From 79193a42e7aa5760a6f98c0718e3d70c560d0e8e Mon Sep 17 00:00:00 2001
From: Tom Cherry <tomcherry@google.com>
Date: Fri, 6 Oct 2017 10:36:10 -0700
Subject: [PATCH] init: use ro.init.subcontexts_enabled to enable subcontexts

As SEPolicy is developed, use this property to enable/disable
subcontexts.

Bug: 62875318
Test: boot device with/without subcontexts
Change-Id: Ieb879836a71c72d4de1bb16514d083d52480bf9a
---
 init/subcontext.cpp | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/init/subcontext.cpp b/init/subcontext.cpp
index 85da23734..927953d67 100644
--- a/init/subcontext.cpp
+++ b/init/subcontext.cpp
@@ -23,6 +23,7 @@
 
 #include <android-base/file.h>
 #include <android-base/logging.h>
+#include <android-base/properties.h>
 #include <android-base/strings.h>
 #include <selinux/android.h>
 
@@ -30,6 +31,7 @@
 #include "system/core/init/subcontext.pb.h"
 #include "util.h"
 
+using android::base::GetBoolProperty;
 using android::base::GetExecutablePath;
 using android::base::Join;
 using android::base::Socketpair;
@@ -258,12 +260,13 @@ Result<Success> Subcontext::Execute(const std::vector<std::string>& args) {
 static std::vector<Subcontext> subcontexts;
 
 std::vector<Subcontext>* InitializeSubcontexts() {
-    static const char* const paths_and_secontexts[][2] = {
-        //  TODO: Enable this once the SEPolicy is in place.
-        //  {"/vendor", kVendorContext.c_str()},
-    };
-    for (const auto& [path_prefix, secontext] : paths_and_secontexts) {
-        subcontexts.emplace_back(path_prefix, secontext);
+    if (GetBoolProperty("ro.init.subcontexts_enabled", false)) {
+        static const char* const paths_and_secontexts[][2] = {
+            {"/vendor", kVendorContext.c_str()},
+        };
+        for (const auto& [path_prefix, secontext] : paths_and_secontexts) {
+            subcontexts.emplace_back(path_prefix, secontext);
+        }
     }
     return &subcontexts;
 }