commit 36cf353ffb6123f8b31668dfae6149e1674625bf
author Bowgo Tsai <bowgotsai@google.com> Thu Dec 07 16:05:25 2017 +0800
committer Bowgo Tsai <bowgotsai@google.com> Tue Jan 09 18:47:12 2018 +0800
tree 1de5a1b5aee3fe884c5988114432ec782a1e81e6
parent 8fa3e728460efa1b77bf0cb2f91d1556ff050919

sepolicy: renames nonplat_* to vendor_*

Also fallbacks to nonplat_* if it doesn't exists.

Bug: 64240127
Bug: 70279378
Test: boot bullhead and sailfish
Change-Id: I372b42a3c559ae0f9602163699eaef4df148467b

init/property_service.cpp

diff --git a/init/property_service.cpp b/init/property_service.cpp
index 7aa94b0..463b0dc 100644
--- a/init/property_service.cpp
+++ b/init/property_service.cpp
@@ -757,12 +757,20 @@
         // Don't check for failure here, so we always have a sane list of properties.
         // E.g. In case of recovery, the vendor partition will not have mounted and we
         // still need the system / platform properties to function.
-        LoadPropertyInfoFromFile("/vendor/etc/selinux/nonplat_property_contexts", &property_infos);
+        if (!LoadPropertyInfoFromFile("/vendor/etc/selinux/vendor_property_contexts",
+                                      &property_infos)) {
+            // Fallback to nonplat_* if vendor_* doesn't exist.
+            LoadPropertyInfoFromFile("/vendor/etc/selinux/nonplat_property_contexts",
+                                     &property_infos);
+        }
     } else {
         if (!LoadPropertyInfoFromFile("/plat_property_contexts", &property_infos)) {
             return;
         }
-        LoadPropertyInfoFromFile("/nonplat_property_contexts", &property_infos);
+        if (!LoadPropertyInfoFromFile("/vendor_property_contexts", &property_infos)) {
+            // Fallback to nonplat_* if vendor_* doesn't exist.
+            LoadPropertyInfoFromFile("/nonplat_property_contexts", &property_infos);
+        }
     }
     auto serialized_contexts = std::string();
     auto error = std::string();

init/selinux.cpp

diff --git a/init/selinux.cpp b/init/selinux.cpp
index 1febccd..6aba9c1 100644
--- a/init/selinux.cpp
+++ b/init/selinux.cpp
@@ -420,14 +420,19 @@
 
     selinux_android_restorecon("/plat_file_contexts", 0);
     selinux_android_restorecon("/nonplat_file_contexts", 0);
+    selinux_android_restorecon("/vendor_file_contexts", 0);
     selinux_android_restorecon("/plat_property_contexts", 0);
     selinux_android_restorecon("/nonplat_property_contexts", 0);
+    selinux_android_restorecon("/vendor_property_contexts", 0);
     selinux_android_restorecon("/plat_seapp_contexts", 0);
     selinux_android_restorecon("/nonplat_seapp_contexts", 0);
+    selinux_android_restorecon("/vendor_seapp_contexts", 0);
     selinux_android_restorecon("/plat_service_contexts", 0);
     selinux_android_restorecon("/nonplat_service_contexts", 0);
+    selinux_android_restorecon("/vendor_service_contexts", 0);
     selinux_android_restorecon("/plat_hwservice_contexts", 0);
     selinux_android_restorecon("/nonplat_hwservice_contexts", 0);
+    selinux_android_restorecon("/vendor_hwservice_contexts", 0);
     selinux_android_restorecon("/sepolicy", 0);
     selinux_android_restorecon("/vndservice_contexts", 0);