summaryrefslogtreecommitdiffstats
path: root/init
diff options
context:
space:
mode:
authorrepo sync <gcondra@google.com>2013-05-17 12:46:00 -0700
committerrepo sync <gcondra@google.com>2013-05-17 12:46:00 -0700
commit52351300d156826bf22c493828571f45a1cea16a (patch)
treec59262e650b62b83efa96eacf84b147d0f52379a /init
parent921be8b6568df0057c4eacbac2e1022b71e09620 (diff)
downloadsystem_core-52351300d156826bf22c493828571f45a1cea16a.zip
system_core-52351300d156826bf22c493828571f45a1cea16a.tar.gz
system_core-52351300d156826bf22c493828571f45a1cea16a.tar.bz2
Revert "Add a version check for SELinux policy on device."
This reverts commit 921be8b6568df0057c4eacbac2e1022b71e09620.
Diffstat (limited to 'init')
-rwxr-xr-xinit/init.c59
1 files changed, 0 insertions, 59 deletions
diff --git a/init/init.c b/init/init.c
index 853762b..fc8ff20 100755
--- a/init/init.c
+++ b/init/init.c
@@ -61,9 +61,6 @@
struct selabel_handle *sehandle;
struct selabel_handle *sehandle_prop;
-#define SELINUX_DATA_POLICY_VERSION_PATH "/data/security/bundle/metadata/version"
-#define SELINUX_BOOT_POLICY_VERSION_PATH "/sepolicy.version"
-
static int property_triggers_enabled = 0;
#if BOOTCHART
@@ -777,58 +774,6 @@ void selinux_init_all_handles(void)
sehandle_prop = selinux_android_prop_context_handle();
}
-static int selinux_read_version_file(char *version_file_path)
-{
- unsigned version_string_length = 0;
- unsigned characters_consumed = 0;
- int policy_version = 0;
- char *version_string;
-
- version_string = read_file(version_file_path, &version_string_length);
- if (version_string == NULL)
- return -1;
-
- sscanf(version_string, "%d%n", &policy_version, &characters_consumed);
- free(version_string);
-
- if (characters_consumed != (version_string_length - 1))
- return -1;
-
- return policy_version;
-}
-
-static int selinux_check_policy_version(void)
-{
- int data_policy_version = 0;
- int boot_policy_version = 0;
-
- // get the policy version for the sepolicy on the data partition
- // fail open to allow the existing policy to relabel
- data_policy_version = selinux_read_version_file(SELINUX_DATA_POLICY_VERSION_PATH);
- if (data_policy_version < 0) {
- INFO("Couldn't read data policy version file");
- return 0;
- }
-
- // get the policy version for the sepolicy on the boot partition
- // fail open to allow devices without an sepolicy.version to update
- boot_policy_version = selinux_read_version_file(SELINUX_BOOT_POLICY_VERSION_PATH);
- if (boot_policy_version < 0) {
- INFO("Couldn't read boot policy version file");
- return 0;
- }
-
- // return an error if the "updated" policy is too old
- if (data_policy_version <= boot_policy_version) {
- ERROR("SELinux: data policy version (%d) <= factory policy version (%d)",
- data_policy_version,
- boot_policy_version);
- return -1;
- }
-
- return 0;
-}
-
int selinux_reload_policy(void)
{
if (!selinux_enabled) {
@@ -837,10 +782,6 @@ int selinux_reload_policy(void)
INFO("SELinux: Attempting to reload policy files\n");
- if (selinux_check_policy_version() == -1) {
- return -1;
- }
-
if (selinux_android_reload_policy() == -1) {
return -1;
}