From 53ed745e3ffda084d96d11766bb44bc5bef264d8 Mon Sep 17 00:00:00 2001 From: Eric Biggers Date: Mon, 17 Jul 2023 20:45:44 +0000 Subject: [PATCH] init: avoid ERROR log due to missing SEPolicy.zip One of the first ERROR messages in logcat of a normal boot of Cuttlefish is from failure to open SEPolicy.zip. This condition is expected. Therefore don't try to load SEPolicy.zip when it doesn't exist. This replaces the following log messages: 0 0 I init : Error: Apex SEPolicy failed signature check 0 0 I init : Loading APEX Sepolicy from /system/etc/selinux/apex/SEPolicy.zip 0 0 E init : Failed to open package /system/etc/selinux/apex/SEPolicy.zip: No such file or directory ... with just: 0 0 I init : No APEX Sepolicy found Change-Id: If3a77407c35130165df5782b9ef91912e8374dbf --- init/selinux.cpp | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/init/selinux.cpp b/init/selinux.cpp index b6d483a47..51093d898 100644 --- a/init/selinux.cpp +++ b/init/selinux.cpp @@ -667,10 +667,16 @@ void CleanupApexSepolicy() { // void PrepareApexSepolicy() { // If apex sepolicy zip exists in /metadata/sepolicy, use that, otherwise use version on - // /system. - auto dir = (access((kSepolicyApexMetadataDir + kSepolicyZip).c_str(), F_OK) == 0) - ? kSepolicyApexMetadataDir - : kSepolicyApexSystemDir; + // /system. If neither exists, do nothing. + std::string dir; + if (access((kSepolicyApexMetadataDir + kSepolicyZip).c_str(), F_OK) == 0) { + dir = kSepolicyApexMetadataDir; + } else if (access((kSepolicyApexSystemDir + kSepolicyZip).c_str(), F_OK) == 0) { + dir = kSepolicyApexSystemDir; + } else { + LOG(INFO) << "APEX Sepolicy not found"; + return; + } auto sepolicyVerify = SepolicyVerify(dir); if (!sepolicyVerify.ok()) {