Merge "Fix permission of zram writeback and idle file" into main
diff --git a/init/Android.bp b/init/Android.bp
index 4025a6b..4ee3be2 100644
--- a/init/Android.bp
+++ b/init/Android.bp
@@ -176,6 +176,7 @@
"libxml2",
"lib_apex_manifest_proto_lite",
"update_metadata-protos",
+ "libgenfslabelsversion.ffi",
],
shared_libs: [
"libbase",
diff --git a/init/selinux.cpp b/init/selinux.cpp
index 5ced0b8..6316b4d 100644
--- a/init/selinux.cpp
+++ b/init/selinux.cpp
@@ -69,6 +69,7 @@
#include <android/avf_cc_flags.h>
#include <fs_avb/fs_avb.h>
#include <fs_mgr.h>
+#include <genfslabelsversion.h>
#include <libgsi/libgsi.h>
#include <libsnapshot/snapshot.h>
#include <selinux/android.h>
@@ -190,22 +191,6 @@
return true;
}
-int GetVendorGenfsVersion() {
- std::string line;
- if (!ReadFirstLine("/vendor/etc/selinux/genfs_labels_version.txt", &line)) {
- PLOG(ERROR) << "Failed to read /vendor/etc/selinux/genfs_labels_version.txt; assuming it's "
- "202404";
- return 202404;
- }
- int version;
- if (!ParseInt(line, &version)) {
- PLOG(ERROR) << "Failed to parse the genfs labels version " << line
- << "; assuming it's 202404";
- return 202404;
- }
- return version;
-}
-
constexpr const char plat_policy_cil_file[] = "/system/etc/selinux/plat_sepolicy.cil";
bool IsSplitPolicyDevice() {
@@ -342,11 +327,14 @@
std::vector<std::string> genfs_cil_files;
- int vendor_genfs_version = GetVendorGenfsVersion();
+ int vendor_genfs_version = get_genfs_labels_version();
std::string genfs_cil_file =
std::format("/system/etc/selinux/plat_sepolicy_genfs_{}.cil", vendor_genfs_version);
if (access(genfs_cil_file.c_str(), F_OK) != 0) {
+ LOG(INFO) << "Missing " << genfs_cil_file << "; skipping";
genfs_cil_file.clear();
+ } else {
+ LOG(INFO) << "Using " << genfs_cil_file << " for genfs labels";
}
// clang-format off
diff --git a/libprocessgroup/include/processgroup/processgroup.h b/libprocessgroup/include/processgroup/processgroup.h
index d27b568..6a026a7 100644
--- a/libprocessgroup/include/processgroup/processgroup.h
+++ b/libprocessgroup/include/processgroup/processgroup.h
@@ -16,7 +16,6 @@
#pragma once
-#include <sys/cdefs.h>
#include <sys/types.h>
#include <initializer_list>
#include <span>
@@ -24,8 +23,6 @@
#include <string_view>
#include <vector>
-__BEGIN_DECLS
-
static constexpr std::string CGROUPV2_HIERARCHY_NAME = "cgroup2";
bool CgroupsAvailable();
@@ -39,8 +36,6 @@
bool SetProcessProfiles(uid_t uid, pid_t pid, const std::vector<std::string>& profiles);
bool SetUserProfiles(uid_t uid, const std::vector<std::string>& profiles);
-__END_DECLS
-
bool SetTaskProfiles(pid_t tid, std::initializer_list<std::string_view> profiles,
bool use_fd_cache = false);
bool SetProcessProfiles(uid_t uid, pid_t pid, std::initializer_list<std::string_view> profiles);
@@ -50,7 +45,6 @@
bool SetProcessProfiles(uid_t uid, pid_t pid, std::span<const std::string_view> profiles);
#endif
-__BEGIN_DECLS
#ifndef __ANDROID_VNDK__
@@ -96,5 +90,3 @@
bool isProfileValidForProcess(const std::string& profile_name, uid_t uid, pid_t pid);
#endif // __ANDROID_VNDK__
-
-__END_DECLS
diff --git a/rootdir/init.rc b/rootdir/init.rc
index 8284435..6771c5f 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -596,6 +596,7 @@
mkdir /metadata/ota/snapshots 0750 root system
mkdir /metadata/watchdog 0770 root system
mkdir /metadata/tradeinmode 0770 root system
+ mkdir /metadata/prefetch 0770 root system
mkdir /metadata/apex 0700 root system
mkdir /metadata/apex/sessions 0700 root system