static void selinux_initialize(void) { if (selinux_is_disabled()) { return; } INFO("loading selinux policy\n"); if (selinux_android_load_policy() < 0) { ERROR("SELinux: Failed to load policy; rebooting into recovery mode\n"); android_reboot(ANDROID_RB_RESTART2, 0, "recovery"); while (1) { pause(); } // never reached } selinux_init_all_handles(); bool is_enforcing = selinux_is_enforcing(); INFO("SELinux: security_setenforce(%d)\n", is_enforcing); security_setenforce(is_enforcing); }
int selinux_reload_policy(void) { if (selinux_is_disabled()) { return -1; } INFO("SELinux: Attempting to reload policy files\n"); if (selinux_android_reload_policy() == -1) { return -1; } if (sehandle) selabel_close(sehandle); if (sehandle_prop) selabel_close(sehandle_prop); selinux_init_all_handles(); return 0; }
static void selinux_initialize(void) { if (selinux_is_disabled()) { return; } INFO("loading selinux policy\n"); if (selinux_android_load_policy() < 0) { ERROR("SELinux: Failed to load policy; rebooting into recovery mode\n"); android_reboot(ANDROID_RB_RESTART2, 0, "recovery"); while (1) { pause(); } // never reached } selinux_init_all_handles(); #ifndef MTK_HARDWARE bool is_enforcing = false; // Always making selinux permissive for MTK's rild #else bool is_enforcing = selinux_is_enforcing(); #endif INFO("SELinux: security_setenforce(%d)\n", is_enforcing); security_setenforce(is_enforcing); }