openkylin
/
platform_system_core
mirror of https://gitee.com/openkylin/platform_system_core.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

Label /vendor_file_contexts as file_contexts_file 

vendor_init doesn't have permissions to read rootfs labeled files, but
needs to read /vendor_file_contexts to do restorecon correctly.  This
file is a file_contexts file, so labeling it as such seems appropriate.

Test: bullhead + vendor_init doesn't hit this audit
Change-Id: I475e9735616c2426b9c7073700272f878ced2135
This commit is contained in:
Tom Cherry 2018-01-23 12:40:31 -08:00
parent f09649c231
commit af0a1f87b9
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
init/selinux.cpp
View File

@ -420,6 +420,7 @@ void SelinuxRestoreContext() {
selinux_android_restorecon("/plat_file_contexts", 0);
selinux_android_restorecon("/nonplat_file_contexts", 0);
selinux_android_restorecon("/vendor_file_contexts", 0);
selinux_android_restorecon("/plat_property_contexts", 0);
selinux_android_restorecon("/nonplat_property_contexts", 0);
selinux_android_restorecon("/plat_seapp_contexts", 0);