ACPR/android_system_core
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge "init: clarify comment for the restorecon of second stage init" am: 424ffa2df9 am: f1e6db5567

Browse source 
am: 28f2c822b9

Change-Id: If9c12d3ed47f06fb9670e685d948d786ab680bb9
This commit is contained in:
Tom Cherry 2018-08-09 12:04:30 -07:00 committed by android-build-merger
commit 7ade77b470
1 changed files with 4 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
init/init_first_stage.cpp
View file

@ -138,9 +138,10 @@ int main(int argc, char** argv) {
SelinuxSetupKernelLogging();
SelinuxInitialize();
// Unneeded? It's an ext4 file system so shouldn't it have the right domain already?
// We're in the kernel domain, so re-exec init to transition to the init domain now
// that the SELinux policy has been loaded.
// We're in the kernel domain and want to transition to the init domain when we exec second
// stage init. File systems that store SELabels in their xattrs, such as ext4 do not need an
// explicit restorecon here, but other file systems do. In particular, this is needed for
// ramdisks such as the recovery image for A/B devices.
if (selinux_android_restorecon("/system/bin/init", 0) == -1) {
PLOG(FATAL) << "restorecon failed of /system/bin/init failed";
}