a13246a7fc
The restorecon_recursive directive in init is only applied if the file_contexts file changed between builds, but not necessarily if any file or folder inside /mnt/vendor/persist/ has changed. The restorecon code checks whether an xattr named "security.sehash" contains a string that matches the current combined hashes of the SELinux context files and skips restoring labels if there is a match, see https://android.googlesource.com/platform/external/selinux/+/refs/tags/android-9.0.0_r35/libselinux/src/android/android_platform.c#1546 Force wiping that xattr so that restorecon always runs since it's not very expensive (there are currently only about 50 files on /persist). The restorecon is needed to fix issues such as wrong stock labels on /mnt/vendor/persist/sensors/: sensors_persist_file -> persist_sensors_file Change-Id: Ic0cd848836ee550499d9236f56ed6e939e35f01e
5 lines
168 B
Plaintext
5 lines
168 B
Plaintext
set_prop(vendor_init, vendor_fp_prop)
|
|
|
|
# Allow vendor_init to relabel unlabeled files and directories
|
|
allow vendor_init unlabeled:{ dir file } { getattr relabelfrom };
|