diff --git a/libselinux/src/android/android.c b/libselinux/src/android/android.c index dfd8fa21..1b78c8f1 100644 --- a/libselinux/src/android/android.c +++ b/libselinux/src/android/android.c @@ -189,11 +189,18 @@ struct selabel_handle* selinux_android_keystore2_key_context_handle(void) return context_handle(SELABEL_CTX_ANDROID_KEYSTORE2_KEY, &keystore2_context_paths, "keystore2"); } +/* The contents of these paths are encrypted on FBE devices until user + * credentials are presented (filenames inside are mangled), so we need + * to delay restorecon of those until vold explicitly requests it. */ +// NOTE: these paths need to be kept in sync with vold +#define DATA_SYSTEM_CE_PATH "/data/system_ce" +#define DATA_VENDOR_CE_PATH "/data/vendor_ce" +#define DATA_MISC_CE_PATH "/data/misc_ce" + /* The path prefixes of package data directories. */ #define DATA_DATA_PATH "/data/data" #define DATA_USER_PATH "/data/user" #define DATA_USER_DE_PATH "/data/user_de" -#define DATA_MISC_CE_PATH "/data/misc_ce" #define DATA_MISC_DE_PATH "/data/misc_de" #define DATA_STORAGE_AREA_PATH "/data/storage_area" #define SDK_SANDBOX_DATA_CE_PATH "/data/misc_ce/*/sdksandbox" @@ -232,6 +239,12 @@ bool is_app_data_path(const char *pathname) { !fnmatch(EXPAND_SDK_DE_PATH, pathname, flags)); } +bool is_credential_encrypted_path(const char *pathname) { + return !strncmp(pathname, DATA_SYSTEM_CE_PATH, sizeof(DATA_SYSTEM_CE_PATH)-1) || + !strncmp(pathname, DATA_MISC_CE_PATH, sizeof(DATA_MISC_CE_PATH)-1) || + !strncmp(pathname, DATA_VENDOR_CE_PATH, sizeof(DATA_VENDOR_CE_PATH)-1); +} + /* * Extract the userid from a path. * On success, pathname is updated past the userid. diff --git a/libselinux/src/android/android_device.c b/libselinux/src/android/android_device.c index e45469ac..3759b6ec 100644 --- a/libselinux/src/android/android_device.c +++ b/libselinux/src/android/android_device.c @@ -244,14 +244,6 @@ struct pkg_info *package_info_lookup(const char *name) return NULL; } -/* The contents of these paths are encrypted on FBE devices until user - * credentials are presented (filenames inside are mangled), so we need - * to delay restorecon of those until vold explicitly requests it. */ -// NOTE: these paths need to be kept in sync with vold -#define DATA_SYSTEM_CE_PATH "/data/system_ce" -#define DATA_VENDOR_CE_PATH "/data/vendor_ce" -#define DATA_MISC_CE_PATH "/data/misc_ce" - #define USER_PROFILE_PATH "/data/misc/profiles/cur/*" static int pkgdir_selabel_lookup(const char *pathname, @@ -595,10 +587,7 @@ static int selinux_android_restorecon_common(const char* pathname_orig, } } - if (skipce && - (!strncmp(ftsent->fts_path, DATA_SYSTEM_CE_PATH, sizeof(DATA_SYSTEM_CE_PATH)-1) || - !strncmp(ftsent->fts_path, DATA_MISC_CE_PATH, sizeof(DATA_MISC_CE_PATH)-1) || - !strncmp(ftsent->fts_path, DATA_VENDOR_CE_PATH, sizeof(DATA_VENDOR_CE_PATH)-1))) { + if (skipce && is_credential_encrypted_path(ftsent->fts_path)) { // Don't label anything below this directory. fts_set(fts, ftsent, FTS_SKIP); // but fall through and make sure we label the directory itself diff --git a/libselinux/src/android/android_internal.h b/libselinux/src/android/android_internal.h index d3adebf1..ada11078 100644 --- a/libselinux/src/android/android_internal.h +++ b/libselinux/src/android/android_internal.h @@ -62,6 +62,14 @@ struct selabel_handle* context_handle( */ bool is_app_data_path(const char *pathname); +/* + * Determines if a path is Credential Encrypted (CE). + * Some paths are not available when the device first boots (these are protected + * by a credential). They should not be processed by restorecon until decrypted. + * See also the --skip-ce option for restorecon. + */ +bool is_credential_encrypted_path(const char *pathname); + /* Extract the pkgname and userid from a path. * On success, the caller is responsible for free'ing pkgname. * Returns 0 on success, -1 on invalid path, -2 on error.