devil/devil/android/sdk/shared_prefs.py - Issue 2743003003: Make SharedPrefs apply package's security context on commit

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: devil/devil/android/sdk/shared_prefs.py

Issue 2743003003: Make SharedPrefs apply package's security context on commit (Closed)

Patch Set: Raise exception when no context found and fix tests Created 3 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: devil/devil/android/sdk/shared_prefs.py

diff --git a/devil/devil/android/sdk/shared_prefs.py b/devil/devil/android/sdk/shared_prefs.py

index 58370bc0610320a304549544cf59043b5e1272fd..2fa2e6a1867b10cd18345e72bf776733693121b2 100644

--- a/devil/devil/android/sdk/shared_prefs.py

+++ b/devil/devil/android/sdk/shared_prefs.py

@@ -11,6 +11,8 @@ See e.g.:

import logging

import posixpath

+from devil.android import device_errors

+from devil.android.sdk import version_codes

from xml.etree import ElementTree

logger = logging.getLogger(__name__)

@@ -270,6 +272,19 @@ class SharedPrefs(object):

['mkdir', '-p', posixpath.dirname(self.path)],

as_root=True, check_return=True)

self._device.WriteFile(self.path, str(self), as_root=True)

+ # Creating the directory/file can cause issues with SELinux if they did

+ # not already exist. As a workaround, apply the package's security context

+ # to the shared_prefs directory, which mimics the behavior of a file

+ # created by the app itself

+ if self._device.build_version_sdk >= version_codes.MARSHMALLOW:

+ security_context = self._GetSecurityContext(self.package)

+ if security_context == None:

+ raise device_errors.CommandFailedError(

+ 'Failed to get security context for %s' % self.package)

+ self._device.RunShellCommand(

+ ['chcon', '-R', security_context,

+ '/data/data/%s/shared_prefs' % self.package],

+ as_root=True, check_return=True)

self._device.KillAll(self.package, exact=True, as_root=True, quiet=True)

self._changed = False

@@ -391,3 +406,15 @@ class SharedPrefs(object):

pref.set(value)

self._changed = True

logger.info('Setting property: %s', pref)

+ def _GetSecurityContext(self, package):

+ for line in self._device.RunShellCommand(['ls', '-Z', '/data/data/'],

+ as_root=True, check_return=True):

+ split_line = line.split()

+ # ls -Z output differs between Android versions, but the package is

+ # always last and the context always starts with "u:object"

+ if split_line[-1] == package:

+ for column in split_line:

+ if column.startswith('u:object'):

+ return column

+ return None

« no previous file with comments | « no previous file | devil/devil/android/sdk/shared_prefs_test.py » ('j') | devil/devil/android/sdk/shared_prefs_test.py » ('J')