diff options
| author | Nick Kralevich <nnk@google.com> | 2014-06-03 16:17:52 +0000 |
|---|---|---|
| committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2014-06-03 16:17:52 +0000 |
| commit | 82015d4f127219700992f8800118fd9c388e3c99 (patch) | |
| tree | 366a42efaf2054f72e72b3be7b56dcedeea3d1ad | |
| parent | 4e26c95a6363da4885bb9178c9d42c273b357043 (diff) | |
| parent | f3c85b2488529404a170a28f9bc72538b1ace97d (diff) | |
| download | system_core-82015d4f127219700992f8800118fd9c388e3c99.zip system_core-82015d4f127219700992f8800118fd9c388e3c99.tar.gz system_core-82015d4f127219700992f8800118fd9c388e3c99.tar.bz2 | |
Merge "Only allow disabling SELinux on userdebug / eng builds"
| -rw-r--r-- | init/Android.mk | 2 | ||||
| -rw-r--r-- | init/init.c | 4 |
2 files changed, 5 insertions, 1 deletions
diff --git a/init/Android.mk b/init/Android.mk index 15a23be..489dc93 100644 --- a/init/Android.mk +++ b/init/Android.mk @@ -25,7 +25,7 @@ LOCAL_CFLAGS += -DBOOTCHART=1 endif ifneq (,$(filter userdebug eng,$(TARGET_BUILD_VARIANT))) -LOCAL_CFLAGS += -DALLOW_LOCAL_PROP_OVERRIDE=1 +LOCAL_CFLAGS += -DALLOW_LOCAL_PROP_OVERRIDE=1 -DALLOW_DISABLE_SELINUX=1 endif # Enable ueventd logging diff --git a/init/init.c b/init/init.c index 7ba25dc..c79929b 100644 --- a/init/init.c +++ b/init/init.c @@ -868,6 +868,7 @@ void selinux_init_all_handles(void) static bool selinux_is_disabled(void) { +#ifdef ALLOW_DISABLE_SELINUX char tmp[PROP_VALUE_MAX]; if (access("/sys/fs/selinux", F_OK) != 0) { @@ -881,12 +882,14 @@ static bool selinux_is_disabled(void) /* SELinux is compiled into the kernel, but we've been told to disable it. */ return true; } +#endif return false; } static bool selinux_is_enforcing(void) { +#ifdef ALLOW_DISABLE_SELINUX char tmp[PROP_VALUE_MAX]; if (property_get("ro.boot.selinux", tmp) == 0) { @@ -903,6 +906,7 @@ static bool selinux_is_enforcing(void) ERROR("SELinux: Unknown value of ro.boot.selinux. Got: \"%s\". Assuming enforcing.\n", tmp); } +#endif return true; } |