From 6ed19d1675ab7a9b45d1b82c90aac2be8f408a2e Mon Sep 17 00:00:00 2001 From: Jaesoo Lee Date: Mon, 10 Apr 2017 19:42:19 +0900 Subject: [PATCH] disable module loading after BOOT_COMPLETED broadcast This CL disables module loading by writing 1 to /proc/sys/kernel/modules_disabled when the property sys.boot_completed is set to 1 by ActivityManagerService (at the broadcast of PHASE_BOOT_COMPLETED). Bug: 36515654 Test: tested on sailfish and verified that module loading is disabled in userdebug and enabled in eng mode Change-Id: Id38d34a6395966ab21e440614337c0cfca791ad0 --- rootdir/init.rc | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/rootdir/init.rc b/rootdir/init.rc index 6a01baf35..0b3e3ee66 100644 --- a/rootdir/init.rc +++ b/rootdir/init.rc @@ -645,6 +645,12 @@ on property:sys.powerctl=* on property:sys.boot_completed=1 bootchart stop +on property:sys.boot_completed=1 && property:ro.build.type=user + write /proc/sys/kernel/modules_disabled 1 + +on property:sys.boot_completed=1 && property:ro.build.type=userdebug + write /proc/sys/kernel/modules_disabled 1 + # system server cannot write to /proc/sys files, # and chown/chmod does not work for /proc/sys/ entries. # So proxy writes through init.