diff options
| author | 2024-05-15 15:08:16 +0000 | |
|---|---|---|
| committer | 2024-05-17 14:56:36 +0000 | |
| commit | 7b71992c1dee9882cfcbf96c0c1a1391ff3d5313 (patch) | |
| tree | 4c9cac1a3fff23bb87f25265909602878435eead | |
| parent | 412a1d554f642b8af82e12923359e1ed9c199991 (diff) | |
Change position of isSdkSandbox{Audit,Next} input selectors
aosp/2836178 changed the seinfo parsing logic to
interpret the "complete" attribute as the end of
the seinfo string.
Since we were appending the ":isSdkSandbox*" input
selectors at the end of the seinfo string, those
selectors were being ignored.
This change moves the sandbox selectors to the
middle of the seinfo string, to make sure we parse
them correctly.
Bug: 295861450
Test: atest SdkSandboxAuditTests SdkSandboxNextTests
Change-Id: I14e2f3fba25bb93c136a38d5a4e4e48ab271650c
| -rw-r--r-- | services/core/java/com/android/server/am/ProcessList.java | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/services/core/java/com/android/server/am/ProcessList.java b/services/core/java/com/android/server/am/ProcessList.java index 6779f7a37f20..a5449a0f0431 100644 --- a/services/core/java/com/android/server/am/ProcessList.java +++ b/services/core/java/com/android/server/am/ProcessList.java @@ -37,6 +37,7 @@ import static android.os.Process.startWebView; import static android.system.OsConstants.EAGAIN; import static com.android.sdksandbox.flags.Flags.selinuxSdkSandboxAudit; +import static com.android.sdksandbox.flags.Flags.selinuxSdkSandboxInputSelector; import static com.android.server.am.ActivityManagerDebugConfig.DEBUG_LRU; import static com.android.server.am.ActivityManagerDebugConfig.DEBUG_NETWORK; import static com.android.server.am.ActivityManagerDebugConfig.DEBUG_PROCESSES; @@ -2065,11 +2066,15 @@ public final class ProcessList { } } - return app.info.seInfo - + (TextUtils.isEmpty(app.info.seInfoUser) ? "" : app.info.seInfoUser) + extraInfo; + if (selinuxSdkSandboxInputSelector()) { + return app.info.seInfo + extraInfo + TextUtils.emptyIfNull(app.info.seInfoUser); + } else { + return app.info.seInfo + + (TextUtils.isEmpty(app.info.seInfoUser) ? "" : app.info.seInfoUser) + + extraInfo; + } } - @GuardedBy("mService") boolean startProcessLocked(HostingRecord hostingRecord, String entryPoint, ProcessRecord app, int uid, int[] gids, int runtimeFlags, int zygotePolicyFlags, int mountExternal, |