Yes, you'd need to add a function to libselinux that does a __selinux_once(onece, seapp_context_init) followed by a seapp_context_lookup() and returns the result. But the caller would need to pass in the uid, seinfo, and pkgname. Currently the zygote / dalvik calls selinux_android_setcontext() to set the app process security context but this handles both the lookup and the setting; there is no API presently for just looking up the context.
You can see the usage of selinux_android_setcontext() in dalvik/vm/native/dalvik_system_Zygote.cpp (or art/runtime/native/dalvik_system_Zygote.cc). Also used by system/core/run-as/run-as.c to set the context to the app context for run-as commands or shells. On 11/08/2013 10:15 AM, William Roberts wrote: > Their is no externally available api... But look into libselinux src > android.c. in there is a static function that computes it. You could extern > this....and if needed write a jni binding. > On Nov 8, 2013 9:55 AM, "Gabriele Scotti" <[email protected]> wrote: > >> Hi SEAndroid, >> >> I want to know if there is a way to get the security context of an >> installed apk >> before starting the application, my goal is to use this function defined >> in the SELinux.java file >> SELinux.checkSELinuxAccess("domainA","domainB","binder","call") >> I can retrieve the security context of domainA through the function >> getPidContext() >> because the application is already started, but I can't use the same one >> to retrieve the domainB context. >> >> Thank you for the reply >> > -- This message was distributed to subscribers of the seandroid-list mailing list. If you no longer wish to subscribe, send mail to [email protected] with the words "unsubscribe seandroid-list" without quotes as the message.
