From 6ca32e3531b2b58b2d4e93f87f89e944032f0cea Mon Sep 17 00:00:00 2001
From: Tianjie Xu <xunchang@google.com>
Date: Tue, 4 Apr 2017 21:00:53 +0000
Subject: [PATCH] Allow update_verifier to reboot the device

Currently update_verifier only verifies the blocks when dm-verity is in
'enforcing' mode; and dm-verity will reboot the device upon detection of
errors. However, sometimes the verity mode is not guaranteed to be
correct. When mode is 'eio' for example, dm-verity will not trigger
a reboot but rather fail the read. So update_verifier need to take the
responsibility to reboot the device. Otherwise the device will continue
to boot without setting the flag "isSlotMarkedSuccessful".

Denial message:
update_verifier: type=1400 audit(0.0:18): avc: denied { write } for
name="property_service" dev="tmpfs" ino=14678 scontext=u:r:update_verifier:s0
tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=0

Bug: 36260064
Test: powerctl property sets successfully

Change-Id: I1260e60f2ef4db50573e515ba95c332512c8ae62
(cherry picked from commit 0d8c1e0a33e4697e3459da5af892e3cc641370b6)
---
 public/update_verifier.te | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/public/update_verifier.te b/public/update_verifier.te
index 8c8e9a976..4d4e1f9ec 100644
--- a/public/update_verifier.te
+++ b/public/update_verifier.te
@@ -12,5 +12,8 @@ allow update_verifier ota_package_file:file r_file_perms;
 # Read all blocks in dm wrapped system partition.
 allow update_verifier dm_device:blk_file r_file_perms;
 
+# Allow update_verifier to reboot the device.
+set_prop(update_verifier, powerctl_prop)
+
 # Use Boot Control HAL
 hal_client_domain(update_verifier, hal_bootctl)
-- 
GitLab