Different blkid and fsck execution domains.
vold works with two broad classes of block devices: untrusted devices
that come in from the wild, and trusted devices like PrivateVolume
which are encrypted.
When running blkid and fsck, we pick which SELinux execution domain
to use based on which class the device belongs to.
Bug: 19993667
Change-Id: I2695f028710a4863f0c3b2ed6da437f466401272
diff --git a/Fat.cpp b/Fat.cpp
index 018fbeb..29b8598 100644
--- a/Fat.cpp
+++ b/Fat.cpp
@@ -37,12 +37,15 @@
#define LOG_TAG "Vold"
+#include <base/logging.h>
#include <cutils/log.h>
#include <cutils/properties.h>
+#include <selinux/selinux.h>
#include <logwrap/logwrap.h>
#include "Fat.h"
+#include "Utils.h"
#include "VoldUtil.h"
static char FSCK_MSDOS_PATH[] = "/system/bin/fsck_msdos";
@@ -65,8 +68,18 @@
args[2] = "-f";
args[3] = fsPath;
+ // Fat devices are currently always untrusted
+ if (setexeccon(android::vold::sFsckUntrustedContext)) {
+ LOG(ERROR) << "Failed to setexeccon()";
+ errno = EPERM;
+ return -1;
+ }
rc = android_fork_execvp(ARRAY_SIZE(args), (char **)args, &status,
false, true);
+ if (setexeccon(NULL)) {
+ abort();
+ }
+
if (rc != 0) {
SLOGE("Filesystem check failed due to logwrap error");
errno = EIO;