libselinux: add The Android fork files

Android is now rectified with upstream libselinux with the
exception of the src/android.c and include/selinux/android.h
files. Since the changes now reside in separate files, no
conflict will occur when merging updates from upstream.

Any changes to other files should go upstream.

Bug: 31910164
Test: Builds
Change-Id: I4c3c3d1a89a69f2796ec07ccccaf1aaa99457377
Signed-off-by: William Roberts <william.c.roberts@intel.com>

README.android

@@ -0,0 +1,41 @@
+This fork of Android differs in the following ways:
+ - README.android
+ - All Android.mk and Android.bp files
+ - ALL MODULE_LICENSE_* files
+ - libselinux/include/selinux/android.h
+ - libselinux/src/android/android.c
+
+All other changes should be upstreamed to selinux as
+Android no longer carries changes outside of those files.
+
+The upstream project can be found at:
+https://github.com/SELinuxProject/selinux
+
+Thus, since all changes are in separate files, updates merged from
+upstream should occur with no merge conflicts.
+
+This fork differs from upstream libselinux in at least the following ways:
+
+* The Android fork omits compiling many of the src files and specifies
+  custom build configurations. The exact details, are encoded in the
+  Android.bp and Android.mk files.
+
+* The SELinux policy files are all located in / rather than under
+  /etc/selinux since /etc is not available in Android until /system
+  is mounted and use fixed paths, not dependent on /etc/selinux/config.
+
+* The kernel policy file (sepolicy in Android, policy.N in Linux) does
+  not include a version suffix since Android does not need to support
+  booting multiple kernels.
+
+* The policy loading logic does not support automatic downgrading of
+  the kernel policy file to a version known to the kernel, since this
+  requires libsepol on the device and is only needed to support mixing
+  and matching kernels and userspace easily.
+
+* restorecon functionality, including recursive restorecon, has been
+  been upstreamed as selinux_restorecon(), but there are residual
+  differences between it and selinux_android_restorecon().
+
+* Support for seapp_contexts, a new Android-specific SELinux
+  configuration file has been added within android.c.

libselinux/include/selinux/android.h

@@ -0,0 +1,57 @@
+#ifndef _SELINUX_ANDROID_H_
+#define _SELINUX_ANDROID_H_
+
+#include <stdbool.h>
+#include <sys/types.h>
+#include <unistd.h>
+
+#include <selinux/label.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+extern struct selabel_handle* selinux_android_file_context_handle(void);
+
+extern struct selabel_handle* selinux_android_prop_context_handle(void);
+
+extern struct selabel_handle* selinux_android_service_context_handle(void);
+
+extern void selinux_android_set_sehandle(const struct selabel_handle *hndl);
+
+extern int selinux_android_load_policy(void);
+
+extern int selinux_android_setcon(const char *con);
+
+extern int selinux_android_setcontext(uid_t uid,
+				      bool isSystemServer,
+				      const char *seinfo,
+				      const char *name);
+
+extern int selinux_android_setfilecon(const char *pkgdir,
+				       const char *pkgname,
+				       const char *seinfo,
+				       uid_t uid);
+
+extern int selinux_log_callback(int type, const char *fmt, ...)
+    __attribute__ ((format(printf, 2, 3)));
+
+#define SELINUX_ANDROID_RESTORECON_NOCHANGE 1
+#define SELINUX_ANDROID_RESTORECON_VERBOSE  2
+#define SELINUX_ANDROID_RESTORECON_RECURSE  4
+#define SELINUX_ANDROID_RESTORECON_FORCE    8
+#define SELINUX_ANDROID_RESTORECON_DATADATA 16
+#define SELINUX_ANDROID_RESTORECON_SKIPCE   32
+extern int selinux_android_restorecon(const char *file, unsigned int flags);
+
+extern int selinux_android_restorecon_pkgdir(const char *pkgdir,
+                                             const char *seinfo,
+                                             uid_t uid,
+                                             unsigned int flags);
+
+extern int selinux_android_seapp_context_reload(void);
+
+#ifdef __cplusplus
+}
+#endif
+#endif