Google Git
Sign in
ara-mdk / platform / external / libselinux / 7446c917148c778315e511ad5c990492d3c8cdb8^! / .
commit7446c917148c778315e511ad5c990492d3c8cdb8[log] [tgz]
authorStephen Smalley <sds@tycho.nsa.gov>Mon Mar 19 10:37:05 2012 -0400
committerStephen Smalley <sds@tycho.nsa.gov>Mon Mar 19 10:37:05 2012 -0400
tree76bea8a7d514f4926baae6aac790d7385dd38158
parent0ca91b300c711079816fa67b4148cac3cd1eef8c [diff]
Add selinux_android_seapp_context_reload() to support reloading of
seapp_contexts configuration upon updates, and introduce support for
loading it from /data/system or /.

diff --git a/include/selinux/android.h b/include/selinux/android.h
index 31d5d75..df3abc3 100644
--- a/include/selinux/android.h
+++ b/include/selinux/android.h

@@ -19,6 +19,8 @@
 
 extern int selinux_android_restorecon(const char *file);
 
+extern int selinux_android_seapp_context_reload(void);
+
 #ifdef __cplusplus
 }
 #endif

diff --git a/src/android.c b/src/android.c
index 89a576c..21741bf 100644
--- a/src/android.c
+++ b/src/android.c

@@ -23,10 +23,14 @@
  * setting credentials for app processes and setting permissions
  * on app data directories.
  */
-#define SEAPP_CONTEXTS "/seapp_contexts"
+static char const * const seapp_contexts_file[] = {
+	"/data/system/seapp_contexts",
+	"/seapp_contexts",
+	0 };
 
 #define FILE_CONTEXTS "/file_contexts"
 
+
 struct seapp_context {
 	/* input selectors */
 	char isSystemServer;
@@ -86,21 +90,23 @@
 static struct seapp_context **seapp_contexts = NULL;
 static int nspec = 0;
 
-static void seapp_context_init(void)
+int selinux_android_seapp_context_reload(void)
 {
-	FILE *fp;
+	FILE *fp = NULL;
 	char line_buf[BUFSIZ];
-	const char *path = SEAPP_CONTEXTS;
 	char *token;
 	unsigned lineno;
 	struct seapp_context *cur;
 	char *p, *name = NULL, *value = NULL, *saveptr;
 	size_t len;
+	int i = 0, ret;
 
-	fp = fopen(path, "r");
+	while ((fp==NULL) && seapp_contexts_file[i])
+		fp = fopen(seapp_contexts_file[i++], "r");
+
 	if (!fp) {
-		selinux_log(SELINUX_ERROR, "%s:  could not open %s", __FUNCTION__, path);
-		return;
+		selinux_log(SELINUX_ERROR, "%s:  could not open any seapp_contexts file", __FUNCTION__);
+		return -1;
 	}
 
 	nspec = 0;
@@ -219,20 +225,30 @@
 	}
 #endif
 
+	ret = 0;
+
 out:
 	fclose(fp);
-	return;
+	return ret;
 
 err:
 	selinux_log(SELINUX_ERROR, "%s:  Error reading %s, line %u, name %s, value %s\n",
-		    __FUNCTION__, path, lineno, name, value);
+		    __FUNCTION__, seapp_contexts_file[i - 1], lineno, name, value);
+	ret = -1;
 	goto out;
 oom:
 	selinux_log(SELINUX_ERROR, 
 		    "%s:  Out of memory\n", __FUNCTION__);
+	ret = -1;
 	goto out;
 }
 
+
+static void seapp_context_init(void)
+{
+        selinux_android_seapp_context_reload();
+}
+
 static pthread_once_t once = PTHREAD_ONCE_INIT;
 
 int selinux_android_setfilecon(const char *pkgdir,