tequilaOS/platform_system_core
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Move comments into selinux.h and fix

Browse source 
Make comments imperative, remove redundant words, clarify API level.

Bug: 26641735
Test: treehugger
Change-Id: Icad6001321aa2274b70fdcc74f6fe176f0b2d0db
This commit is contained in:
Paul Crowley 2019-11-05 09:46:59 -08:00
parent 4645210097
commit f831f10abe
2 changed files with 9 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
init/selinux.cpp
View file

@ -514,9 +514,6 @@ void SelinuxAvcLog(char* buf, size_t buf_len) {
} // namespace
// The files and directories that were created before initial sepolicy load or
// files on ramdisk need to have their security context restored to the proper
// value. This must happen before /dev is populated by ueventd.
void SelinuxRestoreContext() {
LOG(INFO) << "Running restorecon...";
selinux_android_restorecon("/dev", 0);
@ -560,15 +557,12 @@ int SelinuxKlogCallback(int type, const char* fmt, ...) {
return 0;
}
// This function sets up SELinux logging to be written to kmsg, to match init's logging.
void SelinuxSetupKernelLogging() {
selinux_callback cb;
cb.func_log = SelinuxKlogCallback;
selinux_set_callback(SELINUX_CB_LOG, cb);
}
// This function returns the Android version with which the vendor SEPolicy was compiled.
// It is used for version checks such as whether or not vendor_init should be used
int SelinuxGetVendorAndroidVersion() {
static int vendor_android_version = [] {
if (!IsSplitPolicyDevice()) {
@ -594,7 +588,6 @@ int SelinuxGetVendorAndroidVersion() {
return vendor_android_version;
}
// This function initializes SELinux then execs init to run in the init SELinux context.
int SetupSelinux(char** argv) {
SetStdioToDevNull(argv);
InitKernelLogging(argv);

9
init/selinux.h
View file

@ -19,10 +19,19 @@
namespace android {
namespace init {
// Initialize SELinux, then exec init to run in the init SELinux context.
int SetupSelinux(char** argv);
// Restore the proper security context to files and directories on ramdisk, and
// those that were created before initial sepolicy load.
// This must happen before /dev is populated by ueventd.
void SelinuxRestoreContext();
// Set up SELinux logging to be written to kmsg, to match init's logging.
void SelinuxSetupKernelLogging();
// Return the Android API level with which the vendor SEPolicy was compiled.
// Used for version checks such as whether or not vendor_init should be used.
int SelinuxGetVendorAndroidVersion();
static constexpr char kEnvSelinuxStartedAt[] = "SELINUX_STARTED_AT";