diff options
| author | Tom Cherry <tomcherry@google.com> | 2018-02-28 10:39:01 -0800 |
|---|---|---|
| committer | Tom Cherry <tomcherry@google.com> | 2018-03-01 11:17:07 -0800 |
| commit | dc375869abb56a0ef8ee1299443866da1e76abb6 (patch) | |
| tree | e03e34ce5f5aaca6196be9ba7a03241c91122b4b /init/property_service.cpp | |
| parent | 69d47aa829fa5a48baeadeff0e04d03e58f147b7 (diff) | |
| download | system_core-dc375869abb56a0ef8ee1299443866da1e76abb6.tar.gz system_core-dc375869abb56a0ef8ee1299443866da1e76abb6.tar.bz2 system_core-dc375869abb56a0ef8ee1299443866da1e76abb6.zip | |
Restrict setting platform properties from vendor .prop files
We should only allow vendor-init-settable properties to be set from
.prop files on /vendor and /odm.
Bug: 73905119
Test: test on walleye that disallowed properties are rejected
Change-Id: I2a5d244fdc71060ddda3e3d87442e831e6b97831
Diffstat (limited to 'init/property_service.cpp')
| -rw-r--r-- | init/property_service.cpp | 32 |
1 files changed, 28 insertions, 4 deletions
diff --git a/init/property_service.cpp b/init/property_service.cpp index 624780f64..95ef35c30 100644 --- a/init/property_service.cpp +++ b/init/property_service.cpp @@ -59,8 +59,11 @@ #include "init.h" #include "persistent_properties.h" #include "property_type.h" +#include "subcontext.h" #include "util.h" +using namespace std::literals; + using android::base::ReadFileToString; using android::base::Split; using android::base::StartsWith; @@ -533,11 +536,17 @@ static bool load_properties_from_file(const char *, const char *); * Filter is used to decide which properties to load: NULL loads all keys, * "ro.foo.*" is a prefix match, and "ro.foo.bar" is an exact match. */ -static void load_properties(char *data, const char *filter) -{ +static void LoadProperties(char* data, const char* filter, const char* filename) { char *key, *value, *eol, *sol, *tmp, *fn; size_t flen = 0; + const char* context = kInitContext.c_str(); + for (const auto& [path_prefix, secontext] : paths_and_secontexts) { + if (StartsWith(filename, path_prefix)) { + context = secontext; + } + } + if (filter) { flen = strlen(filter); } @@ -584,7 +593,21 @@ static void load_properties(char *data, const char *filter) } } - property_set(key, value); + if (StartsWith(key, "ctl.") || key == "sys.powerctl"s || + key == "selinux.restorecon_recursive"s) { + LOG(ERROR) << "Ignoring disallowed property '" << key + << "' with special meaning in prop file '" << filename << "'"; + continue; + } + + uint32_t result = 0; + ucred cr = {.pid = 1, .uid = 0, .gid = 0}; + std::string error; + result = HandlePropertySet(key, value, context, cr, &error); + if (result != PROP_SUCCESS) { + LOG(ERROR) << "Unable to set property '" << key << "' to '" << value + << "' in property file '" << filename << "': " << error; + } } } } @@ -600,7 +623,8 @@ static bool load_properties_from_file(const char* filename, const char* filter) return false; } file_contents->push_back('\n'); - load_properties(file_contents->data(), filter); + + LoadProperties(file_contents->data(), filter, filename); LOG(VERBOSE) << "(Loading properties from " << filename << " took " << t << ".)"; return true; } |