Only restorecon CE storage after unlocked.

On FBE devices, the filenames inside credential-encrypted directories
are mangled until the key is installed.  This means the initial
restorecon at boot needs to skip these directories until the keys
are installed.

This CL uses an existing facility to request that init run a
recursive restorecon over a given path, and it requests that
operation for the CE directories that would have been omitted by
the SKIPCE flag earlier during boot.

Bug: 30126557
Change-Id: I8c7abea27215075a091f615a7185a82a2f4a4a95

1 files changed, 21 insertions, 0 deletions

diff --git a/Utils.cpp b/Utils.cpp
index 7ae22c5..014055b 100644
--- a/Utils.cpp
+++ b/Utils.cpp
@@ -646,6 +646,27 @@ std::string DefaultFstabPath() {
     return StringPrintf("/fstab.%s", hardware);
 }
 
+status_t RestoreconRecursive(const std::string& path) {
+    LOG(VERBOSE) << "Starting restorecon of " << path;
+
+    // TODO: find a cleaner way of waiting for restorecon to finish
+    const char* cpath = path.c_str();
+    property_set("selinux.restorecon_recursive", "");
+    property_set("selinux.restorecon_recursive", cpath);
+
+    char value[PROPERTY_VALUE_MAX];
+    while (true) {
+        property_get("selinux.restorecon_recursive", value, "");
+        if (strcmp(cpath, value) == 0) {
+            break;
+        }
+        usleep(100000); // 100ms
+    }
+
+    LOG(VERBOSE) << "Finished restorecon of " << path;
+    return OK;
+}
+
 status_t SaneReadLinkAt(int dirfd, const char* path, char* buf, size_t bufsiz) {
     ssize_t len = readlinkat(dirfd, path, buf, bufsiz);
     if (len < 0) {