Gitiles
Code Review Sign In
gerrit.omnirom.org / android_frameworks_native / 8d276818c6d672139dad5426de6f22b58f80a5b2^! / . / cmds / installd / otapreopt_chroot.cpp
commit8d276818c6d672139dad5426de6f22b58f80a5b2[log] [tgz]
authorRoland Levillain <rpl@google.com>Thu Jan 24 10:51:30 2019 +0000
committerRoland Levillain <rpl@google.com>Mon Jan 28 22:43:33 2019 +0000
tree0aad61f8d5487838d63381e0356a24f03819aaa8
parent50ef7e0df8be70484e0bccb212fc3dd6469848df [diff] [blame]
Restore security context of `/postinstall/apex` earlier in otapreopt_chroot.

Invoke `selinux_android_restorecon` on `/postinstall/apex` just after
mounting a tmpfs filesystem in it, so that this directory is correctly
labeled (with type `postinstall_apex_mnt_dir`) and may be manipulated
in following operations (`chmod`, `chown`, etc.) following updated
policies restricted to `postinstall_apex_mnt_dir` (instead of
`tmpfs`).

Test: m otapreopt_chroot
Test: A/B OTA update test (asit/dexoptota/self_full).
Bug: 113373927
Bug: 120796514
Change-Id: I0b243a00e0443e439afda055d3b12aa9eefe0503

diff --git a/cmds/installd/otapreopt_chroot.cpp b/cmds/installd/otapreopt_chroot.cpp
index 9965d58..c0f8e91 100644
--- a/cmds/installd/otapreopt_chroot.cpp
+++ b/cmds/installd/otapreopt_chroot.cpp

@@ -151,11 +151,26 @@
     //   chown root root /apex
     //   restorecon /apex
     //
+    // except we perform the `restorecon` step just after mounting the tmpfs
+    // filesystem in /postinstall/apex, so that this directory is correctly
+    // labeled (with type `postinstall_apex_mnt_dir`) and may be manipulated in
+    // following operations (`chmod`, `chown`, etc.) following policies
+    // restricted to `postinstall_apex_mnt_dir`:
+    //
+    //   mount tmpfs tmpfs /postinstall/apex nodev noexec nosuid
+    //   restorecon /postinstall/apex
+    //   chmod 0755 /postinstall/apex
+    //   chown root root /postinstall/apex
+    //
     if (mount("tmpfs", kPostinstallApexDir, "tmpfs", MS_NODEV | MS_NOEXEC | MS_NOSUID, nullptr)
         != 0) {
         PLOG(ERROR) << "Failed to mount tmpfs in " << kPostinstallApexDir;
         exit(209);
     }
+    if (selinux_android_restorecon(kPostinstallApexDir, 0) < 0) {
+        PLOG(ERROR) << "Failed to restorecon " << kPostinstallApexDir;
+        exit(214);
+    }
     if (chmod(kPostinstallApexDir, 0755) != 0) {
         PLOG(ERROR) << "Failed to chmod " << kPostinstallApexDir << " to 0755";
         exit(210);
@@ -164,10 +179,6 @@
         PLOG(ERROR) << "Failed to chown " << kPostinstallApexDir << " to root:root";
         exit(211);
     }
-    if (selinux_android_restorecon(kPostinstallApexDir, 0) < 0) {
-        PLOG(ERROR) << "Failed to restorecon " << kPostinstallApexDir;
-        exit(212);
-    }
 
     // Chdir into /postinstall.
     if (chdir("/postinstall") != 0) {