| # Copyright 2020 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| description "Report hardware_verifier UMA statistics" |
| author "chromeos-hw-checker@google.com" |
| |
| start on started system-services |
| stop on stopping system-services |
| task |
| |
| # Allow us to be killed as we are not critical to the system. |
| oom score -100 |
| |
| # Let the process crash if it grows too much. "as" for "address space". |
| # Currently it uses about 25MB (by checking /proc/$PID/status). |
| limit as 125000000 unlimited |
| |
| script |
| RESULT_FILE="/var/cache/hardware_verifier.result" |
| TMP_FILE="$(mktemp --tmpdir hardware_verifier.XXXXXXXXXX)" |
| |
| logit() { |
| logger -t "${UPSTART_JOB}" "$*" |
| } |
| |
| exit_on_error() { |
| exit_status=0 |
| output="$("$@" 2>&1)" || exit_status="$?" |
| if [ "${exit_status}" != "0" ]; then |
| logit "$1 error: exit status: ${exit_status}, output: ${output}" |
| exit "${exit_status}" |
| fi |
| } |
| |
| hv_exit_status=0 |
| |
| # /usr/local: Verification payloads in the stateful partition |
| MINIJAIL_FLAGS_CROS_DEBUG="" |
| if crossystem cros_debug?1 ; then |
| MINIJAIL_FLAGS_CROS_DEBUG="-b /usr/local" |
| fi |
| |
| # We sleep for 50 seconds to ensure that peripheral components we are |
| # interested are properly initialized. |
| sleep 50 |
| |
| # /run/chromeos-config/v1: cros_config |
| # /run/dbus: D-Bus call |
| # /var/lib/metrics: Write UMA stats |
| # /var/lib/devicesettings: Read policy by policy::DevicePolicy |
| minijail0 -e -N -p -r -v -l --uts -n \ |
| -u hardware_verifier -g hardware_verifier -G \ |
| --profile=minimalistic-mountns \ |
| -k 'tmpfs,/run,tmpfs,MS_NODEV|MS_NOEXEC|MS_NOSUID,mode=755,size=10M' \ |
| -k 'tmpfs,/var,tmpfs,MS_NODEV|MS_NOEXEC|MS_NOSUID,mode=755,size=10M' \ |
| -b /run/chromeos-config/v1 \ |
| -b /run/dbus \ |
| -b /var/lib/metrics,,1 \ |
| -b /var/lib/devicesettings \ |
| ${MINIJAIL_FLAGS_CROS_DEBUG} \ |
| -- /usr/bin/hardware_verifier \ |
| --send_to_uma \ |
| --pii \ |
| --output_format=text >"${TMP_FILE}" || hv_exit_status="$?" |
| |
| exit_on_error mv -T "${TMP_FILE}" "${RESULT_FILE}" |
| exit_on_error chmod +r "${RESULT_FILE}" |
| |
| # Return 0 if the return code of hardware_verifier is |
| # ExitStatus::kSkippedVerification (2). |
| if [ "${hv_exit_status}" = "2" ]; then |
| exit 0 |
| fi |
| if [ "${hv_exit_status}" != "0" ]; then |
| logit "exit status: ${hv_exit_status}" |
| exit "${hv_exit_status}" |
| fi |
| end script |