Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / d88acc95ab7b74979b123f0d4523bb2c4eec2880^! / .
commitd88acc95ab7b74979b123f0d4523bb2c4eec2880[log] [tgz]
authorNick Kralevich <nnk@google.com>Thu Apr 04 15:54:58 2019 -0700
committerNick Kralevich <nnk@google.com>Fri Apr 05 09:50:58 2019 -0700
tree3b84339c75d276d632ae23aa394534ffc003c173
parent960c4f06ae93a6102cee0c3312791c8455a8d597 [diff]
Don't set sehash when calling restoreconRecursive

restorecon_recursive updates the SELinux label of the files in the
filesystem, and then attempts to write the xattr "security.sehash" as an
optimization for future restorecons. Writing security.* extended
attributes requires CAP_SYS_ADMIN, which system_server doesn't have (and
shouldn't have).

Suppress the computation and writing of the hash value. It's not
needed.

This bug has been around for a long time, but due to the fix for
bug 62302954, the error message is being generated more frequently
now.

TODO: It would be better if the default for restorecon was to suppress
the hash computation, since otherwise it encourages programs to be
overprivileged with CAP_SYS_ADMIN. I'll plan on doing that in a followup
commit.

Bugs where this error message has been called out:
Bug: 129766333
Bug: 129271240
Bug: 128700692
Bug: 129925723

Test: install an APK and ensure that no "SELinux:  setxattr failed"
    error messages are generated.

(cherry picked from commit cb1dddad27b86e675f7141ca429e9bb8ab8ac410)

Change-Id: Ifc5be24d14029cb616d5564366fc10a0b93c9939

diff --git a/core/java/android/os/SELinux.java b/core/java/android/os/SELinux.java
index f007dff..34809e7 100644
--- a/core/java/android/os/SELinux.java
+++ b/core/java/android/os/SELinux.java

@@ -31,12 +31,15 @@
 public class SELinux {
     private static final String TAG = "SELinux";
 
-    /** Keep in sync with ./external/libselinux/include/selinux/android.h */
+    /** Keep in sync with ./external/selinux/libselinux/include/selinux/android.h */
     private static final int SELINUX_ANDROID_RESTORECON_NOCHANGE = 1;
     private static final int SELINUX_ANDROID_RESTORECON_VERBOSE = 2;
     private static final int SELINUX_ANDROID_RESTORECON_RECURSE = 4;
     private static final int SELINUX_ANDROID_RESTORECON_FORCE = 8;
     private static final int SELINUX_ANDROID_RESTORECON_DATADATA = 16;
+    private static final int SELINUX_ANDROID_RESTORECON_SKIPCE = 32;
+    private static final int SELINUX_ANDROID_RESTORECON_CROSS_FILESYSTEMS = 64;
+    private static final int SELINUX_ANDROID_RESTORECON_SKIP_SEHASH = 128;
 
     /**
      * Get context associated with path by file_contexts.
@@ -182,7 +185,8 @@
     @UnsupportedAppUsage
     public static boolean restoreconRecursive(File file) {
         try {
-            return native_restorecon(file.getCanonicalPath(), SELINUX_ANDROID_RESTORECON_RECURSE);
+            return native_restorecon(file.getCanonicalPath(),
+                SELINUX_ANDROID_RESTORECON_RECURSE | SELINUX_ANDROID_RESTORECON_SKIP_SEHASH);
         } catch (IOException e) {
             Slog.e(TAG, "Error getting canonical path. Restorecon failed for " +
                     file.getPath(), e);