Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 6da39a44 authored by Jeff Sharkey's avatar Jeff Sharkey Committed by Jeff Sharkey
Browse files

Add property to force restorecon to run. 

As an optimization, we typically only run restorecon when
seapp_contexts changes.  This CL checks a property that can be used
to always force a restorecon to help investigate boot timing.

Bug: 30213213
Change-Id: I4d65c1a4e4a0830ef4a32cd2fae1d3ab188b65cc
parent 41941689

services/core/java/com/android/server/pm/SELinuxMMAC.java

+8 −0
Original line number Diff line number Diff line
@@ -19,6 +19,7 @@ package com.android.server.pm; 
import android.content.pm.PackageParser;

import android.content.pm.Signature;

import android.os.Environment;

import android.os.SystemProperties;

import android.system.ErrnoException;

import android.system.Os;

import android.system.OsConstants;
@@ -64,6 +65,8 @@ public final class SELinuxMMAC { 
    // to synchronize access during policy load and access attempts.

    private static List<Policy> sPolicies = new ArrayList<>();



    private static final String PROP_FORCE_RESTORECON = "sys.force_restorecon";



    /** Path to version on rootfs */

    private static final File VERSION_FILE = new File("/selinux_version");
@@ -322,6 +325,11 @@ public final class SELinuxMMAC { 
     * @return Returns true if the restorecon should occur or false otherwise.

     */

    public static boolean isRestoreconNeeded(File file) {

        // To investigate boot timing, allow a property to always force restorecon

        if (SystemProperties.getBoolean(PROP_FORCE_RESTORECON, false)) {

            return true;

        }



        try {

            final byte[] buf = new byte[20];

            final int len = Os.getxattr(file.getAbsolutePath(), XATTR_SEAPP_HASH, buf);