Commits

Stephen Smalley  committed 8e50a55 Merge

Merge branch 'master' into seandroid

  • Participants
  • Parent commits d5dfe10, bad0ebb
  • Branches seandroid

Comments (0)

Files changed (3)

 LOCAL_COPY_HEADERS := $(common_COPY_HEADERS)
 LOCAL_PRELINK_MODULE := false
 LOCAL_STATIC_LIBRARIES := libmincrypt
+LOCAL_SHARED_LIBRARIES := liblog
 include $(BUILD_SHARED_LIBRARY)

File include/selinux/android.h

 
 extern struct selabel_handle* selinux_android_file_context_handle(void);
 
+extern struct selabel_handle* selinux_android_service_context_handle(void);
+
 extern void selinux_android_set_sehandle(const struct selabel_handle *hndl);
 
 extern int selinux_android_load_policy(void);
 				       const char *seinfo,
 				       uid_t uid);
 
+extern int selinux_log_callback(int type, const char *fmt, ...)
+    __attribute__ ((format(printf, 2, 3)));
+
 #define SELINUX_ANDROID_RESTORECON_NOCHANGE 1
 #define SELINUX_ANDROID_RESTORECON_VERBOSE  2
 #define SELINUX_ANDROID_RESTORECON_RECURSE  4

File src/android.c

 #include <selinux/avc.h>
 #include <mincrypt/sha.h>
 #include <private/android_filesystem_config.h>
+#include <log/log.h>
 #include "policy.h"
 #include "callbacks.h"
 #include "selinux_internal.h"
 	"/data/security/current/sepolicy",
 	NULL };
 
+static const struct selinux_opt seopts_service[] = {
+    { SELABEL_OPT_PATH, "/service_contexts" },
+    { SELABEL_OPT_PATH, "/data/security/current/service_contexts" },
+    { 0, NULL }
+};
+
 enum levelFrom {
 	LEVELFROM_NONE,
 	LEVELFROM_APP,
         sehandle = file_context_open();
 }
 
+static struct selabel_handle *service_context_open(void)
+{
+    struct selabel_handle *handle = NULL;
+
+    set_policy_index();
+    handle = selabel_open(SELABEL_CTX_ANDROID_PROP,
+            &seopts_service[policy_index], 1);
+
+    if (!handle) {
+        selinux_log(SELINUX_ERROR, "%s: Error getting service context handle (%s)\n",
+                __FUNCTION__, strerror(errno));
+    } else {
+        selinux_log(SELINUX_INFO, "SELinux: Loaded service contexts from %s.\n",
+                seopts_service[policy_index].value);
+    }
+
+    return handle;
+}
+
 static pthread_once_t fc_once = PTHREAD_ONCE_INIT;
 
 struct pkgInfo {
     return file_context_open();
 }
 
+struct selabel_handle* selinux_android_service_context_handle(void)
+{
+    return service_context_open();
+}
+
 void selinux_android_set_sehandle(const struct selabel_handle *hndl)
 {
     sehandle = (struct selabel_handle *) hndl;
 
     return selinux_android_load_policy_helper(false);
 }
+
+int selinux_log_callback(int type, const char *fmt, ...)
+{
+    va_list ap;
+    int priority;
+
+    switch(type) {
+    case SELINUX_WARNING:
+        priority = ANDROID_LOG_WARN;
+        break;
+    case SELINUX_INFO:
+        priority = ANDROID_LOG_INFO;
+        break;
+    default:
+        priority = ANDROID_LOG_ERROR;
+        break;
+    }
+
+    va_start(ap, fmt);
+    LOG_PRI_VA(priority, "SELinux", fmt, ap);
+    va_end(ap);
+    return 0;
+}