commit 9f0544a518f20bb795a59b0b51ec89f5ef93de0f
author Mark Salyzyn <salyzyn@google.com> Tue Oct 02 11:10:30 2018 -0700
committer Mark Salyzyn <salyzyn@google.com> Tue Oct 02 14:08:04 2018 -0700
tree d56318eb4aaea4f69d4fd1dcde4320d07ee6d524
parent 36c99a6d20d37b24c5340900cfce612112a3e561

fs_mgr: overlayfs stop adding rootcontext= to mount

By adding the root context, we cause an issue with kernel security
profile, the kernel can kick back overlay mounts because the sepolicy
is not initialized.

observable error when we have root context setup:

SELinux: Unable to set superblock options before the security\
         server is initialized
init: [libfs_mgr]__mount(source=overlay,target=/system,\
         type=overlay,upperdir=/cache/overlay/system/upper)=-1:\
	 Invalid argument

root context was added initially due to paranoia, so the side effects
are non existent unless upperdir sepolicy is adjusted.

Test: manual
Bug: 109821005
Change-Id: Id218add0a32df3b2a4626d8cb8aa783760c78cc4

fs_mgr/fs_mgr_overlayfs.cpp

diff --git a/fs_mgr/fs_mgr_overlayfs.cpp b/fs_mgr/fs_mgr_overlayfs.cpp
index bc3e69e..07b2a7a 100644
--- a/fs_mgr/fs_mgr_overlayfs.cpp
+++ b/fs_mgr/fs_mgr_overlayfs.cpp
@@ -147,10 +147,8 @@
     auto candidate = fs_mgr_get_overlayfs_candidate(mount_point);
     if (candidate.empty()) return "";
 
-    auto context = fs_mgr_get_context(mount_point);
-    if (!context.empty()) context = ",rootcontext="s + context;
     return "override_creds=off,"s + kLowerdirOption + mount_point + "," + kUpperdirOption +
-           candidate + kUpperName + ",workdir=" + candidate + kWorkName + context;
+           candidate + kUpperName + ",workdir=" + candidate + kWorkName;
 }
 
 bool fs_mgr_system_root_image(const fstab* fstab) {