Replace SEAndroid with SELinux. (bd19b9ee) · Commits · e / os / android_frameworks_base

core/java/android/os/Process.java

+2 −2

core/java/com/android/internal/os/ZygoteConnection.java

+3 −3

Original line number	Original line	Diff line number	Diff line
	@@ -803,7 +803,7 @@ class ZygoteConnection {
	}		}

	/**		/**
	* Applies zygote security policy for SEAndroid information.		* Applies zygote security policy for SELinux information.
	*		*
	* @param args non-null; zygote spawner arguments		* @param args non-null; zygote spawner arguments
	* @param peer non-null; peer credentials		* @param peer non-null; peer credentials
	@@ -822,7 +822,7 @@ class ZygoteConnection {
	if (!(peerUid == 0 \|\| peerUid == Process.SYSTEM_UID)) {		if (!(peerUid == 0 \|\| peerUid == Process.SYSTEM_UID)) {
	// All peers with UID other than root or SYSTEM_UID		// All peers with UID other than root or SYSTEM_UID
	throw new ZygoteSecurityException(		throw new ZygoteSecurityException(
	"This UID may not specify SEAndroid info.");		"This UID may not specify SELinux info.");
	}		}

	boolean allowed = SELinux.checkSELinuxAccess(peerSecurityContext,		boolean allowed = SELinux.checkSELinuxAccess(peerSecurityContext,
	@@ -831,7 +831,7 @@ class ZygoteConnection {
	"specifyseinfo");		"specifyseinfo");
	if (!allowed) {		if (!allowed) {
	throw new ZygoteSecurityException(		throw new ZygoteSecurityException(
	"Peer may not specify SEAndroid info");		"Peer may not specify SELinux info");
	}		}

	return;		return;

Original line number	Original line	Diff line number	Diff line
	@@ -374,7 +374,7 @@ public class Process {
	* @param gids Additional group-ids associated with the process.		* @param gids Additional group-ids associated with the process.
	* @param debugFlags Additional flags.		* @param debugFlags Additional flags.
	* @param targetSdkVersion The target SDK version for the app.		* @param targetSdkVersion The target SDK version for the app.
	* @param seInfo null-ok SE Android information for the new process.		* @param seInfo null-ok SELinux information for the new process.
	* @param zygoteArgs Additional arguments to supply to the zygote process.		* @param zygoteArgs Additional arguments to supply to the zygote process.
	*		*
	* @return An object that describes the result of the attempt to start the process.		* @return An object that describes the result of the attempt to start the process.
	@@ -554,7 +554,7 @@ public class Process {
	* new process should setgroup() to.		* new process should setgroup() to.
	* @param debugFlags Additional flags.		* @param debugFlags Additional flags.
	* @param targetSdkVersion The target SDK version for the app.		* @param targetSdkVersion The target SDK version for the app.
	* @param seInfo null-ok SE Android information for the new process.		* @param seInfo null-ok SELinux information for the new process.
	* @param extraArgs Additional arguments to supply to the zygote process.		* @param extraArgs Additional arguments to supply to the zygote process.
	* @return An object that describes the result of the attempt to start the process.		* @return An object that describes the result of the attempt to start the process.
	* @throws ZygoteStartFailedEx if process start failed for any reason		* @throws ZygoteStartFailedEx if process start failed for any reason