diff options
author | Alan Stokes <alanstokes@google.com> | 2020-12-15 15:56:38 +0000 |
---|---|---|
committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2020-12-15 15:56:38 +0000 |
commit | 7bc3b21f51db7e2eb4237189b5ce20f7646960eb (patch) | |
tree | 6a639931aa55171f913eb864d93dba41e016d94a | |
parent | 840744471518892c33a53b6180abccf620846365 (diff) | |
parent | ec6a9c94b27e78cc9fef600cc5c4688cc4943d84 (diff) | |
download | selinux-7bc3b21f51db7e2eb4237189b5ce20f7646960eb.tar.gz |
Don't restorecon profile root. am: ec6a9c94b2
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/1521558
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: Ic9c905a23c4956febe8301612101df1798e4684c
-rw-r--r-- | libselinux/src/android/android_platform.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/libselinux/src/android/android_platform.c b/libselinux/src/android/android_platform.c index 1eb7dd45..2ffe4155 100644 --- a/libselinux/src/android/android_platform.c +++ b/libselinux/src/android/android_platform.c @@ -1189,6 +1189,7 @@ struct pkg_info *package_info_lookup(const char *name) #define DATA_USER_DE_PATH "/data/user_de" #define EXPAND_USER_PATH "/mnt/expand/\?\?\?\?\?\?\?\?-\?\?\?\?-\?\?\?\?-\?\?\?\?-\?\?\?\?\?\?\?\?\?\?\?\?/user" #define EXPAND_USER_DE_PATH "/mnt/expand/\?\?\?\?\?\?\?\?-\?\?\?\?-\?\?\?\?-\?\?\?\?-\?\?\?\?\?\?\?\?\?\?\?\?/user_de" +#define USER_PROFILE_PATH "/data/misc/profiles/cur/*" #define DATA_DATA_PREFIX DATA_DATA_PATH "/" #define DATA_USER_PREFIX DATA_USER_PATH "/" #define DATA_USER_DE_PREFIX DATA_USER_DE_PATH "/" @@ -1548,6 +1549,11 @@ static int selinux_android_restorecon_common(const char* pathname_orig, continue; } + if (!datadata && !fnmatch(USER_PROFILE_PATH, ftsent->fts_path, FNM_PATHNAME)) { + // Don't label this directory, vold takes care of that, but continue below it. + continue; + } + if (setrestoreconlast) { struct dir_hash_node* new_node = NULL; if (check_context_match_for_dir(ftsent->fts_path, &new_node, force, error)) { |