Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit dc20865e authored by Nikita Ioffe's avatar Nikita Ioffe Committed by Automerger Merge Worker
Browse files

Merge "Only allow debuggable Microdroid VMs to mount /vendor" into main am:... 

Merge "Only allow debuggable Microdroid VMs to mount /vendor" into main am: 7f9b2c17 am: a2aca7d7 am: ed67c48c

Original change: https://android-review.googlesource.com/c/platform/system/core/+/2648003



Change-Id: I89d2c0b6b96580ca80f498caf8602b522d9e17cf
Signed-off-by: default avatarAutomerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
parents 1c370dbf ed67c48c

init/first_stage_init.cpp

+12 −0
Original line number Diff line number Diff line
@@ -357,6 +357,18 @@ int FirstStageMain(int argc, char** argv) { 


    LOG(INFO) << "init first stage started!";



    // We only allow /vendor partition in debuggable Microdrod until it is verified during boot.

    // TODO(b/285855436): remove this check.

    if (IsMicrodroid()) {

        bool mount_vendor =

                cmdline.find("androidboot.microdroid.mount_vendor=1") != std::string::npos;

        bool debuggable =

                bootconfig.find("androidboot.microdroid.debuggable = \"1\"") != std::string::npos;

        if (mount_vendor && !debuggable) {

            LOG(FATAL) << "Attempted to mount /vendor partition for non-debuggable Microdroid VM";

        }

    }



    auto old_root_dir = std::unique_ptr<DIR, decltype(&closedir)>{opendir("/"), closedir};

    if (!old_root_dir) {

        PLOG(ERROR) << "Could not opendir(\"/\"), not freeing ramdisk";