From deb41e512760f9d18cb718b007ced367018b3667 Mon Sep 17 00:00:00 2001
From: Stephen Smalley <sds@tycho.nsa.gov>
Date: Tue, 1 Oct 2013 09:21:47 -0400
Subject: [PATCH] Set security context of /adb_keys and
 /data/misc/adb/adb_keys.

I97b3d86a69681330bba549491a2fb39df6cf20ef introduced a separate type
for the adb_keys file.  Set the security context of the adb_keys file
accordingly by adding restorecon commands to init.rc.

Change-Id: I30e4d2a1ae223a03eadee58a883c79932fff59fe
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
---
 rootdir/init.rc | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/rootdir/init.rc b/rootdir/init.rc
index 88dee1095..0d53ae181 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -16,6 +16,9 @@ on early-init
     # This should occur before anything else (e.g. ueventd) is started.
     setcon u:r:init:s0
 
+    # Set the security context of /adb_keys if present.
+    restorecon /adb_keys
+
     start ueventd
 
 # create mountpoints
@@ -208,6 +211,10 @@ on post-fs-data
     mkdir /data/local 0751 root root
     mkdir /data/misc/media 0700 media media
 
+    # Set security context of any pre-existing /data/misc/adb/adb_keys file.
+    restorecon /data/misc/adb
+    restorecon /data/misc/adb/adb_keys
+
     # For security reasons, /data/local/tmp should always be empty.
     # Do not place files or directories in /data/local/tmp
     mkdir /data/local/tmp 0771 shell shell