Gitiles
Code Review Sign In
review.blissroms.org / platform_system_core_old / b63156bca2550a677e0422673f87e08e3ba516ef^1..b63156bca2550a677e0422673f87e08e3ba516ef / .
commitb63156bca2550a677e0422673f87e08e3ba516ef[log] [tgz]
authorMihai Serban <mihai.serban@intel.com>Thu Apr 28 12:06:41 2016 +0000
committerandroid-build-merger <android-build-merger@google.com>Thu Apr 28 12:06:41 2016 +0000
treef1e9e3ec9d9648dfe436f2bcf3b8c58ead6ef117
parent7d81fa916f278aeb22b32fb7daec839538486168 [diff]
parent9dc0ad84204f3b83ed8afe86f9036cbf69d9c56d [diff]
Merge "ueventd: relabel block devices nodes when processing subsequent add events"
am: 94b0f37

* commit '94b0f3763f6dd4cfe2aaef9a4ce2ac7f029774c8':
  ueventd: relabel block devices nodes when processing subsequent add events

Change-Id: I9cfab12e0844991bd875d049e3e6ed3c50a27084

diff --git a/init/devices.cpp b/init/devices.cpp
index e74140b..d452dd3 100644
--- a/init/devices.cpp
+++ b/init/devices.cpp

@@ -244,7 +244,11 @@
 
     mode = get_device_perm(path, links, &uid, &gid) | (block ? S_IFBLK : S_IFCHR);
 
-    selabel_lookup_best_match(sehandle, &secontext, path, links, mode);
+    if (selabel_lookup_best_match(sehandle, &secontext, path, links, mode)) {
+        ERROR("Device '%s' not created; cannot find SELinux label (%s)\n",
+                path, strerror(errno));
+        return;
+    }
     setfscreatecon(secontext);
 
     dev = makedev(major, minor);
@@ -254,14 +258,19 @@
      * racy. Fixing the gid race at least fixed the issue with system_server
      * opening dynamic input devices under the AID_INPUT gid. */
     setegid(gid);
-    mknod(path, mode, dev);
+    /* If the node already exists update its SELinux label to handle cases when
+     * it was created with the wrong context during coldboot procedure. */
+    if (mknod(path, mode, dev) && (errno == EEXIST)) {
+        if (lsetfilecon(path, secontext)) {
+            ERROR("Cannot set '%s' SELinux label on '%s' device (%s)\n",
+                    secontext, path, strerror(errno));
+        }
+    }
     chown(path, uid, -1);
     setegid(AID_ROOT);
 
-    if (secontext) {
-        freecon(secontext);
-        setfscreatecon(NULL);
-    }
+    freecon(secontext);
+    setfscreatecon(NULL);
 }
 
 static void add_platform_device(const char *path)