Merge "Leftovers of the SELinux policy update mechanism"

am: b9c0788806 * commit 'b9c078880644b51bc9e6c314eed157f230fce43c': Leftovers of the SELinux policy update mechanism
2016-03-13 14:53:00 +00:00 · 2016-03-13 14:53:00 +00:00 · 0af61f0024
parent 64d413499b b9c0788806
commit 0af61f0024
4 changed files with 1 additions and 31 deletions
--- a/init/init.cpp
+++ b/init/init.cpp
@ -460,24 +460,6 @@ static bool selinux_is_enforcing(void)
    return true;
 }

-int selinux_reload_policy(void)
-{
-    INFO("SELinux: Attempting to reload policy files\n");
-
-    if (selinux_android_reload_policy() == -1) {
-        return -1;
-    }
-
-    if (sehandle)
-        selabel_close(sehandle);
-
-    if (sehandle_prop)
-        selabel_close(sehandle_prop);
-
-    selinux_init_all_handles();
-    return 0;
-}
-
 static int audit_callback(void *data, security_class_t /*cls*/, char *buf, size_t len) {

    property_audit_data *d = reinterpret_cast<property_audit_data*>(data);
--- a/init/init.h
+++ b/init/init.h
@ -35,8 +35,6 @@ void handle_control_message(const std::string& msg, const std::string& arg);

 void property_changed(const char *name, const char *value);

-int selinux_reload_policy(void);
-
 void register_epoll_handler(int fd, void (*fn)());

 int add_environment(const char* key, const char* val);
--- a/init/property_service.cpp
+++ b/init/property_service.cpp
@ -175,11 +175,7 @@ static int property_set_impl(const char* name, const char* value) {
    if (!is_legal_property_name(name, namelen)) return -1;
    if (valuelen >= PROP_VALUE_MAX) return -1;

-    if (strcmp("selinux.reload_policy", name) == 0 && strcmp("1", value) == 0) {
-        if (selinux_reload_policy() != 0) {
-            ERROR("Failed to reload policy\n");
-        }
-    } else if (strcmp("selinux.restorecon_recursive", name) == 0 && valuelen > 0) {
+    if (strcmp("selinux.restorecon_recursive", name) == 0 && valuelen > 0) {
        if (restorecon_recursive(value) != 0) {
            ERROR("Failed to restorecon_recursive %s\n", value);
        }
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@ -412,9 +412,6 @@ on post-fs-data
    rm /data/bugreports
    symlink /data/user_de/0/com.android.shell/files/bugreports /data/bugreports

-    # Separate location for storing security policy files on data
-    mkdir /data/security 0711 system system
-
    # Create all remaining /data root dirs so that they are made through init
    # and get proper encryption policy installed
    mkdir /data/backup 0700 system system
@ -438,9 +435,6 @@ on post-fs-data

    init_user0

-    # Reload policy from /data/security if present.
-    setprop selinux.reload_policy 1
-
    # Set SELinux security contexts on upgrade or policy update.
    restorecon_recursive /data