Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / 9d9333ac86f6ee2dd9128fe0cf1ba2e6ae7323f9
commit9d9333ac86f6ee2dd9128fe0cf1ba2e6ae7323f9[log] [tgz]
authorJiyong Park <jiyong@google.com>Thu Jan 17 22:34:51 2019 +0900
committerJiyong Park <jiyong@google.com>Thu Jan 31 13:44:21 2019 +0900
tree991d5a4eeb15e29806a2b624d6e1bc45180805ff
parent4b3f2c6245f8f06a9a2fd597223ad9f675c69da4 [diff]
init can call setns

init now creates two mount namespaces one for pre-apexd processes and
the other for post-apexd processes. This is to mount different files to
the same mount point at /bionic. For pre-apexd processes, the bootstrap
Bionic is mounted. For post-apexd processes, the default Bionic (from
the runtime APEX) is mounted.

Using unshare and setns, init first starts with the mount namespace for
the pre-apexd and then switches to the other mount namespace when APEXes
are ready. It then occasionally switches to pre-apexd mount namespace
when it has to re-launch a pre-apexd process (e.g. the process has
crashed, etc.)

In doing so, read access to /proc/self/ns/mnt is granted to init as
well.

Bug: 120266448
Bug: 122717176
Test: m device boots
Change-Id: Idbf15cbf5cc36b9993d718d4d887cd8f23a94666
2 files changed
tree: 991d5a4eeb15e29806a2b624d6e1bc45180805ff
  1. apex/
  2. build/
  3. prebuilts/
  4. private/
  5. public/
  6. reqd_mask/
  7. tests/
  8. tools/
  9. vendor/
  10. .gitignore
  11. Android.bp
  12. Android.mk
  13. CleanSpec.mk
  14. definitions.mk
  15. file_contexts.mk
  16. hwservice_contexts.mk
  17. mac_permissions.mk
  18. MODULE_LICENSE_PUBLIC_DOMAIN
  19. NOTICE
  20. OWNERS
  21. PREUPLOAD.cfg
  22. property_contexts.mk
  23. README
  24. seapp_contexts.mk
  25. service_contexts.mk
  26. treble_sepolicy_tests_for_release.mk