From 0d1452ee1b2fb137e175064f4b84b1db8dde6487 Mon Sep 17 00:00:00 2001
From: Tom Cherry <tomcherry@google.com>
Date: Thu, 19 Oct 2017 14:39:35 -0700
Subject: [PATCH] init: add SelabelInitialize() for subcontext

Children of init that use any of the SELinux wrapper functions,
including make_dir(), mkdir_recursive(), and plenty others, need to
first initialize the sehandle with SelabelInitialize().

I wish there were a better solution, but early init doesn't actually
want this handle initialized, so that is a valid use case.  Ueventd
needs to initialize this before fork()'ing, so lazy initialization is
not universally acceptable either.  Likely we won't have other
children that fork() then exec() init again, so this should be okay.

Bug: 62875318

Test: init unit tests
Test: sailfish creates directories with correct SELabel after wipe
Change-Id: I6de937604a060e18945427418f15b90e0b9d5c37
---
 init/subcontext.cpp | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/init/subcontext.cpp b/init/subcontext.cpp
index 927953d67..84feeeee4 100644
--- a/init/subcontext.cpp
+++ b/init/subcontext.cpp
@@ -28,6 +28,7 @@
 #include <selinux/android.h>
 
 #include "action.h"
+#include "selinux.h"
 #include "system/core/init/subcontext.pb.h"
 #include "util.h"
 
@@ -165,6 +166,7 @@ int SubcontextMain(int argc, char** argv, const KeywordFunctionMap* function_map
     auto context = std::string(argv[2]);
     auto init_fd = std::atoi(argv[3]);
 
+    SelabelInitialize();
     auto subcontext_process = SubcontextProcess(function_map, context, init_fd);
     subcontext_process.MainLoop();
     return 0;