mount /apex during first_stage init am: 4ba548d845
am: 854c5bc218
am: 5675349df0
Change-Id: Ic97ed52ae158225945542bc810a4ac5295c05f39
This commit is contained in:
commit
27e93c1f11
|
@ -155,6 +155,10 @@ int FirstStageMain(int argc, char** argv) {
|
|||
// part of the product partition, e.g. because they are mounted read-write.
|
||||
CHECKCALL(mkdir("/mnt/product", 0755));
|
||||
|
||||
// /apex is used to mount APEXes
|
||||
CHECKCALL(mount("tmpfs", "/apex", "tmpfs", MS_NOEXEC | MS_NOSUID | MS_NODEV,
|
||||
"mode=0755,uid=0,gid=0"));
|
||||
|
||||
#undef CHECKCALL
|
||||
|
||||
// Now that tmpfs is mounted on /dev and we have /dev/kmsg, we can actually
|
||||
|
|
|
@ -459,6 +459,8 @@ void SelinuxRestoreContext() {
|
|||
|
||||
selinux_android_restorecon("/dev/block", SELINUX_ANDROID_RESTORECON_RECURSE);
|
||||
selinux_android_restorecon("/dev/device-mapper", 0);
|
||||
|
||||
selinux_android_restorecon("/apex", 0);
|
||||
}
|
||||
|
||||
int SelinuxKlogCallback(int type, const char* fmt, ...) {
|
||||
|
|
|
@ -278,12 +278,6 @@ on init
|
|||
write /dev/cpu_variant:${ro.bionic.2nd_arch} ${ro.bionic.2nd_cpu_variant}
|
||||
chmod 0444 /dev/cpu_variant:${ro.bionic.2nd_arch}
|
||||
|
||||
# Setup APEX mount point and its security context
|
||||
mount tmpfs tmpfs /apex nodev noexec nosuid
|
||||
chmod 0755 /apex
|
||||
chown root root /apex
|
||||
restorecon /apex
|
||||
|
||||
# Start logd before any other services run to ensure we capture all of their logs.
|
||||
start logd
|
||||
|
||||
|
|
Loading…
Reference in New Issue