diff options
Diffstat (limited to 'init/init.c')
| -rwxr-xr-x | init/init.c | 79 |
1 files changed, 33 insertions, 46 deletions
diff --git a/init/init.c b/init/init.c index b2e39bd..b28b0ab 100755 --- a/init/init.c +++ b/init/init.c @@ -32,11 +32,9 @@ #include <sys/socket.h> #include <sys/un.h> -#ifdef HAVE_SELINUX #include <selinux/selinux.h> #include <selinux/label.h> #include <selinux/android.h> -#endif #include <libgen.h> @@ -58,11 +56,10 @@ #include "init_parser.h" #include "util.h" #include "ueventd.h" +#include "watchdogd.h" -#ifdef HAVE_SELINUX struct selabel_handle *sehandle; struct selabel_handle *sehandle_prop; -#endif static int property_triggers_enabled = 0; @@ -76,9 +73,7 @@ static char hardware[32]; static unsigned revision = 0; static char qemu[32]; -#ifdef HAVE_SELINUX static int selinux_enabled = 1; -#endif static struct action *cur_action = NULL; static struct command *cur_command = NULL; @@ -162,10 +157,9 @@ void service_start(struct service *svc, const char *dynamic_args) pid_t pid; int needs_console; int n; -#ifdef HAVE_SELINUX char *scon = NULL; int rc; -#endif + /* starting a service removes it from the disabled or reset * state and immediately takes it out of the restarting * state if it was in there @@ -202,33 +196,39 @@ void service_start(struct service *svc, const char *dynamic_args) return; } -#ifdef HAVE_SELINUX if (is_selinux_enabled() > 0) { - char *mycon = NULL, *fcon = NULL; + if (svc->seclabel) { + scon = strdup(svc->seclabel); + if (!scon) { + ERROR("Out of memory while starting '%s'\n", svc->name); + return; + } + } else { + char *mycon = NULL, *fcon = NULL; - INFO("computing context for service '%s'\n", svc->args[0]); - rc = getcon(&mycon); - if (rc < 0) { - ERROR("could not get context while starting '%s'\n", svc->name); - return; - } + INFO("computing context for service '%s'\n", svc->args[0]); + rc = getcon(&mycon); + if (rc < 0) { + ERROR("could not get context while starting '%s'\n", svc->name); + return; + } - rc = getfilecon(svc->args[0], &fcon); - if (rc < 0) { - ERROR("could not get context while starting '%s'\n", svc->name); - freecon(mycon); - return; - } + rc = getfilecon(svc->args[0], &fcon); + if (rc < 0) { + ERROR("could not get context while starting '%s'\n", svc->name); + freecon(mycon); + return; + } - rc = security_compute_create(mycon, fcon, string_to_security_class("process"), &scon); - freecon(mycon); - freecon(fcon); - if (rc < 0) { - ERROR("could not get context while starting '%s'\n", svc->name); - return; + rc = security_compute_create(mycon, fcon, string_to_security_class("process"), &scon); + freecon(mycon); + freecon(fcon); + if (rc < 0) { + ERROR("could not get context while starting '%s'\n", svc->name); + return; + } } } -#endif NOTICE("starting '%s'\n", svc->name); @@ -250,9 +250,7 @@ void service_start(struct service *svc, const char *dynamic_args) for (ei = svc->envvars; ei; ei = ei->next) add_environment(ei->name, ei->value); -#ifdef HAVE_SELINUX setsockcreatecon(scon); -#endif for (si = svc->sockets; si; si = si->next) { int socket_type = ( @@ -265,11 +263,9 @@ void service_start(struct service *svc, const char *dynamic_args) } } -#ifdef HAVE_SELINUX freecon(scon); scon = NULL; setsockcreatecon(NULL); -#endif if (svc->ioprio_class != IoSchedClass_NONE) { if (android_set_ioprio(getpid(), svc->ioprio_class, svc->ioprio_pri)) { @@ -315,15 +311,12 @@ void service_start(struct service *svc, const char *dynamic_args) _exit(127); } } - -#ifdef HAVE_SELINUX if (svc->seclabel) { if (is_selinux_enabled() > 0 && setexeccon(svc->seclabel) < 0) { ERROR("cannot setexeccon('%s'): %s\n", svc->seclabel, strerror(errno)); _exit(127); } } -#endif if (!dynamic_args) { if (execve(svc->args[0], (char**) svc->args, (char**) ENV) < 0) { @@ -350,9 +343,7 @@ void service_start(struct service *svc, const char *dynamic_args) _exit(127); } -#ifdef HAVE_SELINUX freecon(scon); -#endif if (pid < 0) { ERROR("failed to start '%s'\n", svc->name); @@ -603,11 +594,9 @@ static void import_kernel_nv(char *name, int for_emulator) *value++ = 0; if (name_len == 0) return; -#ifdef HAVE_SELINUX if (!strcmp(name,"selinux")) { selinux_enabled = atoi(value); } -#endif if (for_emulator) { /* in the emulator, export any kernel option with the @@ -755,9 +744,8 @@ static int bootchart_init_action(int nargs, char **args) } #endif -#ifdef HAVE_SELINUX static const struct selinux_opt seopts_prop[] = { - { SELABEL_OPT_PATH, "/data/system/property_contexts" }, + { SELABEL_OPT_PATH, "/data/security/property_contexts" }, { SELABEL_OPT_PATH, "/property_contexts" }, { 0, NULL } }; @@ -814,8 +802,6 @@ int audit_callback(void *data, security_class_t cls, char *buf, size_t len) return 0; } -#endif - int main(int argc, char **argv) { int fd_count = 0; @@ -831,6 +817,9 @@ int main(int argc, char **argv) if (!strcmp(basename(argv[0]), "ueventd")) return ueventd_main(argc, argv); + if (!strcmp(basename(argv[0]), "watchdogd")) + return watchdogd_main(argc, argv); + /* clear the umask */ umask(0); @@ -866,7 +855,6 @@ int main(int argc, char **argv) process_kernel_cmdline(); -#ifdef HAVE_SELINUX union selinux_callback cb; cb.func_log = klog_write; selinux_set_callback(SELINUX_CB_LOG, cb); @@ -891,7 +879,6 @@ int main(int argc, char **argv) */ restorecon("/dev"); restorecon("/dev/socket"); -#endif is_charger = !strcmp(bootmode, "charger"); |