From d855a72ebe9f77a3c32e45228d339b98a85d3b0b Mon Sep 17 00:00:00 2001
From: Dan Willemsen <dwillemsen@google.com>
Date: Tue, 12 Feb 2019 15:52:36 -0800
Subject: [PATCH] Support loading only approved vendorsetup.sh files

Very few vendorsetup.sh files are needed anymore, since add_lunch_combo
has been deprecated. So add a way so that only approved vendorsetup.sh
files can be loaded into the shell, and others will be skipped.

This further limits the amount of code that can run outside the build
sandbox, and makes this list more visible to tree maintainers before
they're used instead of after.

Test: no allowed-vendorsetup_sh-files
Test: empty allowed-vendorsetup_sh-files
Test: one file in allowed-vendorsetup_sh-files
Test: two files in allowed-vendorsetup_sh-files
Test: non-present file in allowed-vendorsetup_sh-files
Change-Id: Ia23d1c9d11a7295d5be5abd10cf56edbdec80483
---
 envsetup.sh | 24 +++++++++++++++++++++++-
 1 file changed, 23 insertions(+), 1 deletion(-)

diff --git a/envsetup.sh b/envsetup.sh
index 5d2e550dee..0953487b8b 100644
--- a/envsetup.sh
+++ b/envsetup.sh
@@ -1765,11 +1765,33 @@ function aidegen()
 }
 
 # Execute the contents of any vendorsetup.sh files we can find.
+# Unless we find an allowed-vendorsetup_sh-files file, in which case we'll only
+# load those.
+#
+# This allows loading only approved vendorsetup.sh files
 function source_vendorsetup() {
+    allowed=
+    for f in $(find -L device vendor product -maxdepth 4 -name 'allowed-vendorsetup_sh-files' 2>/dev/null | sort); do
+        if [ -n "$allowed" ]; then
+            echo "More than one 'allowed_vendorsetup_sh-files' file found, not including any vendorsetup.sh files:"
+            echo "  $allowed"
+            echo "  $f"
+            return
+        fi
+        allowed="$f"
+    done
+
+    allowed_files=
+    [ -n "$allowed" ] && allowed_files=$(cat "$allowed")
     for dir in device vendor product; do
         for f in $(test -d $dir && \
             find -L $dir -maxdepth 4 -name 'vendorsetup.sh' 2>/dev/null | sort); do
-            echo "including $f"; . $f
+
+            if [[ -z "$allowed" || "$allowed_files" =~ $f ]]; then
+                echo "including $f"; . "$f"
+            else
+                echo "ignoring $f, not in $allowed"
+            fi
         done
     done
 }