init: add SelabelInitialize() for subcontext
Children of init that use any of the SELinux wrapper functions, including make_dir(), mkdir_recursive(), and plenty others, need to first initialize the sehandle with SelabelInitialize(). I wish there were a better solution, but early init doesn't actually want this handle initialized, so that is a valid use case. Ueventd needs to initialize this before fork()'ing, so lazy initialization is not universally acceptable either. Likely we won't have other children that fork() then exec() init again, so this should be okay. Bug: 62875318 Test: init unit tests Test: sailfish creates directories with correct SELabel after wipe Change-Id: I6de937604a060e18945427418f15b90e0b9d5c37
This commit is contained in:
Tom Cherry
parent
b3959bb47e
commit
0d1452ee1b
1 changed files with 2 additions and 0 deletions
|
|
@ -28,6 +28,7 @@
|
|||
#include <selinux/android.h>
|
||||
|
||||
#include "action.h"
|
||||
#include "selinux.h"
|
||||
#include "system/core/init/subcontext.pb.h"
|
||||
#include "util.h"
|
||||
|
||||
|
|
@ -165,6 +166,7 @@ int SubcontextMain(int argc, char** argv, const KeywordFunctionMap* function_map
|
|||
auto context = std::string(argv[2]);
|
||||
auto init_fd = std::atoi(argv[3]);
|
||||
|
||||
SelabelInitialize();
|
||||
auto subcontext_process = SubcontextProcess(function_map, context, init_fd);
|
||||
subcontext_process.MainLoop();
|
||||
return 0;
|
||||
|
|
|
|||
Loading…
Reference in a new issue