From e2efde3746304d5d1e7857113e99a8d9e5350e4a Mon Sep 17 00:00:00 2001
From: Inseob Kim <inseob@google.com>
Date: Wed, 20 Nov 2024 17:56:20 +0900
Subject: [PATCH 1/2] Use genfs labels version library

Instead of hard-coding the text path everywhere, this uses a library to
get the genfs labels version.

As genfs labels affect SELinux, this also adds logs to help debug
issues.

Bug: 378805380
Test: boot and check log
Change-Id: I843c97cbeb0c211c67e0172458a4f0d236cf1f06
---
 init/Android.bp  |  1 +
 init/selinux.cpp | 22 +++++-----------------
 2 files changed, 6 insertions(+), 17 deletions(-)

diff --git a/init/Android.bp b/init/Android.bp
index 4025a6ba4..4ee3be222 100644
--- a/init/Android.bp
+++ b/init/Android.bp
@@ -176,6 +176,7 @@ libinit_cc_defaults {
         "libxml2",
         "lib_apex_manifest_proto_lite",
         "update_metadata-protos",
+        "libgenfslabelsversion.ffi",
     ],
     shared_libs: [
         "libbase",
diff --git a/init/selinux.cpp b/init/selinux.cpp
index 5ced0b81a..6316b4deb 100644
--- a/init/selinux.cpp
+++ b/init/selinux.cpp
@@ -69,6 +69,7 @@
 #include <android/avf_cc_flags.h>
 #include <fs_avb/fs_avb.h>
 #include <fs_mgr.h>
+#include <genfslabelsversion.h>
 #include <libgsi/libgsi.h>
 #include <libsnapshot/snapshot.h>
 #include <selinux/android.h>
@@ -190,22 +191,6 @@ bool GetVendorMappingVersion(std::string* plat_vers) {
     return true;
 }
 
-int GetVendorGenfsVersion() {
-    std::string line;
-    if (!ReadFirstLine("/vendor/etc/selinux/genfs_labels_version.txt", &line)) {
-        PLOG(ERROR) << "Failed to read /vendor/etc/selinux/genfs_labels_version.txt; assuming it's "
-                       "202404";
-        return 202404;
-    }
-    int version;
-    if (!ParseInt(line, &version)) {
-        PLOG(ERROR) << "Failed to parse the genfs labels version " << line
-                    << "; assuming it's 202404";
-        return 202404;
-    }
-    return version;
-}
-
 constexpr const char plat_policy_cil_file[] = "/system/etc/selinux/plat_sepolicy.cil";
 
 bool IsSplitPolicyDevice() {
@@ -342,11 +327,14 @@ bool OpenSplitPolicy(PolicyFile* policy_file) {
 
     std::vector<std::string> genfs_cil_files;
 
-    int vendor_genfs_version = GetVendorGenfsVersion();
+    int vendor_genfs_version = get_genfs_labels_version();
     std::string genfs_cil_file =
             std::format("/system/etc/selinux/plat_sepolicy_genfs_{}.cil", vendor_genfs_version);
     if (access(genfs_cil_file.c_str(), F_OK) != 0) {
+        LOG(INFO) << "Missing " << genfs_cil_file << "; skipping";
         genfs_cil_file.clear();
+    } else {
+        LOG(INFO) << "Using " << genfs_cil_file << " for genfs labels";
     }
 
     // clang-format off

From 35ab96a4232b5579c96f9c75bd053dfc238f08f4 Mon Sep 17 00:00:00 2001
From: Akilesh Kailash <akailash@google.com>
Date: Thu, 21 Nov 2024 05:59:54 -0800
Subject: [PATCH 2/2] Add prefetch directory in /metadata

Bug: 362507272
Test: Verify directory is created in /metadata
Change-Id: Ie1c2312f405d4b41e06a248e4d2b93cd8fc62a93
Signed-off-by: Akilesh Kailash <akailash@google.com>
---
 rootdir/init.rc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/rootdir/init.rc b/rootdir/init.rc
index eeafd4c85..8ffac2049 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -596,6 +596,7 @@ on post-fs
     mkdir /metadata/ota/snapshots 0750 root system
     mkdir /metadata/watchdog 0770 root system
     mkdir /metadata/tradeinmode 0770 root system
+    mkdir /metadata/prefetch 0770 root system
 
     mkdir /metadata/apex 0700 root system
     mkdir /metadata/apex/sessions 0700 root system