Loading core/java/android/os/SELinux.java +27 −0 Original line number Diff line number Diff line Loading @@ -193,4 +193,31 @@ public class SELinux { return false; } } /** * Gets the genfs labels version of the vendor. The genfs labels version is * specified in {@code /vendor/etc/selinux/genfs_labels_version.txt}. The * version follows the VINTF version format "YYYYMM" and affects how {@code * genfs_contexts} entries are applied. * * <p>The genfs labels version indicates changes in the SELinux labeling * scheme over time. For example: * <ul> * <li>For version 202504 and later, {@code /sys/class/udc} is labeled as * {@code sysfs_udc}. * <li>For version 202404 and earlier, {@code /sys/class/udc} is labeled * as {@code sysfs}. * </ul> * Check {@code /system/etc/selinux/plat_sepolicy_genfs_{version}.cil} to * see which labels are new in {version}. * * <p>Older vendors may override {@code genfs_contexts} with vendor-specific * extensions. The framework must not break such labellings to maintain * compatibility with such vendors, by checking the genfs labels version and * implementing a fallback mechanism. * * @return an integer representing the genfs labels version of /vendor, in * the format YYYYMM. */ public static final native int getGenfsLabelsVersion(); } core/jni/Android.bp +1 −0 Original line number Diff line number Diff line Loading @@ -287,6 +287,7 @@ cc_library_shared_for_libandroid_runtime { "libasync_safe", "libbinderthreadstateutils", "libdmabufinfo", "libgenfslabelsversion.ffi", "libgui_window_info_static", "libkernelconfigs", "libnativehelper_lazy", Loading core/jni/android_os_SELinux.cpp +22 −8 Original line number Diff line number Diff line Loading @@ -18,18 +18,19 @@ #include <errno.h> #include <fcntl.h> #include <genfslabelsversion.h> #include <nativehelper/JNIPlatformHelp.h> #include <nativehelper/ScopedLocalRef.h> #include <nativehelper/ScopedUtfChars.h> #include <utils/Log.h> #include <nativehelper/JNIPlatformHelp.h> #include "jni.h" #include <atomic> #include <memory> #include "core_jni_helpers.h" #include "selinux/selinux.h" #include "jni.h" #include "selinux/android.h" #include <memory> #include <atomic> #include <nativehelper/ScopedLocalRef.h> #include <nativehelper/ScopedUtfChars.h> #include "selinux/selinux.h" namespace android { namespace { Loading Loading @@ -403,9 +404,20 @@ static jboolean native_restorecon(JNIEnv *env, jobject, jstring pathnameStr, jin return (ret == 0); } /* * Function: getGenfsLabelsVersion * Purpose: get which genfs labels version /vendor uses * Returns: int: genfs labels version of /vendor * Exceptions: none */ static jint getGenfsLabelsVersion(JNIEnv *, jclass) { return get_genfs_labels_version(); } /* * JNI registration. */ // clang-format off static const JNINativeMethod method_table[] = { /* name, signature, funcPtr */ { "checkSELinuxAccess" , "(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)Z" , (void*)checkSELinuxAccess }, Loading @@ -420,7 +432,9 @@ static const JNINativeMethod method_table[] = { { "setFileContext" , "(Ljava/lang/String;Ljava/lang/String;)Z" , (void*)setFileCon }, { "setFSCreateContext" , "(Ljava/lang/String;)Z" , (void*)setFSCreateCon }, { "fileSelabelLookup" , "(Ljava/lang/String;)Ljava/lang/String;" , (void*)fileSelabelLookup}, { "getGenfsLabelsVersion" , "()I" , (void *)getGenfsLabelsVersion}, }; // clang-format on static int log_callback(int type, const char *fmt, ...) { va_list ap; Loading Loading
core/java/android/os/SELinux.java +27 −0 Original line number Diff line number Diff line Loading @@ -193,4 +193,31 @@ public class SELinux { return false; } } /** * Gets the genfs labels version of the vendor. The genfs labels version is * specified in {@code /vendor/etc/selinux/genfs_labels_version.txt}. The * version follows the VINTF version format "YYYYMM" and affects how {@code * genfs_contexts} entries are applied. * * <p>The genfs labels version indicates changes in the SELinux labeling * scheme over time. For example: * <ul> * <li>For version 202504 and later, {@code /sys/class/udc} is labeled as * {@code sysfs_udc}. * <li>For version 202404 and earlier, {@code /sys/class/udc} is labeled * as {@code sysfs}. * </ul> * Check {@code /system/etc/selinux/plat_sepolicy_genfs_{version}.cil} to * see which labels are new in {version}. * * <p>Older vendors may override {@code genfs_contexts} with vendor-specific * extensions. The framework must not break such labellings to maintain * compatibility with such vendors, by checking the genfs labels version and * implementing a fallback mechanism. * * @return an integer representing the genfs labels version of /vendor, in * the format YYYYMM. */ public static final native int getGenfsLabelsVersion(); }
core/jni/Android.bp +1 −0 Original line number Diff line number Diff line Loading @@ -287,6 +287,7 @@ cc_library_shared_for_libandroid_runtime { "libasync_safe", "libbinderthreadstateutils", "libdmabufinfo", "libgenfslabelsversion.ffi", "libgui_window_info_static", "libkernelconfigs", "libnativehelper_lazy", Loading
core/jni/android_os_SELinux.cpp +22 −8 Original line number Diff line number Diff line Loading @@ -18,18 +18,19 @@ #include <errno.h> #include <fcntl.h> #include <genfslabelsversion.h> #include <nativehelper/JNIPlatformHelp.h> #include <nativehelper/ScopedLocalRef.h> #include <nativehelper/ScopedUtfChars.h> #include <utils/Log.h> #include <nativehelper/JNIPlatformHelp.h> #include "jni.h" #include <atomic> #include <memory> #include "core_jni_helpers.h" #include "selinux/selinux.h" #include "jni.h" #include "selinux/android.h" #include <memory> #include <atomic> #include <nativehelper/ScopedLocalRef.h> #include <nativehelper/ScopedUtfChars.h> #include "selinux/selinux.h" namespace android { namespace { Loading Loading @@ -403,9 +404,20 @@ static jboolean native_restorecon(JNIEnv *env, jobject, jstring pathnameStr, jin return (ret == 0); } /* * Function: getGenfsLabelsVersion * Purpose: get which genfs labels version /vendor uses * Returns: int: genfs labels version of /vendor * Exceptions: none */ static jint getGenfsLabelsVersion(JNIEnv *, jclass) { return get_genfs_labels_version(); } /* * JNI registration. */ // clang-format off static const JNINativeMethod method_table[] = { /* name, signature, funcPtr */ { "checkSELinuxAccess" , "(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)Z" , (void*)checkSELinuxAccess }, Loading @@ -420,7 +432,9 @@ static const JNINativeMethod method_table[] = { { "setFileContext" , "(Ljava/lang/String;Ljava/lang/String;)Z" , (void*)setFileCon }, { "setFSCreateContext" , "(Ljava/lang/String;)Z" , (void*)setFSCreateCon }, { "fileSelabelLookup" , "(Ljava/lang/String;)Ljava/lang/String;" , (void*)fileSelabelLookup}, { "getGenfsLabelsVersion" , "()I" , (void *)getGenfsLabelsVersion}, }; // clang-format on static int log_callback(int type, const char *fmt, ...) { va_list ap; Loading
