Only restorecon CE storage after unlocked. On FBE devices, the filenames inside credential-encrypted directories are mangled until the key is installed. This means the initial restorecon at boot needs to skip these directories until the keys are installed. This CL changes the implementation of the "restorecon_recursive" built-in command to use the new SKIPCE flag to avoid labeling files in CE directories. vold will request a restorecon when the keys are actually installed. Bug: 30126557 Change-Id: I320584574a4d712c493b5bbd8a79b56c0c04aa58

commit: 1635afe83d1ebd6b5f1fac1e9c6c6b5cd1c93204 [log] [tgz]
author: Jeff Sharkey <jsharkey@android.com> Fri Jul 15 16:21:34 2016 -0600
committer: Jeff Sharkey <jsharkey@android.com> Fri Jul 15 16:21:42 2016 -0600
tree: 9afa4371226776c05788590691ed11fc3fb203b0
parent: 98933455b53851319560080f979e5c1e1921fe68 [diff] [blame]
diff --git a/init/builtins.cpp b/init/builtins.cpp
index 5631877..70f9194 100644
--- a/init/builtins.cpp
+++ b/init/builtins.cpp

@@ -875,8 +875,12 @@
     int ret = 0;
 
     for (auto it = std::next(args.begin()); it != args.end(); ++it) {
-        if (restorecon_recursive(it->c_str()) < 0)
+        /* The contents of CE paths are encrypted on FBE devices until user
+         * credentials are presented (filenames inside are mangled), so we need
+         * to delay restorecon of those until vold explicitly requests it. */
+        if (restorecon_recursive_skipce(it->c_str()) < 0) {
             ret = -errno;
+        }
     }
     return ret;
 }
commit	1635afe83d1ebd6b5f1fac1e9c6c6b5cd1c93204	[log] [tgz]
author	Jeff Sharkey <jsharkey@android.com>	Fri Jul 15 16:21:34 2016 -0600
committer	Jeff Sharkey <jsharkey@android.com>	Fri Jul 15 16:21:42 2016 -0600
tree	9afa4371226776c05788590691ed11fc3fb203b0
parent	98933455b53851319560080f979e5c1e1921fe68 [diff] [blame]