Merge "Use ro.product.enforce_debugfs_restrictions to mount/unmount debugfs" am: 369abe010a am: 43e821f0c4 am: 161bdc4821
Original change: https://android-review.googlesource.com/c/platform/frameworks/native/+/1663449
Change-Id: Ic091285461a195a865f09d8ac41c85d89b58a7c8
diff --git a/cmds/dumpstate/dumpstate.cpp b/cmds/dumpstate/dumpstate.cpp
index 7ab2a8d..e2ffd02 100644
--- a/cmds/dumpstate/dumpstate.cpp
+++ b/cmds/dumpstate/dumpstate.cpp
@@ -2175,14 +2175,13 @@
}
/*
- * mount debugfs for non-user builds which launch with S and unmount it
- * after invoking dumpstateBoard_* methods. This is to enable debug builds
- * to not have debugfs mounted during runtime. It will also ensure that
- * debugfs is only accessed by the dumpstate HAL.
+ * mount debugfs for non-user builds with ro.product.enforce_debugfs_restrictions
+ * set to true and unmount it after invoking dumpstateBoard_* methods.
+ * This is to enable debug builds to not have debugfs mounted during runtime.
+ * It will also ensure that debugfs is only accessed by the dumpstate HAL.
*/
- auto api_level = android::base::GetIntProperty("ro.product.first_api_level", 0);
- bool mount_debugfs = !PropertiesHelper::IsUserBuild() && api_level >= 31;
-
+ auto mount_debugfs =
+ android::base::GetBoolProperty("ro.product.enforce_debugfs_restrictions", false);
if (mount_debugfs) {
RunCommand("mount debugfs", {"mount", "-t", "debugfs", "debugfs", "/sys/kernel/debug"},
AS_ROOT_20);
@@ -2290,7 +2289,10 @@
}
if (mount_debugfs) {
- RunCommand("unmount debugfs", {"umount", "/sys/kernel/debug"}, AS_ROOT_20);
+ auto keep_debugfs_mounted =
+ android::base::GetProperty("persist.dbg.keep_debugfs_mounted", "");
+ if (keep_debugfs_mounted.empty())
+ RunCommand("unmount debugfs", {"umount", "/sys/kernel/debug"}, AS_ROOT_20);
}
auto file_sizes = std::make_unique<ssize_t[]>(paths.size());