ACPR/android_system_core
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge "Track the move of split SELinux policy CIL files"

Browse source
This commit is contained in:
Alex Klyubin 2017-03-03 21:43:23 +00:00 committed by Gerrit Code Review
commit 8df4dded13
1 changed files with 3 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
init/init.cpp
View file

@ -669,7 +669,7 @@ static bool fork_execve_and_wait_for_completion(const char* filename, char* cons
} }
} }
static constexpr const char plat_policy_cil_file[] = "/plat_sepolicy.cil"; static constexpr const char plat_policy_cil_file[] = "/system/etc/selinux/plat_sepolicy.cil";
static bool selinux_is_split_policy_device() { return access(plat_policy_cil_file, R_OK) != -1; } static bool selinux_is_split_policy_device() { return access(plat_policy_cil_file, R_OK) != -1; }
@ -701,7 +701,8 @@ static bool selinux_load_split_policy() {
const char* compile_args[] = {"/system/bin/secilc", plat_policy_cil_file, "-M", "true", "-c", const char* compile_args[] = {"/system/bin/secilc", plat_policy_cil_file, "-M", "true", "-c",
"30", // TODO: pass in SELinux policy version from build system "30", // TODO: pass in SELinux policy version from build system
"/mapping_sepolicy.cil", "/nonplat_sepolicy.cil", "-o", "/vendor/etc/selinux/mapping_sepolicy.cil",
"/vendor/etc/selinux/nonplat_sepolicy.cil", "-o",
compiled_sepolicy, compiled_sepolicy,
// We don't care about file_contexts output by the compiler // We don't care about file_contexts output by the compiler
"-f", "/sys/fs/selinux/null", // /dev/null is not yet available "-f", "/sys/fs/selinux/null", // /dev/null is not yet available