diff --git a/adapter/appspawn_adapter.cpp b/adapter/appspawn_adapter.cpp index d9f9dd84..12e54304 100644 --- a/adapter/appspawn_adapter.cpp +++ b/adapter/appspawn_adapter.cpp @@ -40,7 +40,11 @@ void SetSelinuxCon(struct AppSpawnContent_ *content, AppSpawnClient *client) UNUSED(content); AppSpawnClientExt *appProperty = reinterpret_cast(client); HapContext hapContext; - int32_t ret = hapContext.HapDomainSetcontext(appProperty->property.apl, appProperty->property.processName); + HapDomainInfo hapDomainInfo; + hapDomainInfo.apl = appProperty->property.apl; + hapDomainInfo.packageName = appProperty->property.processName; + hapDomainInfo.hapFlags = appProperty->property.hapFlags; + int32_t ret = hapContext.HapDomainSetcontext(hapDomainInfo); if (ret != 0) { APPSPAWN_LOGE("AppSpawnServer::Failed to hap domain set context, errno = %d %s", errno, appProperty->property.apl); diff --git a/interfaces/innerkits/include/appspawn_msg.h b/interfaces/innerkits/include/appspawn_msg.h index ce9f4877..a593efd4 100644 --- a/interfaces/innerkits/include/appspawn_msg.h +++ b/interfaces/innerkits/include/appspawn_msg.h @@ -94,6 +94,7 @@ typedef struct AppParameter_ { int32_t bundleIndex; AppOperateType code; uint64_t accessTokenIdEx; + int32_t hapFlags; #ifndef OHOS_LITE uint8_t setAllowInternet; uint8_t allowInternet; // hap sockect allowed diff --git a/test/unittest/app_spawn_stub.cpp b/test/unittest/app_spawn_stub.cpp index 56d4d665..841291ad 100644 --- a/test/unittest/app_spawn_stub.cpp +++ b/test/unittest/app_spawn_stub.cpp @@ -37,7 +37,7 @@ HapContextStub::HapContextStub() {} HapContextStub::~HapContextStub() {} static int g_testHapDomainSetcontext = 0; -int HapContextStub::HapDomainSetcontext(const std::string &apl, const std::string &packageName) +int HapContextStub::HapDomainSetcontext(HapDomainInfo& hapDomainInfo) { if (g_testHapDomainSetcontext == 0) { return 0; diff --git a/test/unittest/app_spawn_stub.h b/test/unittest/app_spawn_stub.h index fb60fc40..af594524 100644 --- a/test/unittest/app_spawn_stub.h +++ b/test/unittest/app_spawn_stub.h @@ -18,11 +18,17 @@ #include +struct HapDomainInfo { + std::string apl; + std::string packageName; + unsigned int hapFlags = 1; +}; + class HapContextStub { public: HapContextStub(); ~HapContextStub(); - int HapDomainSetcontext(const std::string &apl, const std::string &packageName); + int HapDomainSetcontext(HapDomainInfo& hapDomainInfo); }; #ifdef __cplusplus extern "C" { diff --git a/util/src/sandbox_utils.cpp b/util/src/sandbox_utils.cpp index 73a02d85..8e77c638 100644 --- a/util/src/sandbox_utils.cpp +++ b/util/src/sandbox_utils.cpp @@ -436,7 +436,13 @@ static void SetSelinuxCondition(const std::string &srcPath, const ClientSocket:: #ifndef APPSPAWN_TEST #ifdef WITH_SELINUX HapContext hapContext; - hapContext.HapFileRestorecon(srcPath, appProperty->apl, appProperty->bundleName, SELINUX_HAP_RESTORECON_RECURSE); + HapFileInfo hapFileInfo; + hapFileInfo.pathNameOrig.emplace_back(srcPath); + hapFileInfo.apl = appProperty->apl; + hapFileInfo.packageName = appProperty->bundleName; + hapFileInfo.flags = SELINUX_HAP_RESTORECON_RECURSE; + hapFileInfo.hapFlags = appProperty->hapFlags; + hapContext.HapFileRestorecon(hapFileInfo); #endif #endif } @@ -445,6 +451,7 @@ static void SetSelinuxCondition(const std::string &srcPath, const ClientSocket:: void SandboxUtils::CheckAndPrepareSrcPath(const ClientSocket::AppProperty *appProperty, const std::string &srcPath) { if (access(srcPath.c_str(), F_OK) == 0) { + SetSelinuxCondition(srcPath, appProperty); return; }