From 8d0eb1361e00f335c5f3b55502ed6f9b4525a565 Mon Sep 17 00:00:00 2001 From: Dees Troy Date: Fri, 6 Dec 2013 16:55:41 +0000 Subject: Improve SELinux support check If the kernel does not use SELinux security then the ramdisk contents will not have contexts set on the files, however we may still have everything we need in recovery if the kernel supports EXT4 security labels, so we try to check /cache/recovery if it exists first. Change-Id: I96a4ae16418e07b0a2e83cd56e19893898d0b394 --- twrp.cpp | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/twrp.cpp b/twrp.cpp index 3e56af2d5..06532cba2 100644 --- a/twrp.cpp +++ b/twrp.cpp @@ -123,7 +123,17 @@ int main(int argc, char **argv) { printf("SELinux contexts loaded from /file_contexts\n"); { // Check to ensure SELinux can be supported by the kernel char *contexts = NULL; - lgetfilecon("/sbin/teamwin", &contexts); + + if (PartitionManager.Mount_By_Path("/cache", true) && TWFunc::Path_Exists("/cache/recovery")) { + lgetfilecon("/cache/recovery", &contexts); + if (!contexts) { + lsetfilecon("/cache/recovery", "test"); + lgetfilecon("/cache/recovery", &contexts); + } + } else { + LOGINFO("Could not check /cache/recovery SELinux contexts, using /sbin/teamwin instead which may be inaccurate.\n"); + lgetfilecon("/sbin/teamwin", &contexts); + } if (!contexts) { gui_print("Kernel does not have support for reading SELinux contexts.\n"); } else { -- cgit v1.2.3