Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 6ea2698d authored by Tri Vo's avatar Tri Vo
Browse files

servicemanager: lookup service labels using "service" backend 

Type 0 actually corresponds file_contexts backend. Use type
SELABEL_CTX_ANDROID_SERVICE instead.
https://android.googlesource.com/platform/external/libselinux/+/d4828b3ba449355aa2d1751026e5f1d1129cedcf/include/selinux/label.h#27

Test: boot cuttlefish; no denials to any service
Change-Id: I1c33c31ecbd46168998606c3463837a9c6f39f3a
parent 56701ba8

cmds/servicemanager/Access.cpp

+1 −1
Original line number Diff line number Diff line
@@ -137,7 +137,7 @@ bool Access::actionAllowed(const CallingContext& sctx, const char* tctx, const c 


bool Access::actionAllowedFromLookup(const CallingContext& sctx, const std::string& name, const char *perm) {

    char *tctx = nullptr;

    if (selabel_lookup(getSehandle(), &tctx, name.c_str(), 0) != 0) {

    if (selabel_lookup(getSehandle(), &tctx, name.c_str(), SELABEL_CTX_ANDROID_SERVICE) != 0) {

        LOG(ERROR) << "SELinux: No match for " << name << " in service_contexts.\n";

        return false;

    }