Skip to content
Commit 0e62384c authored by Jeff Sharkey's avatar Jeff Sharkey
Browse files

Prepare app data only when storage is available.

Before this change, scanning a package aggressively tried checking
to ensure that private app data was prepared.  However, in an FBE
world we may not have access to that data at scan time.  So this
change shifts the preparing of private app data until later: it
prepares DE storage when a user is started, and CE storage when a
user is unlocked.  Wire ourselves into the user lifecycle so we can
prepare storage at both user start and unlock.

When DE/CE storage becomes available, this change reconciles any
found packages against known installed apps, and deletes any orphaned
data directories.

We now need to store the last-restorecon hash in an xattr on a
per-user directory basis, since we can't restorecon CE storage until
it's unlocked, or adopted storage until it's mounted.  Remove a
bunch of used logic for loading dynamic SELinux policy at runtime;
our policy always comes from the system image.

Bug: 26466827, 26544104
Change-Id: I8d0a4ef862c35f4e4ef5c7f20d3bb8f12ba3fd4b
parent ab3bdf09
Loading
Loading
Loading
Loading
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment