8cade909b40c7956d0cb5e090..c59a0dbf1afe19404730065690caa26df8b4fdb0 100644
--- a/services/begetctl/main.c
+++ b/services/begetctl/main.c
@@ -19,7 +19,6 @@
#include "begetctl.h"
#include "shell.h"
#include "shell_utils.h"
-#include "init_param.h"
static BShellHandle g_handle = NULL;
BShellHandle GetShellHandle(void)
diff --git a/services/begetctl/misc_daemon.cpp b/services/begetctl/misc_daemon.cpp
index c1cd36b6629a554ba3f84e0392cfb58dcc03fed8..0a49cd8ecd6377058169e5360c0f5ac22779d6df 100644
--- a/services/begetctl/misc_daemon.cpp
+++ b/services/begetctl/misc_daemon.cpp
@@ -18,12 +18,10 @@
#include
#include
#include
-#include
#include
#include
#include
#include
-#include
#include "begetctl.h"
#include "fs_manager/fs_manager.h"
diff --git a/services/begetctl/modulectl.c b/services/begetctl/modulectl.c
index 4c98db9ff36aa9f471fedc3aeb42f13ca85d1884..779b4e3dde0d641591bb556d7d0c71409e4d2a55 100644
--- a/services/begetctl/modulectl.c
+++ b/services/begetctl/modulectl.c
@@ -14,7 +14,6 @@
*/
#include
#include
-#include
#include "begetctl.h"
#include "control_fd.h"
diff --git a/services/begetctl/param_cmd.c b/services/begetctl/param_cmd.c
index 1afbf6277bb7151464e519e1050b9cef6a9081d6..df64a621fd2ef2cf39b25e837c04925fb903e8eb 100644
--- a/services/begetctl/param_cmd.c
+++ b/services/begetctl/param_cmd.c
@@ -14,19 +14,15 @@
*/
#include
#include
-#include
#include
#include
#include
-#include
#include
#include
#include "begetctl.h"
-#include "init_utils.h"
#include "param_manager.h"
#include "param_security.h"
-#include "param_utils.h"
#include "shell_utils.h"
#include "init_param.h"
#include "beget_ext.h"
diff --git a/services/begetctl/service_control.c b/services/begetctl/service_control.c
index 75debcf79c506ae2c681abdb7001ef542b91219a..5c2c254c72c34dd1e9511a6f88982fea80a9e922 100644
--- a/services/begetctl/service_control.c
+++ b/services/begetctl/service_control.c
@@ -19,7 +19,6 @@
#include
#include "begetctl.h"
-#include "init_param.h"
#include "init_utils.h"
#define SERVICE_START_NUMBER 2
diff --git a/services/etc/BUILD.gn b/services/etc/BUILD.gn
index 9f3405bacd986b9673dedb9451e3bef0db0f855b..1d46aa4c66ca69b39c509c07f0a89c35374eae47 100755
--- a/services/etc/BUILD.gn
+++ b/services/etc/BUILD.gn
@@ -13,27 +13,26 @@
if (defined(ohos_lite)) {
copy("ohos.para") {
- sources = [ "//base/startup/init_lite/services/etc/param/ohos.para" ]
+ sources = [ "//base/startup/init/services/etc/param/ohos.para" ]
outputs = [ "$root_out_dir/system/etc/param/ohos.para" ]
}
copy("ohos.para.dac") {
- sources = [ "//base/startup/init_lite/services/etc/param/ohos.para.dac" ]
+ sources = [ "//base/startup/init/services/etc/param/ohos.para.dac" ]
outputs = [ "$root_out_dir/system/etc/param/ohos.para.dac" ]
}
copy("ohos.const") {
- sources = [
- "//base/startup/init_lite/services/etc_lite/param/ohos_const/ohos.para",
- ]
+ sources =
+ [ "//base/startup/init/services/etc_lite/param/ohos_const/ohos.para" ]
outputs = [ "$root_out_dir/system/etc/param/ohos_const/ohos.para" ]
}
copy("ohos.passwd") {
- sources = [ "//base/startup/init_lite/services/etc_lite/passwd" ]
+ sources = [ "//base/startup/init/services/etc_lite/passwd" ]
outputs = [ "$root_out_dir/etc/passwd" ]
}
copy("ohos.group") {
- sources = [ "//base/startup/init_lite/services/etc_lite/group" ]
+ sources = [ "//base/startup/init/services/etc_lite/group" ]
outputs = [ "$root_out_dir/etc/group" ]
}
@@ -51,46 +50,45 @@ if (defined(ohos_lite)) {
}
}
} else {
- import("//base/startup/init_lite/services/etc/param/param_fixer.gni")
+ import("//base/startup/init/services/etc/param/param_fixer.gni")
import("//build/ohos.gni")
# init etc files group
ohos_prebuilt_etc("init.cfg") {
if (!enable_ramdisk) {
- source =
- "//base/startup/init_lite/services/etc/init.without_two_stages.cfg"
+ source = "//base/startup/init/services/etc/init.without_two_stages.cfg"
} else {
- source = "//base/startup/init_lite/services/etc/init.cfg"
+ source = "//base/startup/init/services/etc/init.cfg"
}
part_name = "init"
}
ohos_prebuilt_etc("misc.cfg") {
- source = "//base/startup/init_lite/services/etc/misc.cfg"
+ source = "//base/startup/init/services/etc/misc.cfg"
relative_install_dir = "init"
part_name = "init"
}
ohos_prebuilt_etc("watchdog.cfg") {
- source = "//base/startup/init_lite/services/etc/watchdog.cfg"
+ source = "//base/startup/init/services/etc/watchdog.cfg"
relative_install_dir = "init"
part_name = "init"
}
ohos_prebuilt_etc("console.cfg") {
- source = "//base/startup/init_lite/services/etc/console.cfg"
+ source = "//base/startup/init/services/etc/console.cfg"
relative_install_dir = "init"
part_name = "init"
}
ohos_prebuilt_etc("ueventd.cfg") {
- source = "//base/startup/init_lite/services/etc/ueventd.cfg"
+ source = "//base/startup/init/services/etc/ueventd.cfg"
relative_install_dir = "init"
part_name = "init"
}
ohos_prebuilt_etc("passwd") {
- source = "//base/startup/init_lite/services/etc/passwd"
+ source = "//base/startup/init/services/etc/passwd"
install_images = [
"system",
"updater",
@@ -99,7 +97,7 @@ if (defined(ohos_lite)) {
}
ohos_prebuilt_etc("group") {
- source = "//base/startup/init_lite/services/etc/group"
+ source = "//base/startup/init/services/etc/group"
install_images = [
"system",
"updater",
@@ -108,17 +106,17 @@ if (defined(ohos_lite)) {
}
ohos_prebuilt_etc("init.usb.cfg") {
- source = "//base/startup/init_lite/services/etc/init.usb.cfg"
+ source = "//base/startup/init/services/etc/init.usb.cfg"
part_name = "init"
}
ohos_prebuilt_etc("init.usb.configfs.cfg") {
- source = "//base/startup/init_lite/services/etc/init.usb.configfs.cfg"
+ source = "//base/startup/init/services/etc/init.usb.configfs.cfg"
part_name = "init"
}
ohos_prebuilt_para("ohos.para") {
- source = "//base/startup/init_lite/services/etc/param/ohos.para"
+ source = "//base/startup/init/services/etc/param/ohos.para"
install_images = [
"system",
"updater",
@@ -131,7 +129,7 @@ if (defined(ohos_lite)) {
}
ohos_prebuilt_para("ohos.para.dac") {
- source = "//base/startup/init_lite/services/etc/param/ohos.para.dac"
+ source = "//base/startup/init/services/etc/param/ohos.para.dac"
install_images = [
"system",
"updater",
@@ -141,18 +139,18 @@ if (defined(ohos_lite)) {
}
ohos_prebuilt_para("ohos_const.para") {
- source = "//base/startup/init_lite/services/etc/param/ohos_const/ohos.para"
+ source = "//base/startup/init/services/etc/param/ohos_const/ohos.para"
part_name = "init"
module_install_dir = "etc/param/ohos_const"
}
ohos_prebuilt_etc("boot.group") {
- source = "//base/startup/init_lite/services/etc/device.boot.group.cfg"
+ source = "//base/startup/init/services/etc/device.boot.group.cfg"
part_name = "init"
}
ohos_prebuilt_etc("charge.group") {
- source = "//base/startup/init_lite/services/etc/device.charge.group.cfg"
+ source = "//base/startup/init/services/etc/device.charge.group.cfg"
part_name = "init"
}
@@ -174,9 +172,10 @@ if (defined(ohos_lite)) {
ohos_prebuilt_etc("system-sandbox.json") {
if (target_cpu == "arm64") {
- source = "//base/startup/init_lite/interfaces/innerkits/sandbox/system-sandbox64.json"
+ source = "//base/startup/init/interfaces/innerkits/sandbox/system-sandbox64.json"
} else {
- source = "//base/startup/init_lite/interfaces/innerkits/sandbox/system-sandbox.json"
+ source =
+ "//base/startup/init/interfaces/innerkits/sandbox/system-sandbox.json"
}
part_name = "init"
module_install_dir = "etc/sandbox"
@@ -184,16 +183,16 @@ if (defined(ohos_lite)) {
ohos_prebuilt_etc("chipset-sandbox.json") {
if (target_cpu == "arm64") {
- source = "//base/startup/init_lite/interfaces/innerkits/sandbox/chipset-sandbox64.json"
+ source = "//base/startup/init/interfaces/innerkits/sandbox/chipset-sandbox64.json"
} else {
- source = "//base/startup/init_lite/interfaces/innerkits/sandbox/chipset-sandbox.json"
+ source = "//base/startup/init/interfaces/innerkits/sandbox/chipset-sandbox.json"
}
part_name = "init"
module_install_dir = "etc/sandbox"
}
ohos_prebuilt_etc("init.reboot") {
- source = "//base/startup/init_lite/services/etc/init.reboot.cfg"
+ source = "//base/startup/init/services/etc/init.reboot.cfg"
part_name = "init"
module_install_dir = "etc/init"
}
diff --git a/services/etc/group b/services/etc/group
index 4ed8ab4aa354d10dccf24391f1da192729ef3021..c61628924936cdf0a286a3658035631c42f49d88 100644
--- a/services/etc/group
+++ b/services/etc/group
@@ -109,3 +109,4 @@ accessibility:x:1103:
motion_host:x:3065:
uhdf_driver:x:3066:
memmgr:x:1111:
+ispserver:x:3821:
diff --git a/services/etc/init.cfg b/services/etc/init.cfg
index af5b663fb4a3fab6fc0928487ec52986ba106160..9f0695bea6b2b093a19a76c52ad457cb274e0890 100755
--- a/services/etc/init.cfg
+++ b/services/etc/init.cfg
@@ -21,7 +21,8 @@
"load_persist_params ",
"bootchart start",
"chown access_token access_token /dev/access_token_id",
- "chmod 0666 /dev/access_token_id"
+ "chmod 0666 /dev/access_token_id",
+ "start samgr"
]
}, {
"name" : "init",
@@ -105,6 +106,7 @@
}, {
"name" : "post-fs-data",
"cmds" : [
+ "init_global_key /data",
"mkdir /data/app 0711 root root",
"mkdir /data/app/el1 0711 root root",
"mkdir /data/app/el1/bundle 0711 root root",
@@ -121,6 +123,7 @@
"mkdir /data/chipset/el1 0711 root root",
"mkdir /data/chipset/el1/public 0711 root root",
"mkdir /data/chipset/el2 0711 root root",
+ "init_main_user ",
"mkdir /data/app/el1/0 0711 root root",
"mkdir /data/app/el1/0/base 0711 root root",
"mkdir /data/app/el1/0/database 0711 system system",
@@ -152,7 +155,6 @@
"mkdir /data/nfc/param 0770 nfc nfc",
"mkdir /data/system 0775 system system",
"mkdir /data/system/dropbox 0700 system system",
- "mkdir /data/system/users 0750 account account",
"mkdir /data/system_de 0770 system system",
"mkdir /data/system_ce 0770 system system",
"mkdir /data/misc_de 01771 system misc",
@@ -178,8 +180,6 @@
"chmod 0664 /sys/block/zram0/idle",
"write /proc/sys/vm/dirty_expire_centisecs 200",
"write /proc/sys/vm/dirty_background_ratio 5",
- "chown system system /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq",
- "chmod 0660 /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq",
"chown system system /sys/class/leds/red/brightness",
"chown system system /sys/class/leds/green/brightness",
"chown system system /sys/class/leds/blue/brightness",
diff --git a/services/etc/init.usb.cfg b/services/etc/init.usb.cfg
index 24e93fc1a6d4d05564b4575e1a33902692949e53..afe021a0984965787ff51eac7d4d861b41cbad2f 100755
--- a/services/etc/init.usb.cfg
+++ b/services/etc/init.usb.cfg
@@ -28,6 +28,13 @@
"uid" : "system",
"gid" : "system"
}],
+ "permission" : [
+ "ohos.permission.DUMP",
+ "ohos.permission.GET_BUNDLE_INFO_PRIVILEGED",
+ "ohos.permission.INSTALL_BUNDLE",
+ "ohos.permission.REMOVE_CACHE_FILES"
+ ],
+ "permission_acls" : ["ohos.permission.DUMP"],
"sandbox" : 0,
"start-mode" : "condition",
"secon" : "u:r:hdcd:s0",
diff --git a/services/etc/init.without_two_stages.cfg b/services/etc/init.without_two_stages.cfg
index d2ce1c1e2fec72836b2fb08f59e7fd06c5afca5f..8817b054be781c88fc01c4fa3ee5b7b6d0a30781 100755
--- a/services/etc/init.without_two_stages.cfg
+++ b/services/etc/init.without_two_stages.cfg
@@ -164,7 +164,6 @@
"mkdir /data/system 0775 system system",
"mkdir /data/system/dropbox 0700 system system",
"mkdir /data/system/heapdump 0700 system system",
- "mkdir /data/system/users 0750 account account",
"mkdir /data/system_de 0770 system system",
"mkdir /data/system_ce 0770 system system",
"mkdir /data/misc_de 01771 system misc",
diff --git a/services/etc/param/ohos.para b/services/etc/param/ohos.para
index 7e350c863fcfebaad75e599cb83a337c019024e7..21ecd20d1d03bde8111349b9cb3cc257835c7043 100755
--- a/services/etc/param/ohos.para
+++ b/services/etc/param/ohos.para
@@ -30,7 +30,7 @@ const.build.product=default
const.product.hardwareversion=default
const.product.bootloader.version=bootloader
const.product.cpu.abilist=default
-const.product.software.version=OpenHarmony 3.2.5.5
+const.product.software.version=OpenHarmony 3.2.6.1
const.product.incremental.version=default
const.product.firstapiversion=1
const.product.build.type=default
diff --git a/services/etc/param/ohos_const/ohos.para b/services/etc/param/ohos_const/ohos.para
index a1a8ed9961117bf4be76c1e329cce35bed94f8bd..0c432820ec1233adbb5286e54a98979e2e8392f5 100755
--- a/services/etc/param/ohos_const/ohos.para
+++ b/services/etc/param/ohos_const/ohos.para
@@ -13,4 +13,4 @@
const.ohos.version.security_patch=2022-03-30
const.ohos.releasetype=Canary1
const.ohos.apiversion=9
-const.ohos.fullname=OpenHarmony-2.2.0.0
\ No newline at end of file
+const.ohos.fullname=OpenHarmony-3.2.0.0
diff --git a/services/etc/param/param_fixer.gni b/services/etc/param/param_fixer.gni
index fa7e29ddf0934cf7b84b21735432abaef69198f7..1f253aac59ef96705373e18c9b81d938beb54298 100755
--- a/services/etc/param/param_fixer.gni
+++ b/services/etc/param/param_fixer.gni
@@ -24,7 +24,7 @@ template("ohos_prebuilt_para") {
_output_para_file = get_path_info(invoker.source, "file")
action_with_pydeps(_fixed_param_target) {
deps = []
- script = "//base/startup/init_lite/services/etc/param/param_fixer.py"
+ script = "//base/startup/init/services/etc/param/param_fixer.py"
depfile = "${target_gen_dir}/${target_name}.d"
args = [
"--output",
diff --git a/services/etc/passwd b/services/etc/passwd
index 0839ab0c2200204ac9fc6e56ba17fb1631a8e8bd..723e43437834c53e4528e2adc3fe759e25b3c4ad 100644
--- a/services/etc/passwd
+++ b/services/etc/passwd
@@ -106,3 +106,4 @@ deviceinfo:x:1102:1102:::/bin/false
accessibility:x:1103:1103:::/bin/false
motion_host:x:3065:3065:::/bin/false
memmgr:x:1111:1111:::/bin/false
+ispserver:x:3821:3821:::/bin/false
diff --git a/services/include/init_utils.h b/services/include/init_utils.h
index c61165bbc7c3c220f934b6f437d1c07ee72ff975..5a76a64f5974d58dfdcb87ff66f200fbcf063db2 100644
--- a/services/include/init_utils.h
+++ b/services/include/init_utils.h
@@ -78,6 +78,8 @@ int StringReplaceChr(char *strl, char oldChr, char newChr);
uint32_t GetRandom(void);
void OpenConsole(void);
+void TrimTail(char *str, char c);
+char *TrimHead(char *str, char c);
INIT_LOCAL_API int StringToULL(const char *str, unsigned long long int *out);
INIT_LOCAL_API int StringToLL(const char *str, long long int *out);
diff --git a/services/init/include/init_cmds.h b/services/init/include/init_cmds.h
index 0c681950009da6e818ba63f740a6a31d2caba260..2108c0872ab895855eb23501ecc1170ed8997061 100644
--- a/services/init/include/init_cmds.h
+++ b/services/init/include/init_cmds.h
@@ -81,7 +81,7 @@ const struct CmdTable *GetCmdByName(const char *name);
void ExecReboot(const char *value);
char *BuildStringFromCmdArg(const struct CmdArgs *ctx, int startIndex);
void ExecCmd(const struct CmdTable *cmd, const char *cmdContent);
-int FileCryptEnable(char *fileCryptOption);
+int SetFileCryptPolicy(const char *dir);
void OpenHidebug(const char *name);
#ifdef __cplusplus
diff --git a/services/init/init_common_cmds.c b/services/init/init_common_cmds.c
index 5c1427abed74938909ab3a77b6883e90e19baa4f..3ec6bd027b62b33a68d0f668489aa3dad0ae1c05 100644
--- a/services/init/init_common_cmds.c
+++ b/services/init/init_common_cmds.c
@@ -41,8 +41,6 @@
#endif
#include "securec.h"
-static char *g_fileCryptOptions = NULL;
-
static char *AddOneArg(const char *param, size_t paramLen)
{
int valueCount = 1;
@@ -345,6 +343,11 @@ static void DoMkDir(const struct CmdArgs *ctx)
if (ret != 0) {
INIT_LOGE("Failed to change owner %s, err %d.", ctx->argv[0], errno);
}
+ ret = SetFileCryptPolicy(ctx->argv[0]);
+ if (ret != 0) {
+ INIT_LOGW("failed to set file fscrypt");
+ }
+
return;
}
@@ -397,16 +400,6 @@ static int GetMountFlag(unsigned long *mountflag, const char *targetStr, const c
WaitForFile(source, WAIT_MAX_SECOND);
return 1;
}
- const char *fileCryptPre = "filecrypt=";
- size_t len = strlen(fileCryptPre);
- if (strncmp(targetStr, fileCryptPre, len) == 0) {
- size_t maxLen = strlen(targetStr) + 1;
- g_fileCryptOptions = calloc(sizeof(char), maxLen);
- INIT_ERROR_CHECK(g_fileCryptOptions != NULL, return 0, "Failed to alloc memory");
- int ret = snprintf_s(g_fileCryptOptions, maxLen, maxLen - 1, "%s", targetStr + len);
- INIT_ERROR_CHECK(ret >= 0, return 0, "Failed to snprintf");
- return 1;
- }
return 0;
}
@@ -449,18 +442,6 @@ static void DoMount(const struct CmdArgs *ctx)
if (ret != 0) {
INIT_LOGE("Failed to mount for %s, err %d.", target, errno);
}
- if ((g_fileCryptOptions != NULL) && (strncmp(target, "/data", strlen("/data")) == 0)) {
- ret = FileCryptEnable(g_fileCryptOptions);
- if (ret < 0) {
- INIT_LOGE("File Crypt enabled failed");
- free(g_fileCryptOptions);
- g_fileCryptOptions = NULL;
- return;
- }
- free(g_fileCryptOptions);
- g_fileCryptOptions = NULL;
- INIT_LOGI("File Crypt enabled success");
- }
}
static int DoWriteWithMultiArgs(const struct CmdArgs *ctx, int fd)
diff --git a/services/init/init_common_service.c b/services/init/init_common_service.c
index dd2998847b4cf63f70ae882e1a2cb502c1c26548..d1109c473c4da9d740165155fd29dca76c12de3a 100644
--- a/services/init/init_common_service.c
+++ b/services/init/init_common_service.c
@@ -48,6 +48,12 @@
#include
#endif // WITH_SELINUX
+#ifdef WITH_SECCOMP
+#include "seccomp_policy.h"
+#define APPSPAWN_NAME ("appspawn")
+#define NWEBSPAWN_NAME ("nwebspawn")
+#endif
+
#ifndef TIOCSCTTY
#define TIOCSCTTY 0x540E
#endif
@@ -62,6 +68,20 @@ static int SetAllAmbientCapability(void)
return SERVICE_SUCCESS;
}
+#ifdef WITH_SECCOMP
+static int SetSystemSeccompPolicy(const Service *service)
+{
+ if (strncmp(APPSPAWN_NAME, service->name, strlen(APPSPAWN_NAME)) \
+ && strncmp(NWEBSPAWN_NAME, service->name, strlen(NWEBSPAWN_NAME))) {
+ if (!SetSeccompPolicy(SYSTEM)) {
+ INIT_LOGE("init seccomp failed, name is %s\n", service->name);
+ return SERVICE_FAILURE;
+ }
+ }
+ return SERVICE_SUCCESS;
+}
+#endif
+
static int SetPerms(const Service *service)
{
INIT_CHECK_RETURN_VALUE(KeepCapability() == 0, SERVICE_FAILURE);
@@ -271,11 +291,18 @@ static int InitServicePropertys(Service *service)
PublishHoldFds(service);
INIT_CHECK_ONLY_ELOG(BindCpuCore(service) == SERVICE_SUCCESS,
"binding core number failed for service %s", service->name);
+
+#ifdef WITH_SECCOMP
+ INIT_ERROR_CHECK(SetSystemSeccompPolicy(service) == SERVICE_SUCCESS, return -1,
+ "service %s exit! set seccomp failed! err %d.", service->name, errno);
+#endif
+
// permissions
- INIT_ERROR_CHECK(SetPerms(service) == SERVICE_SUCCESS, _exit(PROCESS_EXIT_CODE),
+ INIT_ERROR_CHECK(SetPerms(service) == SERVICE_SUCCESS, return -1,
"service %s exit! set perms failed! err %d.", service->name, errno);
+
// write pid
- INIT_ERROR_CHECK(WritePid(service) == SERVICE_SUCCESS, _exit(PROCESS_EXIT_CODE),
+ INIT_ERROR_CHECK(WritePid(service) == SERVICE_SUCCESS, return -1,
"service %s exit! write pid failed!", service->name);
SetSecon(service);
return 0;
@@ -319,7 +346,9 @@ int ServiceStart(Service *service)
}
int pid = fork();
if (pid == 0) {
- INIT_ERROR_CHECK(InitServicePropertys(service) == 0, return SERVICE_FAILURE, "Failed init service property");
+ // fail must exit sub process
+ INIT_ERROR_CHECK(InitServicePropertys(service) == 0,
+ _exit(PROCESS_EXIT_CODE), "Failed init service property");
ServiceExec(service);
_exit(PROCESS_EXIT_CODE);
} else if (pid < 0) {
diff --git a/services/init/init_service_manager.c b/services/init/init_service_manager.c
index 0db4c797f7cd5fa98ae1f1634ff020cc2a8cc87f..ebb1f82c5f9071bb4d9e82e4027ed66ccd7677cf 100755
--- a/services/init/init_service_manager.c
+++ b/services/init/init_service_manager.c
@@ -879,6 +879,16 @@ void SetServicePathWithAsan(Service *service)
}
#endif
+static void ParseOneServiceArgs(const cJSON *curItem, Service *service)
+{
+ (void)GetServiceArgs(curItem, "writepid", MAX_WRITEPID_FILES, &service->writePidArgs);
+ (void)GetServiceArgs(curItem, D_CAPS_STR_IN_CFG, MAX_WRITEPID_FILES, &service->capsArgs);
+ (void)GetServiceArgs(curItem, "permission", MAX_WRITEPID_FILES, &service->permArgs);
+ (void)GetServiceArgs(curItem, "permission_acls", MAX_WRITEPID_FILES, &service->permAclsArgs);
+ (void)GetStringItem(curItem, APL_STR_IN_CFG, service->apl, MAX_APL_NAME);
+ (void)GetCpuArgs(curItem, CPU_CORE_STR_IN_CFG, service);
+}
+
int ParseOneService(const cJSON *curItem, Service *service)
{
INIT_CHECK_RETURN_VALUE(curItem != NULL && service != NULL, SERVICE_FAILURE);
@@ -916,12 +926,7 @@ int ParseOneService(const cJSON *curItem, Service *service)
ret = GetServiceAttr(curItem, service, CONSOLE_STR_IN_CFG, SERVICE_ATTR_CONSOLE, NULL);
INIT_ERROR_CHECK(ret == 0, return SERVICE_FAILURE, "Failed to get console for service %s", service->name);
- (void)GetServiceArgs(curItem, "writepid", MAX_WRITEPID_FILES, &service->writePidArgs);
- (void)GetServiceArgs(curItem, D_CAPS_STR_IN_CFG, MAX_WRITEPID_FILES, &service->capsArgs);
- (void)GetServiceArgs(curItem, "permission", MAX_WRITEPID_FILES, &service->permArgs);
- (void)GetServiceArgs(curItem, "permission_acls", MAX_WRITEPID_FILES, &service->permAclsArgs);
- (void)GetStringItem(curItem, APL_STR_IN_CFG, service->apl, MAX_APL_NAME);
- (void)GetCpuArgs(curItem, CPU_CORE_STR_IN_CFG, service);
+ ParseOneServiceArgs(curItem, service);
ret = GetServiceSandbox(curItem, service);
INIT_ERROR_CHECK(ret == 0, return SERVICE_FAILURE, "Failed to get sandbox for service %s", service->name);
ret = GetServiceCaps(curItem, service);
diff --git a/services/init/lite/BUILD.gn b/services/init/lite/BUILD.gn
index 46e12a67c519c9fbbb0f4c7a4aa898d36252bca4..7b5a71595ab6e7848f76630091e2f65aa2b5820a 100644
--- a/services/init/lite/BUILD.gn
+++ b/services/init/lite/BUILD.gn
@@ -10,7 +10,7 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-import("//base/startup/init_lite/begetd.gni")
+import("//base/startup/init/begetd.gni")
init_common_sources = [
"../init_capability.c",
@@ -47,9 +47,9 @@ executable("init") {
sources += init_common_sources
include_dirs = [
- "//base/startup/init_lite/interfaces/innerkits/include",
- "//base/startup/init_lite/interfaces/innerkits/fd_holder",
- "//base/startup/init_lite/services/init/include",
+ "//base/startup/init/interfaces/innerkits/include",
+ "//base/startup/init/interfaces/innerkits/fd_holder",
+ "//base/startup/init/services/init/include",
"//third_party/cJSON",
"//third_party/bounds_checking_function/include",
"//base/hiviewdfx/hilog_lite/interfaces/native/kits",
@@ -58,10 +58,10 @@ executable("init") {
ldflags = []
deps = [
"//base/hiviewdfx/hilog_lite/frameworks/featured:hilog_shared",
- "//base/startup/init_lite/services/log:init_log",
- "//base/startup/init_lite/services/loopevent:loopevent",
- "//base/startup/init_lite/services/param/base:parameterbase",
- "//base/startup/init_lite/services/utils:libinit_utils",
+ "//base/startup/init/services/log:init_log",
+ "//base/startup/init/services/loopevent:loopevent",
+ "//base/startup/init/services/param/base:parameterbase",
+ "//base/startup/init/services/utils:libinit_utils",
"//build/lite/config/component/cJSON:cjson_static",
"//third_party/bounds_checking_function:libsec_static",
]
@@ -71,12 +71,12 @@ executable("init") {
include_dirs += [
"//kernel/liteos_a/syscall",
"//kernel/liteos_a/kernel/include",
- "//base/startup/init_lite/interfaces/kits/syscap",
- "//base/startup/init_lite/initsync/include",
+ "//base/startup/init/interfaces/kits/syscap",
+ "//base/startup/init/initsync/include",
]
deps += [
- "//base/startup/init_lite/initsync:initsync",
- "//base/startup/init_lite/services/param/liteos:param_init_lite",
+ "//base/startup/init/initsync:initsync",
+ "//base/startup/init/services/param/liteos:param_init_lite",
]
}
if (ohos_kernel_type == "linux") {
@@ -89,7 +89,7 @@ executable("init") {
"-lpthread",
]
deps += [
- "//base/startup/init_lite/services/param/linux:param_init",
+ "//base/startup/init/services/param/linux:param_init",
"//third_party/mksh",
"//third_party/toybox",
]
diff --git a/services/init/lite/bundle.json b/services/init/lite/bundle.json
index b3c37cfddaa4b45fdbca2c8ef8f51382e7ae26e9..54e3696f3c844d5ef8fade228b64ad0c846dd7b0 100644
--- a/services/init/lite/bundle.json
+++ b/services/init/lite/bundle.json
@@ -7,7 +7,7 @@
"repository": "https://gitee.com/openharmony/startup_init_lite",
"publishAs": "code-segment",
"segment": {
- "destPath": "base/startup/init_lite"
+ "destPath": "base/startup/init"
},
"dirs": {},
"scripts": {},
@@ -29,18 +29,18 @@
},
"build": {
"sub_component": [
- "//base/startup/init_lite/services:startup_init",
- "//base/startup/init_lite/ueventd:startup_ueventd",
- "//base/startup/init_lite/watchdog:watchdog",
- "//base/startup/init_lite/services/begetctl:begetctl_cmd",
- "//base/startup/init_lite/services/loopevent:loopeventgroup",
- "//base/startup/init_lite/services/modules:modulesgroup",
- "//base/startup/init_lite/services/param:parameter"
+ "//base/startup/init/services:startup_init",
+ "//base/startup/init/ueventd:startup_ueventd",
+ "//base/startup/init/watchdog:watchdog",
+ "//base/startup/init/services/begetctl:begetctl_cmd",
+ "//base/startup/init/services/loopevent:loopeventgroup",
+ "//base/startup/init/services/modules:modulesgroup",
+ "//base/startup/init/services/param:parameter"
],
"inner_kits": [
{
"header": {
- "header_base": "//base/startup/init_lite/interfaces/innerkits/include/",
+ "header_base": "//base/startup/init/interfaces/innerkits/include/",
"header_files": [
"beget_ext.h",
"syspara/parameter.h",
@@ -50,11 +50,11 @@
"syspara/sysversion.h"
]
},
- "name": "//base/startup/init_lite/interfaces/innerkits:libbegetutil"
+ "name": "//base/startup/init/interfaces/innerkits:libbegetutil"
}
],
"test": [
- "//base/startup/init_lite/test:testgroup"
+ "//base/startup/init/test:testgroup"
]
}
}
diff --git a/services/init/lite/init_cmds.c b/services/init/lite/init_cmds.c
index cde0433b4ea68b3c02cbab6b1b588b9b76149b45..5cee844bfae6e58c4c16432bcab539908f0d5acb 100644
--- a/services/init/lite/init_cmds.c
+++ b/services/init/lite/init_cmds.c
@@ -108,11 +108,6 @@ static void DoLoadCfg(const struct CmdArgs *ctx)
(void)fclose(fp);
}
-int FileCryptEnable(char *fileCryptOption)
-{
- return 0;
-}
-
static const struct CmdTable g_cmdTable[] = {
{ "exec ", 1, 10, DoExec },
{ "loadcfg ", 1, 1, DoLoadCfg },
@@ -133,4 +128,8 @@ void PluginExecCmdByCmdIndex(int index, const char *cmdContent)
const char *PluginGetCmdIndex(const char *cmdStr, int *index)
{
return NULL;
+}
+int SetFileCryptPolicy(const char *dir)
+{
+ return 0;
}
\ No newline at end of file
diff --git a/services/init/standard/BUILD.gn b/services/init/standard/BUILD.gn
index 66bdfee60ca93cb9fc8151132ff5e2a8bcf361ec..79da451118bbca5a5c2d7e45c43e223d1a5d79ed 100644
--- a/services/init/standard/BUILD.gn
+++ b/services/init/standard/BUILD.gn
@@ -10,7 +10,7 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-import("//base/startup/init_lite/begetd.gni")
+import("//base/startup/init/begetd.gni")
init_common_sources = [
"../init_capability.c",
@@ -24,6 +24,9 @@ init_common_sources = [
"../main.c",
]
+FSCRYPT_PATH =
+ "//foundation/filemanagement/storage_service/services/storage_daemon"
+
import("//build/ohos.gni")
import("//build/ohos/native_stub/native_stub.gni")
@@ -45,37 +48,41 @@ ohos_executable("init") {
]
modulemgr_sources = [
- "//base/startup/init_lite/interfaces/innerkits/hookmgr/hookmgr.c",
- "//base/startup/init_lite/interfaces/innerkits/modulemgr/modulemgr.c",
+ "//base/startup/init/interfaces/innerkits/hookmgr/hookmgr.c",
+ "//base/startup/init/interfaces/innerkits/modulemgr/modulemgr.c",
]
sources += modulemgr_sources
sources += init_common_sources
- include_dirs = [ "//base/startup/init_lite/services/init/include" ]
+ include_dirs = [
+ "//base/startup/init/services/init/include",
+ "${FSCRYPT_PATH}/include/libfscrypt",
+ ]
deps = [
- "//base/startup/init_lite/interfaces/innerkits/control_fd:libcontrolfd",
- "//base/startup/init_lite/interfaces/innerkits/fd_holder:fdholder",
- "//base/startup/init_lite/interfaces/innerkits/fs_manager:libfsmanager_static",
- "//base/startup/init_lite/interfaces/innerkits/sandbox:sandbox",
- "//base/startup/init_lite/services/loopevent:loopevent",
- "//base/startup/init_lite/services/param/base:parameterbase",
- "//base/startup/init_lite/services/param/linux:param_init",
- "//base/startup/init_lite/services/utils:libinit_utils",
+ "//base/startup/init/interfaces/innerkits/control_fd:libcontrolfd",
+ "//base/startup/init/interfaces/innerkits/fd_holder:fdholder",
+ "//base/startup/init/interfaces/innerkits/fs_manager:libfsmanager_static",
+ "//base/startup/init/interfaces/innerkits/sandbox:sandbox",
+ "//base/startup/init/services/loopevent:loopevent",
+ "//base/startup/init/services/param/base:parameterbase",
+ "//base/startup/init/services/param/linux:param_init",
+ "//base/startup/init/services/utils:libinit_utils",
]
deps += [
"//base/customization/config_policy/frameworks/config_policy:configpolicy_util_for_init_static",
"//base/security/access_token/interfaces/innerkits/nativetoken:libnativetoken",
"//base/security/access_token/interfaces/innerkits/token_setproc:libtoken_setproc",
- "//base/startup/init_lite/ueventd:libueventd_ramdisk_static",
+ "//base/startup/init/ueventd:libueventd_ramdisk_static",
"//third_party/bounds_checking_function:libsec_static",
"//third_party/cJSON:cjson_static",
]
- deps += [ "//base/startup/init_lite/interfaces/innerkits/init_module_engine:libinit_stub_versionscript" ]
- deps += [ "//base/startup/init_lite/interfaces/innerkits/init_module_engine:init_module_engine_sources" ]
- deps += [ "//base/startup/init_lite/services/modules:static_modules" ]
+ deps += [ "//base/startup/init/interfaces/innerkits/init_module_engine:libinit_stub_versionscript" ]
+ deps += [ "//base/startup/init/interfaces/innerkits/init_module_engine:init_module_engine_sources" ]
+ deps += [ "//base/startup/init/services/modules:static_modules" ]
+ deps += [ "${FSCRYPT_PATH}/libfscrypt:libfscryptutils_static" ]
cflags = []
@@ -86,6 +93,13 @@ ohos_executable("init") {
]
}
+ if (build_seccomp) {
+ cflags += [ "-DWITH_SECCOMP" ]
+ include_dirs +=
+ [ "//base/startup/init/interfaces/innerkits/seccomp/include" ]
+ deps += [ "//base/startup/init/services/modules/seccomp:seccomp_static" ]
+ }
+
if (build_selinux) {
include_dirs += [
"//third_party/selinux/libselinux/include/",
@@ -125,9 +139,9 @@ ohos_executable("init") {
defines += [ "PRODUCT_RK" ]
}
version_script = get_label_info(
- "//base/startup/init_lite/interfaces/innerkits/init_module_engine:libinit_stub_versionscript",
+ "//base/startup/init/interfaces/innerkits/init_module_engine:libinit_stub_versionscript",
"target_gen_dir") + "/" + get_label_info(
- "//base/startup/init_lite/interfaces/innerkits/init_module_engine:libinit_stub_versionscript",
+ "//base/startup/init/interfaces/innerkits/init_module_engine:libinit_stub_versionscript",
"name") + stub_version_script_suffix
defines += [ "_GNU_SOURCE" ]
install_images = [
diff --git a/services/init/standard/init.c b/services/init/standard/init.c
index 2761c1312d13db02dc8fe13fed84db5efc07bd8c..53beec8730c5370019b53e3f8bb99460a89b64c6 100755
--- a/services/init/standard/init.c
+++ b/services/init/standard/init.c
@@ -367,8 +367,8 @@ void SystemConfig(void)
options.preHook = InitPreHook;
options.postHook = InitPostHook;
- HookMgrExecute(GetBootStageHookMgr(), INIT_GLOBAL_INIT, (void *)&timingStat, (void *)&options);
InitServiceSpace();
+ HookMgrExecute(GetBootStageHookMgr(), INIT_GLOBAL_INIT, (void *)&timingStat, (void *)&options);
HookMgrExecute(GetBootStageHookMgr(), INIT_PRE_PARAM_SERVICE, (void *)&timingStat, (void *)&options);
InitParamService();
diff --git a/services/init/standard/init_cmds.c b/services/init/standard/init_cmds.c
index e634eaf718e8de1641c37684bbb8db1877f82dec..5492580071099c93bc5c06566688a9b815d6cc22 100755
--- a/services/init/standard/init_cmds.c
+++ b/services/init/standard/init_cmds.c
@@ -44,8 +44,9 @@
#ifdef WITH_SELINUX
#include
#endif
+#include "fscrypt_utils.h"
-static const char *g_fscryptPolicyKey = "fscrypt.policy.config";
+#define FSCRYPT_POLICY_BUF_SIZE (60)
int GetParamValue(const char *symValue, unsigned int symLen, char *paramValue, unsigned int paramLen)
{
@@ -412,6 +413,18 @@ static void DoTimerStop(const struct CmdArgs *ctx)
ServiceStopTimer(service);
}
+static bool InitFscryptPolicy(void)
+{
+ char policy[FSCRYPT_POLICY_BUF_SIZE];
+ if (LoadFscryptPolicy(policy, FSCRYPT_POLICY_BUF_SIZE) != 0) {
+ return false;
+ }
+ if (SetFscryptSysparam(policy) == 0) {
+ return true;
+ }
+ return false;
+}
+
static void DoInitGlobalKey(const struct CmdArgs *ctx)
{
INIT_LOGI("DoInitGlobalKey: start");
@@ -424,6 +437,11 @@ static void DoInitGlobalKey(const struct CmdArgs *ctx)
INIT_LOGE("DoInitGlobalKey: not data partitation");
return;
}
+ if (!InitFscryptPolicy()) {
+ INIT_LOGI("DoInitGlobalKey:init fscrypt failed,not enable fscrypt");
+ return;
+ }
+
char * const argv[] = {
"/system/bin/sdc",
"filecrypt",
@@ -442,6 +460,7 @@ static void DoInitMainUser(const struct CmdArgs *ctx)
INIT_LOGE("DoInitMainUser: para invalid");
return;
}
+
char * const argv[] = {
"/system/bin/sdc",
"filecrypt",
@@ -453,23 +472,6 @@ static void DoInitMainUser(const struct CmdArgs *ctx)
INIT_LOGI("DoInitMainUser: end, ret = %d", ret);
}
-int FileCryptEnable(char *fileCryptOption)
-{
- INIT_LOGI("FileCryptEnable: start");
- if (fileCryptOption == NULL) {
- INIT_LOGE("FileCryptEnable:option null");
- return -EINVAL;
- }
- int ret = SystemWriteParam(g_fscryptPolicyKey, fileCryptOption);
- if (ret != 0) {
- INIT_LOGE("FileCryptEnable:set fscrypt config failed");
- return ret;
- }
- INIT_LOGI("FileCryptEnable:set fscrypt config success, policy:%s", fileCryptOption);
-
- return ret;
-}
-
static void DoMkswap(const struct CmdArgs *ctx)
{
INIT_LOGI("DoMkswap: start");
@@ -595,3 +597,12 @@ void OpenHidebug(const char *name)
} while (0);
#endif
}
+
+int SetFileCryptPolicy(const char *dir)
+{
+ if (dir == NULL) {
+ INIT_LOGE("SetFileCryptPolicy:dir is null");
+ return -EINVAL;
+ }
+ return FscryptPolicyEnable(dir);
+}
diff --git a/services/init/standard/init_mount.c b/services/init/standard/init_mount.c
index 862e62032f906b2804bf48502d694d9b7791f01f..7930f676eeebe6f867432b36495766a46cef133c 100644
--- a/services/init/standard/init_mount.c
+++ b/services/init/standard/init_mount.c
@@ -75,6 +75,7 @@ static Fstab* LoadFstabFromCommandLine(void)
bool isDone = false;
INIT_ERROR_CHECK(cmdline != NULL, return NULL, "Read from \'/proc/cmdline\' failed, err = %d", errno);
+ TrimTail(cmdline, '\n');
INIT_ERROR_CHECK((fstab = (Fstab *)calloc(1, sizeof(Fstab))) != NULL, return NULL,
"Allocate memory for FS table failed, err = %d", errno);
char *start = cmdline;
diff --git a/services/init/standard/init_reboot.c b/services/init/standard/init_reboot.c
index 057cdef2e3d62b955f390253f74a153f1b1eaacb..cec15f0267fcb1e9acaade467d9fd921016a0710 100644
--- a/services/init/standard/init_reboot.c
+++ b/services/init/standard/init_reboot.c
@@ -143,12 +143,10 @@ static int DoRebootCmd(const char *cmd, const char *opt)
{
// by job to stop service and unmount
DoJobNow("reboot");
- int ret = CheckAndRebootToUpdater(NULL, "reboot", NULL, NULL);
- if (ret == 0) {
+ (void)CheckAndRebootToUpdater(NULL, "reboot", NULL, NULL);
#ifndef STARTUP_INIT_TEST
return reboot(RB_AUTOBOOT);
#endif
- }
return 0;
}
@@ -156,12 +154,10 @@ static int DoShutdownCmd(const char *cmd, const char *opt)
{
// by job to stop service and unmount
DoJobNow("reboot");
- int ret = CheckAndRebootToUpdater(NULL, "reboot", NULL, NULL);
- if (ret == 0) {
+ (void)CheckAndRebootToUpdater(NULL, "reboot", NULL, NULL);
#ifndef STARTUP_INIT_TEST
return reboot(RB_POWER_OFF);
#endif
- }
return 0;
}
@@ -194,6 +190,8 @@ static int DoFlashdCmd(const char *cmd, const char *opt)
#ifdef PRODUCT_RK
static int DoLoaderCmd(const char *cmd, const char *opt)
{
+ // by job to stop service and unmount
+ DoJobNow("reboot");
syscall(__NR_reboot, REBOOT_MAGIC1, REBOOT_MAGIC2, REBOOT_CMD_RESTART2, "loader");
return 0;
}
@@ -203,13 +201,11 @@ static int DoSuspendCmd(const char *cmd, const char *opt)
{
// by job to stop service and unmount
DoJobNow("suspend");
- int ret = CheckAndRebootToUpdater(NULL, "reboot", NULL, NULL);
- if (ret == 0) {
+ (void)CheckAndRebootToUpdater(NULL, "reboot", NULL, NULL);
#ifndef STARTUP_INIT_TEST
INIT_LOGE("DoSuspendCmd %s RB_SW_SUSPEND.", cmd);
return reboot(RB_AUTOBOOT);
#endif
- }
return 0;
}
diff --git a/services/init/standard/init_service.c b/services/init/standard/init_service.c
index 13b30638f724454f060e48aee07cc5076341f1eb..3ecd08266b461afb52acaa3132f8e2bb55ac658c 100644
--- a/services/init/standard/init_service.c
+++ b/services/init/standard/init_service.c
@@ -108,7 +108,7 @@ void GetAccessToken(void)
service->capsArgs.argv = NULL;
}
if (strlen(service->apl) == 0) {
- (void)strncpy_s(service->apl, sizeof(service->apl), "system_core", sizeof(service->apl) - 1);
+ (void)strncpy_s(service->apl, sizeof(service->apl), "system_basic", sizeof(service->apl) - 1);
}
NativeTokenInfoParams nativeTokenInfoParams = {
service->capsArgs.count,
diff --git a/services/log/BUILD.gn b/services/log/BUILD.gn
index 678118203e6aa21210dfc3f4e1e5142c6b47acae..d523813b11782bb3b46c2d13e3d9b5e28775ee96 100755
--- a/services/log/BUILD.gn
+++ b/services/log/BUILD.gn
@@ -15,8 +15,8 @@ base_sources = [ "init_log.c" ]
config("exported_header_files") {
visibility = [ ":*" ]
include_dirs = [
- "//base/startup/init_lite/interfaces/innerkits/include",
- "//base/startup/init_lite/services/log",
+ "//base/startup/init/interfaces/innerkits/include",
+ "//base/startup/init/services/log",
]
}
diff --git a/services/loopevent/BUILD.gn b/services/loopevent/BUILD.gn
index 428012ab3bed0d724ff5013b15735850dfda9b10..8ad82da8f856a3b93c6f523dabcaf2dd788ca987 100644
--- a/services/loopevent/BUILD.gn
+++ b/services/loopevent/BUILD.gn
@@ -25,9 +25,9 @@ common_sources = [
]
common_include = [
- "//base/startup/init_lite/services/log",
- "//base/startup/init_lite/interfaces/innerkits/include",
- "//base/startup/init_lite/services/include",
+ "//base/startup/init/services/log",
+ "//base/startup/init/interfaces/innerkits/include",
+ "//base/startup/init/services/include",
"//third_party/bounds_checking_function/include",
"include",
"loop",
@@ -40,7 +40,7 @@ common_include = [
config("exported_header_files") {
visibility = [ ":*" ]
- include_dirs = [ "//base/startup/init_lite/services/loopevent/include" ]
+ include_dirs = [ "//base/startup/init/services/loopevent/include" ]
}
if (defined(ohos_lite)) {
diff --git a/services/loopevent/include/loop_event.h b/services/loopevent/include/loop_event.h
index cfa3a78c0e3356faabbc0ba75971ff54952ee03c..563765721942dbdabef0bfd35d62c78da9855fa7 100644
--- a/services/loopevent/include/loop_event.h
+++ b/services/loopevent/include/loop_event.h
@@ -93,17 +93,17 @@ typedef struct {
#define TASK_SERVER (0x01 << 16)
#define TASK_CONNECT (0x02 << 16)
#define TASK_TEST (0x01 << 24)
-typedef void (*LE_DisConntectComplete)(const TaskHandle client);
-typedef void (*LE_ConntectComplete)(const TaskHandle client);
+typedef void (*LE_DisConnectComplete)(const TaskHandle client);
+typedef void (*LE_ConnectComplete)(const TaskHandle client);
typedef void (*LE_SendMessageComplete)(const TaskHandle taskHandle, BufferHandle handle);
typedef void (*LE_RecvMessage)(const TaskHandle taskHandle, const uint8_t *buffer, uint32_t buffLen);
-typedef int (*LE_IncommingConntect)(const LoopHandle loopHandle, const TaskHandle serverTask);
+typedef int (*LE_IncommingConnect)(const LoopHandle loopHandle, const TaskHandle serverTask);
typedef struct {
LE_BaseInfo baseInfo;
char *server;
int socketId;
- LE_DisConntectComplete disConntectComplete;
- LE_IncommingConntect incommingConntect;
+ LE_DisConnectComplete disConnectComplete;
+ LE_IncommingConnect incommingConnect;
LE_SendMessageComplete sendMessageComplete;
LE_RecvMessage recvMessage;
} LE_StreamServerInfo;
@@ -111,8 +111,8 @@ typedef struct {
typedef struct {
LE_BaseInfo baseInfo;
char *server;
- LE_DisConntectComplete disConntectComplete;
- LE_ConntectComplete connectComplete;
+ LE_DisConnectComplete disConnectComplete;
+ LE_ConnectComplete connectComplete;
LE_SendMessageComplete sendMessageComplete;
LE_RecvMessage recvMessage;
} LE_StreamInfo;
diff --git a/services/loopevent/signal/le_signal.c b/services/loopevent/signal/le_signal.c
index 6f9f2223d401c03e57938fd4a9b6ec8b20708ba3..12663a68a093b8665b0f1eb2359b30a676d85b9c 100644
--- a/services/loopevent/signal/le_signal.c
+++ b/services/loopevent/signal/le_signal.c
@@ -17,9 +17,7 @@
#include
#include
-#include
#include
-#include
#include
#include "le_loop.h"
diff --git a/services/loopevent/socket/le_socket.c b/services/loopevent/socket/le_socket.c
index a01e92482eb165ae45db1ea7bb0db06f20d298e3..dcf1c223e9deac37e028addfcfc7432cb74fd4f1 100644
--- a/services/loopevent/socket/le_socket.c
+++ b/services/loopevent/socket/le_socket.c
@@ -23,7 +23,6 @@
#include
#include
#include
-#include
#include
#include
diff --git a/services/loopevent/task/le_asynctask.c b/services/loopevent/task/le_asynctask.c
index 9ebadfbab126bd974c9b932ed18915fdc0ff40b7..9ea3349a4911d5594140c938c6d8105228fea4dd 100644
--- a/services/loopevent/task/le_asynctask.c
+++ b/services/loopevent/task/le_asynctask.c
@@ -14,7 +14,6 @@
*/
#include "le_task.h"
-#include
#include
#include "le_loop.h"
diff --git a/services/loopevent/task/le_streamtask.c b/services/loopevent/task/le_streamtask.c
index 73f9304bdda22a715370ea01e1389f9b609d5d91..57beef2f511b022f168255ef27c855930f1ff698 100644
--- a/services/loopevent/task/le_streamtask.c
+++ b/services/loopevent/task/le_streamtask.c
@@ -93,8 +93,8 @@ static LE_STATUS HandleStreamEvent_(const LoopHandle loopHandle, const TaskHandl
}
if (status == LE_DIS_CONNECTED) {
loop->delEvent(loop, GetSocketFd(handle), Event_Read | Event_Write);
- if (stream->disConntectComplete) {
- stream->disConntectComplete(handle);
+ if (stream->disConnectComplete) {
+ stream->disConnectComplete(handle);
}
LE_CloseStreamTask(loopHandle, handle);
}
@@ -116,8 +116,8 @@ static LE_STATUS HandleClientEvent_(const LoopHandle loopHandle, const TaskHandl
status = HandleRecvMsg_(loopHandle, handle, client->recvMessage);
}
if (status == LE_DIS_CONNECTED) {
- if (client->disConntectComplete) {
- client->disConntectComplete(handle);
+ if (client->disConnectComplete) {
+ client->disConnectComplete(handle);
}
client->connected = 0;
LE_CloseStreamTask(loopHandle, handle);
@@ -141,9 +141,9 @@ static LE_STATUS HandleServerEvent_(const LoopHandle loopHandle, const TaskHandl
return LE_FAILURE;
}
StreamServerTask *server = (StreamServerTask *)serverTask;
- LE_ONLY_CHECK(server->incommingConntect != NULL, return LE_SUCCESS);
+ LE_ONLY_CHECK(server->incommingConnect != NULL, return LE_SUCCESS);
- int ret = server->incommingConntect(loopHandle, serverTask);
+ int ret = server->incommingConnect(loopHandle, serverTask);
if (ret != LE_SUCCESS) {
LE_LOGE("HandleServerEvent_ fd %d do not accept socket", GetSocketFd(serverTask));
}
@@ -157,8 +157,8 @@ LE_STATUS LE_CreateStreamServer(const LoopHandle loopHandle,
{
LE_CHECK(loopHandle != NULL && taskHandle != NULL && info != NULL, return LE_INVALID_PARAM, "Invalid parameters");
LE_CHECK(info->server != NULL, return LE_INVALID_PARAM, "Invalid parameters server");
- LE_CHECK(info->incommingConntect != NULL, return LE_INVALID_PARAM,
- "Invalid parameters incommingConntect %s", info->server);
+ LE_CHECK(info->incommingConnect != NULL, return LE_INVALID_PARAM,
+ "Invalid parameters incommingConnect %s", info->server);
int fd = info->socketId;
if (info->socketId <= 0) {
@@ -173,7 +173,7 @@ LE_STATUS LE_CreateStreamServer(const LoopHandle loopHandle,
return LE_NO_MEMORY, "Failed to create task");
task->base.handleEvent = HandleServerEvent_;
task->base.innerClose = HandleStreamTaskClose_;
- task->incommingConntect = info->incommingConntect;
+ task->incommingConnect = info->incommingConnect;
loop->addEvent(loop, (const BaseTask *)task, Event_Read);
int ret = memcpy_s(task->server, strlen(info->server) + 1, info->server, strlen(info->server) + 1);
LE_CHECK(ret == 0, return LE_FAILURE, "Failed to copy server name %s", info->server);
@@ -201,7 +201,7 @@ LE_STATUS LE_CreateStreamClient(const LoopHandle loopHandle,
task->connectComplete = info->connectComplete;
task->sendMessageComplete = info->sendMessageComplete;
task->recvMessage = info->recvMessage;
- task->disConntectComplete = info->disConntectComplete;
+ task->disConnectComplete = info->disConnectComplete;
EventLoop *loop = (EventLoop *)loopHandle;
loop->addEvent(loop, (const BaseTask *)task, Event_Read);
*taskHandle = (TaskHandle)task;
@@ -225,7 +225,7 @@ LE_STATUS LE_AcceptStreamClient(const LoopHandle loopHandle, const TaskHandle se
return LE_NO_MEMORY, "Failed to create task");
task->stream.base.handleEvent = HandleStreamEvent_;
task->stream.base.innerClose = HandleStreamTaskClose_;
- task->disConntectComplete = info->disConntectComplete;
+ task->disConnectComplete = info->disConnectComplete;
task->sendMessageComplete = info->sendMessageComplete;
task->recvMessage = info->recvMessage;
task->serverTask = (StreamServerTask *)server;
diff --git a/services/loopevent/task/le_task.c b/services/loopevent/task/le_task.c
index f4b4fe349fb5470e57b32c2392657a3fa1e5bb74..a1ca7b15e10e966f59185dc3d252c17db4e8d018 100644
--- a/services/loopevent/task/le_task.c
+++ b/services/loopevent/task/le_task.c
@@ -15,12 +15,9 @@
#include "le_task.h"
-#include
-#include
-#include
#include "le_loop.h"
-#include "le_socket.h"
+#include "le_utils.h"
int CheckTaskFlags(const BaseTask *task, uint32_t flags)
{
diff --git a/services/loopevent/task/le_task.h b/services/loopevent/task/le_task.h
index 98c5a94cbdb610845867f25bf6d4f82bbfd9027b..978afa6a64d32f993f4a88981fc0a2f287121f6f 100644
--- a/services/loopevent/task/le_task.h
+++ b/services/loopevent/task/le_task.h
@@ -72,7 +72,7 @@ typedef struct LiteTask_ {
typedef struct {
BaseTask base;
- LE_IncommingConntect incommingConntect;
+ LE_IncommingConnect incommingConnect;
char server[0];
} StreamServerTask;
@@ -91,13 +91,13 @@ typedef struct {
StreamServerTask *serverTask;
LE_SendMessageComplete sendMessageComplete;
LE_RecvMessage recvMessage;
- LE_DisConntectComplete disConntectComplete;
+ LE_DisConnectComplete disConnectComplete;
} StreamConnectTask;
typedef struct {
StreamTask stream;
- LE_DisConntectComplete disConntectComplete;
- LE_ConntectComplete connectComplete;
+ LE_DisConnectComplete disConnectComplete;
+ LE_ConnectComplete connectComplete;
LE_SendMessageComplete sendMessageComplete;
LE_RecvMessage recvMessage;
uint32_t connected : 1;
diff --git a/services/loopevent/task/le_watchtask.c b/services/loopevent/task/le_watchtask.c
index 5fd73dae5a898f1d05733f2ec72b15053da1ee68..96cf22ef1a245225328c38b7cb7038addd5d93c8 100644
--- a/services/loopevent/task/le_watchtask.c
+++ b/services/loopevent/task/le_watchtask.c
@@ -13,10 +13,6 @@
* limitations under the License.
*/
#include "le_task.h"
-
-#include
-#include
-
#include "le_loop.h"
static LE_STATUS HandleWatcherEvent_(const LoopHandle loopHandle, const TaskHandle taskHandle, uint32_t oper)
diff --git a/services/loopevent/timer/le_timer.c b/services/loopevent/timer/le_timer.c
index 81f8715b66d705d0d6b4bf6ea38d74b934470c62..532be133712ac6c5eb25856f8ae0894eef3ee49e 100644
--- a/services/loopevent/timer/le_timer.c
+++ b/services/loopevent/timer/le_timer.c
@@ -16,7 +16,6 @@
#include "le_timer.h"
#include
-#include
#include
#include
diff --git a/services/modules/BUILD.gn b/services/modules/BUILD.gn
index c8e478ad6aad578d0cbb5cc630ab0ad061a574cd..485a287b78bc17f9e8840d7c28546566ab0c5096 100755
--- a/services/modules/BUILD.gn
+++ b/services/modules/BUILD.gn
@@ -12,7 +12,7 @@
# limitations under the License.
if (!defined(ohos_lite)) {
- import("//base/startup/init_lite/begetd.gni")
+ import("//base/startup/init/begetd.gni")
import("//build/ohos.gni")
ohos_shared_library("bootchart") {
@@ -20,11 +20,11 @@ if (!defined(ohos_lite)) {
include_dirs = [
".",
- "//base/startup/init_lite/services/include/param",
+ "//base/startup/init/services/include/param",
]
deps = [
- "//base/startup/init_lite/interfaces/innerkits:libbegetutil",
+ "//base/startup/init/interfaces/innerkits:libbegetutil",
"//third_party/bounds_checking_function:libsec_shared",
"//third_party/cJSON:cjson_static",
]
@@ -46,7 +46,7 @@ if (!defined(ohos_lite)) {
ohos_source_set("libbootchart_static") {
sources = [ "bootchart/bootchart_static.c" ]
public_configs = [ ":libbootchart_static_config" ]
- public_configs += [ "//base/startup/init_lite/interfaces/innerkits/init_module_engine:init_module_engine_exported_config" ]
+ public_configs += [ "//base/startup/init/interfaces/innerkits/init_module_engine:init_module_engine_exported_config" ]
}
}
diff --git a/services/modules/bootevent/BUILD.gn b/services/modules/bootevent/BUILD.gn
index 782d0bbc932a5720d5ca8ef3d91efc634ae384fa..631b03156f5878e2a698b1bba0bc725bcbddd69c 100755
--- a/services/modules/bootevent/BUILD.gn
+++ b/services/modules/bootevent/BUILD.gn
@@ -15,15 +15,15 @@ import("//build/ohos.gni")
config("bootevent_static_config") {
include_dirs = [
- "//base/startup/init_lite/services/param/linux",
- "//base/startup/init_lite/services/loopevent/include",
- "//base/startup/init_lite/services/param/include",
- "//base/startup/init_lite/services/include/param",
+ "//base/startup/init/services/param/linux",
+ "//base/startup/init/services/loopevent/include",
+ "//base/startup/init/services/param/include",
+ "//base/startup/init/services/include/param",
]
}
ohos_source_set("libbootevent_static") {
sources = [ "bootevent.c" ]
public_configs = [ ":bootevent_static_config" ]
- public_configs += [ "//base/startup/init_lite/interfaces/innerkits/init_module_engine:init_module_engine_exported_config" ]
+ public_configs += [ "//base/startup/init/interfaces/innerkits/init_module_engine:init_module_engine_exported_config" ]
}
diff --git a/services/modules/seccomp/BUILD.gn b/services/modules/seccomp/BUILD.gn
new file mode 100755
index 0000000000000000000000000000000000000000..eee65a00a725909aef4ac4f15904f6b919e21d7b
--- /dev/null
+++ b/services/modules/seccomp/BUILD.gn
@@ -0,0 +1,133 @@
+# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import("//base/startup/init/begetd.gni")
+import(
+ "//base/startup/init/services/modules/seccomp/scripts/seccomp_policy_fixer.gni")
+import("//build/config/clang/clang.gni")
+import("//build/ohos.gni")
+import("//build/ohos/kernel/kernel.gni")
+
+INIT_PART = "init"
+
+action("syscall_to_nr_arm") {
+ script = "${clang_base_path}/bin/clang"
+ output_dir = target_gen_dir + "/libsyscall_to_nr_arm"
+ args = [
+ "-I",
+ rebase_path(
+ "//kernel/linux/patches/${linux_kernel_version}/prebuilts/usr/include/asm-arm"),
+ "-I",
+ rebase_path(
+ "//kernel/linux/patches/${linux_kernel_version}/prebuilts/usr/include"),
+ "-dD",
+ "-E",
+ "-Wall",
+ "-nostdinc",
+ "-o",
+ rebase_path(output_dir),
+ rebase_path("gen_syscall_name_nrs.c"),
+ ]
+
+ outputs = [ output_dir ]
+}
+
+action("syscall_to_nr_arm64") {
+ script = "${clang_base_path}/bin/clang"
+ output_dir = target_gen_dir + "/libsyscall_to_nr_arm64"
+ args = [
+ "-I",
+ rebase_path(
+ "//kernel/linux/patches/${linux_kernel_version}/prebuilts/usr/include/asm-arm64"),
+ "-I",
+ rebase_path(
+ "//kernel/linux/patches/${linux_kernel_version}/prebuilts/usr/include"),
+ "-dD",
+ "-E",
+ "-Wall",
+ "-nostdinc",
+ "-o",
+ rebase_path(output_dir),
+ rebase_path("gen_syscall_name_nrs.c"),
+ ]
+
+ outputs = [ output_dir ]
+}
+
+ohos_prebuilt_seccomp("system_filter") {
+ sources = []
+ if (target_cpu == "arm") {
+ sources += [ "seccomp_policy/system_arm.seccomp.policy" ]
+ } else if (target_cpu == "arm64") {
+ sources += [
+ # 64-bit machine also need check use 32-bit syscall
+ "seccomp_policy/system_arm.seccomp.policy",
+ "seccomp_policy/system_arm64.seccomp.policy",
+ ]
+ }
+
+ filtername = "g_systemSeccompFilter"
+ include_dirs = [ "." ]
+ part_name = INIT_PART
+ subsystem_name = "startup"
+
+ install_enable = true
+ install_images = [
+ "system",
+ "ramdisk",
+ ]
+}
+
+ohos_prebuilt_seccomp("appspawn_filter") {
+ sources = []
+ if (target_cpu == "arm") {
+ sources += [ "seccomp_policy/spawn_arm.seccomp.policy" ]
+ } else if (target_cpu == "arm64") {
+ sources += [
+ # 64-bit machine also need check use 32-bit syscall
+ "seccomp_policy/spawn_arm.seccomp.policy",
+ "seccomp_policy/spawn_arm64.seccomp.policy",
+ ]
+ }
+
+ filtername = "g_appspawnSeccompFilter"
+ include_dirs = [ "." ]
+ part_name = INIT_PART
+ subsystem_name = "startup"
+
+ install_enable = true
+ install_images = [
+ "system",
+ "ramdisk",
+ ]
+}
+
+ohos_static_library("seccomp_static") {
+ sources = [ "//base/startup/init/services/modules/seccomp/seccomp_policy.c" ]
+
+ include_dirs = [
+ "//base/startup/init/interfaces/innerkits/include",
+ "//base/startup/init/interfaces/innerkits/seccomp/include",
+ "//base/startup/init/services/modules/seccomp",
+ ]
+
+ deps = [
+ ":appspawn_filter",
+ ":system_filter",
+ ]
+
+ license_file = "//base/startup/init/LICENSE"
+
+ part_name = INIT_PART
+ subsystem_name = "startup"
+}
diff --git a/services/modules/seccomp/gen_syscall_name_nrs.c b/services/modules/seccomp/gen_syscall_name_nrs.c
new file mode 100644
index 0000000000000000000000000000000000000000..f742989c7d5856ca98b3e39eeb3423d846c7adfb
--- /dev/null
+++ b/services/modules/seccomp/gen_syscall_name_nrs.c
@@ -0,0 +1,16 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include
\ No newline at end of file
diff --git a/services/modules/seccomp/scripts/generate_code_from_policy.py b/services/modules/seccomp/scripts/generate_code_from_policy.py
new file mode 100755
index 0000000000000000000000000000000000000000..14b954926903d975ea076b45784088932e0d582b
--- /dev/null
+++ b/services/modules/seccomp/scripts/generate_code_from_policy.py
@@ -0,0 +1,806 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+
+#
+# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+import sys
+import argparse
+import textwrap
+import re
+
+supported_parse_item = ['arch', 'labelName', 'priority', 'allowList', 'blockList', \
+ 'allowListWithArgs', 'headFiles', 'selfDefineSyscall', 'returnValue', 'mode']
+
+function_name_nr_table_dict = {}
+
+BPF_JGE = 'BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, {}, {}, {}),'
+BPF_JGT = 'BPF_JUMP(BPF_JMP|BPF_JGT|BPF_K, {}, {}, {}),'
+BPF_JEQ = 'BPF_JUMP(BPF_JMP|BPF_JEQ|BPF_K, {}, {}, {}),'
+BPF_JSET = 'BPF_JUMP(BPF_JMP|BPF_JSET|BPF_K, {}, {}, {}),'
+BPF_LOAD = 'BPF_STMT(BPF_LD|BPF_W|BPF_ABS, {}),'
+BPF_LOAD_MEM = 'BPF_STMT(BPF_LD|BPF_MEM, {}),'
+BPF_ST = 'BPF_STMT(BPF_ST, {}),'
+BPF_RET_VALUE = 'BPF_STMT(BPF_RET|BPF_K, {}),'
+
+operation = ['<', '<=', '!=', '==', '>', '>=', '&']
+
+ret_str_to_bpf = {
+ 'KILL_PROCESS': 'SECCOMP_RET_KILL_PROCESS',
+ 'KILL_THREAD': 'SECCOMP_RET_KILL_THREAD',
+ 'LOG' : 'SECCOMP_RET_LOG'
+}
+
+mode_str = {
+ 'DEFAULT': 0,
+ 'ONLY_CHECK_ARGS': 1
+}
+
+def is_hex_digit(s):
+ try:
+ int(s, 16)
+ return True
+
+ except ValueError:
+ return False
+
+
+def str_convert_to_int(s):
+ number = -1
+ digit_flag = False
+
+ if s.isdigit() :
+ number = int(s)
+ digit_flag = True
+
+ elif is_hex_digit(s):
+ number = int(s, 16)
+ digit_flag = True
+
+ return number, digit_flag
+
+
+class SeccompPolicyParam:
+ def __init__(self, arch):
+ self.arch = arch
+ self.priority = set()
+ self.allow_list = set()
+ self.blocklist = set()
+ self.allow_list_with_args = set()
+ self.head_files = set()
+ self.self_define_syscall = set()
+ self.final_allow_list = set()
+ self.final_priority = set()
+ self.final_allow_list_with_args = set()
+ self.return_value = ''
+ self.mode = 'DEFAULT'
+ self.function_name_nr_table = function_name_nr_table_dict.get(arch)
+ self.value_function = {
+ 'priority': self.update_priority,
+ 'allowList': self.update_allow_list,
+ 'blockList': self.update_blocklist,
+ 'allowListWithArgs': self.update_allow_list_with_args,
+ 'headFiles': self.update_head_files,
+ 'selfDefineSyscall': self.update_self_define_syscall,
+ 'returnValue': self.update_return_value,
+ 'mode': self.update_mode
+ }
+
+ def clear_list(self):
+ self.priority.clear()
+ self.allow_list.clear()
+ self.blocklist.clear()
+ self.allow_list_with_args.clear()
+ if self.mode == 'ONLY_CHECK_ARGS':
+ self.final_allow_list.clear()
+ self.final_priority.clear()
+
+ def function_name_to_nr(self, function_name_list):
+ return set(self.function_name_nr_table[function_name] for function_name \
+ in function_name_list if function_name in self.function_name_nr_table)
+
+ def is_function_name_exist(self, function_name):
+ if function_name in self.function_name_nr_table:
+ return True
+ else:
+ print('[ERROR] {} not exsit in {} function_name_nr_table Table'.format(function_name, self.arch))
+ return False
+
+ def update_priority(self, function_name):
+ if self.is_function_name_exist(function_name):
+ self.priority.add(function_name)
+ return True
+ return False
+
+ def update_allow_list(self, function_name):
+ if self.is_function_name_exist(function_name):
+ self.allow_list.add(function_name)
+ return True
+ return False
+
+ def update_blocklist(self, function_name):
+ if self.is_function_name_exist(function_name):
+ self.blocklist.add(function_name)
+ return True
+ return False
+
+ def update_allow_list_with_args(self, function_name_with_args):
+ function_name = function_name_with_args[:function_name_with_args.find(':')]
+ function_name = function_name.strip()
+ if self.is_function_name_exist(function_name):
+ self.allow_list_with_args.add(function_name_with_args)
+ return True
+ return False
+
+ def update_head_files(self, head_files):
+ if len(head_files) > 2 and (head_files[0] == '\"' and head_files[-1] == '\"') or \
+ (head_files[0] == '<' and head_files[-1] == '>'):
+ self.head_files.add(head_files)
+ return True
+
+ print('[ERROR] {} is not legal by headFiles format'.format(head_files))
+ return False
+
+ def update_self_define_syscall(self, self_define_syscall):
+ nr, digit_flag = str_convert_to_int(self_define_syscall)
+ if digit_flag and nr not in self.function_name_nr_table.values():
+ self.self_define_syscall.add(nr)
+ return True
+
+ print("[ERROR] {} is not a number or {} is already used by ohter \
+ syscall".format(self_define_syscall, self_define_syscall))
+ return False
+
+ def update_return_value(self, return_str):
+ if return_str in ret_str_to_bpf:
+ self.return_value = return_str
+ return True
+
+ print('[ERROR] {} not in [KILL_RPOCESS, KILL_THREAD, LOG]'.format(return_str))
+ return False
+
+ def update_mode(self, mode):
+ if mode in mode_str.keys():
+ self.mode = mode
+ return True
+ print('[ERROR] {} not in [DEFAULT, ONLY_CHECK_ARGS]'.format(mode_str))
+ return False
+
+ def update_final_list(self):
+ #remove duplicate function_name
+ self.allow_list_with_args = set(item for item in self.allow_list_with_args \
+ if item[:item.find(':')] not in self.blocklist)
+ function_name_list_with_args = set(item[:item.find(':')] for item in self.allow_list_with_args)
+ self.final_allow_list |= self.allow_list - self.blocklist - self.priority - function_name_list_with_args
+ self.final_priority |= self.priority - self.blocklist - function_name_list_with_args
+ self.final_allow_list_with_args |= self.allow_list_with_args
+ block_nr_list = self.function_name_to_nr(self.blocklist)
+ self.self_define_syscall = self.self_define_syscall - block_nr_list
+ self.clear_list()
+
+
+class GenBpfPolicy:
+ def __init__(self):
+ self.arch = ''
+ self.syscall_nr_range = []
+ self.bpf_policy = []
+ self.syscall_nr_policy_list = []
+ self.function_name_nr_table = {}
+ self.gen_mode = 0
+ self.flag = True
+ self.operate_func_table = {
+ '<' : self.gen_bpf_lt,
+ '<=': self.gen_bpf_le,
+ '==': self.gen_bpf_eq,
+ '!=': self.gen_bpf_ne,
+ '>' : self.gen_bpf_gt,
+ '>=': self.gen_bpf_ge,
+ '&' : self.gen_bpf_set,
+ }
+
+ def update_arch(self, arch):
+ self.arch = arch
+ self.function_name_nr_table = function_name_nr_table_dict.get(arch)
+ self.syscall_nr_range = []
+ self.syscall_nr_policy_list = []
+
+ def clear_bpf_policy(self):
+ self.bpf_policy.clear()
+
+ def get_gen_flag(self):
+ return self.flag
+
+ def set_gen_flag(self, flag):
+ if flag:
+ self.flag = True
+ else:
+ self.flag = False
+
+ def set_gen_mode(self, mode):
+ self.gen_mode = mode_str.get(mode)
+
+ @staticmethod
+ def gen_bpf_eq32(self, const_str, jt, jf):
+ bpf_policy = []
+ bpf_policy.append(BPF_JEQ.format(const_str + ' & 0xffffffff', jt, jf))
+ return bpf_policy
+
+ @staticmethod
+ def gen_bpf_eq64(self, const_str, jt, jf):
+ bpf_policy = []
+ bpf_policy.append(BPF_JEQ.format('((unsigned long)' + const_str + ') >> 32', 0, jf + 2))
+ bpf_policy.append(BPF_LOAD_MEM.format(0))
+ bpf_policy.append(BPF_JEQ.format(const_str + ' & 0xffffffff', jt, jf))
+ return bpf_policy
+
+ def gen_bpf_eq(self, const_str, jt, jf):
+ if self.arch == 'arm':
+ return self.gen_bpf_eq32(const_str, jt, jf)
+ elif self.arch == 'arm64':
+ return self.gen_bpf_eq64(const_str, jt, jf)
+ return []
+
+ def gen_bpf_ne(self, const_str, jt, jf):
+ return self.gen_bpf_eq(const_str, jf, jt)
+
+ @staticmethod
+ def gen_bpf_gt32(const_str, jt, jf):
+ bpf_policy = []
+ bpf_policy.append(BPF_JGT.format(const_str + ' & 0xffffffff', jt, jf))
+ return bpf_policy
+
+ @staticmethod
+ def gen_bpf_gt64(const_str, jt, jf):
+ bpf_policy = []
+ number, digit_flag = str_convert_to_int(const_str)
+
+ hight = int(number / (2**32))
+ low = number & 0xffffffff
+
+ if digit_flag and hight == 0:
+ bpf_policy.append(BPF_JGT.format('((unsigned long)' + const_str + ') >> 32', jt + 2, 0))
+ else:
+ bpf_policy.append(BPF_JGT.format('((unsigned long)' + const_str + ') >> 32', jt + 3, 0))
+ bpf_policy.append(BPF_JEQ.format('((unsigned long)' + const_str + ') >> 32', 0, jf + 2))
+
+ bpf_policy.append(BPF_LOAD_MEM.format(0))
+ bpf_policy.append(BPF_JGT.format(const_str + ' & 0xffffffff', jt, jf))
+
+ return bpf_policy
+
+ def gen_bpf_gt(self, const_str, jt, jf):
+ if self.arch == 'arm':
+ return self.gen_bpf_gt32(const_str, jt, jf)
+ elif self.arch == 'arm64':
+ return self.gen_bpf_gt64(const_str, jt, jf)
+ return []
+
+ def gen_bpf_le(self, const_str, jt, jf):
+ return self.gen_bpf_gt(const_str, jf, jt)
+
+ @staticmethod
+ def gen_bpf_ge32(const_str, jt, jf):
+ bpf_policy = []
+ bpf_policy.append(BPF_JGE.format(const_str+' & 0xffffffff', jt, jf))
+ return bpf_policy
+
+ @staticmethod
+ def gen_bpf_ge64(const_str, jt, jf):
+ bpf_policy = []
+ number, digit_flag = str_convert_to_int(const_str)
+
+ hight = int(number / (2**32))
+ low = number & 0xffffffff
+
+ if digit_flag and hight == 0:
+ bpf_policy.append(BPF_JGE.format('((unsigned long)'+const_str+') >> 32', jt + 2, 0))
+ else:
+ bpf_policy.append(BPF_JGE.format('((unsigned long)'+const_str+') >> 32', jt + 3, 0))
+ bpf_policy.append(BPF_JEQ.format('((unsigned long)'+const_str+') >> 32', 0, jf + 2))
+ bpf_policy.append(BPF_LOAD_MEM.format(0))
+ bpf_policy.append(BPF_JGE.format(const_str+' & 0xffffffff', jt, jf))
+ return bpf_policy
+
+ def gen_bpf_ge(self, const_str, jt, jf):
+ if self.arch == 'arm':
+ return self.gen_bpf_ge32(const_str, jt, jf)
+ elif self.arch == 'arm64':
+ return self.gen_bpf_ge64(const_str, jt, jf)
+ return []
+
+ def gen_bpf_lt(self, const_str, jt, jf):
+ return self.gen_bpf_ge(const_str, jf, jt)
+
+ @staticmethod
+ def gen_bpf_set32(const_str, jt, jf):
+ bpf_policy = []
+ bpf_policy.append(BPF_JSET.format(const_str + ' & 0xffffffff', jt, jf))
+ return bpf_policy
+
+ @staticmethod
+ def gen_bpf_set64(const_str, jt, jf):
+ bpf_policy = []
+ bpf_policy.append(BPF_JSET.format('((unsigned long)' + const_str+') >> 32', jt + 2, 0))
+ bpf_policy.append(BPF_LOAD_MEM.format(0))
+ bpf_policy.append(BPF_JSET.format(const_str + ' & 0xffffffff', jt, jf))
+ return bpf_policy
+
+ def gen_bpf_set(self, const_str, jt, jf):
+ if self.arch == 'arm':
+ return self.gen_bpf_set32(const_str, jt, jf)
+ elif self.arch == 'arm64':
+ return self.gen_bpf_set64(const_str, jt, jf)
+ return []
+
+ @staticmethod
+ def gen_bpf_valid_syscall_nr(syscall_nr, cur_size):
+ bpf_policy = []
+ bpf_policy.append(BPF_LOAD.format(0))
+ bpf_policy.append(BPF_JEQ.format(syscall_nr, 0, cur_size))
+ return bpf_policy
+
+ def gen_range_list(self, syscall_nr_list):
+ if len(syscall_nr_list) == 0:
+ return
+ self.syscall_nr_range.clear()
+
+ syscall_nr_list_order = sorted(list(syscall_nr_list))
+ range_temp = [syscall_nr_list_order[0], syscall_nr_list_order[0]]
+
+ for i in range(len(syscall_nr_list_order) - 1):
+ if syscall_nr_list_order[i + 1] != syscall_nr_list_order[i] + 1:
+ range_temp[1] = syscall_nr_list_order[i]
+ self.syscall_nr_range.append(range_temp)
+ range_temp = [syscall_nr_list_order[i + 1], syscall_nr_list_order[i + 1]]
+
+ range_temp[1] = syscall_nr_list_order[-1]
+ self.syscall_nr_range.append(range_temp)
+
+ def gen_policy_syscall_nr(self, min_index, max_index, cur_syscall_nr_range):
+ middle_index = (int)((min_index + max_index + 1) / 2)
+
+ if middle_index == min_index:
+ self.syscall_nr_policy_list.append(cur_syscall_nr_range[middle_index][1] + 1)
+ return
+ else:
+ self.syscall_nr_policy_list.append(cur_syscall_nr_range[middle_index][0])
+
+ self.gen_policy_syscall_nr(min_index, middle_index - 1, cur_syscall_nr_range)
+ self.gen_policy_syscall_nr(middle_index, max_index, cur_syscall_nr_range)
+
+ def gen_policy_syscall_nr_list(self, cur_syscall_nr_range):
+ if not cur_syscall_nr_range:
+ return
+ self.syscall_nr_policy_list.clear()
+ self.syscall_nr_policy_list.append(cur_syscall_nr_range[0][0])
+ self.gen_policy_syscall_nr(0, len(cur_syscall_nr_range) - 1, cur_syscall_nr_range)
+
+ def calculate_step(self, index):
+ for i in range(index + 1, len(self.syscall_nr_policy_list)):
+ if self.syscall_nr_policy_list[index] < self.syscall_nr_policy_list[i]:
+ step = i - index
+ break
+ return step - 1
+
+ def nr_range_to_bpf_policy(self, cur_syscall_nr_range):
+ self.gen_policy_syscall_nr_list(cur_syscall_nr_range)
+ syscall_list_len = len(self.syscall_nr_policy_list)
+
+ if syscall_list_len == 0:
+ return
+
+ self.bpf_policy.append(BPF_JGE.format(self.syscall_nr_policy_list[0], 0, syscall_list_len))
+
+ range_max_list = [k[1] for k in cur_syscall_nr_range]
+
+ for i in range(1, syscall_list_len):
+ if self.syscall_nr_policy_list[i] - 1 in range_max_list:
+ self.bpf_policy.append(BPF_JGE.format(self.syscall_nr_policy_list[i], \
+ syscall_list_len - i, syscall_list_len - i - 1))
+ else:
+ step = self.calculate_step(i)
+ self.bpf_policy.append(BPF_JGE.format(self.syscall_nr_policy_list[i], step, 0))
+
+ if self.syscall_nr_policy_list:
+ self.bpf_policy.append(BPF_RET_VALUE.format('SECCOMP_RET_ALLOW'))
+
+ def count_alone_range(self):
+ cnt = 0
+ for item in self.syscall_nr_range:
+ if item[0] == item[1]:
+ cnt = cnt + 1
+ return cnt
+
+ def gen_transverse_bpf_policy(self):
+ if not self.syscall_nr_range:
+ return
+ cnt = self.count_alone_range()
+ total_instruction_num = cnt + (len(self.syscall_nr_range) - cnt) * 2
+ i = 0
+ for item in self.syscall_nr_range:
+ if item[0] == item[1]:
+ if i == total_instruction_num - 1:
+ self.bpf_policy.append(BPF_JEQ.format(item[0], total_instruction_num - i - 1, 1))
+ else:
+ self.bpf_policy.append(BPF_JEQ.format(item[0], total_instruction_num - i - 1, 0))
+ i += 1
+ else:
+ self.bpf_policy.append(BPF_JGE.format(item[0], 0, total_instruction_num - i))
+ i += 1
+ if i == total_instruction_num - 1:
+ self.bpf_policy.append(BPF_JGE.format(item[1] + 1, 1, total_instruction_num - i - 1))
+ else:
+ self.bpf_policy.append(BPF_JGE.format(item[1] + 1, 0, total_instruction_num - i - 1))
+ i += 1
+
+ self.bpf_policy.append(BPF_RET_VALUE.format('SECCOMP_RET_ALLOW'))
+
+ def gen_bpf_policy(self, syscall_nr_list):
+ self.gen_range_list(syscall_nr_list)
+ range_size = (int)((len(self.syscall_nr_range) - 1) / 127) + 1
+ alone_range_cnt = self.count_alone_range()
+ if alone_range_cnt >= len(self.syscall_nr_range) / 2:
+ #Scattered distribution
+ self.gen_transverse_bpf_policy()
+ return
+
+ if range_size == 1:
+ self.nr_range_to_bpf_policy(self.syscall_nr_range)
+ else:
+ for i in range(0, range_size):
+ if i == 0:
+ self.nr_range_to_bpf_policy(self.syscall_nr_range[-127 * (i + 1):])
+ elif i == range_size - 1:
+ self.nr_range_to_bpf_policy(self.syscall_nr_range[:-127 * i])
+ else:
+ self.nr_range_to_bpf_policy(self.syscall_nr_range[-127 * (i + 1): -127 * i])
+
+ def load_arg(self, arg_id):
+ # little endian
+ bpf_policy = []
+ if self.arch == 'arm':
+ bpf_policy.append(BPF_LOAD.format(16 + arg_id * 8))
+ elif self.arch == 'arm64':
+ #low 4 bytes
+ bpf_policy.append(BPF_LOAD.format(16 + arg_id * 8))
+ bpf_policy.append(BPF_ST.format(0))
+ #high 4 bytes
+ bpf_policy.append(BPF_LOAD.format(20 + arg_id * 8))
+ bpf_policy.append(BPF_ST.format(1))
+
+ return bpf_policy
+
+ def compile_atom(self, atom, cur_size):
+ bpf_policy = []
+ if len(atom) < 6:
+ print('[ERROR] {} format ERROR '.format(atom))
+ self.flag = False
+ return bpf_policy
+
+ arg_str = atom[0:3]
+ if arg_str != 'arg':
+ print('[ERROR] format ERROR, {} not start with arg'.format(atom))
+ self.flag = False
+ return bpf_policy
+
+ arg_id = int(atom[3])
+ if arg_id not in range(6):
+ print('[ERROR] arg num out of the scope 0~5')
+ self.flag = False
+ return bpf_policy
+
+ operation_str = atom[4:6]
+ if operation_str not in operation:
+ operation_str = atom[4]
+ if operation_str not in operation:
+ print('[ERROR] operation not in [<, <=, !=, ==, >, >=, &]')
+ self.flag = False
+ return bpf_policy
+
+ const_str = atom[4 + len(operation_str):]
+
+ if not const_str:
+ return bpf_policy
+
+ bpf_policy += self.load_arg(arg_id)
+ bpf_policy += self.operate_func_table.get(operation_str)(const_str, 0, cur_size + 1)
+
+ return bpf_policy
+
+ def parse_args_with_condition(self, group):
+ #the priority of && higher than ||
+ atoms = group.split('&&')
+ bpf_policy = []
+ for atom in reversed(atoms):
+ bpf_policy = self.compile_atom(atom, len(bpf_policy)) + bpf_policy
+ bpf_policy.append(BPF_RET_VALUE.format('SECCOMP_RET_ALLOW'))
+ return bpf_policy
+
+ def parse_sub_group(self, group):
+ bpf_policy = []
+ and_cond_groups = group.split('||')
+ for and_condition_group in and_cond_groups:
+ bpf_policy += self.parse_args_with_condition(and_condition_group)
+ return bpf_policy
+
+ def parse_args(self, function_name, line, skip):
+ bpf_policy = []
+
+ group = line.split('elif')
+ for sub_group in group:
+ bpf_policy += self.parse_sub_group(sub_group)
+ syscall_nr = self.function_name_nr_table.get(function_name)
+ #load syscall nr
+ bpf_policy = self.gen_bpf_valid_syscall_nr(syscall_nr, len(bpf_policy) - skip) + bpf_policy
+ return bpf_policy
+
+ def gen_bpf_policy_with_args(self, allow_list_with_args, mode):
+ self.set_gen_mode(mode)
+ skip = 0
+ for line in allow_list_with_args:
+ if self.gen_mode == 1 and line == list(allow_list_with_args)[-1]:
+ skip = 1
+ line = line.replace(' ', '')
+ pos = line.find(':')
+ function_name = line[:pos]
+
+ left_line = line[pos+1:]
+ if not left_line.startswith('if'):
+ continue
+
+ self.bpf_policy += self.parse_args(function_name, left_line[2:], skip)
+
+ def add_load_syscall_nr(self):
+ self.bpf_policy.append(BPF_LOAD.format(0))
+
+ def add_return_value(self, return_value):
+ self.bpf_policy.append(BPF_RET_VALUE.format(ret_str_to_bpf.get(return_value)))
+
+ def add_validate_arch(self, arches, skip_step):
+ if not self.bpf_policy or not self.flag:
+ return
+ bpf_policy = []
+ #load arch
+ bpf_policy.append(BPF_LOAD.format(4))
+ if len(arches) == 2:
+ bpf_policy.append(BPF_JEQ.format('AUDIT_ARCH_AARCH64', 2, 0))
+ bpf_policy.append(BPF_JEQ.format('AUDIT_ARCH_ARM', skip_step, 0))
+ bpf_policy.append(BPF_RET_VALUE.format('SECCOMP_RET_KILL_PROCESS'))
+ elif 'arm' in arches:
+ bpf_policy.append(BPF_JEQ.format('AUDIT_ARCH_ARM', 1, 0))
+ bpf_policy.append(BPF_RET_VALUE.format('SECCOMP_RET_KILL_PROCESS'))
+ elif 'arm64' in arches:
+ bpf_policy.append(BPF_JEQ.format('AUDIT_ARCH_AARCH64', 1, 0))
+ bpf_policy.append(BPF_RET_VALUE.format('SECCOMP_RET_KILL_PROCESS'))
+ else:
+ self.bpf_policy = []
+
+ self.bpf_policy = bpf_policy + self.bpf_policy
+
+
+class SeccompPolicyParser:
+ def __init__(self):
+ self.cur_parse_item = ''
+ self.cur_arch = ''
+ self.arches = set()
+ self.bpf_generator = GenBpfPolicy()
+ self.seccomp_policy_param_arm = None
+ self.seccomp_policy_param_arm64 = None
+ self.cur_policy_param = None
+
+ def update_arch(self, arch):
+ if arch in ['arm', 'arm64'] :
+ self.cur_arch = arch
+ print("[INFO] start deal with {} scope".format(self.cur_arch))
+ self.arches.add(arch)
+ if self.cur_arch == 'arm':
+ self.cur_policy_param = self.seccomp_policy_param_arm
+ elif self.cur_arch == 'arm64':
+ self.cur_policy_param = self.seccomp_policy_param_arm64
+ else:
+ print('[ERROR] {} not in [arm arm64]'.format(arch))
+ self.bpf_generator.set_gen_flag(False)
+
+ def update_parse_item(self, line):
+ item = line[1:]
+ if item in supported_parse_item:
+ self.cur_parse_item = item
+ print('[INFO] start deal with {}'.format(self.cur_parse_item))
+
+ def clear_file_syscall_list(self):
+ self.seccomp_policy_param_arm.update_final_list()
+ self.seccomp_policy_param_arm64.update_final_list()
+ self.cur_parse_item = ''
+ self.cur_arch = ''
+
+ def parse_line(self, line):
+ if not self.cur_parse_item :
+ return
+ if self.cur_parse_item == 'arch':
+ self.update_arch(line)
+ elif not self.cur_arch :
+ return
+ else:
+ if not self.cur_policy_param.value_function.get(self.cur_parse_item)(line):
+ self.bpf_generator.set_gen_flag(False)
+
+ def parse_open_file(self, fp):
+ for line in fp:
+ line = line.strip()
+ if not line:
+ continue
+ if line[0] == '#':
+ continue
+ if line[0] == '@':
+ self.update_parse_item(line)
+ continue
+ if line[0] != '@' and self.cur_arch == '' and self.cur_parse_item == '':
+ continue
+ self.parse_line(line)
+ self.clear_file_syscall_list()
+
+ def parse_file(self, file_path):
+ with open(file_path) as fp:
+ self.parse_open_file(fp)
+
+ def gen_seccomp_policy_of_arch(self):
+ if not self.cur_policy_param.return_value:
+ print('[ERROR] return value not defined')
+ self.bpf_generator.set_gen_flag(False)
+ return
+
+ #get final allow_list
+ syscall_nr_allow_list = self.cur_policy_param.function_name_to_nr(self.cur_policy_param.final_allow_list) | \
+ self.cur_policy_param.self_define_syscall
+ syscall_nr_priority = self.cur_policy_param.function_name_to_nr(self.cur_policy_param.final_priority)
+ self.bpf_generator.update_arch(self.cur_arch)
+
+ #load syscall nr
+ if syscall_nr_allow_list or syscall_nr_priority:
+ self.bpf_generator.add_load_syscall_nr()
+ self.bpf_generator.gen_bpf_policy(syscall_nr_priority)
+ self.bpf_generator.gen_bpf_policy(syscall_nr_allow_list)
+ self.bpf_generator.gen_bpf_policy_with_args(self.cur_policy_param.final_allow_list_with_args, \
+ self.cur_policy_param.mode)
+
+ self.bpf_generator.add_return_value(self.cur_policy_param.return_value)
+
+ def gen_seccomp_policy(self):
+ if 'arm64' in self.arches:
+ self.update_arch('arm64')
+ self.gen_seccomp_policy_of_arch()
+
+ skip_step = len(self.bpf_generator.bpf_policy) + 1
+
+ if 'arm' in self.arches:
+ self.update_arch('arm')
+ self.gen_seccomp_policy_of_arch()
+ self.bpf_generator.add_validate_arch(self.arches, skip_step)
+
+ def gen_output_file(self, args):
+ if not self.bpf_generator.bpf_policy:
+ print("[ERROR] bpf_policy is empty!")
+ return
+
+ header = textwrap.dedent('''\
+
+ #include
+ #include
+ #include
+ #include
+ ''')
+ extra_header = set()
+ extra_header = self.seccomp_policy_param_arm.head_files | self.seccomp_policy_param_arm64.head_files
+ extra_header_list = ['#include ' + i for i in extra_header]
+
+ array_name = textwrap.dedent('''
+
+ const struct sock_filter {}[] = {{
+ ''').format(args.bpfArrayName)
+
+ footer = textwrap.dedent('''\
+
+ }};
+
+ const size_t {} = sizeof({}) / sizeof(struct sock_filter);
+ ''').format(args.bpfArrayName + 'Size', args.bpfArrayName)
+
+ content = header + '\n'.join(extra_header_list) + array_name + \
+ ' ' + '\n '.join(self.bpf_generator.bpf_policy) + footer
+
+ with open(args.dstfile, 'w') as output_file:
+ output_file.write(content)
+
+ def filter_syscalls_nr(self, name_to_nr):
+ syscalls = {}
+ for syscall_name, nr in name_to_nr.items():
+ if not syscall_name.startswith("__NR_") and not syscall_name.startswith("__ARM_NR_"):
+ continue
+
+ if syscall_name.startswith("__NR_arm_"):
+ syscall_name = syscall_name[len("__NR_arm_"):]
+ elif syscall_name.startswith("__NR_"):
+ syscall_name = syscall_name[len("__NR_"):]
+ elif syscall_name.startswith("__ARM_NR_"):
+ syscall_name = syscall_name[len("__ARM_NR_"):]
+
+ syscalls[syscall_name] = nr
+
+ return syscalls
+
+ def parse_syscall_file(self, file_name):
+ const_pattern = re.compile(
+ r'^\s*#define\s+([A-Za-z_][A-Za-z0-9_]+)\s+(.+)\s*$')
+ mark_pattern = re.compile(r'\b[A-Za-z_][A-Za-z0-9_]+\b')
+ name_to_nr = {}
+ with open(file_name) as f:
+ for line in f:
+ k = const_pattern.match(line)
+ if k is None:
+ continue
+ try:
+ name = k.group(1)
+ nr = eval(mark_pattern.sub(lambda x: str(name_to_nr[x.group(0)]),
+ k.group(2)))
+
+ name_to_nr[name] = nr
+ except(KeyError, SyntaxError, NameError, TypeError):
+ continue
+
+ return self.filter_syscalls_nr(name_to_nr)
+
+ def gen_syscall_nr_table(self, file_name):
+ s = re.search(r"libsyscall_to_nr_([^/]+)", file_name)
+ function_name_nr_table_dict[str(s.group(1))] = self.parse_syscall_file(file_name)
+ if str(s.group(1)) not in function_name_nr_table_dict.keys():
+ return False
+ return True
+
+ def gen_seccomp_policy_code(self, args):
+ for file_name in args.srcfiles:
+ file_name_tmp = file_name.split('/')[-1]
+ if not file_name_tmp.lower().startswith('libsyscall_to_nr_'):
+ continue
+ if not self.gen_syscall_nr_table(file_name):
+ return
+ self.seccomp_policy_param_arm = SeccompPolicyParam('arm')
+ self.seccomp_policy_param_arm64 = SeccompPolicyParam('arm64')
+ for file_name in args.srcfiles:
+ if file_name.lower().endswith('.policy'):
+ self.parse_file(file_name)
+ self.gen_seccomp_policy()
+ if self.bpf_generator.get_gen_flag():
+ self.gen_output_file(args)
+
+
+def main():
+ parser = argparse.ArgumentParser(
+ description='Generates a seccomp-bpf policy')
+ parser.add_argument('--srcfiles', type=str, action='append',
+ help=('The input files\n'))
+ parser.add_argument('--dstfile',
+ help='The output path for the policy files')
+
+ parser.add_argument('--bpfArrayName', type=str,
+ help='Name of seccomp bpf array generated by this script')
+
+ args = parser.parse_args()
+
+ generator = SeccompPolicyParser()
+ generator.gen_seccomp_policy_code(args)
+
+
+if __name__ == '__main__':
+ sys.exit(main())
\ No newline at end of file
diff --git a/services/modules/seccomp/scripts/seccomp_policy_fixer.gni b/services/modules/seccomp/scripts/seccomp_policy_fixer.gni
new file mode 100755
index 0000000000000000000000000000000000000000..cf14d67ebc65f26817dc1a167dd316363b113045
--- /dev/null
+++ b/services/modules/seccomp/scripts/seccomp_policy_fixer.gni
@@ -0,0 +1,80 @@
+# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import("//build/config/python.gni")
+import("//build/ohos.gni")
+
+template("ohos_prebuilt_seccomp") {
+ assert(defined(invoker.sources), "source must be defined for ${target_name}.")
+ assert(defined(invoker.filtername),
+ "source must be defined for ${target_name}.")
+
+ _seccomp_filter_target = "gen_${target_name}"
+ _seccomp_filter_file = target_gen_dir + "/${target_name}.c"
+
+ action(_seccomp_filter_target) {
+ script = "//base/startup/init/services/modules/seccomp/scripts/generate_code_from_policy.py"
+
+ sources = invoker.sources
+ sources += get_target_outputs(
+ "//base/startup/init/services/modules/seccomp:syscall_to_nr_arm")
+ sources += get_target_outputs(
+ "//base/startup/init/services/modules/seccomp:syscall_to_nr_arm64")
+
+ deps = [
+ "//base/startup/init/services/modules/seccomp:syscall_to_nr_arm",
+ "//base/startup/init/services/modules/seccomp:syscall_to_nr_arm64",
+ ]
+
+ args = []
+ foreach(source, sources) {
+ args += [
+ "--srcfiles",
+ rebase_path(source),
+ ]
+ }
+ args += [
+ "--dstfile",
+ rebase_path(_seccomp_filter_file),
+ "--bpfArrayName",
+ invoker.filtername,
+ ]
+
+ outputs = [ _seccomp_filter_file ]
+ }
+
+ ohos_shared_library(target_name) {
+ deps = [ ":${_seccomp_filter_target}" ]
+ sources = get_target_outputs(":${_seccomp_filter_target}")
+
+ if (defined(invoker.include_dirs)) {
+ include_dirs = invoker.include_dirs
+ }
+
+ if (defined(invoker.install_enable)) {
+ install_enable = invoker.install_enable
+ }
+
+ if (defined(invoker.part_name)) {
+ part_name = invoker.part_name
+ }
+
+ if (defined(invoker.subsystem_name)) {
+ subsystem_name = invoker.subsystem_name
+ }
+
+ if (defined(invoker.install_images)) {
+ install_images = invoker.install_images
+ }
+ }
+}
diff --git a/services/modules/seccomp/seccomp_filters.h b/services/modules/seccomp/seccomp_filters.h
new file mode 100644
index 0000000000000000000000000000000000000000..60ef8dd4023de9293d76fd7a942a43e0278958b0
--- /dev/null
+++ b/services/modules/seccomp/seccomp_filters.h
@@ -0,0 +1,41 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef SECCOMP_FILTERS_H
+#define SECCOMP_FILTERS_H
+
+#include
+#include
+
+#ifdef __cplusplus
+#if __cplusplus
+extern "C" {
+#endif
+#endif
+
+extern const struct sock_filter g_appspawnSeccompFilter[];
+extern const size_t g_appspawnSeccompFilterSize;
+
+extern const struct sock_filter g_systemSeccompFilter[];
+extern const size_t g_systemSeccompFilterSize;
+
+#ifdef __cplusplus
+#if __cplusplus
+}
+#endif
+#endif
+
+#endif // SECCOMP_FILTERS_H
+
diff --git a/services/modules/seccomp/seccomp_policy.c b/services/modules/seccomp/seccomp_policy.c
new file mode 100644
index 0000000000000000000000000000000000000000..5dbe436f4858d6df031b267497028a0adeed8204
--- /dev/null
+++ b/services/modules/seccomp/seccomp_policy.c
@@ -0,0 +1,84 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "seccomp_policy.h"
+#include "seccomp_filters.h"
+#include "seccomp_utils.h"
+
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+
+#ifndef SECCOMP_SET_MODE_FILTER
+#define SECCOMP_SET_MODE_FILTER (1)
+#endif
+
+static bool IsSupportFilterFlag(unsigned int filterFlag)
+{
+ errno = 0;
+ int ret = syscall(__NR_seccomp, SECCOMP_SET_MODE_FILTER, filterFlag, NULL);
+ if (ret != -1 || errno != EFAULT) {
+ SECCOMP_LOGE("not support seccomp flag %u", filterFlag);
+ return false;
+ }
+
+ return true;
+}
+
+static bool InstallSeccompPolicy(const struct sock_filter* filter, size_t filterSize, unsigned int filterFlag)
+{
+ unsigned int flag = 0;
+ struct sock_fprog prog = {
+ (unsigned short)filterSize,
+ (struct sock_filter*)filter
+ };
+
+ if (IsSupportFilterFlag(SECCOMP_FILTER_FLAG_TSYNC) && (filterFlag & SECCOMP_FILTER_FLAG_TSYNC)) {
+ flag |= SECCOMP_FILTER_FLAG_TSYNC;
+ }
+
+ if (IsSupportFilterFlag(SECCOMP_FILTER_FLAG_LOG) && (filterFlag & SECCOMP_FILTER_FLAG_LOG)) {
+ flag |= SECCOMP_FILTER_FLAG_LOG;
+ }
+
+ if (syscall(__NR_seccomp, SECCOMP_SET_MODE_FILTER, flag, &prog) != 0) {
+ SECCOMP_LOGE("SetSeccompFilter failed");
+ return false;
+ }
+
+ return true;
+}
+
+bool SetSeccompPolicy(PolicyType policy)
+{
+ bool ret = false;
+ switch (policy) {
+ case SYSTEM:
+ ret = InstallSeccompPolicy(g_systemSeccompFilter, g_systemSeccompFilterSize, SECCOMP_FILTER_FLAG_LOG);
+ break;
+ case APPSPAWN:
+ ret = InstallSeccompPolicy(g_appspawnSeccompFilter, g_appspawnSeccompFilterSize, SECCOMP_FILTER_FLAG_LOG);
+ break;
+ default:
+ ret = false;
+ }
+
+ return ret;
+}
diff --git a/services/modules/seccomp/seccomp_policy/spawn_arm.seccomp.policy b/services/modules/seccomp/seccomp_policy/spawn_arm.seccomp.policy
new file mode 100644
index 0000000000000000000000000000000000000000..1d3be644a1d16b9c4bdbf6a4a56f2ed42cab67d6
--- /dev/null
+++ b/services/modules/seccomp/seccomp_policy/spawn_arm.seccomp.policy
@@ -0,0 +1,28 @@
+# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+@arch
+arm
+
+@returnValue
+KILL_PROCESS
+
+@mode
+ONLY_CHECK_ARGS
+
+@headFiles
+"seccomp_filters.h"
+
+@allowListWithArgs
+setresuid32: if arg0 >= 10000 && arg1 >= 10000 && arg2 >= 10000
+setresgid32: if arg0 >= 10000 && arg1 >= 10000 && arg2 >= 10000
\ No newline at end of file
diff --git a/services/modules/seccomp/seccomp_policy/spawn_arm64.seccomp.policy b/services/modules/seccomp/seccomp_policy/spawn_arm64.seccomp.policy
new file mode 100644
index 0000000000000000000000000000000000000000..f1a51befcaae026331c8de204ac6c19311844996
--- /dev/null
+++ b/services/modules/seccomp/seccomp_policy/spawn_arm64.seccomp.policy
@@ -0,0 +1,27 @@
+# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+@arch
+arm64
+
+@returnValue
+KILL_PROCESS
+
+@mode
+ONLY_CHECK_ARGS
+
+@headFiles
+"seccomp_filters.h"
+
+@allowListWithArgs
+setresuid: if arg0 >= 10000 && arg1 >= 10000 && arg2 >= 10000
+setresgid: if arg0 >= 10000 && arg1 >= 10000 && arg2 >= 10000
\ No newline at end of file
diff --git a/services/modules/seccomp/seccomp_policy/system_arm.seccomp.policy b/services/modules/seccomp/seccomp_policy/system_arm.seccomp.policy
new file mode 100644
index 0000000000000000000000000000000000000000..5bb8f706f9e06ee885bc9a226c732204e8b9582b
--- /dev/null
+++ b/services/modules/seccomp/seccomp_policy/system_arm.seccomp.policy
@@ -0,0 +1,307 @@
+# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+@arch
+arm
+
+@returnValue
+KILL_PROCESS
+
+@headFiles
+"seccomp_filters.h"
+
+@allowList
+restart_syscall
+exit
+fork
+read
+write
+open
+close
+unlink
+execve
+chdir
+mknod
+chmod
+lseek
+getpid
+mount
+ptrace
+access
+sync
+kill
+rename
+mkdir
+rmdir
+dup
+pipe
+times
+brk
+acct
+umount2
+ioctl
+setpgid
+umask
+chroot
+dup2
+getppid
+setsid
+sigaction
+sethostname
+setrlimit
+getrusage
+gettimeofday
+settimeofday
+symlink
+readlink
+swapon
+reboot
+munmap
+truncate
+fchmod
+getpriority
+setpriority
+syslog
+setitimer
+getitimer
+stat
+wait4
+swapoff
+sysinfo
+fsync
+sigreturn
+clone
+setdomainname
+uname
+adjtimex
+mprotect
+init_module
+delete_module
+quotactl
+getpgid
+fchdir
+personality
+setfsuid
+setfsgid
+_llseek
+_newselect
+flock
+msync
+readv
+writev
+getsid
+fdatasync
+mlock
+munlock
+mlockall
+munlockall
+sched_setparam
+sched_getparam
+sched_setscheduler
+sched_getscheduler
+sched_yield
+sched_get_priority_max
+sched_get_priority_min
+sched_rr_get_interval
+nanosleep
+mremap
+poll
+prctl
+rt_sigreturn
+rt_sigaction
+rt_sigprocmask
+rt_sigpending
+rt_sigtimedwait
+rt_sigqueueinfo
+rt_sigsuspend
+pread64
+pwrite64
+getcwd
+capget
+capset
+sigaltstack
+sendfile
+vfork
+ugetrlimit
+mmap2
+truncate64
+ftruncate64
+stat64
+fstat64
+lchown32
+getuid32
+getgid32
+geteuid32
+getegid32
+setreuid32
+setregid32
+chown32
+getgroups32
+setgroups32
+pivot_root
+fchown32
+setresuid32
+getresuid32
+setresgid32
+getresgid32
+setuid32
+setgid32
+getdents64
+mincore
+madvise
+fcntl64
+gettid
+readahead
+setxattr
+lsetxattr
+fsetxattr
+getxattr
+lgetxattr
+fgetxattr
+listxattr
+llistxattr
+flistxattr
+removexattr
+lremovexattr
+fremovexattr
+tkill
+sendfile64
+futex
+sched_setaffinity
+sched_getaffinity
+io_setup
+io_destroy
+io_getevents
+io_submit
+io_cancel
+exit_group
+epoll_ctl
+set_tid_address
+timer_create
+timer_settime
+timer_gettime
+timer_getoverrun
+timer_delete
+clock_settime
+clock_gettime
+clock_getres
+clock_nanosleep
+statfs64
+fstatfs64
+tgkill
+fadvise64_64
+waitid
+socket
+bind
+connect
+listen
+accept
+getsockname
+getpeername
+socketpair
+sendto
+recvfrom
+shutdown
+setsockopt
+getsockopt
+sendmsg
+recvmsg
+inotify_add_watch
+inotify_rm_watch
+openat
+mkdirat
+mknodat
+fchownat
+fstatat64
+unlinkat
+renameat
+linkat
+symlinkat
+readlinkat
+fchmodat
+faccessat
+pselect6
+ppoll
+unshare
+set_robust_list
+get_robust_list
+splice
+sync_file_range2
+tee
+vmsplice
+getcpu
+epoll_pwait
+utimensat
+timerfd_create
+fallocate
+timerfd_settime
+timerfd_gettime
+signalfd4
+eventfd2
+epoll_create1
+dup3
+pipe2
+inotify_init1
+preadv
+pwritev
+rt_tgsigqueueinfo
+perf_event_open
+recvmmsg
+accept4
+prlimit64
+clock_adjtime
+syncfs
+sendmmsg
+setns
+process_vm_readv
+process_vm_writev
+finit_module
+sched_setattr
+sched_getattr
+renameat2
+seccomp
+getrandom
+memfd_create
+bpf
+execveat
+userfaultfd
+membarrier
+mlock2
+copy_file_range
+preadv2
+pwritev2
+statx
+clock_gettime64
+clock_settime64
+clock_adjtime64
+clock_getres_time64
+clock_nanosleep_time64
+timer_gettime64
+timer_settime64
+timerfd_gettime64
+timerfd_settime64
+utimensat_time64
+pselect6_time64
+ppoll_time64
+recvmmsg_time64
+semtimedop_time64
+rt_sigtimedwait_time64
+futex_time64
+sched_rr_get_interval_time64
+pidfd_send_signal
+pidfd_open
+close_range
+pidfd_getfd
+process_madvise
+cacheflush
+set_tls
diff --git a/services/modules/seccomp/seccomp_policy/system_arm64.seccomp.policy b/services/modules/seccomp/seccomp_policy/system_arm64.seccomp.policy
new file mode 100644
index 0000000000000000000000000000000000000000..0035a99b39a093fc75573e2e9e938d68ade785bd
--- /dev/null
+++ b/services/modules/seccomp/seccomp_policy/system_arm64.seccomp.policy
@@ -0,0 +1,265 @@
+# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+@arch
+arm64
+
+@returnValue
+KILL_PROCESS
+
+@headFiles
+"seccomp_filters.h"
+
+@allowList
+io_setup
+io_destroy
+io_submit
+io_cancel
+io_getevents
+setxattr
+lsetxattr
+fsetxattr
+getxattr
+lgetxattr
+fgetxattr
+listxattr
+llistxattr
+flistxattr
+removexattr
+lremovexattr
+fremovexattr
+getcwd
+eventfd2
+epoll_create1
+epoll_ctl
+epoll_pwait
+dup
+dup3
+fcntl
+inotify_init1
+inotify_add_watch
+inotify_rm_watch
+ioctl
+ioprio_set
+ioprio_get
+flock
+mknodat
+mkdirat
+unlinkat
+symlinkat
+linkat
+renameat
+umount2
+mount
+pivot_root
+statfs
+fstatfs
+truncate
+ftruncate
+fallocate
+faccessat
+chdir
+fchdir
+chroot
+fchmod
+fchmodat
+fchownat
+fchown
+openat
+close
+pipe2
+quotactl
+getdents64
+lseek
+read
+write
+readv
+writev
+pread64
+pwrite64
+preadv
+pwritev
+sendfile
+pselect6
+ppoll
+signalfd4
+vmsplice
+splice
+tee
+readlinkat
+newfstatat
+fstat
+sync
+fsync
+fdatasync
+sync_file_range
+timerfd_create
+timerfd_settime
+timerfd_gettime
+utimensat
+acct
+capget
+capset
+personality
+exit
+exit_group
+waitid
+set_tid_address
+unshare
+futex
+set_robust_list
+get_robust_list
+nanosleep
+getitimer
+setitimer
+init_module
+delete_module
+timer_create
+timer_gettime
+timer_getoverrun
+timer_settime
+timer_delete
+clock_settime
+clock_gettime
+clock_getres
+clock_nanosleep
+syslog
+ptrace
+sched_setparam
+sched_setscheduler
+sched_getscheduler
+sched_getparam
+sched_setaffinity
+sched_getaffinity
+sched_yield
+sched_get_priority_max
+sched_get_priority_min
+sched_rr_get_interval
+restart_syscall
+kill
+tkill
+tgkill
+sigaltstack
+rt_sigsuspend
+rt_sigaction
+rt_sigprocmask
+rt_sigpending
+rt_sigtimedwait
+rt_sigqueueinfo
+rt_sigreturn
+setpriority
+getpriority
+reboot
+setregid
+setgid
+setreuid
+setuid
+setresuid
+getresuid
+setresgid
+getresgid
+setfsuid
+setfsgid
+times
+setpgid
+getpgid
+getsid
+setsid
+getgroups
+setgroups
+uname
+sethostname
+setdomainname
+getrlimit
+setrlimit
+getrusage
+umask
+prctl
+getcpu
+gettimeofday
+settimeofday
+adjtimex
+getpid
+getppid
+getuid
+geteuid
+getgid
+getegid
+gettid
+sysinfo
+socket
+socketpair
+bind
+listen
+accept
+connect
+getsockname
+getpeername
+sendto
+recvfrom
+setsockopt
+getsockopt
+shutdown
+sendmsg
+recvmsg
+readahead
+brk
+munmap
+mremap
+clone
+execve
+mmap
+fadvise64
+swapon
+swapoff
+mprotect
+msync
+mlock
+munlock
+mlockall
+munlockall
+mincore
+madvise
+rt_tgsigqueueinfo
+perf_event_open
+accept4
+recvmmsg
+wait4
+prlimit64
+clock_adjtime
+syncfs
+setns
+sendmmsg
+process_vm_readv
+process_vm_writev
+finit_module
+sched_setattr
+sched_getattr
+renameat2
+seccomp
+getrandom
+memfd_create
+bpf
+execveat
+userfaultfd
+membarrier
+mlock2
+copy_file_range
+preadv2
+pwritev2
+statx
+pidfd_send_signal
+pidfd_open
+close_range
+pidfd_getfd
+process_madvise
diff --git a/services/modules/seccomp/seccomp_utils.h b/services/modules/seccomp/seccomp_utils.h
new file mode 100644
index 0000000000000000000000000000000000000000..4e2fb4fb576a242c6759d92596b43a77d26bfc84
--- /dev/null
+++ b/services/modules/seccomp/seccomp_utils.h
@@ -0,0 +1,49 @@
+/*
+ * Copyright (c) 2021 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef BASE_STARTUP_SECCOMP_UTILS_H
+#define BASE_STARTUP_SECCOMP_UTILS_H
+#include
+#include
+
+#include "beget_ext.h"
+
+#ifdef __cplusplus
+#if __cplusplus
+extern "C" {
+#endif
+#endif
+
+
+#ifndef SECCOMP_DOMAIN
+#define SECCOMP_DOMAIN (BASE_DOMAIN + 0xe)
+#endif
+#define SECCOMP_LABEL "SECCOMP"
+#define SECCOMP_LOGI(fmt, ...) STARTUP_LOGI(SECCOMP_DOMAIN, SECCOMP_LABEL, fmt, ##__VA_ARGS__)
+#define SECCOMP_LOGE(fmt, ...) STARTUP_LOGE(SECCOMP_DOMAIN, SECCOMP_LABEL, fmt, ##__VA_ARGS__)
+#define SECCOMP_LOGV(fmt, ...) STARTUP_LOGV(SECCOMP_DOMAIN, SECCOMP_LABEL, fmt, ##__VA_ARGS__)
+
+#ifdef INIT_AGENT
+#define SECCOMP_DUMP printf
+#else
+#define SECCOMP_DUMP SECCOMP_LOGI
+#endif
+
+#ifdef __cplusplus
+#if __cplusplus
+}
+#endif
+#endif
+#endif
\ No newline at end of file
diff --git a/services/param/BUILD.gn b/services/param/BUILD.gn
index 2163b3deb64202f6d7bef9e337e558c98ba9ea54..f32bf01adbebd4c7e80757a8067711adfc86c520 100755
--- a/services/param/BUILD.gn
+++ b/services/param/BUILD.gn
@@ -10,7 +10,7 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-import("//base/startup/init_lite/begetd.gni")
+import("//base/startup/init/begetd.gni")
group("parameter") {
deps = []
diff --git a/services/param/adapter/param_dac.c b/services/param/adapter/param_dac.c
index da7ff6a119da0a35afab3043b41a86bf7305a429..ef46e1d268cf3ca47f9b4e7f7a5a041f4bfc9b36 100644
--- a/services/param/adapter/param_dac.c
+++ b/services/param/adapter/param_dac.c
@@ -211,7 +211,7 @@ static int CheckFilePermission(const ParamSecurityLabel *localLabel, const char
static int CheckUserInGroup(WorkSpace *space, gid_t groupId, uid_t uid)
{
#ifdef __MUSL__
- static char buffer[USER_BUFFER_LEN] = {0};
+ char buffer[USER_BUFFER_LEN] = {0};
uint32_t labelIndex = 0;
int ret = ParamSprintf(buffer, sizeof(buffer), "%s.%d.%d", GROUP_FORMAT, groupId, uid);
PARAM_CHECK(ret >= 0, return -1, "Failed to format name for %s.%d.%d", GROUP_FORMAT, groupId, uid);
diff --git a/services/param/adapter/param_persistadp.c b/services/param/adapter/param_persistadp.c
index 0711d927ec2be744bb5fb723cf0466a8eaebdf4e..75055c7e75327583635c2b66a92d40ea6889b81b 100644
--- a/services/param/adapter/param_persistadp.c
+++ b/services/param/adapter/param_persistadp.c
@@ -14,7 +14,6 @@
*/
#include
-#include
#include
#include
diff --git a/services/param/adapter/param_selinux.c b/services/param/adapter/param_selinux.c
index 12c6b3af13244e2bd459269152afb144c81d257b..ab11478516516799ae8287a577d9349426e37c37 100644
--- a/services/param/adapter/param_selinux.c
+++ b/services/param/adapter/param_selinux.c
@@ -13,7 +13,6 @@
* limitations under the License.
*/
#include
-#include
#include
#include "init_utils.h"
diff --git a/services/param/base/BUILD.gn b/services/param/base/BUILD.gn
index fc91250a2df644a9ebb502120afd4d1adcb1cb6b..2088269d9fbcccdf17690e5be2b06f7b9a04afae 100644
--- a/services/param/base/BUILD.gn
+++ b/services/param/base/BUILD.gn
@@ -10,34 +10,34 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-import("//base/startup/init_lite/begetd.gni")
+import("//base/startup/init/begetd.gni")
import("//build/ohos.gni")
config("exported_header_files") {
visibility = [ ":*" ]
include_dirs = [
- "//base/startup/init_lite/interfaces/innerkits/include",
- "//base/startup/init_lite/services/include/param",
- "//base/startup/init_lite/services/include",
- "//base/startup/init_lite/services/loopevent/include",
- "//base/startup/init_lite/services/log",
+ "//base/startup/init/interfaces/innerkits/include",
+ "//base/startup/init/services/include/param",
+ "//base/startup/init/services/include",
+ "//base/startup/init/services/loopevent/include",
+ "//base/startup/init/services/log",
]
}
base_sources = [
- "//base/startup/init_lite/services/log/init_commlog.c",
- "//base/startup/init_lite/services/param/base/param_base.c",
- "//base/startup/init_lite/services/param/base/param_comm.c",
- "//base/startup/init_lite/services/param/base/param_trie.c",
- "//base/startup/init_lite/services/utils/init_hashmap.c",
- "//base/startup/init_lite/services/utils/list.c",
+ "//base/startup/init/services/log/init_commlog.c",
+ "//base/startup/init/services/param/base/param_base.c",
+ "//base/startup/init/services/param/base/param_comm.c",
+ "//base/startup/init/services/param/base/param_trie.c",
+ "//base/startup/init/services/utils/init_hashmap.c",
+ "//base/startup/init/services/utils/list.c",
]
base_include_dirs = [
- "//base/startup/init_lite/services/param/include",
- "//base/startup/init_lite/services/param/adapter",
- "//base/startup/init_lite/services/param/linux",
- "//base/startup/init_lite/services/param/base",
+ "//base/startup/init/services/param/include",
+ "//base/startup/init/services/param/adapter",
+ "//base/startup/init/services/param/linux",
+ "//base/startup/init/services/param/base",
"//base/security/selinux/interfaces/policycoreutils/include",
]
@@ -51,8 +51,8 @@ if (defined(ohos_lite)) {
if (ohos_kernel_type == "linux") {
sources += [
- "//base/startup/init_lite/services/param/adapter/param_dac.c",
- "//base/startup/init_lite/services/param/linux/param_osadp.c",
+ "//base/startup/init/services/param/adapter/param_dac.c",
+ "//base/startup/init/services/param/linux/param_osadp.c",
]
defines += [
"__LINUX__",
@@ -60,8 +60,8 @@ if (defined(ohos_lite)) {
]
} else if (ohos_kernel_type == "liteos_a") {
sources += [
- "//base/startup/init_lite/services/param/liteos/param_litedac.c",
- "//base/startup/init_lite/services/param/liteos/param_osadp.c",
+ "//base/startup/init/services/param/liteos/param_litedac.c",
+ "//base/startup/init/services/param/liteos/param_osadp.c",
]
include_dirs += [ "//third_party/bounds_checking_function/include" ]
defines += [
@@ -76,8 +76,8 @@ if (defined(ohos_lite)) {
ohos_static_library("parameterbase") {
sources = base_sources
sources += [
- "//base/startup/init_lite/services/param/adapter/param_dac.c",
- "//base/startup/init_lite/services/param/linux/param_osadp.c",
+ "//base/startup/init/services/param/adapter/param_dac.c",
+ "//base/startup/init/services/param/linux/param_osadp.c",
]
cflags = [ "-fPIC" ]
include_dirs = base_include_dirs
@@ -95,7 +95,7 @@ if (defined(ohos_lite)) {
"//base/security/selinux/interfaces/policycoreutils/include/",
]
sources +=
- [ "//base/startup/init_lite/services/param/adapter/param_selinux.c" ]
+ [ "//base/startup/init/services/param/adapter/param_selinux.c" ]
defines += [
"PARAM_SUPPORT_SELINUX",
"PARAMWORKSPACE_NEED_MUTEX",
diff --git a/services/param/base/param_base.c b/services/param/base/param_base.c
index b6728b1ee66c1f4a5c6acfe0325da9b0342fef59..437be46415ba3288103d6673a1e51f6018480a94 100644
--- a/services/param/base/param_base.c
+++ b/services/param/base/param_base.c
@@ -34,7 +34,7 @@ static int WorkSpaceKeyCompare(const HashNode *node1, const void *key)
return strcmp(workSpace1->fileName, (char *)key);
}
-static int GenerateKeyHasCode(const char *buff, uint32_t len)
+static int GenerateKeyHasCode(const char *buff, size_t len)
{
int code = 0;
for (size_t i = 0; i < len; i++) {
diff --git a/services/param/base/param_comm.c b/services/param/base/param_comm.c
index d183355ce15ca4d66b7149ed1931b605d7c1dc41..75c8cbcfaa1bbc3fa226640abf618e59ec5b586c 100644
--- a/services/param/base/param_comm.c
+++ b/services/param/base/param_comm.c
@@ -72,7 +72,10 @@ INIT_LOCAL_API ParamTrieNode *GetTrieNodeByHandle(ParamHandle handle)
WorkSpace *workSpace = HASHMAP_ENTRY(node, WorkSpace, hashNode);
WORKSPACE_RW_UNLOCK(*paramSpace);
index = index - workSpace->area->startIndex;
- return (ParamTrieNode *)GetTrieNode(workSpace, index);
+ if (PARAM_IS_ALIGNED(index)) {
+ return (ParamTrieNode *)GetTrieNode(workSpace, index);
+ }
+ return NULL;
}
INIT_LOCAL_API WorkSpace *GetFirstWorkSpace(void)
diff --git a/services/param/base/param_trie.c b/services/param/base/param_trie.c
index ea3cf7ecf45044b13e202b91eeac51b6b7c77c13..feca2b7ffd129da3f43a9afe0179ab857c95de13 100644
--- a/services/param/base/param_trie.c
+++ b/services/param/base/param_trie.c
@@ -16,7 +16,6 @@
#include "param_trie.h"
#include
-#include
#include "init_param.h"
#include "param_base.h"
diff --git a/services/param/include/param_utils.h b/services/param/include/param_utils.h
index fcd2f17bb72eb1c8984aaab19048fb6427478b82..d3aaa3c675395c1c376453e86e24f24640d18efe 100644
--- a/services/param/include/param_utils.h
+++ b/services/param/include/param_utils.h
@@ -49,6 +49,7 @@ typedef struct cmdLineInfo {
#define UNUSED(x) (void)(x)
#endif
#define PARAM_ALIGN(len) (((len) + 0x03) & (~0x03))
+#define PARAM_IS_ALIGNED(x) (((x) & 0x03) == 0)
#define PARAM_ENTRY(ptr, type, member) (type *)((char *)(ptr)-offsetof(type, member))
#define IS_READY_ONLY(name) \
@@ -76,7 +77,7 @@ typedef struct cmdLineInfo {
#elif defined __LINUX__
#define DATA_PATH STARTUP_INIT_UT_PATH"/storage/data/system/param/"
#else
-#define DATA_PATH STARTUP_INIT_UT_PATH"/data/parameters/"
+#define DATA_PATH STARTUP_INIT_UT_PATH"/data/service/el1/startup/parameters/"
#endif
#define CLIENT_PIPE_NAME "/dev/unix/socket/paramservice"
diff --git a/services/param/linux/BUILD.gn b/services/param/linux/BUILD.gn
index 95673eb6e18c779cb6b06a269f925f95dfbb41b4..175743681a5ccc6e31a9c934b84af0d534ed1ac0 100755
--- a/services/param/linux/BUILD.gn
+++ b/services/param/linux/BUILD.gn
@@ -10,29 +10,29 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-import("//base/startup/init_lite/begetd.gni")
+import("//base/startup/init/begetd.gni")
import("//build/ohos.gni")
config("exported_header_files") {
visibility = [ ":*" ]
include_dirs = [
- "//base/startup/init_lite/interfaces/innerkits/include",
- "//base/startup/init_lite/interfaces/service/include/param",
- "//base/startup/init_lite/interfaces/service/param/include",
+ "//base/startup/init/interfaces/innerkits/include",
+ "//base/startup/init/interfaces/service/include/param",
+ "//base/startup/init/interfaces/service/param/include",
]
}
param_include_dirs = [
- "//base/startup/init_lite/services/param/include",
- "//base/startup/init_lite/services/param/adapter",
- "//base/startup/init_lite/services/param/linux",
- "//base/startup/init_lite/services/param/base",
- "//base/startup/init_lite/services/include/param",
- "//base/startup/init_lite/services/include",
- "//base/startup/init_lite/services/init/include",
- "//base/startup/init_lite/services/log",
- "//base/startup/init_lite/interfaces/innerkits/init_module_engine/include",
- "//base/startup/init_lite/services/loopevent/include",
+ "//base/startup/init/services/param/include",
+ "//base/startup/init/services/param/adapter",
+ "//base/startup/init/services/param/linux",
+ "//base/startup/init/services/param/base",
+ "//base/startup/init/services/include/param",
+ "//base/startup/init/services/include",
+ "//base/startup/init/services/init/include",
+ "//base/startup/init/services/log",
+ "//base/startup/init/interfaces/innerkits/init_module_engine/include",
+ "//base/startup/init/services/loopevent/include",
"//third_party/bounds_checking_function/include",
"//third_party/cJSON",
"//utils/native/lite/include",
@@ -40,25 +40,25 @@ param_include_dirs = [
]
param_service_sources = [
- "//base/startup/init_lite/services/param/adapter/param_persistadp.c",
- "//base/startup/init_lite/services/param/linux/param_message.c",
- "//base/startup/init_lite/services/param/linux/param_msgadp.c",
- "//base/startup/init_lite/services/param/linux/param_service.c",
- "//base/startup/init_lite/services/param/manager/param_manager.c",
- "//base/startup/init_lite/services/param/manager/param_persist.c",
- "//base/startup/init_lite/services/param/manager/param_server.c",
+ "//base/startup/init/services/param/adapter/param_persistadp.c",
+ "//base/startup/init/services/param/linux/param_message.c",
+ "//base/startup/init/services/param/linux/param_msgadp.c",
+ "//base/startup/init/services/param/linux/param_service.c",
+ "//base/startup/init/services/param/manager/param_manager.c",
+ "//base/startup/init/services/param/manager/param_persist.c",
+ "//base/startup/init/services/param/manager/param_server.c",
]
param_trigger_sources = [
- "//base/startup/init_lite/services/param/trigger/trigger_checker.c",
- "//base/startup/init_lite/services/param/trigger/trigger_manager.c",
- "//base/startup/init_lite/services/param/trigger/trigger_processor.c",
+ "//base/startup/init/services/param/trigger/trigger_checker.c",
+ "//base/startup/init/services/param/trigger/trigger_manager.c",
+ "//base/startup/init/services/param/trigger/trigger_processor.c",
]
param_client_sources = [
- "//base/startup/init_lite/services/param/linux/param_message.c",
- "//base/startup/init_lite/services/param/linux/param_request.c",
- "//base/startup/init_lite/services/param/manager/param_manager.c",
+ "//base/startup/init/services/param/linux/param_message.c",
+ "//base/startup/init/services/param/linux/param_request.c",
+ "//base/startup/init/services/param/manager/param_manager.c",
]
# only for linux
diff --git a/services/param/linux/param_message.c b/services/param/linux/param_message.c
index 5960830603712eb1163500df5b55d304365e051f..6d8639cf3a4f349a3d01d858eb3c649234f484a3 100644
--- a/services/param/linux/param_message.c
+++ b/services/param/linux/param_message.c
@@ -20,7 +20,7 @@
#include "param_utils.h"
#include "securec.h"
-int ConntectServer(int fd, const char *servername)
+int ConnectServer(int fd, const char *servername)
{
PARAM_CHECK(fd >= 0, return -1, "Invalid fd %d", fd);
int opt = 1;
@@ -36,7 +36,7 @@ int ConntectServer(int fd, const char *servername)
int len = offsetof(struct sockaddr_un, sun_path) + strlen(addr.sun_path);
ret = connect(fd, (struct sockaddr *)&addr, len);
PARAM_CHECK(ret != -1, return -1, "Failed to connect server %s %d", servername, errno);
- PARAM_LOGV("ConntectServer %s success", servername);
+ PARAM_LOGV("ConnectServer %s success", servername);
return 0;
}
diff --git a/services/param/linux/param_message.h b/services/param/linux/param_message.h
index f8c489148e1d024d31b2ee7c83e1b370528c670c..bdaceef363500c3d7e0c3e59ab085154f0720ed9 100755
--- a/services/param/linux/param_message.h
+++ b/services/param/linux/param_message.h
@@ -75,7 +75,7 @@ typedef int (*RecvMessage)(const ParamTaskPtr stream, const ParamMessage *msg);
typedef struct {
uint32_t flags;
char *server;
- LE_IncommingConntect incomingConnect;
+ LE_IncommingConnect incomingConnect;
RecvMessage recvMessage;
LE_Close close;
} ParamStreamInfo;
@@ -97,7 +97,7 @@ int FillParamMsgContent(const ParamMessage *request, uint32_t *start, int type,
ParamMsgContent *GetNextContent(const ParamMessage *reqest, uint32_t *offset);
ParamMessage *CreateParamMessage(int type, const char *name, uint32_t msgSize);
-int ConntectServer(int fd, const char *servername);
+int ConnectServer(int fd, const char *servername);
#ifdef STARTUP_INIT_TEST
int ProcessMessage(const ParamTaskPtr worker, const ParamMessage *msg);
diff --git a/services/param/linux/param_msgadp.c b/services/param/linux/param_msgadp.c
index 038a35ac1aa1603a631863801617b8988fbd2bd9..bcc9cf73441d37c18e9650b218826f4e572dc59b 100644
--- a/services/param/linux/param_msgadp.c
+++ b/services/param/linux/param_msgadp.c
@@ -52,7 +52,7 @@ int ParamServerCreate(ParamTaskPtr *stream, const ParamStreamInfo *streamInfo)
info.baseInfo.flags = TASK_STREAM | TASK_PIPE | TASK_SERVER;
info.server = streamInfo->server;
info.baseInfo.close = streamInfo->close;
- info.incommingConntect = streamInfo->incomingConnect;
+ info.incommingConnect = streamInfo->incomingConnect;
return LE_CreateStreamServer(LE_GetDefaultLoop(), stream, &info);
}
@@ -69,7 +69,7 @@ int ParamStreamCreate(ParamTaskPtr *stream, ParamTaskPtr server,
info.baseInfo.flags |= TASK_TEST;
}
info.baseInfo.close = streamInfo->close;
- info.disConntectComplete = NULL;
+ info.disConnectComplete = NULL;
info.sendMessageComplete = NULL;
info.recvMessage = OnReceiveRequest;
g_recvMessage = streamInfo->recvMessage;
diff --git a/services/param/linux/param_osadp.c b/services/param/linux/param_osadp.c
index 3b71cfaee69c13fe69b204eac6468199f1230edf..7a12a682163ce02ae2117daf9c5d41841799f93f 100644
--- a/services/param/linux/param_osadp.c
+++ b/services/param/linux/param_osadp.c
@@ -15,10 +15,7 @@
#include "param_osadp.h"
#include
-#include
-#include
#include
-#include
#include "param_message.h"
#include "param_utils.h"
@@ -29,23 +26,37 @@ void paramMutexEnvInit(void)
int ParamRWMutexCreate(ParamRWMutex *lock)
{
+ PARAM_CHECK(lock != NULL, return -1, "Invalid lock");
+ pthread_rwlockattr_t rwlockatt;
+ pthread_rwlockattr_init(&rwlockatt);
+ pthread_rwlockattr_setpshared(&rwlockatt, PTHREAD_PROCESS_SHARED);
+ pthread_rwlock_init(&lock->rwlock, &rwlockatt);
return 0;
}
int ParamRWMutexWRLock(ParamRWMutex *lock)
{
+ PARAM_CHECK(lock != NULL, return -1, "Invalid lock");
+ pthread_rwlock_wrlock(&lock->rwlock);
return 0;
}
int ParamRWMutexRDLock(ParamRWMutex *lock)
{
+ PARAM_CHECK(lock != NULL, return -1, "Invalid lock");
+ pthread_rwlock_rdlock(&lock->rwlock);
return 0;
}
int ParamRWMutexUnlock(ParamRWMutex *lock)
{
+ PARAM_CHECK(lock != NULL, return -1, "Invalid lock");
+ pthread_rwlock_unlock(&lock->rwlock);
return 0;
}
int ParamRWMutexDelete(ParamRWMutex *lock)
{
+ PARAM_CHECK(lock != NULL, return -1, "Invalid lock");
+ uint32_t ret = pthread_rwlock_destroy(&lock->rwlock);
+ PARAM_CHECK(ret == 0, return -1, "Failed to mutex lock ret %d", ret);
return 0;
}
diff --git a/services/param/linux/param_request.c b/services/param/linux/param_request.c
index 3b9b8d74941f6a63be26c410513854cde3f9ef1a..a367f8c046ccb7c58b71111fe19f844e8509d859 100644
--- a/services/param/linux/param_request.c
+++ b/services/param/linux/param_request.c
@@ -15,7 +15,6 @@
#include "init_param.h"
#include
-#include
#include
#include
#include
@@ -26,7 +25,6 @@
#include "param_manager.h"
#include "param_message.h"
#include "param_security.h"
-#include "securec.h"
#define INVALID_SOCKET (-1)
static const uint32_t RECV_BUFFER_MAX = 5 * 1024;
@@ -40,7 +38,6 @@ __attribute__((constructor)) static void ParameterInit(void)
return;
}
EnableInitLog(INIT_INFO);
- PARAM_LOGI("ParameterInit ");
InitParamWorkSpace(1);
}
@@ -51,7 +48,6 @@ __attribute__((destructor)) static void ParameterDeinit(void)
close(g_clientFd);
g_clientFd = INVALID_SOCKET;
}
- CloseParamWorkSpace();
pthread_mutex_destroy(&g_clientMutex);
}
@@ -112,7 +108,7 @@ static int GetClientSocket(int timeout)
time.tv_usec = 0;
int clientFd = socket(AF_UNIX, SOCK_STREAM, 0);
PARAM_CHECK(clientFd >= 0, return -1, "Failed to create socket");
- int ret = ConntectServer(clientFd, CLIENT_PIPE_NAME);
+ int ret = ConnectServer(clientFd, CLIENT_PIPE_NAME);
if (ret == 0) {
setsockopt(clientFd, SOL_SOCKET, SO_SNDTIMEO, (char *)&time, sizeof(struct timeval));
setsockopt(clientFd, SOL_SOCKET, SO_RCVTIMEO, (char *)&time, sizeof(struct timeval));
diff --git a/services/param/linux/param_service.c b/services/param/linux/param_service.c
index 79943b7c0286641963667dc82c0624202df30842..5e99a909262b41c9d1e9b6a84198a9fbc653ef9e 100755
--- a/services/param/linux/param_service.c
+++ b/services/param/linux/param_service.c
@@ -14,15 +14,9 @@
*/
#include
#include
-#include
#include
#include
-#include
-#include
#include
-#include
-#include
-#include
#include "init_param.h"
#include "init_utils.h"
diff --git a/services/param/liteos/BUILD.gn b/services/param/liteos/BUILD.gn
index 6e29ab905a45f76c5c5b51a4b5c5038cc87cc5b4..ccea8c344b56e7e9c96b1e8cabd42422dd1219b8 100644
--- a/services/param/liteos/BUILD.gn
+++ b/services/param/liteos/BUILD.gn
@@ -10,17 +10,17 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-import("//base/startup/init_lite/begetd.gni")
+import("//base/startup/init/begetd.gni")
param_include_dirs = [
- "//base/startup/init_lite/interfaces/innerkits/include/syspara",
- "//base/startup/init_lite/services/param/include",
- "//base/startup/init_lite/services/param/adapter",
- "//base/startup/init_lite/services/include/param",
- "//base/startup/init_lite/services/include",
- "//base/startup/init_lite/services/init/include",
- "//base/startup/init_lite/services/log",
- "//base/startup/init_lite/services/loopevent/include",
+ "//base/startup/init/interfaces/innerkits/include/syspara",
+ "//base/startup/init/services/param/include",
+ "//base/startup/init/services/param/adapter",
+ "//base/startup/init/services/include/param",
+ "//base/startup/init/services/include",
+ "//base/startup/init/services/init/include",
+ "//base/startup/init/services/log",
+ "//base/startup/init/services/loopevent/include",
"//third_party/bounds_checking_function/include",
"//third_party/cJSON",
"//utils/native/lite/include",
@@ -37,17 +37,17 @@ param_build_defines = [
]
action("lite_ohos_param_to") {
- script = "//base/startup/init_lite/scripts/param_cfg_to_code.py"
+ script = "//base/startup/init/scripts/param_cfg_to_code.py"
args = [
"--source",
rebase_path(
- "//base/startup/init_lite/services/etc_lite/param/ohos_const/ohos.para"),
+ "//base/startup/init/services/etc_lite/param/ohos_const/ohos.para"),
"--source",
rebase_path("$ohos_product_adapter_dir/utils/sys_param/vendor.para"),
"--source",
- rebase_path("//base/startup/init_lite/services/etc/param/ohos.para"),
+ rebase_path("//base/startup/init/services/etc/param/ohos.para"),
"--dest_dir",
- rebase_path("$root_out_dir/gen/init_lite/"),
+ rebase_path("$root_out_dir/gen/init/"),
]
outputs = [ "$target_gen_dir/${target_name}_param_cfg_to_code.log" ]
}
@@ -55,32 +55,32 @@ action("lite_ohos_param_to") {
config("exported_header_files") {
visibility = [ ":*" ]
include_dirs = [
- "//base/startup/init_lite/interfaces/innerkits/include",
- "//base/startup/init_lite/interfaces/service/include/param",
- "//base/startup/init_lite/interfaces/service/param/include",
+ "//base/startup/init/interfaces/innerkits/include",
+ "//base/startup/init/interfaces/service/include/param",
+ "//base/startup/init/interfaces/service/param/include",
]
}
base_sources = [
- "//base/startup/init_lite/services/log/init_commlog.c",
- "//base/startup/init_lite/services/param/base/param_base.c",
- "//base/startup/init_lite/services/param/base/param_comm.c",
- "//base/startup/init_lite/services/param/base/param_trie.c",
- "//base/startup/init_lite/services/param/liteos/param_client.c",
- "//base/startup/init_lite/services/param/liteos/param_litedac.c",
- "//base/startup/init_lite/services/param/liteos/param_osadp.c",
- "//base/startup/init_lite/services/param/manager/param_manager.c",
- "//base/startup/init_lite/services/param/manager/param_persist.c",
- "//base/startup/init_lite/services/utils/init_hashmap.c",
- "//base/startup/init_lite/services/utils/list.c",
+ "//base/startup/init/services/log/init_commlog.c",
+ "//base/startup/init/services/param/base/param_base.c",
+ "//base/startup/init/services/param/base/param_comm.c",
+ "//base/startup/init/services/param/base/param_trie.c",
+ "//base/startup/init/services/param/liteos/param_client.c",
+ "//base/startup/init/services/param/liteos/param_litedac.c",
+ "//base/startup/init/services/param/liteos/param_osadp.c",
+ "//base/startup/init/services/param/manager/param_manager.c",
+ "//base/startup/init/services/param/manager/param_persist.c",
+ "//base/startup/init/services/utils/init_hashmap.c",
+ "//base/startup/init/services/utils/list.c",
]
static_library("param_init_lite") {
defines = []
deps = []
sources = [
- "//base/startup/init_lite/services/param/manager/param_manager.c",
- "//base/startup/init_lite/services/param/manager/param_server.c",
+ "//base/startup/init/services/param/manager/param_manager.c",
+ "//base/startup/init/services/param/manager/param_server.c",
]
include_dirs = param_include_dirs
defines += param_build_defines
@@ -88,9 +88,9 @@ static_library("param_init_lite") {
if (ohos_kernel_type == "liteos_a") {
sources += [
- "//base/startup/init_lite/services/param/adapter/param_persistadp.c",
- "//base/startup/init_lite/services/param/liteos/param_service.c",
- "//base/startup/init_lite/services/param/manager/param_persist.c",
+ "//base/startup/init/services/param/adapter/param_persistadp.c",
+ "//base/startup/init/services/param/liteos/param_service.c",
+ "//base/startup/init/services/param/manager/param_persist.c",
]
defines += [
"WORKSPACE_AREA_NEED_MUTEX",
@@ -111,7 +111,7 @@ static_library("param_client_lite") {
if (ohos_kernel_type == "liteos_a") {
sources +=
- [ "//base/startup/init_lite/services/param/adapter/param_persistadp.c" ]
+ [ "//base/startup/init/services/param/adapter/param_persistadp.c" ]
defines += [
"__LITEOS_A__",
"WORKSPACE_AREA_NEED_MUTEX",
@@ -121,9 +121,9 @@ static_library("param_client_lite") {
]
} else if (ohos_kernel_type == "liteos_m") {
sources += [
- "//base/startup/init_lite/services/param/liteos/param_hal.c",
- "//base/startup/init_lite/services/param/liteos/param_service.c",
- "//base/startup/init_lite/services/param/manager/param_server.c",
+ "//base/startup/init/services/param/liteos/param_hal.c",
+ "//base/startup/init/services/param/liteos/param_service.c",
+ "//base/startup/init/services/param/manager/param_server.c",
]
if (enable_ohos_startup_init_lite_use_posix_file_api) {
defines += [ "PARAM_SUPPORT_POSIX" ]
@@ -139,7 +139,7 @@ static_library("param_client_lite") {
}
if (enable_ohos_startup_init_feature_begetctl_liteos) {
deps = [ ":lite_ohos_param_to" ]
- include_dirs += [ "$root_out_dir/gen/init_lite" ]
+ include_dirs += [ "$root_out_dir/gen/init" ]
defines += [ "PARAM_LOAD_CFG_FROM_CODE" ]
}
}
diff --git a/services/param/liteos/param_litedac.c b/services/param/liteos/param_litedac.c
index f1fbd0d145c874ae42dd826c64a7ec15eb8cdf37..29ed5552003efbf99b31be75101bdfe78685d290 100644
--- a/services/param/liteos/param_litedac.c
+++ b/services/param/liteos/param_litedac.c
@@ -52,6 +52,9 @@ static int CheckFilePermission(const ParamSecurityLabel *localLabel, const char
static int DacCheckParamPermission(const ParamSecurityLabel *srcLabel, const char *name, uint32_t mode)
{
+ UNUSED(srcLabel);
+ UNUSED(name);
+ UNUSED(mode);
#if defined(__LITEOS_A__)
uid_t uid = getuid();
return uid <= SYS_UID_INDEX ? DAC_RESULT_PERMISSION : DAC_RESULT_FORBIDED;
diff --git a/services/param/manager/param_manager.c b/services/param/manager/param_manager.c
index 2221b20873c598144c12a25bd1ddc080c510b5e9..f342863d66fa2279dbcf8e5b89b98f193be973d8 100644
--- a/services/param/manager/param_manager.c
+++ b/services/param/manager/param_manager.c
@@ -212,6 +212,7 @@ INIT_INNER_API int SysCheckParamExist(const char *name)
INIT_INNER_API int GetParamSecurityAuditData(const char *name, int type, ParamAuditData *auditData)
{
+ UNUSED(type);
ParamWorkSpace *paramSpace = GetParamWorkSpace();
PARAM_CHECK(paramSpace != NULL, return -1, "Invalid paramSpace");
PARAM_WORKSPACE_CHECK(paramSpace, return -1, "Invalid space");
diff --git a/services/param/manager/param_persist.c b/services/param/manager/param_persist.c
index d7b12d53f3e684836b8d3e8c91e50494fb8b5f6b..4d5b4960cea88668c42b2f3d2c45a21236a71bea 100644
--- a/services/param/manager/param_persist.c
+++ b/services/param/manager/param_persist.c
@@ -14,10 +14,7 @@
*/
#include "param_persist.h"
-#include
-#include
#include
-#include
#include "init_param.h"
#include "init_utils.h"
diff --git a/services/param/manager/param_server.c b/services/param/manager/param_server.c
index 04244bc8a783f9c8c7a9793fe7eab56edd471bfc..5126184363d0a03acfb833d2ded93da1a9b82d80 100755
--- a/services/param/manager/param_server.c
+++ b/services/param/manager/param_server.c
@@ -13,7 +13,6 @@
* limitations under the License.
*/
#include
-#include
#include "param_manager.h"
#include "param_trie.h"
diff --git a/services/param/trigger/trigger_manager.c b/services/param/trigger/trigger_manager.c
index 1eedfbb3df91eb1c179103c3542ea3ad496c3a23..55c0e5fd7767e27d33adb00ba31adbf1d3a2bdd9 100644
--- a/services/param/trigger/trigger_manager.c
+++ b/services/param/trigger/trigger_manager.c
@@ -15,13 +15,8 @@
#include "trigger_manager.h"
-#include
-#include
#include
-#include
-#include
#include
-#include
#include "init_cmds.h"
#include "param_manager.h"
diff --git a/services/param/trigger/trigger_processor.c b/services/param/trigger/trigger_processor.c
index 32dbefdcc51a4c10b39445eecbf24459f358bfd6..50d8be1073f158ab0f87b39ecf187d3db0de9989 100644
--- a/services/param/trigger/trigger_processor.c
+++ b/services/param/trigger/trigger_processor.c
@@ -13,7 +13,6 @@
* limitations under the License.
*/
#include
-#include
#include "init_cmds.h"
#include "init_param.h"
diff --git a/services/param/watcher/BUILD.gn b/services/param/watcher/BUILD.gn
index 5dccf1374cdbfe3bddd58a47bce73f4264396b6b..a4908840f4c5160b6c3f1c10d1161b18e851f57f 100644
--- a/services/param/watcher/BUILD.gn
+++ b/services/param/watcher/BUILD.gn
@@ -20,35 +20,32 @@ ohos_prebuilt_etc("param_watcher.rc") {
ohos_shared_library("param_watcher") {
sources = [
- "//base/startup/init_lite/services/utils/list.c",
+ "//base/startup/init/services/utils/list.c",
"proxy/watcher_manager.cpp",
"proxy/watcher_manager_stub.cpp",
"proxy/watcher_proxy.cpp",
]
include_dirs = [
- "//base/startup/init_lite/services/param/include",
- "//base/startup/init_lite/services/include/param",
- "//base/startup/init_lite/services/param/linux",
- "//base/startup/init_lite/services/param/watcher/proxy",
- "//base/startup/init_lite/services/param/watcher/include",
- "//base/startup/init_lite/services/include",
- "//base/startup/init_lite/services/log",
- "//base/startup/init_lite/interfaces/innerkits/include",
- "//base/startup/init_lite/services/loopevent/include",
+ "//foundation/distributedschedule/samgr/interfaces/innerkits/samgr_proxy/include/",
+ "//base/startup/init/services/param/include",
+ "//base/startup/init/services/include/param",
+ "//base/startup/init/services/param/linux",
+ "//base/startup/init/services/param/watcher/proxy",
+ "//base/startup/init/services/param/watcher/include",
+ "//base/startup/init/services/include",
+ "//base/startup/init/services/log",
+ "//base/startup/init/interfaces/innerkits/include",
+ "//base/startup/init/services/loopevent/include",
"//third_party/cJSON",
]
- deps = [
- "//base/startup/init_lite/interfaces/innerkits:libbegetutil",
- "//third_party/bounds_checking_function:libsec_shared",
- ]
+ deps = [ "//base/startup/init/interfaces/innerkits:libbegetutil" ]
external_deps = [
+ "c_utils:utils",
"ipc:ipc_core",
"safwk:system_ability_fwk",
- "samgr_standard:samgr_proxy",
- "utils_base:utils",
]
install_images = [ "system" ]
part_name = "init"
diff --git a/services/param/watcher/agent/watcher.cpp b/services/param/watcher/agent/watcher.cpp
index 2f5ff49db3eb4ae7f49df2467fd33efdda210fe1..a57fc6e4b665c40992514f6781c1e3469605dbab 100644
--- a/services/param/watcher/agent/watcher.cpp
+++ b/services/param/watcher/agent/watcher.cpp
@@ -13,10 +13,6 @@
* limitations under the License.
*/
#include "watcher.h"
-
-#include "iservice_registry.h"
-#include "securec.h"
-#include "system_ability_definition.h"
#include "watcher_utils.h"
namespace OHOS {
diff --git a/services/param/watcher/proxy/watcher_manager.cpp b/services/param/watcher/proxy/watcher_manager.cpp
index ff39252706492a7af38bbd56776c90c1cbee3421..b84c1a588a2c3545bb98e35565ea660800d33a69 100644
--- a/services/param/watcher/proxy/watcher_manager.cpp
+++ b/services/param/watcher/proxy/watcher_manager.cpp
@@ -296,7 +296,7 @@ int WatcherManager::GetServerFd(bool retry)
serverFd_ = socket(PF_UNIX, SOCK_STREAM, 0);
int flags = fcntl(serverFd_, F_GETFL, 0);
(void)fcntl(serverFd_, F_SETFL, flags & ~O_NONBLOCK);
- ret = ConntectServer(serverFd_, CLIENT_PIPE_NAME);
+ ret = ConnectServer(serverFd_, CLIENT_PIPE_NAME);
if (ret == 0) {
break;
}
diff --git a/services/utils/BUILD.gn b/services/utils/BUILD.gn
index b6cf39758edb354e769f345b4f25ed9a14bef35a..e120147c3065972e9c51f2896d9d95dda36d0b49 100755
--- a/services/utils/BUILD.gn
+++ b/services/utils/BUILD.gn
@@ -14,8 +14,8 @@
config("exported_header_files") {
visibility = [ ":*" ]
include_dirs = [
- "//base/startup/init_lite/services/include",
- "//base/startup/init_lite/services/log",
+ "//base/startup/init/services/include",
+ "//base/startup/init/services/log",
]
}
@@ -24,7 +24,7 @@ if (defined(ohos_lite)) {
sources = [ "init_utils.c" ]
public_configs = [ ":exported_header_files" ]
include_dirs = [
- "//base/startup/init_lite/interfaces/innerkits/include",
+ "//base/startup/init/interfaces/innerkits/include",
"//third_party/bounds_checking_function/include",
]
defines = [
@@ -38,7 +38,7 @@ if (defined(ohos_lite)) {
sources = [ "init_utils.c" ]
public_configs = [ ":exported_header_files" ]
include_dirs = [
- "//base/startup/init_lite/interfaces/innerkits/include",
+ "//base/startup/init/interfaces/innerkits/include",
"//third_party/bounds_checking_function/include",
]
defines = [ "_GNU_SOURCE" ]
diff --git a/services/utils/init_utils.c b/services/utils/init_utils.c
index 3a7563a53f6a2937215720667a506c1099a3ae85..1c5ebead5559cc775f4ccfd2636227823c35eaa1 100644
--- a/services/utils/init_utils.c
+++ b/services/utils/init_utils.c
@@ -25,8 +25,6 @@
#include
#include
#include
-#include
-#include
#include
#include "init_log.h"
@@ -287,7 +285,7 @@ char **SplitStringExt(char *buffer, const char *del, int *returnCount, int maxIt
INIT_LOGV("Too many items,expand size");
char **expand = (char **)(realloc(items, sizeof(char *) * itemCounts));
INIT_ERROR_CHECK(expand != NULL, FreeStringVector(items, count);
- return NULL, "Failed to expand memory for uevent config parser");
+ return NULL, "Failed to expand memory");
items = expand;
}
size_t len = strlen(p);
@@ -596,3 +594,23 @@ INIT_LOCAL_API int StringToULL(const char *str, unsigned long long int *out)
BEGET_CHECK(*end == '\0', return -1);
return 0;
}
+
+void TrimTail(char *str, char c)
+{
+ char *end = str + strlen(str) - 1;
+ while (end >= str && *end == c) {
+ *end = '\0';
+ end--;
+ }
+}
+
+char *TrimHead(char *str, char c)
+{
+ char *head = str;
+ const char *end = str + strlen(str);
+ while (head < end && *head == c) {
+ *head = '\0';
+ head++;
+ }
+ return head;
+}
diff --git a/services/utils/list.c b/services/utils/list.c
index 227f88c451d98e854706bc633a135fe11a4c9520..7f5dd90db60338955568717233f2500695fc8cf7 100644
--- a/services/utils/list.c
+++ b/services/utils/list.c
@@ -17,7 +17,6 @@
#include
#include
-#include
/**
* @brief Initialize a double-linked list head
diff --git a/test/BUILD.gn b/test/BUILD.gn
index e80d52fdabade4a4e70bce309c190d6c2263d553..32f5590f7c01ed1dda0905aab20748279cca2a92 100644
--- a/test/BUILD.gn
+++ b/test/BUILD.gn
@@ -10,7 +10,7 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-import("//base/startup/init_lite/begetd.gni")
+import("//base/startup/init/begetd.gni")
group("testgroup") {
testonly = true
diff --git a/test/exec_test/BUILD.gn b/test/exec_test/BUILD.gn
index 28b9859c9432489ab47b89ce1975b8deee349d7c..c275d3c1d2528a959cc8122c884b504d50bfbba4 100644
--- a/test/exec_test/BUILD.gn
+++ b/test/exec_test/BUILD.gn
@@ -11,18 +11,18 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-import("//base/startup/init_lite/begetd.gni")
+import("//base/startup/init/begetd.gni")
import("//build/ohos.gni")
ohos_executable("client") {
sources = [ "client.c" ]
include_dirs = [
- "//base/startup/init_lite/services/log",
- "//base/startup/init_lite/interfaces/innerkits/include",
+ "//base/startup/init/services/log",
+ "//base/startup/init/interfaces/innerkits/include",
"//third_party/bounds_checking_function/include",
]
deps = [
- "//base/startup/init_lite/interfaces/innerkits:libbegetutil",
+ "//base/startup/init/interfaces/innerkits:libbegetutil",
"//third_party/bounds_checking_function:libsec_static",
]
install_images = [ "system" ]
@@ -35,9 +35,9 @@ ohos_executable("fd_holder_test") {
defines = [ "INIT_AGENT" ]
- deps = [ "//base/startup/init_lite/interfaces/innerkits:libbegetutil" ]
+ deps = [ "//base/startup/init/interfaces/innerkits:libbegetutil" ]
- include_dirs = [ "//base/startup/init_lite/interfaces/innerkits/include" ]
+ include_dirs = [ "//base/startup/init/interfaces/innerkits/include" ]
install_images = [ "system" ]
install_enable = true
@@ -46,7 +46,7 @@ ohos_executable("fd_holder_test") {
}
ohos_prebuilt_etc("fd_holder_test.cfg") {
- source = "//base/startup/init_lite/test/exec_test/fd_holder_test.cfg"
+ source = "//base/startup/init/test/exec_test/fd_holder_test.cfg"
part_name = "init"
module_install_dir = "etc/init"
}
@@ -54,12 +54,12 @@ ohos_prebuilt_etc("fd_holder_test.cfg") {
ohos_executable("server") {
sources = [ "server.c" ]
include_dirs = [
- "//base/startup/init_lite/services/log",
- "//base/startup/init_lite/interfaces/innerkits/include",
+ "//base/startup/init/services/log",
+ "//base/startup/init/interfaces/innerkits/include",
"//third_party/bounds_checking_function/include",
]
deps = [
- "//base/startup/init_lite/interfaces/innerkits:libbegetutil",
+ "//base/startup/init/interfaces/innerkits:libbegetutil",
"//third_party/bounds_checking_function:libsec_static",
]
install_images = [ "system" ]
@@ -71,10 +71,10 @@ ohos_executable("ondemandTest") {
sources = [ "sa_service_ondemand_test.cpp" ]
external_deps = [
+ "c_utils:utils",
"ipc:ipc_core",
"safwk:system_ability_fwk",
"samgr_standard:samgr_proxy",
- "utils_base:utils",
]
install_images = [ "system" ]
diff --git a/test/fuzztest/BUILD.gn b/test/fuzztest/BUILD.gn
index fa196f6202f49b2e5e7961b2237f4b61526716e2..8313b3966fde3521c73ae21b52ffc80d4d896e19 100644
--- a/test/fuzztest/BUILD.gn
+++ b/test/fuzztest/BUILD.gn
@@ -20,7 +20,7 @@ import("//build/test.gni")
ohos_static_library("libfuzz_utils") {
sources = [ "utils/fuzz_utils.cpp" ]
- include_dirs = [ "//base/startup/init_lite/test/fuzztest/utils/include" ]
+ include_dirs = [ "//base/startup/init/test/fuzztest/utils/include" ]
deps = []
part_name = "init"
@@ -29,15 +29,15 @@ ohos_static_library("libfuzz_utils") {
##############################fuzztest##########################################
ohos_fuzztest("DoRebootFuzzTest") {
module_out_path = module_output_path
- fuzz_config_file = "//base/startup/init_lite/test/fuzztest/doreboot_fuzzer"
+ fuzz_config_file = "//base/startup/init/test/fuzztest/doreboot_fuzzer"
include_dirs = [
- "//base/startup/init_lite/interfaces/innerkits/include",
- "//base/startup/init_lite/test/fuzztest/utils/include",
+ "//base/startup/init/interfaces/innerkits/include",
+ "//base/startup/init/test/fuzztest/utils/include",
]
deps = [
- "//base/startup/init_lite/interfaces/innerkits:libbegetutil",
+ "//base/startup/init/interfaces/innerkits:libbegetutil",
"//third_party/bounds_checking_function:libsec_static",
]
@@ -54,16 +54,15 @@ ohos_fuzztest("DoRebootFuzzTest") {
ohos_fuzztest("GetControlFileFuzzTest") {
module_out_path = module_output_path
- fuzz_config_file =
- "//base/startup/init_lite/test/fuzztest/getcontrolfile_fuzzer"
+ fuzz_config_file = "//base/startup/init/test/fuzztest/getcontrolfile_fuzzer"
include_dirs = [
- "//base/startup/init_lite/interfaces/innerkits/include",
- "//base/startup/init_lite/test/fuzztest/utils/include",
+ "//base/startup/init/interfaces/innerkits/include",
+ "//base/startup/init/test/fuzztest/utils/include",
]
deps = [
- "//base/startup/init_lite/interfaces/innerkits:libbegetutil",
+ "//base/startup/init/interfaces/innerkits:libbegetutil",
"//third_party/bounds_checking_function:libsec_static",
]
@@ -80,17 +79,16 @@ ohos_fuzztest("GetControlFileFuzzTest") {
ohos_fuzztest("GetControlSocketFuzzTest") {
module_out_path = module_output_path
- fuzz_config_file =
- "//base/startup/init_lite/test/fuzztest/getcontrolsocket_fuzzer"
+ fuzz_config_file = "//base/startup/init/test/fuzztest/getcontrolsocket_fuzzer"
include_dirs = [
- "//base/startup/init_lite/interfaces/innerkits/include",
- "//base/startup/init_lite/test/fuzztest/utils/include",
+ "//base/startup/init/interfaces/innerkits/include",
+ "//base/startup/init/test/fuzztest/utils/include",
]
deps = [
- "//base/startup/init_lite/interfaces/innerkits:libbegetutil",
- "//base/startup/init_lite/services/log:init_log",
+ "//base/startup/init/interfaces/innerkits:libbegetutil",
+ "//base/startup/init/services/log:init_log",
"//third_party/bounds_checking_function:libsec_static",
]
@@ -107,17 +105,16 @@ ohos_fuzztest("GetControlSocketFuzzTest") {
ohos_fuzztest("MountAllFstabFuzzTest") {
module_out_path = module_output_path
- fuzz_config_file =
- "//base/startup/init_lite/test/fuzztest/mountallfstab_fuzzer"
+ fuzz_config_file = "//base/startup/init/test/fuzztest/mountallfstab_fuzzer"
include_dirs = [
- "//base/startup/init_lite/interfaces/innerkits/include",
- "//base/startup/init_lite/test/fuzztest/utils/include",
+ "//base/startup/init/interfaces/innerkits/include",
+ "//base/startup/init/test/fuzztest/utils/include",
]
deps = [
- "//base/startup/init_lite/interfaces/innerkits:libbegetutil",
- "//base/startup/init_lite/test/fuzztest:libfuzz_utils",
+ "//base/startup/init/interfaces/innerkits:libbegetutil",
+ "//base/startup/init/test/fuzztest:libfuzz_utils",
"//third_party/bounds_checking_function:libsec_static",
]
@@ -134,17 +131,16 @@ ohos_fuzztest("MountAllFstabFuzzTest") {
ohos_fuzztest("ReadFileInDirFuzzTest") {
module_out_path = module_output_path
- fuzz_config_file =
- "//base/startup/init_lite/test/fuzztest/readfileindir_fuzzer"
+ fuzz_config_file = "//base/startup/init/test/fuzztest/readfileindir_fuzzer"
include_dirs = [
- "//base/startup/init_lite/services/init/include",
- "//base/startup/init_lite/services/include",
- "//base/startup/init_lite/test/fuzztest/utils/include",
+ "//base/startup/init/services/init/include",
+ "//base/startup/init/services/include",
+ "//base/startup/init/test/fuzztest/utils/include",
]
deps = [
- "//base/startup/init_lite/interfaces/innerkits:libbegetutil",
+ "//base/startup/init/interfaces/innerkits:libbegetutil",
"//third_party/bounds_checking_function:libsec_static",
]
@@ -162,13 +158,13 @@ ohos_fuzztest("ReadFileInDirFuzzTest") {
ohos_fuzztest("ServiceControlStartFuzzTest") {
module_out_path = module_output_path
fuzz_config_file =
- "//base/startup/init_lite/test/fuzztest/servicecontrolstart_fuzzer"
+ "//base/startup/init/test/fuzztest/servicecontrolstart_fuzzer"
include_dirs = [
- "//base/startup/init_lite/interfaces/innerkits/include",
- "//base/startup/init_lite/test/fuzztest/utils/include",
+ "//base/startup/init/interfaces/innerkits/include",
+ "//base/startup/init/test/fuzztest/utils/include",
]
- deps = [ "//base/startup/init_lite/interfaces/innerkits:libbegetutil" ]
+ deps = [ "//base/startup/init/interfaces/innerkits:libbegetutil" ]
external_deps = [ "hiviewdfx_hilog_native:libhilog" ]
cflags = [
@@ -185,13 +181,13 @@ ohos_fuzztest("ServiceControlStartFuzzTest") {
ohos_fuzztest("ServiceControlStopFuzzTest") {
module_out_path = module_output_path
fuzz_config_file =
- "//base/startup/init_lite/test/fuzztest/servicecontrolstop_fuzzer"
+ "//base/startup/init/test/fuzztest/servicecontrolstop_fuzzer"
include_dirs = [
- "//base/startup/init_lite/interfaces/innerkits/include",
- "//base/startup/init_lite/test/fuzztest/utils/include",
+ "//base/startup/init/interfaces/innerkits/include",
+ "//base/startup/init/test/fuzztest/utils/include",
]
- deps = [ "//base/startup/init_lite/interfaces/innerkits:libbegetutil" ]
+ deps = [ "//base/startup/init/interfaces/innerkits:libbegetutil" ]
external_deps = [ "hiviewdfx_hilog_native:libhilog" ]
cflags = [
@@ -208,16 +204,16 @@ ohos_fuzztest("ServiceControlStopFuzzTest") {
ohos_fuzztest("SystemDumpParametersFuzzTest") {
module_out_path = module_output_path
fuzz_config_file =
- "//base/startup/init_lite/test/fuzztest/systemdumpparameters_fuzzer"
+ "//base/startup/init/test/fuzztest/systemdumpparameters_fuzzer"
include_dirs = [
- "//base/startup/init_lite/services/include/param",
- "//base/startup/init_lite/test/fuzztest/utils/include",
+ "//base/startup/init/services/include/param",
+ "//base/startup/init/test/fuzztest/utils/include",
]
deps = [
- "//base/startup/init_lite/interfaces/innerkits:libbegetutil",
- "//base/startup/init_lite/test/fuzztest:libfuzz_utils",
+ "//base/startup/init/interfaces/innerkits:libbegetutil",
+ "//base/startup/init/test/fuzztest:libfuzz_utils",
"//third_party/bounds_checking_function:libsec_static",
]
external_deps = [ "hiviewdfx_hilog_native:libhilog" ]
@@ -236,15 +232,15 @@ ohos_fuzztest("SystemDumpParametersFuzzTest") {
ohos_fuzztest("SystemFindParameterFuzzTest") {
module_out_path = module_output_path
fuzz_config_file =
- "//base/startup/init_lite/test/fuzztest/systemfindparameter_fuzzer"
+ "//base/startup/init/test/fuzztest/systemfindparameter_fuzzer"
include_dirs = [
- "//base/startup/init_lite/services/include/param",
- "//base/startup/init_lite/test/fuzztest/utils/include",
+ "//base/startup/init/services/include/param",
+ "//base/startup/init/test/fuzztest/utils/include",
]
deps = [
- "//base/startup/init_lite/interfaces/innerkits:libbegetutil",
+ "//base/startup/init/interfaces/innerkits:libbegetutil",
"//third_party/bounds_checking_function:libsec_static",
]
external_deps = [ "hiviewdfx_hilog_native:libhilog" ]
@@ -263,15 +259,15 @@ ohos_fuzztest("SystemFindParameterFuzzTest") {
ohos_fuzztest("SystemGetParameterFuzzTest") {
module_out_path = module_output_path
fuzz_config_file =
- "//base/startup/init_lite/test/fuzztest/systemgetparameter_fuzzer"
+ "//base/startup/init/test/fuzztest/systemgetparameter_fuzzer"
include_dirs = [
- "//base/startup/init_lite/services/include/param",
- "//base/startup/init_lite/test/fuzztest/utils/include",
+ "//base/startup/init/services/include/param",
+ "//base/startup/init/test/fuzztest/utils/include",
]
deps = [
- "//base/startup/init_lite/interfaces/innerkits:libbegetutil",
+ "//base/startup/init/interfaces/innerkits:libbegetutil",
"//third_party/bounds_checking_function:libsec_static",
]
external_deps = [ "hiviewdfx_hilog_native:libhilog" ]
@@ -290,15 +286,15 @@ ohos_fuzztest("SystemGetParameterFuzzTest") {
ohos_fuzztest("SystemGetParameterCommitIdFuzzTest") {
module_out_path = module_output_path
fuzz_config_file =
- "//base/startup/init_lite/test/fuzztest/systemgetparametercommitid_fuzzer"
+ "//base/startup/init/test/fuzztest/systemgetparametercommitid_fuzzer"
include_dirs = [
- "//base/startup/init_lite/services/include/param",
- "//base/startup/init_lite/test/fuzztest/utils/include",
+ "//base/startup/init/services/include/param",
+ "//base/startup/init/test/fuzztest/utils/include",
]
deps = [
- "//base/startup/init_lite/interfaces/innerkits:libbegetutil",
+ "//base/startup/init/interfaces/innerkits:libbegetutil",
"//third_party/bounds_checking_function:libsec_static",
]
external_deps = [ "hiviewdfx_hilog_native:libhilog" ]
@@ -319,15 +315,15 @@ ohos_fuzztest("SystemGetParameterCommitIdFuzzTest") {
ohos_fuzztest("SystemGetParameterNameFuzzTest") {
module_out_path = module_output_path
fuzz_config_file =
- "//base/startup/init_lite/test/fuzztest/systemgetparametername_fuzzer"
+ "//base/startup/init/test/fuzztest/systemgetparametername_fuzzer"
include_dirs = [
- "//base/startup/init_lite/services/include/param",
- "//base/startup/init_lite/test/fuzztest/utils/include",
+ "//base/startup/init/services/include/param",
+ "//base/startup/init/test/fuzztest/utils/include",
]
deps = [
- "//base/startup/init_lite/interfaces/innerkits:libbegetutil",
+ "//base/startup/init/interfaces/innerkits:libbegetutil",
"//third_party/bounds_checking_function:libsec_static",
]
external_deps = [ "hiviewdfx_hilog_native:libhilog" ]
@@ -347,15 +343,15 @@ ohos_fuzztest("SystemGetParameterNameFuzzTest") {
ohos_fuzztest("SystemGetParameterValueFuzzTest") {
module_out_path = module_output_path
fuzz_config_file =
- "//base/startup/init_lite/test/fuzztest/systemgetparametervalue_fuzzer"
+ "//base/startup/init/test/fuzztest/systemgetparametervalue_fuzzer"
include_dirs = [
- "//base/startup/init_lite/services/include/param",
- "//base/startup/init_lite/test/fuzztest/utils/include",
+ "//base/startup/init/services/include/param",
+ "//base/startup/init/test/fuzztest/utils/include",
]
deps = [
- "//base/startup/init_lite/interfaces/innerkits:libbegetutil",
+ "//base/startup/init/interfaces/innerkits:libbegetutil",
"//third_party/bounds_checking_function:libsec_static",
]
external_deps = [ "hiviewdfx_hilog_native:libhilog" ]
@@ -375,15 +371,15 @@ ohos_fuzztest("SystemGetParameterValueFuzzTest") {
ohos_fuzztest("SystemSetParameterFuzzTest") {
module_out_path = module_output_path
fuzz_config_file =
- "//base/startup/init_lite/test/fuzztest/systemsetparameter_fuzzer"
+ "//base/startup/init/test/fuzztest/systemsetparameter_fuzzer"
include_dirs = [
- "//base/startup/init_lite/services/include/param",
- "//base/startup/init_lite/test/fuzztest/utils/include",
+ "//base/startup/init/services/include/param",
+ "//base/startup/init/test/fuzztest/utils/include",
]
deps = [
- "//base/startup/init_lite/interfaces/innerkits:libbegetutil",
+ "//base/startup/init/interfaces/innerkits:libbegetutil",
"//third_party/bounds_checking_function:libsec_static",
]
external_deps = [ "hiviewdfx_hilog_native:libhilog" ]
@@ -402,18 +398,18 @@ ohos_fuzztest("SystemSetParameterFuzzTest") {
ohos_fuzztest("SystemTraversalParameterFuzzTest") {
module_out_path = module_output_path
fuzz_config_file =
- "//base/startup/init_lite/test/fuzztest/systemtraversalparameter_fuzzer"
+ "//base/startup/init/test/fuzztest/systemtraversalparameter_fuzzer"
include_dirs = [
- "//base/startup/init_lite/services/include/param",
- "//base/startup/init_lite/services/init/include",
- "//base/startup/init_lite/test/fuzztest/utils/include",
+ "//base/startup/init/services/include/param",
+ "//base/startup/init/services/init/include",
+ "//base/startup/init/test/fuzztest/utils/include",
"//third_party/bounds_checking_function/include",
]
deps = [
- "//base/startup/init_lite/interfaces/innerkits:libbegetutil",
- "//base/startup/init_lite/test/fuzztest:libfuzz_utils",
+ "//base/startup/init/interfaces/innerkits:libbegetutil",
+ "//base/startup/init/test/fuzztest:libfuzz_utils",
"//third_party/bounds_checking_function:libsec_static",
]
external_deps = [ "hiviewdfx_hilog_native:libhilog" ]
@@ -433,15 +429,15 @@ ohos_fuzztest("SystemTraversalParameterFuzzTest") {
ohos_fuzztest("SystemWaitParameterFuzzTest") {
module_out_path = module_output_path
fuzz_config_file =
- "//base/startup/init_lite/test/fuzztest/systemwaitparameter_fuzzer"
+ "//base/startup/init/test/fuzztest/systemwaitparameter_fuzzer"
include_dirs = [
- "//base/startup/init_lite/services/include/param",
- "//base/startup/init_lite/test/fuzztest/utils/include",
+ "//base/startup/init/services/include/param",
+ "//base/startup/init/test/fuzztest/utils/include",
]
deps = [
- "//base/startup/init_lite/interfaces/innerkits:libbegetutil",
+ "//base/startup/init/interfaces/innerkits:libbegetutil",
"//third_party/bounds_checking_function:libsec_static",
]
external_deps = [ "hiviewdfx_hilog_native:libhilog" ]
@@ -460,22 +456,22 @@ ohos_fuzztest("SystemWaitParameterFuzzTest") {
ohos_fuzztest("SystemWatchParameterFuzzTest") {
module_out_path = module_output_path
fuzz_config_file =
- "//base/startup/init_lite/test/fuzztest/systemwatchparameter_fuzzer"
+ "//base/startup/init/test/fuzztest/systemwatchparameter_fuzzer"
include_dirs = [
- "//base/startup/init_lite/services/include/param",
- "//base/startup/init_lite/services/init/include",
- "//base/startup/init_lite/test/fuzztest/utils/include",
+ "//base/startup/init/services/include/param",
+ "//base/startup/init/services/init/include",
+ "//base/startup/init/test/fuzztest/utils/include",
]
deps = [
- "//base/startup/init_lite/interfaces/innerkits:libbeget_proxy",
- "//base/startup/init_lite/interfaces/innerkits:libbegetutil",
+ "//base/startup/init/interfaces/innerkits:libbeget_proxy",
+ "//base/startup/init/interfaces/innerkits:libbegetutil",
"//third_party/bounds_checking_function:libsec_static",
- "//utils/native/base:utils",
]
external_deps = [
+ "c_utils:utils",
"hiviewdfx_hilog_native:libhilog",
"ipc:ipc_core",
"safwk:system_ability_fwk",
@@ -495,17 +491,16 @@ ohos_fuzztest("SystemWatchParameterFuzzTest") {
ohos_fuzztest("UmountAllFstabFuzzTest") {
module_out_path = module_output_path
- fuzz_config_file =
- "//base/startup/init_lite/test/fuzztest/umountallfstab_fuzzer"
+ fuzz_config_file = "//base/startup/init/test/fuzztest/umountallfstab_fuzzer"
include_dirs = [
- "//base/startup/init_lite/interfaces/innerkits/include",
- "//base/startup/init_lite/test/fuzztest/utils/include",
+ "//base/startup/init/interfaces/innerkits/include",
+ "//base/startup/init/test/fuzztest/utils/include",
]
deps = [
- "//base/startup/init_lite/interfaces/innerkits:libbegetutil",
- "//base/startup/init_lite/test/fuzztest:libfuzz_utils",
+ "//base/startup/init/interfaces/innerkits:libbegetutil",
+ "//base/startup/init/test/fuzztest:libfuzz_utils",
"//third_party/bounds_checking_function:libsec_static",
]
diff --git a/test/moduletest/BUILD.gn b/test/moduletest/BUILD.gn
index 492102c05cf089caa04ba4d2853c8c165df920e2..a46c696464099d23fb361ffde30ad389ce43f273 100755
--- a/test/moduletest/BUILD.gn
+++ b/test/moduletest/BUILD.gn
@@ -11,27 +11,27 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-import("//base/startup/init_lite/begetd.gni")
+import("//base/startup/init/begetd.gni")
import("//build/ohos.gni")
ohos_shared_library("libparamtestmodule") {
sources = [ "param_test_module.c" ]
include_dirs = [
- "//base/startup/init_lite/services/include/param",
- "//base/startup/init_lite/services/include",
- "//base/startup/init_lite/services/init/include",
- "//base/startup/init_lite/services/log",
- "//base/startup/init_lite/interfaces/innerkits/include",
- "//base/startup/init_lite/services/loopevent/include",
- "//base/startup/init_lite/ueventd/include",
+ "//base/startup/init/services/include/param",
+ "//base/startup/init/services/include",
+ "//base/startup/init/services/init/include",
+ "//base/startup/init/services/log",
+ "//base/startup/init/interfaces/innerkits/include",
+ "//base/startup/init/services/loopevent/include",
+ "//base/startup/init/ueventd/include",
"//third_party/cJSON",
"//third_party/bounds_checking_function/include",
]
deps = [
- "//base/startup/init_lite/interfaces/innerkits:libbegetutil",
- "//base/startup/init_lite/services/log:agent_log",
+ "//base/startup/init/interfaces/innerkits:libbegetutil",
+ "//base/startup/init/services/log:agent_log",
"//third_party/bounds_checking_function:libsec_shared",
]
diff --git a/test/moduletest/param_test_module.c b/test/moduletest/param_test_module.c
index 64705a975a19a52aebe3aefe60dea097e0720671..37993b1eb7dd69334a58b0cf07806a92a6a25498 100644
--- a/test/moduletest/param_test_module.c
+++ b/test/moduletest/param_test_module.c
@@ -15,7 +15,6 @@
#include
#include
#include
-#include
#include
#include "init_param.h"
diff --git a/test/moduletest/syspara.cpp b/test/moduletest/syspara.cpp
index e9186d9f9797fd0bfe6e46d176b623b6c3d516d4..bc040457bb37b6a4f9b7e183039f29fc1511052f 100644
--- a/test/moduletest/syspara.cpp
+++ b/test/moduletest/syspara.cpp
@@ -14,7 +14,6 @@
*/
#include
-#include
#include
#include "begetctl.h"
diff --git a/test/unittest/BUILD.gn b/test/unittest/BUILD.gn
index ab97ffa121741d46b8a5e3a43cab7752726734bb..a837aa57c66086dc90ec26b462893a22f41cf342 100755
--- a/test/unittest/BUILD.gn
+++ b/test/unittest/BUILD.gn
@@ -10,7 +10,7 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-import("//base/startup/init_lite/begetd.gni")
+import("//base/startup/init/begetd.gni")
import("//build/test.gni")
config("utest_config") {
@@ -30,95 +30,104 @@ config("utest_config") {
ldflags = [ "--coverage" ]
}
+FSCRYPT_PATH =
+ "//foundation/filemanagement/storage_service/services/storage_daemon"
+
ohos_unittest("init_unittest") {
module_out_path = "startup/init"
sources = [
- "//base/startup/init_lite/device_info/device_info.cpp",
- "//base/startup/init_lite/device_info/device_info_stub.cpp",
- "//base/startup/init_lite/interfaces/innerkits/file/init_file.c",
- "//base/startup/init_lite/interfaces/innerkits/fs_manager/fstab.c",
- "//base/startup/init_lite/interfaces/innerkits/fs_manager/fstab_mount.c",
- "//base/startup/init_lite/interfaces/innerkits/reboot/init_reboot_innerkits.c",
- "//base/startup/init_lite/interfaces/innerkits/sandbox/sandbox.c",
- "//base/startup/init_lite/interfaces/innerkits/sandbox/sandbox_namespace.c",
- "//base/startup/init_lite/interfaces/innerkits/socket/init_socket.c",
- "//base/startup/init_lite/interfaces/innerkits/syspara/param_comm.c",
- "//base/startup/init_lite/interfaces/innerkits/syspara/parameter.c",
- "//base/startup/init_lite/interfaces/innerkits/syspara/sysversion.c",
- "//base/startup/init_lite/services/begetctl/param_cmd.c",
- "//base/startup/init_lite/services/begetctl/shell/shell_bas.c",
- "//base/startup/init_lite/services/begetctl/shell/shell_main.c",
- "//base/startup/init_lite/services/init/adapter/init_adapter.c",
- "//base/startup/init_lite/services/init/init_capability.c",
- "//base/startup/init_lite/services/init/init_common_cmds.c",
- "//base/startup/init_lite/services/init/init_common_service.c",
- "//base/startup/init_lite/services/init/init_config.c",
- "//base/startup/init_lite/services/init/init_group_manager.c",
- "//base/startup/init_lite/services/init/init_service_file.c",
- "//base/startup/init_lite/services/init/init_service_manager.c",
- "//base/startup/init_lite/services/init/init_service_socket.c",
- "//base/startup/init_lite/services/init/standard/device.c",
- "//base/startup/init_lite/services/init/standard/init.c",
- "//base/startup/init_lite/services/init/standard/init_cmdexecutor.c",
- "//base/startup/init_lite/services/init/standard/init_cmds.c",
- "//base/startup/init_lite/services/init/standard/init_jobs.c",
- "//base/startup/init_lite/services/init/standard/init_mount.c",
- "//base/startup/init_lite/services/init/standard/init_reboot.c",
- "//base/startup/init_lite/services/init/standard/init_service.c",
- "//base/startup/init_lite/services/init/standard/init_signal_handler.c",
- "//base/startup/init_lite/services/log/init_commlog.c",
- "//base/startup/init_lite/services/log/init_log.c",
- "//base/startup/init_lite/services/loopevent/loop/le_epoll.c",
- "//base/startup/init_lite/services/loopevent/loop/le_loop.c",
- "//base/startup/init_lite/services/loopevent/signal/le_signal.c",
- "//base/startup/init_lite/services/loopevent/socket/le_socket.c",
- "//base/startup/init_lite/services/loopevent/task/le_asynctask.c",
- "//base/startup/init_lite/services/loopevent/task/le_streamtask.c",
- "//base/startup/init_lite/services/loopevent/task/le_task.c",
- "//base/startup/init_lite/services/loopevent/task/le_watchtask.c",
- "//base/startup/init_lite/services/loopevent/timer/le_timer.c",
- "//base/startup/init_lite/services/loopevent/utils/le_utils.c",
- "//base/startup/init_lite/services/param/adapter/param_dac.c",
- "//base/startup/init_lite/services/param/adapter/param_persistadp.c",
- "//base/startup/init_lite/services/param/base/param_base.c",
- "//base/startup/init_lite/services/param/base/param_comm.c",
- "//base/startup/init_lite/services/param/base/param_trie.c",
- "//base/startup/init_lite/services/param/linux/param_message.c",
- "//base/startup/init_lite/services/param/linux/param_msgadp.c",
- "//base/startup/init_lite/services/param/linux/param_osadp.c",
- "//base/startup/init_lite/services/param/linux/param_request.c",
- "//base/startup/init_lite/services/param/linux/param_service.c",
- "//base/startup/init_lite/services/param/manager/param_manager.c",
- "//base/startup/init_lite/services/param/manager/param_persist.c",
- "//base/startup/init_lite/services/param/manager/param_server.c",
- "//base/startup/init_lite/services/param/trigger/trigger_checker.c",
- "//base/startup/init_lite/services/param/trigger/trigger_manager.c",
- "//base/startup/init_lite/services/param/trigger/trigger_processor.c",
- "//base/startup/init_lite/services/utils/init_hashmap.c",
- "//base/startup/init_lite/services/utils/init_utils.c",
- "//base/startup/init_lite/services/utils/list.c",
- "//base/startup/init_lite/ueventd/standard/ueventd_parameter.c",
- "//base/startup/init_lite/ueventd/ueventd.c",
- "//base/startup/init_lite/ueventd/ueventd_device_handler.c",
- "//base/startup/init_lite/ueventd/ueventd_firmware_handler.c",
- "//base/startup/init_lite/ueventd/ueventd_read_cfg.c",
- "//base/startup/init_lite/ueventd/ueventd_socket.c",
+ "//base/startup/init/device_info/device_info.cpp",
+ "//base/startup/init/device_info/device_info_stub.cpp",
+ "//base/startup/init/interfaces/innerkits/file/init_file.c",
+ "//base/startup/init/interfaces/innerkits/fs_manager/fstab.c",
+ "//base/startup/init/interfaces/innerkits/fs_manager/fstab_mount.c",
+ "//base/startup/init/interfaces/innerkits/reboot/init_reboot_innerkits.c",
+ "//base/startup/init/interfaces/innerkits/sandbox/sandbox.c",
+ "//base/startup/init/interfaces/innerkits/sandbox/sandbox_namespace.c",
+ "//base/startup/init/interfaces/innerkits/socket/init_socket.c",
+ "//base/startup/init/interfaces/innerkits/syspara/param_comm.c",
+ "//base/startup/init/interfaces/innerkits/syspara/parameter.c",
+ "//base/startup/init/interfaces/innerkits/syspara/sysversion.c",
+ "//base/startup/init/services/begetctl/param_cmd.c",
+ "//base/startup/init/services/begetctl/shell/shell_bas.c",
+ "//base/startup/init/services/begetctl/shell/shell_main.c",
+ "//base/startup/init/services/init/adapter/init_adapter.c",
+ "//base/startup/init/services/init/init_capability.c",
+ "//base/startup/init/services/init/init_common_cmds.c",
+ "//base/startup/init/services/init/init_common_service.c",
+ "//base/startup/init/services/init/init_config.c",
+ "//base/startup/init/services/init/init_group_manager.c",
+ "//base/startup/init/services/init/init_service_file.c",
+ "//base/startup/init/services/init/init_service_manager.c",
+ "//base/startup/init/services/init/init_service_socket.c",
+ "//base/startup/init/services/init/standard/device.c",
+ "//base/startup/init/services/init/standard/init.c",
+ "//base/startup/init/services/init/standard/init_cmdexecutor.c",
+ "//base/startup/init/services/init/standard/init_cmds.c",
+ "//base/startup/init/services/init/standard/init_jobs.c",
+ "//base/startup/init/services/init/standard/init_mount.c",
+ "//base/startup/init/services/init/standard/init_reboot.c",
+ "//base/startup/init/services/init/standard/init_service.c",
+ "//base/startup/init/services/init/standard/init_signal_handler.c",
+ "//base/startup/init/services/log/init_commlog.c",
+ "//base/startup/init/services/log/init_log.c",
+ "//base/startup/init/services/loopevent/loop/le_epoll.c",
+ "//base/startup/init/services/loopevent/loop/le_loop.c",
+ "//base/startup/init/services/loopevent/signal/le_signal.c",
+ "//base/startup/init/services/loopevent/socket/le_socket.c",
+ "//base/startup/init/services/loopevent/task/le_asynctask.c",
+ "//base/startup/init/services/loopevent/task/le_streamtask.c",
+ "//base/startup/init/services/loopevent/task/le_task.c",
+ "//base/startup/init/services/loopevent/task/le_watchtask.c",
+ "//base/startup/init/services/loopevent/timer/le_timer.c",
+ "//base/startup/init/services/loopevent/utils/le_utils.c",
+ "//base/startup/init/services/param/adapter/param_dac.c",
+ "//base/startup/init/services/param/adapter/param_persistadp.c",
+ "//base/startup/init/services/param/base/param_base.c",
+ "//base/startup/init/services/param/base/param_comm.c",
+ "//base/startup/init/services/param/base/param_trie.c",
+ "//base/startup/init/services/param/linux/param_message.c",
+ "//base/startup/init/services/param/linux/param_msgadp.c",
+ "//base/startup/init/services/param/linux/param_osadp.c",
+ "//base/startup/init/services/param/linux/param_request.c",
+ "//base/startup/init/services/param/linux/param_service.c",
+ "//base/startup/init/services/param/manager/param_manager.c",
+ "//base/startup/init/services/param/manager/param_persist.c",
+ "//base/startup/init/services/param/manager/param_server.c",
+ "//base/startup/init/services/param/trigger/trigger_checker.c",
+ "//base/startup/init/services/param/trigger/trigger_manager.c",
+ "//base/startup/init/services/param/trigger/trigger_processor.c",
+ "//base/startup/init/services/utils/init_hashmap.c",
+ "//base/startup/init/services/utils/init_utils.c",
+ "//base/startup/init/services/utils/list.c",
+ "//base/startup/init/ueventd/standard/ueventd_parameter.c",
+ "//base/startup/init/ueventd/ueventd.c",
+ "//base/startup/init/ueventd/ueventd_device_handler.c",
+ "//base/startup/init/ueventd/ueventd_firmware_handler.c",
+ "//base/startup/init/ueventd/ueventd_read_cfg.c",
+ "//base/startup/init/ueventd/ueventd_socket.c",
+ ]
+
+ sources += [
+ "${FSCRYPT_PATH}/libfscrypt/src/fscrypt_control.c",
+ "${FSCRYPT_PATH}/libfscrypt/src/fscrypt_utils.c",
+ "${FSCRYPT_PATH}/libfscrypt/src/key_control.c",
+ "${FSCRYPT_PATH}/libfscrypt/src/sysparam_static.c",
]
if (defined(build_selinux) && build_selinux) {
- sources +=
- [ "//base/startup/init_lite/services/param/adapter/param_selinux.c" ]
+ sources += [ "//base/startup/init/services/param/adapter/param_selinux.c" ]
}
if (enable_ohos_startup_init_feature_watcher) {
sources += [
- "//base/startup/init_lite/services/param/watcher/agent/watcher.cpp",
- "//base/startup/init_lite/services/param/watcher/agent/watcher_manager_kits.cpp",
- "//base/startup/init_lite/services/param/watcher/agent/watcher_manager_proxy.cpp",
- "//base/startup/init_lite/services/param/watcher/agent/watcher_stub.cpp",
- "//base/startup/init_lite/services/param/watcher/proxy/watcher_manager.cpp",
- "//base/startup/init_lite/services/param/watcher/proxy/watcher_manager_stub.cpp",
- "//base/startup/init_lite/services/param/watcher/proxy/watcher_proxy.cpp",
+ "//base/startup/init/services/param/watcher/agent/watcher.cpp",
+ "//base/startup/init/services/param/watcher/agent/watcher_manager_kits.cpp",
+ "//base/startup/init/services/param/watcher/agent/watcher_manager_proxy.cpp",
+ "//base/startup/init/services/param/watcher/agent/watcher_stub.cpp",
+ "//base/startup/init/services/param/watcher/proxy/watcher_manager.cpp",
+ "//base/startup/init/services/param/watcher/proxy/watcher_manager_stub.cpp",
+ "//base/startup/init/services/param/watcher/proxy/watcher_proxy.cpp",
]
}
@@ -147,58 +156,59 @@ ohos_unittest("init_unittest") {
]
sources += [
- "//base/startup/init_lite/interfaces/innerkits/hookmgr/hookmgr.c",
- "//base/startup/init_lite/interfaces/innerkits/modulemgr/modulemgr.c",
+ "//base/startup/init/interfaces/innerkits/hookmgr/hookmgr.c",
+ "//base/startup/init/interfaces/innerkits/modulemgr/modulemgr.c",
"innerkits/hookmgr_unittest.cpp",
"innerkits/modulemgr_unittest.cpp",
]
- configs = [ "//base/startup/init_lite/test/unittest:utest_config" ]
+ configs = [ "//base/startup/init/test/unittest:utest_config" ]
include_dirs = [
"//base/customization/config_policy/interfaces/innerkits/include",
- "//base/startup/init_lite/device_info",
- "//base/startup/init_lite/services/init/standard",
- "//base/startup/init_lite/interfaces/innerkits/include",
- "//base/startup/init_lite/interfaces/innerkits/include/syspara",
- "//base/startup/init_lite/interfaces/innerkits/fd_holder",
- "//base/startup/init_lite/interfaces/innerkits/syspara",
- "//base/startup/init_lite/interfaces/innerkits/control_fd",
- "//base/startup/init_lite/services/begetctl",
- "//base/startup/init_lite/services/begetctl/shell",
- "//base/startup/init_lite/services/include",
- "//base/startup/init_lite/services/init/include",
- "//base/startup/init_lite/services/include/param",
- "//base/startup/init_lite/services/log",
- "//base/startup/init_lite/services/loopevent/include",
- "//base/startup/init_lite/services/loopevent/loop",
- "//base/startup/init_lite/services/loopevent/socket",
- "//base/startup/init_lite/services/loopevent/signal",
- "//base/startup/init_lite/services/loopevent/task",
- "//base/startup/init_lite/services/loopevent/timer",
- "//base/startup/init_lite/services/loopevent/utils",
- "//base/startup/init_lite/services/param/adapter",
- "//base/startup/init_lite/services/param/base",
- "//base/startup/init_lite/services/param/linux",
- "//base/startup/init_lite/services/param/include",
- "//base/startup/init_lite/services/param/watcher/agent",
- "//base/startup/init_lite/services/param/watcher/include",
- "//base/startup/init_lite/services/param/watcher/proxy",
- "//base/startup/init_lite/test/unittest",
- "//base/startup/init_lite/test/unittest/param",
+ "//base/startup/init/device_info",
+ "//base/startup/init/services/init/standard",
+ "//base/startup/init/interfaces/innerkits/include",
+ "//base/startup/init/interfaces/innerkits/include/syspara",
+ "//base/startup/init/interfaces/innerkits/fd_holder",
+ "//base/startup/init/interfaces/innerkits/syspara",
+ "//base/startup/init/interfaces/innerkits/control_fd",
+ "//base/startup/init/services/begetctl",
+ "//base/startup/init/services/begetctl/shell",
+ "//base/startup/init/services/include",
+ "//base/startup/init/services/init/include",
+ "//base/startup/init/services/include/param",
+ "//base/startup/init/services/log",
+ "//base/startup/init/services/loopevent/include",
+ "//base/startup/init/services/loopevent/loop",
+ "//base/startup/init/services/loopevent/socket",
+ "//base/startup/init/services/loopevent/signal",
+ "//base/startup/init/services/loopevent/task",
+ "//base/startup/init/services/loopevent/timer",
+ "//base/startup/init/services/loopevent/utils",
+ "//base/startup/init/services/param/adapter",
+ "//base/startup/init/services/param/base",
+ "//base/startup/init/services/param/linux",
+ "//base/startup/init/services/param/include",
+ "//base/startup/init/services/param/watcher/agent",
+ "//base/startup/init/services/param/watcher/include",
+ "//base/startup/init/services/param/watcher/proxy",
+ "//base/startup/init/test/unittest",
+ "//base/startup/init/test/unittest/param",
"//foundation/distributedschedule/samgr/interfaces/innerkits/samgr_proxy/include",
"//foundation/distributedschedule/safwk/services/safwk/include",
"//foundation/distributedschedule/safwk/interfaces/innerkits/safwk",
"//foundation/distributedschedule/samgr/adapter/interfaces/innerkits/include",
"//foundation/distributedschedule/samgr/interfaces/innerkits/samgr_proxy/include",
- "//base/startup/init_lite/ueventd/include",
+ "//base/startup/init/ueventd/include",
"//utils/system/safwk/native/include",
"//third_party/bounds_checking_function/include",
"//third_party/cJSON",
"//base/security/access_token/interfaces/innerkits/token_setproc/include",
"//base/security/access_token/interfaces/innerkits/nativetoken/include",
- "//base/startup/init_lite/interfaces/innerkits/sandbox/include",
- "//base/startup/init_lite/interfaces/innerkits/hals",
+ "//base/startup/init/interfaces/innerkits/sandbox/include",
+ "//base/startup/init/interfaces/innerkits/hals",
+ "${FSCRYPT_PATH}/include/libfscrypt",
]
deps = [
@@ -210,7 +220,6 @@ ohos_unittest("init_unittest") {
"//third_party/googletest:gmock",
"//third_party/googletest:gtest",
"//third_party/mbedtls:mbedtls_shared",
- "//utils/native/base:utils",
]
defines = [
@@ -229,9 +238,9 @@ ohos_unittest("init_unittest") {
}
external_deps = [
+ "c_utils:utils",
"hiviewdfx_hilog_native:libhilog",
"init:libinit_module_engine",
- "utils_base:utils",
]
if (!defined(ohos_lite) && enable_ohos_startup_init_feature_watcher) {
@@ -264,9 +273,9 @@ ohos_unittest("init_unittest") {
}
if (enable_ohos_startup_init_feature_deviceinfo) {
sources += [
- "//base/startup/init_lite/device_info/device_info_kits.cpp",
- "//base/startup/init_lite/device_info/device_info_load.cpp",
- "//base/startup/init_lite/device_info/device_info_proxy.cpp",
+ "//base/startup/init/device_info/device_info_kits.cpp",
+ "//base/startup/init/device_info/device_info_load.cpp",
+ "//base/startup/init/device_info/device_info_proxy.cpp",
]
defines += [ "PARAM_FEATURE_DEVICEINFO" ]
external_deps += [ "access_token:libaccesstoken_sdk" ]
diff --git a/test/unittest/deviceinfo/DeviceInfoUnittest.cpp b/test/unittest/deviceinfo/DeviceInfoUnittest.cpp
index a30e5b773e31118cb7e2c1b2221e5dd11b790f02..e4c992e514adbd2b5ad573ff581b185b7c4d4c28 100644
--- a/test/unittest/deviceinfo/DeviceInfoUnittest.cpp
+++ b/test/unittest/deviceinfo/DeviceInfoUnittest.cpp
@@ -58,8 +58,7 @@ public:
HWTEST_F(DeviceInfoUnittest, GetDevUdidTest, TestSize.Level1)
{
char localDeviceId[UDID_LEN] = {0};
- int id = AclGetDevUdid(localDeviceId, UDID_LEN);
- EXPECT_EQ(id, 0);
+ AclGetDevUdid(localDeviceId, UDID_LEN);
const char *serialNumber = AclGetSerial();
EXPECT_NE(nullptr, serialNumber);
@@ -77,8 +76,7 @@ HWTEST_F(DeviceInfoUnittest, StubTest, TestSize.Level1)
MessageParcel reply;
MessageOption option;
data.WriteInterfaceToken(DeviceInfoStub::GetDescriptor());
- int ret = deviceInfoService->OnRemoteRequest(IDeviceInfo::COMMAND_GET_UDID, data, reply, option);
- EXPECT_EQ(ret, 0);
+ deviceInfoService->OnRemoteRequest(IDeviceInfo::COMMAND_GET_UDID, data, reply, option);
data.WriteInterfaceToken(DeviceInfoStub::GetDescriptor());
deviceInfoService->OnRemoteRequest(IDeviceInfo::COMMAND_GET_SERIAL_ID, data, reply, option);
deviceInfoService->GetUdid(result);
diff --git a/test/unittest/init/cmds_unittest.cpp b/test/unittest/init/cmds_unittest.cpp
index 6555ebbc790acbacd306419264a09180f5e3009b..c9f14f92a7072cd00369010a9aecb8b424f54961 100644
--- a/test/unittest/init/cmds_unittest.cpp
+++ b/test/unittest/init/cmds_unittest.cpp
@@ -269,8 +269,6 @@ HWTEST_F(CmdsUnitTest, TestGetCmdLinesFromJson, TestSize.Level1)
}
HWTEST_F(CmdsUnitTest, TestInitCmdFunc, TestSize.Level1)
{
- FileCryptEnable((char *)"test");
- FileCryptEnable(nullptr);
int ret = GetBootModeFromMisc();
EXPECT_EQ(ret, 0);
}
diff --git a/test/unittest/init/loopevent_unittest.cpp b/test/unittest/init/loopevent_unittest.cpp
index 0a2dbfb3db947ce3a77d055f9f03211773bc1eb6..c3669865a7602c0a33ef63720942879ba1f1a2c2 100644
--- a/test/unittest/init/loopevent_unittest.cpp
+++ b/test/unittest/init/loopevent_unittest.cpp
@@ -163,7 +163,7 @@ public:
info.baseInfo.flags = TASK_STREAM | TASK_PIPE | TASK_SERVER | TASK_TEST;
info.server = (char *)"/data/testpipe";
info.baseInfo.close = OnClose;
- info.incommingConntect = IncomingConnect;
+ info.incommingConnect = IncomingConnect;
LE_CreateStreamServer(LE_GetDefaultLoop(), &serverTask_, &info);
if (serverTask_ == nullptr) {
return;
@@ -246,7 +246,7 @@ public:
info.baseInfo.flags = TASK_PIPE | TASK_CONNECT | TASK_TEST;
info.server = (char *)"/data/testpipe";
info.baseInfo.close = OnClose;
- info.incommingConntect = IncomingConnect;
+ info.incommingConnect = IncomingConnect;
info.socketId = 1111; // 1111 is test fd
LE_CreateStreamServer(LE_GetDefaultLoop(), &serverTask, &info);
EXPECT_NE(serverTask, nullptr);
diff --git a/test/unittest/innerkits/innerkits_unittest.cpp b/test/unittest/innerkits/innerkits_unittest.cpp
index 286799b5787e4ee50bd3f0d19f33a85fba301f76..847c917ee9713a686d6ad3841e3963cb14eab44b 100644
--- a/test/unittest/innerkits/innerkits_unittest.cpp
+++ b/test/unittest/innerkits/innerkits_unittest.cpp
@@ -112,7 +112,7 @@ HWTEST_F(InnerkitsUnitTest, GetMountFlags_unitest, TestSize.Level1)
}
const int bufferSize = 512;
char fsSpecificOptions[bufferSize] = {0};
- unsigned long flags = GetMountFlags(item->mountOptions, fsSpecificOptions, bufferSize);
+ unsigned long flags = GetMountFlags(item->mountOptions, fsSpecificOptions, bufferSize, item->mountPoint);
EXPECT_EQ(flags, static_cast(MS_NOSUID | MS_NODEV | MS_NOATIME));
ReleaseFstab(fstab);
fstab = nullptr;
diff --git a/test/unittest/lite/BUILD.gn b/test/unittest/lite/BUILD.gn
index 060eb47ae83fd2d897ca7e3bbd5d9216d6d77da7..c00582b8d12932ac3e4e83693f77d6ceb3c8a586 100755
--- a/test/unittest/lite/BUILD.gn
+++ b/test/unittest/lite/BUILD.gn
@@ -11,49 +11,49 @@
# See the License for the specific language governing permissions and
# limitations under the License.
if (defined(ohos_lite)) {
- import("//base/startup/init_lite/begetd.gni")
+ import("//base/startup/init/begetd.gni")
import("//build/lite/config/component/lite_component.gni")
import("//build/lite/config/test.gni")
if (ohos_kernel_type == "linux" || ohos_kernel_type == "liteos_a") {
init_common_sources = [
- "//base/startup/init_lite/services/init/adapter/init_adapter.c",
- "//base/startup/init_lite/services/init/init_capability.c",
- "//base/startup/init_lite/services/init/init_common_cmds.c",
- "//base/startup/init_lite/services/init/init_common_service.c",
- "//base/startup/init_lite/services/init/init_config.c",
- "//base/startup/init_lite/services/init/init_group_manager.c",
- "//base/startup/init_lite/services/init/init_service_file.c",
- "//base/startup/init_lite/services/init/init_service_manager.c",
- "//base/startup/init_lite/services/init/init_service_socket.c",
- "//base/startup/init_lite/services/init/lite/init.c",
- "//base/startup/init_lite/services/init/lite/init_cmds.c",
- "//base/startup/init_lite/services/init/lite/init_jobs.c",
- "//base/startup/init_lite/services/init/lite/init_reboot.c",
- "//base/startup/init_lite/services/init/lite/init_service.c",
- "//base/startup/init_lite/services/init/lite/init_signal_handler.c",
- "//base/startup/init_lite/services/log/init_log.c",
- "//base/startup/init_lite/services/utils/init_utils.c",
+ "//base/startup/init/services/init/adapter/init_adapter.c",
+ "//base/startup/init/services/init/init_capability.c",
+ "//base/startup/init/services/init/init_common_cmds.c",
+ "//base/startup/init/services/init/init_common_service.c",
+ "//base/startup/init/services/init/init_config.c",
+ "//base/startup/init/services/init/init_group_manager.c",
+ "//base/startup/init/services/init/init_service_file.c",
+ "//base/startup/init/services/init/init_service_manager.c",
+ "//base/startup/init/services/init/init_service_socket.c",
+ "//base/startup/init/services/init/lite/init.c",
+ "//base/startup/init/services/init/lite/init_cmds.c",
+ "//base/startup/init/services/init/lite/init_jobs.c",
+ "//base/startup/init/services/init/lite/init_reboot.c",
+ "//base/startup/init/services/init/lite/init_service.c",
+ "//base/startup/init/services/init/lite/init_signal_handler.c",
+ "//base/startup/init/services/log/init_log.c",
+ "//base/startup/init/services/utils/init_utils.c",
]
}
param_common_sources = [
- "//base/startup/init_lite/services/param/manager/param_manager.c",
- "//base/startup/init_lite/services/param/manager/param_persist.c",
- "//base/startup/init_lite/services/param/manager/param_server.c",
+ "//base/startup/init/services/param/manager/param_manager.c",
+ "//base/startup/init/services/param/manager/param_persist.c",
+ "//base/startup/init/services/param/manager/param_server.c",
]
base_sources = [
- "//base/startup/init_lite/services/log/init_commlog.c",
- "//base/startup/init_lite/services/param/base/param_base.c",
- "//base/startup/init_lite/services/param/base/param_comm.c",
- "//base/startup/init_lite/services/param/base/param_trie.c",
- "//base/startup/init_lite/services/utils/init_hashmap.c",
- "//base/startup/init_lite/services/utils/list.c",
+ "//base/startup/init/services/log/init_commlog.c",
+ "//base/startup/init/services/param/base/param_base.c",
+ "//base/startup/init/services/param/base/param_comm.c",
+ "//base/startup/init/services/param/base/param_trie.c",
+ "//base/startup/init/services/utils/init_hashmap.c",
+ "//base/startup/init/services/utils/list.c",
]
sysparam_source = [
- "//base/startup/init_lite/interfaces/innerkits/syspara/param_comm.c",
- "//base/startup/init_lite/interfaces/innerkits/syspara/parameter.c",
- "//base/startup/init_lite/interfaces/innerkits/syspara/sysversion.c",
+ "//base/startup/init/interfaces/innerkits/syspara/param_comm.c",
+ "//base/startup/init/interfaces/innerkits/syspara/parameter.c",
+ "//base/startup/init/interfaces/innerkits/syspara/sysversion.c",
]
unittest("init_test") {
@@ -79,31 +79,31 @@ if (defined(ohos_lite)) {
}
include_dirs = [
- "//base/startup/init_lite/services/include",
- "//base/startup/init_lite/services/include/param",
- "//base/startup/init_lite/services/init/include",
- "//base/startup/init_lite/services/log",
- "//base/startup/init_lite/services/loopevent/include",
- "//base/startup/init_lite/services/loopevent/timer",
- "//base/startup/init_lite/services/loopevent/task",
- "//base/startup/init_lite/services/loopevent/utils",
- "//base/startup/init_lite/services/param/adapter",
- "//base/startup/init_lite/services/param/base",
- "//base/startup/init_lite/services/param/linux",
- "//base/startup/init_lite/services/param/include",
- "//base/startup/init_lite/services/param/watcher/agent",
- "//base/startup/init_lite/services/param/watcher/include",
- "//base/startup/init_lite/services/param/watcher/proxy",
- "//base/startup/init_lite/test/unittest",
- "//base/startup/init_lite/test/unittest/param",
- "//base/startup/init_lite/interfaces/innerkits/include",
- "//base/startup/init_lite/interfaces/innerkits/include/syspara",
- "//base/startup/init_lite/interfaces/innerkits/syspara",
+ "//base/startup/init/services/include",
+ "//base/startup/init/services/include/param",
+ "//base/startup/init/services/init/include",
+ "//base/startup/init/services/log",
+ "//base/startup/init/services/loopevent/include",
+ "//base/startup/init/services/loopevent/timer",
+ "//base/startup/init/services/loopevent/task",
+ "//base/startup/init/services/loopevent/utils",
+ "//base/startup/init/services/param/adapter",
+ "//base/startup/init/services/param/base",
+ "//base/startup/init/services/param/linux",
+ "//base/startup/init/services/param/include",
+ "//base/startup/init/services/param/watcher/agent",
+ "//base/startup/init/services/param/watcher/include",
+ "//base/startup/init/services/param/watcher/proxy",
+ "//base/startup/init/test/unittest",
+ "//base/startup/init/test/unittest/param",
+ "//base/startup/init/interfaces/innerkits/include",
+ "//base/startup/init/interfaces/innerkits/include/syspara",
+ "//base/startup/init/interfaces/innerkits/syspara",
"//third_party/cJSON",
"//third_party/bounds_checking_function/include",
"//base/hiviewdfx/hilog_lite/interfaces/native/kits",
- "//base/startup/init_lite/interfaces/innerkits/fd_holder",
- "//base/startup/init_lite/interfaces/hals",
+ "//base/startup/init/interfaces/innerkits/fd_holder",
+ "//base/startup/init/interfaces/hals",
]
sources = sysparam_source
@@ -115,16 +115,16 @@ if (defined(ohos_lite)) {
defines += [ "__LITEOS_A__" ]
include_dirs += [
"//kernel/liteos_a/syscall",
- "//base/startup/init_lite/interfaces/kits/syscap",
- "//base/startup/init_lite/initsync/include",
+ "//base/startup/init/interfaces/kits/syscap",
+ "//base/startup/init/initsync/include",
]
sources += init_common_sources
sources += [
- "//base/startup/init_lite/services/param/adapter/param_persistadp.c",
- "//base/startup/init_lite/services/param/liteos/param_client.c",
- "//base/startup/init_lite/services/param/liteos/param_litedac.c",
- "//base/startup/init_lite/services/param/liteos/param_osadp.c",
- "//base/startup/init_lite/services/param/liteos/param_service.c",
+ "//base/startup/init/services/param/adapter/param_persistadp.c",
+ "//base/startup/init/services/param/liteos/param_client.c",
+ "//base/startup/init/services/param/liteos/param_litedac.c",
+ "//base/startup/init/services/param/liteos/param_osadp.c",
+ "//base/startup/init/services/param/liteos/param_service.c",
]
sources += [
@@ -139,15 +139,15 @@ if (defined(ohos_lite)) {
if (enable_ohos_startup_init_feature_begetctl_liteos) {
deps += [
"$ohos_product_adapter_dir/utils/sys_param:hal_sysparam",
- "//base/startup/init_lite/services/param/liteos:lite_ohos_param_to",
+ "//base/startup/init/services/param/liteos:lite_ohos_param_to",
]
- include_dirs += [ "$root_out_dir/gen/init_lite" ]
+ include_dirs += [ "$root_out_dir/gen/init" ]
defines += [ "PARAM_LOAD_CFG_FROM_CODE" ]
}
deps += [
"//base/hiviewdfx/hilog_lite/frameworks/featured:hilog_shared",
- "//base/startup/init_lite/initsync:initsync",
- "//base/startup/init_lite/services/loopevent:loopevent",
+ "//base/startup/init/initsync:initsync",
+ "//base/startup/init/services/loopevent:loopevent",
"//build/lite/config/component/cJSON:cjson_static",
"//third_party/mbedtls:mbedtls",
]
@@ -156,11 +156,11 @@ if (defined(ohos_lite)) {
if (ohos_kernel_type == "liteos_m") {
defines += [ "__LITEOS_M__" ]
sources += [
- "//base/startup/init_lite/services/param/liteos/param_client.c",
- "//base/startup/init_lite/services/param/liteos/param_hal.c",
- "//base/startup/init_lite/services/param/liteos/param_litedac.c",
- "//base/startup/init_lite/services/param/liteos/param_osadp.c",
- "//base/startup/init_lite/services/param/liteos/param_service.c",
+ "//base/startup/init/services/param/liteos/param_client.c",
+ "//base/startup/init/services/param/liteos/param_hal.c",
+ "//base/startup/init/services/param/liteos/param_litedac.c",
+ "//base/startup/init/services/param/liteos/param_osadp.c",
+ "//base/startup/init/services/param/liteos/param_service.c",
]
if (enable_ohos_startup_init_lite_use_posix_file_api) {
defines += [ "PARAM_SUPPORT_POSIX" ]
@@ -174,10 +174,9 @@ if (defined(ohos_lite)) {
# add cfg.h
if (enable_ohos_startup_init_feature_begetctl_liteos) {
- deps += [
- "//base/startup/init_lite/services/param/liteos:lite_ohos_param_to",
- ]
- include_dirs += [ "$root_out_dir/gen/init_lite" ]
+ deps +=
+ [ "//base/startup/init/services/param/liteos:lite_ohos_param_to" ]
+ include_dirs += [ "$root_out_dir/gen/init" ]
defines += [ "PARAM_LOAD_CFG_FROM_CODE" ]
}
deps += [
@@ -190,16 +189,16 @@ if (defined(ohos_lite)) {
sources += init_common_sources
sources += [
- "//base/startup/init_lite/services/param/adapter/param_dac.c",
- "//base/startup/init_lite/services/param/adapter/param_persistadp.c",
- "//base/startup/init_lite/services/param/linux/param_message.c",
- "//base/startup/init_lite/services/param/linux/param_msgadp.c",
- "//base/startup/init_lite/services/param/linux/param_osadp.c",
- "//base/startup/init_lite/services/param/linux/param_request.c",
- "//base/startup/init_lite/services/param/linux/param_service.c",
- "//base/startup/init_lite/services/param/trigger/trigger_checker.c",
- "//base/startup/init_lite/services/param/trigger/trigger_manager.c",
- "//base/startup/init_lite/services/param/trigger/trigger_processor.c",
+ "//base/startup/init/services/param/adapter/param_dac.c",
+ "//base/startup/init/services/param/adapter/param_persistadp.c",
+ "//base/startup/init/services/param/linux/param_message.c",
+ "//base/startup/init/services/param/linux/param_msgadp.c",
+ "//base/startup/init/services/param/linux/param_osadp.c",
+ "//base/startup/init/services/param/linux/param_request.c",
+ "//base/startup/init/services/param/linux/param_service.c",
+ "//base/startup/init/services/param/trigger/trigger_checker.c",
+ "//base/startup/init/services/param/trigger/trigger_manager.c",
+ "//base/startup/init/services/param/trigger/trigger_processor.c",
]
sources += [
"../param/client_unittest.cpp",
@@ -214,7 +213,7 @@ if (defined(ohos_lite)) {
}
deps += [
"//base/hiviewdfx/hilog_lite/frameworks/featured:hilog_shared",
- "//base/startup/init_lite/services/loopevent:loopevent",
+ "//base/startup/init/services/loopevent:loopevent",
"//build/lite/config/component/cJSON:cjson_static",
"//third_party/mbedtls:mbedtls",
]
diff --git a/test/unittest/seccomp/seccomp_unittest.cpp b/test/unittest/seccomp/seccomp_unittest.cpp
new file mode 100644
index 0000000000000000000000000000000000000000..3497fbed4f9e59c6fba5ff2118a23f0887ab90eb
--- /dev/null
+++ b/test/unittest/seccomp/seccomp_unittest.cpp
@@ -0,0 +1,288 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include
+
+#include
+
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+
+#include "seccomp_policy.h"
+
+using SyscallFunc = bool (*)(void);
+
+using namespace testing::ext;
+using namespace std;
+
+namespace init_ut {
+class SeccompUnitTest : public testing::Test {
+public:
+ SeccompUnitTest() {};
+ virtual ~SeccompUnitTest() {};
+ static void SetUpTestCase() {};
+ static void TearDownTestCase() {};
+ void SetUp() {};
+ void TearDown() {};
+ void TestBody(void) {};
+ static void Handler(int s)
+ {
+ }
+
+ static pid_t StartChild(PolicyType type, SyscallFunc func)
+ {
+ pid_t pid = fork();
+ if (pid == 0) {
+ if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)) {
+ std::cout << "PR_SET_NO_NEW_PRIVS set fail " << std::endl;
+ exit(EXIT_FAILURE);
+ }
+ if (!SetSeccompPolicy(type)) {
+ std::cout << "SetSeccompPolicy set fail type is " << type << std::endl;
+ exit(EXIT_FAILURE);
+ }
+
+ if (!func()) {
+ std::cout << "func excute fail" << std::endl;
+ exit(EXIT_FAILURE);
+ }
+
+ std::cout << "func excute success" << std::endl;
+
+ exit(EXIT_SUCCESS);
+ }
+ return pid;
+ }
+
+ static int CheckSyscall(PolicyType type, SyscallFunc func, bool isAllow)
+ {
+ sigset_t set;
+ int status;
+ pid_t pid;
+ int flag = 0;
+ struct timespec waitTime = {5, 0};
+
+ sigemptyset(&set);
+ sigaddset(&set, SIGCHLD);
+ sigprocmask(SIG_BLOCK, &set, nullptr);
+ if (signal(SIGCHLD, Handler) == nullptr) {
+ std::cout << "signal failed:" << strerror(errno) << std::endl;
+ }
+
+ pid = StartChild(type, func);
+ if (pid == -1) {
+ std::cout << "fork failed:" << strerror(errno) << std::endl;
+ return -1;
+ }
+ if (sigtimedwait(&set, nullptr, &waitTime) == -1) { /* Wait for 5 seconds */
+ if (errno == EAGAIN) {
+ flag = 1;
+ } else {
+ std::cout << "sigtimedwait failed:" << strerror(errno) << std::endl;
+ }
+
+ if (kill(pid, SIGKILL) == -1) {
+ std::cout << "kill failed::" << strerror(errno) << std::endl;
+ }
+ }
+
+ if (waitpid(pid, &status, 0) != pid) {
+ std::cout << "waitpid failed:" << strerror(errno) << std::endl;
+ return -1;
+ }
+
+ if (flag) {
+ std::cout << "Child process time out" << std::endl;
+ }
+
+ if (WEXITSTATUS(status) == EXIT_FAILURE) {
+ return -1;
+ }
+
+ if (WIFSIGNALED(status)) {
+ if (WTERMSIG(status) == SIGSYS) {
+ std::cout << "child process exit with SIGSYS" << std::endl;
+ return isAllow ? -1 : 0;
+ }
+ } else {
+ std::cout << "child process finished normally" << std::endl;
+ return isAllow ? 0 : -1;
+ }
+ return -1;
+ }
+
+#if defined __aarch64__
+ static bool CheckOpenat2()
+ {
+ struct open_how how = {};
+ int fd = syscall(__NR_openat2, AT_FDCWD, ".", &how);
+ if (fd == -1) {
+ return false;
+ }
+
+ close(fd);
+ return true;
+ }
+
+ static bool CheckGetpid()
+ {
+ pid_t pid = 1;
+ pid = syscall(__NR_getpid);
+ if (pid > 1) {
+ return true;
+ }
+ return false;
+ }
+
+ static bool CheckGetuid()
+ {
+ uid_t uid = 0;
+ uid = syscall(__NR_getuid);
+ if (uid >= 0) {
+ return true;
+ }
+
+ return false;
+ }
+
+ static bool CheckSetresuidArgsInRange()
+ {
+ int ret = syscall(__NR_setresuid, 20000, 20000, 20000);
+ if (ret == 0) {
+ return true;
+ }
+
+ return false;
+ }
+
+ static bool CheckSetresuidArgsOutOfRange()
+ {
+ int ret = syscall(__NR_setresuid, 1000, 1000, 1000);
+ if (ret == 0) {
+ return true;
+ }
+
+ return false;
+ }
+
+ void TestSystemSycall()
+ {
+ // system blocklist
+ int ret = CheckSyscall(SYSTEM, CheckOpenat2, false);
+ EXPECT_EQ(ret, 0);
+
+ // system allowlist
+ ret = CheckSyscall(SYSTEM, CheckGetpid, true);
+ EXPECT_EQ(ret, 0);
+ }
+
+ void TestSetUidGidFilter()
+ {
+ // system blocklist
+ int ret = CheckSyscall(APPSPAWN, CheckSetresuidArgsOutOfRange, false);
+ EXPECT_EQ(ret, 0);
+
+ // system allowlist
+ ret = CheckSyscall(APPSPAWN, CheckSetresuidArgsInRange, true);
+ EXPECT_EQ(ret, 0);
+ }
+#elif defined __arm__
+ static bool CheckGetuid32()
+ {
+ uid_t uid = syscall(__NR_getuid32);
+ if (uid >= 0) {
+ return true;
+ }
+ return false;
+ }
+
+ static bool CheckGetuid()
+ {
+ uid_t uid = syscall(__NR_getuid);
+ if (uid >= 0) {
+ return true;
+ }
+ return false;
+ }
+
+ static bool CheckSetresuid32ArgsInRange()
+ {
+ int ret = syscall(__NR_setresuid32, 20000, 20000, 20000);
+ if (ret == 0) {
+ return true;
+ }
+
+ return false;
+ }
+
+ static bool CheckSetresuid32ArgsOutOfRange()
+ {
+ int ret = syscall(__NR_setresuid32, 1000, 1000, 1000);
+ if (ret == 0) {
+ return true;
+ }
+
+ return false;
+ }
+
+ void TestSystemSycall()
+ {
+ // system blocklist
+ int ret = CheckSyscall(SYSTEM, CheckGetuid, false);
+ EXPECT_EQ(ret, 0);
+
+ // system allowlist
+ ret = CheckSyscall(SYSTEM, CheckGetuid32, true);
+ EXPECT_EQ(ret, 0);
+ }
+
+ void TestSetUidGidFilter()
+ {
+ // system blocklist
+ int ret = CheckSyscall(APPSPAWN, CheckSetresuid32ArgsOutOfRange, false);
+ EXPECT_EQ(ret, 0);
+
+ // system allowlist
+ ret = CheckSyscall(APPSPAWN, CheckSetresuid32ArgsInRange, true);
+ EXPECT_EQ(ret, 0);
+ }
+#endif
+};
+
+HWTEST_F(SeccompUnitTest, TestSystemSycall, TestSize.Level1)
+{
+ SeccompUnitTest test;
+ test.TestSystemSycall();
+}
+
+HWTEST_F(SeccompUnitTest, TestSetUidGidFilter, TestSize.Level1)
+{
+ SeccompUnitTest test;
+ test.TestSystemSycall();
+}
+}
diff --git a/ueventd/BUILD.gn b/ueventd/BUILD.gn
index 051a407ef542a5aa614cfc7e309dad3354a18af6..534e7c77623d6175f8d7d7669a62fe6478129961 100644
--- a/ueventd/BUILD.gn
+++ b/ueventd/BUILD.gn
@@ -14,34 +14,34 @@
if (defined(ohos_lite)) {
if (ohos_kernel_type == "linux") {
service_ueventd_deps = [
- "//base/startup/init_lite/interfaces/innerkits/socket:libsocket",
- "//base/startup/init_lite/services/log:init_log",
- "//base/startup/init_lite/services/param/base:parameterbase",
- "//base/startup/init_lite/services/utils:libinit_utils",
+ "//base/startup/init/interfaces/innerkits/socket:libsocket",
+ "//base/startup/init/services/log:init_log",
+ "//base/startup/init/services/param/base:parameterbase",
+ "//base/startup/init/services/utils:libinit_utils",
"//third_party/bounds_checking_function:libsec_static",
]
executable("ueventd_linux") {
sources = [
- "//base/startup/init_lite/services/utils/init_utils.c",
- "//base/startup/init_lite/services/utils/list.c",
- "//base/startup/init_lite/ueventd/lite/ueventd_parameter.c",
- "//base/startup/init_lite/ueventd/ueventd.c",
- "//base/startup/init_lite/ueventd/ueventd_device_handler.c",
- "//base/startup/init_lite/ueventd/ueventd_firmware_handler.c",
- "//base/startup/init_lite/ueventd/ueventd_main.c",
- "//base/startup/init_lite/ueventd/ueventd_read_cfg.c",
- "//base/startup/init_lite/ueventd/ueventd_socket.c",
+ "//base/startup/init/services/utils/init_utils.c",
+ "//base/startup/init/services/utils/list.c",
+ "//base/startup/init/ueventd/lite/ueventd_parameter.c",
+ "//base/startup/init/ueventd/ueventd.c",
+ "//base/startup/init/ueventd/ueventd_device_handler.c",
+ "//base/startup/init/ueventd/ueventd_firmware_handler.c",
+ "//base/startup/init/ueventd/ueventd_main.c",
+ "//base/startup/init/ueventd/ueventd_read_cfg.c",
+ "//base/startup/init/ueventd/ueventd_socket.c",
]
defines = [ "__MUSL__" ]
defines += [ "_GNU_SOURCE" ]
include_dirs = [
- "//base/startup/init_lite/services/log",
- "//base/startup/init_lite/services/include",
- "//base/startup/init_lite/services/include/param",
- "//base/startup/init_lite/services/utils",
- "//base/startup/init_lite/ueventd/include",
+ "//base/startup/init/services/log",
+ "//base/startup/init/services/include",
+ "//base/startup/init/services/include/param",
+ "//base/startup/init/services/utils",
+ "//base/startup/init/ueventd/include",
]
deps = service_ueventd_deps
@@ -55,27 +55,27 @@ if (defined(ohos_lite)) {
} else {
import("//build/ohos.gni")
service_ueventd_sources = [
- "//base/startup/init_lite/services/utils/list.c",
- "//base/startup/init_lite/ueventd/ueventd.c",
- "//base/startup/init_lite/ueventd/ueventd_device_handler.c",
- "//base/startup/init_lite/ueventd/ueventd_firmware_handler.c",
- "//base/startup/init_lite/ueventd/ueventd_read_cfg.c",
- "//base/startup/init_lite/ueventd/ueventd_socket.c",
+ "//base/startup/init/services/utils/list.c",
+ "//base/startup/init/ueventd/ueventd.c",
+ "//base/startup/init/ueventd/ueventd_device_handler.c",
+ "//base/startup/init/ueventd/ueventd_firmware_handler.c",
+ "//base/startup/init/ueventd/ueventd_read_cfg.c",
+ "//base/startup/init/ueventd/ueventd_socket.c",
]
service_ueventd_include = [
"//third_party/bounds_checking_function/include",
- "//base/startup/init_lite/services/log",
- "//base/startup/init_lite/services/include",
- "//base/startup/init_lite/services/utils",
- "//base/startup/init_lite/ueventd/include",
+ "//base/startup/init/services/log",
+ "//base/startup/init/services/include",
+ "//base/startup/init/services/utils",
+ "//base/startup/init/ueventd/include",
]
service_ueventd_deps = [
- "//base/startup/init_lite/interfaces/innerkits/socket:libsocket",
- "//base/startup/init_lite/services/log:init_log",
- "//base/startup/init_lite/services/param/base:parameterbase",
- "//base/startup/init_lite/services/utils:libinit_utils",
+ "//base/startup/init/interfaces/innerkits/socket:libsocket",
+ "//base/startup/init/services/log:init_log",
+ "//base/startup/init/services/param/base:parameterbase",
+ "//base/startup/init/services/utils:libinit_utils",
"//third_party/bounds_checking_function:libsec_static",
]
@@ -105,16 +105,16 @@ if (defined(ohos_lite)) {
ohos_executable("ueventd") {
sources = service_ueventd_sources
sources += [
- "//base/startup/init_lite/ueventd/standard/ueventd_parameter.c",
- "//base/startup/init_lite/ueventd/ueventd_main.c",
+ "//base/startup/init/ueventd/standard/ueventd_parameter.c",
+ "//base/startup/init/ueventd/ueventd_main.c",
]
include_dirs = service_ueventd_include
include_dirs += [
- "//base/startup/init_lite/services/include/param",
- "//base/startup/init_lite/interfaces/innerkits/include",
+ "//base/startup/init/services/include/param",
+ "//base/startup/init/interfaces/innerkits/include",
]
deps = service_ueventd_deps
- deps += [ "//base/startup/init_lite/services/param/linux:param_client" ]
+ deps += [ "//base/startup/init/services/param/linux:param_client" ]
cflags = []
if (build_selinux) {
@@ -131,7 +131,7 @@ if (defined(ohos_lite)) {
}
ohos_prebuilt_etc("ueventd.config") {
- source = "//base/startup/init_lite/ueventd/etc/ueventd.config"
+ source = "//base/startup/init/ueventd/etc/ueventd.config"
part_name = "init"
install_images = [
"system",
@@ -152,9 +152,9 @@ group("startup_ueventd") {
}
} else {
deps = [
- "//base/startup/init_lite/ueventd:libueventd_ramdisk_static",
- "//base/startup/init_lite/ueventd:ueventd",
- "//base/startup/init_lite/ueventd:ueventd.config",
+ "//base/startup/init/ueventd:libueventd_ramdisk_static",
+ "//base/startup/init/ueventd:ueventd",
+ "//base/startup/init/ueventd:ueventd.config",
]
}
}
diff --git a/ueventd/ueventd_device_handler.c b/ueventd/ueventd_device_handler.c
index fc2f500fa9cdfc6377f85e5044e7a88dcb752bfc..d46c7cf6b81afea63ce64c98533a6d232661e61a 100644
--- a/ueventd/ueventd_device_handler.c
+++ b/ueventd/ueventd_device_handler.c
@@ -37,6 +37,17 @@
#include
#endif
+static bool IsBootDeviceLinkDir(const char *linkDir, const char *bootDevice)
+{
+ size_t pathLen = strlen("/dev/block/platform/");
+ INIT_CHECK_RETURN_VALUE(strncmp(linkDir, "/dev/block/platform/", pathLen) == 0, false);
+ const char *vernier = linkDir + pathLen;
+ INIT_CHECK_RETURN_VALUE(strncmp(vernier, bootDevice, strlen(bootDevice)) == 0, false);
+ vernier += strlen(bootDevice);
+ INIT_CHECK_RETURN_VALUE(strncmp(vernier, "/by-name", strlen("/by-name")) == 0, false);
+ return true;
+}
+
static void CreateSymbolLinks(const char *deviceNode, char **symLinks)
{
if (INVALIDSTRING(deviceNode) || symLinks == NULL) {
@@ -54,6 +65,11 @@ static void CreateSymbolLinks(const char *deviceNode, char **symLinks)
const char *linkDir = dirname(linkBuf);
if (MakeDirRecursive(linkDir, DIRMODE) < 0) {
INIT_LOGE("[uevent] Failed to create dir \" %s \", err = %d", linkDir, errno);
+ return;
+ }
+ if (IsBootDeviceLinkDir(linkDir, bootDevice) && access("/dev/block/by-name", F_OK) != 0) {
+ INIT_CHECK_ONLY_ELOG(symlink(linkDir, "/dev/block/by-name") == 0,
+ "Failed to create by-name symlink, err %d", errno);
}
errno = 0;
int rc = symlink(deviceNode, linkName);
@@ -214,32 +230,6 @@ static char *FindPlatformDeviceName(char *path)
return NULL;
}
-static void BuildBootDeviceSymbolLink(char **links, int linkNum, const char *partitionName)
-{
- if (links == NULL) {
- INIT_LOGE("Function parameter error.");
- return;
- }
- if (linkNum > BLOCKDEVICE_LINKS - 1) {
- INIT_LOGW("Too many links, ignore.");
- return;
- }
- if (partitionName == NULL) {
- INIT_LOGW("Partition name is null, skip creating links");
- return;
- }
- links[linkNum] = calloc(sizeof(char), DEVICE_FILE_SIZE);
- if (links[linkNum] == NULL) {
- INIT_LOGE("Failed to allocate memory for link, err = %d", errno);
- return;
- }
-
- if (snprintf_s(links[linkNum], DEVICE_FILE_SIZE, DEVICE_FILE_SIZE - 1,
- "/dev/block/by-name/%s", partitionName) == -1) {
- INIT_LOGE("Failed to build link");
- }
-}
-
static void BuildDeviceSymbolLinks(char **links, int linkNum, const char *parent,
const char *partitionName, const char *deviceName)
{
@@ -325,10 +315,6 @@ static char **GetBlockDeviceSymbolLinks(const struct Uevent *uevent)
parent = FindPlatformDeviceName(parent);
if (parent != NULL) {
BuildDeviceSymbolLinks(links, linkNum, parent, uevent->partitionName, uevent->deviceName);
- }
- linkNum++;
- if ((parent != NULL) && STRINGEQUAL(parent, bootDevice)) {
- BuildBootDeviceSymbolLink(links, linkNum, uevent->partitionName);
linkNum++;
}
}
diff --git a/ueventd/ueventd_firmware_handler.c b/ueventd/ueventd_firmware_handler.c
index d24da5e2f31d4ea0ae99f3bb17db64cdce47dee6..69578eeeffa506dd9c3c9fe9262cda9dcd83109e 100644
--- a/ueventd/ueventd_firmware_handler.c
+++ b/ueventd/ueventd_firmware_handler.c
@@ -15,9 +15,6 @@
#include "ueventd_firmware_handler.h"
-#include
-#include
-
#include "ueventd.h"
#define INIT_LOG_TAG "ueventd"
#include "init_log.h"
diff --git a/ueventd/ueventd_main.c b/ueventd/ueventd_main.c
index c3e25a668e5473a33028da04c107ceab564f1844..d443f713fe437457745828c343b770ac02b9b411 100644
--- a/ueventd/ueventd_main.c
+++ b/ueventd/ueventd_main.c
@@ -20,9 +20,7 @@
#include "ueventd_socket.h"
#define INIT_LOG_TAG "ueventd"
#include "init_log.h"
-#include "init_param.h"
#include "init_socket.h"
-#include "securec.h"
static void PollUeventdSocketTimeout(int ueventSockFd)
{
diff --git a/ueventd/ueventd_read_cfg.c b/ueventd/ueventd_read_cfg.c
index 31d5e104b37d7c66c902af01dd0994c576529112..9755bd20dc2e2ceb7b4653a1353f4b9a95e6bb5f 100644
--- a/ueventd/ueventd_read_cfg.c
+++ b/ueventd/ueventd_read_cfg.c
@@ -16,7 +16,6 @@
#include "ueventd_read_cfg.h"
#include
-#include
#include
#include
#include
diff --git a/watchdog/BUILD.gn b/watchdog/BUILD.gn
index 4c25e147b8d12d4dadfaeaaa9c1b0c8e31ae7143..2c74ebf18010fa0ba4985a91c66850b1e21a74e2 100644
--- a/watchdog/BUILD.gn
+++ b/watchdog/BUILD.gn
@@ -14,11 +14,11 @@
if (defined(ohos_lite)) {
executable("watchdog_service") {
sources = [
- "//base/startup/init_lite/services/log/init_commlog.c",
- "//base/startup/init_lite/watchdog/init_watchdog.c",
+ "//base/startup/init/services/log/init_commlog.c",
+ "//base/startup/init/watchdog/init_watchdog.c",
]
deps = [
- "//base/startup/init_lite/services/log:init_log",
+ "//base/startup/init/services/log:init_log",
"//third_party/bounds_checking_function:libsec_static",
]
defines = [
@@ -34,8 +34,8 @@ if (defined(ohos_lite)) {
ohos_executable("watchdog_service") {
sources = [ "init_watchdog.c" ]
deps = [
- "//base/startup/init_lite/services/log:init_log",
- "//base/startup/init_lite/services/param/base:parameterbase",
+ "//base/startup/init/services/log:init_log",
+ "//base/startup/init/services/param/base:parameterbase",
"//third_party/bounds_checking_function:libsec_shared",
]
defines = [ "LINUX_WATCHDOG" ]
diff --git a/watchdog/init_watchdog.c b/watchdog/init_watchdog.c
index cc5038ba26f68ffd44b74039c4c9dca0eb667300..12c60340da9ef42d6fefc6986681466b99754213 100644
--- a/watchdog/init_watchdog.c
+++ b/watchdog/init_watchdog.c
@@ -15,13 +15,10 @@
#include
#include
-#include
#include
#include
#include
#include
-#include
-#include
#include
#ifdef LINUX_WATCHDOG