am 3b2a9d22: Merge "Change when the SELinux relabel of /data/data occurs."

* commit '3b2a9d22794cb9f1c2a28884b5c3ba92ecc6ff96': Change when the SELinux relabel of /data/data occurs.
2014-03-31 20:14:37 +00:00
parent b11952d6f6 3b2a9d2279
commit e531e2ec6b
2 changed files with 21 additions and 9 deletions
--- a/services/java/com/android/server/pm/Installer.java
+++ b/services/java/com/android/server/pm/Installer.java
@ -397,7 +397,14 @@ public final class Installer {
        return execute(builder.toString());
    }

-    public boolean restoreconData() {
-        return (execute("restorecondata") == 0);
+    public boolean restoreconData(String pkgName, String seinfo, int uid) {
+        StringBuilder builder = new StringBuilder("restorecondata");
+        builder.append(' ');
+        builder.append(pkgName);
+        builder.append(' ');
+        builder.append(seinfo != null ? seinfo : "!");
+        builder.append(' ');
+        builder.append(uid);
+        return (execute(builder.toString()) == 0);
    }
 }
--- a/services/java/com/android/server/pm/PackageManagerService.java
+++ b/services/java/com/android/server/pm/PackageManagerService.java
@ -393,6 +393,9 @@ public class PackageManagerService extends IPackageManager.Stub {
    // If mac_permissions.xml was found for seinfo labeling.
    boolean mFoundPolicyFile;

+    // If a recursive restorecon of /data/data/<pkg> is needed.
+    private boolean mShouldRestoreconData = SELinuxMMAC.shouldRestorecon();
+
    // All available activities, for your resolving pleasure.
    final ActivityIntentResolver mActivities =
            new ActivityIntentResolver();
@ -1486,13 +1489,6 @@ public class PackageManagerService extends IPackageManager.Stub {
            // can downgrade to reader
            mSettings.writeLPr();

-            if (SELinuxMMAC.shouldRestorecon()) {
-                Slog.i(TAG, "Relabeling of /data/data and /data/user issued.");
-                if (mInstaller.restoreconData()) {
-                    SELinuxMMAC.setRestoreconDone();
-                }
-            }
-
            EventLog.writeEvent(EventLogTags.BOOT_PROGRESS_PMS_READY,
                    SystemClock.uptimeMillis());

@ -4617,6 +4613,11 @@ public class PackageManagerService extends IPackageManager.Stub {
                    }
                }
                pkg.applicationInfo.dataDir = dataPath.getPath();
+                if (mShouldRestoreconData) {
+                    Slog.i(TAG, "SELinux relabeling of " + pkg.packageName + " issued.");
+                    mInstaller.restoreconData(pkg.packageName, pkg.applicationInfo.seinfo,
+                                pkg.applicationInfo.uid);
+                }
            } else {
                if (DEBUG_PACKAGE_SCANNING) {
                    if ((parseFlags & PackageParser.PARSE_CHATTY) != 0)
@ -11062,6 +11063,10 @@ public class PackageManagerService extends IPackageManager.Stub {
     */
    public void scanAvailableAsecs() {
        updateExternalMediaStatusInner(true, false, false);
+        if (mShouldRestoreconData) {
+            SELinuxMMAC.setRestoreconDone();
+            mShouldRestoreconData = false;
+        }
    }

    /*