From 52351300d156826bf22c493828571f45a1cea16a Mon Sep 17 00:00:00 2001
From: repo sync <gcondra@google.com>
Date: Fri, 17 May 2013 12:46:00 -0700
Subject: [PATCH] Revert "Add a version check for SELinux policy on device."

This reverts commit 921be8b6568df0057c4eacbac2e1022b71e09620.
---
 init/init.c     | 59 -------------------------------------------------
 rootdir/init.rc |  6 ++---
 2 files changed, 3 insertions(+), 62 deletions(-)

diff --git a/init/init.c b/init/init.c
index 853762b91..fc8ff20aa 100755
--- a/init/init.c
+++ b/init/init.c
@@ -61,9 +61,6 @@
 struct selabel_handle *sehandle;
 struct selabel_handle *sehandle_prop;
 
-#define SELINUX_DATA_POLICY_VERSION_PATH "/data/security/bundle/metadata/version"
-#define SELINUX_BOOT_POLICY_VERSION_PATH "/sepolicy.version"
-
 static int property_triggers_enabled = 0;
 
 #if BOOTCHART
@@ -777,58 +774,6 @@ void selinux_init_all_handles(void)
     sehandle_prop = selinux_android_prop_context_handle();
 }
 
-static int selinux_read_version_file(char *version_file_path)
-{
-    unsigned version_string_length = 0;
-    unsigned characters_consumed = 0;
-    int policy_version = 0;
-    char *version_string;
-
-    version_string = read_file(version_file_path, &version_string_length);
-    if (version_string == NULL)
-        return -1;
-
-    sscanf(version_string, "%d%n", &policy_version, &characters_consumed);
-    free(version_string);
-
-    if (characters_consumed != (version_string_length - 1))
-        return -1;
-
-    return policy_version;
-}
-
-static int selinux_check_policy_version(void)
-{
-    int data_policy_version = 0;
-    int boot_policy_version = 0;
-
-    // get the policy version for the sepolicy on the data partition
-    // fail open to allow the existing policy to relabel
-    data_policy_version = selinux_read_version_file(SELINUX_DATA_POLICY_VERSION_PATH);
-    if (data_policy_version < 0) {
-        INFO("Couldn't read data policy version file");
-        return 0;
-    }
-
-    // get the policy version for the sepolicy on the boot partition
-    // fail open to allow devices without an sepolicy.version to update
-    boot_policy_version = selinux_read_version_file(SELINUX_BOOT_POLICY_VERSION_PATH);
-    if (boot_policy_version < 0) {
-        INFO("Couldn't read boot policy version file");
-        return 0;
-    }
-
-    // return an error if the "updated" policy is too old
-    if (data_policy_version <= boot_policy_version) {
-        ERROR("SELinux: data policy version (%d) <= factory policy version (%d)",
-            data_policy_version,
-            boot_policy_version);
-        return -1;
-    }
-
-    return 0;
-}
-
 int selinux_reload_policy(void)
 {
     if (!selinux_enabled) {
@@ -837,10 +782,6 @@ int selinux_reload_policy(void)
 
     INFO("SELinux: Attempting to reload policy files\n");
 
-    if (selinux_check_policy_version() == -1) {
-        return -1;
-    }
-
     if (selinux_android_reload_policy() == -1) {
         return -1;
     }
diff --git a/rootdir/init.rc b/rootdir/init.rc
index 4e8ff60d5..4b4408f32 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -177,6 +177,9 @@ on post-fs
     mkdir /cache/lost+found 0770 root root
 
 on post-fs-data
+    # reload SELinux based on what we find on the data partition
+    selinux_reload_policy
+
     # We chown/chmod /data again so because mount is run as root + defaults
     chown system system /data
     chmod 0771 /data
@@ -260,9 +263,6 @@ on post-fs-data
     #setprop vold.post_fs_data_done 1
 
 on boot
-# reload SELinux policy to make sure we use the most up-to-date one
-    selinux_reload_policy
-
 # basic network init
     ifup lo
     hostname localhost