Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_core / 1136f1592a50c90b3b59fbc3293e4c1e155972e0^! / . / rootdir / init.rc
commit1136f1592a50c90b3b59fbc3293e4c1e155972e0[log] [tgz]
authorTobias Thierer <tobiast@google.com>Fri Aug 23 14:05:29 2019 +0100
committerTobias Thierer <tobiast@google.com>Thu Sep 05 01:41:08 2019 +0100
tree1a2e18452d2a0167ca52d7f86ddf7bc728fe59bd
parent7896e7adccbd272533ee2250f4a9c65cd4ca66d0 [diff] [blame]
Init: Run boringssl self test via separate binaries.

Instead of init.cpp knowning about the boringssl self
test, use init.rc to exec dedicated self test executables.

Advantages:
 - The self test is run not only both the copy of libcrypto
   in /system but also /apex/com.android.conscrypt.
 - The self test is run not only for the primary (e.g. 64bit)
   ABI but also for a secondarry (e.g. 32bit) ABI.
 - The dependency on libcrypto is kept to the self test binary.
 - The self test binary abstracts the exact native API for
   running the self test (this will change soon because the
   self test will be run when the library is loaded).

Bug: 137267623
Test: Check that logcat shows both binaries being started as root,
      and finishing with exit code 0.

Change-Id: I1e716749ee2133993f0f7b2836483391fd1a62f0

diff --git a/rootdir/init.rc b/rootdir/init.rc
index bb36139..d6a32c3 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc

@@ -127,7 +127,7 @@
     mkdir /mnt/expand 0771 system system
     mkdir /mnt/appfuse 0711 root root
 
-    # tmpfs place for BORINGSSL_self_test() to remember whether it has run
+    # These must already exist by the time boringssl_self_test32 / boringssl_self_test64 run.
     mkdir /dev/boringssl 0755 root root
     mkdir /dev/boringssl/selftest 0755 root root
 
@@ -315,6 +315,16 @@
     start hwservicemanager
     start vndservicemanager
 
+# Run boringssl self test for each ABI so that later processes can skip it. http://b/139348610
+on init && property:ro.product.cpu.abilist32=*:
+    exec_reboot_on_failure boringssl-self-check-failed /system/bin/boringssl_self_test32
+on init && property:ro.product.cpu.abilist64=*
+    exec_reboot_on_failure boringssl-self-check-failed /system/bin/boringssl_self_test64
+on property:apexd.status=ready && property:ro.product.cpu.abilist64=*
+    exec_reboot_on_failure boringssl-self-check-failed /apex/com.android.conscrypt/bin/boringssl_self_test64
+on property:apexd.status=ready && property:ro.product.cpu.abilist32=*
+    exec_reboot_on_failure boringssl-self-check-failed /apex/com.android.conscrypt/bin/boringssl_self_test32
+
 # Healthd can trigger a full boot from charger mode by signaling this
 # property when the power button is held.
 on property:sys.boot_from_charger_mode=1