diff options
Diffstat (limited to 'init/selinux.cpp')
| -rw-r--r-- | init/selinux.cpp | 51 |
1 files changed, 0 insertions, 51 deletions
diff --git a/init/selinux.cpp b/init/selinux.cpp index 8a9662b6f..54be08696 100644 --- a/init/selinux.cpp +++ b/init/selinux.cpp @@ -79,8 +79,6 @@ namespace init { namespace { -selabel_handle* sehandle = nullptr; - enum EnforcingStatus { SELINUX_PERMISSIVE, SELINUX_ENFORCING }; EnforcingStatus StatusFromCmdline() { @@ -554,54 +552,5 @@ int SetupSelinux(char** argv) { return 1; } -// selinux_android_file_context_handle() takes on the order of 10+ms to run, so we want to cache -// its value. selinux_android_restorecon() also needs an sehandle for file context look up. It -// will create and store its own copy, but selinux_android_set_sehandle() can be used to provide -// one, thus eliminating an extra call to selinux_android_file_context_handle(). -void SelabelInitialize() { - sehandle = selinux_android_file_context_handle(); - selinux_android_set_sehandle(sehandle); -} - -// A C++ wrapper around selabel_lookup() using the cached sehandle. -// If sehandle is null, this returns success with an empty context. -bool SelabelLookupFileContext(const std::string& key, int type, std::string* result) { - result->clear(); - - if (!sehandle) return true; - - char* context; - if (selabel_lookup(sehandle, &context, key.c_str(), type) != 0) { - return false; - } - *result = context; - free(context); - return true; -} - -// A C++ wrapper around selabel_lookup_best_match() using the cached sehandle. -// If sehandle is null, this returns success with an empty context. -bool SelabelLookupFileContextBestMatch(const std::string& key, - const std::vector<std::string>& aliases, int type, - std::string* result) { - result->clear(); - - if (!sehandle) return true; - - std::vector<const char*> c_aliases; - for (const auto& alias : aliases) { - c_aliases.emplace_back(alias.c_str()); - } - c_aliases.emplace_back(nullptr); - - char* context; - if (selabel_lookup_best_match(sehandle, &context, key.c_str(), &c_aliases[0], type) != 0) { - return false; - } - *result = context; - free(context); - return true; -} - } // namespace init } // namespace android |