Merge "e2fsdroid: support multiple selinux file contexts"

3 files changed, 25 insertions, 10 deletions

diff --git a/contrib/android/e2fsdroid.c b/contrib/android/e2fsdroid.c
index b310667f..1ae133d5 100644
--- a/contrib/android/e2fsdroid.c
+++ b/contrib/android/e2fsdroid.c
@@ -19,7 +19,8 @@ static char *basefs_in;
 static char *mountpoint = "";
 static time_t fixed_time = -1;
 static char *fs_config_file;
-static char *file_contexts;
+static struct selinux_opt seopt_file[8];
+static int max_nr_opt = (int)sizeof(seopt_file) / sizeof(seopt_file[0]);
 static char *product_out;
 static char *src_dir;
 static int android_configure;
@@ -58,6 +59,8 @@ int main(int argc, char *argv[])
 	io_manager io_mgr;
 	ext2_filsys fs = NULL;
 	struct fs_ops_callbacks fs_callbacks = { NULL, NULL };
+	char *token;
+	int nr_opt = 0;
 
 	add_error_table(&et_ext2_error_table);
 
@@ -72,7 +75,18 @@ int main(int argc, char *argv[])
 			android_configure = 1;
 			break;
 		case 'S':
-			file_contexts = absolute_path(optarg);
+			token = strtok(optarg, ",");
+			while (token) {
+				if (nr_opt == max_nr_opt) {
+					fprintf(stderr, "Expected at most %d selinux opts\n",
+						max_nr_opt);
+					exit(EXIT_FAILURE);
+				}
+				seopt_file[nr_opt].type = SELABEL_OPT_PATH;
+				seopt_file[nr_opt].value = absolute_path(token);
+				nr_opt++;
+				token = strtok(NULL, ",");
+			}
 			android_configure = 1;
 			break;
 		case 'p':
@@ -140,7 +154,7 @@ int main(int argc, char *argv[])
 
 	if (android_configure) {
 		retval = android_configure_fs(fs, src_dir, product_out, mountpoint,
-			file_contexts, fs_config_file, fixed_time);
+			seopt_file, nr_opt, fs_config_file, fixed_time);
 		if (retval) {
 			com_err(prog_name, retval, "%s",
 				"while configuring the file system");
diff --git a/contrib/android/perms.c b/contrib/android/perms.c
index 7a5d47d9..1e4c6db0 100644
--- a/contrib/android/perms.c
+++ b/contrib/android/perms.c
@@ -287,7 +287,8 @@ errcode_t __android_configure_fs(ext2_filsys fs, char *src_dir,
 
 errcode_t android_configure_fs(ext2_filsys fs, char *src_dir, char *target_out,
 			       char *mountpoint,
-			       char *file_contexts,
+			       struct selinux_opt *seopts,
+			       unsigned int nopt,
 			       char *fs_config_file, time_t fixed_time)
 {
 	errcode_t retval;
@@ -295,10 +296,8 @@ errcode_t android_configure_fs(ext2_filsys fs, char *src_dir, char *target_out,
 	struct selabel_handle *sehnd = NULL;
 
 	/* Retrieve file contexts */
-	if (file_contexts) {
-		struct selinux_opt seopts[] = { { SELABEL_OPT_PATH, "" } };
-		seopts[0].value = file_contexts;
-		sehnd = selabel_open(SELABEL_CTX_FILE, seopts, 1);
+	if (nopt > 0) {
+		sehnd = selabel_open(SELABEL_CTX_FILE, seopts, nopt);
 		if (!sehnd) {
 			com_err(__func__, -EINVAL,
 				_("while opening file contexts \"%s\""),
diff --git a/contrib/android/perms.h b/contrib/android/perms.h
index f1ed3c5b..9955bb56 100644
--- a/contrib/android/perms.h
+++ b/contrib/android/perms.h
@@ -15,7 +15,8 @@ static inline errcode_t android_configure_fs(ext2_filsys fs,
 					     char *src_dir,
 					     char *target_out,
 					     char *mountpoint,
-					     char *file_contexts,
+					     void *seopts,
+					     unsigned int nopt,
 					     char *fs_config_file,
 					     time_t fixed_time)
 {
@@ -33,7 +34,8 @@ static inline errcode_t android_configure_fs(ext2_filsys fs,
 errcode_t android_configure_fs(ext2_filsys fs, char *src_dir,
 			       char *target_out,
 			       char *mountpoint,
-			       char *file_contexts,
+			       struct selinux_opt *seopts,
+			       unsigned int nopt,
 			       char *fs_config_file, time_t fixed_time);
 
 # endif