Loading init/host_init_stubs.cpp +4 −0 Original line number Original line Diff line number Diff line Loading @@ -49,6 +49,10 @@ uint32_t HandlePropertySet(const std::string&, const std::string&, const std::st } } // selinux.h // selinux.h bool SelinuxHasVendorInit() { return true; } void SelabelInitialize() {} void SelabelInitialize() {} bool SelabelLookupFileContext(const std::string& key, int type, std::string* result) { bool SelabelLookupFileContext(const std::string& key, int type, std::string* result) { Loading init/host_init_stubs.h +1 −0 Original line number Original line Diff line number Diff line Loading @@ -56,6 +56,7 @@ uint32_t HandlePropertySet(const std::string& name, const std::string& value, const std::string& source_context, const ucred& cr, std::string* error); const std::string& source_context, const ucred& cr, std::string* error); // selinux.h // selinux.h bool SelinuxHasVendorInit(); void SelabelInitialize(); void SelabelInitialize(); bool SelabelLookupFileContext(const std::string& key, int type, std::string* result); bool SelabelLookupFileContext(const std::string& key, int type, std::string* result); Loading init/property_service.cpp +2 −1 Original line number Original line Diff line number Diff line Loading @@ -59,6 +59,7 @@ #include "init.h" #include "init.h" #include "persistent_properties.h" #include "persistent_properties.h" #include "property_type.h" #include "property_type.h" #include "selinux.h" #include "subcontext.h" #include "subcontext.h" #include "util.h" #include "util.h" Loading Loading @@ -542,7 +543,7 @@ static void LoadProperties(char* data, const char* filter, const char* filename) size_t flen = 0; size_t flen = 0; const char* context = kInitContext.c_str(); const char* context = kInitContext.c_str(); if (GetIntProperty("ro.vndk.version", 28) >= 28) { if (SelinuxHasVendorInit()) { for (const auto& [path_prefix, secontext] : paths_and_secontexts) { for (const auto& [path_prefix, secontext] : paths_and_secontexts) { if (StartsWith(filename, path_prefix)) { if (StartsWith(filename, path_prefix)) { context = secontext; context = secontext; Loading init/selinux.cpp +27 −0 Original line number Original line Diff line number Diff line Loading @@ -55,12 +55,14 @@ #include <android-base/chrono_utils.h> #include <android-base/chrono_utils.h> #include <android-base/file.h> #include <android-base/file.h> #include <android-base/logging.h> #include <android-base/logging.h> #include <android-base/parseint.h> #include <android-base/unique_fd.h> #include <android-base/unique_fd.h> #include <selinux/android.h> #include <selinux/android.h> #include "log.h" #include "log.h" #include "util.h" #include "util.h" using android::base::ParseInt; using android::base::Timer; using android::base::Timer; using android::base::unique_fd; using android::base::unique_fd; Loading Loading @@ -453,6 +455,31 @@ void SelinuxSetupKernelLogging() { selinux_set_callback(SELINUX_CB_LOG, cb); selinux_set_callback(SELINUX_CB_LOG, cb); } } // This function checks whether the sepolicy supports vendor init. bool SelinuxHasVendorInit() { if (!IsSplitPolicyDevice()) { // If this device does not split sepolicy files, vendor_init will be available in the latest // monolithic sepolicy file. return true; } std::string version; if (!GetVendorMappingVersion(&version)) { // Return true as the default if we failed to load the vendor sepolicy version. return true; } int major_version; std::string major_version_str(version, 0, version.find('.')); if (!ParseInt(major_version_str, &major_version)) { PLOG(ERROR) << "Failed to parse the vendor sepolicy major version " << major_version_str; // Return true as the default if we failed to parse the major version. return true; } return major_version >= 28; } // selinux_android_file_context_handle() takes on the order of 10+ms to run, so we want to cache // selinux_android_file_context_handle() takes on the order of 10+ms to run, so we want to cache // its value. selinux_android_restorecon() also needs an sehandle for file context look up. It // its value. selinux_android_restorecon() also needs an sehandle for file context look up. It // will create and store its own copy, but selinux_android_set_sehandle() can be used to provide // will create and store its own copy, but selinux_android_set_sehandle() can be used to provide Loading init/selinux.h +1 −0 Original line number Original line Diff line number Diff line Loading @@ -27,6 +27,7 @@ void SelinuxInitialize(); void SelinuxRestoreContext(); void SelinuxRestoreContext(); void SelinuxSetupKernelLogging(); void SelinuxSetupKernelLogging(); bool SelinuxHasVendorInit(); void SelabelInitialize(); void SelabelInitialize(); bool SelabelLookupFileContext(const std::string& key, int type, std::string* result); bool SelabelLookupFileContext(const std::string& key, int type, std::string* result); Loading Loading
init/host_init_stubs.cpp +4 −0 Original line number Original line Diff line number Diff line Loading @@ -49,6 +49,10 @@ uint32_t HandlePropertySet(const std::string&, const std::string&, const std::st } } // selinux.h // selinux.h bool SelinuxHasVendorInit() { return true; } void SelabelInitialize() {} void SelabelInitialize() {} bool SelabelLookupFileContext(const std::string& key, int type, std::string* result) { bool SelabelLookupFileContext(const std::string& key, int type, std::string* result) { Loading
init/host_init_stubs.h +1 −0 Original line number Original line Diff line number Diff line Loading @@ -56,6 +56,7 @@ uint32_t HandlePropertySet(const std::string& name, const std::string& value, const std::string& source_context, const ucred& cr, std::string* error); const std::string& source_context, const ucred& cr, std::string* error); // selinux.h // selinux.h bool SelinuxHasVendorInit(); void SelabelInitialize(); void SelabelInitialize(); bool SelabelLookupFileContext(const std::string& key, int type, std::string* result); bool SelabelLookupFileContext(const std::string& key, int type, std::string* result); Loading
init/property_service.cpp +2 −1 Original line number Original line Diff line number Diff line Loading @@ -59,6 +59,7 @@ #include "init.h" #include "init.h" #include "persistent_properties.h" #include "persistent_properties.h" #include "property_type.h" #include "property_type.h" #include "selinux.h" #include "subcontext.h" #include "subcontext.h" #include "util.h" #include "util.h" Loading Loading @@ -542,7 +543,7 @@ static void LoadProperties(char* data, const char* filter, const char* filename) size_t flen = 0; size_t flen = 0; const char* context = kInitContext.c_str(); const char* context = kInitContext.c_str(); if (GetIntProperty("ro.vndk.version", 28) >= 28) { if (SelinuxHasVendorInit()) { for (const auto& [path_prefix, secontext] : paths_and_secontexts) { for (const auto& [path_prefix, secontext] : paths_and_secontexts) { if (StartsWith(filename, path_prefix)) { if (StartsWith(filename, path_prefix)) { context = secontext; context = secontext; Loading
init/selinux.cpp +27 −0 Original line number Original line Diff line number Diff line Loading @@ -55,12 +55,14 @@ #include <android-base/chrono_utils.h> #include <android-base/chrono_utils.h> #include <android-base/file.h> #include <android-base/file.h> #include <android-base/logging.h> #include <android-base/logging.h> #include <android-base/parseint.h> #include <android-base/unique_fd.h> #include <android-base/unique_fd.h> #include <selinux/android.h> #include <selinux/android.h> #include "log.h" #include "log.h" #include "util.h" #include "util.h" using android::base::ParseInt; using android::base::Timer; using android::base::Timer; using android::base::unique_fd; using android::base::unique_fd; Loading Loading @@ -453,6 +455,31 @@ void SelinuxSetupKernelLogging() { selinux_set_callback(SELINUX_CB_LOG, cb); selinux_set_callback(SELINUX_CB_LOG, cb); } } // This function checks whether the sepolicy supports vendor init. bool SelinuxHasVendorInit() { if (!IsSplitPolicyDevice()) { // If this device does not split sepolicy files, vendor_init will be available in the latest // monolithic sepolicy file. return true; } std::string version; if (!GetVendorMappingVersion(&version)) { // Return true as the default if we failed to load the vendor sepolicy version. return true; } int major_version; std::string major_version_str(version, 0, version.find('.')); if (!ParseInt(major_version_str, &major_version)) { PLOG(ERROR) << "Failed to parse the vendor sepolicy major version " << major_version_str; // Return true as the default if we failed to parse the major version. return true; } return major_version >= 28; } // selinux_android_file_context_handle() takes on the order of 10+ms to run, so we want to cache // selinux_android_file_context_handle() takes on the order of 10+ms to run, so we want to cache // its value. selinux_android_restorecon() also needs an sehandle for file context look up. It // its value. selinux_android_restorecon() also needs an sehandle for file context look up. It // will create and store its own copy, but selinux_android_set_sehandle() can be used to provide // will create and store its own copy, but selinux_android_set_sehandle() can be used to provide Loading
init/selinux.h +1 −0 Original line number Original line Diff line number Diff line Loading @@ -27,6 +27,7 @@ void SelinuxInitialize(); void SelinuxRestoreContext(); void SelinuxRestoreContext(); void SelinuxSetupKernelLogging(); void SelinuxSetupKernelLogging(); bool SelinuxHasVendorInit(); void SelabelInitialize(); void SelabelInitialize(); bool SelabelLookupFileContext(const std::string& key, int type, std::string* result); bool SelabelLookupFileContext(const std::string& key, int type, std::string* result); Loading
