From 92b85c187c8b82944a5bfb4270306dcaa8f61e7e Mon Sep 17 00:00:00 2001
From: Esben Haabendal <esben@geanix.com>
Date: Thu, 9 Mar 2023 18:22:07 +0100
Subject: [PATCH] openharmony-standard: Run deviceauth_service as systemd
 service

Signed-off-by: Esben Haabendal <esben@geanix.com>
---
 .../openharmony/files/deviceauth.service      | 18 +++++--
 .../openharmony/files/openharmony-preinit     | 11 ----
 .../deviceauth-sd-notify.patch                | 50 +++++++++++++++++++
 .../openharmony/openharmony-standard_3.0.bb   |  3 +-
 4 files changed, 66 insertions(+), 16 deletions(-)
 create mode 100644 recipes-openharmony/openharmony/openharmony-standard-3.0/deviceauth-sd-notify.patch

diff --git a/recipes-openharmony/openharmony/files/deviceauth.service b/recipes-openharmony/openharmony/files/deviceauth.service
index aab97854..106e75eb 100644
--- a/recipes-openharmony/openharmony/files/deviceauth.service
+++ b/recipes-openharmony/openharmony/files/deviceauth.service
@@ -1,10 +1,20 @@
 [Unit]
-Description=OpenHarmony Device Authentication daemon
+Description=OpenHarmony Device Authentication daemon (SA: 4701)
+Requires=samgr.service
+After=samgr.service
+# Logging to hilogd, but seems to work without it
+Wants=hilogd.service
+After=hilogd.service
+# Requires SA: 3510
+Wants=huks.service
 
 [Service]
-Type=oneshot
-ExecStart=/bin/echo "OpenHarmony Device Authentication Service"
-RemainAfterExit=yes
+Type=notify
+User=system
+Group=system
+SupplementaryGroups=shell
+LimitNICE=40
+ExecStart=/usr/bin/deviceauth_service
 
 [Install]
 WantedBy=multi-user.target
diff --git a/recipes-openharmony/openharmony/files/openharmony-preinit b/recipes-openharmony/openharmony/files/openharmony-preinit
index c05bcbc4..188231c0 100644
--- a/recipes-openharmony/openharmony/files/openharmony-preinit
+++ b/recipes-openharmony/openharmony/files/openharmony-preinit
@@ -132,17 +132,6 @@ if systemctl -q is-enabled weston.service; then
 	sleep "$STARTUP_CMD_SLEEP"
 fi
 
-# trigger: post-fs-data
-# "name" : "deviceauth_service",
-# "path" : ["/system/bin/deviceauth_service"],
-# "uid" : "system",
-# "gid" : ["system", "shell"]
-if systemctl -q is-enabled deviceauth.service; then
-	echo >/dev/console "Starting OpenHarmony deviceauth service"
-	su system -c '/system/bin/deviceauth_service &' # SA: 4701 | Required SA: 3510
-	sleep "$STARTUP_CMD_SLEEP"
-fi
-
 # trigger: post-fs-data
 # "name" : "accountmgr",
 # "path" : ["/system/bin/sa_main", "/system/profile/accountmgr.xml"],
diff --git a/recipes-openharmony/openharmony/openharmony-standard-3.0/deviceauth-sd-notify.patch b/recipes-openharmony/openharmony/openharmony-standard-3.0/deviceauth-sd-notify.patch
new file mode 100644
index 00000000..9728d5de
--- /dev/null
+++ b/recipes-openharmony/openharmony/openharmony-standard-3.0/deviceauth-sd-notify.patch
@@ -0,0 +1,50 @@
+# SPDX-FileCopyrightText: Huawei Inc.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+Patch for //base/security/deviceauth of OpenHarmony 3.0 codebase
+
+This adds sd_notify(3) ready notification to deviceauth service for better
+integration with systemd.
+
+Signed-off-by: Esben Haabendal <esben@geanix.com>
+Upstream-Status: Pending
+
+diff --git a/frameworks/src/ipc_service.c b/frameworks/src/ipc_service.c
+index 46bd82dd8969..48972f55c9d4 100644
+--- a/frameworks/src/ipc_service.c
++++ b/frameworks/src/ipc_service.c
+@@ -25,6 +25,8 @@
+ #include "ipc_sdk.h"
+ #include "securec.h"
+ 
++#include <systemd/sd-daemon.h>
++
+ #ifdef __cplusplus
+ extern "C" {
+ #endif
+@@ -1323,9 +1325,11 @@ int32_t main(int32_t argc, char const *argv[])
+     }
+     (void)AddMethodMap(serviceCtx);
+     LOGI("device authentication service register to IPC manager done, service running...");
++    sd_notify(0, "READY=1");
+     (void)memset_s(&cond, sizeof(cond), 0, sizeof(cond));
+     InitHcCond(&cond, NULL);
+     cond.wait(&cond);
++    sd_notify(0, "STOPPING=1");
+     DestroyHcCond(&cond);
+     return 0;
+ }
+diff --git a/services/BUILD.gn b/services/BUILD.gn
+index d6bd3557f656..83db1b07278b 100644
+--- a/services/BUILD.gn
++++ b/services/BUILD.gn
+@@ -219,6 +219,8 @@ if (defined(ohos_lite)) {
+       "safwk:system_ability_fwk",
+       "samgr_L2:samgr_proxy",
+     ]
++
++    libs = [ "systemd" ]
+   }
+ 
+   ohos_shared_library("deviceauth_sdk") {
diff --git a/recipes-openharmony/openharmony/openharmony-standard_3.0.bb b/recipes-openharmony/openharmony/openharmony-standard_3.0.bb
index 36289824..26c9b63e 100644
--- a/recipes-openharmony/openharmony/openharmony-standard_3.0.bb
+++ b/recipes-openharmony/openharmony/openharmony-standard_3.0.bb
@@ -79,6 +79,7 @@ SRC_URI += "file://param_service-Add-to-startup-l2-part.patch;patchdir=${S}/base
 SRC_URI += "file://samgr-sd-notify.patch;patchdir=${S}/foundation/distributedschedule/samgr"
 SRC_URI += "file://safwk-sd-notify.patch;patchdir=${S}/foundation/distributedschedule/safwk"
 SRC_URI += "file://installs-sd-notify.patch;patchdir=${S}/foundation/appexecfwk/standard"
+SRC_URI += "file://deviceauth-sd-notify.patch;patchdir=${S}/base/security/deviceauth"
 
 SRC_URI += "file://base_hiviewdfx_hiview-libfaultlogger-static.patch;patchdir=${S}/base/hiviewdfx/hiview"
 
@@ -1066,7 +1067,7 @@ FILES:${PN}-security-deviceauth = " \
     ${bindir}/deviceauth_service \
     ${libdir}/libdeviceauth*${SOLIBS} \
 "
-RDEPENDS:${PN}-security-deviceauth += "musl libcxx libcrypto"
+RDEPENDS:${PN}-security-deviceauth += "musl libcxx libcrypto libsystemd"
 RDEPENDS:${PN}-security-deviceauth += "${PN}-hilog ${PN}-libutils ${PN}-ipc ${PN}-samgr"
 RDEPENDS:${PN}-security-deviceauth += "${PN}-security-huks ${PN}-syspara ${PN}-dsoftbus"
 RDEPENDS:${PN} += "${PN}-security-deviceauth"
-- 
GitLab