ueventd: do not reference init's sehandle
Init exposes a global 'sehandle' that ueventd references as part of
devices.cpp and util.cpp. This is particularly dangerous in
device_init() in which both uevent and init write to this global.
This change creates a separate local copy for devices.cpp and puts
restrictions on where init.h can be included to make sure the global
used by init is not reference by non-init code. Future changes to
init should remove this global.
Test: Boot bullhead
Change-Id: Ifefa9e1932e9d647d06cca2618f5c8e5a7a85460
diff --git a/init/devices.cpp b/init/devices.cpp
index 11687f0..74f099a 100644
--- a/init/devices.cpp
+++ b/init/devices.cpp
@@ -54,7 +54,11 @@
#include "ueventd.h"
#include "util.h"
-extern struct selabel_handle *sehandle;
+#ifdef _INIT_INIT_H
+#error "Do not include init.h in files used by ueventd or watchdogd; it will expose init's globals"
+#endif
+
+static selabel_handle* sehandle;
static android::base::unique_fd device_fd;
@@ -554,7 +558,7 @@
}
static void make_link_init(const std::string& oldpath, const std::string& newpath) {
- if (mkdir_recursive(dirname(newpath.c_str()), 0755)) {
+ if (mkdir_recursive(dirname(newpath.c_str()), 0755, sehandle)) {
PLOG(ERROR) << "Failed to create directory " << dirname(newpath.c_str());
}
@@ -599,7 +603,7 @@
if (uevent->major < 0 || uevent->minor < 0) return;
const char* base = "/dev/block/";
- make_dir(base, 0755);
+ make_dir(base, 0755, sehandle);
std::string name = android::base::Basename(uevent->path);
std::string devpath = base + name;
@@ -641,7 +645,7 @@
devpath = "/dev/" + android::base::Basename(uevent->path);
}
- mkdir_recursive(android::base::Dirname(devpath), 0755);
+ mkdir_recursive(android::base::Dirname(devpath), 0755, sehandle);
auto links = get_character_device_symlinks(uevent);