From f9f7539430879ed43c2c0024f8cd44d27d3042d8 Mon Sep 17 00:00:00 2001
From: Paul Crowley <paulcrowley@google.com>
Date: Fri, 30 Nov 2018 15:58:26 -0800
Subject: [PATCH] Abolish calls to shell in vold

Never use popen, just execvp directly

Test: Two tests
- Ensure Marlin device boots and vold_prepare_subdirs is called
successfully
- Try adb shell sm set-virtual-disk true, see that eg sgdisk output is
logged.
Bug: 26735063
Bug: 113796163

Change-Id: Icb34140429db85098a0118a2b833772e3620e7ac
---
 private/vold.te | 4 ++--
 public/vold.te  | 3 ---
 2 files changed, 2 insertions(+), 5 deletions(-)

diff --git a/private/vold.te b/private/vold.te
index a6d1001d1..dea24a576 100644
--- a/private/vold.te
+++ b/private/vold.te
@@ -8,8 +8,8 @@ domain_auto_trans(vold, sdcardd_exec, sdcardd);
 
 # For a handful of probing tools, we choose an even more restrictive
 # domain when working with untrusted block devices
-domain_trans(vold, shell_exec, blkid);
-domain_trans(vold, shell_exec, blkid_untrusted);
+domain_trans(vold, blkid_exec, blkid);
+domain_trans(vold, blkid_exec, blkid_untrusted);
 domain_trans(vold, fsck_exec, fsck);
 domain_trans(vold, fsck_exec, fsck_untrusted);
 
diff --git a/public/vold.te b/public/vold.te
index 69947768b..0f5fb0fcb 100644
--- a/public/vold.te
+++ b/public/vold.te
@@ -31,9 +31,6 @@ allow vold file_contexts_file:file r_file_perms;
 # Allow us to jump into execution domains of above tools
 allow vold self:process setexec;
 
-# For sgdisk launched through popen()
-allow vold shell_exec:file rx_file_perms;
-
 # For formatting adoptable storage devices
 allow vold e2fs_exec:file rx_file_perms;
 
-- 
GitLab