Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 751f2fa5 authored by Logan Chien's avatar Logan Chien Committed by Gerrit Code Review
Browse files

Merge "init: Use sepolicy version instead"

parents a6a266af 837b2a4c

init/host_init_stubs.cpp

+4 −0
Original line number Diff line number Diff line
@@ -49,6 +49,10 @@ uint32_t HandlePropertySet(const std::string&, const std::string&, const std::st 
}



// selinux.h

bool SelinuxHasVendorInit() {

    return true;

}



void SelabelInitialize() {}



bool SelabelLookupFileContext(const std::string& key, int type, std::string* result) {

init/host_init_stubs.h

+1 −0
Original line number Diff line number Diff line
@@ -56,6 +56,7 @@ uint32_t HandlePropertySet(const std::string& name, const std::string& value, 
                           const std::string& source_context, const ucred& cr, std::string* error);



// selinux.h

bool SelinuxHasVendorInit();

void SelabelInitialize();

bool SelabelLookupFileContext(const std::string& key, int type, std::string* result);

init/property_service.cpp

+2 −1
Original line number Diff line number Diff line
@@ -59,6 +59,7 @@ 
#include "init.h"

#include "persistent_properties.h"

#include "property_type.h"

#include "selinux.h"

#include "subcontext.h"

#include "util.h"
@@ -542,7 +543,7 @@ static void LoadProperties(char* data, const char* filter, const char* filename) 
    size_t flen = 0;



    const char* context = kInitContext.c_str();

    if (GetIntProperty("ro.vndk.version", 28) >= 28) {

    if (SelinuxHasVendorInit()) {

        for (const auto& [path_prefix, secontext] : paths_and_secontexts) {

            if (StartsWith(filename, path_prefix)) {

                context = secontext;

init/selinux.cpp

+27 −0
Original line number Diff line number Diff line
@@ -55,12 +55,14 @@ 
#include <android-base/chrono_utils.h>

#include <android-base/file.h>

#include <android-base/logging.h>

#include <android-base/parseint.h>

#include <android-base/unique_fd.h>

#include <selinux/android.h>



#include "log.h"

#include "util.h"



using android::base::ParseInt;

using android::base::Timer;

using android::base::unique_fd;
@@ -453,6 +455,31 @@ void SelinuxSetupKernelLogging() { 
    selinux_set_callback(SELINUX_CB_LOG, cb);

}



// This function checks whether the sepolicy supports vendor init.

bool SelinuxHasVendorInit() {

    if (!IsSplitPolicyDevice()) {

        // If this device does not split sepolicy files, vendor_init will be available in the latest

        // monolithic sepolicy file.

        return true;

    }



    std::string version;

    if (!GetVendorMappingVersion(&version)) {

        // Return true as the default if we failed to load the vendor sepolicy version.

        return true;

    }



    int major_version;

    std::string major_version_str(version, 0, version.find('.'));

    if (!ParseInt(major_version_str, &major_version)) {

        PLOG(ERROR) << "Failed to parse the vendor sepolicy major version " << major_version_str;

        // Return true as the default if we failed to parse the major version.

        return true;

    }



    return major_version >= 28;

}



// selinux_android_file_context_handle() takes on the order of 10+ms to run, so we want to cache

// its value.  selinux_android_restorecon() also needs an sehandle for file context look up.  It

// will create and store its own copy, but selinux_android_set_sehandle() can be used to provide

init/selinux.h

+1 −0
Original line number Diff line number Diff line
@@ -27,6 +27,7 @@ void SelinuxInitialize(); 
void SelinuxRestoreContext();



void SelinuxSetupKernelLogging();

bool SelinuxHasVendorInit();



void SelabelInitialize();

bool SelabelLookupFileContext(const std::string& key, int type, std::string* result);