Toggels libselinux to build against PCRE2
am: 74735be537 -s ours
Change-Id: I79945a45dc293402010cfd2359d8ba698e662474
diff --git a/Android.bp b/Android.bp
index 9c4b1d4..458c1ef 100644
--- a/Android.bp
+++ b/Android.bp
@@ -1,16 +1,16 @@
-common_LIBRARIES = ["libpcre2"]
-common_CFLAGS = [
- "-DUSE_PCRE2",
+// uncomment to build libselinux and related artifacts against PCRE2
+//common_LIBRARIES = ["libpcre2"]
+//common_CFLAGS = [
+// "-DUSE_PCRE2",
+//
+// // Persistently stored patterns (pcre2) are architecture dependent.
+// // In particular paterns built on amd64 can not run on devices with armv7
+// // (32bit). Therefore, this feature stays off for now.
+// "-DNO_PERSISTENTLY_STORED_PATTERNS",
+//]
- // Persistently stored patterns (pcre2) are architecture dependent.
- // In particular paterns built on amd64 can not run on devices with armv7
- // (32bit). Therefore, this feature stays off for now.
- "-DNO_PERSISTENTLY_STORED_PATTERNS",
-]
-
-// uncomment to build libselinux and related artifacts against PCRE
-// common_LIBRARIES = ["libpcre"]
-// common_CFLAGS = []
+common_LIBRARIES = ["libpcre"]
+common_CFLAGS = []
cc_defaults {
name: "libselinux_flags",
diff --git a/src/android.c b/src/android.c
index b748ca5..7769c06 100644
--- a/src/android.c
+++ b/src/android.c
@@ -88,6 +88,8 @@
struct seapp_context {
/* input selectors */
bool isSystemServer;
+ bool isAutoPlayAppSet;
+ bool isAutoPlayApp;
bool isOwnerSet;
bool isOwner;
struct prefix_str user;
@@ -130,6 +132,12 @@
if (s1->isSystemServer != s2->isSystemServer)
return (s1->isSystemServer ? -1 : 1);
+ /* Give precedence to a specified isAutoPlayApp= over an
+ * unspecified isAutoPlayApp=. */
+ if (s1->isAutoPlayAppSet != s2->isAutoPlayAppSet)
+ return (s1->isAutoPlayAppSet ? -1 : 1);
+
+
/* Give precedence to a specified isOwner= over an unspecified isOwner=. */
if (s1->isOwnerSet != s2->isOwnerSet)
return (s1->isOwnerSet ? -1 : 1);
@@ -311,6 +319,16 @@
free_seapp_context(cur);
goto err;
}
+ } else if (!strcasecmp(name, "isAutoPlayApp")) {
+ cur->isAutoPlayAppSet = true;
+ if (!strcasecmp(value, "true"))
+ cur->isAutoPlayApp = true;
+ else if (!strcasecmp(value, "false"))
+ cur->isAutoPlayApp = false;
+ else {
+ free_seapp_context(cur);
+ goto err;
+ }
} else if (!strcasecmp(name, "isOwner")) {
cur->isOwnerSet = true;
if (!strcasecmp(value, "true"))
@@ -478,9 +496,11 @@
int i;
for (i = 0; i < nspec; i++) {
cur = seapp_contexts[i];
- selinux_log(SELINUX_INFO, "%s: isSystemServer=%s isOwner=%s user=%s seinfo=%s name=%s path=%s isPrivApp=%s -> domain=%s type=%s level=%s levelFrom=%s",
+ selinux_log(SELINUX_INFO, "%s: isSystemServer=%s isAutoPlayApp=%s isOwner=%s user=%s seinfo=%s "
+ "name=%s path=%s isPrivApp=%s -> domain=%s type=%s level=%s levelFrom=%s",
__FUNCTION__,
cur->isSystemServer ? "true" : "false",
+ cur->isAutoPlayAppSet ? (cur->isAutoPlayApp ? "true" : "false") : "null",
cur->isOwnerSet ? (cur->isOwner ? "true" : "false") : "null",
cur->user.str,
cur->seinfo, cur->name.str, cur->path.str,
@@ -531,10 +551,7 @@
};
#define PRIVILEGED_APP_STR ":privapp"
-static bool is_app_privileged(const char *seinfo)
-{
- return strstr(seinfo, PRIVILEGED_APP_STR) != NULL;
-}
+#define AUTOPLAY_APP_STR ":autoplayapp"
static int seinfo_parse(char *dest, const char *src, size_t size)
{
@@ -572,6 +589,7 @@
uid_t userid;
uid_t appid;
bool isPrivApp = false;
+ bool isAutoPlayApp = false;
char parsedseinfo[BUFSIZ];
__selinux_once(once, seapp_context_init);
@@ -579,7 +597,8 @@
if (seinfo) {
if (seinfo_parse(parsedseinfo, seinfo, BUFSIZ))
goto err;
- isPrivApp = is_app_privileged(seinfo);
+ isPrivApp = strstr(seinfo, PRIVILEGED_APP_STR) ? true : false;
+ isAutoPlayApp = strstr(seinfo, AUTOPLAY_APP_STR) ? true : false;
seinfo = parsedseinfo;
}
@@ -617,6 +636,9 @@
if (cur->isSystemServer != isSystemServer)
continue;
+ if (cur->isAutoPlayAppSet && cur->isAutoPlayApp != isAutoPlayApp)
+ continue;
+
if (cur->isOwnerSet && cur->isOwner != isOwner)
continue;
