diff options
| author | Jiyong Park <jiyong@google.com> | 2018-03-20 01:12:31 +0900 |
|---|---|---|
| committer | Jiyong Park <jiyong@google.com> | 2018-03-20 10:12:00 +0900 |
| commit | d7e6cb27b6758fe96b200dde33b75dbe5ba5bf6b (patch) | |
| tree | 041c2b5c53050a3d03f24e015ff55bb474183d32 /libutils/Unicode.cpp | |
| parent | 4fa763290e2052ff1f0409d98a92004faa300128 (diff) | |
/postinstall/* does not search for a lib in /vendor or /odm
There has been no section in the linker config file for the binaries
under /postinstall. As a result, the binaries were run with the legacy
default config where /vendor/lib and /odm/lib are added to the search
paths. This is causing selinux denials as the binaries for OTA are not
allowed to access /vendor/lib or /odm/lib, but the dynamic linker calls
realpath(3) on the paths to canonicalize them.
Fixing the issue by letting /postinstall/* binaries to run with a
dedicated linker namespace config, where /vendor/lib and /odm/lib are
not added to the search paths. Not having the paths is okay because
he OTA binaries should not have dependency to the libs there.
Bug: 75287236
Test: do the OTA, selinux denials on postinstall_file is not shown
Test: above test should pass on wahoo, marlin and pre-treble devices
Change-Id: I49c11a0929002adfef667890c0a375c2b41054f4
Diffstat (limited to 'libutils/Unicode.cpp')
0 files changed, 0 insertions, 0 deletions