From d24aeda425196a7ab0a19c00bc9a4ced6383432b Mon Sep 17 00:00:00 2001 From: Jeff Sharkey Date: Fri, 15 Jul 2016 16:20:22 -0600 Subject: [PATCH] Only restorecon CE storage after unlocked. On FBE devices, the filenames inside credential-encrypted directories are mangled until the key is installed. This means the initial restorecon at boot needs to skip these directories until the keys are installed. This CL uses an existing facility to request that init run a recursive restorecon over a given path, and it requests that operation for the CE directories that would have been omitted by the SKIPCE flag earlier during boot. Bug: 30126557 Change-Id: I8c7abea27215075a091f615a7185a82a2f4a4a95 --- Ext4Crypt.cpp | 6 ++++++ PrivateVolume.cpp | 18 +----------------- Utils.cpp | 21 +++++++++++++++++++++ Utils.h | 2 ++ 4 files changed, 30 insertions(+), 17 deletions(-) diff --git a/Ext4Crypt.cpp b/Ext4Crypt.cpp index a7d359e..472ffc8 100644 --- a/Ext4Crypt.cpp +++ b/Ext4Crypt.cpp @@ -747,6 +747,12 @@ bool e4crypt_prepare_user_storage(const char* volume_uuid, userid_t user_id, int if (!ensure_policy(ce_raw_ref, misc_ce_path)) return false; if (!ensure_policy(ce_raw_ref, media_ce_path)) return false; if (!ensure_policy(ce_raw_ref, user_ce_path)) return false; + + // Now that credentials have been installed, we can run restorecon + // over these paths + // NOTE: these paths need to be kept in sync with libselinux + android::vold::RestoreconRecursive(system_ce_path); + android::vold::RestoreconRecursive(misc_ce_path); } } diff --git a/PrivateVolume.cpp b/PrivateVolume.cpp index 21746b2..e5809fb 100644 --- a/PrivateVolume.cpp +++ b/PrivateVolume.cpp @@ -137,23 +137,7 @@ status_t PrivateVolume::doMount() { return -EIO; } - LOG(VERBOSE) << "Starting restorecon of " << mPath; - - // TODO: find a cleaner way of waiting for restorecon to finish - property_set("selinux.restorecon_recursive", ""); - property_set("selinux.restorecon_recursive", mPath.c_str()); - - char value[PROPERTY_VALUE_MAX]; - while (true) { - property_get("selinux.restorecon_recursive", value, ""); - if (strcmp(mPath.c_str(), value) == 0) { - break; - } - sleep(1); - LOG(VERBOSE) << "Waiting for restorecon..."; - } - - LOG(VERBOSE) << "Finished restorecon of " << mPath; + RestoreconRecursive(mPath); // Verify that common directories are ready to roll if (PrepareDir(mPath + "/app", 0771, AID_SYSTEM, AID_SYSTEM) || diff --git a/Utils.cpp b/Utils.cpp index 7ae22c5..014055b 100644 --- a/Utils.cpp +++ b/Utils.cpp @@ -646,6 +646,27 @@ std::string DefaultFstabPath() { return StringPrintf("/fstab.%s", hardware); } +status_t RestoreconRecursive(const std::string& path) { + LOG(VERBOSE) << "Starting restorecon of " << path; + + // TODO: find a cleaner way of waiting for restorecon to finish + const char* cpath = path.c_str(); + property_set("selinux.restorecon_recursive", ""); + property_set("selinux.restorecon_recursive", cpath); + + char value[PROPERTY_VALUE_MAX]; + while (true) { + property_get("selinux.restorecon_recursive", value, ""); + if (strcmp(cpath, value) == 0) { + break; + } + usleep(100000); // 100ms + } + + LOG(VERBOSE) << "Finished restorecon of " << path; + return OK; +} + status_t SaneReadLinkAt(int dirfd, const char* path, char* buf, size_t bufsiz) { ssize_t len = readlinkat(dirfd, path, buf, bufsiz); if (len < 0) { diff --git a/Utils.h b/Utils.h index 9abd322..4bfd8e9 100644 --- a/Utils.h +++ b/Utils.h @@ -114,6 +114,8 @@ dev_t GetDevice(const std::string& path); std::string DefaultFstabPath(); +status_t RestoreconRecursive(const std::string& path); + status_t SaneReadLinkAt(int dirfd, const char* path, char* buf, size_t bufsiz); class ScopedFd {