Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 504022bd authored by Dees Troy's avatar Dees Troy Committed by Gerrit Code Review
Browse files

Merge "add fix /data/data contexts to fixPermissions only compile symbols if... 

Merge "add fix /data/data contexts to fixPermissions only compile symbols if selinux is defined Change-Id: I7c8596360cdf2f715c8e1379fc55ea27d9370393" into android-4.4
parents 06b91e79 872a3b92

fixPermissions.cpp

+58 −1
Original line number Diff line number Diff line
@@ -30,10 +30,63 @@ 
#include "fixPermissions.hpp"

#include "twrp-functions.hpp"

#include "twcommon.h"

#ifdef HAVE_SELINUX

#include "selinux/selinux.h"

#include "selinux/label.h"

#include "selinux/android.h"

#include "selinux/label.h"

#endif



using namespace std;

using namespace rapidxml;



#ifdef HAVE_SELINUX

int fixPermissions::restorecon(string entry, struct stat *sb) {

	char *oldcontext, *newcontext;

	struct selabel_handle *sehandle;



	sehandle = selinux_android_file_context_handle();

	if (lgetfilecon(entry.c_str(), &oldcontext) < 0) {

		LOGINFO("Couldn't get selinux context for %s\n", entry.c_str());

		return -1;

	}

	if (selabel_lookup(sehandle, &newcontext, entry.c_str(), sb->st_mode) < 0) {

		LOGINFO("Couldn't lookup selinux context for %s\n", entry.c_str());

		return -1;

	}

	LOGINFO("Relabeling %s from %s to %s\n", entry.c_str(), oldcontext, newcontext);

	if (lsetfilecon(entry.c_str(), newcontext) < 0) {

		LOGINFO("Couldn't label %s with %s: %s\n", entry.c_str(), newcontext, strerror(errno));

	}

	freecon(oldcontext);

	freecon(newcontext);

	return 0;

}



int fixPermissions::fixDataDataContexts(void) {

	DIR *d;

	struct dirent *de;

	struct stat sb;

	struct selabel_handle *selinux_handle;

	struct selinux_opt selinux_options[] = {

		{ SELABEL_OPT_PATH, "/file_contexts" }

	};

	selinux_handle = selabel_open(SELABEL_CTX_FILE, selinux_options, 1);

	if (!selinux_handle)

		printf("No file contexts for SELinux\n");

	else

		printf("SELinux contexts loaded from /file_contexts\n");

	d = opendir("/data/data");

	while (( de = readdir(d)) != NULL) {

		stat(de->d_name, &sb);

		string f = "/data/data/";

		f = f + de->d_name;

		restorecon(f, &sb);

	}

	return 0;

}

#endif



int fixPermissions::fixPerms(bool enable_debug, bool remove_data_for_missing_apps) {

	packageFile = "/data/system/packages.xml";

	debug = enable_debug;
@@ -116,6 +169,10 @@ int fixPermissions::fixPerms(bool enable_debug, bool remove_data_for_missing_app 
			return -1;

		}

	}

	#ifdef HAVE_SELINUX

	gui_print("Fixing /data/data contexts.\n");

	fixDataDataContexts();

	#endif

	gui_print("Done fixing permissions.\n");

	return 0;

}

fixPermissions.hpp

+3 −0
Original line number Diff line number Diff line
@@ -27,6 +27,9 @@ class fixPermissions { 
		int fixDataApps();

		int fixAllFiles(string directory, int gid, int uid, string file_perms);

		int fixDataData(string dataDir);

		int fixDataDataContexts(void);

		int restorecon(std::string entry, struct stat *sb);



		struct package {

			string pkgName;

			string codePath;