From 811a75a0c0dbe211ccabdfbfba60c8f76d5738eb Mon Sep 17 00:00:00 2001 From: Calin Juravle Date: Wed, 5 Apr 2017 22:49:38 -0700 Subject: [PATCH] Pass SElinux info to installd dexopt For secondary dex files, the oat directory is created on the fly. We need to make sure we restore the SElinux context after the oat files are generated. To do that we need to pass the app SElinux info to installd dexopt. Bug: 36896515 Test: adb shell cmd package compile -r bg-dexopt --secondary-dex com.google.android.gms adb shell ls /data/user_de/0/com.google.android.gms/app_chimera/m/0000000c/oat/arm64/ -Z youtube loads gms modules without extracting from apk Change-Id: I5be34b42a509701f6222ca52bec4761c161ec6eb --- core/java/com/android/internal/os/ZygoteInit.java | 3 ++- services/core/java/com/android/server/pm/Installer.java | 5 +++-- services/core/java/com/android/server/pm/OtaDexoptService.java | 5 +++-- services/core/java/com/android/server/pm/PackageDexOptimizer.java | 4 ++-- 4 files changed, 10 insertions(+), 7 deletions(-) diff --git a/core/java/com/android/internal/os/ZygoteInit.java b/core/java/com/android/internal/os/ZygoteInit.java index b2a2fec879e6..67bce8c59309 100644 --- a/core/java/com/android/internal/os/ZygoteInit.java +++ b/core/java/com/android/internal/os/ZygoteInit.java @@ -548,10 +548,11 @@ public class ZygoteInit { final int dexFlags = 0; final String compilerFilter = "speed"; final String uuid = StorageManager.UUID_PRIVATE_INTERNAL; + final String seInfo = null; try { installd.dexopt(classPathElement, Process.SYSTEM_UID, packageName, instructionSet, dexoptNeeded, outputPath, dexFlags, compilerFilter, - uuid, sharedLibraries); + uuid, sharedLibraries, seInfo); } catch (RemoteException | ServiceSpecificException e) { // Ignore (but log), we need this on the classpath for fallback mode. Log.w(TAG, "Failed compiling classpath element for system server: " diff --git a/services/core/java/com/android/server/pm/Installer.java b/services/core/java/com/android/server/pm/Installer.java index 9f7c4a2793db..1e2b743d5e46 100644 --- a/services/core/java/com/android/server/pm/Installer.java +++ b/services/core/java/com/android/server/pm/Installer.java @@ -279,13 +279,14 @@ public class Installer extends SystemService { public void dexopt(String apkPath, int uid, @Nullable String pkgName, String instructionSet, int dexoptNeeded, @Nullable String outputPath, int dexFlags, - String compilerFilter, @Nullable String volumeUuid, @Nullable String sharedLibraries) + String compilerFilter, @Nullable String volumeUuid, @Nullable String sharedLibraries, + @Nullable String seInfo) throws InstallerException { assertValidInstructionSet(instructionSet); if (!checkBeforeRemote()) return; try { mInstalld.dexopt(apkPath, uid, pkgName, instructionSet, dexoptNeeded, outputPath, - dexFlags, compilerFilter, volumeUuid, sharedLibraries); + dexFlags, compilerFilter, volumeUuid, sharedLibraries, seInfo); } catch (Exception e) { throw InstallerException.from(e); } diff --git a/services/core/java/com/android/server/pm/OtaDexoptService.java b/services/core/java/com/android/server/pm/OtaDexoptService.java index 6245ffc64009..498181b5179e 100644 --- a/services/core/java/com/android/server/pm/OtaDexoptService.java +++ b/services/core/java/com/android/server/pm/OtaDexoptService.java @@ -278,7 +278,7 @@ public class OtaDexoptService extends IOtaDexopt.Stub { public void dexopt(String apkPath, int uid, @Nullable String pkgName, String instructionSet, int dexoptNeeded, @Nullable String outputPath, int dexFlags, String compilerFilter, @Nullable String volumeUuid, - @Nullable String sharedLibraries) throws InstallerException { + @Nullable String sharedLibraries, @Nullable String seInfo) throws InstallerException { commands.add(buildCommand("dexopt", apkPath, uid, @@ -289,7 +289,8 @@ public class OtaDexoptService extends IOtaDexopt.Stub { dexFlags, compilerFilter, volumeUuid, - sharedLibraries)); + sharedLibraries, + seInfo)); } }; diff --git a/services/core/java/com/android/server/pm/PackageDexOptimizer.java b/services/core/java/com/android/server/pm/PackageDexOptimizer.java index acbd446a967f..233d406a0901 100644 --- a/services/core/java/com/android/server/pm/PackageDexOptimizer.java +++ b/services/core/java/com/android/server/pm/PackageDexOptimizer.java @@ -203,7 +203,7 @@ public class PackageDexOptimizer { long startTime = System.currentTimeMillis(); mInstaller.dexopt(path, uid, pkg.packageName, isa, dexoptNeeded, oatDir, dexoptFlags, - compilerFilter, pkg.volumeUuid, sharedLibrariesPath); + compilerFilter, pkg.volumeUuid, sharedLibrariesPath, pkg.applicationInfo.seInfo); if (packageStats != null) { long endTime = System.currentTimeMillis(); @@ -280,7 +280,7 @@ public class PackageDexOptimizer { // TODO(calin): maybe add a separate call. mInstaller.dexopt(path, info.uid, info.packageName, isa, /*dexoptNeeded*/ 0, /*oatDir*/ null, dexoptFlags, - compilerFilter, info.volumeUuid, SKIP_SHARED_LIBRARY_CHECK); + compilerFilter, info.volumeUuid, SKIP_SHARED_LIBRARY_CHECK, info.seInfoUser); } return DEX_OPT_PERFORMED; -- 2.11.0