summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNick Kralevich <nnk@google.com>2014-03-31 20:26:27 +0000
committerAndroid Git Automerger <android-git-automerger@android.com>2014-03-31 20:26:27 +0000
commit0e290b7708e2ac59e645f499d8348a3a087a9568 (patch)
tree8a10c0c34b617f78f73dba9e3db1d858fccccaa2
parent2f9ec3560d21e3db4f91a64e68d6b678714cd749 (diff)
parentce30fca85deec8e268009a2acaefe85541ab1e58 (diff)
downloadframeworks_base-0e290b7708e2ac59e645f499d8348a3a087a9568.zip
frameworks_base-0e290b7708e2ac59e645f499d8348a3a087a9568.tar.gz
frameworks_base-0e290b7708e2ac59e645f499d8348a3a087a9568.tar.bz2
am ce30fca8: am e531e2ec: am 3b2a9d22: Merge "Change when the SELinux relabel of /data/data occurs."
* commit 'ce30fca85deec8e268009a2acaefe85541ab1e58': Change when the SELinux relabel of /data/data occurs.
-rw-r--r--services/core/java/com/android/server/pm/Installer.java11
-rwxr-xr-xservices/core/java/com/android/server/pm/PackageManagerService.java19
2 files changed, 21 insertions, 9 deletions
diff --git a/services/core/java/com/android/server/pm/Installer.java b/services/core/java/com/android/server/pm/Installer.java
index ae1cfab..ff816ea 100644
--- a/services/core/java/com/android/server/pm/Installer.java
+++ b/services/core/java/com/android/server/pm/Installer.java
@@ -407,7 +407,14 @@ public final class Installer extends SystemService {
return execute(builder.toString());
}
- public boolean restoreconData() {
- return (execute("restorecondata") == 0);
+ public boolean restoreconData(String pkgName, String seinfo, int uid) {
+ StringBuilder builder = new StringBuilder("restorecondata");
+ builder.append(' ');
+ builder.append(pkgName);
+ builder.append(' ');
+ builder.append(seinfo != null ? seinfo : "!");
+ builder.append(' ');
+ builder.append(uid);
+ return (execute(builder.toString()) == 0);
}
}
diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
index a07ad5a..09a414e 100755
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -402,6 +402,9 @@ public class PackageManagerService extends IPackageManager.Stub {
// If mac_permissions.xml was found for seinfo labeling.
boolean mFoundPolicyFile;
+ // If a recursive restorecon of /data/data/<pkg> is needed.
+ private boolean mShouldRestoreconData = SELinuxMMAC.shouldRestorecon();
+
// All available activities, for your resolving pleasure.
final ActivityIntentResolver mActivities =
new ActivityIntentResolver();
@@ -1536,13 +1539,6 @@ public class PackageManagerService extends IPackageManager.Stub {
// can downgrade to reader
mSettings.writeLPr();
- if (SELinuxMMAC.shouldRestorecon()) {
- Slog.i(TAG, "Relabeling of /data/data and /data/user issued.");
- if (mInstaller.restoreconData()) {
- SELinuxMMAC.setRestoreconDone();
- }
- }
-
EventLog.writeEvent(EventLogTags.BOOT_PROGRESS_PMS_READY,
SystemClock.uptimeMillis());
@@ -4787,6 +4783,11 @@ public class PackageManagerService extends IPackageManager.Stub {
}
}
pkg.applicationInfo.dataDir = dataPath.getPath();
+ if (mShouldRestoreconData) {
+ Slog.i(TAG, "SELinux relabeling of " + pkg.packageName + " issued.");
+ mInstaller.restoreconData(pkg.packageName, pkg.applicationInfo.seinfo,
+ pkg.applicationInfo.uid);
+ }
} else {
if (DEBUG_PACKAGE_SCANNING) {
if ((parseFlags & PackageParser.PARSE_CHATTY) != 0)
@@ -11432,6 +11433,10 @@ public class PackageManagerService extends IPackageManager.Stub {
*/
public void scanAvailableAsecs() {
updateExternalMediaStatusInner(true, false, false);
+ if (mShouldRestoreconData) {
+ SELinuxMMAC.setRestoreconDone();
+ mShouldRestoreconData = false;
+ }
}
/*