summaryrefslogtreecommitdiffstats
path: root/init
diff options
context:
space:
mode:
authorJin Qian <jinqian@google.com>2017-05-03 11:52:20 -0700
committerJin Qian <jinqian@google.com>2017-05-03 16:15:45 -0700
commit2d019f859b5b4c29eb59794c731316cefa99994d (patch)
tree2b7e14dfb0ad4b0e33bf31202aa936a225010bb7 /init
parent5ad06cbb1c934997e2c0af0608d7c80ce4ee477c (diff)
downloadcore-2d019f859b5b4c29eb59794c731316cefa99994d.tar.gz
core-2d019f859b5b4c29eb59794c731316cefa99994d.tar.bz2
core-2d019f859b5b4c29eb59794c731316cefa99994d.zip
init: manually restorecon mke2fs tools on ramdisk
Files in the ramdisk by default have the rootfs label and must be manually restoreconed. Bug: 35219933 Change-Id: I2a749f128dc3a609907101ce703747f8990b4386
Diffstat (limited to 'init')
-rw-r--r--init/init.cpp9
1 files changed, 6 insertions, 3 deletions
diff --git a/init/init.cpp b/init/init.cpp
index 99ce5e692..8398e025a 100644
--- a/init/init.cpp
+++ b/init/init.cpp
@@ -863,9 +863,9 @@ static void selinux_initialize(bool in_kernel_domain) {
}
}
-// The files and directories that were created before initial sepolicy load
-// need to have their security context restored to the proper value.
-// This must happen before /dev is populated by ueventd.
+// The files and directories that were created before initial sepolicy load or
+// files on ramdisk need to have their security context restored to the proper
+// value. This must happen before /dev is populated by ueventd.
static void selinux_restore_context() {
LOG(INFO) << "Running restorecon...";
restorecon("/dev");
@@ -882,6 +882,9 @@ static void selinux_restore_context() {
restorecon("/sys", SELINUX_ANDROID_RESTORECON_RECURSE);
restorecon("/dev/block", SELINUX_ANDROID_RESTORECON_RECURSE);
restorecon("/dev/device-mapper");
+
+ restorecon("/sbin/mke2fs");
+ restorecon("/sbin/e2fsdroid");
}
// Set the UDC controller for the ConfigFS USB Gadgets.