Merge "Restrict setting platform properties from vendor .prop files"

author: Tom Cherry 2018-03-01 19:12:32 -0600
committer: Gerrit Code Review 2018-03-01 19:12:32 -0600
commit: c3892c045ff82d57b9e584acdf32a2d7e1652f33 (patch)
tree: 953f27ebd3822c5f43a06192072dcc041c57d546
parent: a281389bf4b52bdbb7430ffec723a23e41606352 (diff)
parent: dc375869abb56a0ef8ee1299443866da1e76abb6 (diff)
download: platform-system-core-c3892c045ff82d57b9e584acdf32a2d7e1652f33.tar.gz
platform-system-core-c3892c045ff82d57b9e584acdf32a2d7e1652f33.tar.xz
platform-system-core-c3892c045ff82d57b9e584acdf32a2d7e1652f33.zip
3 files changed, 34 insertions, 7 deletions
diff --git a/init/property_service.cpp b/init/property_service.cpp
index 624780f64..95ef35c30 100644
--- a/init/property_service.cpp
+++ b/init/property_service.cpp
@@ -59,8 +59,11 @@
 #include "init.h"
 #include "persistent_properties.h"
 #include "property_type.h"
+#include "subcontext.h"
 #include "util.h"
+using namespace std::literals;
 using android::base::ReadFileToString;
 using android::base::Split;
 using android::base::StartsWith;
@@ -533,11 +536,17 @@ static bool load_properties_from_file(const char *, const char *);
 * Filter is used to decide which properties to load: NULL loads all keys,
 * "ro.foo.*" is a prefix match, and "ro.foo.bar" is an exact match.
 */
-static void load_properties(char *data, const char *filter)
+static void LoadProperties(char* data, const char* filter, const char* filename) {
-{
    char *key, *value, *eol, *sol, *tmp, *fn;
    size_t flen = 0;
+    const char* context = kInitContext.c_str();
+    for (const auto& [path_prefix, secontext] : paths_and_secontexts) {
+        if (StartsWith(filename, path_prefix)) {
+            context = secontext;
+        }
+    }
    if (filter) {
        flen = strlen(filter);
    }
@@ -584,7 +593,21 @@ static void load_properties(char *data, const char *filter)
                }
            }
-            property_set(key, value);
+            if (StartsWith(key, "ctl.") || key == "sys.powerctl"s ||
+                key == "selinux.restorecon_recursive"s) {
+                LOG(ERROR) << "Ignoring disallowed property '" << key
+                           << "' with special meaning in prop file '" << filename << "'";
+                continue;
+            }
+            uint32_t result = 0;
+            ucred cr = {.pid = 1, .uid = 0, .gid = 0};
+            std::string error;
+            result = HandlePropertySet(key, value, context, cr, &error);
+            if (result != PROP_SUCCESS) {
+                LOG(ERROR) << "Unable to set property '" << key << "' to '" << value
+                           << "' in property file '" << filename << "': " << error;
+            }
        }
    }
 }
@@ -600,7 +623,8 @@ static bool load_properties_from_file(const char* filename, const char* filter)
        return false;
    }
    file_contents->push_back('\n');
-    load_properties(file_contents->data(), filter);
+    LoadProperties(file_contents->data(), filter, filename);
    LOG(VERBOSE) << "(Loading properties from " << filename << " took " << t << ".)";
    return true;
 }
diff --git a/init/subcontext.cpp b/init/subcontext.cpp
index 762492c87..c1846f76d 100644
--- a/init/subcontext.cpp
+++ b/init/subcontext.cpp
@@ -49,6 +49,11 @@ namespace init {
 const std::string kInitContext = "u:r:init:s0";
 const std::string kVendorContext = "u:r:vendor_init:s0";
+const char* const paths_and_secontexts[2][2] = {
+    {"/vendor", kVendorContext.c_str()},
+    {"/odm", kVendorContext.c_str()},
+};
 namespace {
 constexpr size_t kBufferSize = 4096;
@@ -349,9 +354,6 @@ Result<std::vector<std::string>> Subcontext::ExpandArgs(const std::vector<std::s
 static std::vector<Subcontext> subcontexts;
 std::vector<Subcontext>* InitializeSubcontexts() {
-    static const char* const paths_and_secontexts[][2] = {
-        {"/vendor", kVendorContext.c_str()},
-    };
    for (const auto& [path_prefix, secontext] : paths_and_secontexts) {
        subcontexts.emplace_back(path_prefix, secontext);
    }
diff --git a/init/subcontext.h b/init/subcontext.h
index 5601b8022..22d7d43bd 100644
--- a/init/subcontext.h
+++ b/init/subcontext.h
@@ -33,6 +33,7 @@ namespace init {
 extern const std::string kInitContext;
 extern const std::string kVendorContext;
+extern const char* const paths_and_secontexts[2][2];
 class Subcontext {
  public:
author	Tom Cherry	2018-03-01 19:12:32 -0600
committer	Gerrit Code Review	2018-03-01 19:12:32 -0600
commit	c3892c045ff82d57b9e584acdf32a2d7e1652f33 (patch)
tree	953f27ebd3822c5f43a06192072dcc041c57d546
parent	a281389bf4b52bdbb7430ffec723a23e41606352 (diff)
parent	dc375869abb56a0ef8ee1299443866da1e76abb6 (diff)
download	platform-system-core-c3892c045ff82d57b9e584acdf32a2d7e1652f33.tar.gz platform-system-core-c3892c045ff82d57b9e584acdf32a2d7e1652f33.tar.xz platform-system-core-c3892c045ff82d57b9e584acdf32a2d7e1652f33.zip

diff --git a/init/property_service.cpp b/init/property_service.cpp index 624780f64..95ef35c30 100644 --- a/init/property_service.cpp +++ b/init/property_service.cpp
@@ -59,8 +59,11 @@
59	#include "init.h"	59	#include "init.h"
60	#include "persistent_properties.h"	60	#include "persistent_properties.h"
61	#include "property_type.h"	61	#include "property_type.h"
		62	#include "subcontext.h"
62	#include "util.h"	63	#include "util.h"
63		64
		65	using namespace std::literals;
		66
64	using android::base::ReadFileToString;	67	using android::base::ReadFileToString;
65	using android::base::Split;	68	using android::base::Split;
66	using android::base::StartsWith;	69	using android::base::StartsWith;
@@ -533,11 +536,17 @@ static bool load_properties_from_file(const char , const char );
533	* Filter is used to decide which properties to load: NULL loads all keys,	536	* Filter is used to decide which properties to load: NULL loads all keys,
534	* "ro.foo.*" is a prefix match, and "ro.foo.bar" is an exact match.	537	* "ro.foo.*" is a prefix match, and "ro.foo.bar" is an exact match.
535	*/	538	*/
536	static void load_properties(char data, const char filter)	539	static void LoadProperties(char* data, const char* filter, const char* filename) {
537	{
538	char key, value, eol, sol, tmp, fn;	540	char key, value, eol, sol, tmp, fn;
539	size_t flen = 0;	541	size_t flen = 0;
540		542
		543	const char* context = kInitContext.c_str();
		544	for (const auto& [path_prefix, secontext] : paths_and_secontexts) {
		545	if (StartsWith(filename, path_prefix)) {
		546	context = secontext;
		547	}
		548	}
		549
541	if (filter) {	550	if (filter) {
542	flen = strlen(filter);	551	flen = strlen(filter);
543	}	552	}
@@ -584,7 +593,21 @@ static void load_properties(char data, const char filter)
584	}	593	}
585	}	594	}
586		595
587	property_set(key, value);	596	if (StartsWith(key, "ctl.") \|\| key == "sys.powerctl"s \|\|
		597	key == "selinux.restorecon_recursive"s) {
		598	LOG(ERROR) << "Ignoring disallowed property '" << key
		599	<< "' with special meaning in prop file '" << filename << "'";
		600	continue;
		601	}
		602
		603	uint32_t result = 0;
		604	ucred cr = {.pid = 1, .uid = 0, .gid = 0};
		605	std::string error;
		606	result = HandlePropertySet(key, value, context, cr, &error);
		607	if (result != PROP_SUCCESS) {
		608	LOG(ERROR) << "Unable to set property '" << key << "' to '" << value
		609	<< "' in property file '" << filename << "': " << error;
		610	}
588	}	611	}
589	}	612	}
590	}	613	}
@@ -600,7 +623,8 @@ static bool load_properties_from_file(const char* filename, const char* filter)
600	return false;	623	return false;
601	}	624	}
602	file_contents->push_back('\n');	625	file_contents->push_back('\n');
603	load_properties(file_contents->data(), filter);	626
		627	LoadProperties(file_contents->data(), filter, filename);
604	LOG(VERBOSE) << "(Loading properties from " << filename << " took " << t << ".)";	628	LOG(VERBOSE) << "(Loading properties from " << filename << " took " << t << ".)";
605	return true;	629	return true;
606	}	630	}


diff --git a/init/subcontext.cpp b/init/subcontext.cpp index 762492c87..c1846f76d 100644 --- a/init/subcontext.cpp +++ b/init/subcontext.cpp
@@ -49,6 +49,11 @@ namespace init {
49	const std::string kInitContext = "u:r:init:s0";	49	const std::string kInitContext = "u:r:init:s0";
50	const std::string kVendorContext = "u:r:vendor_init:s0";	50	const std::string kVendorContext = "u:r:vendor_init:s0";
51		51
		52	const char* const paths_and_secontexts[2][2] = {
		53	{"/vendor", kVendorContext.c_str()},
		54	{"/odm", kVendorContext.c_str()},
		55	};
		56
52	namespace {	57	namespace {
53		58
54	constexpr size_t kBufferSize = 4096;	59	constexpr size_t kBufferSize = 4096;
@@ -349,9 +354,6 @@ Result<std::vector<std::string>> Subcontext::ExpandArgs(const std::vector<std::s
349	static std::vector<Subcontext> subcontexts;	354	static std::vector<Subcontext> subcontexts;
350		355
351	std::vector<Subcontext>* InitializeSubcontexts() {	356	std::vector<Subcontext>* InitializeSubcontexts() {
352	static const char* const paths_and_secontexts[][2] = {
353	{"/vendor", kVendorContext.c_str()},
354	};
355	for (const auto& [path_prefix, secontext] : paths_and_secontexts) {	357	for (const auto& [path_prefix, secontext] : paths_and_secontexts) {
356	subcontexts.emplace_back(path_prefix, secontext);	358	subcontexts.emplace_back(path_prefix, secontext);
357	}	359	}


diff --git a/init/subcontext.h b/init/subcontext.h index 5601b8022..22d7d43bd 100644 --- a/init/subcontext.h +++ b/init/subcontext.h
@@ -33,6 +33,7 @@ namespace init {
33		33
34	extern const std::string kInitContext;	34	extern const std::string kInitContext;
35	extern const std::string kVendorContext;	35	extern const std::string kVendorContext;
		36	extern const char* const paths_and_secontexts[2][2];
36		37
37	class Subcontext {	38	class Subcontext {
38	public:	39	public: