Handle policy reloads within installd rather than restarting it.

Restarting installd upon policy reloads has reportedly caused
stability problems for some users.  Stop restarting installd
and instead handle policy reloads within it.

Change-Id: I697a736d8e414cfc6cfa131ed7b97c7f7694d022
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

1 files changed, 11 insertions, 0 deletions

diff --git a/cmds/installd/installd.c b/cmds/installd/installd.c
index c918633..83b2b4e 100644
--- a/cmds/installd/installd.c
+++ b/cmds/installd/installd.c
@@ -16,6 +16,8 @@
 
 #include <sys/capability.h>
 #include <linux/prctl.h>
+#include <selinux/android.h>
+#include <selinux/avc.h>
 
 #include "installd.h"
 
@@ -525,6 +527,7 @@ int main(const int argc, const char *argv[]) {
     struct sockaddr addr;
     socklen_t alen;
     int lsocket, s, count;
+    int selinux_enabled = (is_selinux_enabled() > 0);
 
     ALOGI("installd firing up\n");
 
@@ -538,6 +541,11 @@ int main(const int argc, const char *argv[]) {
         exit(1);
     }
 
+    if (selinux_enabled && selinux_status_open(true) < 0) {
+        ALOGE("Could not open selinux status; exiting.\n");
+        exit(1);
+    }
+
     drop_privileges();
 
     lsocket = android_get_control_socket(SOCKET_PATH);
@@ -576,6 +584,9 @@ int main(const int argc, const char *argv[]) {
                 break;
             }
             buf[count] = 0;
+            if (selinux_enabled && selinux_status_updated() > 0) {
+                selinux_android_seapp_context_reload();
+            }
             if (execute(s, buf)) break;
         }
         ALOGI("closing connection\n");