mirror of
https://github.com/topjohnwu/selinux.git
synced 2024-12-04 01:20:52 +00:00
c00ed59281
This is a follow up fix to the restorecon change in commit 6ab5fbaabc84f7093b37c1afae855292e918090f This change has been tested in android for a while. The stem is a list of top level directory (without regex metachar) covered in the file context. And it constructs from finding the second '/' in the regex_string; and aims to speed up the lookup by skipping unnecessary regex matches. More contexts in https://lore.kernel.org/selinux/200309231522.25749.russell@coker.com.au/ However, this caused some issue when we try to find all the partial matches for a root directory. For example, the path "/data" doesn't have a stem while the regex "/data/misc/(/.*)?" has "/data" as the stem. As a result, all the regex for the subdirs of /data will not considered as a match for "/data". And the restorecon will wrongly skip on top level "/data" when there's a context change to one of subdir. This CL always includes the stem when compiling the regex in all circumstances. Also, it ignores the stem id check in the "match all" case, while the behavior for the single match stays unchanged. I will collect more data to find out if stem id check is still necessary at all with the new restorecon logic. Test: run restorecon on "/data"; change the context of one subdir and run again, and the context is restored on that subdir; search the caller of regex_match Signed-off-by: Tianjie Xu <xunchang@google.com> |
||
|---|---|---|
| .. | ||
| include | ||
| man | ||
| src | ||
| utils | ||
| LICENSE | ||
| Makefile | ||
| VERSION | ||