Android O Preview Release 1 (OPP1.170223.013)
Support loading policy from file via FD
This adds support for loading SELinux policy from a provided file
descriptor. The existing functionality of loading policy from a file
by its name is reimplemented in terms of the new functionality.
The driving force behind this new method of loading policy is the new
Android boot process where the policy may be loaded from a temporary
file. In that scenario, the process which loaded the policy might not
be permitted by the policy to delete the temporary file. Thus, it is
cleaner to obtain an open file descriptor to the file, unlink the
file before loading the policy, and then load the policy.
Test: Android device boots up just fine -- this exercises
selinux_android_load_policy which was touched in this commit
Test: Android device which loads policy using
selinux_android_load_policy_from_fd also boots up.
Bug: 31363362
Change-Id: Ibc0b0db1fd09237399c44f3a0f0e4bbba2d55508
(cherry picked from commit 5678b9d5fb6ce806e5df54855b6d75619aa77e04)
2 files changed
