diff options
| author | rpcraig <rpcraig@tycho.ncsc.mil> | 2012-07-05 06:41:43 -0400 |
|---|---|---|
| committer | rpcraig <rpcraig@tycho.ncsc.mil> | 2012-07-25 11:07:39 -0400 |
| commit | 554cb0c290406f5bba34908489db5382a69d0a9a (patch) | |
| tree | e72926289025da3220e138bb8152e71b6321a2c0 /core/jni/android_os_SELinux.cpp | |
| parent | 2c932143ffe865d49c741e466b425bdbabbd1f2f (diff) | |
| download | frameworks_base-554cb0c290406f5bba34908489db5382a69d0a9a.zip frameworks_base-554cb0c290406f5bba34908489db5382a69d0a9a.tar.gz frameworks_base-554cb0c290406f5bba34908489db5382a69d0a9a.tar.bz2 | |
Introduce a restorecon JNI binding.
Label the vmdl.*\.tmp files and the final .apk file differently.
Modify the WallpaperManagerService to restorecon the wallpaper file.
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
Change-Id: Idfc056e9ec0508d7e11100626a7114f341f1af70
Diffstat (limited to 'core/jni/android_os_SELinux.cpp')
| -rw-r--r-- | core/jni/android_os_SELinux.cpp | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/core/jni/android_os_SELinux.cpp b/core/jni/android_os_SELinux.cpp index 40443ff..e813c38 100644 --- a/core/jni/android_os_SELinux.cpp +++ b/core/jni/android_os_SELinux.cpp @@ -1,3 +1,19 @@ +/* + * Copyright (C) 2012 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + #define LOG_TAG "SELinuxJNI" #include <utils/Log.h> @@ -6,6 +22,7 @@ #include "android_runtime/AndroidRuntime.h" #ifdef HAVE_SELINUX #include "selinux/selinux.h" +#include "selinux/android.h" #endif #include <errno.h> @@ -458,6 +475,27 @@ namespace android { } /* + * Function: native_restorecon + * Purpose: restore default SELinux security context + * Parameters: pathname: the pathname for the file to be relabeled + * Returns: boolean: (true) file label successfully restored, (false) otherwise + * Exceptions: none + */ + static jboolean native_restorecon(JNIEnv *env, jobject clazz, jstring pathname) { +#ifdef HAVE_SELINUX + if (isSELinuxDisabled) + return true; + + const char *file = const_cast<char *>(env->GetStringUTFChars(pathname, NULL)); + int ret = selinux_android_restorecon(file); + env->ReleaseStringUTFChars(pathname, file); + return (ret == 0); +#else + return true; +#endif + } + + /* * JNI registration. */ static JNINativeMethod method_table[] = { @@ -472,6 +510,7 @@ namespace android { { "getPidContext" , "(I)Ljava/lang/String;" , (void*)getPidCon }, { "isSELinuxEnforced" , "()Z" , (void*)isSELinuxEnforced}, { "isSELinuxEnabled" , "()Z" , (void*)isSELinuxEnabled }, + { "native_restorecon" , "(Ljava/lang/String;)Z" , (void*)native_restorecon}, { "setBooleanValue" , "(Ljava/lang/String;Z)Z" , (void*)setBooleanValue }, { "setFileContext" , "(Ljava/lang/String;Ljava/lang/String;)Z" , (void*)setFileCon }, { "setFSCreateContext" , "(Ljava/lang/String;)Z" , (void*)setFSCreateCon }, |