From 03daf05dcfbdbf4ed6175afb2f4676e59dd74aa3 Mon Sep 17 00:00:00 2001 From: Robert Craig Date: Mon, 17 Mar 2014 21:16:53 -0400 Subject: [PATCH] SELinux changes to check policy versions during a reload. When deciding on which property_contexts policy to load during a reload, an initial call is made to libselinux to grab the correct policy index. This policy index represents whether the /data/security or the rootfs version will be used. Change-Id: I4716039bb0f5ba1e961977a18350347a67969dca Signed-off-by: rpcraig --- init/init.c | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/init/init.c b/init/init.c index 08842363d..9e345e8dd 100644 --- a/init/init.c +++ b/init/init.c @@ -843,24 +843,21 @@ static int bootchart_init_action(int nargs, char **args) static const struct selinux_opt seopts_prop[] = { { SELABEL_OPT_PATH, "/property_contexts" }, + { SELABEL_OPT_PATH, "/data/security/current/property_contexts" }, { 0, NULL } }; struct selabel_handle* selinux_android_prop_context_handle(void) { - int i = 0; - struct selabel_handle* sehandle = NULL; - while ((sehandle == NULL) && seopts_prop[i].value) { - sehandle = selabel_open(SELABEL_CTX_ANDROID_PROP, &seopts_prop[i], 1); - i++; - } - + int policy_index = selinux_android_use_data_policy() ? 1 : 0; + struct selabel_handle* sehandle = selabel_open(SELABEL_CTX_ANDROID_PROP, + &seopts_prop[policy_index], 1); if (!sehandle) { ERROR("SELinux: Could not load property_contexts: %s\n", strerror(errno)); return NULL; } - INFO("SELinux: Loaded property contexts from %s\n", seopts_prop[i - 1].value); + INFO("SELinux: Loaded property contexts from %s\n", seopts_prop[policy_index].value); return sehandle; }