| # Copyright 2020 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| description "Run /system/bin/adbd (bridge)" |
| author "chromium-os-dev@chromium.org" |
| |
| # Note: Lifecycle of this job is managed by Chrome. |
| # Stop this job when stopping ui job via arcvm-post-vm-start-services. |
| # If Chrome crashes, Chrome stops arcvm-post-vm-start-services before |
| # starting the mini-VM. |
| stop on stopping arcvm-post-vm-start-services |
| |
| # There is no point to have this service when the VM it talks to has |
| # been killed in oom case, so the value should be higher than the VM |
| # instance. |
| oom score -100 |
| |
| # The service will allocate some buffers. |
| limit as 150000000 150000000 |
| |
| env PIDFILE=/run/arc/adbd.pid |
| env RUNTIME_DIR=/run/arc/adbd |
| |
| # The following environment variables are passed from Chrome. |
| import SERIALNUMBER |
| import ARCVM_CID |
| |
| pre-start script |
| logger -t "${UPSTART_JOB}" "Pre-start arcvm-adbd" |
| |
| # Validity check against dev mode. |
| if ! crossystem "cros_debug?1"; then |
| logger -t "${UPSTART_JOB}" "Don't start arcvm-adbd in verified mode." |
| stop |
| exit 0 |
| fi |
| |
| # Validity check against serial number is derived from Android CTS. |
| if ! echo "${SERIALNUMBER}" | grep -q -E '^[0-9A-Za-z]{6,20}$'; then |
| logger -t "${UPSTART_JOB}" "ERROR: Serial number is invalid." |
| stop |
| exit 0 |
| fi |
| |
| # Validity check cid of VM that is defined as unsigned integer. |
| # In arc-adbd service the CID is for guest VM so it should start |
| # from 3. (Refer to the man page of vsock) |
| if ! echo "${ARCVM_CID}" | grep -q -E '^(([3-9])|([1-9][0-9]+))$'; then |
| logger -t "${UPSTART_JOB}" "ERROR: CID of ARCVM is invalid." |
| stop |
| exit 0 |
| fi |
| |
| # Clean up a stale pid file if exists. |
| if ! rm -f "${PIDFILE}"; then |
| logger -t "${UPSTART_JOB}" "ERROR: Failed to remove ${PIDFILE}" |
| stop |
| exit 0 |
| fi |
| end script |
| |
| script |
| # Start constructing minijail0 args... |
| args="minijail0" |
| |
| # Use a minimalistic mount namespace. |
| args="${args} --profile minimalistic-mountns" |
| |
| # Enter a new mount namespace. |
| args="${args} -v" |
| |
| # Enter a new PID namespace. |
| args="${args} -p" |
| |
| # Skip remounting as private. |
| args="${args} -K" |
| |
| # Enter a new IPC namespace. |
| args="${args} -l" |
| |
| # Create PID file at $PIDFILE. |
| args="${args} -f $PIDFILE" |
| |
| # Set up mount points. |
| args="${args} -b /sys,/sys" |
| args="${args} -k tmpfs,/run,tmpfs,MS_NOSUID|MS_NODEV|MS_NOEXEC" |
| |
| # Set up seccomp-bpf. |
| args="${args} -S /usr/share/policy/arcvm-adbd-seccomp.policy" |
| |
| # Allow only CAP_CHOWN, CAP_DAC_OVERRIDE, CAP_DAC_READ_SEARCH, |
| # CAP_SYS_MODULE, CAP_SYS_ADMIN. |
| args="${args} -n -c 210007 --ambient" |
| |
| # Finally, specify the command line arguments. |
| args="${args} -- /usr/sbin/arc-adbd \ |
| --serialnumber=${SERIALNUMBER} \ |
| --arcvm_cid=${ARCVM_CID}" |
| |
| logger -t "${UPSTART_JOB}" "Executing: ${args}" |
| exec ${args} |
| end script |
| |
| post-stop script |
| { |
| echo "Post-stop arcvm-adbd" |
| set +e -x |
| |
| # Perform best-effort unmounting of the bulk endpoints. |
| umount --lazy "${RUNTIME_DIR}"/ep1 |
| umount --lazy "${RUNTIME_DIR}"/ep2 |
| exec rm -f "${RUNTIME_DIR}/"* |
| } 2>&1 | logger -t "${UPSTART_JOB}" |
| end script |