Thanks for the info. I thought I would generate the SDK with the added
SELinux class just as a test, however there were five java doc errors in
SELinux.java. The attached patch fixes these, I also removed the lines
that referred to the "Binder.getCallingSecctx()" as that is no longer
relevant.
After these fixes and removing the @hide, the sdk built okay. Had to generate a
version 22 of the Eclipse ADT, then was able to build and test
SELinux aware apps.
Richard
--- On Mon, 13/5/13, Stephen Smalley <[email protected]> wrote:
> From: Stephen Smalley <[email protected]>
> Subject: Re: Built SDK but no SELinux class present
> To: "Richard Haines" <[email protected]>
> Cc: [email protected]
> Date: Monday, 13 May, 2013, 14:28
> On 05/13/2013 08:42 AM, Richard
> Haines wrote:
> > I thought I would build the SDK an have a go at some
> SE-aware apps, however
> > the SELinux class/methods were not present. Should they
> be in the SDK ???
>
> The SELinux class is marked with @hide in the SELinux.java
> file, so it isn't an exported interface for third party
> apps.
>
--- a/SELinux.java 2013-04-06 11:48:12.000000000 +0100
+++ b/SELinux.java 2013-05-18 11:13:45.021067795 +0100
@@ -45,7 +45,7 @@
/**
* Set whether SELinux is permissive or enforcing.
- * @param boolean representing whether to set SELinux to enforcing
+ * @param value representing whether to set SELinux to enforcing
* @return a boolean representing whether the desired mode was set
*/
public static final native boolean setSELinuxEnforce(boolean value);
@@ -60,7 +60,7 @@
/**
* Change the security context of an existing file object.
* @param path representing the path of file object to relabel.
- * @param con new security context given as a String.
+ * @param context new security context given as a String.
* @return a boolean indicating whether the operation succeeded.
*/
public static final native boolean setFileContext(String path, String context);
@@ -87,8 +87,6 @@
/**
* Gets the security context of a given process id.
- * Use of this function is discouraged for Binder transactions.
- * Use Binder.getCallingSecctx() instead.
* @param pid an int representing the process id to check.
* @return a String representing the security context of the given pid.
*/
@@ -102,15 +100,15 @@
/**
* Gets the value for the given SELinux boolean name.
- * @param String The name of the SELinux boolean.
+ * @param name The name of the SELinux boolean.
* @return a boolean indicating whether the SELinux boolean is set.
*/
public static final native boolean getBooleanValue(String name);
/**
* Sets the value for the given SELinux boolean name.
- * @param String The name of the SELinux boolean.
- * @param Boolean The new value of the SELinux boolean.
+ * @param name The name of the SELinux boolean.
+ * @param value The new value of the SELinux boolean.
* @return a boolean indicating whether or not the operation succeeded.
*/
public static final native boolean setBooleanValue(String name, boolean value);
