From 6b600f964471cef977821689185db687f67d2c19 Mon Sep 17 00:00:00 2001 From: bigbiff bigbiff Date: Sun, 5 Jan 2014 18:13:43 -0500 Subject: Restore contexts when doing mkdierhier in libtar Do a restore of loaded file contexts to /data/media directory. This will help denials to be prevented when internal storage is wiped. Change-Id: Ie49bbfa48d2f3ee4f08376d9c1877b92c051017c --- fixPermissions.cpp | 33 ++++++++++++++++++++++++++++++++- 1 file changed, 32 insertions(+), 1 deletion(-) (limited to 'fixPermissions.cpp') diff --git a/fixPermissions.cpp b/fixPermissions.cpp index 40ac516b0..12ce0b528 100644 --- a/fixPermissions.cpp +++ b/fixPermissions.cpp @@ -74,18 +74,48 @@ int fixPermissions::fixDataDataContexts(void) { struct selinux_opt selinux_options[] = { { SELABEL_OPT_PATH, "/file_contexts" } }; + selinux_handle = selabel_open(SELABEL_CTX_FILE, selinux_options, 1); + if (!selinux_handle) printf("No file contexts for SELinux\n"); else printf("SELinux contexts loaded from /file_contexts\n"); + d = opendir("/data/data"); + while (( de = readdir(d)) != NULL) { stat(de->d_name, &sb); string f = "/data/data/"; f = f + de->d_name; restorecon(f, &sb); } + closedir(d); + return 0; +} + +int fixPermissions::fixDataInternalContexts(void) { + DIR *d; + struct dirent *de; + struct stat sb; + string dir; + + if (TWFunc::Path_Exists("/data/media")) { + dir = "/data/media"; + } + else { + dir = "/data/media/0"; + } + LOGINFO("Fixing %s contexts\n", dir.c_str()); + d = opendir(dir.c_str()); + + while (( de = readdir(d)) != NULL) { + stat(de->d_name, &sb); + string f; + f = dir + de->d_name; + restorecon(f, &sb); + } + closedir(d); return 0; } #endif @@ -173,8 +203,9 @@ int fixPermissions::fixPerms(bool enable_debug, bool remove_data_for_missing_app } } #ifdef HAVE_SELINUX - gui_print("Fixing /data/data contexts.\n"); + gui_print("Fixing /data/data/ contexts.\n"); fixDataDataContexts(); + fixDataInternalContexts(); #endif gui_print("Done fixing permissions.\n"); return 0; -- cgit v1.2.3