pa-fazil
/
android_system_core
mirror of https://github.com/fazilsheik96/android_system_core.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

ueventd: make selinux labeling optional for device creation 

This is to setup a way for us to run coldboot during init first stage
and also at ueventd startup. We do not have all of the file context
during the first stage, so the "early" coldboot needs to proceed without
labelling the device nodes. However, the follow up in ueventd must label
these nodes. This change allows us to do both.

b/27805372

Test: Boot angler successfully and compare do before/after comparison of
      the output of 'ls -AclpqRZ /dev' to ensure there are no differences.

Change-Id: I5e88bd7da8a1d2cc41e3abba30dda463ecbde32e
Signed-off-by: Sandeep Patil <sspatil@google.com>
This commit is contained in:
Sandeep Patil 2017-02-03 07:51:55 -08:00
parent d85cf0fb7d
commit ea23983a9c
1 changed files with 11 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
init/devices.cpp
View File

@ -249,11 +249,13 @@ static void make_device(const char *path,
mode = get_device_perm(path, links, &uid, &gid) | (block ? S_IFBLK : S_IFCHR);
if (selabel_lookup_best_match(sehandle, &secontext, path, links, mode)) {
PLOG(ERROR) << "Device '" << path << "' not created; cannot find SELinux label";
return;
if (sehandle) {
if (selabel_lookup_best_match(sehandle, &secontext, path, links, mode)) {
PLOG(ERROR) << "Device '" << path << "' not created; cannot find SELinux label";
return;
}
setfscreatecon(secontext);
}
setfscreatecon(secontext);
dev = makedev(major, minor);
/* Temporarily change egid to avoid race condition setting the gid of the
@ -264,7 +266,7 @@ static void make_device(const char *path,
setegid(gid);
/* If the node already exists update its SELinux label to handle cases when
* it was created with the wrong context during coldboot procedure. */
if (mknod(path, mode, dev) && (errno == EEXIST)) {
if (mknod(path, mode, dev) && (errno == EEXIST) && secontext) {
char* fcon = nullptr;
int rc = lgetfilecon(path, &fcon);
@ -285,8 +287,10 @@ out:
chown(path, uid, -1);
setegid(AID_ROOT);
freecon(secontext);
setfscreatecon(NULL);
if (secontext) {
freecon(secontext);
setfscreatecon(NULL);
}
}
static void add_platform_device(const char *path)