Only restorecon CE storage after unlocked.

On FBE devices, the filenames inside credential-encrypted directories
are mangled until the key is installed.  This means the initial
restorecon at boot needs to skip these directories until the keys
are installed.

This CL uses an existing facility to request that init run a
recursive restorecon over a given path, and it requests that
operation for the CE directories that would have been omitted by
the SKIPCE flag earlier during boot.

Bug: 30126557
Change-Id: I8c7abea27215075a091f615a7185a82a2f4a4a95

Ext4Crypt.cpp

@@ -747,6 +747,12 @@ bool e4crypt_prepare_user_storage(const char* volume_uuid, userid_t user_id, int
             if (!ensure_policy(ce_raw_ref, misc_ce_path)) return false;
             if (!ensure_policy(ce_raw_ref, media_ce_path)) return false;
             if (!ensure_policy(ce_raw_ref, user_ce_path)) return false;
+
+            // Now that credentials have been installed, we can run restorecon
+            // over these paths
+            // NOTE: these paths need to be kept in sync with libselinux
+            android::vold::RestoreconRecursive(system_ce_path);
+            android::vold::RestoreconRecursive(misc_ce_path);
         }
     }
 

PrivateVolume.cpp

@@ -137,23 +137,7 @@ status_t PrivateVolume::doMount() {
         return -EIO;
     }
 
-    LOG(VERBOSE) << "Starting restorecon of " << mPath;
-
-    // TODO: find a cleaner way of waiting for restorecon to finish
-    property_set("selinux.restorecon_recursive", "");
-    property_set("selinux.restorecon_recursive", mPath.c_str());
-
-    char value[PROPERTY_VALUE_MAX];
-    while (true) {
-        property_get("selinux.restorecon_recursive", value, "");
-        if (strcmp(mPath.c_str(), value) == 0) {
-            break;
-        }
-        sleep(1);
-        LOG(VERBOSE) << "Waiting for restorecon...";
-    }
-
-    LOG(VERBOSE) << "Finished restorecon of " << mPath;
+    RestoreconRecursive(mPath);
 
     // Verify that common directories are ready to roll
     if (PrepareDir(mPath + "/app", 0771, AID_SYSTEM, AID_SYSTEM) ||

Utils.cpp

@@ -646,6 +646,27 @@ std::string DefaultFstabPath() {
     return StringPrintf("/fstab.%s", hardware);
 }
 
+status_t RestoreconRecursive(const std::string& path) {
+    LOG(VERBOSE) << "Starting restorecon of " << path;
+
+    // TODO: find a cleaner way of waiting for restorecon to finish
+    const char* cpath = path.c_str();
+    property_set("selinux.restorecon_recursive", "");
+    property_set("selinux.restorecon_recursive", cpath);
+
+    char value[PROPERTY_VALUE_MAX];
+    while (true) {
+        property_get("selinux.restorecon_recursive", value, "");
+        if (strcmp(cpath, value) == 0) {
+            break;
+        }
+        usleep(100000); // 100ms
+    }
+
+    LOG(VERBOSE) << "Finished restorecon of " << path;
+    return OK;
+}
+
 status_t SaneReadLinkAt(int dirfd, const char* path, char* buf, size_t bufsiz) {
     ssize_t len = readlinkat(dirfd, path, buf, bufsiz);
     if (len < 0) {

Utils.h

@@ -114,6 +114,8 @@ dev_t GetDevice(const std::string& path);
 
 std::string DefaultFstabPath();
 
+status_t RestoreconRecursive(const std::string& path);
+
 status_t SaneReadLinkAt(int dirfd, const char* path, char* buf, size_t bufsiz);
 
 class ScopedFd {