Add is_credential_encrypted_path
Add an internal function to clarify the restorecon logic. Move the function to android.c so it can be unit tested. Test: build Bug: 317296680 Change-Id: I972fca7509504ab50de41374c1f5d6ed878bf42f
This commit is contained in:
parent
0562394766
commit
5fd6afea62
3 changed files with 23 additions and 13 deletions
|
@ -189,11 +189,18 @@ struct selabel_handle* selinux_android_keystore2_key_context_handle(void)
|
||||||
return context_handle(SELABEL_CTX_ANDROID_KEYSTORE2_KEY, &keystore2_context_paths, "keystore2");
|
return context_handle(SELABEL_CTX_ANDROID_KEYSTORE2_KEY, &keystore2_context_paths, "keystore2");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* The contents of these paths are encrypted on FBE devices until user
|
||||||
|
* credentials are presented (filenames inside are mangled), so we need
|
||||||
|
* to delay restorecon of those until vold explicitly requests it. */
|
||||||
|
// NOTE: these paths need to be kept in sync with vold
|
||||||
|
#define DATA_SYSTEM_CE_PATH "/data/system_ce"
|
||||||
|
#define DATA_VENDOR_CE_PATH "/data/vendor_ce"
|
||||||
|
#define DATA_MISC_CE_PATH "/data/misc_ce"
|
||||||
|
|
||||||
/* The path prefixes of package data directories. */
|
/* The path prefixes of package data directories. */
|
||||||
#define DATA_DATA_PATH "/data/data"
|
#define DATA_DATA_PATH "/data/data"
|
||||||
#define DATA_USER_PATH "/data/user"
|
#define DATA_USER_PATH "/data/user"
|
||||||
#define DATA_USER_DE_PATH "/data/user_de"
|
#define DATA_USER_DE_PATH "/data/user_de"
|
||||||
#define DATA_MISC_CE_PATH "/data/misc_ce"
|
|
||||||
#define DATA_MISC_DE_PATH "/data/misc_de"
|
#define DATA_MISC_DE_PATH "/data/misc_de"
|
||||||
#define DATA_STORAGE_AREA_PATH "/data/storage_area"
|
#define DATA_STORAGE_AREA_PATH "/data/storage_area"
|
||||||
#define SDK_SANDBOX_DATA_CE_PATH "/data/misc_ce/*/sdksandbox"
|
#define SDK_SANDBOX_DATA_CE_PATH "/data/misc_ce/*/sdksandbox"
|
||||||
|
@ -232,6 +239,12 @@ bool is_app_data_path(const char *pathname) {
|
||||||
!fnmatch(EXPAND_SDK_DE_PATH, pathname, flags));
|
!fnmatch(EXPAND_SDK_DE_PATH, pathname, flags));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
bool is_credential_encrypted_path(const char *pathname) {
|
||||||
|
return !strncmp(pathname, DATA_SYSTEM_CE_PATH, sizeof(DATA_SYSTEM_CE_PATH)-1) ||
|
||||||
|
!strncmp(pathname, DATA_MISC_CE_PATH, sizeof(DATA_MISC_CE_PATH)-1) ||
|
||||||
|
!strncmp(pathname, DATA_VENDOR_CE_PATH, sizeof(DATA_VENDOR_CE_PATH)-1);
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Extract the userid from a path.
|
* Extract the userid from a path.
|
||||||
* On success, pathname is updated past the userid.
|
* On success, pathname is updated past the userid.
|
||||||
|
|
|
@ -244,14 +244,6 @@ struct pkg_info *package_info_lookup(const char *name)
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* The contents of these paths are encrypted on FBE devices until user
|
|
||||||
* credentials are presented (filenames inside are mangled), so we need
|
|
||||||
* to delay restorecon of those until vold explicitly requests it. */
|
|
||||||
// NOTE: these paths need to be kept in sync with vold
|
|
||||||
#define DATA_SYSTEM_CE_PATH "/data/system_ce"
|
|
||||||
#define DATA_VENDOR_CE_PATH "/data/vendor_ce"
|
|
||||||
#define DATA_MISC_CE_PATH "/data/misc_ce"
|
|
||||||
|
|
||||||
#define USER_PROFILE_PATH "/data/misc/profiles/cur/*"
|
#define USER_PROFILE_PATH "/data/misc/profiles/cur/*"
|
||||||
|
|
||||||
static int pkgdir_selabel_lookup(const char *pathname,
|
static int pkgdir_selabel_lookup(const char *pathname,
|
||||||
|
@ -595,10 +587,7 @@ static int selinux_android_restorecon_common(const char* pathname_orig,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (skipce &&
|
if (skipce && is_credential_encrypted_path(ftsent->fts_path)) {
|
||||||
(!strncmp(ftsent->fts_path, DATA_SYSTEM_CE_PATH, sizeof(DATA_SYSTEM_CE_PATH)-1) ||
|
|
||||||
!strncmp(ftsent->fts_path, DATA_MISC_CE_PATH, sizeof(DATA_MISC_CE_PATH)-1) ||
|
|
||||||
!strncmp(ftsent->fts_path, DATA_VENDOR_CE_PATH, sizeof(DATA_VENDOR_CE_PATH)-1))) {
|
|
||||||
// Don't label anything below this directory.
|
// Don't label anything below this directory.
|
||||||
fts_set(fts, ftsent, FTS_SKIP);
|
fts_set(fts, ftsent, FTS_SKIP);
|
||||||
// but fall through and make sure we label the directory itself
|
// but fall through and make sure we label the directory itself
|
||||||
|
|
|
@ -62,6 +62,14 @@ struct selabel_handle* context_handle(
|
||||||
*/
|
*/
|
||||||
bool is_app_data_path(const char *pathname);
|
bool is_app_data_path(const char *pathname);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Determines if a path is Credential Encrypted (CE).
|
||||||
|
* Some paths are not available when the device first boots (these are protected
|
||||||
|
* by a credential). They should not be processed by restorecon until decrypted.
|
||||||
|
* See also the --skip-ce option for restorecon.
|
||||||
|
*/
|
||||||
|
bool is_credential_encrypted_path(const char *pathname);
|
||||||
|
|
||||||
/* Extract the pkgname and userid from a path.
|
/* Extract the pkgname and userid from a path.
|
||||||
* On success, the caller is responsible for free'ing pkgname.
|
* On success, the caller is responsible for free'ing pkgname.
|
||||||
* Returns 0 on success, -1 on invalid path, -2 on error.
|
* Returns 0 on success, -1 on invalid path, -2 on error.
|
||||||
|
|
Loading…
Reference in a new issue