SELinux can be assumed for Android 4.4+

Change-Id: I7410a0c8e439eec90a955ee9201efd9a92bb9635

Android.mk

@@ -159,25 +159,16 @@ ifeq ($(TARGET_USERIMAGES_USE_EXT4), true)
         #LOCAL_STATIC_LIBRARIES += liblz4
     endif
 endif
-ifneq ($(wildcard external/libselinux/Android.mk),)
-    TWHAVE_SELINUX := true
-endif
-ifeq ($(TWHAVE_SELINUX), true)
-  #LOCAL_C_INCLUDES += external/libselinux/include
-  #LOCAL_STATIC_LIBRARIES += libselinux
-  #LOCAL_CFLAGS += -DHAVE_SELINUX -g
-endif # HAVE_SELINUX
-ifeq ($(TWHAVE_SELINUX), true)
-    LOCAL_C_INCLUDES += external/libselinux/include
-    LOCAL_SHARED_LIBRARIES += libselinux
-    LOCAL_CFLAGS += -DHAVE_SELINUX
-    ifneq ($(TARGET_USERIMAGES_USE_EXT4), true)
-        LOCAL_CFLAGS += -DUSE_EXT4
-        LOCAL_C_INCLUDES += system/extras/ext4_utils
-        LOCAL_SHARED_LIBRARIES += libext4_utils
-        ifneq ($(wildcard external/lz4/Android.mk),)
-            LOCAL_STATIC_LIBRARIES += liblz4
-        endif
+
+LOCAL_C_INCLUDES += external/libselinux/include
+LOCAL_SHARED_LIBRARIES += libselinux
+LOCAL_CFLAGS += -g
+ifneq ($(TARGET_USERIMAGES_USE_EXT4), true)
+    LOCAL_CFLAGS += -DUSE_EXT4
+    LOCAL_C_INCLUDES += system/extras/ext4_utils
+    LOCAL_SHARED_LIBRARIES += libext4_utils
+    ifneq ($(wildcard external/lz4/Android.mk),)
+        LOCAL_STATIC_LIBRARIES += liblz4
     endif
 endif
 
@@ -509,10 +500,8 @@ endif
 
 # If busybox does not have restorecon, assume it does not have SELinux support.
 # Then, let toolbox provide 'ls' so -Z is available to list SELinux contexts.
-ifeq ($(TWHAVE_SELINUX), true)
-	ifeq ($(filter restorecon, $(notdir $(BUSYBOX_LINKS))),)
-		exclude += ls
-	endif
+ifeq ($(filter restorecon, $(notdir $(BUSYBOX_LINKS))),)
+    exclude += ls
 endif
 
 RECOVERY_BUSYBOX_TOOLS := $(filter-out $(exclude), $(notdir $(BUSYBOX_LINKS)))

fixContexts.cpp

@@ -25,16 +25,13 @@
 #include "fixContexts.hpp"
 #include "twrp-functions.hpp"
 #include "twcommon.h"
-#ifdef HAVE_SELINUX
-#include "selinux/selinux.h"
-#include "selinux/label.h"
-#include "selinux/android.h"
-#include "selinux/label.h"
-#endif
+#include <selinux/selinux.h>
+#include <selinux/label.h>
+#include <selinux/android.h>
+#include <selinux/label.h>
 
 using namespace std;
 
-#ifdef HAVE_SELINUX
 struct selabel_handle *sehandle;
 struct selinux_opt selinux_options[] = {
 	{ SELABEL_OPT_PATH, "/file_contexts" }
@@ -146,18 +143,3 @@ int fixContexts::fixDataMediaContexts(string Mount_Point) {
 	selabel_close(sehandle);
 	return 0;
 }
-
-#else
-
-int fixContexts::restorecon(string entry __unused, struct stat *sb __unused) {
-	return -1;
-}
-
-int fixContexts::fixContextsRecursively(string name __unused, int level __unused) {
-	return -1;
-}
-
-int fixContexts::fixDataMediaContexts(string Mount_Point __unused) {
-	return -1;
-}
-#endif

gui/Android.mk

@@ -55,9 +55,6 @@ endif
 ifneq ($(TW_NO_SCREEN_TIMEOUT),)
     LOCAL_CFLAGS += -DTW_NO_SCREEN_TIMEOUT
 endif
-ifeq ($(HAVE_SELINUX), true)
-    LOCAL_CFLAGS += -DHAVE_SELINUX
-endif
 ifeq ($(TW_OEM_BUILD), true)
     LOCAL_CFLAGS += -DTW_OEM_BUILD
 endif

libtar/Android.mk

@@ -10,11 +10,8 @@ LOCAL_C_INCLUDES += $(LOCAL_PATH) \
                     external/zlib
 LOCAL_SHARED_LIBRARIES += libz libc
 
-ifeq ($(TWHAVE_SELINUX), true)
-    LOCAL_C_INCLUDES += external/libselinux/include
-    LOCAL_SHARED_LIBRARIES += libselinux
-    LOCAL_CFLAGS += -DHAVE_SELINUX
-endif
+LOCAL_C_INCLUDES += external/libselinux/include
+LOCAL_SHARED_LIBRARIES += libselinux
 
 ifeq ($(TW_INCLUDE_CRYPTO_FBE), true)
     LOCAL_SHARED_LIBRARIES += libe4crypt
@@ -34,11 +31,8 @@ LOCAL_C_INCLUDES += $(LOCAL_PATH) \
                     external/zlib
 LOCAL_STATIC_LIBRARIES += libz libc
 
-ifeq ($(TWHAVE_SELINUX), true)
-    LOCAL_C_INCLUDES += external/libselinux/include
-    LOCAL_STATIC_LIBRARIES += libselinux
-    LOCAL_CFLAGS += -DHAVE_SELINUX
-endif
+LOCAL_C_INCLUDES += external/libselinux/include
+LOCAL_STATIC_LIBRARIES += libselinux
 
 ifeq ($(TW_INCLUDE_CRYPTO_FBE), true)
     LOCAL_SHARED_LIBRARIES += libe4crypt

libtar/append.c

@@ -35,9 +35,7 @@
 # include <unistd.h>
 #endif
 
-#ifdef HAVE_SELINUX
-# include "selinux/selinux.h"
-#endif
+#include <selinux/selinux.h>
 
 #ifdef HAVE_EXT4_CRYPT
 # include "ext4crypt_tar.h"
@@ -105,7 +103,6 @@ tar_append_file(TAR *t, const char *realname, const char *savename)
 #endif
 	th_set_path(t, (savename ? savename : realname));
 
-#ifdef HAVE_SELINUX
 	/* get selinux context */
 	if (t->options & TAR_STORE_SELINUX)
 	{
@@ -129,7 +126,6 @@ tar_append_file(TAR *t, const char *realname, const char *savename)
 #endif
 		}
 	}
-#endif
 
 #ifdef HAVE_EXT4_CRYPT
 	if (TH_ISDIR(t) && t->options & TAR_STORE_EXT4_POL)

libtar/block.c

@@ -123,10 +123,8 @@ th_read(TAR *t)
 		free(t->th_buf.gnu_longname);
 	if (t->th_buf.gnu_longlink != NULL)
 		free(t->th_buf.gnu_longlink);
-#ifdef HAVE_SELINUX
 	if (t->th_buf.selinux_context != NULL)
 		free(t->th_buf.selinux_context);
-#endif
 #ifdef HAVE_EXT4_CRYPT
 	if (t->th_buf.e4crypt_policy != NULL) {
 		free(t->th_buf.e4crypt_policy);
@@ -287,7 +285,7 @@ th_read(TAR *t)
 				printf("    th_read(): Posix capabilities detected\n");
 #endif
 			} // end posix capabilities
-#ifdef HAVE_SELINUX // selinux contexts
+			// selinux contexts
 			start = strstr(buf, SELINUX_TAG);
 			if(start && start+SELINUX_TAG_LEN < buf+len)
 			{
@@ -300,8 +298,7 @@ th_read(TAR *t)
 					printf("    th_read(): SELinux context xattr detected: %s\n", t->th_buf.selinux_context);
 #endif
 				}
-			}
-#endif // HAVE_SELINUX
+			} // end selinux contexts
 #ifdef HAVE_EXT4_CRYPT
 			start = strstr(buf, E4CRYPT_TAG);
 			if(start && start+E4CRYPT_TAG_LEN < buf+len)
@@ -496,7 +493,7 @@ th_write(TAR *t)
 
 	memset(buf, 0, T_BLOCKSIZE);
 	ptr = buf;
-#ifdef HAVE_SELINUX
+
 	if((t->options & TAR_STORE_SELINUX) && t->th_buf.selinux_context != NULL)
 	{
 #ifdef DEBUG
@@ -514,7 +511,6 @@ th_write(TAR *t)
 		snprintf(ptr, T_BLOCKSIZE, "%d "SELINUX_TAG"%s\n", (int)sz, t->th_buf.selinux_context);
 		ptr += sz;
 	}
-#endif
 
 #ifdef HAVE_EXT4_CRYPT
 	if((t->options & TAR_STORE_EXT4_POL) && t->th_buf.e4crypt_policy != NULL)

libtar/extract.c

@@ -32,9 +32,7 @@
 # include <unistd.h>
 #endif
 
-#ifdef HAVE_SELINUX
-# include "selinux/selinux.h"
-#endif
+#include <selinux/selinux.h>
 
 #ifdef HAVE_EXT4_CRYPT
 # include "ext4crypt_tar.h"
@@ -159,7 +157,6 @@ tar_extract_file(TAR *t, const char *realname, const char *prefix, const int *pr
 		return i;
 	}
 
-#ifdef HAVE_SELINUX
 	if((t->options & TAR_STORE_SELINUX) && t->th_buf.selinux_context != NULL)
 	{
 #ifdef DEBUG
@@ -168,7 +165,6 @@ tar_extract_file(TAR *t, const char *realname, const char *prefix, const int *pr
 		if (lsetfilecon(realname, t->th_buf.selinux_context) < 0)
 			fprintf(stderr, "tar_extract_file(): failed to restore SELinux context %s to file %s !!!\n", t->th_buf.selinux_context, realname);
 	}
-#endif
 
 	if((t->options & TAR_STORE_POSIX_CAP) && t->th_buf.has_cap_data)
 	{

libtar/libtar.h

@@ -68,9 +68,7 @@ struct tar_header
 	char padding[12];
 	char *gnu_longname;
 	char *gnu_longlink;
-#ifdef HAVE_SELINUX
 	char *selinux_context;
-#endif
 #ifdef HAVE_EXT4_CRYPT
 	char *e4crypt_policy;
 #endif

minzip/Android.mk

@@ -12,11 +12,8 @@ LOCAL_C_INCLUDES := \
 	external/zlib \
 	external/safe-iop/include
 
-ifeq ($(TWHAVE_SELINUX),true)
 LOCAL_C_INCLUDES += external/libselinux/include
 LOCAL_SHARED_LIBRARIES += libselinux
-LOCAL_CFLAGS += -DHAVE_SELINUX
-endif
 
 LOCAL_CFLAGS += -DPLATFORM_SDK_VERSION=$(PLATFORM_SDK_VERSION)
 
@@ -44,11 +41,8 @@ LOCAL_C_INCLUDES += \
 	external/zlib \
 	external/safe-iop/include
 
-ifeq ($(TWHAVE_SELINUX),true)
 LOCAL_C_INCLUDES += external/libselinux/include
 LOCAL_STATIC_LIBRARIES += libselinux
-LOCAL_CFLAGS += -DHAVE_SELINUX
-endif
 
 LOCAL_CFLAGS += -DPLATFORM_SDK_VERSION=$(PLATFORM_SDK_VERSION)
 

partition.cpp

@@ -65,10 +65,8 @@ extern "C" {
 	#define CRYPT_FOOTER_OFFSET 0x4000
 #endif
 }
-#ifdef HAVE_SELINUX
-#include "selinux/selinux.h"
+#include <selinux/selinux.h>
 #include <selinux/label.h>
-#endif
 #ifdef HAVE_CAPABILITIES
 #include <sys/capability.h>
 #include <sys/xattr.h>
@@ -1910,7 +1908,7 @@ bool TWPartition::Wipe_EXT4() {
 	if (!UnMount(true))
 		return false;
 
-#if defined(HAVE_SELINUX) && defined(USE_EXT4)
+#if defined(USE_EXT4)
 	int ret;
 	char *secontext = NULL;
 
@@ -2619,14 +2617,14 @@ void TWPartition::Recreate_Media_Folder(void) {
 #ifdef TW_INTERNAL_STORAGE_PATH
 		mkdir(EXPAND(TW_INTERNAL_STORAGE_PATH), 0770);
 #endif
-#ifdef HAVE_SELINUX
+
 		// Afterwards, we will try to set the
 		// default metadata that we were hopefully able to get during
 		// early boot.
 		tw_set_default_metadata(Media_Path.c_str());
 		if (!Internal_path.empty())
 			tw_set_default_metadata(Internal_path.c_str());
-#endif
+
 		// Toggle mount to ensure that "internal sdcard" gets mounted
 		PartitionManager.UnMount_By_Path(Symlink_Mount_Point, true);
 		PartitionManager.Mount_By_Path(Symlink_Mount_Point, true);

partitionmanager.cpp

@@ -1578,7 +1578,6 @@ int TWPartitionManager::Decrypt_Device(string Password) {
 }
 
 int TWPartitionManager::Fix_Contexts(void) {
-#ifdef HAVE_SELINUX
 	std::vector<TWPartition*>::iterator iter;
 	for (iter = Partitions.begin(); iter != Partitions.end(); iter++) {
 		if ((*iter)->Has_Data_Media) {
@@ -1591,10 +1590,6 @@ int TWPartitionManager::Fix_Contexts(void) {
 	UnMount_Main_Partitions();
 	gui_msg("done=Done.");
 	return 0;
-#else
-	LOGERR("Cannot fix contexts, no selinux support present.\n");
-	return -1;
-#endif
 }
 
 TWPartition* TWPartitionManager::Find_Next_Storage(string Path, bool Exclude_Data_Media) {

prebuilt/Android.mk

@@ -135,19 +135,12 @@ endif
 ifneq ($(TW_EXCLUDE_MTP), true)
     RELINK_SOURCE_FILES += $(TARGET_OUT_SHARED_LIBRARIES)/libtwrpmtp.so
 endif
-ifeq ($(TARGET_USERIMAGES_USE_EXT4), true)
-    RELINK_SOURCE_FILES += $(TARGET_OUT_SHARED_LIBRARIES)/libext4_utils.so
-endif
+RELINK_SOURCE_FILES += $(TARGET_OUT_SHARED_LIBRARIES)/libext4_utils.so
 RELINK_SOURCE_FILES += $(TARGET_OUT_SHARED_LIBRARIES)/libaosprecovery.so
 ifneq ($(TW_INCLUDE_JPEG),)
     RELINK_SOURCE_FILES += $(TARGET_OUT_SHARED_LIBRARIES)/libjpeg.so
 endif
-ifeq ($(TWHAVE_SELINUX), true)
-    RELINK_SOURCE_FILES += $(TARGET_OUT_SHARED_LIBRARIES)/libselinux.so
-    ifneq ($(TARGET_USERIMAGES_USE_EXT4), true)
-        RELINK_SOURCE_FILES += $(TARGET_OUT_SHARED_LIBRARIES)/libext4_utils.so
-    endif
-endif
+RELINK_SOURCE_FILES += $(TARGET_OUT_SHARED_LIBRARIES)/libselinux.so
 ifeq ($(BUILD_ID), GINGERBREAD)
     TW_NO_EXFAT := true
 endif