From 59a5f1a4470214f669b490fb9e364cbe37121bcf Mon Sep 17 00:00:00 2001
From: Pierre-Hugues Husson <phh@phh.me>
Date: Mon, 31 Jan 2022 16:12:06 -0500
Subject: [PATCH] Improve phh-ota, to be theorically usable without root

---
 cmds/Android.bp           | 12 ------------
 ota/Android.bp            | 12 ++++++++++++
 {cmds => ota}/phh-ota.cpp | 19 +++++++++++++++++++
 ota/phh-ota.rc            | 12 ++++++++++++
 sepolicy/phh.te           |  5 +++++
 5 files changed, 48 insertions(+), 12 deletions(-)
 create mode 100644 ota/Android.bp
 rename {cmds => ota}/phh-ota.cpp (85%)
 create mode 100644 ota/phh-ota.rc
 create mode 100644 sepolicy/phh.te

diff --git a/cmds/Android.bp b/cmds/Android.bp
index 9ff412a..4568089 100644
--- a/cmds/Android.bp
+++ b/cmds/Android.bp
@@ -204,15 +204,3 @@ cc_binary {
 		"oplus-alert-slider.rc",
 	],
 }
-
-cc_binary {
-	name: "phh-ota",
-	srcs: [
-		"phh-ota.cpp",
-	],
-	shared_libs: [
-		"libfs_mgr",
-		"libbase",
-		"liblp",
-	],
-}
diff --git a/ota/Android.bp b/ota/Android.bp
new file mode 100644
index 0000000..741b553
--- /dev/null
+++ b/ota/Android.bp
@@ -0,0 +1,12 @@
+cc_binary {
+	name: "phh-ota",
+	srcs: [
+		"phh-ota.cpp",
+	],
+	shared_libs: [
+		"libfs_mgr",
+		"libbase",
+		"liblp",
+	],
+	init_rc: ["phh-ota.rc"],
+}
diff --git a/cmds/phh-ota.cpp b/ota/phh-ota.cpp
similarity index 85%
rename from cmds/phh-ota.cpp
rename to ota/phh-ota.cpp
index 65aecbe..c799c48 100644
--- a/cmds/phh-ota.cpp
+++ b/ota/phh-ota.cpp
@@ -2,8 +2,11 @@
 #include <sys/stat.h>
 #include <sys/types.h>
 #include <sys/mount.h>
+#include <sys/sysmacros.h>
+#include <sys/xattr.h>
 #include <stdio.h>
 #include <unistd.h>
+#include <fcntl.h>
 #include <libfiemap/image_manager.h>
 #include <android-base/file.h>
 
@@ -62,6 +65,22 @@ int main(int argc, char **argv) {
 		fprintf(stderr, "Mapping backing image returned %s\n", imgManager->MapImageDevice(imageName, 0ms, &blockDev) ? "true" : "false");
 		fprintf(stderr, "blockdev is %s\n", blockDev.c_str());
 		printf("%s\n", blockDev.c_str());
+
+		struct stat sb;
+		stat(blockDev.c_str(), &sb);
+
+		if(!S_ISBLK(sb.st_mode)) {
+			fprintf(stderr, "blockDev wasn't block dev\n");
+			return -1;
+		}
+
+		unlink("/dev/phh-ota");
+		mknod("/dev/phh-ota", 0644, S_IFBLK | makedev(major(sb.st_rdev), minor(sb.st_rdev)));
+		// Allow system uid to write there
+		chown("/dev/phh-ota", 0, 1000);
+		const char *dstContext = "u:r:phhota_dev:s0";
+		setxattr("/dev/phh-ota", "security.selinux", dstContext, strlen(dstContext), 0);
+
 		return 0;
 	}
 	if(argc>=2 && strcmp(argv[1], "delete-other-slot") == 0) {
diff --git a/ota/phh-ota.rc b/ota/phh-ota.rc
new file mode 100644
index 0000000..c6c5814
--- /dev/null
+++ b/ota/phh-ota.rc
@@ -0,0 +1,12 @@
+service phh-ota-make /system/bin/phh-ota new-slot
+	seclabel u:r:phhsu_daemon:s0
+	disabled
+	oneshot
+
+service phh-ota-switch /system/bin/phh-ota switch-slot
+	seclabel u:r:phhsu_daemon:s0
+	disabled
+	oneshot
+
+on property:sys.boot_completed=1
+    exec u:r:phhsu_daemon:s0 root -- /system/bin/phh-ota delete-other-slot
diff --git a/sepolicy/phh.te b/sepolicy/phh.te
new file mode 100644
index 0000000..24631f9
--- /dev/null
+++ b/sepolicy/phh.te
@@ -0,0 +1,5 @@
+type phhota_dev, dev_type, bdev_type;
+typeattribute phhota_dev mlstrustedobject;
+
+allow phhsu_daemon phhota_dev:blk_file rw_file_perms;
+allow system_app phhota_dev:blk_file rw_file_perms;