From 48a0a67e9fda92aff2cd5eae35cb497b2db5677c Mon Sep 17 00:00:00 2001 From: steven_q Date: Mon, 27 Jun 2022 22:24:55 +0800 Subject: [PATCH] fix selinux hap setcon Signed-off-by: steven_q Change-Id: If1b9e05acd733535c135eba36208579478ce1ccf --- adapter/appspawn_adapter.cpp | 6 +++++- adapter/appspawn_adapter.h | 1 + standard/appspawn_process.c | 1 + 3 files changed, 7 insertions(+), 1 deletion(-) diff --git a/adapter/appspawn_adapter.cpp b/adapter/appspawn_adapter.cpp index 64e8240b..382ed49f 100644 --- a/adapter/appspawn_adapter.cpp +++ b/adapter/appspawn_adapter.cpp @@ -29,10 +29,14 @@ void SetAppAccessToken(struct AppSpawnContent_ *content, AppSpawnClient *client) int32_t ret = SetSelfTokenID(appProperty->property.accessTokenId); APPSPAWN_LOGI("AppSpawnServer::set access token id = %d, ret = %d %d", appProperty->property.accessTokenId, ret, getuid()); +} +void SetSelinuxCon(struct AppSpawnContent_ *content, AppSpawnClient *client) +{ #ifdef WITH_SELINUX + AppSpawnClientExt *appProperty = (AppSpawnClientExt *)client; HapContext hapContext; - ret = hapContext.HapDomainSetcontext(appProperty->property.apl, appProperty->property.processName); + int32_t ret = hapContext.HapDomainSetcontext(appProperty->property.apl, appProperty->property.processName); if (ret != 0) { APPSPAWN_LOGE("AppSpawnServer::Failed to hap domain set context, errno = %d %s", errno, appProperty->property.apl); diff --git a/adapter/appspawn_adapter.h b/adapter/appspawn_adapter.h index bf0928d4..88dcba3b 100644 --- a/adapter/appspawn_adapter.h +++ b/adapter/appspawn_adapter.h @@ -26,6 +26,7 @@ extern "C" { int32_t SetAppSandboxProperty(struct AppSpawnContent_ *content, AppSpawnClient *client); void SetAppAccessToken(struct AppSpawnContent_ *content, AppSpawnClient *client); +void SetSelinuxCon(struct AppSpawnContent_ *content, AppSpawnClient *client); void LoadExtendLib(AppSpawnContent *content); void RunChildProcessor(AppSpawnContent *content, AppSpawnClient *client); int GetRenderProcessTerminationStatus(int32_t pid, int *status); diff --git a/standard/appspawn_process.c b/standard/appspawn_process.c index 14786bf5..26a26ff0 100644 --- a/standard/appspawn_process.c +++ b/standard/appspawn_process.c @@ -117,6 +117,7 @@ static int SetCapabilities(struct AppSpawnContent_ *content, AppSpawnClient *cli // set capabilities isRet = capset(&cap_header, &cap_data[0]) == -1; APPSPAWN_CHECK(!isRet, return -errno, "capset failed: %d", errno); + SetSelinuxCon(content, client); return 0; } -- Gitee