From 12566be46cdd98884fcd94a33e1ebff534536d15 Mon Sep 17 00:00:00 2001
From: repo sync <gcondra@google.com>
Date: Wed, 24 Apr 2013 11:26:01 -0700
Subject: [PATCH] Set persistent property for SELinux enforcement on update.

Bug: 8702843
Change-Id: I41c0084a71160061b297d57d995261e238ea555c
---
 .../updates/SELinuxPolicyInstallReceiver.java       | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/services/java/com/android/server/updates/SELinuxPolicyInstallReceiver.java b/services/java/com/android/server/updates/SELinuxPolicyInstallReceiver.java
index e8337f60d7c38..0ab86e447ad94 100644
--- a/services/java/com/android/server/updates/SELinuxPolicyInstallReceiver.java
+++ b/services/java/com/android/server/updates/SELinuxPolicyInstallReceiver.java
@@ -122,9 +122,16 @@ public class SELinuxPolicyInstallReceiver extends ConfigUpdateInstallReceiver {
     }
 
     private void setEnforcingMode(Context context) {
-        boolean mode = Settings.Global.getInt(context.getContentResolver(),
-            Settings.Global.SELINUX_STATUS, 0) == 1;
-        SELinux.setSELinuxEnforce(mode);
+        String mode = Settings.Global.getString(context.getContentResolver(),
+            Settings.Global.SELINUX_STATUS);
+        if (mode.equals("1")) {
+            Slog.i(TAG, "Setting enforcing mode");
+            SystemProperties.set("persist.selinux.enforcing", mode);
+        } else if (mode.equals("0")) {
+            Slog.i(TAG, "Tried to set permissive mode, ignoring");
+        } else {
+            Slog.e(TAG, "Got invalid enforcing mode: " + mode);
+        }
     }
 
     @Override