diff options
| -rw-r--r-- | crypto/cryptfs/Android.mk | 8 | ||||
| -rw-r--r-- | crypto/cryptsettings/Android.mk | 5 | ||||
| -rw-r--r-- | crypto/cryptsettings/cryptsettings.c | 4 | ||||
| -rw-r--r-- | crypto/fs_mgr/Android.mk | 4 | ||||
| -rw-r--r-- | fixPermissions.cpp | 59 | ||||
| -rw-r--r-- | fixPermissions.hpp | 3 | ||||
| -rw-r--r-- | minui/Android.mk | 7 | ||||
| -rw-r--r-- | minuitwrp/Android.mk | 3 | ||||
| -rw-r--r-- | partition.cpp | 72 | ||||
| -rw-r--r-- | partitionmanager.cpp | 2 | ||||
| -rw-r--r-- | partitions.hpp | 3 |
11 files changed, 156 insertions, 14 deletions
diff --git a/crypto/cryptfs/Android.mk b/crypto/cryptfs/Android.mk index 62713fed7..f0388c228 100644 --- a/crypto/cryptfs/Android.mk +++ b/crypto/cryptfs/Android.mk @@ -40,9 +40,9 @@ LOCAL_SHARED_LIBRARIES += libcrypto LOCAL_LDFLAGS += -ldl LOCAL_STATIC_LIBRARIES += libmtdutils -LOCAL_STATIC_LIBRARIES += libminadbd libminzip libunz -LOCAL_STATIC_LIBRARIES += libminuitwrp libpixelflinger_static libpng libjpegtwrp libgui -LOCAL_SHARED_LIBRARIES += libz libc libstlport libcutils libstdc++ libmincrypt libext4_utils +LOCAL_STATIC_LIBRARIES += libminzip libunz +LOCAL_STATIC_LIBRARIES += libpixelflinger_static libpng libmincrypttwrp +LOCAL_SHARED_LIBRARIES += libz libc libstlport libcutils libstdc++ libext4_utils LOCAL_STATIC_LIBRARIES += libcrypt_samsung @@ -51,4 +51,4 @@ LOCAL_STATIC_LIBRARIES += $(TARGET_RECOVERY_UI_LIB) LOCAL_MODULE_CLASS := UTILITY_EXECUTABLES LOCAL_MODULE_PATH := $(PRODUCT_OUT)/utilities include $(BUILD_EXECUTABLE) -endif
\ No newline at end of file +endif diff --git a/crypto/cryptsettings/Android.mk b/crypto/cryptsettings/Android.mk index 73b6b4a8b..3a5704891 100644 --- a/crypto/cryptsettings/Android.mk +++ b/crypto/cryptsettings/Android.mk @@ -7,8 +7,11 @@ LOCAL_CFLAGS:= -g -c -W LOCAL_MODULE:=cryptsettings LOCAL_MODULE_TAGS:= eng LOCAL_SHARED_LIBRARIES += libc libcutils +ifeq ($(TW_INCLUDE_JB_CRYPTO), true) +LOCAL_CFLAGS += -DTW_INCLUDE_JB_CRYPTO LOCAL_STATIC_LIBRARIES += libfs_mgrtwrp +endif LOCAL_MODULE_CLASS := UTILITY_EXECUTABLES LOCAL_MODULE_PATH := $(PRODUCT_OUT)/utilities include $(BUILD_EXECUTABLE) -endif
\ No newline at end of file +endif diff --git a/crypto/cryptsettings/cryptsettings.c b/crypto/cryptsettings/cryptsettings.c index 79fad7198..4fa2b9354 100644 --- a/crypto/cryptsettings/cryptsettings.c +++ b/crypto/cryptsettings/cryptsettings.c @@ -5,7 +5,9 @@ #include <stdlib.h> #include <sys/stat.h> #include <fcntl.h> +#ifdef TW_INCLUDE_JB_CRYPTO #include "../crypto/fs_mgr/include/fs_mgr.h" +#endif #include "cutils/properties.h" @@ -41,11 +43,13 @@ int main(void) printf("TW_CRYPTO_FS_FLAGS := \"%s\"\n", prop); property_get("ro.crypto.keyfile.userdata", prop, "footer"); printf("TW_CRYPTO_KEY_LOC := \"%s\"\n", prop); +#ifdef TW_INCLUDE_JB_CRYPTO printf("\n*** NEW FOR JELLY BEAN:\n"); strcpy(fstab_filename, FSTAB_PREFIX); property_get("ro.hardware", fstab_filename + sizeof(FSTAB_PREFIX) - 1, ""); fs_mgr_get_crypt_info(fstab_filename, key_loc, blk_dev, sizeof(key_loc)); printf("fstab file location: '%s'\n\nTW_INCLUDE_JB_CRYPTO := true\n", fstab_filename); +#endif return 0; } diff --git a/crypto/fs_mgr/Android.mk b/crypto/fs_mgr/Android.mk index f638e98c2..4196710af 100644 --- a/crypto/fs_mgr/Android.mk +++ b/crypto/fs_mgr/Android.mk @@ -1,5 +1,5 @@ # Copyright 2011 The Android Open Source Project - +ifeq ($(TW_INCLUDE_JB_CRYPTO), true) LOCAL_PATH:= $(call my-dir) include $(CLEAR_VARS) @@ -16,7 +16,6 @@ LOCAL_EXPORT_C_INCLUDE_DIRS := $(LOCAL_PATH)/include include $(BUILD_STATIC_LIBRARY) - include $(CLEAR_VARS) LOCAL_SRC_FILES:= fs_mgr_main.c @@ -34,3 +33,4 @@ LOCAL_STATIC_LIBRARIES := libfs_mgrtwrp liblogwraptwrp libcutils liblog libc lib include $(BUILD_EXECUTABLE) +endif diff --git a/fixPermissions.cpp b/fixPermissions.cpp index 2fa1b66f2..78e7654f6 100644 --- a/fixPermissions.cpp +++ b/fixPermissions.cpp @@ -30,10 +30,63 @@ #include "fixPermissions.hpp" #include "twrp-functions.hpp" #include "twcommon.h" +#ifdef HAVE_SELINUX +#include "selinux/selinux.h" +#include "selinux/label.h" +#include "selinux/android.h" +#include "selinux/label.h" +#endif using namespace std; using namespace rapidxml; +#ifdef HAVE_SELINUX +int fixPermissions::restorecon(string entry, struct stat *sb) { + char *oldcontext, *newcontext; + struct selabel_handle *sehandle; + + sehandle = selinux_android_file_context_handle(); + if (lgetfilecon(entry.c_str(), &oldcontext) < 0) { + LOGINFO("Couldn't get selinux context for %s\n", entry.c_str()); + return -1; + } + if (selabel_lookup(sehandle, &newcontext, entry.c_str(), sb->st_mode) < 0) { + LOGINFO("Couldn't lookup selinux context for %s\n", entry.c_str()); + return -1; + } + LOGINFO("Relabeling %s from %s to %s\n", entry.c_str(), oldcontext, newcontext); + if (lsetfilecon(entry.c_str(), newcontext) < 0) { + LOGINFO("Couldn't label %s with %s: %s\n", entry.c_str(), newcontext, strerror(errno)); + } + freecon(oldcontext); + freecon(newcontext); + return 0; +} + +int fixPermissions::fixDataDataContexts(void) { + DIR *d; + struct dirent *de; + struct stat sb; + struct selabel_handle *selinux_handle; + struct selinux_opt selinux_options[] = { + { SELABEL_OPT_PATH, "/file_contexts" } + }; + selinux_handle = selabel_open(SELABEL_CTX_FILE, selinux_options, 1); + if (!selinux_handle) + printf("No file contexts for SELinux\n"); + else + printf("SELinux contexts loaded from /file_contexts\n"); + d = opendir("/data/data"); + while (( de = readdir(d)) != NULL) { + stat(de->d_name, &sb); + string f = "/data/data/"; + f = f + de->d_name; + restorecon(f, &sb); + } + return 0; +} +#endif + int fixPermissions::fixPerms(bool enable_debug, bool remove_data_for_missing_apps) { packageFile = "/data/system/packages.xml"; debug = enable_debug; @@ -116,6 +169,10 @@ int fixPermissions::fixPerms(bool enable_debug, bool remove_data_for_missing_app return -1; } } + #ifdef HAVE_SELINUX + gui_print("Fixing /data/data contexts.\n"); + fixDataDataContexts(); + #endif gui_print("Done fixing permissions.\n"); return 0; } @@ -225,7 +282,7 @@ int fixPermissions::fixSystemApps() { while (temp != NULL) { if (TWFunc::Path_Exists(temp->codePath)) { if (temp->appDir.compare("/system/app") == 0) { - if (debug) { + if (debug) { LOGINFO("Looking at '%s'\n", temp->codePath.c_str()); LOGINFO("Fixing permissions on '%s'\n", temp->pkgName.c_str()); LOGINFO("Directory: '%s'\n", temp->appDir.c_str()); diff --git a/fixPermissions.hpp b/fixPermissions.hpp index 491029a62..aa6f60964 100644 --- a/fixPermissions.hpp +++ b/fixPermissions.hpp @@ -27,6 +27,9 @@ class fixPermissions { int fixDataApps(); int fixAllFiles(string directory, int gid, int uid, string file_perms); int fixDataData(string dataDir); + int fixDataDataContexts(void); + int restorecon(std::string entry, struct stat *sb); + struct package { string pkgName; string codePath; diff --git a/minui/Android.mk b/minui/Android.mk index 232ebb2bf..9bda6dd36 100644 --- a/minui/Android.mk +++ b/minui/Android.mk @@ -1,7 +1,12 @@ LOCAL_PATH := $(call my-dir) include $(CLEAR_VARS) -LOCAL_SRC_FILES := graphics.c events.c resources.c +LOCAL_SRC_FILES := events.c resources.c +ifneq ($(BOARD_CUSTOM_GRAPHICS),) + LOCAL_SRC_FILES += $(BOARD_CUSTOM_GRAPHICS) +else + LOCAL_SRC_FILES += graphics.c +endif LOCAL_C_INCLUDES +=\ external/libpng\ diff --git a/minuitwrp/Android.mk b/minuitwrp/Android.mk index e1bf76ef1..6e5f45f0b 100644 --- a/minuitwrp/Android.mk +++ b/minuitwrp/Android.mk @@ -16,9 +16,6 @@ LOCAL_C_INCLUDES += \ system/core/include \ external/jpeg -LOCAL_C_INCLUDES += \ - bootable/recovery/libjpegtwrp - ifeq ($(RECOVERY_TOUCHSCREEN_SWAP_XY), true) LOCAL_CFLAGS += -DRECOVERY_TOUCHSCREEN_SWAP_XY endif diff --git a/partition.cpp b/partition.cpp index c1e214e52..061a3e189 100644 --- a/partition.cpp +++ b/partition.cpp @@ -57,6 +57,31 @@ using namespace std; extern struct selabel_handle *selinux_handle; +struct flag_list { + const char *name; + unsigned flag; +}; + +static struct flag_list mount_flags[] = { + { "noatime", MS_NOATIME }, + { "noexec", MS_NOEXEC }, + { "nosuid", MS_NOSUID }, + { "nodev", MS_NODEV }, + { "nodiratime", MS_NODIRATIME }, + { "ro", MS_RDONLY }, + { "rw", 0 }, + { "remount", MS_REMOUNT }, + { "bind", MS_BIND }, + { "rec", MS_REC }, + { "unbindable", MS_UNBINDABLE }, + { "private", MS_PRIVATE }, + { "slave", MS_SLAVE }, + { "shared", MS_SHARED }, + { "sync", MS_SYNCHRONOUS }, + { "defaults", 0 }, + { 0, 0 }, +}; + TWPartition::TWPartition(void) { Can_Be_Mounted = false; Can_Be_Wiped = false; @@ -101,6 +126,8 @@ TWPartition::TWPartition(void) { Storage_Path = ""; Current_File_System = ""; Fstab_File_System = ""; + Mount_Flags = 0; + Mount_Options = ""; Format_Block_Size = 0; Ignore_Blkid = false; Retain_Layout_Version = false; @@ -373,6 +400,38 @@ bool TWPartition::Process_Fstab_Line(string Line, bool Display_Error) { return true; } +bool TWPartition::Process_FS_Flags(string& Options, int Flags) { + int i; + char *p; + char *savep; + char fs_options[250]; + + strlcpy(fs_options, Options.c_str(), sizeof(fs_options)); + Options = ""; + + p = strtok_r(fs_options, ",", &savep); + while (p) { + /* Look for the flag "p" in the flag list "fl" + * If not found, the loop exits with fl[i].name being null. + */ + for (i = 0; mount_flags[i].name; i++) { + if (strncmp(p, mount_flags[i].name, strlen(mount_flags[i].name)) == 0) { + Flags |= mount_flags[i].flag; + break; + } + } + + if (!mount_flags[i].name) { + if (Options.size() > 0) + Options += ","; + Options += p; + } + p = strtok_r(NULL, ",", &savep); + } + + return true; +} + bool TWPartition::Process_Flags(string Flags, bool Display_Error) { char flags[MAX_FSTAB_LINE_LENGTH]; int flags_len, index = 0, ptr_len; @@ -474,6 +533,15 @@ bool TWPartition::Process_Flags(string Flags, bool Display_Error) { } else { Use_Userdata_Encryption = false; } + } else if (ptr_len > 8 && strncmp(ptr, "fsflags=", 8) == 0) { + ptr += 8; + if (*ptr == '\"') ptr++; + + Mount_Options = ptr; + if (Mount_Options.substr(Mount_Options.size() - 1, 1) == "\"") { + Mount_Options.resize(Mount_Options.size() - 1); + } + Process_FS_Flags(Mount_Options, Mount_Flags); } else { if (Display_Error) LOGERR("Unhandled flag: '%s'\n", ptr); @@ -872,7 +940,7 @@ bool TWPartition::Mount(bool Display_Error) { } return true; } - } else if (!exfat_mounted && mount(Actual_Block_Device.c_str(), Mount_Point.c_str(), Current_File_System.c_str(), 0, NULL) != 0) { + } else if (!exfat_mounted && mount(Actual_Block_Device.c_str(), Mount_Point.c_str(), Current_File_System.c_str(), Mount_Flags, Mount_Options.c_str()) != 0) { #ifdef TW_NO_EXFAT_FUSE if (Current_File_System == "exfat") { LOGINFO("Mounting exfat failed, trying vfat...\n"); @@ -881,7 +949,7 @@ bool TWPartition::Mount(bool Display_Error) { LOGERR("Unable to mount '%s'\n", Mount_Point.c_str()); else LOGINFO("Unable to mount '%s'\n", Mount_Point.c_str()); - LOGINFO("Actual block device: '%s', current file system: '%s'\n", Actual_Block_Device.c_str(), Current_File_System.c_str()); + LOGINFO("Actual block device: '%s', current file system: '%s', flags: 0x%8x, options: '%s'\n", Actual_Block_Device.c_str(), Current_File_System.c_str(), Mount_Flags, Mount_Options.c_str()); return false; } } else { diff --git a/partitionmanager.cpp b/partitionmanager.cpp index b322932c8..7634ff047 100644 --- a/partitionmanager.cpp +++ b/partitionmanager.cpp @@ -235,6 +235,8 @@ void TWPartitionManager::Output_Partition(TWPartition* Part) { printf(" MTD_Name: %s\n", Part->MTD_Name.c_str()); string back_meth = Part->Backup_Method_By_Name(); printf(" Backup_Method: %s\n\n", back_meth.c_str()); + if (Part->Mount_Flags || !Part->Mount_Options.empty()) + printf(" Mount_Flags=0x%8x, Mount_Options=%s\n", Part->Mount_Flags, Part->Mount_Options.c_str()); } int TWPartitionManager::Mount_By_Path(string Path, bool Display_Error) { diff --git a/partitions.hpp b/partitions.hpp index f32f2c0c5..62f95d040 100644 --- a/partitions.hpp +++ b/partitions.hpp @@ -74,6 +74,7 @@ private: void Find_Actual_Block_Device(); // Determines the correct block device and stores it in Actual_Block_Device bool Process_Flags(string Flags, bool Display_Error); // Process custom fstab flags + bool Process_FS_Flags(string& Options, int Flags); // Process standard fstab fs flags bool Is_File_System(string File_System); // Checks to see if the file system given is considered a file system bool Is_Image(string File_System); // Checks to see if the file system given is considered an image void Setup_File_System(bool Display_Error); // Sets defaults for a file system partition @@ -144,6 +145,8 @@ private: bool Is_Settings_Storage; // Indicates that this storage partition is the location of the .twrps settings file and the location that is used for custom themes string Storage_Path; // Indicates the path to the storage -- root indicates mount point, media/ indicates e.g. /data/media string Fstab_File_System; // File system from the recovery.fstab + int Mount_Flags; // File system flags from recovery.fstab + string Mount_Options; // File system options from recovery.fstab int Format_Block_Size; // Block size for formatting bool Ignore_Blkid; // Ignore blkid results due to superblocks lying to us on certain devices / partitions bool Retain_Layout_Version; // Retains the .layout_version file during a wipe (needed on devices like Sony Xperia T where /data and /data/media are separate partitions) |