Add ability to specify multiple input files to the selabel_open.

The file_contexts labeling backend, specified in label_file.c, currently assumes
that only one path will be specified as an option to selabel_open().  The split
of platform and non-platform policy on device, however, will necessitate the
loading of two disparate policy files.  Rather than combining the files and then
calling the existing API on a newly-formed file, just add the ability to specify
multiple files to use.  Order of opt specification to selabel_open matters.

update: Fixed a double-free in the original change that caused the
updater to randomly crash during OTA (b/33938747)

Bug: 31363362
Bug: 33938747
Test: Device builds and boots w/no additional denials with split context files.
Test: Angler can successfully finish sideloaded OTA with updater binary
      that is with this change

Change-Id: I85cd1525990f6ad054861e62327bd9c2aac03b02

Signed-off-by: Daniel Cashman <dcashman@google.com>
Signed-off-by: Sandeep Patil <sspatil@google.com>

1 files changed, 4 insertions, 2 deletions

diff --git a/libselinux/src/label_internal.h b/libselinux/src/label_internal.h
index 3d7ff748..62c1720e 100644
--- a/libselinux/src/label_internal.h
+++ b/libselinux/src/label_internal.h
@@ -108,10 +108,12 @@ struct selabel_handle {
 	void *data;
 
 	/*
-	 * The main spec file used. Note for file contexts the local and/or
+	 * The main spec file(s) used. Note for file contexts the local and/or
 	 * homedirs could also have been used to resolve a context.
 	 */
-	char *spec_file;
+	size_t spec_files_len;
+	char **spec_files;
+
 
 	/* substitution support */
 	struct selabel_sub *dist_subs;