Run restorecon on new profile directories. We want them to end up labeled user_profile_data_file, but without the restorecon they will inherit user_profile_root_file from the parent directory. Bug: 141677108 Bug: 175311045 Test: Manual; install & uninstall app, label correct, no denials Change-Id: I588c450bcc1c1b26f89708f95982ba23609ae4ea

commit: 928d2c1a15503bd4e060f15f8faefc942aea22fa [log] [tgz]
author: Alan Stokes <alanstokes@google.com> Wed Dec 09 10:11:24 2020 +0000
committer: Alan Stokes <alanstokes@google.com> Fri Dec 11 17:40:11 2020 +0000
tree: eecaaab72bc0f8d269944b124419c3957bb4e1e0
parent: 24756e39ebea0ef78fe16b1df28f2f4eef7b7841 [diff] [blame]
diff --git a/cmds/installd/InstalldNativeService.cpp b/cmds/installd/InstalldNativeService.cpp
index 6001a58..c55fc6a 100644
--- a/cmds/installd/InstalldNativeService.cpp
+++ b/cmds/installd/InstalldNativeService.cpp

@@ -398,6 +398,10 @@
         PLOG(ERROR) << "Failed to prepare " << profile_dir;
         return false;
     }
+    if (selinux_android_restorecon(profile_dir.c_str(), 0)) {
+        PLOG(ERROR) << "Failed to restorecon " << profile_dir;
+        return false;
+    }
 
     const std::string ref_profile_path =
             create_primary_reference_profile_package_dir_path(packageName);
commit	928d2c1a15503bd4e060f15f8faefc942aea22fa	[log] [tgz]
author	Alan Stokes <alanstokes@google.com>	Wed Dec 09 10:11:24 2020 +0000
committer	Alan Stokes <alanstokes@google.com>	Fri Dec 11 17:40:11 2020 +0000
tree	eecaaab72bc0f8d269944b124419c3957bb4e1e0
parent	24756e39ebea0ef78fe16b1df28f2f4eef7b7841 [diff] [blame]