a3x
/
s4-imei-tools
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
s4-imei-tools/kernel_image/init.rc

1157 lines
40 KiB
Plaintext
Executable File
Raw Permalink Blame History

# Copyright (c) 2013, The Linux Foundation. All rights reserved.
# Not a Contribution.
#
# Copyright (C) 2012 The Android Open Source Project
#
# IMPORTANT: Do not create world writable files or directories.
# This is a common source of Android security bugs.
#
import /init.environ.rc
import /init.usb.rc
import /init.${ro.hardware}.rc
import /init.trace.rc
import /init.carrier.rc
import /init.container.rc
on early-init
# Set init and its forked children's oom_adj.
write /proc/1/oom_adj -16
# Set the security context for the init process.
# This should occur before anything else (e.g. ueventd) is started.
setcon u:r:init:s0
start ueventd
# Configure SEAndroid booleans and enforcing mode
setsebool debugfs 1
# create mountpoints
mkdir /mnt 0775 root system
on init
sysclktz 0
loglevel 3
# Vibetonz
export VIBE_PIPE_PATH /dev/pipes
mkdir /dev/pipes 0771 vibe vibe
restorecon /dev/pipes
# for audit message
chown system system /proc/avc_msg
chmod 0660 /proc/avc_msg
# Backward compatibility
symlink /system/etc /etc
symlink /sys/kernel/debug /d
# Right now vendor lives on the same filesystem as system,
# but someday that may change.
symlink /system/vendor /vendor
# Create cgroup mount point for cpu accounting
mkdir /acct
mount cgroup none /acct cpuacct
mkdir /acct/uid
# Create cgroup mount point for memory
mount tmpfs none /sys/fs/cgroup mode=0750,uid=0,gid=1000
mkdir /sys/fs/cgroup/memory 0750 root system
mount cgroup none /sys/fs/cgroup/memory memory
write /sys/fs/cgroup/memory/memory.move_charge_at_immigrate 1
chown root system /sys/fs/cgroup/memory/tasks
chmod 0660 /sys/fs/cgroup/memory/tasks
mkdir /sys/fs/cgroup/memory/sw 0750 root system
write /sys/fs/cgroup/memory/sw/memory.swappiness 100
write /sys/fs/cgroup/memory/sw/memory.move_charge_at_immigrate 1
chown root system /sys/fs/cgroup/memory/sw/tasks
chmod 0660 /sys/fs/cgroup/memory/sw/tasks
mkdir /system
mkdir /data 0771 system system
mkdir /cache 0770 system cache
mkdir /config 0500 root root
mkdir /efs 0771 system radio
# See storage config details at http://source.android.com/tech/storage/
mkdir /mnt/shell 0750 shell shell
mkdir /mnt/media_rw 0700 media_rw media_rw
mkdir /storage 0751 root sdcard_r
# Directory for putting things only root should see.
mkdir /mnt/secure 0700 root root
# Create private mountpoint so we can MS_MOVE from staging
mount tmpfs tmpfs /mnt/secure mode=0700,uid=0,gid=0
# Directory for staging bindmounts
mkdir /mnt/secure/staging 0700 root root
restorecon -R /mnt/secure/staging
# Directory-target for where the secure container
# imagefile directory will be bind-mounted
mkdir /mnt/secure/asec 0700 root root
mount tmpfs tmpfs /mnt/secure/asec mode=0700,uid=0,gid=0
restorecon -R /mnt/secure/asec
# Secure container public mount points.
mkdir /mnt/asec 0700 root system
mount tmpfs tmpfs /mnt/asec mode=0755,gid=1000
restorecon -R /mnt/asec
# Filesystem image public mount points.
mkdir /mnt/obb 0700 root system
mount tmpfs tmpfs /mnt/obb mode=0755,gid=1000
restorecon -R /mnt/obb
write /proc/sys/kernel/panic_on_oops 1
write /proc/sys/kernel/hung_task_timeout_secs 0
write /proc/cpu/alignment 4
write /proc/sys/kernel/sched_latency_ns 10000000
write /proc/sys/kernel/sched_wakeup_granularity_ns 2000000
write /proc/sys/kernel/sched_compat_yield 1
write /proc/sys/kernel/sched_child_runs_first 0
write /proc/sys/kernel/randomize_va_space 2
write /proc/sys/kernel/kptr_restrict 2
write /proc/sys/kernel/dmesg_restrict 1
write /proc/sys/vm/mmap_min_addr 32768
write /proc/sys/net/ipv4/ping_group_range "0 2147483647"
write /proc/sys/kernel/sched_rt_runtime_us 950000
write /proc/sys/kernel/sched_rt_period_us 1000000
# Create cgroup mount points for process groups
mkdir /dev/cpuctl
mount cgroup none /dev/cpuctl cpu
chown system system /dev/cpuctl
chown system system /dev/cpuctl/tasks
chmod 0660 /dev/cpuctl/tasks
write /dev/cpuctl/cpu.shares 1024
write /dev/cpuctl/cpu.rt_runtime_us 950000
write /dev/cpuctl/cpu.rt_period_us 1000000
mkdir /dev/cpuctl/apps
chown system system /dev/cpuctl/apps/tasks
chmod 0666 /dev/cpuctl/apps/tasks
write /dev/cpuctl/apps/cpu.shares 1024
write /dev/cpuctl/apps/cpu.rt_runtime_us 800000
write /dev/cpuctl/apps/cpu.rt_period_us 1000000
mkdir /dev/cpuctl/apps/bg_non_interactive
chown system system /dev/cpuctl/apps/bg_non_interactive/tasks
chmod 0666 /dev/cpuctl/apps/bg_non_interactive/tasks
# 5.0 %
write /dev/cpuctl/apps/bg_non_interactive/cpu.shares 52
write /dev/cpuctl/apps/bg_non_interactive/cpu.rt_runtime_us 700000
write /dev/cpuctl/apps/bg_non_interactive/cpu.rt_period_us 1000000
# qtaguid will limit access to specific data based on group memberships.
# net_bw_acct grants impersonation of socket owners.
# net_bw_stats grants access to other apps' detailed tagged-socket stats.
chown root net_bw_acct /proc/net/xt_qtaguid/ctrl
chown root net_bw_stats /proc/net/xt_qtaguid/stats
# Allow everybody to read the xt_qtaguid resource tracking misc dev.
# This is needed by any process that uses socket tagging.
chmod 0644 /dev/xt_qtaguid
# Create location for fs_mgr to store abbreviated output from filesystem
# checker programs.
mkdir /dev/fscklogs 0770 root system
# To sync between sdcard & installd
setprop installd.sdcard_manipulate_done 0
on post-fs
# once everything is setup, no need to modify /
mount rootfs rootfs / ro remount
# mount shared so changes propagate into child namespaces
mount rootfs rootfs / shared rec
mount tmpfs tmpfs /mnt/secure private rec
mount tmpfs tmpfs /mnt/secure/asec shared rec
# We chown/chmod /cache again so because mount is run as root + defaults
chown system cache /cache
chmod 0770 /cache
# We restorecon /cache in case the cache partition has been reset.
restorecon /cache
# This may have been created by the recovery system with odd permissions
chown system cache /cache/recovery
chmod 0770 /cache/recovery
# This may have been created by the recovery system with the wrong context.
restorecon /cache/recovery
#change permissions on vmallocinfo so we can grab it from bugreports
chown root log /proc/vmallocinfo
chmod 0440 /proc/vmallocinfo
chown root log /proc/slabinfo
chmod 0440 /proc/slabinfo
#change permissions on kmsg & sysrq-trigger so bugreports can grab kthread stacks
chown root system /proc/kmsg
chmod 0440 /proc/kmsg
chown root system /proc/sysrq-trigger
chmod 0220 /proc/sysrq-trigger
chown system log /proc/last_kmsg
chmod 0440 /proc/last_kmsg
# create the lost+found directories, so as to enforce our permissions
mkdir /cache/lost+found 0770 root root
restorecon /cache/lost+found
on post-fs-data
# Reload SE Android Policy
setprop selinux.reload_policy 1
# We chown/chmod /data again so because mount is run as root + defaults
chown system system /data
chmod 0771 /data
# We restorecon /data in case the userdata partition has been reset.
restorecon /data
# Avoid predictable entropy pool. Carry over entropy from previous boot.
copy /data/system/entropy.dat /dev/urandom
# Create dump dir and collect dumps.
# Do this before we mount cache so eventually we can use cache for
# storing dumps on platforms which do not have a dedicated dump partition.
mkdir /data/dontpanic 0750 root log
# Collect apanic data, free resources and re-arm trigger
copy /proc/apanic_console /data/dontpanic/apanic_console
chown root log /data/dontpanic/apanic_console
chmod 0640 /data/dontpanic/apanic_console
copy /proc/apanic_threads /data/dontpanic/apanic_threads
chown root log /data/dontpanic/apanic_threads
chmod 0640 /data/dontpanic/apanic_threads
write /proc/apanic_console 1
# create basic filesystem structure
mkdir /data/misc 01771 system misc
mkdir /data/misc/audit 02775 audit system
mkdir /data/misc/adb 02750 system shell
mkdir /data/misc/bluedroid 0770 bluetooth net_bt_stack
mkdir /data/misc/bluetooth 0770 system system
mkdir /data/misc/keystore 0700 keystore keystore
mkdir /data/misc/keychain 0771 system system
mkdir /data/misc/radio 0771 system radio
mkdir /data/misc/sms 0770 system radio
mkdir /data/misc/zoneinfo 0775 system system
mkdir /data/misc/vpn 0770 system vpn
mkdir /data/misc/systemkeys 0700 system system
# give system access to wpa_supplicant.conf for backup and restore
mkdir /data/misc/wifi 0770 wifi wifi
chmod 0660 /data/misc/wifi/wpa_supplicant.conf
mkdir /data/local 0751 root root
mkdir /data/misc/media 0700 media media
# icd
check_icd
chown system system /dev/icd
chmod 0644 /dev/icd
chown system system /dev/icdr
chmod 0644 /dev/icdr
chown system system /dev/tzic
#SideSync
chown system system /dev/android_ssusbcon
chmod 0660 /dev/android_ssusbcon
# For security reasons, /data/local/tmp should always be empty.
# Do not place files or directories in /data/local/tmp
mkdir /data/local/tmp 0771 shell shell
mkdir /data/data 0771 system system
mkdir /data/app-private 0771 system system
mkdir /data/app-asec 0700 root root
mkdir /data/app-lib 0771 system system
mkdir /data/app 0771 system system
mkdir /data/property 0700 root root
mkdir /data/ssh 0750 root shell
mkdir /data/ssh/empty 0700 root root
mkdir /data/system 0775 system system
mkdir /data/system/container 0700 system system
restorecon -R /data/system
# SA, System SW, SAMSUNG create log directory
mkdir /data/log 0775 system log
chown system log /data/log
mkdir /data/anr 0775 system system
chown system system /data/anr
chmod 0775 /data/log
chmod 0775 /data/anr
restorecon /data/log
restorecon /data/anr
# create dalvik-cache, so as to enforce our permissions
mkdir /data/dalvik-cache 0771 system system
# create resource-cache and double-check the perms
mkdir /data/resource-cache 0771 system system
chown system system /data/resource-cache
chmod 0771 /data/resource-cache
# create the lost+found directories, so as to enforce our permissions
mkdir /data/lost+found 0770 root root
restorecon /data/lost+found
# create directory for DRM plug-ins - give drm the read/write access to
# the following directory.
mkdir /data/drm 0770 drm drm
# create directory for MediaDrm plug-ins - give drm the read/write access to
# the following directory.
mkdir /data/mediadrm 0770 mediadrm mediadrm
# DRK permission
mkdir /efs/prov_data 700 system system
mkdir /efs/prov 0770 radio system
chown radio system /efs/prov/libdevkm.lock
chmod 0660 /efs/prov/libdevkm.lock
#drm permission
mkdir /efs/drm 0774 drm system
#h2k permission
chmod 0644 /efs/redata.bin
chown radio radio /efs/h2k.dat
chmod 0644 /efs/h2k.dat
chown system system /efs/drm/h2k
# [ SEC_MM_DRM
# sdrm
mkdir /efs/drm 0774 drm system
mkdir /efs/drm/sdrm 0774 drm system
mkdir /efs/drm/sdrm/data_agent 0774 drm system
mkdir /efs/drm/playready 0775 drm system
restorecon /efs/drm
restorecon /efs/drm/sdrm
restorecon /efs/drm/data_agent
# DRM directory creation
mkdir /system/etc/security/.drm 0775
chown root root /system/etc/security/.drm
chmod 0775 /system/etc/security/.drm
# Added for Playready DRM Support
mkdir /data/data/.drm 0775
chown drm system /data/data/.drm
chmod 0775 /data/data/.drm
mkdir /data/data/.drm/.playready 0775
chown drm system /data/data/.drm/.playready
chmod 0775 /data/data/.drm/.playready
# Added drm folder to copy drm plugins
mkdir /system/lib/drm 0775
chown root root /system/lib/drm
chmod 0775 /system/lib/drm
# DivX DRM
mkdir /efs/.files 0775
mkdir /efs/.files/.dx1 0775
mkdir /efs/.files/.dm33 0775
mkdir /efs/.files/.mp301 0775
chown media system /efs/.files/.dx1
chown media system /efs/.files/.dm33
chown media system /efs/.files/.mp301
chmod 0775 /efs/.files/.dx1
chmod 0775 /efs/.files/.dm33
chmod 0775 /efs/.files/.mp301
restorecon -R /efs
# ]
# MTP device permission
chmod 0660 /dev/usb_mtp_gadget
chown system mtp /dev/usb_mtp_gadget
mkdir /dev/socket/mtp 0770 system mtp
# symlink to bugreport storage location
symlink /data/data/com.android.shell/files/bugreports /data/bugreports
# Separate location for storing security policy files on data
mkdir /data/security 0700 system system
mkdir /data/security/spota 0700 system system
mkdir /data/security/booleans 0711 system system
mkdir /data/security/good 0700 system system
mkdir /data/security/stig 0700 system system
mkdir /data/security/booleans 0711 system system
mkdir /data/security/mycontainer 0700 system system
# If there is no fs-post-data action in the init.<device>.rc file, you
# must uncomment this line, otherwise encrypted filesystems
# won't work.
# Set indication (checked by vold) that we have finished this action
#setprop vold.post_fs_data_done 1
# Permissions for Camera
chown system radio /sys/class/camera/rear/rear_camfw
chown system radio /sys/class/camera/rear/rear_camtype
chown system media_rw /sys/class/camera/rear/rear_checkApp
chown system radio /sys/class/camera/flash/rear_flash
chmod 664 /sys/class/camera/flash/rear_flash
#D2 Assistive Light - Start
chown system radio /sys/class/camera/rear/rear_flash
chmod 664 /sys/class/camera/rear/rear_flash
#D2 Assistive Light - End
chown system radio /sys/class/camera/front/front_camfw
chown system radio /sys/class/camera/front/front_camtype
# Permissions for svc led
chown system system /sys/class/sec/led/led_r
chown system system /sys/class/sec/led/led_g
chown system system /sys/class/sec/led/led_b
chown system system /sys/class/sec/led/led_pattern
chown system system /sys/class/sec/led/led_blink
chown system system /sys/class/sec/led/led_lowpower
on boot
# reset_reason
chown system system /proc/reset_reason
chmod 0600 /proc/reset_reason
# Mobicore
mkdir /data/app/mcRegistry 0775 system system
# Vibetonz
chmod 0660 /dev/tspdrv
chown vibe vibe /dev/tspdrv
# volume up/down key
chown radio system /sys/class/sec/sec_key/wakeup_keys
# basic network init
ifup lo
hostname localhost
domainname localdomain
# set RLIMIT_NICE to allow priorities from 19 to -20
setrlimit 13 40 40
# Memory management. Basic kernel parameters, and allow the high
# level system server to be able to adjust the kernel OOM driver
# parameters to match how it is managing things.
write /proc/sys/vm/overcommit_memory 1
write /proc/sys/vm/min_free_order_shift 4
chown root system /sys/module/lowmemorykiller/parameters/adj
chmod 0664 /sys/module/lowmemorykiller/parameters/adj
chown root system /sys/module/lowmemorykiller/parameters/minfree
chmod 0664 /sys/module/lowmemorykiller/parameters/minfree
# Tweak background writeout
write /proc/sys/vm/dirty_expire_centisecs 200
write /proc/sys/vm/dirty_background_ratio 5
# Permissions for System Server and daemons.
chown radio system /sys/android_power/state
chown radio system /sys/android_power/request_state
chown radio system /sys/android_power/acquire_full_wake_lock
chown radio system /sys/android_power/acquire_partial_wake_lock
chown radio system /sys/android_power/release_wake_lock
chown system system /sys/power/autosleep
chown system system /sys/power/state
chown system system /sys/power/wakeup_count
chown radio system /sys/power/wake_lock
chown radio system /sys/power/wake_unlock
chmod 0660 /sys/power/state
chmod 0660 /sys/power/wake_lock
chmod 0660 /sys/power/wake_unlock
# SEC DVFS sysfs node
chown radio system /sys/power/cpufreq_max_limit
chown radio system /sys/power/cpufreq_min_limit
chown radio system /sys/power/cpufreq_table
chown radio system /sys/class/kgsl/kgsl-3d0/max_pwrlevel
chown radio system /sys/class/kgsl/kgsl-3d0/min_pwrlevel
chown radio system /sys/class/kgsl/kgsl-3d0/gpu_available_frequencies
chown radio system /sys/class/kgsl/kgsl-3d0/fps
chown radio system /sys/class/kgsl/kgsl-3d0/max_fps
chmod 664 /sys/power/cpufreq_max_limit
chmod 664 /sys/power/cpufreq_min_limit
chmod 664 /sys/power/cpufreq_table
chmod 664 /sys/class/kgsl/kgsl-3d0/max_pwrlevel
chmod 664 /sys/class/kgsl/kgsl-3d0/min_pwrlevel
chmod 664 /sys/class/kgsl/kgsl-3d0/gpu_available_frequencies
chown radio system /sys/devices/system/cpu/kernel_max
chmod 664 /sys/devices/system/cpu/kernel_max
chown system system /sys/devices/system/cpu/cpufreq/interactive/timer_rate
chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/timer_rate
chown system system /sys/devices/system/cpu/cpufreq/interactive/timer_slack
chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/timer_slack
chown system system /sys/devices/system/cpu/cpufreq/interactive/min_sample_time
chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/min_sample_time
chown system system /sys/devices/system/cpu/cpufreq/interactive/hispeed_freq
chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/hispeed_freq
chown system system /sys/devices/system/cpu/cpufreq/interactive/target_loads
chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/target_loads
chown system system /sys/devices/system/cpu/cpufreq/interactive/go_hispeed_load
chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/go_hispeed_load
chown system system /sys/devices/system/cpu/cpufreq/interactive/above_hispeed_delay
chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/above_hispeed_delay
chown system system /sys/devices/system/cpu/cpufreq/interactive/boost
chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/boost
chown system system /sys/devices/system/cpu/cpufreq/interactive/boostpulse
chown system system /sys/devices/system/cpu/cpufreq/interactive/input_boost
chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/input_boost
chown system system /sys/devices/system/cpu/cpufreq/interactive/boostpulse_duration
chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/boostpulse_duration
chown system system /sys/devices/system/cpu/cpufreq/interactive/io_is_busy
chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/io_is_busy
# Assume SMP uses shared cpufreq policy for all CPUs
chown system system /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq
chmod 0660 /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq
# MDNIE
chown system system /sys/class/mdnie/mdnie/lcdtype
chown system system /sys/class/mdnie/mdnie/lcd_power
chown system media_rw /sys/class/mdnie/mdnie/scenario
chown system system /sys/class/mdnie/mdnie/tuning
chown system media_rw /sys/class/mdnie/mdnie/outdoor
chown system system /sys/class/mdnie/mdnie/mdnie_temp
chown system system /sys/class/mdnie/mdnie/mode
chown system system /sys/class/mdnie/mdnie/negative
chown system media_rw /sys/class/mdnie/mdnie/playspeed
chown system system /sys/class/lcd/panel/window_type
chown radio system /sys/class/lcd/panel/power_reduce
chown system media_rw /sys/class/mdnie/mdnie/accessibility
chown system system /sys/class/mdnie/mdnie/cabc
chown radio system /sys/class/lcd/panel/siop_enable
chown radio system /sys/class/lcd/panel/temperature
# Adjust YUV to RGB Conversion
chown system media_rw /sys/class/graphics/fb0/csc_cfg
chmod 0660 /sys/class/graphics/fb0/csc_cfg
# Dynamic FPS
chown radio system /sys/class/lcd/panel/fps_change
chmod 0664 /sys/class/lcd/panel/fps_change
# Auto Brightness
chown system system /sys/class/backlight/panel/auto_brightness
chmod 0660 /sys/class/backlight/panel/auto_brightness
# Permission for Touchscreen, Touchkey.
chown radio system /sys/class/sec/sec_touchkey/touch_sensitivity
chown radio system /sys/class/sec/sec_touchkey/touchkey_firm_update
chown system radio /sys/class/sec/tsp/cmd
chown system radio /sys/class/sec/sec_touchkey/glove_mode
chown system radio /sys/class/sec/sec_touchkey/flip_mode
chown system system /sys/class/timed_output/vibrator/enable
chown system system /sys/class/leds/keyboard-backlight/brightness
chown system system /sys/class/leds/lcd-backlight/brightness
chown system system /sys/class/leds/button-backlight/brightness
chown system system /sys/class/leds/jogball-backlight/brightness
chown system system /sys/class/leds/red/brightness
chown system system /sys/class/leds/green/brightness
chown system system /sys/class/leds/blue/brightness
chown system system /sys/class/leds/red/device/grpfreq
chown system system /sys/class/leds/red/device/grppwm
chown system system /sys/class/leds/red/device/blink
chown system system /sys/class/timed_output/vibrator/enable
chown system system /sys/module/sco/parameters/disable_esco
chown system system /sys/kernel/ipv4/tcp_wmem_min
chown system system /sys/kernel/ipv4/tcp_wmem_def
chown system system /sys/kernel/ipv4/tcp_wmem_max
chown system system /sys/kernel/ipv4/tcp_rmem_min
chown system system /sys/kernel/ipv4/tcp_rmem_def
chown system system /sys/kernel/ipv4/tcp_rmem_max
chown root radio /proc/cmdline
# permission for CHARGING
chown system radio /sys/class/power_supply/battery/batt_reset_soc
chown system radio /sys/class/power_supply/battery/update
chown system radio /sys/class/power_supply/battery/factory_mode
chown system radio /sys/class/power_supply/battery/batt_slate_mode
chown sdcard_rw sdcard_rw /sys/class/power_supply/battery/call
chown sdcard_rw sdcard_rw /sys/class/power_supply/battery/video
chown sdcard_rw sdcard_rw /sys/class/power_supply/battery/music
chown sdcard_rw sdcard_rw /sys/class/power_supply/battery/browser
chown sdcard_rw sdcard_rw /sys/class/power_supply/battery/hotspot
chown sdcard_rw sdcard_rw /sys/class/power_supply/battery/camera
chown system radio /sys/class/power_supply/battery/talk_wcdma
chown system radio /sys/class/power_supply/battery/talk_gsm
chown system radio /sys/class/power_supply/battery/call
chown system radio /sys/class/power_supply/battery/data_call
chown system radio /sys/class/power_supply/battery/gps
chown system radio /sys/class/power_supply/battery/wifi
chown system radio /sys/class/power_supply/battery/lte
chown system radio /sys/class/power_supply/battery/wc_enable
chown system radio /sys/class/power_supply/battery/lcd
chown system radio /sys/class/power_supply/battery/batt_temp_table
# Set these so we can remotely update SELinux policy
chown system system /sys/fs/selinux/load
chown system system /sys/fs/selinux/enforce
# Permissions for SSRM
chmod 0664 /sys/devices/platform/sec-thermistor/temperature
chmod 0664 /sys/class/power_supply/battery/siop_level
chmod 0664 /sys/class/power_supply/battery/test_charge_current
chown radio system /sys/devices/platform/sec-thermistor/temperature
chown radio system /sys/class/power_supply/battery/siop_level
chown radio system /sys/class/power_supply/battery/test_charge_current
#OTG Test
chown system radio /sys/class/host_notify/usb_otg/booster
chmod 0660 /sys/class/host_notify/usb_otg/booster
#FM Radio
chown system audio /dev/fmradio
chmod 660 /dev/fmradio
#Essential node for usbservice
mkdir /dev/bus/ 755 root root
mkdir /dev/bus/usb 755 root root
# <Sensors & NFC>
# Accelerometer_sensor
chown system radio /sys/class/sensors/accelerometer_sensor/raw_data
chown system radio /sys/class/sensors/accelerometer_sensor/calibration
chown system radio /sys/class/sensors/accelerometer_sensor/reactive_alert
chown system radio /sys/class/sensors/accelerometer_sensor/vendor
chown system radio /sys/class/sensors/accelerometer_sensor/name
# Grip_sensor
chown system radio /sys/class/sensors/grip_sensor/onoff
chown system radio /sys/class/sensors/grip_sensor/calibration
chown system radio /sys/class/sensors/grip_sensor/raw_data
chown system radio /sys/class/sensors/grip_sensor/offset
chown system radio /sys/class/sensors/grip_sensor/threshold
chown system radio /sys/class/sensors/grip_sensor/name
chown system radio /sys/class/sensors/grip_sensor/vendor
# Proximity_sensor
chown system radio /sys/class/sensors/proximity_sensor/state
chown system radio /sys/class/sensors/proximity_sensor/raw_data
chown system radio /sys/class/sensors/proximity_sensor/prox_avg
chown system radio /sys/class/sensors/proximity_sensor/prox_cal
chown system radio /sys/class/sensors/proximity_sensor/vendor
chown system radio /sys/class/sensors/proximity_sensor/name
chown system radio /sys/class/sensors/proximity_sensor/thresh_high
chown system radio /sys/class/sensors/proximity_sensor/thresh_low
chown system radio /sys/class/sensors/proximity_sensor/barcode_emul_en
# Light_sensor
chown system radio /sys/class/sensors/light_sensor/lux
chown system radio /sys/class/sensors/light_sensor/raw_data
chown system radio /sys/class/sensors/light_sensor/vendor
chown system radio /sys/class/sensors/light_sensor/name
# Gyro_sensor
chown system radio /sys/class/sensors/gyro_sensor/power_on
chown system radio /sys/class/sensors/gyro_sensor/power_off
chown system radio /sys/class/sensors/gyro_sensor/temperature
chown system radio /sys/class/sensors/gyro_sensor/selftest
chown system radio /sys/class/sensors/gyro_sensor/selftest_dps
chown system radio /sys/class/sensors/gyro_sensor/vendor
chown system radio /sys/class/sensors/gyro_sensor/name
# Barometer_sensor
chown system radio /sys/class/sensors/barometer_sensor/sea_level_pressure
chown system radio /sys/class/sensors/barometer_sensor/eeprom_check
chown system radio /sys/class/sensors/barometer_sensor/vendor
chown system radio /sys/class/sensors/barometer_sensor/name
chown system radio /sys/class/sensors/barometer_sensor/calibration
# Magnetic_sensor
# chown system radio /dev/akm8963
chown system radio /sys/class/sensors/magnetic_sensor/raw_data
chown system radio /sys/class/sensors/magnetic_sensor/vendor
chown system radio /sys/class/sensors/magnetic_sensor/name
# uv_sensor
chown system radio /sys/class/sensors/uv_sensor/vendor
chown system radio /sys/class/sensors/uv_sensor/name
chown system radio /sys/class/sensors/uv_sensor/raw_data
chown system radio /sys/class/sensors/uv_sensor/power_on
chown system radio /sys/class/sensors/uv_sensor/power_off
# Temphumidity_sensor
chown system radio /sys/class/sensors/temphumidity_sensor/vendor
chown system radio /sys/class/sensors/temphumidity_sensor/name
chown system radio /sys/class/sensors/temphumidity_sensor/engine_ver
chown system radio /sys/class/sensors/temphumidity_sensor/engine_ver2
chown system radio /sys/class/sensors/temphumidity_sensor/cp_thm
chown system radio /sys/class/sensors/temphumidity_sensor/send_accuracy
# SensorHub
chown system radio /sys/class/sensors/ssp_sensor/enable
chown system radio /sys/class/sensors/ssp_sensor/enable_irq
chown system radio /sys/class/sensors/ssp_sensor/mcu_rev
chown system radio /sys/class/sensors/ssp_sensor/mcu_name
chown system radio /sys/class/sensors/ssp_sensor/mcu_test
chown system radio /sys/class/sensors/ssp_sensor/mcu_reset
chown system radio /sys/class/sensors/ssp_sensor/mcu_update
chown system radio /sys/class/sensors/ssp_sensor/mcu_sleep_test
chown system radio /sys/class/sensors/ssp_sensor/ori_poll_delay
chown system radio /sys/class/sensors/ssp_sensor/mag_poll_delay
chown system radio /sys/class/sensors/ssp_sensor/temp_humi_poll_delay
# Gesture_sensor
chown system radio /sys/class/sensors/gesture_sensor/ir_current
chown system radio /sys/class/sensors/gesture_sensor/selftest
# Seac Jack
chown media system /sys/class/audio/earjack/reselect_jack
# IrLed
chmod 0660 /dev/ice4_dev
chown system system /dev/ice4_dev
# NFC_NXP
setprop ro.nfc.port "I2C"
chmod 0600 /dev/pn544
chown nfc nfc /dev/pn544
# NFC_BROADCOM
chmod 0600 /dev/bcm2079x
chown nfc nfc /dev/bcm2079x
mkdir /data/bcmnfc
mkdir /data/bcmnfc/param
chmod 0700 /data/bcmnfc
chmod 0700 /data/bcmnfc/param
chown nfc nfc /data/bcmnfc
chown nfc nfc /data/bcmnfc/param
# Permissions for Barcode Emul
chown system radio /sys/class/sec/sec_barcode_emul/barcode_send
chown system radio /sys/class/sec/sec_barcode_emul/barcode_ver_check
chown system radio /sys/class/sec/sec_barcode_emul/barcode_led_status
# IR_LED
chown system radio /sys/class/sec/sec_ir/ir_send
chown system radio /sys/class/sec/sec_ir/ir_send_result
# Permission for fast dormacy for RIL
chown system radio /sys/devices/virtual/sec/bamdmux/waketime
# Define TCP buffer sizes for various networks
# ReadMin, ReadInitial, ReadMax, WriteMin, WriteInitial, WriteMax,
setprop net.tcp.buffersize.default 4096,87380,704512,4096,16384,110208
setprop net.tcp.buffersize.wifi 524288,1048576,2560000,524288,1048576,2560000
setprop net.tcp.buffersize.lte 524288,1048576,2560000,524288,1048576,2560000
setprop net.tcp.buffersize.umts 4094,87380,704512,4096,16384,110208
setprop net.tcp.buffersize.hspa 4094,87380,704512,4096,16384,262144
setprop net.tcp.buffersize.hsupa 4094,87380,704512,4096,16384,262144
setprop net.tcp.buffersize.hsdpa 4094,87380,704512,4096,16384,262144
setprop net.tcp.buffersize.hspap 4094,87380,1220608,4096,16384,1220608
setprop net.tcp.buffersize.edge 4093,26280,35040,4096,16384,35040
setprop net.tcp.buffersize.gprs 4092,30000,30000,4096,8760,11680
setprop net.tcp.buffersize.evdo 4094,87380,262144,4096,16384,262144
# Assign TCP buffer thresholds to be ceiling value of technology maximums
# Increased technology maximums should be reflected here.
write /proc/sys/net/core/rmem_max 1048576
write /proc/sys/net/core/wmem_max 2097152
write /sys/block/mmcblk0/queue/scheduler noop
class_start core
class_start main
on nonencrypted
class_start late_start
on charger
mount_all fstab.qcom
class_start charger
write /sys/devices/system/cpu/cpu1/online 1
write /sys/devices/system/cpu/cpu2/online 1
write /sys/devices/system/cpu/cpu3/online 1
write /sys/module/rpm_resources/enable_low_power/L2_cache 1
write /sys/module/rpm_resources/enable_low_power/pxo 1
write /sys/module/rpm_resources/enable_low_power/vdd_dig 1
write /sys/module/rpm_resources/enable_low_power/vdd_mem 1
write /sys/module/pm_8x60/modes/cpu0/power_collapse/suspend_enabled 1
write /sys/module/pm_8x60/modes/cpu1/power_collapse/suspend_enabled 1
write /sys/module/pm_8x60/modes/cpu2/power_collapse/suspend_enabled 1
write /sys/module/pm_8x60/modes/cpu3/power_collapse/suspend_enabled 1
write /sys/module/pm_8x60/modes/cpu0/standalone_power_collapse/suspend_enabled 1
write /sys/module/pm_8x60/modes/cpu1/standalone_power_collapse/suspend_enabled 1
write /sys/module/pm_8x60/modes/cpu2/standalone_power_collapse/suspend_enabled 1
write /sys/module/pm_8x60/modes/cpu3/standalone_power_collapse/suspend_enabled 1
write /sys/module/pm_8x60/modes/cpu0/standalone_power_collapse/idle_enabled 1
write /sys/module/pm_8x60/modes/cpu1/standalone_power_collapse/idle_enabled 1
write /sys/module/pm_8x60/modes/cpu2/standalone_power_collapse/idle_enabled 1
write /sys/module/pm_8x60/modes/cpu3/standalone_power_collapse/idle_enabled 1
write /sys/module/pm_8x60/modes/cpu0/power_collapse/idle_enabled 0
write /sys/module/pm_8x60/modes/cpu1/power_collapse/idle_enabled 0
write /sys/module/pm_8x60/modes/cpu2/power_collapse/idle_enabled 0
write /sys/module/pm_8x60/modes/cpu3/power_collapse/idle_enabled 0
write /sys/devices/system/cpu/cpu0/cpufreq/scaling_governor "powersave"
write /sys/devices/system/cpu/cpu1/cpufreq/scaling_governor "powersave"
write /sys/devices/system/cpu/cpu2/cpufreq/scaling_governor "powersave"
write /sys/devices/system/cpu/cpu3/cpufreq/scaling_governor "powersave"
write /sys/devices/system/cpu/cpu1/online 0
write /sys/devices/system/cpu/cpu2/online 0
write /sys/devices/system/cpu/cpu3/online 0
on property:vold.decrypt=trigger_reset_main
class_reset main
on property:vold.decrypt=trigger_load_persist_props
load_persist_props
on property:vold.decrypt=trigger_post_fs_data
trigger post-fs-data
on property:vold.decrypt=trigger_restart_min_framework
class_start main
on property:vold.decrypt=trigger_restart_framework
class_start main
class_start late_start
on property:vold.decrypt=trigger_shutdown_framework
class_reset late_start
class_reset main
on property:sys.powerctl=*
powerctl ${sys.powerctl}
# system server cannot write to /proc/sys files, so proxy it through init
on property:sys.sysctl.extra_free_kbytes=*
write /proc/sys/vm/extra_free_kbytes ${sys.sysctl.extra_free_kbytes}
## Daemon processes to be run by init.
##
service ueventd /sbin/ueventd
class core
critical
seclabel u:r:ueventd:s0
service healthd /sbin/healthd
class core
critical
seclabel u:r:healthd:s0
service lpm /system/bin/lpm
class charger
critical
service healthd-charger /sbin/healthd -n
class charger
critical
seclabel u:r:healthd:s0
# Reload SE Android Policy for MDM
on property:persist.security.mdm.policy=1
setprop selinux.reload_policy 1
on property:selinux.reload_policy=1
chown system system /sys/fs/selinux/enforce
chown -R system system /sys/fs/selinux/booleans
chown system system /sys/fs/selinux/commit_pending_bools
service console /system/bin/sh
class core
console
disabled
user shell
group log
## WTL_EDM_START
## EDM AuditLog
service edmaudit /system/bin/edmaudit
class main
user root
## WTL_EDM_END
service auditd /system/bin/auditd -k
class main
seclabel u:r:auditd:s0
disabled
oneshot
on property:ro.debuggable=1
start console
# adbd is controlled via property triggers in init.<platform>.usb.rc
service adbd /sbin/adbd
class core
socket adbd stream 660 system system
disabled
seclabel u:r:adbd:s0
# adbd on at boot in emulator
on property:ro.kernel.qemu=1
start adbd
service servicemanager /system/bin/servicemanager
class core
user system
group system
critical
onrestart restart healthd
onrestart restart zygote
onrestart restart media
onrestart restart surfaceflinger
onrestart restart drm
onrestart restart sensorhubservice
onrestart restart TvoutService_C
service vold /system/bin/vold
class core
socket vold stream 0660 root mount
ioprio be 2
socket dir_enc_report stream 0660 root mount
socket epm stream 0660 system system
service netd /system/bin/netd
class main
socket netd stream 0660 root system
socket dnsproxyd stream 0660 root inet
socket mdns stream 0660 root system
service debuggerd /system/bin/debuggerd
class main
# icd
service icd /system/bin/icd
class main
user system
group system log
onrestart check_icd
oneshot
service prepare_param /system/bin/prepare_param.sh /dev/block/platform/msm_sdcc.1/by-name/param
class main
user root
group root
seclabel u:r:prepare_param:s0
oneshot
service mobex-daemon /system/bin/npsmobex
class main
user system
group system radio inet sdcard_r sdcard_rw media_rw shell
service ril-daemon /system/bin/rild
class main
socket rild stream 660 root radio
socket rild-debug stream 660 radio system
user root
group radio cache inet misc audio log qcom_diag
service secril-daemon /system/bin/sec-ril
class main
user root
group radio cache inet misc audio sdcard_rw diag log
service DR-daemon /system/bin/ddexe
class main
user root
group system radio inet net_raw
service SMD-daemon /system/bin/smdexe
class main
user root
group system radio inet net_raw
service BCS-daemon /system/bin/connfwexe
class main
user root
group system radio inet net_raw
service SIDESYNC_service /system/bin/ss_conn_daemon
class main
socket ss_conn_daemon stream 0666 system system
user system
group inet net_raw
service at_distributor /system/bin/at_distributor
class late_start
user root
group radio log
service diag_uart_log /system/bin/diag_uart_log
class main
user root
group radio
service surfaceflinger /system/bin/surfaceflinger
class main
user system
group graphics drmrpc
onrestart restart zygote
onrestart restart gsiff_daemon
service zygote /system/bin/app_process -Xzygote /system/bin --zygote --start-system-server
class main
socket zygote stream 660 root system
onrestart write /sys/android_power/request_state wake
onrestart write /sys/power/state on
onrestart restart media
onrestart restart netd
onrestart restart sensorhubservice
onrestart restart gsiff_daemon
service drm /system/bin/drmserver
class main
user drm
# [ SEC_MM_DRM
# fix
group system drm inet drmrpc sdcard_r sdcard_rw media_rw radio shell
# org
# group drm system inet drmrpc
# ]
service media /system/bin/mediaserver
class main
user media
group system audio camera inet net_bt net_bt_admin net_bw_acct drmrpc mediadrm sdcard_rw sdcard_r media_rw shell qcom_diag lgt_gid
ioprio rt 4
service powersnd /system/bin/samsungpowersoundplay
class main
user media
group system
disabled
oneshot
service bootanim /system/bin/bootanimation
class main
user graphics
group graphics system
disabled
oneshot
service installd /system/bin/installd
class main
socket installd stream 600 system system
service flash_recovery /system/etc/install-recovery.sh
class main
seclabel u:r:flash_recovery:s0
oneshot
service racoon /system/bin/racoon
class main
socket racoon stream 600 system system
# IKE uses UDP port 500. Racoon will setuid to vpn after binding the port.
group vpn net_admin inet
disabled
oneshot
# Strongswan VPN
service charon /system/bin/charon
class main
socket charon stream 600 system system
# charon will setuid to vpn after getting necessary resources.
group vpn net_admin inet
disabled
oneshot
service mtpd /system/bin/mtpd
class main
socket mtpd stream 600 system system
user vpn
group vpn net_admin inet net_raw
disabled
oneshot
service keystore /system/bin/keystore /data/misc/keystore
class main
user keystore
group keystore drmrpc system
service dumpstate /system/bin/dumpstate -s
class main
socket dumpstate stream 0660 shell log
disabled
oneshot
# service for TZPR provisioning version check app
service scranton_RD /system/bin/scranton_RD
class main
user root
disabled
oneshot
# insthk
service insthk /system/bin/insthk
class main
user root
disabled
oneshot
# start for TZPR provisioning version check app
on property:sys.qseecomd.enable=true
start scranton_RD
start insthk
service sshd /system/bin/start-ssh
class main
disabled
service mdnsd /system/bin/mdnsd
class main
user mdnsr
group inet net_raw
socket mdnsd stream 0660 mdnsr inet
disabled
oneshot
on property:init.svc.bootanim=stopped
restorecon /data/media
restorecon /data/media/obb
start auditd
start freshsebool
service sdumpstate /system/bin/dumpstate -P
class main
disabled
oneshot
#sensorhubservice start
service sensorhubservice /system/bin/sensorhubservice
class main
user system
group input
# bugreport is triggered by holding down volume down, volume up and power
service bugreport /system/bin/dumpstate -d -p -B \
-o /data/data/com.android.shell/files/bugreports/bugreport
class main
disabled
oneshot
keycodes 114 115 116
# Vibetonz
service immvibed /system/bin/immvibed
class core
user vibe
group vibe
oneshot
# SAMSUNG DRS Service
service drsd /system/bin/drsd
class main
socket drsd stream 600 system system
#Knox VPN
service ipruleset /system/bin/ipruleset
class main
group vpn net_admin inet net_raw
disabled
oneshot
#KNOX - SE Android Security Setting Level
service freshsebool /system/bin/freshsebool
class main
user root
disabled
oneshot
# WTL_EDM
service createsystemfile /system/bin/createsystemfile
class main
group system
disabled
oneshot
# icd
on property:init.svc.media=restarting
check_icd
start icd
on property:sys.boot_completed=1
write /sys/block/mmcblk0/queue/scheduler cfq
Reference in New Issue View Git Blame Copy Permalink