Gitiles
Code Review Sign In
gerrit.twrp.me / android_device_samsung_j5lte / ab01298a2d83c4a32bf9da240fb7b7d82353bc9e / . / rootdir / etc / init.rc
blob: 5203aeb2e6e302e4e4c5723f3593771c83838327 [file] [log] [blame]
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]1# Copyright (C) 2012 The Android Open Source Project
2#
3# IMPORTANT: Do not create world writable files or directories.
4# This is a common source of Android security bugs.
5#
6
7import /init.environ.rc
8import /init.usb.rc
9import /init.${ro.hardware}.rc
10import /init.${ro.zygote}.rc
11import /init.trace.rc
Zvikomborero VIncent Zvikaramba7a9229f2016-07-25 01:25:14 -0400[diff] [blame]12import /init.sec_debug.rc
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]13import /init.carrier.rc
Zvikomborero VIncent Zvikaramba7a9229f2016-07-25 01:25:14 -0400[diff] [blame]14import /init.rilcommon.rc
15import /init.container.rc
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]16# Include CM's extra init file
17import /init.cm.rc
18
19
20on early-init
21 # Set init and its forked children's oom_adj.
22 write /proc/1/oom_score_adj -1000
23
24 # Apply strict SELinux checking of PROT_EXEC on mmap/mprotect calls.
25 write /sys/fs/selinux/checkreqprot 0
26
27 # Set the security context for the init process.
28 # This should occur before anything else (e.g. ueventd) is started.
29 setcon u:r:init:s0
30
31 # Set the security context of /adb_keys if present.
32 restorecon /adb_keys
33
34 start ueventd
35
36 # create mountpoints
37 mkdir /mnt 0775 root system
38
39on init
40 sysclktz 0
41
42 loglevel 3
43
44 # SEC_SELINUX
45 # for audit message
46 chown system system /proc/avc_msg
47 chmod 0660 /proc/avc_msg
48
49 # Backward compatibility
50 symlink /system/etc /etc
51 symlink /sys/kernel/debug /d
52# permission for CHARGING
53 chown system radio /sys/class/power_supply/battery/batt_discharging_check
54 chown system radio /sys/class/power_supply/battery/batt_discharging_check_adc
55 chown system radio /sys/class/power_supply/battery/batt_discharging_ntc
56 chown system radio /sys/class/power_supply/battery/batt_discharging_ntc_adc
57 chown system radio /sys/class/power_supply/battery/batt_self_discharging_control
58
Zvikomborero VIncent Zvikarambae1d00612016-07-25 19:51:44 -0400[diff] [blame]59 chown system radio /sys/class/sec/switch/otg_test
60 chown system radio /sys/class/sec/switch/uart_en
61
62
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]63 # Right now vendor lives on the same filesystem as system,
64 # but someday that may change.
65 symlink /system/vendor /vendor
66
67 # Create cgroup mount point for cpu accounting
68 mkdir /acct
69 mount cgroup none /acct cpuacct
70 mkdir /acct/uid
71
72 # Create cgroup mount point for memory
73 mount tmpfs none /sys/fs/cgroup mode=0750,uid=0,gid=1000
74 mkdir /sys/fs/cgroup/memory 0750 root system
75 mount cgroup none /sys/fs/cgroup/memory memory
76 write /sys/fs/cgroup/memory/memory.move_charge_at_immigrate 1
77 chown root system /sys/fs/cgroup/memory/tasks
78 chmod 0660 /sys/fs/cgroup/memory/tasks
79 mkdir /sys/fs/cgroup/memory/sw 0750 root system
80 write /sys/fs/cgroup/memory/sw/memory.swappiness 100
81 write /sys/fs/cgroup/memory/sw/memory.move_charge_at_immigrate 1
82 chown root system /sys/fs/cgroup/memory/sw/tasks
83 chmod 0660 /sys/fs/cgroup/memory/sw/tasks
Zvikomborero VIncent Zvikarambac12cb452016-07-22 12:49:41 -0400[diff] [blame]84 chmod 0220 /sys/fs/cgroup/memory/cgroup.event_control
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]85
86 mkdir /system
87 mkdir /data 0771 system system
88 mkdir /cache 0770 system cache
89 mkdir /config 0500 root root
90 mkdir /efs 0771 system radio
91
92 # See storage config details at http://source.android.com/tech/storage/
93 mkdir /mnt/shell 0700 shell shell
94 mkdir /mnt/media_rw 0700 media_rw media_rw
95 mkdir /storage 0751 root sdcard_r
96
97 # Directory for putting things only root should see.
98 mkdir /mnt/secure 0700 root root
99
Zvikomborero VIncent Zvikarambae1d00612016-07-25 19:51:44 -0400[diff] [blame]100 symlink /dev/block/platform/7824900.sdhci/by-name/persistent /dev/block/persistent
101
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]102 # Directory for staging bindmounts
103 mkdir /mnt/secure/staging 0700 root root
104
105 # Directory-target for where the secure container
106 # imagefile directory will be bind-mounted
107 mkdir /mnt/secure/asec 0700 root root
108
109 # Secure container public mount points.
110 mkdir /mnt/asec 0700 root system
111 mount tmpfs tmpfs /mnt/asec mode=0755,gid=1000
112
113 # Filesystem image public mount points.
114 mkdir /mnt/obb 0700 root system
115 mount tmpfs tmpfs /mnt/obb mode=0755,gid=1000
116
117 # memory control cgroup
118 mkdir /dev/memcg 0700 root system
119 mount cgroup none /dev/memcg memory
120
121 write /proc/sys/kernel/panic_on_oops 1
122 write /proc/sys/kernel/hung_task_timeout_secs 0
123 write /proc/cpu/alignment 4
124 write /proc/sys/kernel/sched_latency_ns 10000000
125 write /proc/sys/kernel/sched_wakeup_granularity_ns 2000000
126 write /proc/sys/kernel/sched_compat_yield 1
127 write /proc/sys/kernel/sched_child_runs_first 0
128 write /proc/sys/kernel/randomize_va_space 2
129 write /proc/sys/kernel/kptr_restrict 2
130 write /proc/sys/vm/mmap_min_addr 32768
131 write /proc/sys/net/ipv4/ping_group_range "0 2147483647"
132 write /proc/sys/net/unix/max_dgram_qlen 300
133 write /proc/sys/kernel/sched_rt_runtime_us 950000
134 write /proc/sys/kernel/sched_rt_period_us 1000000
135
136 # reflect fwmark from incoming packets onto generated replies
137 write /proc/sys/net/ipv4/fwmark_reflect 1
138 write /proc/sys/net/ipv6/fwmark_reflect 1
139
140 # set fwmark on accepted sockets
141 write /proc/sys/net/ipv4/tcp_fwmark_accept 1
142
143 # Create cgroup mount points for process groups
144 mkdir /dev/cpuctl
145 mount cgroup none /dev/cpuctl cpu
146 chown system system /dev/cpuctl
147 chown system system /dev/cpuctl/tasks
148 chmod 0660 /dev/cpuctl/tasks
149 write /dev/cpuctl/cpu.shares 1024
150 write /dev/cpuctl/cpu.rt_runtime_us 950000
Zvikomborero VIncent Zvikarambac12cb452016-07-22 12:49:41 -0400[diff] [blame]151 write /dev/cpuctl/cpu.rt_period_us 1000000
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]152
153 mkdir /dev/cpuctl/apps
154 chown system system /dev/cpuctl/apps/tasks
155 chmod 0666 /dev/cpuctl/apps/tasks
156 write /dev/cpuctl/apps/cpu.shares 1024
157 write /dev/cpuctl/apps/cpu.rt_runtime_us 800000
158 write /dev/cpuctl/apps/cpu.rt_period_us 1000000
159
160 mkdir /dev/cpuctl/apps/bg_non_interactive
161 chown system system /dev/cpuctl/apps/bg_non_interactive/tasks
162 chmod 0666 /dev/cpuctl/apps/bg_non_interactive/tasks
163 # 5.0 %
164 write /dev/cpuctl/apps/bg_non_interactive/cpu.shares 52
165 write /dev/cpuctl/apps/bg_non_interactive/cpu.rt_runtime_us 700000
166 write /dev/cpuctl/apps/bg_non_interactive/cpu.rt_period_us 1000000
Zvikomborero VIncent Zvikarambac12cb452016-07-22 12:49:41 -0400[diff] [blame]167
168 # Create cgroup mount points for process groups
169 mkdir /dev/cpuctl
170 mount cgroup none /dev/cpuctl cpu
171 chown system system /dev/cpuctl
172 chown system system /dev/cpuctl/tasks
173 chmod 0666 /dev/cpuctl/tasks
174 write /dev/cpuctl/cpu.shares 1024
175 write /dev/cpuctl/cpu.rt_runtime_us 800000
176 write /dev/cpuctl/cpu.rt_period_us 1000000
177
178 mkdir /dev/cpuctl/bg_non_interactive
179 chown system system /dev/cpuctl/bg_non_interactive/tasks
180 chmod 0666 /dev/cpuctl/bg_non_interactive/tasks
181 # 5.0 %
182 write /dev/cpuctl/bg_non_interactive/cpu.shares 52
183 write /dev/cpuctl/bg_non_interactive/cpu.rt_runtime_us 700000
184 write /dev/cpuctl/bg_non_interactive/cpu.rt_period_us 1000000
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]185
186 # qtaguid will limit access to specific data based on group memberships.
187 # net_bw_acct grants impersonation of socket owners.
188 # net_bw_stats grants access to other apps' detailed tagged-socket stats.
189 chown root net_bw_acct /proc/net/xt_qtaguid/ctrl
190 chown root net_bw_stats /proc/net/xt_qtaguid/stats
191
192 # Allow everybody to read the xt_qtaguid resource tracking misc dev.
193 # This is needed by any process that uses socket tagging.
194 chmod 0644 /dev/xt_qtaguid
195
196 # Create location for fs_mgr to store abbreviated output from filesystem
197 # checker programs.
198 mkdir /dev/fscklogs 0770 root system
199
200 # pstore/ramoops previous console log
201 mount pstore pstore /sys/fs/pstore
202 chown system log /sys/fs/pstore/console-ramoops
203 chmod 0440 /sys/fs/pstore/console-ramoops
204
205# Healthd can trigger a full boot from charger mode by signaling this
206# property when the power button is held.
207on property:sys.boot_from_charger_mode=1
208 class_stop charger
209 trigger late-init
210
211# Load properties from /system/ + /factory after fs mount.
212on load_all_props_action
213 load_all_props
214
215# Indicate to fw loaders that the relevant mounts are up.
216on firmware_mounts_complete
217 rm /dev/.booting
218
219# Mount filesystems and start core system services.
220on late-init
221 trigger early-fs
222 trigger fs
223 trigger post-fs
224 trigger post-fs-data
225
226 # Load properties from /system/ + /factory after fs mount. Place
227 # this in another action so that the load will be scheduled after the prior
228 # issued fs triggers have completed.
229 trigger load_all_props_action
230
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]231 # Remove a file to wake up anything waiting for firmware.
232 trigger firmware_mounts_complete
233
234 trigger early-boot
235 trigger boot
236
237
238on post-fs
239 # once everything is setup, no need to modify /
240 mount rootfs rootfs / ro remount
241 # mount shared so changes propagate into child namespaces
242 mount rootfs rootfs / shared rec
243
244 # We chown/chmod /cache again so because mount is run as root + defaults
245 chown system cache /cache
246 chmod 0770 /cache
247 # We restorecon /cache in case the cache partition has been reset.
248 restorecon_recursive /cache
249
250 # This may have been created by the recovery system with odd permissions
251 chown system cache /cache/recovery
252 chmod 0770 /cache/recovery
253
254 #change permissions on vmallocinfo so we can grab it from bugreports
255 chown root log /proc/vmallocinfo
256 chmod 0440 /proc/vmallocinfo
257
258 chown root log /proc/slabinfo
259 chmod 0440 /proc/slabinfo
260
261 #change permissions on kmsg & sysrq-trigger so bugreports can grab kthread stacks
262 chown root system /proc/kmsg
263 chmod 0440 /proc/kmsg
264 chown root system /proc/sysrq-trigger
265 chmod 0220 /proc/sysrq-trigger
266 chown system log /proc/last_kmsg
267 chmod 0440 /proc/last_kmsg
268
269 # make the selinux kernel policy world-readable
270 chmod 0444 /sys/fs/selinux/policy
271
272 # create the lost+found directories, so as to enforce our permissions
273 mkdir /cache/lost+found 0770 root root
274
275on post-fs-data
276 # sec_efs_file
277 mkdir /efs/sec_efs 0775 radio system
278
279 # We chown/chmod /data again so because mount is run as root + defaults
280 chown system system /data
281 chmod 0771 /data
282 # We restorecon /data in case the userdata partition has been reset.
283 restorecon /data
284 restorecon_recursive /data/media
285
286 # Avoid predictable entropy pool. Carry over entropy from previous boot.
287 copy /data/system/entropy.dat /dev/urandom
288
289 # Create dump dir and collect dumps.
290 # Do this before we mount cache so eventually we can use cache for
291 # storing dumps on platforms which do not have a dedicated dump partition.
292 mkdir /data/dontpanic 0750 root log
293
294 # Collect apanic data, free resources and re-arm trigger
295 copy /proc/apanic_console /data/dontpanic/apanic_console
296 chown root log /data/dontpanic/apanic_console
297 chmod 0640 /data/dontpanic/apanic_console
298
299 copy /proc/apanic_threads /data/dontpanic/apanic_threads
300 chown root log /data/dontpanic/apanic_threads
301 chmod 0640 /data/dontpanic/apanic_threads
302
303 write /proc/apanic_console 1
304
305 # create basic filesystem structure
306 mkdir /data/misc 01771 system misc
307 mkdir /data/misc/adb 02750 system shell
308 # SEC_SELINUX
309 mkdir /data/misc/audit 02775 audit system
310 mkdir /data/misc/bluedroid 0770 bluetooth net_bt_stack
311 mkdir /data/misc/bluetooth 0770 system system
312 mkdir /data/misc/keystore 0700 keystore keystore
313 mkdir /data/misc/keychain 0771 system system
314 mkdir /data/misc/net 0750 root shell
315 mkdir /data/misc/radio 0771 system radio
316 mkdir /data/misc/sms 0770 system radio
317 mkdir /data/misc/zoneinfo 0775 system system
318 mkdir /data/misc/vpn 0770 system vpn
319 mkdir /data/misc/shared_relro 0771 shared_relro shared_relro
320 mkdir /data/misc/systemkeys 0700 system system
321 mkdir /data/misc/wifi 0770 wifi system
322 mkdir /data/misc/wifi/sockets 0770 wifi wifi
323 mkdir /data/misc/wifi/wpa_supplicant 0770 wifi wifi
324 mkdir /data/misc/wifi_share_profile 0771 wifi system
Zvikomborero VIncent Zvikarambae1d00612016-07-25 19:51:44 -0400[diff] [blame]325 mkdir /data/misc/wifi_sns_patch 0770 wifi system
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]326 mkdir /data/misc/wifi_hostapd 0771 wifi system
327 mkdir /data/misc/ethernet 0770 system system
328 mkdir /data/misc/dhcp 0770 dhcp dhcp
329 mkdir /data/misc/user 0771 root root
330 # give system access to wpa_supplicant.conf for backup and restore
331 chmod 0660 /data/misc/wifi/wpa_supplicant.conf
332 chown system wifi /data/misc/wifi/wpa_supplicant.conf
333 mkdir /data/local 0751 root root
334 mkdir /data/misc/media 0700 media media
Zvikomborero VIncent Zvikarambae1d00612016-07-25 19:51:44 -0400[diff] [blame]335
336 mkdir /data/misc/radio/hatp 0755 radio system
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]337
338 # icd
339 check_icd
340 chown system system /dev/icd
341 chmod 0644 /dev/icd
342 chown system system /dev/icdr
343 chmod 0644 /dev/icdr
344 chown system system /dev/tzic
Zvikomborero VIncent Zvikarambae1d00612016-07-25 19:51:44 -0400[diff] [blame]345 restorecon /dev/icd
346 restorecon /dev/icdr
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]347
348 mkdir /data/misc/radio/hatp 0755 radio system
349 # vpnclient
350 mkdir /data/misc/vpnclientd 0770 system system
351
352 # h2k permission
353 mkdir /efs/cpk 0771 radio system
354 chmod 0644 /efs/redata.bin
355 chmod 0644 /efs/cpk/redata.bin
356 chown radio radio /efs/h2k.dat
357 chown radio radio /efs/cpk/h2k.dat
358 chmod 0644 /efs/h2k.dat
359 chmod 0644 /efs/cpk/h2k.dat
360 chown system system /efs/drm/h2k
361
362 # For security reasons, /data/local/tmp should always be empty.
363 # Do not place files or directories in /data/local/tmp
364 mkdir /data/local/tmp 0771 shell shell
365 mkdir /data/data 0771 system system
366 mkdir /data/app-private 0771 system system
367 mkdir /data/app-asec 0700 root root
368 mkdir /data/app-lib 0771 system system
369 mkdir /data/app 0771 system system
370 mkdir /data/property 0700 root root
371
372 # SA, System SW, SAMSUNG
373 # create log directory
374 mkdir /data/log 0775 system log
375 chown system log /data/log
376 mkdir /data/anr 0775 system system
377 chown system system /data/anr
378 chmod 0775 /data/log
379 chmod 0775 /data/anr
380 restorecon /data/log
381 restorecon /data/anr
382
Zvikomborero VIncent Zvikarambae1d00612016-07-25 19:51:44 -0400[diff] [blame]383# Mobicore
384 mkdir /data/app/mcRegistry 0775 system system
385 mkdir /efs/TEE 0770 radio system
386
387 chmod 700 /dev/mobicore
388 chmod 666 /dev/mobicore-user
389 chown system system /dev/mobicore
390 chown radio system /dev/mobicore-user
391 export MC_AUTH_TOKEN_PATH /efs
392
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]393 # create dalvik-cache, so as to enforce our permissions
394 mkdir /data/dalvik-cache 0771 root root
395 mkdir /data/dalvik-cache/profiles 0711 system system
396
397 # create resource-cache and double-check the perms
398 mkdir /data/resource-cache 0771 system system
399 chown system system /data/resource-cache
400 chmod 0771 /data/resource-cache
401
402 # create the lost+found directories, so as to enforce our permissions
403 mkdir /data/lost+found 0770 root root
404
405 # create directory for DRM plug-ins - give drm the read/write access to
406 # the following directory.
407 mkdir /data/drm 0770 drm drm
408
409 # create directory for MediaDrm plug-ins - give drm the read/write access to
410 # the following directory.
411 mkdir /data/mediadrm 0770 mediadrm mediadrm
412
Zvikomborero VIncent Zvikarambae1d00612016-07-25 19:51:44 -0400[diff] [blame]413 mkdir /data/adb 0700 root root
414
415 #create uibc dir
416 mkdir /dev/socket/uibc 0777 media system
417 chown media system /dev/socket/uibc
418 chmod 0775 /dev/socket/uibc
419
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]420# DRK permission
421 mkdir /efs/prov 0770 radio system
422 mkdir /efs/prov_data 0770 radio system
423 chown radio system /efs/prov_data/dev_root
424 chmod 0770 /efs/prov_data/dev_root
425 chown radio system /efs/prov_data/dev_root/dev_root.dat
426 chmod 0640 /efs/prov_data/dev_root/dev_root.dat
427 chown radio system /efs/prov/libdevkm.lock
428 chmod 0660 /efs/prov/libdevkm.lock
429 rm /efs/prov/prov.b00
430 rm /efs/prov/prov.b01
431 rm /efs/prov/prov.b02
432 rm /efs/prov/prov.b03
433 rm /efs/prov/prov.mdt
434# CS socket
435 mkdir /dev/socket/cs_socket 0770 system system
Zvikomborero VIncent Zvikarambae1d00612016-07-25 19:51:44 -0400[diff] [blame]436
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]437# [ SEC_MM_DRM
Zvikomborero VIncent Zvikarambae1d00612016-07-25 19:51:44 -0400[diff] [blame]438 # OMA DB directory creation
439 mkdir /data/system/databases 0775
440 chown system system /data/system/databases
441 chmod 0775 /data/system/databases
442
443 # DRM directory creation
444 mkdir /system/etc/security/.drm 0775
445 chown root root /system/etc/security/.drm
446 chmod 0775 /system/etc/security/.drm
447
448 # Added for Playready DRM Support
449 mkdir /data/data/.drm 0775
450 chown drm system /data/data/.drm
451 chmod 0775 /data/data/.drm
452 mkdir /data/data/.drm/.playready 0775
453 chown drm system /data/data/.drm/.playready
454 chmod 0775 /data/data/.drm/.playready
455
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]456 # Added drm folder to copy drm plugins
457 mkdir /system/lib/drm 0775
458 chown root root /system/lib/drm
459 chmod 0775 /system/lib/drm
460
461 restorecon -R /efs
462 restorecon -R /carrier
463 restorecon_recursive /data/misc/keystore
464 restorecon_recursive /data/property
465 restorecon_recursive /data/security
466# ]
467
Zvikomborero VIncent Zvikarambae1d00612016-07-25 19:51:44 -0400[diff] [blame]468 # MTP device permission
469 chmod 0660 /dev/usb_mtp_gadget
470 chown system mtp /dev/usb_mtp_gadget
471 mkdir /dev/socket/mtp 0770 system mtp
472
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]473 # symlink to bugreport storage location
474 symlink /data/data/com.android.shell/files/bugreports /data/bugreports
475
476 # Separate location for storing security policy files on data
477 mkdir /data/security 0711 system system
478
479 # Reload policy from /data/security if present.
480 setprop selinux.reload_policy 1
481
482 # SA, System SW, SAMSUNG create log directory
483 mkdir /data/log 0775 system log
484 chown system log /data/log
485 mkdir /data/anr 0775 system system
486 chown system system /data/anr
487 chmod 0775 /data/log
488 chmod 0775 /data/anr
489 restorecon /data/log
490 restorecon /data/anr
491
492 # Set SELinux security contexts on upgrade or policy update.
493 restorecon_recursive /data
494 restorecon /data/data
495 restorecon /data/user
496 restorecon /data/user/0
497
498 # If there is no fs-post-data action in the init.<device>.rc file, you
499 # must uncomment this line, otherwise encrypted filesystems
500 # won't work.
501 # Set indication (checked by vold) that we have finished this action
502 #setprop vold.post_fs_data_done 1
503
Zvikomborero VIncent Zvikarambae1d00612016-07-25 19:51:44 -0400[diff] [blame]504# Downloadable Filter
505 mkdir /data/DownFilters 0775 system system
506 mkdir /data/DownFilters/Lib 0775 system system
507 mkdir /data/DownFilters/Lib64 0775 system system
508
509 #SideSync
510 chown system system /dev/android_ssusbcon
511 chmod 0660 /dev/android_ssusbcon
512
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]513on boot
Zvikomborero VIncent Zvikarambae1d00612016-07-25 19:51:44 -0400[diff] [blame]514
515# Mobicore
516 mkdir /data/app/mcRegistry 0775 system system
517
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]518 # basic network init
519 ifup lo
520 hostname localhost
521 domainname localdomain
522
523 # set RLIMIT_NICE to allow priorities from 19 to -20
524 setrlimit 13 40 40
525
526 # Memory management. Basic kernel parameters, and allow the high
527 # level system server to be able to adjust the kernel OOM driver
528 # parameters to match how it is managing things.
529 write /proc/sys/vm/overcommit_memory 1
530 write /proc/sys/vm/min_free_order_shift 4
531 chown root system /sys/module/lowmemorykiller/parameters/adj
532 chmod 0220 /sys/module/lowmemorykiller/parameters/adj
533 chown root system /sys/module/lowmemorykiller/parameters/minfree
534 chmod 0220 /sys/module/lowmemorykiller/parameters/minfree
535
536 # Tweak background writeout
537 write /proc/sys/vm/dirty_expire_centisecs 200
538 write /proc/sys/vm/dirty_background_ratio 5
539
Zvikomborero VIncent Zvikarambae1d00612016-07-25 19:51:44 -0400[diff] [blame]540 # permission for Input Device(TSP).
541 chown system radio /sys/class/sec/tsp/cmd
542 chmod 0660 /sys/class/sec/tsp/input/enabled
543 chown system system /sys/class/sec/tsp/input/enabled
544
545 # permission for Input Device(TKEY).
546 chmod 0660 /sys/class/sec/sec_touchkey/input/enabled
547 chown system system /sys/class/sec/sec_touchkey/input/enabled
548 chown system system /sys/class/sec/sec_touchkey/brightness
549
550 # Permissions for System Server and daemons.
551 chown radio system /sys/android_power/state
552 chown radio system /sys/android_power/request_state
553 chown radio system /sys/android_power/acquire_full_wake_lock
554 chown radio system /sys/android_power/acquire_partial_wake_lock
555 chown radio system /sys/android_power/release_wake_lock
556 chown system system /sys/power/autosleep
557 chown system system /sys/power/state
558 chown system system /sys/power/wakeup_count
559 chown radio system /sys/power/wake_lock
560 chown radio system /sys/power/wake_unlock
561 chmod 0660 /sys/power/state
562 chmod 0660 /sys/power/wake_lock
563 chmod 0660 /sys/power/wake_unlock
564 chown system system /sys/module/msm_thermal/core_control/enabled
565
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]566# SEC DVFS sysfs node
567 chown radio system /sys/power/cpufreq_max_limit
568 chown radio system /sys/power/cpufreq_min_limit
569 chown radio system /sys/power/cpufreq_table
570 chmod 664 /sys/power/cpufreq_max_limit
571 chmod 664 /sys/power/cpufreq_min_limit
572 chmod 664 /sys/power/cpufreq_table
573
574 chown radio system /sys/devices/system/cpu/kernel_max
575 chmod 664 /sys/devices/system/cpu/kernel_max
576
577 chown radio system /sys/class/kgsl/kgsl-3d0/max_pwrlevel
578 chmod 664 /sys/class/kgsl/kgsl-3d0/max_pwrlevel
579 chown radio system /sys/class/kgsl/kgsl-3d0/min_pwrlevel
580 chmod 664 /sys/class/kgsl/kgsl-3d0/min_pwrlevel
581 chown radio system /sys/class/kgsl/kgsl-3d0/gpu_available_frequencies
582 chmod 664 /sys/class/kgsl/kgsl-3d0/gpu_available_frequencies
583
584# Permissions for SSRM
585 chmod 0664 /sys/devices/platform/sec-thermistor/temperature
586 chmod 0664 /sys/class/power_supply/battery/siop_level
587 chmod 0664 /sys/class/power_supply/battery/test_charge_current
588 chown radio system /sys/devices/platform/sec-thermistor/temperature
589 chown radio system /sys/class/power_supply/battery/siop_level
590 chown radio system /sys/class/power_supply/battery/test_charge_current
591
592 chown system system /sys/devices/system/cpu/cpufreq/interactive/timer_rate
593 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/timer_rate
594 chown system system /sys/devices/system/cpu/cpufreq/interactive/timer_slack
595 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/timer_slack
596 chown system system /sys/devices/system/cpu/cpufreq/interactive/min_sample_time
597 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/min_sample_time
598 chown system system /sys/devices/system/cpu/cpufreq/interactive/hispeed_freq
599 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/hispeed_freq
600 chown system system /sys/devices/system/cpu/cpufreq/interactive/target_loads
601 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/target_loads
602 chown system system /sys/devices/system/cpu/cpufreq/interactive/go_hispeed_load
603 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/go_hispeed_load
604 chown system system /sys/devices/system/cpu/cpufreq/interactive/above_hispeed_delay
605 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/above_hispeed_delay
606 chown system system /sys/devices/system/cpu/cpufreq/interactive/boost
607 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/boost
608 chown system system /sys/devices/system/cpu/cpufreq/interactive/boostpulse
609 chown system system /sys/devices/system/cpu/cpufreq/interactive/input_boost
610 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/input_boost
611 chown system system /sys/devices/system/cpu/cpufreq/interactive/boostpulse_duration
612 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/boostpulse_duration
613 chown system system /sys/devices/system/cpu/cpufreq/interactive/io_is_busy
614 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/io_is_busy
Zvikomborero VIncent Zvikarambae1d00612016-07-25 19:51:44 -0400[diff] [blame]615 chown system system /sys/devices/system/cpu/cpu0/cpufreq/scaling_min_freq
616 chmod 0660 /sys/devices/system/cpu/cpu0/cpufreq/scaling_min_freq
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]617
618 # Assume SMP uses shared cpufreq policy for all CPUs
619 chown system system /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq
620 chmod 0660 /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq
621
622 chown system system /sys/class/timed_output/vibrator/enable
623 chown system system /sys/class/leds/keyboard-backlight/brightness
624 chown system system /sys/class/leds/lcd-backlight/brightness
625 chown system system /sys/class/leds/button-backlight/brightness
626 chown system system /sys/class/leds/jogball-backlight/brightness
627 chown system system /sys/class/leds/red/brightness
628 chown system system /sys/class/leds/green/brightness
629 chown system system /sys/class/leds/blue/brightness
630 chown system system /sys/class/leds/red/device/grpfreq
631 chown system system /sys/class/leds/red/device/grppwm
632 chown system system /sys/class/leds/red/device/blink
633 chown system system /sys/class/timed_output/vibrator/enable
634 chown system system /sys/module/sco/parameters/disable_esco
635 chown system system /sys/kernel/ipv4/tcp_wmem_min
636 chown system system /sys/kernel/ipv4/tcp_wmem_def
637 chown system system /sys/kernel/ipv4/tcp_wmem_max
638 chown system system /sys/kernel/ipv4/tcp_rmem_min
639 chown system system /sys/kernel/ipv4/tcp_rmem_def
640 chown system system /sys/kernel/ipv4/tcp_rmem_max
641 chown root radio /proc/cmdline
642
Zvikomborero VIncent Zvikarambae1d00612016-07-25 19:51:44 -0400[diff] [blame]643# Assign TCP buffer thresholds to be ceiling value of technology maximums
644# Increased technology maximums should be reflected here.
645 write /proc/sys/net/core/rmem_max 1048576
646 write /proc/sys/net/core/wmem_max 2097152
647
648
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]649# Auto Brightness
650 chown system system /sys/class/backlight/panel/auto_brightness
651 chmod 0660 /sys/class/backlight/panel/auto_brightness
652
653# LCD mdnie and panel work
654 chown system system /sys/class/mdnie/mdnie/lcdtype
655 chown system system /sys/class/mdnie/mdnie/lcd_power
656 chown system media_rw /sys/class/mdnie/mdnie/scenario
657 chmod 0660 /sys/class/mdnie/mdnie/scenario
658
659 chown system system /sys/class/mdnie/mdnie/tuning
660 chown system media_rw /sys/class/mdnie/mdnie/outdoor
661 chown system system /sys/class/mdnie/mdnie/mdnie_temp
662 chown system media_rw /sys/class/mdnie/mdnie/mode
663 chown system system /sys/class/mdnie/mdnie/negative
664 chown system media_rw /sys/class/mdnie/mdnie/playspeed
665 chown system media_rw /sys/class/mdnie/mdnie/accessibility
666 chown system system /sys/class/mdnie/mdnie/cabc
667 chown system system /sys/class/mdnie/mdnie/bypass
668 chown system media_rw /sys/class/mdnie/mdnie/sensorRGB
669 chmod 0660 /sys/class/mdnie/mdnie/sensorRGB
670
671 chown system system /sys/class/lcd/panel/panel/auto_brightness
672 chown system system /sys/class/lcd/panel/window_type
673 chown radio system /sys/class/lcd/panel/power_reduce
674 chown radio system /sys/class/lcd/panel/siop_enable
675 chown radio system /sys/class/lcd/panel/temperature
676 chown radio system /sys/class/lcd/panel/tuning
677 chown radio system /sys/class/lcd/panel/lux
678
Zvikomborero VIncent Zvikarambae1d00612016-07-25 19:51:44 -0400[diff] [blame]679 chown radio system /sys/class/lcd/panel/partial_disp
680 chmod 0660 /sys/class/lcd/panel/partial_disp
681
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]682# Adjust YUV to RGB Conversion(CSC_Conversion)
683 chown system media_rw /sys/class/graphics/fb0/csc_cfg
684 chmod 0660 /sys/class/graphics/fb0/csc_cfg
685
686# permission for Input Device(TSP).
687 chown system radio /sys/class/sec/tsp/cmd
688 chmod 0660 /sys/class/sec/tsp/input/enabled
689 chown system system /sys/class/sec/tsp/input/enabled
690
691# permission for Input Device(TKEY).
692 chmod 0660 /sys/class/sec/sec_touchkey/input/enabled
693 chown system system /sys/class/sec/sec_touchkey/input/enabled
694
695# permission for TKEY LED EN
696 chmod 0660 /sys/class/sec/sec_touchkey/brightness
697 chown system system /sys/class/sec/sec_touchkey/brightness
698
699# Permissions for gpio_keys
700 chown system radio /sys/class/sec/sec_key/wakeup_keys
701 write /sys/class/sec/sec_key/wakeup_keys 116,172
702
703 # Permissions for System Server and daemons.
704 chown radio system /sys/android_power/state
705 chown radio system /sys/android_power/request_state
706 chown radio system /sys/android_power/acquire_full_wake_lock
707 chown radio system /sys/android_power/acquire_partial_wake_lock
708 chown radio system /sys/android_power/release_wake_lock
709 chown system system /sys/power/autosleep
710 chown system system /sys/power/state
711 chown system system /sys/power/wakeup_count
712 chown radio system /sys/power/wake_lock
713 chown radio system /sys/power/wake_unlock
714 chmod 0660 /sys/power/state
715 chmod 0660 /sys/power/wake_lock
716 chmod 0660 /sys/power/wake_unlock
717 chown system system /sys/module/msm_thermal/core_control/enabled
718
719 chown system system /sys/devices/system/cpu/cpufreq/interactive/timer_rate
720 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/timer_rate
721 chown system system /sys/devices/system/cpu/cpufreq/interactive/timer_slack
722 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/timer_slack
723 chown system system /sys/devices/system/cpu/cpufreq/interactive/min_sample_time
724 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/min_sample_time
725 chown system system /sys/devices/system/cpu/cpufreq/interactive/hispeed_freq
726 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/hispeed_freq
727 chown system system /sys/devices/system/cpu/cpufreq/interactive/target_loads
728 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/target_loads
729 chown system system /sys/devices/system/cpu/cpufreq/interactive/go_hispeed_load
730 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/go_hispeed_load
731 chown system system /sys/devices/system/cpu/cpufreq/interactive/above_hispeed_delay
732 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/above_hispeed_delay
733 chown system system /sys/devices/system/cpu/cpufreq/interactive/boost
734 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/boost
735 chown system system /sys/devices/system/cpu/cpufreq/interactive/boostpulse
736 chown system system /sys/devices/system/cpu/cpufreq/interactive/input_boost
737 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/input_boost
738 chown system system /sys/devices/system/cpu/cpufreq/interactive/boostpulse_duration
739 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/boostpulse_duration
740 chown system system /sys/devices/system/cpu/cpufreq/interactive/io_is_busy
741 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/io_is_busy
742
743 # Assume SMP uses shared cpufreq policy for all CPUs
744 chown system system /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq
745 chmod 0660 /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq
746
747 chown system system /sys/class/timed_output/vibrator/enable
748 chown system system /sys/class/leds/keyboard-backlight/brightness
749 chown system system /sys/class/leds/lcd-backlight/brightness
750 chown system system /sys/class/leds/torch-light/brightness
751 chown system system /sys/class/leds/button-backlight/brightness
752 chown system system /sys/class/leds/jogball-backlight/brightness
753 chown system system /sys/class/leds/red/brightness
754 chown system system /sys/class/leds/green/brightness
755 chown system system /sys/class/leds/blue/brightness
756 chown system system /sys/class/leds/red/device/grpfreq
757 chown system system /sys/class/leds/red/device/grppwm
758 chown system system /sys/class/leds/red/device/blink
759 chown system system /sys/class/timed_output/vibrator/enable
760 chown system system /sys/module/sco/parameters/disable_esco
761 chown system system /sys/kernel/ipv4/tcp_wmem_min
762 chown system system /sys/kernel/ipv4/tcp_wmem_def
763 chown system system /sys/kernel/ipv4/tcp_wmem_max
764 chown system system /sys/kernel/ipv4/tcp_rmem_min
765 chown system system /sys/kernel/ipv4/tcp_rmem_def
766 chown system system /sys/kernel/ipv4/tcp_rmem_max
767 chown root radio /proc/cmdline
Zvikomborero VIncent Zvikarambae1d00612016-07-25 19:51:44 -0400[diff] [blame]768
769###############################################################################
770# System LSI
771# Comment : add permission to device driver
772# NFC : Permissions for NFC
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]773 chmod 0660 /dev/sec-nfc
Zvikomborero VIncent Zvikarambae1d00612016-07-25 19:51:44 -0400[diff] [blame]774# NFC : change owner
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]775 chown nfc nfc /dev/sec-nfc
Zvikomborero VIncent Zvikarambae1d00612016-07-25 19:51:44 -0400[diff] [blame]776# NFC : create data/nfc for nv storage
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]777 mkdir /data/nfc 0700 nfc nfc
778 mkdir /data/nfc/param 0700 nfc nfc
779
Zvikomborero VIncent Zvikarambae1d00612016-07-25 19:51:44 -0400[diff] [blame]780 chmod 0660 /dev/pn547
781# NFC : change owner
782 chown nfc nfc /dev/pn547
783# NFC : create data/nfc for nv storage
784 mkdir /data/nfc 0700 nfc nfc
785 mkdir /data/nfc/param 0700 nfc nfc
786###############################################################################
787
788 # Permissions for Camera
Zvikomborero VIncent Zvikarambaf0425d22016-08-18 20:13:03 -0400[diff] [blame]789 chown root system /sys/class/camera/rear/rear_camantibanding
Zvikomborero VIncent Zvikarambae1d00612016-07-25 19:51:44 -0400[diff] [blame]790 chown system system /sys/class/camera/rear/rear_camfw
Zvikomborero VIncent Zvikarambaf0425d22016-08-18 20:13:03 -0400[diff] [blame]791 chown system system /sys/class/camera/rear/rear_checkfw_user
792 chown system system /sys/class/camera/rear/rear_checkfw_factory
793 chown system system /sys/class/camera/rear/rear_camfw_full
794 chown system system /sys/class/camera/rear/rear_camfw_load
Zvikomborero VIncent Zvikarambae1d00612016-07-25 19:51:44 -0400[diff] [blame]795 chown system system /sys/class/camera/rear/rear_camtype
Zvikomborero VIncent Zvikarambaf0425d22016-08-18 20:13:03 -0400[diff] [blame]796 chown system radio /sys/class/camera/rear/rear_corever
797 chown system radio /sys/class/camera/rear/rear_companionfw_full
798 chown system radio /sys/class/camera/rear/rear_calcheck
799 chown system radio /sys/class/camera/rear/rear_fwcheck
800 chown system system /sys/class/camera/rear/isp_core
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]801 chown system radio /sys/class/camera/flash/rear_flash
Zvikomborero VIncent Zvikarambaf0425d22016-08-18 20:13:03 -0400[diff] [blame]802 chown system radio /sys/class/camera/flash/front_flash
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]803 chown system system /sys/class/camera/front/front_camfw
804 chown system system /sys/class/camera/front/front_camtype
805 chown system system /sys/class/camera/front/front_camfw_full
806 chown system system /sys/class/camera/front/front_camfw_load
807
808#OTG Test
809 chown system radio /sys/class/host_notify/usb_otg/booster
810 chmod 0660 /sys/class/host_notify/usb_otg/booster
Zvikomborero VIncent Zvikarambaf0425d22016-08-18 20:13:03 -0400[diff] [blame]811 chown system radio /sys/class/usb_notify/usb_control/disable
812 chmod 0660 /sys/class/usb_notify/usb_control/disable
813
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]814# Accelerometer_sensor
815 chown system radio /sys/class/sensors/accelerometer_sensor/raw_data
816 chown system radio /sys/class/sensors/accelerometer_sensor/calibration
817 chown system radio /sys/class/sensors/accelerometer_sensor/reactive_alert
818 chown system radio /sys/class/sensors/accelerometer_sensor/vendor
819 chown system radio /sys/class/sensors/accelerometer_sensor/name
820 chown system radio /sys/class/sensors/accelerometer_sensor/selftest
821 chown system radio /sys/class/sensors/accelerometer_sensor/lowpassfilter
822# Proximity_sensor
823 chown system radio /sys/class/sensors/proximity_sensor/state
824 chown system radio /sys/class/sensors/proximity_sensor/raw_data
825 chown system radio /sys/class/sensors/proximity_sensor/prox_avg
826 chown system radio /sys/class/sensors/proximity_sensor/prox_cal
827 chown system radio /sys/class/sensors/proximity_sensor/vendor
828 chown system radio /sys/class/sensors/proximity_sensor/name
829 chown system radio /sys/class/sensors/proximity_sensor/thresh_high
830 chown system radio /sys/class/sensors/proximity_sensor/thresh_low
831 chown system radio /sys/class/sensors/proximity_sensor/prox_offset_pass
832 chown system radio /sys/class/sensors/proximity_sensor/prox_trim
833# Light_sensor
834 chown system radio /sys/class/sensors/light_sensor/lux
835 chown system radio /sys/class/sensors/light_sensor/raw_data
836 chown system radio /sys/class/sensors/light_sensor/vendor
837 chown system radio /sys/class/sensors/light_sensor/name
838# Gyro_sensor
839 chown system radio /sys/class/sensors/gyro_sensor/power_on
840 chown system radio /sys/class/sensors/gyro_sensor/power_off
841 chown system radio /sys/class/sensors/gyro_sensor/temperature
842 chown system radio /sys/class/sensors/gyro_sensor/selftest
843 chown system radio /sys/class/sensors/gyro_sensor/vendor
844 chown system radio /sys/class/sensors/gyro_sensor/name
845# Magnetic_sensor
846 chown system radio /sys/class/sensors/magnetic_sensor/selftest
847 chown system radio /sys/class/sensors/magnetic_sensor/raw_data
848 chown system radio /sys/class/sensors/magnetic_sensor/adc
849 chown system radio /sys/class/sensors/magnetic_sensor/vendor
850 chown system radio /sys/class/sensors/magnetic_sensor/name
851 chown system radio /sys/class/sensors/magnetic_sensor/status
852# MetaEvent
853 chown system radio /sys/class/sensors/sensor_dev/flush
854
855# Permissions for Charging
856 mkdir /efs/Battery 0775 radio system
857 chown system radio /sys/class/power_supply/battery/batt_reset_soc
858 chown system radio /sys/class/power_supply/battery/update
859 chown system radio /sys/class/power_supply/battery/factory_mode
860 chown system radio /sys/class/power_supply/battery/batt_slate_mode
861 chown sdcard_rw sdcard_rw /sys/class/power_supply/battery/call
862 chown sdcard_rw sdcard_rw /sys/class/power_supply/battery/video
863 chown sdcard_rw sdcard_rw /sys/class/power_supply/battery/music
864 chown sdcard_rw sdcard_rw /sys/class/power_supply/battery/browser
865 chown sdcard_rw sdcard_rw /sys/class/power_supply/battery/hotspot
866 chown sdcard_rw sdcard_rw /sys/class/power_supply/battery/camera
867 chown system radio /sys/class/power_supply/battery/talk_wcdma
868 chown system radio /sys/class/power_supply/battery/talk_gsm
869 chown system radio /sys/class/power_supply/battery/call
870 chown system radio /sys/class/power_supply/battery/data_call
871 chown system radio /sys/class/power_supply/battery/gps
872 chown system radio /sys/class/power_supply/battery/wifi
873 chown system radio /sys/class/power_supply/battery/lte
874 chown system radio /sys/class/power_supply/battery/wc_enable
875 chown system radio /sys/class/power_supply/battery/lcd
876 chown system radio /sys/class/power_supply/ps/status
877 chmod 0664 /sys/class/power_supply/ps/status
878 chown system radio /sys/class/power_supply/battery/batt_temp_table
879
Zvikomborero VIncent Zvikarambaf0425d22016-08-18 20:13:03 -0400[diff] [blame]880 # Adaptive LMK
881 write /sys/module/lowmemorykiller/parameters/enable_adaptive_lmk 1
882 write /sys/module/lowmemorykiller/parameters/vmpressure_file_min 53059
883
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]884 # Define default initial receive window size in segments.
885 setprop net.tcp.default_init_rwnd 60
886
887 write /sys/block/mmcblk0/queue/scheduler noop
888 copy /system/etc/battery_charging_temp.data /sys/class/power_supply/battery/batt_temp_table
889
890 class_start core
891
892# Permission for fast dormancy for RIL
893 chown system radio /sys/devices/virtual/sec/bamdmux/waketime
894
895# Permission for a RPMB checking thru IMEI
896 chown system radio /sys/kernel/debug/tzdbg/log
897
898# MTP permission
899 chmod 0660 /dev/usb_mtp_gadget
900 chown system mtp /dev/usb_mtp_gadget
901 mkdir /dev/socket/mtp 0770 system mtp
902
903on nonencrypted
904 class_start main
905 class_start late_start
906
907on property:vold.decrypt=trigger_default_encryption
908 start defaultcrypto
909
910on property:vold.decrypt=trigger_encryption
911 start surfaceflinger
912 start encrypt
913
914on property:sys.init_log_level=*
915 loglevel ${sys.init_log_level}
916
917on charger
918 mount ext4 /dev/block/bootdevice/by-name/system /system wait ro
919 copy /system/etc/battery_charging_temp.data /sys/class/power_supply/battery/batt_temp_table
920
921 wait /dev/block/bootdevice/by-name/efs
922 check_fs /dev/block/bootdevice/by-name/efs ext4
923 mount ext4 /dev/block/bootdevice/by-name/efs /efs nosuid nodev noatime noauto_da_alloc,discard,journal_async_commit,errors=panic
924 chown system radio /efs
925 chmod 0771 /efs
926 mkdir /efs/Battery 0775 radio system
927
928 class_start charger
929
930
931on property:vold.decrypt=trigger_reset_main
932 class_reset main
933
934on property:vold.decrypt=trigger_load_persist_props
935 load_persist_props
936
937on property:vold.decrypt=trigger_post_fs_data
938 trigger post-fs-data
939
940on property:vold.decrypt=trigger_restart_min_framework
941 class_start main
942
943on property:vold.decrypt=trigger_restart_framework
944 class_start main
945 class_start late_start
946 start keystore
947
948on property:vold.decrypt=trigger_shutdown_framework
949 class_reset late_start
950 class_reset main
951
952on property:sys.powerctl=*
953 powerctl ${sys.powerctl}
954
955# system server cannot write to /proc/sys files,
956# and chown/chmod does not work for /proc/sys/ entries.
957# So proxy writes through init.
958on property:sys.sysctl.extra_free_kbytes=*
959 write /proc/sys/vm/extra_free_kbytes ${sys.sysctl.extra_free_kbytes}
960
961# "tcp_default_init_rwnd" Is too long!
962on property:sys.sysctl.tcp_def_init_rwnd=*
963 write /proc/sys/net/ipv4/tcp_default_init_rwnd ${sys.sysctl.tcp_def_init_rwnd}
964
965
966## Daemon processes to be run by init.
967##
968
969service ueventd /sbin/ueventd
970 class core
971 critical
972 seclabel u:r:ueventd:s0
973
974service logd /system/bin/logd
975 class core
976 socket logd stream 0666 logd logd
977 socket logdr seqpacket 0666 logd logd
978 socket logdw dgram 0222 logd logd
979 seclabel u:r:logd:s0
980
981service healthd /sbin/healthd
982 class core
983 critical
984 seclabel u:r:healthd:s0
985
Zvikomborero VIncent Zvikaramba30640f82016-07-26 03:16:26 -0400[diff] [blame]986service lpm /system/bin/logwrapper /system/bin/lpm
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]987 class charger
988 critical
989#start SEC_PRODUCT_FEATURE_COMMON_SUPPORT_SE_FOR_ANDROID
990# Reload SE Android Policy for MDM
991on property:persist.security.mdm.policy=1
992 setprop selinux.reload_policy 1
993#end SEC_PRODUCT_FEATURE_COMMON_SUPPORT_SE_FOR_ANDROID
994
995service console /system/bin/sh
996 class core
997 console
998 disabled
999 user shell
1000 group shell log
1001 seclabel u:r:shell:s0
1002
1003## WTL_EDM_START
1004## EDM AuditLog
Zvikomborero VIncent Zvikaramba30640f82016-07-26 03:16:26 -0400[diff] [blame]1005service edmaudit /system/bin/edmaudit
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]1006 class main
1007 user root
1008
1009## WTL_EDM_END
1010service auditd /system/bin/auditd -k
1011 seclabel u:r:logd:s0
1012 class main
1013# SEC_LINUX DRS Service
1014service drsd /system/bin/drsd
1015 class main
1016 socket drsd stream 600 system system
1017
1018
1019service prepare_param /system/bin/prepare_param.sh /dev/block/platform/7824900.sdhci/by-name/param
1020 class core
1021 user root
1022 group root
1023 seclabel u:r:prepare_param:s0
1024 oneshot
1025
Zvikomborero VIncent Zvikaramba30640f82016-07-26 03:16:26 -0400[diff] [blame]1026# icd
1027service icd /system/bin/icd
1028 class main
1029 user system
1030 group system log
1031 onrestart check_icd
1032 oneshot
1033
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]1034on property:ro.debuggable=1
1035 start console
1036
1037# SEC_SELINUX
1038on property:selinux.reload_policy=1
1039 chown system system /sys/fs/selinux/enforce
1040 chown -R system system /sys/fs/selinux/booleans
1041 chown system system /sys/fs/selinux/commit_pending_bools
1042
1043# SEC_SELINUX to support spota
1044on property:selinux.sec.restorecon=1
1045 restorecon_recursive /data/security/spota
1046
1047# SEC_SELINUX
1048on property:init.svc.bootanim=stopped
1049 start auditd
1050
1051# adbd is controlled via property triggers in init.<platform>.usb.rc
1052service adbd /sbin/adbd --root_seclabel=u:r:su:s0
1053 class core
1054 socket adbd stream 660 system system
1055 disabled
1056 seclabel u:r:adbd:s0
1057
1058# adbd on at boot in emulator
1059on property:ro.kernel.qemu=1
1060 start adbd
1061
Zvikomborero VIncent Zvikaramba30640f82016-07-26 03:16:26 -0400[diff] [blame]1062service lmkd /system/bin/lmkd
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]1063 class core
1064 critical
1065 socket lmkd seqpacket 0660 system system
1066
Zvikomborero VIncent Zvikaramba30640f82016-07-26 03:16:26 -0400[diff] [blame]1067service scs /system/bin/scs
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]1068 class main
1069 user system
1070 group system
1071 oneshot
1072
1073service servicemanager /system/bin/servicemanager
1074 class core
1075 user system
1076 group system
1077 critical
1078 onrestart restart healthd
1079 onrestart restart zygote
1080 onrestart restart media
1081 onrestart restart surfaceflinger
1082 onrestart restart drm
1083 onrestart restart sensorhubservice
1084 onrestart restart keystore
1085
1086service vold /system/bin/vold
1087 class core
1088 socket vold stream 0660 root mount
1089## Samsung ODE >>>
1090 socket dir_enc_report stream 0660 root mount
1091## Samsung ODE <<<
1092 ioprio be 2
1093
1094## Frigatebird
1095 socket frigate stream 0660 system system
1096
1097service epmd /system/bin/epmd
1098 class main
1099 socket epm stream 0660 system system
1100 socket ppm stream 0660 system system
1101 ioprio be 2
1102
1103service netd /system/bin/netd
1104 class main
1105 socket netd stream 0660 root system
1106 socket dnsproxyd stream 0660 root inet
1107 socket mdns stream 0660 root system
1108 socket fwmarkd stream 0660 root inet
1109
1110service debuggerd /system/bin/debuggerd
1111 class main
1112
Zvikomborero VIncent Zvikarambae1d00612016-07-25 19:51:44 -0400[diff] [blame]1113# icd
Zvikomborero VIncent Zvikaramba30640f82016-07-26 03:16:26 -0400[diff] [blame]1114service icd /system/bin/icd
Zvikomborero VIncent Zvikarambae1d00612016-07-25 19:51:44 -0400[diff] [blame]1115 class main
1116 user system
1117 group system log
1118 onrestart check_icd
1119 oneshot
1120
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]1121service surfaceflinger /system/bin/surfaceflinger
1122 class core
1123 user system
1124 group graphics drmrpc
1125 onrestart restart zygote
1126
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]1127service drm /system/bin/drmserver
1128 class main
1129 user drm
1130# [ SEC_MM_DRM
1131# fix
1132 group drm system inet drmrpc radio
1133# org
1134# group drm system inet drmrpc
1135# ]
1136
1137service media /system/bin/mediaserver
1138 class main
1139 user media
1140 group system audio camera inet net_bt net_bt_admin net_raw net_bw_acct drmrpc mediadrm qcom_diag radio media_rw
1141 ioprio rt 4
1142
1143# One shot invocation to deal with encrypted volume.
1144service defaultcrypto /system/bin/vdc --wait cryptfs mountdefaultencrypted
1145 disabled
1146 oneshot
1147 # vold will set vold.decrypt to trigger_restart_framework (default
1148 # encryption) or trigger_restart_min_framework (other encryption)
1149
1150# One shot invocation to encrypt unencrypted volumes
1151service encrypt /system/bin/vdc --wait cryptfs enablecrypto inplace default
1152 disabled
1153 oneshot
1154 # vold will set vold.decrypt to trigger_restart_framework (default
1155 # encryption)
1156
1157service bootanim /system/bin/bootanimation
1158 class core
1159 user graphics
1160 group graphics audio
1161 disabled
1162 oneshot
1163
1164service installd /system/bin/installd
1165 class main
1166 socket installd stream 600 system system
1167
1168service flash_recovery /system/bin/install-recovery.sh
1169 class main
1170 seclabel u:r:install_recovery:s0
1171 oneshot
1172 disabled
1173
1174# update recovery if enabled
1175on property:persist.sys.recovery_update=true
1176 start flash_recovery
1177
Zvikomborero VIncent Zvikaramba30640f82016-07-26 03:16:26 -0400[diff] [blame]1178service racoon /system/bin/racoon
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]1179 class main
1180 socket racoon stream 600 system system
1181 # IKE uses UDP port 500. Racoon will setuid to vpn after binding the port.
1182 group vpn net_admin inet
1183 disabled
1184 oneshot
1185
Zvikomborero VIncent Zvikaramba30640f82016-07-26 03:16:26 -0400[diff] [blame]1186service mtpd /system/bin/mtpd
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]1187 class main
1188 socket mtpd stream 600 system system
1189 user vpn
1190 group vpn net_admin inet net_raw
1191 disabled
1192 oneshot
1193
1194service keystore /system/bin/keystore /data/misc/keystore
1195 class main
1196 user keystore
1197 group keystore drmrpc system
1198 disabled
1199
1200service dumpstate /system/bin/dumpstate -s
1201 class main
1202 socket dumpstate stream 0660 shell log
1203 disabled
1204 oneshot
1205
1206service mdnsd /system/bin/mdnsd
1207 class main
1208 user mdnsr
1209 group inet net_raw
1210 socket mdnsd stream 0660 mdnsr inet
1211 disabled
1212 oneshot
1213
1214service pre-recovery /system/bin/uncrypt
1215 class main
1216 disabled
1217 oneshot
1218
Zvikomborero VIncent Zvikaramba30640f82016-07-26 03:16:26 -0400[diff] [blame]1219service SIDESYNC_service /system/bin/ss_conn_daemon
Zvikomborero VIncent Zvikarambae1d00612016-07-25 19:51:44 -0400[diff] [blame]1220 class main
1221 socket ss_conn_daemon stream 0666 system system
1222 user system
1223 group inet net_raw
1224
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]1225# otp
Zvikomborero VIncent Zvikaramba30640f82016-07-26 03:16:26 -0400[diff] [blame]1226service otp /system/bin/otp_server
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]1227 user system
1228 group system
1229 disabled
1230
1231on property:persist.security.tlc.otp=1
1232 start otp
1233 setprop persist.security.tlc.otp 0
1234
1235# ccm
Zvikomborero VIncent Zvikaramba30640f82016-07-26 03:16:26 -0400[diff] [blame]1236 service ccm /system/bin/tlc_server
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]1237 user system
1238 group system
1239 disabled
1240
1241on property:persist.security.tlc.ccm=1
1242 start ccm
1243 setprop persist.security.tlc.ccm 0
1244
1245# tui
Zvikomborero VIncent Zvikaramba30640f82016-07-26 03:16:26 -0400[diff] [blame]1246 service tui /system/bin/tlc_server TUI
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]1247 user system
1248 group system
1249 disabled
1250
1251on property:persist.security.tlc.tui=1
1252 start tui
1253 setprop persist.security.tlc.tui 0
1254
1255# CS DAEMON
Zvikomborero VIncent Zvikaramba30640f82016-07-26 03:16:26 -0400[diff] [blame]1256service cs_service /system/bin/cs
1257 class main
1258 user system
1259 group system
1260 disabled
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]1261
1262# insthk
Zvikomborero VIncent Zvikaramba30640f82016-07-26 03:16:26 -0400[diff] [blame]1263service insthk /system/bin/insthk
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]1264 class main
1265 user root
1266 disabled
1267 oneshot
1268
1269on property:sys.qseecomd.enable=true
1270 start cs_service
1271 start keystore
1272 start insthk
1273
Zvikomborero VIncent Zvikaramba30640f82016-07-26 03:16:26 -0400[diff] [blame]1274service mcStarter /system/bin/tbaseLoader tbase
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]1275 class core
1276 user root
1277 group root
1278 disabled
1279 oneshot
1280
Zvikomborero VIncent Zvikaramba30640f82016-07-26 03:16:26 -0400[diff] [blame]1281service run-mobicore /system/bin/mcDriverDaemon
Zvikomborero VIncent Zvikarambaa25011a2016-07-21 16:32:35 -0400[diff] [blame]1282 class core
1283 user system
1284 group system
1285 disabled
1286
1287on property:sys.qseecomd.enable=true
1288 start mcStarter
1289
1290on property:sys.mobicore.loaded=true
1291 start run-mobicore
1292
1293on property:sys.boot_completed=1
1294 write /sys/block/mmcblk0/queue/scheduler cfq
1295
1296# icd
1297on property:init.svc.media=restarting
1298 check_icd
1299 start icd
1300
1301# Activate Background Compaction
1302on property:sys.sysctl.compact_memory=1
1303 write /proc/sys/vm/compact_memory 1
1304 setprop sys.sysctl.compact_memory=0