am a2e8365c: am 9b0da58e: Merge "Introduce a restorecon JNI binding."

* commit 'a2e8365cc883de0d3e56e9f4af350ecfe1b8fc4c': Introduce a restorecon JNI binding.
2012-08-16 15:32:52 -07:00
parent 3931f6b3ff a2e8365cc8
commit 520ee7bcad
4 changed files with 124 additions and 1 deletions
--- a/services/java/com/android/server/WallpaperManagerService.java
+++ b/services/java/com/android/server/WallpaperManagerService.java
@@ -45,6 +45,7 @@ import android.os.RemoteException;
 import android.os.FileObserver;
 import android.os.ParcelFileDescriptor;
 import android.os.RemoteCallbackList;
+import android.os.SELinux;
 import android.os.ServiceManager;
 import android.os.SystemClock;
 import android.os.UserHandle;
@@ -639,8 +640,12 @@ class WallpaperManagerService extends IWallpaperManager.Stub {
                        FileUtils.S_IRWXU|FileUtils.S_IRWXG|FileUtils.S_IXOTH,
                        -1, -1);
            }
-            ParcelFileDescriptor fd = ParcelFileDescriptor.open(new File(dir, WALLPAPER),
+            File file = new File(dir, WALLPAPER);
+            ParcelFileDescriptor fd = ParcelFileDescriptor.open(file,
                    MODE_CREATE|MODE_READ_WRITE);
+            if (!SELinux.restorecon(file)) {
+                return null;
+            }
            wallpaper.name = name;
            return fd;
        } catch (FileNotFoundException e) {
--- a/services/java/com/android/server/pm/PackageManagerService.java
+++ b/services/java/com/android/server/pm/PackageManagerService.java
@@ -97,6 +97,7 @@ import android.os.Parcel;
 import android.os.ParcelFileDescriptor;
 import android.os.Process;
 import android.os.RemoteException;
+import android.os.SELinux;
 import android.os.ServiceManager;
 import android.os.SystemClock;
 import android.os.SystemProperties;
@@ -6484,6 +6485,10 @@ public class PackageManagerService extends IPackageManager.Stub {
                    return false;
                }

+                if (!SELinux.restorecon(newCodeFile)) {
+                    return false;
+                }
+
                return true;
            }
        }
@@ -7465,6 +7470,9 @@ public class PackageManagerService extends IPackageManager.Stub {
            FileUtils.setPermissions(
                    tmpPackageFile.getCanonicalPath(), FileUtils.S_IRUSR|FileUtils.S_IWUSR,
                    -1, -1);
+            if (!SELinux.restorecon(tmpPackageFile)) {
+                return null;
+            }
        } catch (IOException e) {
            Slog.e(TAG, "Trouble getting the canoncical path for a temp file.");
            return null;