Call lsetfilecon directly in fixcon.
This avoids the spurious double-lookup from calling restorecon.
Bug: 8967715
Change-Id: I3e92804dca245501ca974bda7a0d7d1c459c58da
diff --git a/src/android.c b/src/android.c
index d156ea2..6f05ca8 100644
--- a/src/android.c
+++ b/src/android.c
@@ -691,7 +691,8 @@
static int file_requires_fixup(const char *pathname,
struct selabel_handle *sehandle_old,
- struct selabel_handle *sehandle_new)
+ struct selabel_handle *sehandle_new,
+ char **context)
{
int ret;
struct stat sb;
@@ -740,10 +741,10 @@
out:
if (current_context)
freecon(current_context);
- if (new_context)
- freecon(new_context);
if (old_context)
freecon(old_context);
+ if (new_context)
+ *context = new_context;
return ret;
}
@@ -752,14 +753,19 @@
struct selabel_handle *sehandle_new)
{
int requires_fixup;
+ char *new_context = NULL;
- requires_fixup = file_requires_fixup(pathname, sehandle_old, sehandle_new);
+ requires_fixup = file_requires_fixup(pathname, sehandle_old, sehandle_new, &new_context);
+
+ if (requires_fixup > 0)
+ lsetfilecon(pathname, new_context);
+
+ if (new_context)
+ freecon(new_context);
+
if (requires_fixup < 0)
return -1;
- if (requires_fixup)
- selinux_android_restorecon(pathname);
-
return 0;
}
