No description
6cb5a36f4c
To determine the default encryption action, the mkdir command checks
whether the given path is a top-level directory of /data. However, it
assumed a path without any duplicate slashes or trailing slash(es).
While everyone *should* be providing paths without unnecessary slashes,
it is not guaranteed, as paths with unnecessary slashes still work
correctly for all other parts of the mkdir command, including the
SELinux label lookup and the actual directory creation. In particular,
the /data/fonts directory is being created using 'mkdir /data/fonts/'.
The effect is that the mkdir command thinks that /data/fonts/ is *not* a
top-level directory of /data, so it defaults to no encryption action.
Fortunately, the full command happens to use "encryption=Require", so we
dodged a bullet there, though the warning "Inferred action different
from explicit one" is still triggered.
There are a few approaches we could take here, including even just
fixing the /data/fonts/ command specifically, but I think the best
solution is to have mkdir clean its path at the very beginning. This
retains the Linux path semantics that people expect, while avoiding
surprises in path processing afterwards. This CL implements that.
Note, this CL intentionally changes the behavior of, and thus would
break, any existing cases where mkdir is used to create a top-level
/data directory using a path with unnecessary slashes and without using
an explicit encryption action. There are no known cases where this
already occurs, however. No cases exist in platform code, and vendor
init scripts shouldn't be creating top-level /data directories anyway.
Test: atest CtsInitTestCases
Test: Booted and verified that a trailing slash is no longer present in
the log message "Verified that /data/fonts/ has the encryption
policy ...". Also verified that the message "Inferred action
different ..." is no longer present just above it.
Bug: 232554803
Change-Id: Ie55c3ac1a2b1cf50632d54a1e565cb98c17b2a6a
|
||
|---|---|---|
| bootstat | ||
| cli-test | ||
| code_coverage | ||
| debuggerd | ||
| diagnose_usb | ||
| fastboot | ||
| fs_mgr | ||
| gatekeeperd | ||
| healthd | ||
| include | ||
| init | ||
| janitors | ||
| libappfuse | ||
| libasyncio | ||
| libbinderwrapper | ||
| libcrypto_utils | ||
| libcutils | ||
| libdiskconfig | ||
| libgrallocusage | ||
| libkeyutils | ||
| libmodprobe | ||
| libnetutils | ||
| libpackagelistparser | ||
| libprocessgroup | ||
| libsparse | ||
| libstats | ||
| libsuspend | ||
| libsync | ||
| libsystem | ||
| libsysutils | ||
| libusbhost | ||
| libutils | ||
| libvndksupport | ||
| llkd | ||
| mini_keyctl | ||
| mkbootfs | ||
| property_service | ||
| reboot | ||
| rootdir | ||
| run-as | ||
| sdcard | ||
| set-verity-state | ||
| shell_and_utilities | ||
| storaged | ||
| toolbox | ||
| trusty | ||
| usbd | ||
| watchdogd | ||
| .clang-format | ||
| .clang-format-2 | ||
| .clang-format-4 | ||
| .gitignore | ||
| CleanSpec.mk | ||
| METADATA | ||
| MODULE_LICENSE_APACHE2 | ||
| OWNERS | ||
| PREUPLOAD.cfg | ||
| rustfmt.toml | ||