From 3060b61d412fa30e91fb13dd29b82d994143aa30 Mon Sep 17 00:00:00 2001 From: Nick Kralevich Date: Thu, 4 Apr 2019 16:14:08 -0700 Subject: [PATCH] add SELINUX_ANDROID_RESTORECON_SKIP_SEHASH Allow callers to indicate that they don't want to compute the sehash value. Callers may not have CAP_SYS_ADMIN, so attempting to write the sehash value will result in the following (harmless) errors: SELinux: setxattr failed: /data/app/com.andromeda.androbench2-z5oLVfPATqQF35yGDuMUeA==: Operation not permitted TODO: It would be better if the default for restorecon was to suppress the hash computation, since otherwise it encourages programs to be overprivileged with CAP_SYS_ADMIN. I'll plan on doing that in a followup commit. Bugs where this error message has been called out: Bug: 129766333 Bug: 129271240 Bug: 128700692 Bug: 129925723 Test: install an APK and ensure that no "SELinux: setxattr failed" error messages are generated. Change-Id: I396f036681abf106d48413a7a6126d4a6af2fa3a --- libselinux/include/selinux/android.h | 1 + libselinux/src/android/android_platform.c | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/libselinux/include/selinux/android.h b/libselinux/include/selinux/android.h index 556cbbe5..99fc9efe 100644 --- a/libselinux/include/selinux/android.h +++ b/libselinux/include/selinux/android.h @@ -53,6 +53,7 @@ extern int selinux_vendor_log_callback(int type, const char *fmt, ...) #define SELINUX_ANDROID_RESTORECON_DATADATA 16 #define SELINUX_ANDROID_RESTORECON_SKIPCE 32 #define SELINUX_ANDROID_RESTORECON_CROSS_FILESYSTEMS 64 +#define SELINUX_ANDROID_RESTORECON_SKIP_SEHASH 128 extern int selinux_android_restorecon(const char *file, unsigned int flags); extern int selinux_android_restorecon_pkgdir(const char *pkgdir, diff --git a/libselinux/src/android/android_platform.c b/libselinux/src/android/android_platform.c index 555b2b00..c0e60440 100644 --- a/libselinux/src/android/android_platform.c +++ b/libselinux/src/android/android_platform.c @@ -1569,8 +1569,8 @@ static int selinux_android_restorecon_common(const char* pathname_orig, bool datadata = (flags & SELINUX_ANDROID_RESTORECON_DATADATA) ? true : false; bool skipce = (flags & SELINUX_ANDROID_RESTORECON_SKIPCE) ? true : false; bool cross_filesystems = (flags & SELINUX_ANDROID_RESTORECON_CROSS_FILESYSTEMS) ? true : false; + bool setrestoreconlast = (flags & SELINUX_ANDROID_RESTORECON_SKIP_SEHASH) ? false : true; bool issys; - bool setrestoreconlast = true; struct stat sb; struct statfs sfsb; FTS *fts;