Gitiles
Code Review Sign In
gerrit.twrp.me / android_device_samsung_j5lte / 49d9fbdab8649af87bf4ffa72396ebc3b372addd / . / rootdir / etc / init.rc
blob: e4f342281be720e1c33b073f783ddb3f2e29db49 [file] [log] [blame]
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]1# Copyright (C) 2012 The Android Open Source Project
2#
3# IMPORTANT: Do not create world writable files or directories.
4# This is a common source of Android security bugs.
5#
6
7import /init.environ.rc
8import /init.usb.rc
9import /init.${ro.hardware}.rc
10import /init.${ro.zygote}.rc
11import /init.trace.rc
12import /init.carrier.rc
13# Include CM's extra init file
14import /init.cm.rc
15
16
17on early-init
18 # Set init and its forked children's oom_adj.
19 write /proc/1/oom_score_adj -1000
20
21 # Apply strict SELinux checking of PROT_EXEC on mmap/mprotect calls.
22 write /sys/fs/selinux/checkreqprot 0
23
24 # Set the security context for the init process.
25 # This should occur before anything else (e.g. ueventd) is started.
26 setcon u:r:init:s0
27
28 # Set the security context of /adb_keys if present.
29 restorecon /adb_keys
30
31 start ueventd
32
33 # create mountpoints
34 mkdir /mnt 0775 root system
35
36on init
37 sysclktz 0
38
39 loglevel 3
40
41 # SEC_SELINUX
42 # for audit message
43 chown system system /proc/avc_msg
44 chmod 0660 /proc/avc_msg
45
46 # Backward compatibility
47 symlink /system/etc /etc
48 symlink /sys/kernel/debug /d
49# permission for CHARGING
50 chown system radio /sys/class/power_supply/battery/batt_discharging_check
51 chown system radio /sys/class/power_supply/battery/batt_discharging_check_adc
52 chown system radio /sys/class/power_supply/battery/batt_discharging_ntc
53 chown system radio /sys/class/power_supply/battery/batt_discharging_ntc_adc
54 chown system radio /sys/class/power_supply/battery/batt_self_discharging_control
55
56 # Right now vendor lives on the same filesystem as system,
57 # but someday that may change.
58 symlink /system/vendor /vendor
59
60 # Create cgroup mount point for cpu accounting
61 mkdir /acct
62 mount cgroup none /acct cpuacct
63 mkdir /acct/uid
64
65 # Create cgroup mount point for memory
66 mount tmpfs none /sys/fs/cgroup mode=0750,uid=0,gid=1000
67 mkdir /sys/fs/cgroup/memory 0750 root system
68 mount cgroup none /sys/fs/cgroup/memory memory
69 write /sys/fs/cgroup/memory/memory.move_charge_at_immigrate 1
70 chown root system /sys/fs/cgroup/memory/tasks
71 chmod 0660 /sys/fs/cgroup/memory/tasks
72 mkdir /sys/fs/cgroup/memory/sw 0750 root system
73 write /sys/fs/cgroup/memory/sw/memory.swappiness 100
74 write /sys/fs/cgroup/memory/sw/memory.move_charge_at_immigrate 1
75 chown root system /sys/fs/cgroup/memory/sw/tasks
76 chmod 0660 /sys/fs/cgroup/memory/sw/tasks
Zvikomborero VIncent Zvikarambac12cb452016-07-22 12:49:41 -0400[diff] [blame]77 chmod 0220 /sys/fs/cgroup/memory/cgroup.event_control
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]78
79 mkdir /system
80 mkdir /data 0771 system system
81 mkdir /cache 0770 system cache
82 mkdir /config 0500 root root
83 mkdir /efs 0771 system radio
84
85 # See storage config details at http://source.android.com/tech/storage/
86 mkdir /mnt/shell 0700 shell shell
87 mkdir /mnt/media_rw 0700 media_rw media_rw
88 mkdir /storage 0751 root sdcard_r
89
90 # Directory for putting things only root should see.
91 mkdir /mnt/secure 0700 root root
92
93 # Directory for staging bindmounts
94 mkdir /mnt/secure/staging 0700 root root
95
96 # Directory-target for where the secure container
97 # imagefile directory will be bind-mounted
98 mkdir /mnt/secure/asec 0700 root root
99
100 # Secure container public mount points.
101 mkdir /mnt/asec 0700 root system
102 mount tmpfs tmpfs /mnt/asec mode=0755,gid=1000
103
104 # Filesystem image public mount points.
105 mkdir /mnt/obb 0700 root system
106 mount tmpfs tmpfs /mnt/obb mode=0755,gid=1000
107
108 # memory control cgroup
109 mkdir /dev/memcg 0700 root system
110 mount cgroup none /dev/memcg memory
111
112 write /proc/sys/kernel/panic_on_oops 1
113 write /proc/sys/kernel/hung_task_timeout_secs 0
114 write /proc/cpu/alignment 4
115 write /proc/sys/kernel/sched_latency_ns 10000000
116 write /proc/sys/kernel/sched_wakeup_granularity_ns 2000000
117 write /proc/sys/kernel/sched_compat_yield 1
118 write /proc/sys/kernel/sched_child_runs_first 0
119 write /proc/sys/kernel/randomize_va_space 2
120 write /proc/sys/kernel/kptr_restrict 2
121 write /proc/sys/vm/mmap_min_addr 32768
122 write /proc/sys/net/ipv4/ping_group_range "0 2147483647"
123 write /proc/sys/net/unix/max_dgram_qlen 300
124 write /proc/sys/kernel/sched_rt_runtime_us 950000
125 write /proc/sys/kernel/sched_rt_period_us 1000000
126
127 # reflect fwmark from incoming packets onto generated replies
128 write /proc/sys/net/ipv4/fwmark_reflect 1
129 write /proc/sys/net/ipv6/fwmark_reflect 1
130
131 # set fwmark on accepted sockets
132 write /proc/sys/net/ipv4/tcp_fwmark_accept 1
133
134 # Create cgroup mount points for process groups
135 mkdir /dev/cpuctl
136 mount cgroup none /dev/cpuctl cpu
137 chown system system /dev/cpuctl
138 chown system system /dev/cpuctl/tasks
139 chmod 0660 /dev/cpuctl/tasks
140 write /dev/cpuctl/cpu.shares 1024
141 write /dev/cpuctl/cpu.rt_runtime_us 950000
Zvikomborero VIncent Zvikarambac12cb452016-07-22 12:49:41 -0400[diff] [blame]142 write /dev/cpuctl/cpu.rt_period_us 1000000
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]143
144 mkdir /dev/cpuctl/apps
145 chown system system /dev/cpuctl/apps/tasks
146 chmod 0666 /dev/cpuctl/apps/tasks
147 write /dev/cpuctl/apps/cpu.shares 1024
148 write /dev/cpuctl/apps/cpu.rt_runtime_us 800000
149 write /dev/cpuctl/apps/cpu.rt_period_us 1000000
150
151 mkdir /dev/cpuctl/apps/bg_non_interactive
152 chown system system /dev/cpuctl/apps/bg_non_interactive/tasks
153 chmod 0666 /dev/cpuctl/apps/bg_non_interactive/tasks
154 # 5.0 %
155 write /dev/cpuctl/apps/bg_non_interactive/cpu.shares 52
156 write /dev/cpuctl/apps/bg_non_interactive/cpu.rt_runtime_us 700000
157 write /dev/cpuctl/apps/bg_non_interactive/cpu.rt_period_us 1000000
Zvikomborero VIncent Zvikarambac12cb452016-07-22 12:49:41 -0400[diff] [blame]158
159 # Create cgroup mount points for process groups
160 mkdir /dev/cpuctl
161 mount cgroup none /dev/cpuctl cpu
162 chown system system /dev/cpuctl
163 chown system system /dev/cpuctl/tasks
164 chmod 0666 /dev/cpuctl/tasks
165 write /dev/cpuctl/cpu.shares 1024
166 write /dev/cpuctl/cpu.rt_runtime_us 800000
167 write /dev/cpuctl/cpu.rt_period_us 1000000
168
169 mkdir /dev/cpuctl/bg_non_interactive
170 chown system system /dev/cpuctl/bg_non_interactive/tasks
171 chmod 0666 /dev/cpuctl/bg_non_interactive/tasks
172 # 5.0 %
173 write /dev/cpuctl/bg_non_interactive/cpu.shares 52
174 write /dev/cpuctl/bg_non_interactive/cpu.rt_runtime_us 700000
175 write /dev/cpuctl/bg_non_interactive/cpu.rt_period_us 1000000
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]176
177 # qtaguid will limit access to specific data based on group memberships.
178 # net_bw_acct grants impersonation of socket owners.
179 # net_bw_stats grants access to other apps' detailed tagged-socket stats.
180 chown root net_bw_acct /proc/net/xt_qtaguid/ctrl
181 chown root net_bw_stats /proc/net/xt_qtaguid/stats
182
183 # Allow everybody to read the xt_qtaguid resource tracking misc dev.
184 # This is needed by any process that uses socket tagging.
185 chmod 0644 /dev/xt_qtaguid
186
187 # Create location for fs_mgr to store abbreviated output from filesystem
188 # checker programs.
189 mkdir /dev/fscklogs 0770 root system
190
191 # pstore/ramoops previous console log
192 mount pstore pstore /sys/fs/pstore
193 chown system log /sys/fs/pstore/console-ramoops
194 chmod 0440 /sys/fs/pstore/console-ramoops
195
196# Healthd can trigger a full boot from charger mode by signaling this
197# property when the power button is held.
198on property:sys.boot_from_charger_mode=1
199 class_stop charger
200 trigger late-init
201
202# Load properties from /system/ + /factory after fs mount.
203on load_all_props_action
204 load_all_props
205
206# Indicate to fw loaders that the relevant mounts are up.
207on firmware_mounts_complete
208 rm /dev/.booting
209
210# Mount filesystems and start core system services.
211on late-init
212 trigger early-fs
213 trigger fs
214 trigger post-fs
215 trigger post-fs-data
216
217 # Load properties from /system/ + /factory after fs mount. Place
218 # this in another action so that the load will be scheduled after the prior
219 # issued fs triggers have completed.
220 trigger load_all_props_action
221
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]222 # Remove a file to wake up anything waiting for firmware.
223 trigger firmware_mounts_complete
224
225 trigger early-boot
226 trigger boot
227
228
229on post-fs
230 # once everything is setup, no need to modify /
231 mount rootfs rootfs / ro remount
232 # mount shared so changes propagate into child namespaces
233 mount rootfs rootfs / shared rec
234
235 # We chown/chmod /cache again so because mount is run as root + defaults
236 chown system cache /cache
237 chmod 0770 /cache
238 # We restorecon /cache in case the cache partition has been reset.
239 restorecon_recursive /cache
240
241 # This may have been created by the recovery system with odd permissions
242 chown system cache /cache/recovery
243 chmod 0770 /cache/recovery
244
245 #change permissions on vmallocinfo so we can grab it from bugreports
246 chown root log /proc/vmallocinfo
247 chmod 0440 /proc/vmallocinfo
248
249 chown root log /proc/slabinfo
250 chmod 0440 /proc/slabinfo
251
252 #change permissions on kmsg & sysrq-trigger so bugreports can grab kthread stacks
253 chown root system /proc/kmsg
254 chmod 0440 /proc/kmsg
255 chown root system /proc/sysrq-trigger
256 chmod 0220 /proc/sysrq-trigger
257 chown system log /proc/last_kmsg
258 chmod 0440 /proc/last_kmsg
259
260 # make the selinux kernel policy world-readable
261 chmod 0444 /sys/fs/selinux/policy
262
263 # create the lost+found directories, so as to enforce our permissions
264 mkdir /cache/lost+found 0770 root root
265
266on post-fs-data
267 # sec_efs_file
268 mkdir /efs/sec_efs 0775 radio system
269
270 # We chown/chmod /data again so because mount is run as root + defaults
271 chown system system /data
272 chmod 0771 /data
273 # We restorecon /data in case the userdata partition has been reset.
274 restorecon /data
275 restorecon_recursive /data/media
276
277 # Avoid predictable entropy pool. Carry over entropy from previous boot.
278 copy /data/system/entropy.dat /dev/urandom
279
280 # Create dump dir and collect dumps.
281 # Do this before we mount cache so eventually we can use cache for
282 # storing dumps on platforms which do not have a dedicated dump partition.
283 mkdir /data/dontpanic 0750 root log
284
285 # Collect apanic data, free resources and re-arm trigger
286 copy /proc/apanic_console /data/dontpanic/apanic_console
287 chown root log /data/dontpanic/apanic_console
288 chmod 0640 /data/dontpanic/apanic_console
289
290 copy /proc/apanic_threads /data/dontpanic/apanic_threads
291 chown root log /data/dontpanic/apanic_threads
292 chmod 0640 /data/dontpanic/apanic_threads
293
294 write /proc/apanic_console 1
295
296 # create basic filesystem structure
297 mkdir /data/misc 01771 system misc
298 mkdir /data/misc/adb 02750 system shell
299 # SEC_SELINUX
300 mkdir /data/misc/audit 02775 audit system
301 mkdir /data/misc/bluedroid 0770 bluetooth net_bt_stack
302 mkdir /data/misc/bluetooth 0770 system system
303 mkdir /data/misc/keystore 0700 keystore keystore
304 mkdir /data/misc/keychain 0771 system system
305 mkdir /data/misc/net 0750 root shell
306 mkdir /data/misc/radio 0771 system radio
307 mkdir /data/misc/sms 0770 system radio
308 mkdir /data/misc/zoneinfo 0775 system system
309 mkdir /data/misc/vpn 0770 system vpn
310 mkdir /data/misc/shared_relro 0771 shared_relro shared_relro
311 mkdir /data/misc/systemkeys 0700 system system
312 mkdir /data/misc/wifi 0770 wifi system
313 mkdir /data/misc/wifi/sockets 0770 wifi wifi
314 mkdir /data/misc/wifi/wpa_supplicant 0770 wifi wifi
315 mkdir /data/misc/wifi_share_profile 0771 wifi system
316 mkdir /data/misc/wifi_hostapd 0771 wifi system
317 mkdir /data/misc/ethernet 0770 system system
318 mkdir /data/misc/dhcp 0770 dhcp dhcp
319 mkdir /data/misc/user 0771 root root
320 # give system access to wpa_supplicant.conf for backup and restore
321 chmod 0660 /data/misc/wifi/wpa_supplicant.conf
322 chown system wifi /data/misc/wifi/wpa_supplicant.conf
323 mkdir /data/local 0751 root root
324 mkdir /data/misc/media 0700 media media
325
326 # icd
327 check_icd
328 chown system system /dev/icd
329 chmod 0644 /dev/icd
330 chown system system /dev/icdr
331 chmod 0644 /dev/icdr
332 chown system system /dev/tzic
333
334 mkdir /data/misc/radio/hatp 0755 radio system
335 # vpnclient
336 mkdir /data/misc/vpnclientd 0770 system system
337
338 # h2k permission
339 mkdir /efs/cpk 0771 radio system
340 chmod 0644 /efs/redata.bin
341 chmod 0644 /efs/cpk/redata.bin
342 chown radio radio /efs/h2k.dat
343 chown radio radio /efs/cpk/h2k.dat
344 chmod 0644 /efs/h2k.dat
345 chmod 0644 /efs/cpk/h2k.dat
346 chown system system /efs/drm/h2k
347
348 # For security reasons, /data/local/tmp should always be empty.
349 # Do not place files or directories in /data/local/tmp
350 mkdir /data/local/tmp 0771 shell shell
351 mkdir /data/data 0771 system system
352 mkdir /data/app-private 0771 system system
353 mkdir /data/app-asec 0700 root root
354 mkdir /data/app-lib 0771 system system
355 mkdir /data/app 0771 system system
356 mkdir /data/property 0700 root root
357
358 # SA, System SW, SAMSUNG
359 # create log directory
360 mkdir /data/log 0775 system log
361 chown system log /data/log
362 mkdir /data/anr 0775 system system
363 chown system system /data/anr
364 chmod 0775 /data/log
365 chmod 0775 /data/anr
366 restorecon /data/log
367 restorecon /data/anr
368
369 # create dalvik-cache, so as to enforce our permissions
370 mkdir /data/dalvik-cache 0771 root root
371 mkdir /data/dalvik-cache/profiles 0711 system system
372
373 # create resource-cache and double-check the perms
374 mkdir /data/resource-cache 0771 system system
375 chown system system /data/resource-cache
376 chmod 0771 /data/resource-cache
377
378 # create the lost+found directories, so as to enforce our permissions
379 mkdir /data/lost+found 0770 root root
380
381 # create directory for DRM plug-ins - give drm the read/write access to
382 # the following directory.
383 mkdir /data/drm 0770 drm drm
384
385 # create directory for MediaDrm plug-ins - give drm the read/write access to
386 # the following directory.
387 mkdir /data/mediadrm 0770 mediadrm mediadrm
388
389# DRK permission
390 mkdir /efs/prov 0770 radio system
391 mkdir /efs/prov_data 0770 radio system
392 chown radio system /efs/prov_data/dev_root
393 chmod 0770 /efs/prov_data/dev_root
394 chown radio system /efs/prov_data/dev_root/dev_root.dat
395 chmod 0640 /efs/prov_data/dev_root/dev_root.dat
396 chown radio system /efs/prov/libdevkm.lock
397 chmod 0660 /efs/prov/libdevkm.lock
398 rm /efs/prov/prov.b00
399 rm /efs/prov/prov.b01
400 rm /efs/prov/prov.b02
401 rm /efs/prov/prov.b03
402 rm /efs/prov/prov.mdt
403# CS socket
404 mkdir /dev/socket/cs_socket 0770 system system
405
406# [ SEC_MM_DRM
407 # Added drm folder to copy drm plugins
408 mkdir /system/lib/drm 0775
409 chown root root /system/lib/drm
410 chmod 0775 /system/lib/drm
411
412 restorecon -R /efs
413 restorecon -R /carrier
414 restorecon_recursive /data/misc/keystore
415 restorecon_recursive /data/property
416 restorecon_recursive /data/security
417# ]
418
419 # symlink to bugreport storage location
420 symlink /data/data/com.android.shell/files/bugreports /data/bugreports
421
422 # Separate location for storing security policy files on data
423 mkdir /data/security 0711 system system
424
425 # Reload policy from /data/security if present.
426 setprop selinux.reload_policy 1
427
428 # SA, System SW, SAMSUNG create log directory
429 mkdir /data/log 0775 system log
430 chown system log /data/log
431 mkdir /data/anr 0775 system system
432 chown system system /data/anr
433 chmod 0775 /data/log
434 chmod 0775 /data/anr
435 restorecon /data/log
436 restorecon /data/anr
437
438 # Set SELinux security contexts on upgrade or policy update.
439 restorecon_recursive /data
440 restorecon /data/data
441 restorecon /data/user
442 restorecon /data/user/0
443
444 # If there is no fs-post-data action in the init.<device>.rc file, you
445 # must uncomment this line, otherwise encrypted filesystems
446 # won't work.
447 # Set indication (checked by vold) that we have finished this action
448 #setprop vold.post_fs_data_done 1
449
450on boot
451 # basic network init
452 ifup lo
453 hostname localhost
454 domainname localdomain
455
456 # set RLIMIT_NICE to allow priorities from 19 to -20
457 setrlimit 13 40 40
458
459 # Memory management. Basic kernel parameters, and allow the high
460 # level system server to be able to adjust the kernel OOM driver
461 # parameters to match how it is managing things.
462 write /proc/sys/vm/overcommit_memory 1
463 write /proc/sys/vm/min_free_order_shift 4
464 chown root system /sys/module/lowmemorykiller/parameters/adj
465 chmod 0220 /sys/module/lowmemorykiller/parameters/adj
466 chown root system /sys/module/lowmemorykiller/parameters/minfree
467 chmod 0220 /sys/module/lowmemorykiller/parameters/minfree
468
469 # Tweak background writeout
470 write /proc/sys/vm/dirty_expire_centisecs 200
471 write /proc/sys/vm/dirty_background_ratio 5
472
473# SEC DVFS sysfs node
474 chown radio system /sys/power/cpufreq_max_limit
475 chown radio system /sys/power/cpufreq_min_limit
476 chown radio system /sys/power/cpufreq_table
477 chmod 664 /sys/power/cpufreq_max_limit
478 chmod 664 /sys/power/cpufreq_min_limit
479 chmod 664 /sys/power/cpufreq_table
480
481 chown radio system /sys/devices/system/cpu/kernel_max
482 chmod 664 /sys/devices/system/cpu/kernel_max
483
484 chown radio system /sys/class/kgsl/kgsl-3d0/max_pwrlevel
485 chmod 664 /sys/class/kgsl/kgsl-3d0/max_pwrlevel
486 chown radio system /sys/class/kgsl/kgsl-3d0/min_pwrlevel
487 chmod 664 /sys/class/kgsl/kgsl-3d0/min_pwrlevel
488 chown radio system /sys/class/kgsl/kgsl-3d0/gpu_available_frequencies
489 chmod 664 /sys/class/kgsl/kgsl-3d0/gpu_available_frequencies
490
491# Permissions for SSRM
492 chmod 0664 /sys/devices/platform/sec-thermistor/temperature
493 chmod 0664 /sys/class/power_supply/battery/siop_level
494 chmod 0664 /sys/class/power_supply/battery/test_charge_current
495 chown radio system /sys/devices/platform/sec-thermistor/temperature
496 chown radio system /sys/class/power_supply/battery/siop_level
497 chown radio system /sys/class/power_supply/battery/test_charge_current
498
499 chown system system /sys/devices/system/cpu/cpufreq/interactive/timer_rate
500 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/timer_rate
501 chown system system /sys/devices/system/cpu/cpufreq/interactive/timer_slack
502 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/timer_slack
503 chown system system /sys/devices/system/cpu/cpufreq/interactive/min_sample_time
504 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/min_sample_time
505 chown system system /sys/devices/system/cpu/cpufreq/interactive/hispeed_freq
506 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/hispeed_freq
507 chown system system /sys/devices/system/cpu/cpufreq/interactive/target_loads
508 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/target_loads
509 chown system system /sys/devices/system/cpu/cpufreq/interactive/go_hispeed_load
510 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/go_hispeed_load
511 chown system system /sys/devices/system/cpu/cpufreq/interactive/above_hispeed_delay
512 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/above_hispeed_delay
513 chown system system /sys/devices/system/cpu/cpufreq/interactive/boost
514 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/boost
515 chown system system /sys/devices/system/cpu/cpufreq/interactive/boostpulse
516 chown system system /sys/devices/system/cpu/cpufreq/interactive/input_boost
517 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/input_boost
518 chown system system /sys/devices/system/cpu/cpufreq/interactive/boostpulse_duration
519 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/boostpulse_duration
520 chown system system /sys/devices/system/cpu/cpufreq/interactive/io_is_busy
521 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/io_is_busy
522
523 # Assume SMP uses shared cpufreq policy for all CPUs
524 chown system system /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq
525 chmod 0660 /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq
526
527 chown system system /sys/class/timed_output/vibrator/enable
528 chown system system /sys/class/leds/keyboard-backlight/brightness
529 chown system system /sys/class/leds/lcd-backlight/brightness
530 chown system system /sys/class/leds/button-backlight/brightness
531 chown system system /sys/class/leds/jogball-backlight/brightness
532 chown system system /sys/class/leds/red/brightness
533 chown system system /sys/class/leds/green/brightness
534 chown system system /sys/class/leds/blue/brightness
535 chown system system /sys/class/leds/red/device/grpfreq
536 chown system system /sys/class/leds/red/device/grppwm
537 chown system system /sys/class/leds/red/device/blink
538 chown system system /sys/class/timed_output/vibrator/enable
539 chown system system /sys/module/sco/parameters/disable_esco
540 chown system system /sys/kernel/ipv4/tcp_wmem_min
541 chown system system /sys/kernel/ipv4/tcp_wmem_def
542 chown system system /sys/kernel/ipv4/tcp_wmem_max
543 chown system system /sys/kernel/ipv4/tcp_rmem_min
544 chown system system /sys/kernel/ipv4/tcp_rmem_def
545 chown system system /sys/kernel/ipv4/tcp_rmem_max
546 chown root radio /proc/cmdline
547
548# Auto Brightness
549 chown system system /sys/class/backlight/panel/auto_brightness
550 chmod 0660 /sys/class/backlight/panel/auto_brightness
551
552# LCD mdnie and panel work
553 chown system system /sys/class/mdnie/mdnie/lcdtype
554 chown system system /sys/class/mdnie/mdnie/lcd_power
555 chown system media_rw /sys/class/mdnie/mdnie/scenario
556 chmod 0660 /sys/class/mdnie/mdnie/scenario
557
558 chown system system /sys/class/mdnie/mdnie/tuning
559 chown system media_rw /sys/class/mdnie/mdnie/outdoor
560 chown system system /sys/class/mdnie/mdnie/mdnie_temp
561 chown system media_rw /sys/class/mdnie/mdnie/mode
562 chown system system /sys/class/mdnie/mdnie/negative
563 chown system media_rw /sys/class/mdnie/mdnie/playspeed
564 chown system media_rw /sys/class/mdnie/mdnie/accessibility
565 chown system system /sys/class/mdnie/mdnie/cabc
566 chown system system /sys/class/mdnie/mdnie/bypass
567 chown system media_rw /sys/class/mdnie/mdnie/sensorRGB
568 chmod 0660 /sys/class/mdnie/mdnie/sensorRGB
569
570 chown system system /sys/class/lcd/panel/panel/auto_brightness
571 chown system system /sys/class/lcd/panel/window_type
572 chown radio system /sys/class/lcd/panel/power_reduce
573 chown radio system /sys/class/lcd/panel/siop_enable
574 chown radio system /sys/class/lcd/panel/temperature
575 chown radio system /sys/class/lcd/panel/tuning
576 chown radio system /sys/class/lcd/panel/lux
577
578# Adjust YUV to RGB Conversion(CSC_Conversion)
579 chown system media_rw /sys/class/graphics/fb0/csc_cfg
580 chmod 0660 /sys/class/graphics/fb0/csc_cfg
581
582# permission for Input Device(TSP).
583 chown system radio /sys/class/sec/tsp/cmd
584 chmod 0660 /sys/class/sec/tsp/input/enabled
585 chown system system /sys/class/sec/tsp/input/enabled
586
587# permission for Input Device(TKEY).
588 chmod 0660 /sys/class/sec/sec_touchkey/input/enabled
589 chown system system /sys/class/sec/sec_touchkey/input/enabled
590
591# permission for TKEY LED EN
592 chmod 0660 /sys/class/sec/sec_touchkey/brightness
593 chown system system /sys/class/sec/sec_touchkey/brightness
594
595# Permissions for gpio_keys
596 chown system radio /sys/class/sec/sec_key/wakeup_keys
597 write /sys/class/sec/sec_key/wakeup_keys 116,172
598
599 # Permissions for System Server and daemons.
600 chown radio system /sys/android_power/state
601 chown radio system /sys/android_power/request_state
602 chown radio system /sys/android_power/acquire_full_wake_lock
603 chown radio system /sys/android_power/acquire_partial_wake_lock
604 chown radio system /sys/android_power/release_wake_lock
605 chown system system /sys/power/autosleep
606 chown system system /sys/power/state
607 chown system system /sys/power/wakeup_count
608 chown radio system /sys/power/wake_lock
609 chown radio system /sys/power/wake_unlock
610 chmod 0660 /sys/power/state
611 chmod 0660 /sys/power/wake_lock
612 chmod 0660 /sys/power/wake_unlock
613 chown system system /sys/module/msm_thermal/core_control/enabled
614
615 chown system system /sys/devices/system/cpu/cpufreq/interactive/timer_rate
616 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/timer_rate
617 chown system system /sys/devices/system/cpu/cpufreq/interactive/timer_slack
618 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/timer_slack
619 chown system system /sys/devices/system/cpu/cpufreq/interactive/min_sample_time
620 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/min_sample_time
621 chown system system /sys/devices/system/cpu/cpufreq/interactive/hispeed_freq
622 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/hispeed_freq
623 chown system system /sys/devices/system/cpu/cpufreq/interactive/target_loads
624 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/target_loads
625 chown system system /sys/devices/system/cpu/cpufreq/interactive/go_hispeed_load
626 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/go_hispeed_load
627 chown system system /sys/devices/system/cpu/cpufreq/interactive/above_hispeed_delay
628 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/above_hispeed_delay
629 chown system system /sys/devices/system/cpu/cpufreq/interactive/boost
630 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/boost
631 chown system system /sys/devices/system/cpu/cpufreq/interactive/boostpulse
632 chown system system /sys/devices/system/cpu/cpufreq/interactive/input_boost
633 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/input_boost
634 chown system system /sys/devices/system/cpu/cpufreq/interactive/boostpulse_duration
635 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/boostpulse_duration
636 chown system system /sys/devices/system/cpu/cpufreq/interactive/io_is_busy
637 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/io_is_busy
638
639 # Assume SMP uses shared cpufreq policy for all CPUs
640 chown system system /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq
641 chmod 0660 /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq
642
643 chown system system /sys/class/timed_output/vibrator/enable
644 chown system system /sys/class/leds/keyboard-backlight/brightness
645 chown system system /sys/class/leds/lcd-backlight/brightness
646 chown system system /sys/class/leds/torch-light/brightness
647 chown system system /sys/class/leds/button-backlight/brightness
648 chown system system /sys/class/leds/jogball-backlight/brightness
649 chown system system /sys/class/leds/red/brightness
650 chown system system /sys/class/leds/green/brightness
651 chown system system /sys/class/leds/blue/brightness
652 chown system system /sys/class/leds/red/device/grpfreq
653 chown system system /sys/class/leds/red/device/grppwm
654 chown system system /sys/class/leds/red/device/blink
655 chown system system /sys/class/timed_output/vibrator/enable
656 chown system system /sys/module/sco/parameters/disable_esco
657 chown system system /sys/kernel/ipv4/tcp_wmem_min
658 chown system system /sys/kernel/ipv4/tcp_wmem_def
659 chown system system /sys/kernel/ipv4/tcp_wmem_max
660 chown system system /sys/kernel/ipv4/tcp_rmem_min
661 chown system system /sys/kernel/ipv4/tcp_rmem_def
662 chown system system /sys/kernel/ipv4/tcp_rmem_max
663 chown root radio /proc/cmdline
664# NFC_SLSI
665 chmod 0660 /dev/sec-nfc
666 chown nfc nfc /dev/sec-nfc
667 mkdir /data/nfc 0700 nfc nfc
668 mkdir /data/nfc/param 0700 nfc nfc
669
670# Permissions for Camera
671 chown root system /sys/class/camera/rear/rear_camantibanding
672 chown system system /sys/class/camera/rear/rear_camfw
673 chown system system /sys/class/camera/rear/rear_checkfw_user
674 chown system system /sys/class/camera/rear/rear_checkfw_factory
675 chown system system /sys/class/camera/rear/rear_camfw_full
676 chown system system /sys/class/camera/rear/rear_camfw_load
677 chown system system /sys/class/camera/rear/rear_camtype
678 chown system radio /sys/class/camera/rear/rear_corever
679 chown system radio /sys/class/camera/rear/rear_companionfw_full
680 chown system radio /sys/class/camera/rear/rear_calcheck
681 chown system radio /sys/class/camera/rear/rear_fwcheck
682 chown system system /sys/class/camera/rear/isp_core
683 chown system radio /sys/class/camera/flash/rear_flash
684 chown system radio /sys/class/camera/flash/front_flash
685 chown system system /sys/class/camera/front/front_camfw
686 chown system system /sys/class/camera/front/front_camtype
687 chown system system /sys/class/camera/front/front_camfw_full
688 chown system system /sys/class/camera/front/front_camfw_load
689
690#OTG Test
691 chown system radio /sys/class/host_notify/usb_otg/booster
692 chmod 0660 /sys/class/host_notify/usb_otg/booster
693 chown system radio /sys/class/usb_notify/usb_control/disable
694 chmod 0660 /sys/class/usb_notify/usb_control/disable
695# Accelerometer_sensor
696 chown system radio /sys/class/sensors/accelerometer_sensor/raw_data
697 chown system radio /sys/class/sensors/accelerometer_sensor/calibration
698 chown system radio /sys/class/sensors/accelerometer_sensor/reactive_alert
699 chown system radio /sys/class/sensors/accelerometer_sensor/vendor
700 chown system radio /sys/class/sensors/accelerometer_sensor/name
701 chown system radio /sys/class/sensors/accelerometer_sensor/selftest
702 chown system radio /sys/class/sensors/accelerometer_sensor/lowpassfilter
703# Proximity_sensor
704 chown system radio /sys/class/sensors/proximity_sensor/state
705 chown system radio /sys/class/sensors/proximity_sensor/raw_data
706 chown system radio /sys/class/sensors/proximity_sensor/prox_avg
707 chown system radio /sys/class/sensors/proximity_sensor/prox_cal
708 chown system radio /sys/class/sensors/proximity_sensor/vendor
709 chown system radio /sys/class/sensors/proximity_sensor/name
710 chown system radio /sys/class/sensors/proximity_sensor/thresh_high
711 chown system radio /sys/class/sensors/proximity_sensor/thresh_low
712 chown system radio /sys/class/sensors/proximity_sensor/prox_offset_pass
713 chown system radio /sys/class/sensors/proximity_sensor/prox_trim
714# Light_sensor
715 chown system radio /sys/class/sensors/light_sensor/lux
716 chown system radio /sys/class/sensors/light_sensor/raw_data
717 chown system radio /sys/class/sensors/light_sensor/vendor
718 chown system radio /sys/class/sensors/light_sensor/name
719# Gyro_sensor
720 chown system radio /sys/class/sensors/gyro_sensor/power_on
721 chown system radio /sys/class/sensors/gyro_sensor/power_off
722 chown system radio /sys/class/sensors/gyro_sensor/temperature
723 chown system radio /sys/class/sensors/gyro_sensor/selftest
724 chown system radio /sys/class/sensors/gyro_sensor/vendor
725 chown system radio /sys/class/sensors/gyro_sensor/name
726# Magnetic_sensor
727 chown system radio /sys/class/sensors/magnetic_sensor/selftest
728 chown system radio /sys/class/sensors/magnetic_sensor/raw_data
729 chown system radio /sys/class/sensors/magnetic_sensor/adc
730 chown system radio /sys/class/sensors/magnetic_sensor/vendor
731 chown system radio /sys/class/sensors/magnetic_sensor/name
732 chown system radio /sys/class/sensors/magnetic_sensor/status
733# MetaEvent
734 chown system radio /sys/class/sensors/sensor_dev/flush
735
736# Permissions for Charging
737 mkdir /efs/Battery 0775 radio system
738 chown system radio /sys/class/power_supply/battery/batt_reset_soc
739 chown system radio /sys/class/power_supply/battery/update
740 chown system radio /sys/class/power_supply/battery/factory_mode
741 chown system radio /sys/class/power_supply/battery/batt_slate_mode
742 chown sdcard_rw sdcard_rw /sys/class/power_supply/battery/call
743 chown sdcard_rw sdcard_rw /sys/class/power_supply/battery/video
744 chown sdcard_rw sdcard_rw /sys/class/power_supply/battery/music
745 chown sdcard_rw sdcard_rw /sys/class/power_supply/battery/browser
746 chown sdcard_rw sdcard_rw /sys/class/power_supply/battery/hotspot
747 chown sdcard_rw sdcard_rw /sys/class/power_supply/battery/camera
748 chown system radio /sys/class/power_supply/battery/talk_wcdma
749 chown system radio /sys/class/power_supply/battery/talk_gsm
750 chown system radio /sys/class/power_supply/battery/call
751 chown system radio /sys/class/power_supply/battery/data_call
752 chown system radio /sys/class/power_supply/battery/gps
753 chown system radio /sys/class/power_supply/battery/wifi
754 chown system radio /sys/class/power_supply/battery/lte
755 chown system radio /sys/class/power_supply/battery/wc_enable
756 chown system radio /sys/class/power_supply/battery/lcd
757 chown system radio /sys/class/power_supply/ps/status
758 chmod 0664 /sys/class/power_supply/ps/status
759 chown system radio /sys/class/power_supply/battery/batt_temp_table
760
761 # Define default initial receive window size in segments.
762 setprop net.tcp.default_init_rwnd 60
763
764 write /sys/block/mmcblk0/queue/scheduler noop
765 copy /system/etc/battery_charging_temp.data /sys/class/power_supply/battery/batt_temp_table
766
767 class_start core
768
769# Permission for fast dormancy for RIL
770 chown system radio /sys/devices/virtual/sec/bamdmux/waketime
771
772# Permission for a RPMB checking thru IMEI
773 chown system radio /sys/kernel/debug/tzdbg/log
774
775# MTP permission
776 chmod 0660 /dev/usb_mtp_gadget
777 chown system mtp /dev/usb_mtp_gadget
778 mkdir /dev/socket/mtp 0770 system mtp
779
780on nonencrypted
781 class_start main
782 class_start late_start
783
784on property:vold.decrypt=trigger_default_encryption
785 start defaultcrypto
786
787on property:vold.decrypt=trigger_encryption
788 start surfaceflinger
789 start encrypt
790
791on property:sys.init_log_level=*
792 loglevel ${sys.init_log_level}
793
794on charger
795 mount ext4 /dev/block/bootdevice/by-name/system /system wait ro
796 copy /system/etc/battery_charging_temp.data /sys/class/power_supply/battery/batt_temp_table
797
798 wait /dev/block/bootdevice/by-name/efs
799 check_fs /dev/block/bootdevice/by-name/efs ext4
800 mount ext4 /dev/block/bootdevice/by-name/efs /efs nosuid nodev noatime noauto_da_alloc,discard,journal_async_commit,errors=panic
801 chown system radio /efs
802 chmod 0771 /efs
803 mkdir /efs/Battery 0775 radio system
804
805 class_start charger
806
807
808on property:vold.decrypt=trigger_reset_main
809 class_reset main
810
811on property:vold.decrypt=trigger_load_persist_props
812 load_persist_props
813
814on property:vold.decrypt=trigger_post_fs_data
815 trigger post-fs-data
816
817on property:vold.decrypt=trigger_restart_min_framework
818 class_start main
819
820on property:vold.decrypt=trigger_restart_framework
821 class_start main
822 class_start late_start
823 start keystore
824
825on property:vold.decrypt=trigger_shutdown_framework
826 class_reset late_start
827 class_reset main
828
829on property:sys.powerctl=*
830 powerctl ${sys.powerctl}
831
832# system server cannot write to /proc/sys files,
833# and chown/chmod does not work for /proc/sys/ entries.
834# So proxy writes through init.
835on property:sys.sysctl.extra_free_kbytes=*
836 write /proc/sys/vm/extra_free_kbytes ${sys.sysctl.extra_free_kbytes}
837
838# "tcp_default_init_rwnd" Is too long!
839on property:sys.sysctl.tcp_def_init_rwnd=*
840 write /proc/sys/net/ipv4/tcp_default_init_rwnd ${sys.sysctl.tcp_def_init_rwnd}
841
842
843## Daemon processes to be run by init.
844##
845
846service ueventd /sbin/ueventd
847 class core
848 critical
849 seclabel u:r:ueventd:s0
850
851service logd /system/bin/logd
852 class core
853 socket logd stream 0666 logd logd
854 socket logdr seqpacket 0666 logd logd
855 socket logdw dgram 0222 logd logd
856 seclabel u:r:logd:s0
857
858service healthd /sbin/healthd
859 class core
860 critical
861 seclabel u:r:healthd:s0
862
863service lpm /system/bin/lpm
864 class charger
865 critical
866#start SEC_PRODUCT_FEATURE_COMMON_SUPPORT_SE_FOR_ANDROID
867# Reload SE Android Policy for MDM
868on property:persist.security.mdm.policy=1
869 setprop selinux.reload_policy 1
870#end SEC_PRODUCT_FEATURE_COMMON_SUPPORT_SE_FOR_ANDROID
871
872service console /system/bin/sh
873 class core
874 console
875 disabled
876 user shell
877 group shell log
878 seclabel u:r:shell:s0
879
880## WTL_EDM_START
881## EDM AuditLog
882service edmaudit /system/bin/edmaudit
883 class main
884 user root
885
886## WTL_EDM_END
887service auditd /system/bin/auditd -k
888 seclabel u:r:logd:s0
889 class main
890# SEC_LINUX DRS Service
891service drsd /system/bin/drsd
892 class main
893 socket drsd stream 600 system system
894
895
896service prepare_param /system/bin/prepare_param.sh /dev/block/platform/7824900.sdhci/by-name/param
897 class core
898 user root
899 group root
900 seclabel u:r:prepare_param:s0
901 oneshot
902
903# icd
904service icd /system/bin/icd
905 class main
906 user system
907 group system log
908 onrestart check_icd
909 oneshot
910
911on property:ro.debuggable=1
912 start console
913
914# SEC_SELINUX
915on property:selinux.reload_policy=1
916 chown system system /sys/fs/selinux/enforce
917 chown -R system system /sys/fs/selinux/booleans
918 chown system system /sys/fs/selinux/commit_pending_bools
919
920# SEC_SELINUX to support spota
921on property:selinux.sec.restorecon=1
922 restorecon_recursive /data/security/spota
923
924# SEC_SELINUX
925on property:init.svc.bootanim=stopped
926 start auditd
927
928# adbd is controlled via property triggers in init.<platform>.usb.rc
929service adbd /sbin/adbd --root_seclabel=u:r:su:s0
930 class core
931 socket adbd stream 660 system system
932 disabled
933 seclabel u:r:adbd:s0
934
935# adbd on at boot in emulator
936on property:ro.kernel.qemu=1
937 start adbd
938
939service lmkd /system/bin/lmkd
940 class core
941 critical
942 socket lmkd seqpacket 0660 system system
943
944service scs /system/bin/scs
945 class main
946 user system
947 group system
948 oneshot
949
950service servicemanager /system/bin/servicemanager
951 class core
952 user system
953 group system
954 critical
955 onrestart restart healthd
956 onrestart restart zygote
957 onrestart restart media
958 onrestart restart surfaceflinger
959 onrestart restart drm
960 onrestart restart sensorhubservice
961 onrestart restart keystore
962
963service vold /system/bin/vold
964 class core
965 socket vold stream 0660 root mount
966## Samsung ODE >>>
967 socket dir_enc_report stream 0660 root mount
968## Samsung ODE <<<
969 ioprio be 2
970
971## Frigatebird
972 socket frigate stream 0660 system system
973
974service epmd /system/bin/epmd
975 class main
976 socket epm stream 0660 system system
977 socket ppm stream 0660 system system
978 ioprio be 2
979
980service netd /system/bin/netd
981 class main
982 socket netd stream 0660 root system
983 socket dnsproxyd stream 0660 root inet
984 socket mdns stream 0660 root system
985 socket fwmarkd stream 0660 root inet
986
987service debuggerd /system/bin/debuggerd
988 class main
989
990service ril-daemon /system/bin/rild
991 class main
992 socket rild stream 660 root radio
993 socket rild-debug stream 660 radio system
994 user root
995 group radio cache inet misc audio sdcard_rw qcom_diag log
996
997service surfaceflinger /system/bin/surfaceflinger
998 class core
999 user system
1000 group graphics drmrpc
1001 onrestart restart zygote
1002
1003service DR-daemon /system/bin/ddexe
1004 class main
1005 user root
1006 group system radio inet net_raw
1007
1008service SMD-daemon /system/bin/smdexe
1009 class main
1010 user root
1011 group system radio inet net_raw
1012
1013service BCS-daemon /system/bin/connfwexe
1014 class main
1015 user root
1016 group system radio inet net_raw
1017
1018service drm /system/bin/drmserver
1019 class main
1020 user drm
1021# [ SEC_MM_DRM
1022# fix
1023 group drm system inet drmrpc radio
1024# org
1025# group drm system inet drmrpc
1026# ]
1027
1028service media /system/bin/mediaserver
1029 class main
1030 user media
1031 group system audio camera inet net_bt net_bt_admin net_raw net_bw_acct drmrpc mediadrm qcom_diag radio media_rw
1032 ioprio rt 4
1033
1034# One shot invocation to deal with encrypted volume.
1035service defaultcrypto /system/bin/vdc --wait cryptfs mountdefaultencrypted
1036 disabled
1037 oneshot
1038 # vold will set vold.decrypt to trigger_restart_framework (default
1039 # encryption) or trigger_restart_min_framework (other encryption)
1040
1041# One shot invocation to encrypt unencrypted volumes
1042service encrypt /system/bin/vdc --wait cryptfs enablecrypto inplace default
1043 disabled
1044 oneshot
1045 # vold will set vold.decrypt to trigger_restart_framework (default
1046 # encryption)
1047
1048service bootanim /system/bin/bootanimation
1049 class core
1050 user graphics
1051 group graphics audio
1052 disabled
1053 oneshot
1054
1055service installd /system/bin/installd
1056 class main
1057 socket installd stream 600 system system
1058
1059service flash_recovery /system/bin/install-recovery.sh
1060 class main
1061 seclabel u:r:install_recovery:s0
1062 oneshot
1063 disabled
1064
1065# update recovery if enabled
1066on property:persist.sys.recovery_update=true
1067 start flash_recovery
1068
1069service racoon /system/bin/racoon
1070 class main
1071 socket racoon stream 600 system system
1072 # IKE uses UDP port 500. Racoon will setuid to vpn after binding the port.
1073 group vpn net_admin inet
1074 disabled
1075 oneshot
1076
1077service mtpd /system/bin/mtpd
1078 class main
1079 socket mtpd stream 600 system system
1080 user vpn
1081 group vpn net_admin inet net_raw
1082 disabled
1083 oneshot
1084
1085service keystore /system/bin/keystore /data/misc/keystore
1086 class main
1087 user keystore
1088 group keystore drmrpc system
1089 disabled
1090
1091service dumpstate /system/bin/dumpstate -s
1092 class main
1093 socket dumpstate stream 0660 shell log
1094 disabled
1095 oneshot
1096
1097service mdnsd /system/bin/mdnsd
1098 class main
1099 user mdnsr
1100 group inet net_raw
1101 socket mdnsd stream 0660 mdnsr inet
1102 disabled
1103 oneshot
1104
1105service pre-recovery /system/bin/uncrypt
1106 class main
1107 disabled
1108 oneshot
1109
1110# otp
1111service otp /system/bin/otp_server
1112 user system
1113 group system
1114 disabled
1115
1116on property:persist.security.tlc.otp=1
1117 start otp
1118 setprop persist.security.tlc.otp 0
1119
1120# ccm
1121 service ccm /system/bin/tlc_server
1122 user system
1123 group system
1124 disabled
1125
1126on property:persist.security.tlc.ccm=1
1127 start ccm
1128 setprop persist.security.tlc.ccm 0
1129
1130# tui
1131 service tui /system/bin/tlc_server TUI
1132 user system
1133 group system
1134 disabled
1135
1136on property:persist.security.tlc.tui=1
1137 start tui
1138 setprop persist.security.tlc.tui 0
1139
1140# CS DAEMON
1141service cs_service /system/bin/cs
1142 class main
1143 user system
1144 group system
1145 disabled
1146
1147# insthk
1148service insthk /system/bin/insthk
1149 class main
1150 user root
1151 disabled
1152 oneshot
1153
1154on property:sys.qseecomd.enable=true
1155 start cs_service
1156 start keystore
1157 start insthk
1158
1159service mcStarter /system/bin/tbaseLoader tbase
1160 class core
1161 user root
1162 group root
1163 disabled
1164 oneshot
1165
1166service run-mobicore /system/bin/mcDriverDaemon
1167 class core
1168 user system
1169 group system
1170 disabled
1171
1172on property:sys.qseecomd.enable=true
1173 start mcStarter
1174
1175on property:sys.mobicore.loaded=true
1176 start run-mobicore
1177
1178on property:sys.boot_completed=1
1179 write /sys/block/mmcblk0/queue/scheduler cfq
1180
1181# icd
1182on property:init.svc.media=restarting
1183 check_icd
1184 start icd
1185
1186# Activate Background Compaction
1187on property:sys.sysctl.compact_memory=1
1188 write /proc/sys/vm/compact_memory 1
1189 setprop sys.sysctl.compact_memory=0