openkylin
/
platform_system_core
mirror of https://gitee.com/openkylin/platform_system_core.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge "Leftovers of the SELinux policy update mechanism" am: b9c0788806 

am: 0af61f0024

* commit '0af61f0024d137e7a2f1ac0d9e002711cd01092c':
  Leftovers of the SELinux policy update mechanism
This commit is contained in:
Janis Danisevskis 2016-03-13 14:55:12 +00:00 committed by android-build-merger
parent dfe4b7a9df 0af61f0024
commit bae1efe500
4 changed files with 1 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
init/init.cpp
View File

@ -460,24 +460,6 @@ static bool selinux_is_enforcing(void)
return true;
}
int selinux_reload_policy(void)
{
INFO("SELinux: Attempting to reload policy files\n");
if (selinux_android_reload_policy() == -1) {
return -1;
}
if (sehandle)
selabel_close(sehandle);
if (sehandle_prop)
selabel_close(sehandle_prop);
selinux_init_all_handles();
return 0;
}
static int audit_callback(void *data, security_class_t /*cls*/, char *buf, size_t len) {
property_audit_data *d = reinterpret_cast<property_audit_data*>(data);

2
init/init.h
View File

@ -35,8 +35,6 @@ void handle_control_message(const std::string& msg, const std::string& arg);
void property_changed(const char *name, const char *value);
int selinux_reload_policy(void);
void register_epoll_handler(int fd, void (*fn)());
int add_environment(const char* key, const char* val);

6
init/property_service.cpp
View File

@ -175,11 +175,7 @@ static int property_set_impl(const char* name, const char* value) {
if (!is_legal_property_name(name, namelen)) return -1;
if (valuelen >= PROP_VALUE_MAX) return -1;
if (strcmp("selinux.reload_policy", name) == 0 && strcmp("1", value) == 0) {
if (selinux_reload_policy() != 0) {
ERROR("Failed to reload policy\n");
}
} else if (strcmp("selinux.restorecon_recursive", name) == 0 && valuelen > 0) {
if (strcmp("selinux.restorecon_recursive", name) == 0 && valuelen > 0) {
if (restorecon_recursive(value) != 0) {
ERROR("Failed to restorecon_recursive %s\n", value);
}

6
rootdir/init.rc
View File

@ -413,9 +413,6 @@ on post-fs-data
rm /data/bugreports
symlink /data/user_de/0/com.android.shell/files/bugreports /data/bugreports
# Separate location for storing security policy files on data
mkdir /data/security 0711 system system
# Create all remaining /data root dirs so that they are made through init
# and get proper encryption policy installed
mkdir /data/backup 0700 system system
@ -439,9 +436,6 @@ on post-fs-data
init_user0
# Reload policy from /data/security if present.
setprop selinux.reload_policy 1
# Set SELinux security contexts on upgrade or policy update.
restorecon_recursive /data