diff options
author | Robert Craig <rpcraig@tycho.ncsc.mil> | 2013-03-25 06:33:03 -0400 |
---|---|---|
committer | repo sync <gcondra@google.com> | 2013-03-25 17:37:51 -0700 |
commit | 4d3fd4e9988c0eb284dd5104c4dea757f723c716 (patch) | |
tree | 45de0dc04251dfa503ca7a9c1be1e43f84ea0f8c | |
parent | 0046d9614a57fe4f4e49692570810d424b1f4fe4 (diff) | |
download | frameworks_native-4d3fd4e9988c0eb284dd5104c4dea757f723c716.zip frameworks_native-4d3fd4e9988c0eb284dd5104c4dea757f723c716.tar.gz frameworks_native-4d3fd4e9988c0eb284dd5104c4dea757f723c716.tar.bz2 |
Add seinfo parsing to PackageManagerService.
This patch set allows the PMS to parse the
mac_permissions.xml file which contains the
seinfo values. Each package that is installed
on the device will be assigned an seinfo value
based on policy. This seinfo value will help label
the app process and data directory. Modifications
include adjustments to ApplicationInfo.java
to store the seinfo tag per package as well as
adjustments to installd to communicate the seinfo
tag to libselinux.
Change-Id: I61ad1ea12fb6a9a6d0b108ec163bc4bf4c954b58
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
-rw-r--r-- | cmds/installd/commands.c | 4 | ||||
-rw-r--r-- | cmds/installd/installd.c | 4 | ||||
-rw-r--r-- | cmds/installd/installd.h | 2 |
3 files changed, 5 insertions, 5 deletions
diff --git a/cmds/installd/commands.c b/cmds/installd/commands.c index a58eca8..e544be7 100644 --- a/cmds/installd/commands.c +++ b/cmds/installd/commands.c @@ -28,7 +28,7 @@ dir_rec_t android_app_lib_dir; dir_rec_t android_media_dir; dir_rec_array_t android_system_dirs; -int install(const char *pkgname, uid_t uid, gid_t gid) +int install(const char *pkgname, uid_t uid, gid_t gid, const char *seinfo) { char pkgdir[PKG_PATH_MAX]; char libsymlink[PKG_PATH_MAX]; @@ -91,7 +91,7 @@ int install(const char *pkgname, uid_t uid, gid_t gid) return -1; } - if (selinux_android_setfilecon(pkgdir, pkgname, uid) < 0) { + if (selinux_android_setfilecon2(pkgdir, pkgname, seinfo, uid) < 0) { ALOGE("cannot setfilecon dir '%s': %s\n", pkgdir, strerror(errno)); unlink(libsymlink); unlink(pkgdir); diff --git a/cmds/installd/installd.c b/cmds/installd/installd.c index f81dfe5..230899b 100644 --- a/cmds/installd/installd.c +++ b/cmds/installd/installd.c @@ -31,7 +31,7 @@ static int do_ping(char **arg, char reply[REPLY_MAX]) static int do_install(char **arg, char reply[REPLY_MAX]) { - return install(arg[0], atoi(arg[1]), atoi(arg[2])); /* pkgname, uid, gid */ + return install(arg[0], atoi(arg[1]), atoi(arg[2]), arg[3]); /* pkgname, uid, gid, seinfo */ } static int do_dexopt(char **arg, char reply[REPLY_MAX]) @@ -129,7 +129,7 @@ struct cmdinfo { struct cmdinfo cmds[] = { { "ping", 0, do_ping }, - { "install", 3, do_install }, + { "install", 4, do_install }, { "dexopt", 3, do_dexopt }, { "movedex", 2, do_move_dex }, { "rmdex", 1, do_rm_dex }, diff --git a/cmds/installd/installd.h b/cmds/installd/installd.h index efd3aa7..033d5a3 100644 --- a/cmds/installd/installd.h +++ b/cmds/installd/installd.h @@ -192,7 +192,7 @@ int ensure_media_user_dirs(userid_t userid); /* commands.c */ -int install(const char *pkgname, uid_t uid, gid_t gid); +int install(const char *pkgname, uid_t uid, gid_t gid, const char *seinfo); int uninstall(const char *pkgname, uid_t persona); int renamepkg(const char *oldpkgname, const char *newpkgname); int fix_uid(const char *pkgname, uid_t uid, gid_t gid); |