Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_core / 62767fe29f8aaf62470781a3cf419ba11187d178^! / . / init / service.h
commit62767fe29f8aaf62470781a3cf419ba11187d178[log] [tgz]
authorMark Salyzyn <salyzyn@google.com>Thu Oct 27 07:45:34 2016 -0700
committerMark Salyzyn <salyzyn@google.com>Thu Nov 03 13:34:26 2016 -0700
tree42ca647c67feecbda7a82c60ec58c5e5c69a20b3
parent0b034d9d7b1af4e2f608ddf2dc2a0e08773e69ac [diff] [blame]
init: service file keyword

Solve one more issue where privilege is required to open a file and
we do not want to grant such to the service. This is the service side
of the picture, android_get_control_file() in libcutils is the client.
The file's descriptor is placed into the environment as
"ANDROID_FILE_<path>".  For socket and files where non-alpha and
non-numeric characters in the <name/path> are replaced with _.  There
was an accompanying change in android_get_control_socket() to match
in commit 'libcutils: add android_get_control_socket() test'

Add a gTest unit test for this that tests create_file and
android_get_control_file().

Test: gTest init_tests --gtest_filter=util.create_file
Bug: 32450474
Change-Id: I96eb970c707db6d51a9885873329ba1cb1f23140

diff --git a/init/service.h b/init/service.h
index 7f035ef..d9e8f57 100644
--- a/init/service.h
+++ b/init/service.h

@@ -27,6 +27,7 @@
 
 #include "action.h"
 #include "capabilities.h"
+#include "descriptors.h"
 #include "init_parser.h"
 #include "keyword_map.h"
 
@@ -48,18 +49,6 @@
 class Action;
 class ServiceManager;
 
-struct SocketInfo {
-    SocketInfo();
-    SocketInfo(const std::string& name, const std::string& type, uid_t uid,
-                       gid_t gid, int perm, const std::string& socketcon);
-    std::string name;
-    std::string type;
-    uid_t uid;
-    gid_t gid;
-    int perm;
-    std::string socketcon;
-};
-
 struct ServiceEnvironmentInfo {
     ServiceEnvironmentInfo();
     ServiceEnvironmentInfo(const std::string& name, const std::string& value);
@@ -113,9 +102,7 @@
     void StopOrReset(int how);
     void ZapStdio() const;
     void OpenConsole() const;
-    void PublishSocket(const std::string& name, int fd) const;
     void KillProcessGroup(int signal);
-    void CreateSockets(const std::string& scon);
     void SetProcessAttributes();
 
     bool ParseCapabilities(const std::vector<std::string>& args, std::string *err);
@@ -134,9 +121,13 @@
     bool ParseSeclabel(const std::vector<std::string>& args, std::string* err);
     bool ParseSetenv(const std::vector<std::string>& args, std::string* err);
     bool ParseSocket(const std::vector<std::string>& args, std::string* err);
+    bool ParseFile(const std::vector<std::string>& args, std::string* err);
     bool ParseUser(const std::vector<std::string>& args, std::string* err);
     bool ParseWritepid(const std::vector<std::string>& args, std::string* err);
 
+    template <typename T>
+    bool AddDescriptor(const std::vector<std::string>& args, std::string* err);
+
     std::string name_;
     std::string classname_;
     std::string console_;
@@ -155,7 +146,7 @@
 
     std::string seclabel_;
 
-    std::vector<SocketInfo> sockets_;
+    std::vector<std::unique_ptr<DescriptorInfo>> descriptors_;
     std::vector<ServiceEnvironmentInfo> envvars_;
 
     Action onrestart_;  // Commands to execute on restart.