summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTom Cherry <tomcherry@google.com>2018-02-28 10:39:01 -0800
committerTom Cherry <tomcherry@google.com>2018-03-01 11:17:07 -0800
commitdc375869abb56a0ef8ee1299443866da1e76abb6 (patch)
treee03e34ce5f5aaca6196be9ba7a03241c91122b4b
parent69d47aa829fa5a48baeadeff0e04d03e58f147b7 (diff)
downloadcore-dc375869abb56a0ef8ee1299443866da1e76abb6.tar.gz
core-dc375869abb56a0ef8ee1299443866da1e76abb6.tar.bz2
core-dc375869abb56a0ef8ee1299443866da1e76abb6.zip
Restrict setting platform properties from vendor .prop files
We should only allow vendor-init-settable properties to be set from .prop files on /vendor and /odm. Bug: 73905119 Test: test on walleye that disallowed properties are rejected Change-Id: I2a5d244fdc71060ddda3e3d87442e831e6b97831
-rw-r--r--init/property_service.cpp32
-rw-r--r--init/subcontext.cpp8
-rw-r--r--init/subcontext.h1
3 files changed, 34 insertions, 7 deletions
diff --git a/init/property_service.cpp b/init/property_service.cpp
index 624780f64..95ef35c30 100644
--- a/init/property_service.cpp
+++ b/init/property_service.cpp
@@ -59,8 +59,11 @@
#include "init.h"
#include "persistent_properties.h"
#include "property_type.h"
+#include "subcontext.h"
#include "util.h"
+using namespace std::literals;
+
using android::base::ReadFileToString;
using android::base::Split;
using android::base::StartsWith;
@@ -533,11 +536,17 @@ static bool load_properties_from_file(const char *, const char *);
* Filter is used to decide which properties to load: NULL loads all keys,
* "ro.foo.*" is a prefix match, and "ro.foo.bar" is an exact match.
*/
-static void load_properties(char *data, const char *filter)
-{
+static void LoadProperties(char* data, const char* filter, const char* filename) {
char *key, *value, *eol, *sol, *tmp, *fn;
size_t flen = 0;
+ const char* context = kInitContext.c_str();
+ for (const auto& [path_prefix, secontext] : paths_and_secontexts) {
+ if (StartsWith(filename, path_prefix)) {
+ context = secontext;
+ }
+ }
+
if (filter) {
flen = strlen(filter);
}
@@ -584,7 +593,21 @@ static void load_properties(char *data, const char *filter)
}
}
- property_set(key, value);
+ if (StartsWith(key, "ctl.") || key == "sys.powerctl"s ||
+ key == "selinux.restorecon_recursive"s) {
+ LOG(ERROR) << "Ignoring disallowed property '" << key
+ << "' with special meaning in prop file '" << filename << "'";
+ continue;
+ }
+
+ uint32_t result = 0;
+ ucred cr = {.pid = 1, .uid = 0, .gid = 0};
+ std::string error;
+ result = HandlePropertySet(key, value, context, cr, &error);
+ if (result != PROP_SUCCESS) {
+ LOG(ERROR) << "Unable to set property '" << key << "' to '" << value
+ << "' in property file '" << filename << "': " << error;
+ }
}
}
}
@@ -600,7 +623,8 @@ static bool load_properties_from_file(const char* filename, const char* filter)
return false;
}
file_contents->push_back('\n');
- load_properties(file_contents->data(), filter);
+
+ LoadProperties(file_contents->data(), filter, filename);
LOG(VERBOSE) << "(Loading properties from " << filename << " took " << t << ".)";
return true;
}
diff --git a/init/subcontext.cpp b/init/subcontext.cpp
index 762492c87..c1846f76d 100644
--- a/init/subcontext.cpp
+++ b/init/subcontext.cpp
@@ -49,6 +49,11 @@ namespace init {
const std::string kInitContext = "u:r:init:s0";
const std::string kVendorContext = "u:r:vendor_init:s0";
+const char* const paths_and_secontexts[2][2] = {
+ {"/vendor", kVendorContext.c_str()},
+ {"/odm", kVendorContext.c_str()},
+};
+
namespace {
constexpr size_t kBufferSize = 4096;
@@ -349,9 +354,6 @@ Result<std::vector<std::string>> Subcontext::ExpandArgs(const std::vector<std::s
static std::vector<Subcontext> subcontexts;
std::vector<Subcontext>* InitializeSubcontexts() {
- static const char* const paths_and_secontexts[][2] = {
- {"/vendor", kVendorContext.c_str()},
- };
for (const auto& [path_prefix, secontext] : paths_and_secontexts) {
subcontexts.emplace_back(path_prefix, secontext);
}
diff --git a/init/subcontext.h b/init/subcontext.h
index 5601b8022..22d7d43bd 100644
--- a/init/subcontext.h
+++ b/init/subcontext.h
@@ -33,6 +33,7 @@ namespace init {
extern const std::string kInitContext;
extern const std::string kVendorContext;
+extern const char* const paths_and_secontexts[2][2];
class Subcontext {
public: