Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit c7a26dc2 authored by Martijn Coenen's avatar Martijn Coenen
Browse files

Move restorecon of /data earlier in boot sequence. 

A future early-boot daemon (on-device signing) needs to access
/data/misc before fs-verity keys are locked. Therefore, move the
restorecon of /data up a bit, to make sure the labels are correct. To be
safe, only run it after init_user0, since that function is responsible
for loading DE keys.

Also move early boot keys and fs-verity key locking a bit later, since
the on-device signing daemon needs to use both of these, but it also
needs the restorecon to function correctly.

Bug: 174740982
Test: manual
Change-Id: I9b6e44d9b547d420e1c6ba01fb3d3accc0625e20
parent ba73e995

rootdir/init.rc

+10 −10
Original line number Diff line number Diff line
@@ -856,13 +856,6 @@ on post-fs-data 
    wait_for_prop apexd.status activated

    perform_apex_config



    # Lock the fs-verity keyring, so no more keys can be added

    exec -- /system/bin/fsverity_init --lock



    # After apexes are mounted, tell keymaster early boot has ended, so it will

    # stop allowing use of early-boot keys

    exec - system system -- /system/bin/vdc keymaster earlyBootEnded



    # Special-case /data/media/obb per b/64566063

    mkdir /data/media 0770 media_rw media_rw encryption=None

    exec - media_rw media_rw -- /system/bin/chattr +F /data/media
@@ -872,15 +865,22 @@ on post-fs-data 


    init_user0



    # Set SELinux security contexts on upgrade or policy update.

    restorecon --recursive --skip-ce /data



    # After apexes are mounted, tell keymaster early boot has ended, so it will

    # stop allowing use of early-boot keys

    exec - system system -- /system/bin/vdc keymaster earlyBootEnded



    # Lock the fs-verity keyring, so no more keys can be added

    exec -- /system/bin/fsverity_init --lock



    # Allow apexd to snapshot and restore device encrypted apex data in the case

    # of a rollback. This should be done immediately after DE_user data keys

    # are loaded. APEXes should not access this data until this has been

    # completed and apexd.status becomes "ready".

    exec_start apexd-snapshotde



    # Set SELinux security contexts on upgrade or policy update.

    restorecon --recursive --skip-ce /data



    # Check any timezone data in /data is newer than the copy in the time zone data

    # module, delete if not.

    exec - system system -- /system/bin/tzdatacheck /apex/com.android.tzdata/etc/tz /data/misc/zoneinfo