commit 81a1b3ec235fa0a9d09c6b2156b623523a12678f
author Steven Moreland <smoreland@google.com> Mon May 20 22:31:11 2024 +0000
committer Steven Moreland <smoreland@google.com> Wed Jun 05 00:58:49 2024 +0000
tree fcd53ddecaabc440e1fa772458ce279d8eac8868
parent cdd4cb7db86d4cd89319d83da347744aac252717

init: enable 'user root' check at build time

For visibility.

We could make this only for new API levels, but it isn't
currently exposed at build time, and visibility is good
on upgrades.

Bug: 340953047
Test: build, on device passing and failing requirements
Change-Id: I3a0ea47560c65114bc1b8685954d1fb7687cb8df

init/Android.bp

diff --git a/init/Android.bp b/init/Android.bp
index dd1f9aa..6992da4 100644
--- a/init/Android.bp
+++ b/init/Android.bp
@@ -571,6 +571,11 @@
     ],
     export_include_dirs: ["test_utils/include"], // for tests
     header_libs: ["bionic_libc_platform_headers"],
+    product_variables: {
+        shipping_api_level: {
+            cflags: ["-DBUILD_SHIPPING_API_LEVEL=%s"],
+        },
+    },
 }
 
 // Host Verifier
@@ -625,6 +630,11 @@
             enabled: false,
         },
     },
+    product_variables: {
+        shipping_api_level: {
+            cflags: ["-DBUILD_SHIPPING_API_LEVEL=%s"],
+        },
+    },
 }
 
 cc_binary {

init/host_init_stubs.h

diff --git a/init/host_init_stubs.h b/init/host_init_stubs.h
index 753ed6b..2fef9d3 100644
--- a/init/host_init_stubs.h
+++ b/init/host_init_stubs.h
@@ -32,6 +32,7 @@
 #define __ANDROID_API_S__ 31
 #define __ANDROID_API_T__ 33
 #define __ANDROID_API_U__ 34
+#define __ANDROID_API_V__ 35
 
 // sys/system_properties.h
 #define PROP_VALUE_MAX 92

init/service_parser.cpp

diff --git a/init/service_parser.cpp b/init/service_parser.cpp
index de902e6..6781c70 100644
--- a/init/service_parser.cpp
+++ b/init/service_parser.cpp
@@ -52,6 +52,18 @@
 namespace android {
 namespace init {
 
+#ifdef INIT_FULL_SOURCES
+// on full sources, we have better information on device to
+// make this decision
+constexpr bool kAlwaysErrorUserRoot = false;
+#else
+constexpr uint64_t kBuildShippingApiLevel = BUILD_SHIPPING_API_LEVEL + 0 /* +0 if empty */;
+// on partial sources, the host build, we don't have the specific
+// vendor API level, but we can enforce things based on the
+// shipping API level.
+constexpr bool kAlwaysErrorUserRoot = kBuildShippingApiLevel > __ANDROID_API_V__;
+#endif
+
 Result<void> ServiceParser::ParseCapabilities(std::vector<std::string>&& args) {
     service_->capabilities_ = 0;
 
@@ -680,7 +692,8 @@
     }
 
     if (service_->proc_attr_.parsed_uid == std::nullopt) {
-        if (android::base::GetIntProperty("ro.vendor.api_level", 0) > 202404) {
+        if (kAlwaysErrorUserRoot ||
+            android::base::GetIntProperty("ro.vendor.api_level", 0) > 202404) {
             return Error() << "No user specified for service '" << service_->name()
                            << "', so it would have been root.";
         } else {