From 2840647b15fe91069aee02ce0e203943346bf294 Mon Sep 17 00:00:00 2001 From: Nick Kralevich Date: Tue, 22 Jan 2013 12:46:09 -0800 Subject: [PATCH] Revert "init: make system properties more secure." This reverts commit 51e06618dbd87c4374c56d9193a5e567aa3d02ac. Bug: 8045561 --- init/init.c | 5 +++++ init/property_service.c | 24 ++++++++++++++++++++---- init/property_service.h | 1 + 3 files changed, 26 insertions(+), 4 deletions(-) diff --git a/init/init.c b/init/init.c index bc88ba952..2fbe00219 100755 --- a/init/init.c +++ b/init/init.c @@ -233,6 +233,11 @@ void service_start(struct service *svc, const char *dynamic_args) int fd, sz; umask(077); + if (properties_inited()) { + get_property_workspace(&fd, &sz); + sprintf(tmp, "%d,%d", dup(fd), sz); + add_environment("ANDROID_PROPERTY_WORKSPACE", tmp); + } for (ei = svc->envvars; ei; ei = ei->next) add_environment(ei->name, ei->value); diff --git a/init/property_service.c b/init/property_service.c index b608d2f58..61dd86fdc 100755 --- a/init/property_service.c +++ b/init/property_service.c @@ -112,6 +112,7 @@ struct { typedef struct { void *data; size_t size; + int fd; } workspace; static int init_workspace(workspace *w, size_t size) @@ -119,10 +120,10 @@ static int init_workspace(workspace *w, size_t size) void *data; int fd; - /* dev is a tmpfs that we can use to carve a shared workspace - * out of, so let's do that... - */ - fd = open(PROP_FILENAME, O_RDWR | O_CREAT | O_NOFOLLOW, 0644); + /* dev is a tmpfs that we can use to carve a shared workspace + * out of, so let's do that... + */ + fd = open("/dev/__properties__", O_RDWR | O_CREAT | O_NOFOLLOW, 0600); if (fd < 0) return -1; @@ -135,8 +136,15 @@ static int init_workspace(workspace *w, size_t size) close(fd); + fd = open("/dev/__properties__", O_RDONLY | O_NOFOLLOW); + if (fd < 0) + return -1; + + unlink("/dev/__properties__"); + w->data = data; w->size = size; + w->fd = fd; return 0; out: @@ -166,6 +174,8 @@ static int init_property_area(void) if(init_workspace(&pa_workspace, PA_SIZE)) return -1; + fcntl(pa_workspace.fd, F_SETFD, FD_CLOEXEC); + pa_info_array = (void*) (((char*) pa_workspace.data) + PA_INFO_START); pa = pa_workspace.data; @@ -453,6 +463,12 @@ void handle_property_set_fd() } } +void get_property_workspace(int *fd, int *sz) +{ + *fd = pa_workspace.fd; + *sz = pa_workspace.size; +} + static void load_properties(char *data) { char *key, *value, *eol, *sol, *tmp; diff --git a/init/property_service.h b/init/property_service.h index df71f3f95..b9d1bf610 100644 --- a/init/property_service.h +++ b/init/property_service.h @@ -24,6 +24,7 @@ extern void property_init(void); extern void property_load_boot_defaults(void); extern void load_persist_props(void); extern void start_property_service(void); +void get_property_workspace(int *fd, int *sz); extern const char* property_get(const char *name); extern int property_set(const char *name, const char *value); extern int properties_inited();