Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit fa79ae87 authored by Tom Cherry's avatar Tom Cherry
Browse files

init: allow vendor init to action on any vendor or odm property 

Partial revert of "init: if vendor_init can read a property, let it be
a trigger too" (b35f827c).

We made a mistake when we allowed vendor init to action on any vendor
or odm property, since when a new SELinux label is created for a
vendor property, vendor_init does not automatically get read
permissions for it.

Recently, we tried to use read permissions instead of the built-in
list in init, but that broke due to the above mistaken.  Since we have
already launched with these permissions as is, we must restore them.

Bug: 118457755
Test: no denials for vendor init actionable properties on crosshatch
Change-Id: I7a9a560c9a54a177c6b83d28309e2f288f05d400
parent dd85c746

init/action_parser.cpp

+12 −0
Original line number Diff line number Diff line
@@ -40,6 +40,18 @@ bool IsActionableProperty(Subcontext* subcontext, const std::string& prop_name) 
        return true;

    }



    static constexpr const char* kPartnerPrefixes[] = {

            "init.svc.vendor.", "ro.vendor.",    "persist.vendor.",

            "vendor.",          "init.svc.odm.", "ro.odm.",

            "persist.odm.",     "odm.",          "ro.boot.",

    };



    for (const auto& prefix : kPartnerPrefixes) {

        if (android::base::StartsWith(prop_name, prefix)) {

            return true;

        }

    }



    return CanReadProperty(subcontext->context(), prop_name);

}