1*e5eeaa8eSAndroid Build Coastguard Worker /* 2*e5eeaa8eSAndroid Build Coastguard Worker * Copyright (C) 2019 The Android Open Source Project 3*e5eeaa8eSAndroid Build Coastguard Worker * 4*e5eeaa8eSAndroid Build Coastguard Worker * Licensed under the Apache License, Version 2.0 (the "License"); 5*e5eeaa8eSAndroid Build Coastguard Worker * you may not use this file except in compliance with the License. 6*e5eeaa8eSAndroid Build Coastguard Worker * You may obtain a copy of the License at 7*e5eeaa8eSAndroid Build Coastguard Worker * 8*e5eeaa8eSAndroid Build Coastguard Worker * http://www.apache.org/licenses/LICENSE-2.0 9*e5eeaa8eSAndroid Build Coastguard Worker * 10*e5eeaa8eSAndroid Build Coastguard Worker * Unless required by applicable law or agreed to in writing, software 11*e5eeaa8eSAndroid Build Coastguard Worker * distributed under the License is distributed on an "AS IS" BASIS, 12*e5eeaa8eSAndroid Build Coastguard Worker * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13*e5eeaa8eSAndroid Build Coastguard Worker * See the License for the specific language governing permissions and 14*e5eeaa8eSAndroid Build Coastguard Worker * limitations under the License. 15*e5eeaa8eSAndroid Build Coastguard Worker */ 16*e5eeaa8eSAndroid Build Coastguard Worker 17*e5eeaa8eSAndroid Build Coastguard Worker // Namespace config for binaries under /postinstall. 18*e5eeaa8eSAndroid Build Coastguard Worker // Only default namespace is defined and default has no directories 19*e5eeaa8eSAndroid Build Coastguard Worker // other than /system/lib in the search paths. This is because linker calls 20*e5eeaa8eSAndroid Build Coastguard Worker // realpath on the search paths and this causes selinux denial if the paths 21*e5eeaa8eSAndroid Build Coastguard Worker // (/vendor, /odm) are not allowed to the postinstall binaries. There is no 22*e5eeaa8eSAndroid Build Coastguard Worker // reason to allow the binaries to access the paths. 23*e5eeaa8eSAndroid Build Coastguard Worker 24*e5eeaa8eSAndroid Build Coastguard Worker #include "linkerconfig/sectionbuilder.h" 25*e5eeaa8eSAndroid Build Coastguard Worker 26*e5eeaa8eSAndroid Build Coastguard Worker #include "linkerconfig/namespacebuilder.h" 27*e5eeaa8eSAndroid Build Coastguard Worker 28*e5eeaa8eSAndroid Build Coastguard Worker using android::linkerconfig::contents::SectionType; 29*e5eeaa8eSAndroid Build Coastguard Worker using android::linkerconfig::modules::Namespace; 30*e5eeaa8eSAndroid Build Coastguard Worker using android::linkerconfig::modules::Section; 31*e5eeaa8eSAndroid Build Coastguard Worker 32*e5eeaa8eSAndroid Build Coastguard Worker namespace android { 33*e5eeaa8eSAndroid Build Coastguard Worker namespace linkerconfig { 34*e5eeaa8eSAndroid Build Coastguard Worker namespace contents { BuildPostInstallSection(Context & ctx)35*e5eeaa8eSAndroid Build Coastguard WorkerSection BuildPostInstallSection(Context& ctx) { 36*e5eeaa8eSAndroid Build Coastguard Worker ctx.SetCurrentSection(SectionType::Other); 37*e5eeaa8eSAndroid Build Coastguard Worker std::vector<Namespace> namespaces; 38*e5eeaa8eSAndroid Build Coastguard Worker 39*e5eeaa8eSAndroid Build Coastguard Worker namespaces.emplace_back(BuildPostInstallNamespace(ctx)); 40*e5eeaa8eSAndroid Build Coastguard Worker 41*e5eeaa8eSAndroid Build Coastguard Worker return Section("postinstall", std::move(namespaces)); 42*e5eeaa8eSAndroid Build Coastguard Worker } 43*e5eeaa8eSAndroid Build Coastguard Worker } // namespace contents 44*e5eeaa8eSAndroid Build Coastguard Worker } // namespace linkerconfig 45*e5eeaa8eSAndroid Build Coastguard Worker } // namespace android 46