commit d13eef0974b1677f55309a25fc14b9860e7ac4b7
author Nick Kralevich <nnk@google.com> Fri Dec 09 17:11:22 2016 -0800
committer Nick Kralevich <nnk@google.com> Fri Dec 09 17:11:40 2016 -0800
tree 03850526155567dfdcc6affc39ab29f4d2d54510
parent 53b4ffad7e2cae2f4f52d04084fde139d05046a3

permissions.cpp: remove is_selinux_enabled calls

SELinux is always enabled.

Test: device boots and no keystore errors.
Change-Id: I65782894a5e5dc68380d3389e3d41d052e81c288

keystore/permissions.cpp

diff --git a/keystore/permissions.cpp b/keystore/permissions.cpp
index feacd8f..1d3fb8f 100644
--- a/keystore/permissions.cpp
+++ b/keystore/permissions.cpp
@@ -84,32 +84,22 @@
 }
 
 static char* tctx;
-static int ks_is_selinux_enabled;
 
 int configure_selinux() {
-    ks_is_selinux_enabled = is_selinux_enabled();
-    if (ks_is_selinux_enabled) {
-        union selinux_callback cb;
-        cb.func_audit = audit_callback;
-        selinux_set_callback(SELINUX_CB_AUDIT, cb);
-        cb.func_log = selinux_log_callback;
-        selinux_set_callback(SELINUX_CB_LOG, cb);
-        if (getcon(&tctx) != 0) {
-            ALOGE("SELinux: Could not acquire target context. Aborting keystore.\n");
-            return -1;
-        }
-    } else {
-        ALOGI("SELinux: Keystore SELinux is disabled.\n");
+    union selinux_callback cb;
+    cb.func_audit = audit_callback;
+    selinux_set_callback(SELINUX_CB_AUDIT, cb);
+    cb.func_log = selinux_log_callback;
+    selinux_set_callback(SELINUX_CB_LOG, cb);
+    if (getcon(&tctx) != 0) {
+        ALOGE("SELinux: Could not acquire target context. Aborting keystore.\n");
+        return -1;
     }
 
     return 0;
 }
 
 static bool keystore_selinux_check_access(uid_t uid, perm_t perm, pid_t spid) {
-    if (!ks_is_selinux_enabled) {
-        return true;
-    }
-
     audit_data ad;
     char* sctx = NULL;
     const char* selinux_class = "keystore_key";