import /init.environ.rc import init.ssd.rc import init.no_ssd.rc import init.ssd_nomuser.rc import init.fon.rc on early-init # Set init and its forked children's oom_adj. write /proc/1/oom_score_adj -1000 # Apply strict SELinux checking of PROT_EXEC on mmap/mprotect calls. #write /sys/fs/selinux/checkreqprot 0 # Set the security context for the init process. # This should occur before anything else (e.g. ueventd) is started. setcon u:r:init:s0 # Set the security context of /adb_keys if present. restorecon /adb_keys start ueventd write /proc/bootprof "INIT: usr/eng build setting" # create mountpoints mkdir /mnt 0775 root system on init sysclktz 0 loglevel 5 # Backward compatibility symlink /system/etc /etc symlink /sys/kernel/debug /d # Right now vendor lives on the same filesystem as system, # but someday that may change. symlink /system/vendor /vendor # Create cgroup mount point for cpu accounting mkdir /acct mount cgroup none /acct cpuacct mkdir /acct/uid # Backwards Compat - XXX: Going away in G* symlink /mnt/sdcard /sdcard mkdir /system mkdir /data 0771 system system mkdir /cache 0770 system cache mkdir /config 0500 root root # See storage config details at http://source.android.com/tech/storage/ mkdir /mnt/shell 0700 shell shell mkdir /mnt/media_rw 0700 media_rw media_rw mkdir /storage 0751 root sdcard_r # Directory for putting things only root should see. mkdir /mnt/secure 0700 root root # Create private mountpoint so we can MS_MOVE from staging mount tmpfs tmpfs /mnt/secure mode=0700,uid=0,gid=0 # Directory for staging bindmounts mkdir /mnt/secure/staging 0700 root root # Directory-target for where the secure container # imagefile directory will be bind-mounted mkdir /mnt/secure/asec 0700 root root # Secure container public mount points. mkdir /mnt/asec 0700 root system mount tmpfs tmpfs /mnt/asec mode=0755,gid=1000 # Filesystem image public mount points. mkdir /mnt/obb 0700 root system mount tmpfs tmpfs /mnt/obb mode=0755,gid=1000 write /proc/sys/kernel/panic_on_oops 1 write /proc/sys/kernel/hung_task_timeout_secs 0 write /proc/cpu/alignment 4 write /proc/sys/kernel/sched_latency_ns 10000000 write /proc/sys/kernel/sched_wakeup_granularity_ns 2000000 write /proc/sys/kernel/sched_compat_yield 1 write /proc/sys/kernel/sched_child_runs_first 0 write /proc/sys/kernel/randomize_va_space 2 write /proc/sys/kernel/kptr_restrict 2 write /proc/sys/kernel/dmesg_restrict 1 write /proc/sys/vm/mmap_min_addr 32768 write /proc/sys/kernel/sched_rt_runtime_us 950000 write /proc/sys/kernel/sched_rt_period_us 1000000 # change key_provisioning mkdir /data/key_provisioning chmod 0777 /data/key_provisioning mkdir /dev/cpuctl mount cgroup none /dev/cpuctl cpu chown system system /dev/cpuctl chown system system /dev/cpuctl/tasks chmod 0660 /dev/cpuctl/tasks write /dev/cpuctl/cpu.shares 1024 write /dev/cpuctl/cpu.rt_runtime_us 950000 write /dev/cpuctl/cpu.rt_period_us 1000000 mkdir /dev/cpuctl/apps chown system system /dev/cpuctl/apps/tasks chmod 0666 /dev/cpuctl/apps/tasks write /dev/cpuctl/apps/cpu.shares 1024 write /dev/cpuctl/apps/cpu.rt_runtime_us 800000 write /dev/cpuctl/apps/cpu.rt_period_us 1000000 #USB function for factory mode # write /sys/class/android_usb/android0/enable 0 # write /sys/class/android_usb/android0/idVendor 0e8d # write /sys/class/android_usb/android0/idProduct 2006 # write /sys/class/android_usb/android0/f_acm/instances 1 # write /sys/class/android_usb/android0/functions mass_storage,adb,acm # write /sys/class/android_usb/android0/enable 1 # start adbd # setprop sys.usb.state mass_storage,adb,acm mkdir /dev/cpuctl/apps/bg_non_interactive chown system system /dev/cpuctl/apps/bg_non_interactive/tasks chmod 0666 /dev/cpuctl/apps/bg_non_interactive/tasks # 5.0 % write /dev/cpuctl/apps/bg_non_interactive/cpu.shares 52 write /dev/cpuctl/apps/bg_non_interactive/cpu.rt_runtime_us 700000 write /dev/cpuctl/apps/bg_non_interactive/cpu.rt_period_us 1000000 # Allow everybody to read the xt_qtaguid resource tracking misc dev. # This is needed by any process that uses socket tagging. chmod 0644 /dev/xt_qtaguid # Healthd can trigger a full boot from charger mode by signaling this # property when the power button is held. on property:sys.boot_from_charger_mode=1 class_stop charger trigger late-init # Load properties from /system/ + /factory after fs mount. on load_all_props_action load_all_props # Mount filesystems and start core system services. on late-init trigger early-fs trigger fs trigger post-fs trigger post-fs-data # Load properties from /system/ + /factory after fs mount. Place # this in another action so that the load will be scheduled after the prior # issued fs triggers have completed. trigger load_all_props_action trigger early-boot trigger boot on fs write /proc/bootprof "INIT:Mount_START" mount_all /fstab.mt8127 #change partition permissions exec /system/bin/chmod 0640 /dev/block/platform/mtk-msdc.0/by-name/boot exec /system/bin/chown root:system /dev/block/platform/mtk-msdc.0/by-name/boot exec /system/bin/chmod 0640 /dev/block/platform/mtk-msdc.0/by-name/recovery exec /system/bin/chown root:system /dev/block/platform/mtk-msdc.0/by-name/recovery exec /system/bin/chmod 0640 /dev/block/platform/mtk-msdc.0/by-name/secro exec /system/bin/chown root:system /dev/block/platform/mtk-msdc.0/by-name/secro exec /system/bin/chmod 0660 /dev/block/platform/mtk-msdc.0/by-name/seccfg exec /system/bin/chown root:system /dev/block/platform/mtk-msdc.0/by-name/seccfg exec /system/bin/chmod 0660 /dev/block/platform/mtk-msdc.0/by-name/proinfo exec /system/bin/chown root:system /dev/block/platform/mtk-msdc.0/by-name/proinfo exec /system/bin/chmod 0660 /dev/block/platform/mtk-msdc.0/by-name/otp exec /system/bin/chown root:system /dev/block/platform/mtk-msdc.0/by-name/otp exec /system/bin/chmod 0660 /dev/block/platform/mtk-msdc.0/by-name/nvram exec /system/bin/chown root:system /dev/block/platform/mtk-msdc.0/by-name/nvram exec /system/bin/chmod 0660 /dev/block/platform/mtk-msdc.0/by-name/para exec /system/bin/chown root:system /dev/block/platform/mtk-msdc.0/by-name/para exec /system/bin/chmod 0660 /dev/block/platform/mtk-msdc.0/by-name/logo exec /system/bin/chown root:system /dev/block/platform/mtk-msdc.0/by-name/logo exec /system/bin/chown root:system /dev/block/platform/mtk-msdc.0/by-name/para write /proc/bootprof "INIT:Mount_END" on post-fs # once everything is setup, no need to modify / mount rootfs rootfs / ro remount # mount shared so changes propagate into child namespaces mount rootfs rootfs / shared rec mount tmpfs tmpfs /mnt/secure private rec # We chown/chmod /data again so because mount is run as root + defaults chown system system /system/data chmod 0777 /system/data # Same reason as /data above chown system cache /cache chmod 0770 /cache # We restorecon /cache in case the cache partition has been reset. restorecon_recursive /cache mkdir /cache/recovery 0770 system system restorecon /cache #mount yaffs2 mtd@nvram /nvram nandboot mount ext4 /dev/block/platform/mtk-msdc.0/by-name/SEC_RO /system/secro mount ext4 /dev/block/platform/mtk-msdc.0/by-name/SEC_RO /system/secro ro remount # This may have been created by the recovery system with odd permissions chown system cache /cache/recovery chmod 0770 /cache/recovery # This may have been created by the recovery system with the wrong context. restorecon /cache/recovery #change permissions on vmallocinfo so we can grab it from bugreports chown root log /proc/vmallocinfo chmod 0440 /proc/vmallocinfo chown root log /proc/slabinfo chmod 0440 /proc/slabinfo #change permissions on kmsg & sysrq-trigger so bugreports can grab kthread stacks chown root system /proc/kmsg chmod 0440 /proc/kmsg chown root system /proc/sysrq-trigger chmod 0220 /proc/sysrq-trigger chown system log /proc/last_kmsg chmod 0440 /proc/last_kmsg # create the lost+found directories, so as to enforce our permissions mkdir /cache/lost+found 0770 root root # make the selinux kernel policy world-readable chmod 0444 /sys/fs/selinux/policy # create the lost+found directories, so as to enforce our permissions mkdir /cache/lost+found 0770 root root #SeLinux restorecon_recursive /protect_f restorecon_recursive /protect_s on post-fs-data # We chown/chmod /data again so because mount is run as root + defaults chown system system /data chmod 0771 /data # We restorecon /data in case the userdata partition has been reset. restorecon /data # Create dump dir and collect dumps. # Do this before we mount cache so eventually we can use cache for # storing dumps on platforms which do not have a dedicated dump partition. mkdir /data/dontpanic 0750 root log # Collect apanic data, free resources and re-arm trigger copy /proc/apanic_console /data/dontpanic/apanic_console chown root log /data/dontpanic/apanic_console chmod 0640 /data/dontpanic/apanic_console copy /proc/apanic_threads /data/dontpanic/apanic_threads chown root log /data/dontpanic/apanic_threads chmod 0640 /data/dontpanic/apanic_threads write /proc/apanic_console 1 # create basic filesystem structure mkdir /data/nvram 2770 root system mkdir /data/misc 01771 system misc mkdir /data/misc/adb 02750 system shell mkdir /data/misc/bluetoothd 0770 bluetooth bluetooth mkdir /data/misc/bluetooth 0770 system system mkdir /data/misc/keystore 0700 keystore keystore mkdir /data/misc/keychain 0771 system system mkdir /data/misc/sms 0770 system radio mkdir /data/misc/vpn 0770 system vpn mkdir /data/misc/systemkeys 0700 system system # give system access to wpa_supplicant.conf for backup and restore mkdir /data/misc/wifi 0770 wifi wifi chmod 0660 /data/misc/wifi/wpa_supplicant.conf mkdir /data/local 0771 shell shell mkdir /data/local/tmp 0771 shell shell mkdir /data/data 0771 system system mkdir /data/app-private 0771 system system mkdir /data/app-asec 0700 root root mkdir /data/app-lib 0771 system system mkdir /data/app 0771 system system mkdir /data/property 0700 root root mkdir /data/ssh 0750 root shell mkdir /data/ssh/empty 0700 root root # create dalvik-cache, so as to enforce our permissions mkdir /data/dalvik-cache 0771 system system # create resource-cache and double-check the perms mkdir /data/resource-cache 0771 system system chown system system /data/resource-cache chmod 0771 /data/resource-cache # create the lost+found directories, so as to enforce our permissions mkdir /data/lost+found 0770 mkdir /cache/lost+found 0770 # double check the perms, in case lost+found already exists, and set owner chown root root /data/lost+found chmod 0770 /data/lost+found chown root root /cache/lost+found chmod 0770 /cache/lost+found mkdir /data/drm 0770 drm drm # dhcp server mkdir /data/misc/dhcp 0770 dhcp dhcp chown dhcp dhcp /data/misc/dhcp # device info interface #insmod /system/lib/modules/devinfo.ko #mknod /dev/devmap c 196 0; chmod 0444 /dev/devmap chown root system /dev/devmap # load driver base driver insmod /system/lib/modules/mtk_drvb_75.ko mknod /dev/drvb c 176 0 chmod 0666 /dev/drvb start NvRAMAgent ## Custom pos-fs area (START) write /proc/sys/vm/overcommit_memory 1 write /proc/sys/vm/min_free_order_shift 4 chown root system /sys/module/lowmemorykiller/parameters/adj chmod 0664 /sys/module/lowmemorykiller/parameters/adj chown root system /sys/module/lowmemorykiller/parameters/minfree chmod 0664 /sys/module/lowmemorykiller/parameters/minfree # Tweak background writeout write /proc/sys/vm/dirty_expire_centisecs 200 write /proc/sys/vm/dirty_background_ratio 5 # Permissions for System Server and daemons. chown radio system /sys/android_power/state chown radio system /sys/android_power/request_state chown radio system /sys/android_power/acquire_full_wake_lock chown radio system /sys/android_power/acquire_partial_wake_lock chown radio system /sys/android_power/release_wake_lock chown system system /sys/power/autosleep chown system system /sys/power/state chown system system /sys/power/wakeup_count chown radio system /sys/power/wake_lock chown radio system /sys/power/wake_unlock chmod 0660 /sys/power/state chmod 0660 /sys/power/wake_lock chmod 0660 /sys/power/wake_unlock chown system system /sys/devices/system/cpu/cpufreq/interactive/timer_rate chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/timer_rate chown system system /sys/devices/system/cpu/cpufreq/interactive/min_sample_time chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/min_sample_time chown system system /sys/devices/system/cpu/cpufreq/interactive/hispeed_freq chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/hispeed_freq chown system system /sys/devices/system/cpu/cpufreq/interactive/go_hispeed_load chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/go_hispeed_load chown system system /sys/devices/system/cpu/cpufreq/interactive/above_hispeed_delay chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/above_hispeed_delay chown system system /sys/devices/system/cpu/cpufreq/interactive/boost chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/boost chown system system /sys/devices/system/cpu/cpufreq/interactive/boostpulse chown system system /sys/devices/system/cpu/cpufreq/interactive/input_boost chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/input_boost chown system system /sys/devices/system/cpu/cpufreq/interactive/boostpulse_duration chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/boostpulse_duration # Assume SMP uses shared cpufreq policy for all CPUs chown system system /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq chmod 0660 /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq chown system system /sys/class/timed_output/vibrator/enable chown system system /sys/class/leds/keyboard-backlight/brightness chown system system /sys/class/leds/lcd-backlight/brightness chown system system /sys/class/leds/button-backlight/brightness chown system system /sys/class/leds/jogball-backlight/brightness chown system system /sys/class/leds/red/brightness chown system system /sys/class/leds/green/brightness chown system system /sys/class/leds/blue/brightness chown system system /sys/class/leds/red/device/grpfreq chown system system /sys/class/leds/red/device/grppwm chown system system /sys/class/leds/red/device/blink chown system system /sys/class/leds/red/brightness chown system system /sys/class/leds/green/brightness chown system system /sys/class/leds/blue/brightness chown system system /sys/class/leds/red/device/grpfreq chown system system /sys/class/leds/red/device/grppwm chown system system /sys/class/leds/red/device/blink chown system system /sys/class/timed_output/vibrator/enable chown system system /sys/module/sco/parameters/disable_esco chown system system /sys/kernel/ipv4/tcp_wmem_min chown system system /sys/kernel/ipv4/tcp_wmem_def chown system system /sys/kernel/ipv4/tcp_wmem_max chown system system /sys/kernel/ipv4/tcp_rmem_min chown system system /sys/kernel/ipv4/tcp_rmem_def chown system system /sys/kernel/ipv4/tcp_rmem_max chown root radio /proc/cmdline # Define TCP buffer sizes for various networks # ReadMin, ReadInitial, ReadMax, WriteMin, WriteInitial, WriteMax, setprop net.tcp.buffersize.default 4096,87380,110208,4096,16384,110208 setprop net.tcp.buffersize.wifi 524288,1048576,2097152,262144,524288,1048576 setprop net.tcp.buffersize.lte 524288,1048576,2097152,262144,524288,1048576 setprop net.tcp.buffersize.umts 4094,87380,110208,4096,16384,110208 setprop net.tcp.buffersize.hspa 4094,87380,262144,4096,16384,262144 setprop net.tcp.buffersize.hsupa 4094,87380,262144,4096,16384,262144 setprop net.tcp.buffersize.hsdpa 4094,87380,262144,4096,16384,262144 setprop net.tcp.buffersize.hspap 4094,87380,1220608,4096,16384,1220608 setprop net.tcp.buffersize.edge 4093,26280,35040,4096,16384,35040 setprop net.tcp.buffersize.gprs 4092,8760,11680,4096,8760,11680 setprop net.tcp.buffersize.evdo 4094,87380,262144,4096,16384,262144 # Set this property so surfaceflinger is not started by system_init setprop system_init.startsurfaceflinger 0 # Touch Panel chown root diag /sys/module/tpd_setting/parameters/tpd_calmat chown root diag /sys/module/tpd_setting/parameters/tpd_em_debounce_time chown root diag /sys/module/tpd_debug/parameters/tpd_em_log chown root diag /sys/module/tpd_debug/parameters/tpd_em_log_to_fs chmod 0777 /dev/pmem_multimedia chmod 0777 /dev/mt6516-isp chmod 0777 /dev/mt6516-IDP chmod 0777 /dev/mt9p012 chmod 0777 /dev/mt6516_jpeg chmod 0777 /dev/FM50AF # RTC mkdir /data/misc/rtc 0770 system system # M4U #insmod /system/lib/modules/m4u.ko #mknod /dev/M4U_device c 188 0 chmod 0444 /dev/M4U_device # Sensor chmod 0666 /dev/hwmsensor chmod 0666 /dev/msensor chmod 0666 /dev/gsensor chmod 0666 /dev/alsps #VideoCodec insmod /system/lib/modules/vcodec_kernel_driver.ko mknod /dev/Vcodec c 189 0 chmod 0666 /dev/Vcodec mkdir /data/amit/ # GPIO chmod 0666 /dev/mtgpio #NFC rm /data/mtknfc_server ## Custom pos_fs area (END) # Separate location for storing security policy files on data mkdir /data/security 0711 system system # Reload policy from /data/security if present. setprop selinux.reload_policy 1 # Set SELinux security contexts on upgrade or policy update. restorecon_recursive /data # If there is no fs-post-data action in the init..rc file, you # must uncomment this line, otherwise encrypted filesystems # won't work. # Set indication (checked by vold) that we have finished this action setprop vold.post_fs_data_done 1 on boot start drvbd # basic network init ifup lo hostname localhost domainname localdomain # Define RIL properties setprop rild.nw.operlist /system/etc/ril/oper.lis # AGPS chmod 0777 /system/bin/mtk_agpsd # Start default class, this line is very important!! class_start default class_start core on nonencrypted class_start main class_start late_start on property:vold.decrypt=trigger_default_encryption start defaultcrypto on property:vold.decrypt=trigger_encryption start surfaceflinger start encrypt on property:vold.decrypt=trigger_reset_main class_reset main on property:vold.decrypt=trigger_load_persist_props load_persist_props on property:vold.decrypt=trigger_post_fs_data trigger post-fs-data on property:vold.decrypt=trigger_restart_min_framework class_start main on property:vold.decrypt=trigger_restart_framework start nvram_daemon class_start main class_start late_start start permission_check on property:vold.decrypt=trigger_shutdown_framework class_reset late_start class_reset main ## Daemon processes to be run by init. ## # Update the second boot logo # service bootlogoupdater /system/bin/boot_logo_updater # oneshot service ueventd /sbin/ueventd class core critical seclabel u:r:ueventd:s0 service logd /system/bin/logd class core socket logd stream 0666 logd logd socket logdr seqpacket 0666 logd logd socket logdw dgram 0222 logd logd seclabel u:r:logd:s0 service kisd /system/bin/kisd user system group system media service console /system/bin/sh class core console disabled user shell group shell log seclabel u:r:shell:s0 on property:sys.powerctl=* powerctl ${sys.powerctl} on property:ro.debuggable=1 start console # adbd is controlled via property triggers in init..usb.rc service adbd /sbin/adbd --root_seclabel=u:r:su:s0 class core socket adbd stream 660 system system disabled seclabel u:r:adbd:s0 # adbd on at boot in emulator on property:ro.kernel.qemu=1 start adbd service servicemanager /system/bin/servicemanager class core user system group system critical service vold /system/bin/vold class core socket vold stream 0660 root mount ioprio be 2 # One shot invocation to deal with encrypted volume. service defaultcrypto /system/bin/vdc --wait cryptfs mountdefaultencrypted disabled oneshot # vold will set vold.decrypt to trigger_restart_framework (default # encryption) or trigger_restart_min_framework (other encryption) # One shot invocation to encrypt unencrypted volumes service encrypt /system/bin/vdc --wait cryptfs enablecrypto inplace default disabled oneshot # vold will set vold.decrypt to trigger_restart_framework (default # encryption) service netd /system/bin/netd class main socket netd stream 0660 root system socket dnsproxyd stream 0660 root inet socket mdns stream 0660 root system #service debuggerd /system/bin/debuggerd # class main service ril-daemon /system/bin/rild class main socket rild stream 660 root radio socket rild-debug stream 660 radio system user root group radio cache inet misc audio log # adbd is controlled via property triggers in init..usb.rc service adbd /sbin/adbd class core service drvbd /system/bin/drvbd class main user system group system ## Custom service area (START) # Please add custom service below service nvram_daemon /system/bin/nvram_daemon class main user root group system oneshot service NvRAMAgent /system/bin/nvram_agent_binder user system group system service mdlogger /system/bin/mdlogger class main user shell group shell system radio sdcard_rw inet disabled oneshot service dualmdlogger /system/bin/dualmdlogger class main user shell group shell system radio sdcard_rw inet disabled oneshot service factory_no_image /system/bin/factory disabled oneshot service factory_with_image /sbin/factory disabled oneshot # ## Custom service area (END) on property:sys.mtk.no.factoryimage=1 start factory_no_image on property:sys.mtk.no.factoryimage=0 start factory_with_image #mass_storage,adb,acm on property:ro.boot.usbconfig=0 write /sys/class/android_usb/android0/iSerial $ro.serialno write /sys/class/android_usb/android0/enable 0 write /sys/class/android_usb/android0/idVendor 0e8d write /sys/class/android_usb/android0/idProduct 2006 write /sys/class/android_usb/android0/f_acm/instances 1 write /sys/class/android_usb/android0/functions mass_storage,adb,acm write /sys/class/android_usb/android0/enable 1 start adbd #acm on property:ro.boot.usbconfig=1 write /sys/class/android_usb/android0/enable 0 write /sys/class/android_usb/android0/iSerial " " write /sys/class/android_usb/android0/idVendor 0e8d write /sys/class/android_usb/android0/idProduct 2007 write /sys/class/android_usb/android0/f_acm/instances 1 write /sys/class/android_usb/android0/functions acm write /sys/class/android_usb/android0/bDeviceClass 02 write /sys/class/android_usb/android0/enable 1