Move __system_properties_reload to LIBC from LIBC_PLATFORM
The zygote cannot have visiblity to LIBC_PLATFORM methods. Therefore,
move __system_properties_reload to LIBC, and rename it
__system_properties_zygote_reload, and indicate in comments that it
should not be used by non-zygote apps
Bug: 291814949
Test: atest CtsBionicRootTestCases
Change-Id: Iee8fa0c76b740543c05a433393f2f4bef36d6d3d
diff --git a/libc/bionic/system_property_api.cpp b/libc/bionic/system_property_api.cpp
index 847473a..8fdea59 100644
--- a/libc/bionic/system_property_api.cpp
+++ b/libc/bionic/system_property_api.cpp
@@ -29,6 +29,7 @@
#define _REALLY_INCLUDE_SYS__SYSTEM_PROPERTIES_H_
#include <sys/_system_properties.h>
+#include <async_safe/CHECK.h>
#include <system_properties/prop_area.h>
#include <system_properties/system_properties.h>
@@ -131,6 +132,7 @@
}
__BIONIC_WEAK_FOR_NATIVE_BRIDGE
-int __system_properties_reload() {
+int __system_properties_zygote_reload(void) {
+ CHECK(getpid() == gettid());
return system_properties.Reload(false) ? 0 : -1;
}
diff --git a/libc/include/sys/_system_properties.h b/libc/include/sys/_system_properties.h
index 098f355..30dea89 100644
--- a/libc/include/sys/_system_properties.h
+++ b/libc/include/sys/_system_properties.h
@@ -131,13 +131,15 @@
/*
* Reloads the system properties from disk.
+ * Not intended for use by any apps except the Zygote. Should only be called from the main thread.
*
* NOTE: Any pointers received from methods such as __system_property_find should be assumed to be
* invalid after this method is called.
*
- * Returns 0 on success, -1 otherwise
+ * Returns 0 on success, -1 if the system properties failed to re-initialize (same conditions as
+ * __system properties_init)
*/
-int __system_properties_reload();
+int __system_properties_zygote_reload(void); __INTRODUCED_IN(__ANDROID_API_V__)
/* Deprecated: use __system_property_wait instead. */
uint32_t __system_property_wait_any(uint32_t __old_serial);
diff --git a/libc/libc.map.txt b/libc/libc.map.txt
index d737946..156e9ee 100644
--- a/libc/libc.map.txt
+++ b/libc/libc.map.txt
@@ -1600,6 +1600,7 @@
tzalloc;
tzfree;
wcsrtombs_l;
+ __system_properties_zygote_reload; # apex
} LIBC_U;
LIBC_PRIVATE {
@@ -1806,7 +1807,6 @@
__system_property_area_init;
__system_property_set_filename;
__system_property_update;
- __system_properties_reload;
android_fdsan_get_fd_table;
android_fdtrack_compare_exchange_hook; # llndk
android_fdtrack_get_enabled; # llndk
diff --git a/libc/system_properties/system_properties.cpp b/libc/system_properties/system_properties.cpp
index e0b771c..9dd5e35 100644
--- a/libc/system_properties/system_properties.cpp
+++ b/libc/system_properties/system_properties.cpp
@@ -382,8 +382,8 @@
} else if (is_override) {
// We already wrote the ro.*, but appcompat_override.ro.* should override that. We don't
// need to do the usual dirty bit setting, as this only happens during the init process,
- // before any readers are started.
- CHECK(getpid() == 1);
+ // before any readers are started. Check that only init or root can write appcompat props.
+ CHECK(getpid() == 1 || getuid() == 0);
atomic_thread_fence(memory_order_release);
strlcpy(other_pi->value, value, valuelen + 1);
}