diff options
author | Jin Qian <jinqian@google.com> | 2017-04-21 16:29:07 -0700 |
---|---|---|
committer | Theodore Ts'o <tytso@mit.edu> | 2017-05-23 23:06:55 -0400 |
commit | 8b9e44a0df7bc8f7d005fc0e37092396a8abf013 (patch) | |
tree | 84f7d64a615bf4b68023faad11d0e37f3aee1c7c /contrib | |
parent | 820344d352301847acee8e08b5f47b443fde846f (diff) | |
download | e2fsprogs-8b9e44a0df7bc8f7d005fc0e37092396a8abf013.tar.gz |
AOSP: e2fsdroid: support multiple selinux file contexts
Support passing a string of multiple selinux file contexts separated by
comma with -S option.
E.g. e2fsdroid -S ctx1,ctx2 output
Test: make systemimage
Bug: 35219933
Change-Id: Icc0f9d5d6180b5db7d68f7de45a1128f5a20be89
From AOSP commit: 34f4f33b24280c0a21a95407da4cf4988b275c95
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Diffstat (limited to 'contrib')
-rw-r--r-- | contrib/android/e2fsdroid.c | 20 | ||||
-rw-r--r-- | contrib/android/perms.c | 9 | ||||
-rw-r--r-- | contrib/android/perms.h | 6 |
3 files changed, 25 insertions, 10 deletions
diff --git a/contrib/android/e2fsdroid.c b/contrib/android/e2fsdroid.c index b310667f..1ae133d5 100644 --- a/contrib/android/e2fsdroid.c +++ b/contrib/android/e2fsdroid.c @@ -19,7 +19,8 @@ static char *basefs_in; static char *mountpoint = ""; static time_t fixed_time = -1; static char *fs_config_file; -static char *file_contexts; +static struct selinux_opt seopt_file[8]; +static int max_nr_opt = (int)sizeof(seopt_file) / sizeof(seopt_file[0]); static char *product_out; static char *src_dir; static int android_configure; @@ -58,6 +59,8 @@ int main(int argc, char *argv[]) io_manager io_mgr; ext2_filsys fs = NULL; struct fs_ops_callbacks fs_callbacks = { NULL, NULL }; + char *token; + int nr_opt = 0; add_error_table(&et_ext2_error_table); @@ -72,7 +75,18 @@ int main(int argc, char *argv[]) android_configure = 1; break; case 'S': - file_contexts = absolute_path(optarg); + token = strtok(optarg, ","); + while (token) { + if (nr_opt == max_nr_opt) { + fprintf(stderr, "Expected at most %d selinux opts\n", + max_nr_opt); + exit(EXIT_FAILURE); + } + seopt_file[nr_opt].type = SELABEL_OPT_PATH; + seopt_file[nr_opt].value = absolute_path(token); + nr_opt++; + token = strtok(NULL, ","); + } android_configure = 1; break; case 'p': @@ -140,7 +154,7 @@ int main(int argc, char *argv[]) if (android_configure) { retval = android_configure_fs(fs, src_dir, product_out, mountpoint, - file_contexts, fs_config_file, fixed_time); + seopt_file, nr_opt, fs_config_file, fixed_time); if (retval) { com_err(prog_name, retval, "%s", "while configuring the file system"); diff --git a/contrib/android/perms.c b/contrib/android/perms.c index 7a5d47d9..1e4c6db0 100644 --- a/contrib/android/perms.c +++ b/contrib/android/perms.c @@ -287,7 +287,8 @@ errcode_t __android_configure_fs(ext2_filsys fs, char *src_dir, errcode_t android_configure_fs(ext2_filsys fs, char *src_dir, char *target_out, char *mountpoint, - char *file_contexts, + struct selinux_opt *seopts, + unsigned int nopt, char *fs_config_file, time_t fixed_time) { errcode_t retval; @@ -295,10 +296,8 @@ errcode_t android_configure_fs(ext2_filsys fs, char *src_dir, char *target_out, struct selabel_handle *sehnd = NULL; /* Retrieve file contexts */ - if (file_contexts) { - struct selinux_opt seopts[] = { { SELABEL_OPT_PATH, "" } }; - seopts[0].value = file_contexts; - sehnd = selabel_open(SELABEL_CTX_FILE, seopts, 1); + if (nopt > 0) { + sehnd = selabel_open(SELABEL_CTX_FILE, seopts, nopt); if (!sehnd) { com_err(__func__, -EINVAL, _("while opening file contexts \"%s\""), diff --git a/contrib/android/perms.h b/contrib/android/perms.h index f1ed3c5b..9955bb56 100644 --- a/contrib/android/perms.h +++ b/contrib/android/perms.h @@ -15,7 +15,8 @@ static inline errcode_t android_configure_fs(ext2_filsys fs, char *src_dir, char *target_out, char *mountpoint, - char *file_contexts, + void *seopts, + unsigned int nopt, char *fs_config_file, time_t fixed_time) { @@ -33,7 +34,8 @@ static inline errcode_t android_configure_fs(ext2_filsys fs, errcode_t android_configure_fs(ext2_filsys fs, char *src_dir, char *target_out, char *mountpoint, - char *file_contexts, + struct selinux_opt *seopts, + unsigned int nopt, char *fs_config_file, time_t fixed_time); # endif |