Something went wrong on our end
Select Git revision
devices.cpp
-
Mihai Serban authoredThere is a race in ueventd's coldboot procedure that permits creation of device block nodes before platform devices are registered. This happens when the kernel sends events for adding block devices during ueventd's coldboot /sys walk. In this case the device node links used to compute the SELinux context are not known and the node is created under the generic context: u:object_r:block_device:s0. A second add event for block device nodes is triggered after the platform devices are handled by ueventd and the SELinux context is correctly computed but the mknod call fails because the node already exists. This patch handles this error case and updates the node's security context. The race is introduced by the uevent sent from the sdcard device probe function. The issue appears when this uevent is triggered during ueventd's coldboot procedure but before the /sys/devices recursive walk reached the corresponding sdcard platform device path. The backtrace looks something like: 1. ueventd_main() 2. device_init() 3. coldboot("/sys/devices"); 4. do_coldboot() 5. handle_device_fd() 6. handle_device_event() 6.1 handle_block_device_event() 6.2 handle_platform_device_event() Because handle_device_fd() reads all events from the netlink socket it may handle the add events for the sdcard partition nodes send occasionally by the kernel during coldboot /sys walk procedure. If handle_device_event() continues with handle_block_device_event() before handle_platform_device_event() registers the sdcard platform device then handle_block_device_event() will create device nodes without knowing all block device symlinks (get_block_device_symlinks()): 1. handle_device(path=/dev/block/mmcblk0p3, links = NULL) 2. make_device(path=/dev/block/mmcblk0p3, links = NULL) 3. selabel_lookup_best_match(path=/dev/block/mmcblk0p3, links = NULL) returns the default context (u:object_r:block_device:s0) for /dev/block/mmcblk0p3 instead of more specific context like: u:object_r:boot_block_device:s0 4. setfscreatecon(u:object_r:block_device:s0) 5. mknod(/dev/block/mmcblk0p3) So the node is create with the wrong context. Afterwards the coldboot /sys walk continues and make_device() will be called with correct path and links. But even if the secontext is computed correctly this time it will not be applied to the device node because mknod() fails. I see this issue randomly appearing (one time in 10 reboots) on a Minnoboard Turbot with external sdcard as the boot device. BUG=28388946 Signed-off-by:
Mihai Serban <mihai.serban@intel.com>
(cherry picked from commit 24a3cbfa)
Change-Id: I2d217f1c8d48553eb4a37457dbf27fff54051cf9Mihai Serban authoredThere is a race in ueventd's coldboot procedure that permits creation of device block nodes before platform devices are registered. This happens when the kernel sends events for adding block devices during ueventd's coldboot /sys walk. In this case the device node links used to compute the SELinux context are not known and the node is created under the generic context: u:object_r:block_device:s0. A second add event for block device nodes is triggered after the platform devices are handled by ueventd and the SELinux context is correctly computed but the mknod call fails because the node already exists. This patch handles this error case and updates the node's security context. The race is introduced by the uevent sent from the sdcard device probe function. The issue appears when this uevent is triggered during ueventd's coldboot procedure but before the /sys/devices recursive walk reached the corresponding sdcard platform device path. The backtrace looks something like: 1. ueventd_main() 2. device_init() 3. coldboot("/sys/devices"); 4. do_coldboot() 5. handle_device_fd() 6. handle_device_event() 6.1 handle_block_device_event() 6.2 handle_platform_device_event() Because handle_device_fd() reads all events from the netlink socket it may handle the add events for the sdcard partition nodes send occasionally by the kernel during coldboot /sys walk procedure. If handle_device_event() continues with handle_block_device_event() before handle_platform_device_event() registers the sdcard platform device then handle_block_device_event() will create device nodes without knowing all block device symlinks (get_block_device_symlinks()): 1. handle_device(path=/dev/block/mmcblk0p3, links = NULL) 2. make_device(path=/dev/block/mmcblk0p3, links = NULL) 3. selabel_lookup_best_match(path=/dev/block/mmcblk0p3, links = NULL) returns the default context (u:object_r:block_device:s0) for /dev/block/mmcblk0p3 instead of more specific context like: u:object_r:boot_block_device:s0 4. setfscreatecon(u:object_r:block_device:s0) 5. mknod(/dev/block/mmcblk0p3) So the node is create with the wrong context. Afterwards the coldboot /sys walk continues and make_device() will be called with correct path and links. But even if the secontext is computed correctly this time it will not be applied to the device node because mknod() fails. I see this issue randomly appearing (one time in 10 reboots) on a Minnoboard Turbot with external sdcard as the boot device. BUG=28388946 Signed-off-by:Mihai Serban <mihai.serban@intel.com>
(cherry picked from commit 24a3cbfa)
Change-Id: I2d217f1c8d48553eb4a37457dbf27fff54051cf9
devices.cpp 26.69 KiB
/*
* Copyright (C) 2007-2014 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include <errno.h>
#include <fnmatch.h>
#include <stddef.h>
#include <stdio.h>
#include <stdlib.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <fcntl.h>
#include <dirent.h>
#include <unistd.h>
#include <string.h>
#include <sys/socket.h>
#include <sys/un.h>
#include <linux/netlink.h>
#include <selinux/selinux.h>
#include <selinux/label.h>
#include <selinux/android.h>
#include <selinux/avc.h>
#include <private/android_filesystem_config.h>
#include <sys/time.h>
#include <sys/wait.h>
#include <android-base/file.h>
#include <cutils/list.h>
#include <cutils/uevent.h>
#include "devices.h"
#include "ueventd_parser.h"
#include "util.h"
#include "log.h"
#define SYSFS_PREFIX "/sys"
static const char *firmware_dirs[] = { "/etc/firmware",
"/vendor/firmware",
"/firmware/image" };
extern struct selabel_handle *sehandle;
static int device_fd = -1;
struct uevent {
const char *action;
const char *path;
const char *subsystem;
const char *firmware;
const char *partition_name;
const char *device_name;
int partition_num;
int major;
int minor;