Proper security labeling of multi-user data directories.

This patch covers 2 cases. When an app is installed and the resulting data directory is created for all existing users. And when a new user is created and all existing app data directories are created for the new user. Change-Id: Iacaba6d9d18d5337e65713960d14efe32006b330 Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
author: rpcraig <rpcraig@tycho.ncsc.mil> 2012-11-28 08:37:06 -0500
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> 2013-03-25 14:35:00 +0000
commit: 1e0c8e69891c89a86b2d9879e3c1985563a56f49 (patch)
tree: f3d2c545746860a3d38c0156a62626e24deb5f64 /services
parent: d3f8d0333cf4d9d2e47b5b082a6f70460adcf5ff (diff)
download: frameworks_base-1e0c8e69891c89a86b2d9879e3c1985563a56f49.zip
frameworks_base-1e0c8e69891c89a86b2d9879e3c1985563a56f49.tar.gz
frameworks_base-1e0c8e69891c89a86b2d9879e3c1985563a56f49.tar.bz2
3 files changed, 6 insertions, 3 deletions
diff --git a/services/java/com/android/server/pm/Installer.java b/services/java/com/android/server/pm/Installer.java
index ddb0d0b..6a071ef 100644
--- a/services/java/com/android/server/pm/Installer.java
+++ b/services/java/com/android/server/pm/Installer.java
@@ -265,7 +265,7 @@ public final class Installer {
         return execute(builder.toString());
     }
 
-    public int createUserData(String name, int uid, int userId) {
+    public int createUserData(String name, int uid, int userId, String seinfo) {
         StringBuilder builder = new StringBuilder("mkuserdata");
         builder.append(' ');
         builder.append(name);
@@ -273,6 +273,8 @@ public final class Installer {
         builder.append(uid);
         builder.append(' ');
         builder.append(userId);
+        builder.append(' ');
+        builder.append(seinfo != null ? seinfo : "!");
         return execute(builder.toString());
     }
 
diff --git a/services/java/com/android/server/pm/PackageManagerService.java b/services/java/com/android/server/pm/PackageManagerService.java
index 8102f2b..b8324ee 100644
--- a/services/java/com/android/server/pm/PackageManagerService.java
+++ b/services/java/com/android/server/pm/PackageManagerService.java
@@ -3596,7 +3596,7 @@ public class PackageManagerService extends IPackageManager.Stub {
         for (int user : users) {
             if (user != 0) {
                 res = mInstaller.createUserData(packageName,
-                        UserHandle.getUid(user, uid), user);
+                        UserHandle.getUid(user, uid), user, seinfo);
                 if (res < 0) {
                     return res;
                 }
diff --git a/services/java/com/android/server/pm/Settings.java b/services/java/com/android/server/pm/Settings.java
index 06f11bc..a472247 100644
--- a/services/java/com/android/server/pm/Settings.java
+++ b/services/java/com/android/server/pm/Settings.java
@@ -2337,7 +2337,8 @@ final class Settings {
             ps.setInstalled((ps.pkgFlags&ApplicationInfo.FLAG_SYSTEM) != 0, userHandle);
             // Need to create a data directory for all apps under this user.
             installer.createUserData(ps.name,
-                    UserHandle.getUid(userHandle, ps.appId), userHandle);
+                    UserHandle.getUid(userHandle, ps.appId), userHandle,
+                    ps.pkg.applicationInfo.seinfo);
         }
         readDefaultPreferredAppsLPw(userHandle);
         writePackageRestrictionsLPr(userHandle);
author	rpcraig <rpcraig@tycho.ncsc.mil>	2012-11-28 08:37:06 -0500
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	2013-03-25 14:35:00 +0000
commit	1e0c8e69891c89a86b2d9879e3c1985563a56f49 (patch)
tree	f3d2c545746860a3d38c0156a62626e24deb5f64 /services
parent	d3f8d0333cf4d9d2e47b5b082a6f70460adcf5ff (diff)
download	frameworks_base-1e0c8e69891c89a86b2d9879e3c1985563a56f49.zip frameworks_base-1e0c8e69891c89a86b2d9879e3c1985563a56f49.tar.gz frameworks_base-1e0c8e69891c89a86b2d9879e3c1985563a56f49.tar.bz2