IMHO, this feels like a bug. Perhaps it makes sense to add PCRE_DOTALL to the pcre_compile call in external/libselinux/src/label_file.c ?
-- Nick On Mon, Feb 23, 2015 at 5:52 PM, Stephen Smalley <[email protected]> wrote: > The easiest fix would be to add a file_contexts entry (which you can > do as part of your device policy without modifying > external/sepolicy/file_contexts directly) that will match even files > with embedded newlines. The current entries do not match because by > default, the dot (.) character does not match newline so even the > entries that end in (/.*)? won't match. > > On Mon, Feb 23, 2015 at 6:54 PM, 심현용 <[email protected]> wrote: > > Dear Stephen. > > > > I have some question restorecon api. > > > > When I create file like that > > $ touch "test<space enter> > > newline" > > > > that file doesn't work restorecon.. > > > > For example, Google docs app (com.google.android.apps.docs) create these > > files(thumbnail file) like bellows. > > > > > /data/data/com.google.android.apps.docs/cache/diskCache/fetching/accountCache_1$ > > ls > > thumbnail-510-384-d_downloaded_image_am9uZXNuNTUwOEBnbWFpbC5jb20tZGI6Mw== > > _1404878698133 > > thumbnail-510-384-d_downloaded_image_am9uZXNuNTUwOEBnbWFpbC5jb20tZGI6NA== > > _1402378046571 > > thumbnail-510-384-d_downloaded_image_am9uZXNuNTUwOEBnbWFpbC5jb20tZGI6Ng== > > _1324189493087 > > thumbnail-510-384-d_downloaded_image_am9uZXNuNTUwOEBnbWFpbC5jb20tZGI6Nw== > > _1320481847143 > > thumbnail-510-384-d_downloaded_image_am9uZXNuNTUwOEBnbWFpbC5jb20tZGI6OA== > > _1320481776981 > > thumbnail-510-384-d_downloaded_image_am9uZXNuNTUwOEBnbWFpbC5jb20tZGI6OQ== > > _1314508429262 > > > > (new line involve) > > > > Before SELinux enable(Android JB version), these files would be > unlabeled. > > That files doesn't change when upgrade (JB -> KK(SELinux Enable) -> L OS) > > because restorecon doesn't work these files(involve newline). > > > > > > Restorecon api doesn't work because of lookup_common() method (ret will > > return null!) > > > > external/libselinux/src/android.c > > > > static int restorecon_sb() > > .. > > if (selabel_lookup(sehandle, &secontext, pathname, sb->st_mode) < 0) > > return 0 > > > > .. > > > > > > // if input file name include "new line", i will be -1 because rc would > be > > PCRE_ERROR_NOMATCH! > > > > external/libselinux/src/label_file.c > > static spec_t *lookup_common() > > .. > > if (i < 0 || strcmp(spec_arr[i].lr.ctx_raw, "<<none>>") == 0) { > > /* No matching specification. */ > > errno = ENOENT; > > goto finish; > > } > > .. > > > > > > What should I do? > > Please help this issue. > > > > Thanks. > > > > _______________________________________________ > > Seandroid-list mailing list > > [email protected] > > To unsubscribe, send email to [email protected]. > > To get help, send an email containing "help" to > > [email protected]. > > _______________________________________________ > Seandroid-list mailing list > [email protected] > To unsubscribe, send email to [email protected]. > To get help, send an email containing "help" to > [email protected]. -- Nick Kralevich | Android Security | [email protected] | 650.214.4037
_______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
