Unify media.codec and media.extractor Minijail usage.
That way we can modify this code in one place to take a list of seccomp
policy files.
This CL removes around 70 lines by unifying identical code. No change
in behavior.
Bug: 34723744
Test: media.codec, media.extractor start, have Seccomp.
Test: cat /proc/`pgrep .codec`/status | grep Seccomp
Seccomp: 2
Test: cat /proc/`pgrep .extractor`/status | grep Seccomp
Seccomp: 2
Change-Id: Ia8be7b9c3d6163804d2a45954f8d03315ae32e7a
diff --git a/services/mediacodec/Android.mk b/services/mediacodec/Android.mk
index 4cbf737..e8a8264 100644
--- a/services/mediacodec/Android.mk
+++ b/services/mediacodec/Android.mk
@@ -15,17 +15,16 @@
# service executable
include $(CLEAR_VARS)
LOCAL_REQUIRED_MODULES_arm := mediacodec-seccomp.policy
-LOCAL_SRC_FILES := main_codecservice.cpp minijail/minijail.cpp
+LOCAL_SRC_FILES := main_codecservice.cpp
LOCAL_SHARED_LIBRARIES := libmedia libmediacodecservice libbinder libutils \
- liblog libminijail libcutils \
+ libbase libavservices_minijail libcutils \
android.hardware.media.omx@1.0
LOCAL_C_INCLUDES := \
$(TOP)/frameworks/av/media/libstagefright \
$(TOP)/frameworks/native/include/media/openmax
-LOCAL_MODULE:= mediacodec
+LOCAL_MODULE := mediacodec
LOCAL_32_BIT_ONLY := true
LOCAL_INIT_RC := mediacodec.rc
include $(BUILD_EXECUTABLE)
include $(call all-makefiles-under, $(LOCAL_PATH))
-
diff --git a/services/mediacodec/main_codecservice.cpp b/services/mediacodec/main_codecservice.cpp
index f6cde85..f594096 100644
--- a/services/mediacodec/main_codecservice.cpp
+++ b/services/mediacodec/main_codecservice.cpp
@@ -15,31 +15,32 @@
** limitations under the License.
*/
-#define LOG_TAG "mediacodec"
-//#define LOG_NDEBUG 0
-
#include <fcntl.h>
#include <sys/prctl.h>
#include <sys/wait.h>
#include <binder/IPCThreadState.h>
#include <binder/ProcessState.h>
#include <binder/IServiceManager.h>
-#include <utils/Log.h>
#include <cutils/properties.h>
+#include <android-base/logging.h>
+
// from LOCAL_C_INCLUDES
#include "MediaCodecService.h"
-#include "minijail/minijail.h"
+#include "minijail.h"
#include <android/hardware/media/omx/1.0/IOmx.h>
using namespace android;
+// Must match location in Android.mk.
+static const char kSeccompPolicyPath[] = "/system/etc/seccomp_policy/mediacodec-seccomp.policy";
+
int main(int argc __unused, char** argv)
{
- ALOGI("@@@ mediacodecservice starting");
+ LOG(INFO) << "mediacodecservice starting";
signal(SIGPIPE, SIG_IGN);
- MiniJail();
+ SetUpMinijail(kSeccompPolicyPath);
strcpy(argv[0], "media.codec");
sp<ProcessState> proc(ProcessState::self());
@@ -52,11 +53,11 @@
using namespace ::android::hardware::media::omx::V1_0;
sp<IOmx> omx = IOmx::getService(true);
if (omx == nullptr) {
- ALOGE("Cannot create a Treble IOmx service.");
+ LOG(ERROR) << "Cannot create a Treble IOmx service.";
} else if (omx->registerAsService("default") != OK) {
- ALOGE("Cannot register a Treble IOmx service.");
+ LOG(ERROR) << "Cannot register a Treble IOmx service.";
} else {
- ALOGV("Treble IOmx service created.");
+ LOG(VERBOSE) << "Treble IOmx service created.";
}
}
diff --git a/services/mediacodec/minijail/minijail.cpp b/services/mediacodec/minijail/minijail.cpp
deleted file mode 100644
index 463f161..0000000
--- a/services/mediacodec/minijail/minijail.cpp
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
-**
-** Copyright 2016, The Android Open Source Project
-**
-** Licensed under the Apache License, Version 2.0 (the "License");
-** you may not use this file except in compliance with the License.
-** You may obtain a copy of the License at
-**
-** http://www.apache.org/licenses/LICENSE-2.0
-**
-** Unless required by applicable law or agreed to in writing, software
-** distributed under the License is distributed on an "AS IS" BASIS,
-** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-** See the License for the specific language governing permissions and
-** limitations under the License.
-*/
-
-#define LOG_TAG "minijail"
-
-#include <unistd.h>
-
-#include <log/log.h>
-
-#include <libminijail.h>
-
-#include "minijail.h"
-
-namespace android {
-
-/* Must match location in Android.mk */
-static const char kSeccompFilePath[] = "/system/etc/seccomp_policy/mediacodec-seccomp.policy";
-
-int MiniJail()
-{
- /* no seccomp policy for this architecture */
- if (access(kSeccompFilePath, R_OK) == -1) {
- ALOGW("No seccomp filter defined for this architecture.");
- return 0;
- }
-
- struct minijail *jail = minijail_new();
- if (jail == NULL) {
- ALOGW("Failed to create minijail.");
- return -1;
- }
-
- minijail_no_new_privs(jail);
- minijail_log_seccomp_filter_failures(jail);
- minijail_use_seccomp_filter(jail);
- minijail_parse_seccomp_filters(jail, kSeccompFilePath);
- minijail_enter(jail);
- minijail_destroy(jail);
- return 0;
-}
-}
diff --git a/services/mediacodec/minijail/minijail.h b/services/mediacodec/minijail/minijail.h
deleted file mode 100644
index ae01470..0000000
--- a/services/mediacodec/minijail/minijail.h
+++ /dev/null
@@ -1,20 +0,0 @@
-/*
-**
-** Copyright 2016, The Android Open Source Project
-**
-** Licensed under the Apache License, Version 2.0 (the "License");
-** you may not use this file except in compliance with the License.
-** You may obtain a copy of the License at
-**
-** http://www.apache.org/licenses/LICENSE-2.0
-**
-** Unless required by applicable law or agreed to in writing, software
-** distributed under the License is distributed on an "AS IS" BASIS,
-** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-** See the License for the specific language governing permissions and
-** limitations under the License.
-*/
-
-namespace android {
-int MiniJail();
-}