| # Copyright 2018 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| description "Start rmtfs server" |
| author "benchan@chromium.org" |
| |
| env RMTFS_DEV=/dev/qcom_rmtfs_mem1 |
| env RMTFS_DIR=/var/lib/rmtfs/boot |
| env SOC_DIR=/sys/devices/platform/soc@0 |
| |
| start on started qrtr-ns and qcom-rmtfs-added and qcom-modem-added |
| stop on stopping qrtr-ns |
| |
| # This service handles modem file system storage requests. Other than |
| # the connection to the modem itself, it keeps no state. So it should |
| # be okay, though not preferable, to kill and restart this service. |
| oom score -100 |
| respawn |
| |
| expect fork |
| |
| pre-start script |
| # The rmtfs daemon will only utilize a file if it already exists. |
| mkdir -p "${RMTFS_DIR}" |
| for f in modem_fsc modem_fsg modem_fs1 modem_fs2; do |
| if [ ! -f "${RMTFS_DIR}/${f}" ]; then |
| touch "${RMTFS_DIR}/${f}" |
| fi |
| chown rmtfs:rmtfs "${RMTFS_DIR}/${f}" |
| done |
| # Allow the rmtfs user to control the remoteproc sysfs state file. |
| chown rmtfs:rmtfs /sys/bus/platform/drivers/qcom-q6v5-mss/[0-9]*/remoteproc/remoteproc*/state |
| end script |
| |
| # rmtfs needs CAP_NET_ADMIN to open AF_QIPCRTR socket. |
| # We provide read-only access to /var, so we can get a read/write bind mount |
| # for /var/lib/rmtfs/boot. |
| exec minijail0 --profile=minimalistic-mountns -inNlvr --uts \ |
| -b "${RMTFS_DEV}",,1 -b /sys -b "${SOC_DIR}",,1 \ |
| -k '/var,/var,tmpfs,MS_NODEV|MS_NOEXEC|MS_NOSUID,mode=755,size=10M' \ |
| -b "${RMTFS_DIR}",,1 \ |
| -c cap_net_admin=e -u rmtfs -g rmtfs \ |
| -S /usr/share/policy/rmtfs-seccomp.policy \ |
| -- /usr/bin/rmtfs -so "${RMTFS_DIR}" |