From a240733137d1a0c006ca68415a0f8ed28cc4b11a Mon Sep 17 00:00:00 2001
From: Stephen Smalley <sds@tycho.nsa.gov>
Date: Wed, 9 Apr 2014 14:23:43 -0400
Subject: [PATCH] restorecon the profile directory.

This is required so that it will be assigned the correct SELinux
security context on first creation by installd.

Bug: 13927667
Change-Id: I4857d031f9e7e60d48b8c72fcb22a81b3a2ebaaa
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
---
 cmds/installd/utils.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/cmds/installd/utils.c b/cmds/installd/utils.c
index 8f4da6531..671d03125 100644
--- a/cmds/installd/utils.c
+++ b/cmds/installd/utils.c
@@ -1022,7 +1022,13 @@ int create_profile_file(const char *pkgname, gid_t gid) {
         // Make the profile directory write-only for group and other. Owner can rwx it.
         if (chmod(profile_dir, 0711) < 0) {
             ALOGE("cannot chown profile dir '%s': %s\n", profile_dir, strerror(errno));
-            unlink(profile_dir);
+            rmdir(profile_dir);
+            return -1;
+        }
+
+        if (selinux_android_restorecon(profile_dir, 0) < 0) {
+            ALOGE("cannot restorecon profile dir '%s': %s\n", profile_dir, strerror(errno));
+            rmdir(profile_dir);
             return -1;
         }
     }