diff options
| author | Janis Danisevskis <jdanis@google.com> | 2016-03-13 14:47:23 +0000 |
|---|---|---|
| committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2016-03-13 14:47:23 +0000 |
| commit | b9c078880644b51bc9e6c314eed157f230fce43c (patch) | |
| tree | ad8aeb2bc576ec95cfd8e8c8f3190b07faa68266 | |
| parent | 1f13c1a208394b74a8c60e677546a8c8ed697091 (diff) | |
| parent | 3d1dff22311bb6b3c01115f0c4400dcdc37c35c3 (diff) | |
Merge "Leftovers of the SELinux policy update mechanism"
| -rw-r--r-- | init/init.cpp | 18 | ||||
| -rw-r--r-- | init/init.h | 2 | ||||
| -rw-r--r-- | init/property_service.cpp | 6 | ||||
| -rw-r--r-- | rootdir/init.rc | 6 |
4 files changed, 1 insertions, 31 deletions
diff --git a/init/init.cpp b/init/init.cpp index 9e6143be3..bac27df88 100644 --- a/init/init.cpp +++ b/init/init.cpp @@ -460,24 +460,6 @@ static bool selinux_is_enforcing(void) return true; } -int selinux_reload_policy(void) -{ - INFO("SELinux: Attempting to reload policy files\n"); - - if (selinux_android_reload_policy() == -1) { - return -1; - } - - if (sehandle) - selabel_close(sehandle); - - if (sehandle_prop) - selabel_close(sehandle_prop); - - selinux_init_all_handles(); - return 0; -} - static int audit_callback(void *data, security_class_t /*cls*/, char *buf, size_t len) { property_audit_data *d = reinterpret_cast<property_audit_data*>(data); diff --git a/init/init.h b/init/init.h index 345d442c0..b6a095b94 100644 --- a/init/init.h +++ b/init/init.h @@ -35,8 +35,6 @@ void handle_control_message(const std::string& msg, const std::string& arg); void property_changed(const char *name, const char *value); -int selinux_reload_policy(void); - void register_epoll_handler(int fd, void (*fn)()); int add_environment(const char* key, const char* val); diff --git a/init/property_service.cpp b/init/property_service.cpp index 5c1ae7912..8c95f15f9 100644 --- a/init/property_service.cpp +++ b/init/property_service.cpp @@ -175,11 +175,7 @@ static int property_set_impl(const char* name, const char* value) { if (!is_legal_property_name(name, namelen)) return -1; if (valuelen >= PROP_VALUE_MAX) return -1; - if (strcmp("selinux.reload_policy", name) == 0 && strcmp("1", value) == 0) { - if (selinux_reload_policy() != 0) { - ERROR("Failed to reload policy\n"); - } - } else if (strcmp("selinux.restorecon_recursive", name) == 0 && valuelen > 0) { + if (strcmp("selinux.restorecon_recursive", name) == 0 && valuelen > 0) { if (restorecon_recursive(value) != 0) { ERROR("Failed to restorecon_recursive %s\n", value); } diff --git a/rootdir/init.rc b/rootdir/init.rc index 6d5023e4d..aa3234310 100644 --- a/rootdir/init.rc +++ b/rootdir/init.rc @@ -399,9 +399,6 @@ on post-fs-data # symlink to bugreport storage location symlink /data/data/com.android.shell/files/bugreports /data/bugreports - # Separate location for storing security policy files on data - mkdir /data/security 0711 system system - # Create all remaining /data root dirs so that they are made through init # and get proper encryption policy installed mkdir /data/backup 0700 system system @@ -413,9 +410,6 @@ on post-fs-data setusercryptopolicies /data/user - # Reload policy from /data/security if present. - setprop selinux.reload_policy 1 - # Set SELinux security contexts on upgrade or policy update. restorecon_recursive /data |