You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
80 lines
3.0 KiB
80 lines
3.0 KiB
# Copyright 2020 The Chromium OS Authors. All rights reserved.
|
|
# Use of this source code is governed by a BSD-style license that can be
|
|
# found in the LICENSE file.
|
|
|
|
# Installed by sound_card_init package.
|
|
# sound_card_init upstart job.
|
|
# sound_card_init is started by /lib/udev/rules.d/99-sound_card_init.rules
|
|
|
|
description "Chrome OS sound card initializer"
|
|
author "chromium-os-dev@chromium.org"
|
|
|
|
# sound_card_init is a short-running process, but we don't start it as
|
|
# a task job, because sound_card_init needs the sound card to be ready in
|
|
# CRAS therefore we do not want to block the udev rule processing.
|
|
|
|
# Make the task killable, because if it has a leak it's better to
|
|
# restart it than to OOM-panic.
|
|
oom score 0
|
|
|
|
# SOUND_CARD_ID is provided by /lib/udev/rules.d/99-sound_card_init.rules.
|
|
import SOUND_CARD_ID
|
|
|
|
pre-start script
|
|
if ! echo "${SOUND_CARD_ID}" | grep -Eq "^[a-zA-Z0-9]+$"; then
|
|
logger -t "${UPSTART_JOB}" \
|
|
"Invalid SOUND_CARD_ID supplied"
|
|
exit 1
|
|
else
|
|
mkdir -m 0755 -p /var/lib/sound_card_init/"${SOUND_CARD_ID}"
|
|
chown -R sound_card_init:sound_card_init /var/lib/sound_card_init
|
|
fi
|
|
end script
|
|
|
|
|
|
script
|
|
CONFIG="$(cros_config /audio/main sound-card-init-conf)"
|
|
if [ -f /etc/sound_card_init/"${CONFIG}" ]; then
|
|
# Here (in order) are a list of the args added:
|
|
# --uts: Create and enter new UTS namespace (hostname/NIS domain name).
|
|
# -e: doesn't need network access.
|
|
# -l: process doesn't use SysV shared memory or IPC.
|
|
# -N: doesn't need to modify control groups settings.
|
|
# -v: run inside a new VFS namespace.
|
|
# -p -r: process doesn't need to access other processes in the system.
|
|
# -n: process doesn't need new privileges.
|
|
# -P: set /mnt/empty as the root fs.
|
|
# -b: bind /
|
|
# -k: Get a writeable and empty /run tmpfs path.
|
|
# -b: need /run/cras to connect cras.
|
|
# -b: need /dev to send ioctls to the system's block devices.
|
|
# -k: empty /sys tmpfs path.
|
|
# -b: need /sys/firmware/vpd/ro/ access to read the default calibration
|
|
# value in vpd.
|
|
# -k: get a writeable and empty /var tmpfs path.
|
|
# -b: need /var/lib/sound_card_init/$SOUND_CARD_ID writable access for
|
|
# datastore update.
|
|
# -b: need /var/lib/cras readable
|
|
exec minijail0 \
|
|
--uts \
|
|
-e \
|
|
-l \
|
|
-N \
|
|
-v \
|
|
-p -r \
|
|
-n \
|
|
-P /mnt/empty \
|
|
-b / \
|
|
-k 'tmpfs,/run,tmpfs,MS_NODEV|MS_NOEXEC|MS_NOSUID,mode=755,size=10M' \
|
|
-b /run/cras \
|
|
-b /dev \
|
|
-k 'tmpfs,/sys,tmpfs,MS_NODEV|MS_NOEXEC|MS_NOSUID,mode=755,size=10M' \
|
|
-b /sys/firmware/vpd/ro/ \
|
|
-k 'tmpfs,/var,tmpfs,MS_NODEV|MS_NOEXEC|MS_NOSUID,mode=755,size=10M' \
|
|
-b /var/lib/sound_card_init/"${SOUND_CARD_ID}"/,,1 \
|
|
-b /var/lib/cras/ \
|
|
-u sound_card_init -g sound_card_init -G \
|
|
-S /usr/share/policy/sound_card_init-seccomp.policy \
|
|
/usr/bin/sound_card_init "--id=${SOUND_CARD_ID}" "--conf=${CONFIG}"
|
|
fi
|
|
end script |