openharmony-standard: Run hilogd as systemd service

Convert hilogd into a systemd service

- Patch hilogd to use sd_notify(3) to send ready notification to systemd, and
  thus use as a Type=notify service.
- Add log and logd users and groups, with similar uid and gid as in OHOS.
- Place Unix sockets in /run/openharmony/hilog instead of /dev/unix/socket,
  enabling secure creaton and managing of these.
- Use systemd.socket units for the two Unix sockets, to allow creating with
  desired uid/gid and permissions, and allowing to use hilogd with systemd
  socket activation

Signed-off-by: Esben Haabendal <esben@geanix.com>

recipes-openharmony/openharmony/files/hilogd-control.socket

+[Unit]
+Description=OpenHarmony hilog control socket
+
+[Socket]
+ExecStartPre=install -o logd -g logd -m 775 -d /run/openharmony/hilog
+ListenSequentialPacket=/run/openharmony/hilog/control
+SocketUser=logd
+SocketGroup=logd
+# This mimics OHOS init config, although hilogd changes it to 0666 on startup
+SocketMode=0600
+Service=hilogd.service

recipes-openharmony/openharmony/files/hilogd-control.socket.license

+# SPDX-FileCopyrightText: Huawei Inc.
+#
+# SPDX-License-Identifier: Apache-2.0

recipes-openharmony/openharmony/files/hilogd-input.socket

+[Unit]
+Description=OpenHarmony hilog input socket
+
+[Socket]
+ExecStartPre=install -o logd -g logd -m 775 -d /run/openharmony/hilog
+ListenDatagram=/run/openharmony/hilog/input
+SocketUser=logd
+SocketGroup=logd
+SocketMode=0666
+Service=hilogd.service

recipes-openharmony/openharmony/files/hilogd-input.socket.license

+# SPDX-FileCopyrightText: Huawei Inc.
+#
+# SPDX-License-Identifier: Apache-2.0

recipes-openharmony/openharmony/files/hilogd.service

 [Unit]
 Description=OpenHarmony hilog daemon
+Requires=hilogd-input.socket hilogd-control.socket
+After=hilogd-input.socket hilogd-control.socket
 
 [Service]
-Type=oneshot
-ExecStart=/bin/echo "OpenHarmony hilog Service"
-RemainAfterExit=yes
+Type=notify
+ExecStartPre=!install -o system -g log -m 0770 -d /data/log
+ExecStartPre=!install -o logd -g log -m 0750 -d /data/log/hilog
+User=logd
+Group=log
+ExecStart=/usr/bin/hilogd
 
 [Install]
 WantedBy=multi-user.target

recipes-openharmony/openharmony/files/openharmony-preinit

@@ -76,7 +76,6 @@ mkdir -p /data/vendor_ce
 mkdir -p /data/vendor_de
 mkdir -p /data/vendor/hardware
 mkdir -p /data/weston
-mkdir -p /data/log/hilog
 mkdir -p /data/log/faultlog/faultlogger
 mkdir -p /data/log/faultlog/temp
 mkdir -p /usr/lib/dri
@@ -157,21 +156,6 @@ if systemctl -q is-enabled appspawn.service; then
 	sleep "$STARTUP_CMD_SLEEP"
 fi
 
-# trigger: post-fs-data
-# "mkdir /data/log/ 0770 system log",
-# "mkdir /data/log/hilog/ 0750 logd log",
-# "uid" : "logd",
-# "gid" : "log",
-# "socket" : [
-#   "hilogInput dgram 0666 logd logd passcred",
-#   "hilogControl seqpacket 0600 logd logd false"
-# ]
-if systemctl -q is-enabled hilogd.service; then
-	echo >/dev/console "Starting OpenHarmony hilogd service"
-	/system/bin/hilogd &
-	sleep "$STARTUP_CMD_SLEEP"
-fi
-
 # trigger: post-fs-data
 # "name" : "huks_service",
 # "path" : ["/system/bin/sa_main", "/system/profile/huks_service.xml"],

recipes-openharmony/openharmony/files/openharmony-preinit.service

@@ -4,6 +4,8 @@ After=param.service
 Requires=param.service
 After=samgr.service
 Requires=samgr.service
+After=hilogd.service
+Requires=hilogd.service
 
 [Service]
 Type=oneshot

recipes-openharmony/openharmony/openharmony-standard-3.0/hilog-sd-notify.patch

+# SPDX-FileCopyrightText: Huawei Inc.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+Patch for //base/hiviewdfx/hilog of OpenHarmony 3.0 codebase
+
+This adds sd_notify(3) ready notification to hilogd service for better
+integration with systemd.
+
+Signed-off-by: Esben Haabendal <esben@geanix.com>
+Upstream-Status: Pending
+
+diff --git a/frameworks/native/BUILD.gn b/frameworks/native/BUILD.gn
+index 28a55a72e3f6..04ef88045c3a 100644
+--- a/frameworks/native/BUILD.gn
++++ b/frameworks/native/BUILD.gn
+@@ -67,7 +67,6 @@ ohos_shared_library("libhilogutil") {
+     "dgram_socket_server.cpp",
+     "format.cpp",
+     "seq_packet_socket_client.cpp",
+-    "seq_packet_socket_server.cpp",
+     "socket.cpp",
+     "socket_client.cpp",
+     "socket_server.cpp",
+diff --git a/frameworks/native/seq_packet_socket_server.cpp b/frameworks/native/seq_packet_socket_server.cpp
+index c8665b22dbde..a7f4a2e2e1b9 100644
+--- a/frameworks/native/seq_packet_socket_server.cpp
++++ b/frameworks/native/seq_packet_socket_server.cpp
+@@ -18,6 +18,8 @@
+ #include <thread>
+ #include <iostream>
+ 
++#include <systemd/sd-daemon.h>
++
+ namespace OHOS {
+ namespace HiviewDFX {
+ int SeqPacketSocketServer::AcceptConnection(AcceptingHandler func)
+@@ -30,7 +32,9 @@ int SeqPacketSocketServer::AcceptConnection(AcceptingHandler func)
+         return ret;
+     }
+ 
++    sd_notify(0, "READY=1");
+     AcceptingThread(func);
++    sd_notify(0, "STOPPING=1");
+ 
+     return ret;
+ }
+diff --git a/services/hilogd/BUILD.gn b/services/hilogd/BUILD.gn
+index e241cd5b412b..7e4e9cca157f 100644
+--- a/services/hilogd/BUILD.gn
++++ b/services/hilogd/BUILD.gn
+@@ -31,6 +31,7 @@ ohos_executable("hilogd") {
+     "log_querier.cpp",
+     "log_reader.cpp",
+     "main.cpp",
++    "//base/hiviewdfx/hilog/frameworks/native/seq_packet_socket_server.cpp",
+   ]
+   configs = [ ":hilogd_config" ]
+   defines = [ "__RECV_MSG_WITH_UCRED_" ]
+@@ -41,6 +42,7 @@ ohos_executable("hilogd") {
+     "//third_party/zlib:libz",
+     "//utils/native/base:utilsecurec_shared",
+   ]
++  libs = [ "systemd" ]
+ 
+   deps += [ "etc:hilogd_etc" ]
+ 

recipes-openharmony/openharmony/openharmony-standard-3.0/hilog-socket-paths.patch

+# SPDX-FileCopyrightText: Huawei Inc.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+Configure hilogd daemon and hilog command to place Unix sockets in
+/run/openharmony/hilog instead of /dev/unix/socket, thus making it easier to
+handle permissions, and allow doing it in a way that is more safe.
+
+The /run/hilog can be created with permissions so that only hilogd can create
+new files in there, which obviously is not possible with a /dev/unix/socket dir
+shared with other daemons (running with different uid/gid).
+
+Signed-off-by: Esben Haabendal <esben.haabendal@huawei.com>
+Upstream-Status: Inappropriate [configuration]
+
+diff --git a/frameworks/native/include/hilog_common.h b/frameworks/native/include/hilog_common.h
+index e6e365f0c888..7bf1ec70d325 100644
+--- a/frameworks/native/include/hilog_common.h
++++ b/frameworks/native/include/hilog_common.h
+@@ -18,14 +18,10 @@
+ 
+ #include <cstdint>
+ 
+-#ifdef HILOG_USE_MUSL
+-#define SOCKET_FILE_DIR "/dev/unix/socket/"
+-#else
+-#define SOCKET_FILE_DIR "/dev/socket/"
+-#endif
+-#define INPUT_SOCKET_NAME "hilogInput"
++#define SOCKET_FILE_DIR "/run/openharmony/hilog/"
++#define INPUT_SOCKET_NAME "input"
+ #define INPUT_SOCKET SOCKET_FILE_DIR INPUT_SOCKET_NAME
+-#define CONTROL_SOCKET_NAME "hilogControl"
++#define CONTROL_SOCKET_NAME "control"
+ #define CONTROL_SOCKET SOCKET_FILE_DIR CONTROL_SOCKET_NAME
+ #define HILOG_FILE_DIR "/data/log/hilog/"
+ 

recipes-openharmony/openharmony/openharmony-standard_3.0.bb

@@ -35,6 +35,8 @@ SRC_URI += "${@bb.utils.contains('PTEST_ENABLED', '1', 'file://run-ptest', '', d
 
 # TODO: we probably want these
 SRC_URI += "file://hilog-Add-tests.patch;patchdir=${S}/base/hiviewdfx/hilog"
+SRC_URI += "file://hilog-socket-paths.patch;patchdir=${S}/base/hiviewdfx/hilog"
+SRC_URI += "file://hilog-sd-notify.patch;patchdir=${S}/base/hiviewdfx/hilog"
 
 SRC_URI += "file://bison_parser.patch;patchdir=${S}/third_party/libxkbcommon"
 SRC_URI += "file://flexlexer.patch;patchdir=${S}/base/update/updater"
@@ -465,11 +467,14 @@ RDEPENDS:${PN}-ptest += "${PN}-libutils-ptest"
 # //base/hiviewdfx/hilog component
 PACKAGES =+ "${PN}-hilog"
 SYSTEMD_PACKAGES += "${PN}-hilog"
-SYSTEMD_SERVICE:${PN}-hilog = "hilogd.service"
-SRC_URI += "file://hilogd.service"
+SYSTEMD_SERVICE:${PN}-hilog = "hilogd.service hilogd-input.socket hilogd-control.socket"
+SRC_URI += "file://hilogd.service file://hilogd-input.socket file://hilogd-control.socket"
 do_install:append() {
     install -d ${D}/${systemd_unitdir}/system
-    install -m 644 ${WORKDIR}/hilogd.service ${D}${systemd_unitdir}/system/
+    install -m 644 -t ${D}${systemd_unitdir}/system/ \
+            ${WORKDIR}/hilogd.service \
+            ${WORKDIR}/hilogd-input.socket \
+            ${WORKDIR}/hilogd-control.socket
     rm -f ${D}${sysconfdir}/openharmony/init/hilogd.cfg
     install -d ${D}${sysconfdir}/sysctl.d
     echo "net.unix.max_dgram_qlen=600" > ${D}${sysconfdir}/sysctl.d/hilogd.conf
@@ -478,9 +483,8 @@ FILES:${PN}-hilog = " \
     ${bindir}/hilog* \
     ${libdir}/libhilog*${SOLIBS} \
     ${sysconfdir}/openharmony/hilog*.conf \
-    ${systemd_unitdir}/hilogd.service \
 "
-RDEPENDS:${PN}-hilog += "musl libcxx"
+RDEPENDS:${PN}-hilog += "musl libcxx libsystemd"
 RDEPENDS:${PN}-hilog += "${PN}-libutilsecurec"
 RDEPENDS:${PN} += "${PN}-hilog"
 
@@ -2026,6 +2030,8 @@ inherit useradd
 
 USERADD_PACKAGES = "${PN}"
 USERADD_PARAM:${PN} = "-u 1000 -U -s /bin/sh system"
+USERADD_PARAM:${PN}:append = ";-u 1007 -U -s /bin/false log"
+USERADD_PARAM:${PN}:append = ";-u 1036 -U -s /bin/false logd"
 
 # system haps
 PACKAGES =+ "${PN}-systemhaps"