Peter Cai
714720852e
This doesn't work anymore on r29; remove it. If we want to boot on devices where apexes are broken, we have to find another way.
53 lines
2.1 KiB
Diff
53 lines
2.1 KiB
Diff
From b5256522214257f1a5f8ee5ecac84609993f8129 Mon Sep 17 00:00:00 2001
|
|
From: Pierre-Hugues Husson <phh@phh.me>
|
|
Date: Wed, 23 Feb 2022 17:37:47 -0500
|
|
Subject: [PATCH 2/2] init: Override select system properties
|
|
|
|
* adb secure props and logd can be overridden from system.
|
|
|
|
Change-Id: I94efa3f108ae97711026f099f367b6bea325629f
|
|
---
|
|
init/property_service.cpp | 16 ++++++++++++----
|
|
1 file changed, 12 insertions(+), 4 deletions(-)
|
|
|
|
diff --git a/init/property_service.cpp b/init/property_service.cpp
|
|
index 013924778..ce164372a 100644
|
|
--- a/init/property_service.cpp
|
|
+++ b/init/property_service.cpp
|
|
@@ -64,6 +64,7 @@
|
|
#include <selinux/android.h>
|
|
#include <selinux/label.h>
|
|
#include <selinux/selinux.h>
|
|
+
|
|
#include "debug_ramdisk.h"
|
|
#include "epoll.h"
|
|
#include "init.h"
|
|
@@ -796,13 +797,20 @@ static void LoadProperties(char* data, const char* filter, const char* filename,
|
|
std::string error;
|
|
if (CheckPermissions(key, value, context, cr, &error) == PROP_SUCCESS) {
|
|
auto it = properties->find(key);
|
|
+ const char *new_value = value;
|
|
+
|
|
if (it == properties->end()) {
|
|
- (*properties)[key] = value;
|
|
- } else if (it->second != value) {
|
|
+ (*properties)[key] = new_value;
|
|
+ } else if (it->second != new_value) {
|
|
LOG(WARNING) << "Overriding previous property '" << key << "':'" << it->second
|
|
<< "' with new value '" << value << "'";
|
|
- it->second = value;
|
|
- }
|
|
+ if (strstr(key, "adb") || strstr(key, "secure") || strstr(key, "ro.logd.kernel")
|
|
+ || strcmp("ro.control_privapp_permissions", key) == 0) {
|
|
+ LOG(WARNING) << "... Ignored";
|
|
+ } else {
|
|
+ it->second = new_value;
|
|
+ }
|
|
+ }
|
|
} else {
|
|
LOG(ERROR) << "Do not have permissions to set '" << key << "' to '" << value
|
|
<< "' in property file '" << filename << "': " << error;
|
|
--
|
|
2.44.0
|
|
|