diff options
| author | Tom Cherry <tomcherry@google.com> | 2018-10-04 13:14:14 -0700 |
|---|---|---|
| committer | Tom Cherry <tomcherry@google.com> | 2018-10-05 10:36:38 -0700 |
| commit | 48e83e629f52a50c5e1317376022ec09fe221f78 (patch) | |
| tree | ee6d6323147e5ae24d770b0b62dce6ecc943578b /fastboot/device/variables.cpp | |
| parent | 3da42a6c05311653ff5d12b5057d5f3c40ac0c1a (diff) | |
init: move InitKernelLogging() to first stage init
The kernel opens /dev/console and uses that fd for stdin/stdout/stderr
if there is a serial console enabled and no initramfs, otherwise it
does not provide any fds for stdin/stdout/stderr. InitKernelLogging()
is used to close these existing fds if they exist and replace them
with /dev/null.
Currently, InitKernelLogging() is only called in second stage init,
which means that processes exec'ed from first stage init will inherit
the kernel provided fds if any are provided.
In the case that they are provided, the exec of second stage init
causes an SELinux denial as it does not have access to /dev/console.
In the case that they are not provided, exec of any further process is
potentially dangerous as the first fd's opened by that process will
take the stdin/stdout/stderr fileno's, which can cause issues if
printf(), etc is then used by that process.
Lastly, simply moving InitKernelLogging() to first stage init is not
enough, since first stage init still runs in kernel context and future
child processes will not have permissions to access kernel context
resources. Therefore, it must be done for a second time in second
stage init.
Bug: 117281017
Test: no audits when booting marlin.
Change-Id: If27edab5c32b27765e24c32fbed506ef625889de
Diffstat (limited to 'fastboot/device/variables.cpp')
0 files changed, 0 insertions, 0 deletions