On 05/08/2013 11:38 PM, William Roberts wrote:
So I looked into some abandoned patches I had in my repo and non of them
were applicable, or really any good :-P. I really think the cleanest way to
solve this is just set seclabel for anything that uses logwrapper. That way
you avoid the compute context issue.
Hmm...I was trying to avoid the need to manually specify a seclabel for
anything that runs from the system partition, as that is both prone to
accidental omission and hardcodes some policy information (the security
context) in the init.*.rc files that could get out of sync with the
actual policy. We only do it for the rootfs daemons (adbd and ueventd)
because those files are not individually labeled and that seemed
manageable as there are only a few such daemons.
I guess the question is what is worse:
- to require developers to remember to specify a seclabel whenever they
use logwrapper for a service, or
- to hardcode some knowledge in init about logwrapper and to adjust its
context computation in that case to be based on the program launched by
logwrapper.
Sample patch for the latter attached to help make it concrete.
>From 087ae21d2c417ae5763a7a11a25cd265819330b5 Mon Sep 17 00:00:00 2001
From: Stephen Smalley <[email protected]>
Date: Thu, 9 May 2013 10:18:50 -0400
Subject: [PATCH] Fix SELinux security context computation for logwrapper.
If executing logwrapper, adapt the SELinux security context
computation to be based on the security context of the executable
launched by logwrapper rather than logwrapper itself. This ensures
that sockets are correctly labeled when using logwrapper.
Signed-off-by: Stephen Smalley <[email protected]>
---
init/Android.mk | 2 ++
init/init.c | 14 ++++++++++++--
2 files changed, 14 insertions(+), 2 deletions(-)
diff --git a/init/Android.mk b/init/Android.mk
index 00d2144..e08ba0b 100644
--- a/init/Android.mk
+++ b/init/Android.mk
@@ -27,6 +27,8 @@ ifneq (,$(filter userdebug eng,$(TARGET_BUILD_VARIANT)))
LOCAL_CFLAGS += -DALLOW_LOCAL_PROP_OVERRIDE=1
endif
+LOCAL_CFLAGS += -DLOGWRAPPER_PATH=\"/system/bin/logwrapper\"
+
LOCAL_MODULE:= init
LOCAL_FORCE_STATIC_EXECUTABLE := true
diff --git a/init/init.c b/init/init.c
index 39df0ff..bc08d01 100755
--- a/init/init.c
+++ b/init/init.c
@@ -205,15 +205,25 @@ void service_start(struct service *svc, const char *dynamic_args)
}
} else {
char *mycon = NULL, *fcon = NULL;
+ const char *exe = svc->args[0];
+
+ if (!strcmp(svc->args[0], LOGWRAPPER_PATH)) {
+ for (n = 1; svc->args[n]; n++) {
+ if (*(svc->args[n]) != '-')
+ break;
+ }
+ if (svc->args[n])
+ exe = svc->args[n];
+ }
- INFO("computing context for service '%s'\n", svc->args[0]);
+ INFO("computing context for service '%s'\n", exe);
rc = getcon(&mycon);
if (rc < 0) {
ERROR("could not get context while starting '%s'\n", svc->name);
return;
}
- rc = getfilecon(svc->args[0], &fcon);
+ rc = getfilecon(exe, &fcon);
if (rc < 0) {
ERROR("could not get context while starting '%s'\n", svc->name);
freecon(mycon);
--
1.8.1.4
