[GitHub/mt8127/android_device_alcatel_ttab.git] / ramdisk / meta_init.rc

# Copyright (C) 2012 The Android Open Source Project
#
# IMPORTANT: Do not create world writable files or directories.
# This is a common source of Android security bugs.
#
import /init.environ.rc
import init.ssd.rc
import init.no_ssd.rc
import init.ssd_nomuser.rc
import init.fon.rc
import init.aee.rc

on early-init
    # Set init and its forked children's oom_adj.
    write /proc/1/oom_score_adj -1000

    # Apply strict SELinux checking of PROT_EXEC on mmap/mprotect calls.
    #write /sys/fs/selinux/checkreqprot 0

    # Set the security context for the init process.
    # This should occur before anything else (e.g. ueventd) is started.
    setcon u:r:init:s0

    # Set the security context of /adb_keys if present.
    restorecon /adb_keys

    start ueventd

# create mountpoints
    mkdir /mnt 0775 root system
    
on init

sysclktz 0

loglevel 5

# Backward compatibility
    symlink /system/etc /etc
    symlink /sys/kernel/debug /d

# Right now vendor lives on the same filesystem as system,
# but someday that may change.
    symlink /system/vendor /vendor   

# Create cgroup mount point for cpu accounting
    mkdir /acct
    mount cgroup none /acct cpuacct
    mkdir /acct/uid

    mkdir /system
    mkdir /data 0771 system system
    mkdir /cache 0770 system cache
    mkdir /config 0500 root root

    # See storage config details at http://source.android.com/tech/storage/
    mkdir /mnt/shell 0700 shell shell
    mkdir /mnt/media_rw 0700 media_rw media_rw
    mkdir /storage 0751 root sdcard_r

    mkdir /mnt/cd-rom 0000 system system

    # Directory for putting things only root should see.
    mkdir /mnt/secure 0700 root root
    
    # Directory for staging bindmounts
    mkdir /mnt/secure/staging 0700 root root

    # Directory-target for where the secure container
    # imagefile directory will be bind-mounted
    mkdir /mnt/secure/asec  0700 root root

    # Secure container public mount points.
    mkdir /mnt/asec  0700 root system
    mount tmpfs tmpfs /mnt/asec mode=0755,gid=1000

    # Filesystem image public mount points.
    mkdir /mnt/obb 0700 root system
    mount tmpfs tmpfs /mnt/obb mode=0755,gid=1000

    write /proc/sys/kernel/panic_on_oops 1
    write /proc/sys/kernel/hung_task_timeout_secs 0
    write /proc/cpu/alignment 4
    write /proc/sys/kernel/sched_latency_ns 10000000
    write /proc/sys/kernel/sched_wakeup_granularity_ns 2000000
    write /proc/sys/kernel/sched_compat_yield 1

# Healthd can trigger a full boot from charger mode by signaling this
# property when the power button is held.
on property:sys.boot_from_charger_mode=1
    class_stop charger
    trigger late-init

# Load properties from /system/ + /factory after fs mount.
on load_all_props_action
    load_all_props

# Mount filesystems and start core system services.
on late-init
    trigger early-fs
    trigger fs
    trigger post-fs
    trigger post-fs-data

    # Load properties from /system/ + /factory after fs mount. Place
    # this in another action so that the load will be scheduled after the prior
    # issued fs triggers have completed.
    trigger load_all_props_action

    trigger early-boot
    trigger boot
    
on fs
    write /proc/bootprof "INIT:eMMC:Mount_START"
    mount_all /fstab.mt8127
    write /proc/bootprof "INIT:eMMC:Mount_END"

# mount secro partition
#    mount yaffs2 mtd@secstatic /system/secro ro
#    mount ext4 /dev/block/platform/mtk-msdc.0/by-name/SEC_RO /system/secro ro

on post-fs
    # once everything is setup, no need to modify /
    mount rootfs rootfs / ro remount
    
    # We chown/chmod /cache again so because mount is run as root + defaults
    chown system cache /cache
    chmod 0770 /cache
    # We restorecon /cache in case the cache partition has been reset.
    restorecon_recursive /cache

    #change permissions on kmsg & sysrq-trigger so bugreports can grab kthread stacks
    chown root system /proc/kmsg
    chmod 0440 /proc/kmsg

    # make the selinux kernel policy world-readable
    chmod 0444 /sys/fs/selinux/policy

    # create the lost+found directories, so as to enforce our permissions
    mkdir /cache/lost+found 0770 root root

on post-fs-data
    # We chown/chmod /data again so because mount is run as root + defaults
    chown system system /data
    chmod 0771 /data
    # We restorecon /data in case the userdata partition has been reset.
    restorecon /data


# create basic filesystem structure
		mkdir /data/nvram 2770 root system
    mkdir /data/misc 01771 system misc
    mkdir /data/misc/bluetoothd 0770 bluetooth bluetooth
    mkdir /data/misc/bluetooth 0770 system system
    mkdir /data/misc/keystore 0700 keystore keystore
    mkdir /data/misc/keychain 0771 system system
    mkdir /data/misc/vpn 0770 system vpn
    mkdir /data/misc/systemkeys 0700 system system
    # give system access to wpa_supplicant.conf for backup and restore
    mkdir /data/misc/wifi 0770 wifi wifi
    chmod 0660 /data/misc/wifi/wpa_supplicant.conf
    chmod 0660 /data/misc/wifi/p2p_supplicant.conf
    mkdir /data/local 0751 root root
    # For security reasons, /data/local/tmp should always be empty.
    # Do not place files or directories in /data/local/tmp
    mkdir /data/local/tmp 0771 shell shell
    mkdir /data/data 0771 system system
    mkdir /data/app-private 0771 system system
    mkdir /data/app-asec 0700 root root
    mkdir /data/app 0771 system system
    mkdir /data/property 0700 root root
    mkdir /data/ssh 0750 root shell
    mkdir /data/ssh/empty 0700 root root

    # create the lost+found directories, so as to enforce our permissions
    mkdir /data/lost+found 0770

    # double check the perms, in case lost+found already exists, and set owner
    chown root root /data/lost+found
    chmod 0770 /data/lost+found

    # H264 Decoder
    chmod 777 /dev/MT6516_H264_DEC

    # Internal SRAM Driver
    chmod 777 /dev/MT6516_Int_SRAM

    # MM QUEUE Driver
    chmod 777 /dev/MT6516_MM_QUEUE

    # MPEG4 Decoder
    chmod 777 /dev/MT6516_MP4_DEC

    # MPEG4 Encoder
    chmod 777 /dev/MT6516_MP4_ENC

    # OpenCORE proxy config
    chmod 0666 /data/http-proxy-cfg

	# OpenCORE player config
	chmod 0666 /etc/player.cfg

start NvRAMAgent

    # WiFi
    mkdir /data/misc/wifi 0770 system wifi
    mkdir /data/misc/wifi/sockets 0770 system wifi
    mkdir /data/misc/dhcp 0770 dhcp dhcp
    chown dhcp dhcp /data/misc/dhcp
    chmod 0660 /sys/class/rfkill/rfkill1/state 
    chown system system /sys/class/rfkill/rfkill1/state 
    # Turn off wifi by default
    write /sys/class/rfkill/rfkill1/state 0


    # Set this property so surfaceflinger is not started by system_init
    setprop system_init.startsurfaceflinger 0

    #otp
    chmod 0660 /dev/otp
    chown root system /dev/otp

    # Touch Panel
    chown system system /sys/touchpanel/calibration
    chmod 0660 /sys/touchpanel/calibration

    chmod 0777 /dev/pmem_multimedia
    chmod 0777 /dev/mt6516-isp
    chmod 0777 /dev/mt6516-IDP
    chmod 0777 /dev/mt9p012
    chmod 0777 /dev/mt6516_jpeg
    chmod 0777 /dev/FM50AF


    # RTC
    mkdir /data/misc/rtc 0770 system system

    # M4U
    #insmod /system/lib/modules/m4u.ko
    #mknod /dev/M4U_device c 188 0
    chmod 0444 /dev/M4U_device
    	
    # Sensor
    chmod 0666 /dev/sensor

    # GPIO
    chmod 0666 /dev/mtgpio

    # Android SEC related device nodes
    insmod /system/lib/modules/sec.ko
    mknod /dev/sec c 182 0
    chmod 0660 /dev/sec
    chown root system /dev/sec
    
    # device info interface
    #insmod /system/lib/modules/devinfo.ko
    #mknod /dev/devmap c 196 0;
    chmod 0440 /dev/devmap
    chown root system /dev/devmap
    
    # change key_provisioning 
    mkdir /data/key_provisioning
    chmod 0770 /data/key_provisioning
    chown system system /data/key_provisioning

    # Separate location for storing security policy files on data
    mkdir /data/security 0711 system system

    # Reload policy from /data/security if present.
    setprop selinux.reload_policy 1

    # Set SELinux security contexts on upgrade or policy update.
    restorecon_recursive /data

    # If there is no fs-post-data action in the init.<device>.rc file, you
    # must uncomment this line, otherwise encrypted filesystems
    # won't work.
    # Set indication (checked by vold) that we have finished this action
    setprop vold.post_fs_data_done 1

on boot
   chown root /remount.sh
   chmod 700 /remount.sh
   exec /remount.sh

start drvbd

# basic network init
    ifup lo
    hostname localhost
    domainname localdomain

    class_start default
    class_start core

on nonencrypted
    class_start main
    class_start late_start

on property:vold.decrypt=trigger_default_encryption
    start defaultcrypto

on property:vold.decrypt=trigger_encryption
    start surfaceflinger
    start encrypt

on property:vold.decrypt=trigger_reset_main
    class_reset main

on property:vold.decrypt=trigger_load_persist_props
    load_persist_props

on property:vold.decrypt=trigger_post_fs_data
    trigger post-fs-data

on property:vold.decrypt=trigger_restart_min_framework
    class_start main

on property:vold.decrypt=trigger_restart_framework
    start nvram_daemon
    class_start main
    class_start late_start
    start permission_check

on property:vold.decrypt=trigger_shutdown_framework
    class_reset late_start
    class_reset main

service ueventd /sbin/ueventd
    class core
    critical
    seclabel u:r:ueventd:s0

service logd /system/bin/logd
    class core
    socket logd stream 0666 logd logd
    socket logdr seqpacket 0666 logd logd
    socket logdw dgram 0222 logd logd
    seclabel u:r:logd:s0

service console /system/bin/sh
    class core
    console
    disabled
    user shell
    group shell log
    seclabel u:r:shell:s0

on property:sys.powerctl=*
    powerctl ${sys.powerctl}

on property:ro.debuggable=1
    start console

# adbd is controlled via property triggers in init.<platform>.usb.rc
service adbd /sbin/adbd --root_seclabel=u:r:su:s0
    class core
    socket adbd stream 660 system system
    disabled
    seclabel u:r:adbd:s0

service vold /system/bin/vold
    class core
    socket vold stream 0660 root mount
    ioprio be 2

# One shot invocation to deal with encrypted volume.
service defaultcrypto /system/bin/vdc --wait cryptfs mountdefaultencrypted
    disabled
    oneshot
    # vold will set vold.decrypt to trigger_restart_framework (default
    # encryption) or trigger_restart_min_framework (other encryption)

# One shot invocation to encrypt unencrypted volumes
service encrypt /system/bin/vdc --wait cryptfs enablecrypto inplace default
    disabled
    oneshot
    # vold will set vold.decrypt to trigger_restart_framework (default
    # encryption)

service meta_tst /system/bin/meta_tst

#drm operation server
service kisd /system/bin/kisd

service servicemanager /system/bin/servicemanager
    class core
    user system
    group system
    critical
service nvram_daemon /system/bin/nvram_daemon
    class main
    user root
    group system
    oneshot

service NvRAMAgent /system/bin/nvram_agent_binder
		user system
		group system

service drvbd /system/bin/drvbd
    class main
    user system
    group system

service debuggerd /system/bin/debuggerd
    class main

service debuggerd64 /system/bin/debuggerd64
    class main


service mobile_log_d /system/bin/mobile_log_d
    class main

on property:ro.boot.mblogenable=0    
    stop mobile_log_d    

on property:ro.boot.mblogenable=1
    start mobile_log_d

#mass_storage,adb,acm
on property:ro.boot.usbconfig=0
    write /sys/class/android_usb/android0/iSerial $ro.serialno
    write /sys/class/android_usb/android0/enable 0
    write /sys/class/android_usb/android0/idVendor 0e8d
    write /sys/class/android_usb/android0/idProduct 2006
    write /sys/class/android_usb/android0/f_acm/instances 1
    write /sys/class/android_usb/android0/functions mass_storage,adb,acm
    write /sys/class/android_usb/android0/enable 1
    start adbd

#acm
on property:ro.boot.usbconfig=1
    write /sys/class/android_usb/android0/enable 0
    write /sys/class/android_usb/android0/iSerial " "
    write /sys/class/android_usb/android0/idVendor 0e8d
    write /sys/class/android_usb/android0/idProduct 2007
    write /sys/class/android_usb/android0/f_acm/instances 1
    write /sys/class/android_usb/android0/functions acm
    write /sys/class/android_usb/android0/bDeviceClass 02
    write /sys/class/android_usb/android0/enable 1
Commit	Line	Data
f3fa1980 S	1	# Copyright (C) 2012 The Android Open Source Project
	2	#
	3	# IMPORTANT: Do not create world writable files or directories.
	4	# This is a common source of Android security bugs.
	5	#
	6	import /init.environ.rc
	7	import init.ssd.rc
	8	import init.no_ssd.rc
	9	import init.ssd_nomuser.rc
	10	import init.fon.rc
	11	import init.aee.rc
	12
	13	on early-init
	14	# Set init and its forked children's oom_adj.
	15	write /proc/1/oom_score_adj -1000
	16
	17	# Apply strict SELinux checking of PROT_EXEC on mmap/mprotect calls.
	18	#write /sys/fs/selinux/checkreqprot 0
	19
	20	# Set the security context for the init process.
	21	# This should occur before anything else (e.g. ueventd) is started.
	22	setcon u:r:init:s0
	23
	24	# Set the security context of /adb_keys if present.
	25	restorecon /adb_keys
	26
	27	start ueventd
	28
	29	# create mountpoints
	30	mkdir /mnt 0775 root system
	31
	32	on init
	33
	34	sysclktz 0
	35
	36	loglevel 5
	37
	38	# Backward compatibility
	39	symlink /system/etc /etc
	40	symlink /sys/kernel/debug /d
	41
	42	# Right now vendor lives on the same filesystem as system,
	43	# but someday that may change.
	44	symlink /system/vendor /vendor
	45
	46	# Create cgroup mount point for cpu accounting
	47	mkdir /acct
	48	mount cgroup none /acct cpuacct
	49	mkdir /acct/uid
	50
	51	mkdir /system
	52	mkdir /data 0771 system system
	53	mkdir /cache 0770 system cache
	54	mkdir /config 0500 root root
	55
	56	# See storage config details at http://source.android.com/tech/storage/
	57	mkdir /mnt/shell 0700 shell shell
	58	mkdir /mnt/media_rw 0700 media_rw media_rw
	59	mkdir /storage 0751 root sdcard_r
	60
	61	mkdir /mnt/cd-rom 0000 system system
	62
	63	# Directory for putting things only root should see.
	64	mkdir /mnt/secure 0700 root root
65
66	# Directory for staging bindmounts
67	mkdir /mnt/secure/staging 0700 root root
68
69	# Directory-target for where the secure container
70	# imagefile directory will be bind-mounted
71	mkdir /mnt/secure/asec 0700 root root
72
73	# Secure container public mount points.
74	mkdir /mnt/asec 0700 root system
75	mount tmpfs tmpfs /mnt/asec mode=0755,gid=1000
76
77	# Filesystem image public mount points.
78	mkdir /mnt/obb 0700 root system
79	mount tmpfs tmpfs /mnt/obb mode=0755,gid=1000
80
81	write /proc/sys/kernel/panic_on_oops 1
82	write /proc/sys/kernel/hung_task_timeout_secs 0
83	write /proc/cpu/alignment 4
84	write /proc/sys/kernel/sched_latency_ns 10000000
85	write /proc/sys/kernel/sched_wakeup_granularity_ns 2000000
86	write /proc/sys/kernel/sched_compat_yield 1
87
88	# Healthd can trigger a full boot from charger mode by signaling this
89	# property when the power button is held.
90	on property:sys.boot_from_charger_mode=1
91	class_stop charger
92	trigger late-init
93
94	# Load properties from /system/ + /factory after fs mount.
95	on load_all_props_action
96	load_all_props
97
98	# Mount filesystems and start core system services.
99	on late-init
100	trigger early-fs
101	trigger fs
102	trigger post-fs
103	trigger post-fs-data
104
105	# Load properties from /system/ + /factory after fs mount. Place
106	# this in another action so that the load will be scheduled after the prior
107	# issued fs triggers have completed.
108	trigger load_all_props_action
109
110	trigger early-boot
111	trigger boot
112
113	on fs
114	write /proc/bootprof "INIT:eMMC:Mount_START"
115	mount_all /fstab.mt8127
116	write /proc/bootprof "INIT:eMMC:Mount_END"
117
118	# mount secro partition
119	# mount yaffs2 mtd@secstatic /system/secro ro
120	# mount ext4 /dev/block/platform/mtk-msdc.0/by-name/SEC_RO /system/secro ro
121
122	on post-fs
123	# once everything is setup, no need to modify /
124	mount rootfs rootfs / ro remount
125
126	# We chown/chmod /cache again so because mount is run as root + defaults
127	chown system cache /cache
128	chmod 0770 /cache
129	# We restorecon /cache in case the cache partition has been reset.
130	restorecon_recursive /cache
131
132	#change permissions on kmsg & sysrq-trigger so bugreports can grab kthread stacks
133	chown root system /proc/kmsg
134	chmod 0440 /proc/kmsg
135
136	# make the selinux kernel policy world-readable
137	chmod 0444 /sys/fs/selinux/policy
138
139	# create the lost+found directories, so as to enforce our permissions
140	mkdir /cache/lost+found 0770 root root
141
142	on post-fs-data
143	# We chown/chmod /data again so because mount is run as root + defaults
144	chown system system /data
145	chmod 0771 /data
146	# We restorecon /data in case the userdata partition has been reset.
147	restorecon /data
148
149
150	# create basic filesystem structure
151	mkdir /data/nvram 2770 root system
152	mkdir /data/misc 01771 system misc
153	mkdir /data/misc/bluetoothd 0770 bluetooth bluetooth
154	mkdir /data/misc/bluetooth 0770 system system
155	mkdir /data/misc/keystore 0700 keystore keystore
156	mkdir /data/misc/keychain 0771 system system
157	mkdir /data/misc/vpn 0770 system vpn
158	mkdir /data/misc/systemkeys 0700 system system
159	# give system access to wpa_supplicant.conf for backup and restore
160	mkdir /data/misc/wifi 0770 wifi wifi
161	chmod 0660 /data/misc/wifi/wpa_supplicant.conf
162	chmod 0660 /data/misc/wifi/p2p_supplicant.conf
163	mkdir /data/local 0751 root root
164	# For security reasons, /data/local/tmp should always be empty.
165	# Do not place files or directories in /data/local/tmp
166	mkdir /data/local/tmp 0771 shell shell
167	mkdir /data/data 0771 system system
168	mkdir /data/app-private 0771 system system
169	mkdir /data/app-asec 0700 root root
170	mkdir /data/app 0771 system system
171	mkdir /data/property 0700 root root
172	mkdir /data/ssh 0750 root shell
173	mkdir /data/ssh/empty 0700 root root
174
175	# create the lost+found directories, so as to enforce our permissions
176	mkdir /data/lost+found 0770
177
178	# double check the perms, in case lost+found already exists, and set owner
179	chown root root /data/lost+found
180	chmod 0770 /data/lost+found
181
182	# H264 Decoder
183	chmod 777 /dev/MT6516_H264_DEC
184
185	# Internal SRAM Driver
186	chmod 777 /dev/MT6516_Int_SRAM
187
188	# MM QUEUE Driver
189	chmod 777 /dev/MT6516_MM_QUEUE
190
191	# MPEG4 Decoder
192	chmod 777 /dev/MT6516_MP4_DEC
193
194	# MPEG4 Encoder
195	chmod 777 /dev/MT6516_MP4_ENC
196
197	# OpenCORE proxy config
198	chmod 0666 /data/http-proxy-cfg
199
200	# OpenCORE player config
201	chmod 0666 /etc/player.cfg
202
203	start NvRAMAgent
204
205	# WiFi
206	mkdir /data/misc/wifi 0770 system wifi
207	mkdir /data/misc/wifi/sockets 0770 system wifi
208	mkdir /data/misc/dhcp 0770 dhcp dhcp
209	chown dhcp dhcp /data/misc/dhcp
210	chmod 0660 /sys/class/rfkill/rfkill1/state
211	chown system system /sys/class/rfkill/rfkill1/state
212	# Turn off wifi by default
213	write /sys/class/rfkill/rfkill1/state 0
214
215
216
217	# Set this property so surfaceflinger is not started by system_init
218	setprop system_init.startsurfaceflinger 0
219
220	#otp
221	chmod 0660 /dev/otp
222	chown root system /dev/otp
223
224	# Touch Panel
225	chown system system /sys/touchpanel/calibration
226	chmod 0660 /sys/touchpanel/calibration
227
228	chmod 0777 /dev/pmem_multimedia
229	chmod 0777 /dev/mt6516-isp
230	chmod 0777 /dev/mt6516-IDP
231	chmod 0777 /dev/mt9p012
232	chmod 0777 /dev/mt6516_jpeg
233	chmod 0777 /dev/FM50AF
234
235
236
237	# RTC
238	mkdir /data/misc/rtc 0770 system system
239
240	# M4U
241	#insmod /system/lib/modules/m4u.ko
242	#mknod /dev/M4U_device c 188 0
243	chmod 0444 /dev/M4U_device
244
245	# Sensor
246	chmod 0666 /dev/sensor
247
248	# GPIO
249	chmod 0666 /dev/mtgpio
250
251	# Android SEC related device nodes
252	insmod /system/lib/modules/sec.ko
253	mknod /dev/sec c 182 0
254	chmod 0660 /dev/sec
255	chown root system /dev/sec
256
257	# device info interface
258	#insmod /system/lib/modules/devinfo.ko
259	#mknod /dev/devmap c 196 0;
260	chmod 0440 /dev/devmap
261	chown root system /dev/devmap
262
263	# change key_provisioning
264	mkdir /data/key_provisioning
265	chmod 0770 /data/key_provisioning
266	chown system system /data/key_provisioning
267
268	# Separate location for storing security policy files on data
269	mkdir /data/security 0711 system system
270
271	# Reload policy from /data/security if present.
272	setprop selinux.reload_policy 1
273
274	# Set SELinux security contexts on upgrade or policy update.
275	restorecon_recursive /data
276
277	# If there is no fs-post-data action in the init.<device>.rc file, you
278	# must uncomment this line, otherwise encrypted filesystems
279	# won't work.
280	# Set indication (checked by vold) that we have finished this action
281	setprop vold.post_fs_data_done 1
282
283	on boot
284	chown root /remount.sh
285	chmod 700 /remount.sh
286	exec /remount.sh
287
288	start drvbd
289
290	# basic network init
291	ifup lo
292	hostname localhost
293	domainname localdomain
294
295	class_start default
296	class_start core
297
298	on nonencrypted
299	class_start main
300	class_start late_start
301
302	on property:vold.decrypt=trigger_default_encryption
303	start defaultcrypto
304
305	on property:vold.decrypt=trigger_encryption
306	start surfaceflinger
307	start encrypt
308
309	on property:vold.decrypt=trigger_reset_main
310	class_reset main
311
312	on property:vold.decrypt=trigger_load_persist_props
313	load_persist_props
314
315	on property:vold.decrypt=trigger_post_fs_data
316	trigger post-fs-data
317
318	on property:vold.decrypt=trigger_restart_min_framework
319	class_start main
320
321	on property:vold.decrypt=trigger_restart_framework
322	start nvram_daemon
323	class_start main
324	class_start late_start
325	start permission_check
326
327	on property:vold.decrypt=trigger_shutdown_framework
328	class_reset late_start
329	class_reset main
330
331	service ueventd /sbin/ueventd
332	class core
333	critical
334	seclabel u:r:ueventd:s0
335
336	service logd /system/bin/logd
337	class core
338	socket logd stream 0666 logd logd
339	socket logdr seqpacket 0666 logd logd
340	socket logdw dgram 0222 logd logd
341	seclabel u:r:logd:s0
342
343	service console /system/bin/sh
344	class core
345	console
346	disabled
347	user shell
348	group shell log
349	seclabel u:r:shell:s0
350
351	on property:sys.powerctl=*
352	powerctl ${sys.powerctl}
353
354	on property:ro.debuggable=1
355	start console
356
357	# adbd is controlled via property triggers in init.<platform>.usb.rc
358	service adbd /sbin/adbd --root_seclabel=u:r:su:s0
359	class core
360	socket adbd stream 660 system system
361	disabled
362	seclabel u:r:adbd:s0
363
364	service vold /system/bin/vold
365	class core
366	socket vold stream 0660 root mount
367	ioprio be 2
368
369	# One shot invocation to deal with encrypted volume.
370	service defaultcrypto /system/bin/vdc --wait cryptfs mountdefaultencrypted
371	disabled
372	oneshot
373	# vold will set vold.decrypt to trigger_restart_framework (default
374	# encryption) or trigger_restart_min_framework (other encryption)
375
376	# One shot invocation to encrypt unencrypted volumes
377	service encrypt /system/bin/vdc --wait cryptfs enablecrypto inplace default
378	disabled
379	oneshot
380	# vold will set vold.decrypt to trigger_restart_framework (default
381	# encryption)
382
383	service meta_tst /system/bin/meta_tst
384
385	#drm operation server
386	service kisd /system/bin/kisd
387
388	service servicemanager /system/bin/servicemanager
389	class core
390	user system
391	group system
392	critical
393	service nvram_daemon /system/bin/nvram_daemon
394	class main
395	user root
396	group system
397	oneshot
398
399	service NvRAMAgent /system/bin/nvram_agent_binder
400	user system
401	group system
402
403	service drvbd /system/bin/drvbd
404	class main
405	user system
406	group system
407
408	service debuggerd /system/bin/debuggerd
409	class main
410
411	service debuggerd64 /system/bin/debuggerd64
412	class main
413
414
415	service mobile_log_d /system/bin/mobile_log_d
416	class main
417
418	on property:ro.boot.mblogenable=0
419	stop mobile_log_d
420
421	on property:ro.boot.mblogenable=1
422	start mobile_log_d
423
424	#mass_storage,adb,acm
425	on property:ro.boot.usbconfig=0
426	write /sys/class/android_usb/android0/iSerial $ro.serialno
427	write /sys/class/android_usb/android0/enable 0
428	write /sys/class/android_usb/android0/idVendor 0e8d
429	write /sys/class/android_usb/android0/idProduct 2006
430	write /sys/class/android_usb/android0/f_acm/instances 1
431	write /sys/class/android_usb/android0/functions mass_storage,adb,acm
432	write /sys/class/android_usb/android0/enable 1
433	start adbd
434
435	#acm
436	on property:ro.boot.usbconfig=1
437	write /sys/class/android_usb/android0/enable 0
438	write /sys/class/android_usb/android0/iSerial " "
439	write /sys/class/android_usb/android0/idVendor 0e8d
440	write /sys/class/android_usb/android0/idProduct 2007
441	write /sys/class/android_usb/android0/f_acm/instances 1
442	write /sys/class/android_usb/android0/functions acm
443	write /sys/class/android_usb/android0/bDeviceClass 02
444	write /sys/class/android_usb/android0/enable 1