From ea3cfbd0ca4ca6085d2430372250db40f16099ce Mon Sep 17 00:00:00 2001
From: tiann <twsxtd@gmail.com>
Date: Thu, 5 Jan 2023 16:58:00 +0800
Subject: [PATCH] ksud: fix selinux unlabeled of modules dir

---
 userspace/ksud/src/module.rs     |  4 +++-
 userspace/ksud/src/restorecon.rs | 12 ++++++++++++
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/userspace/ksud/src/module.rs b/userspace/ksud/src/module.rs
index 65009683..05522f67 100644
--- a/userspace/ksud/src/module.rs
+++ b/userspace/ksud/src/module.rs
@@ -12,7 +12,7 @@ use std::{
 use subprocess::Exec;
 use zip_extensions::*;
 
-use crate::utils::*;
+use crate::{utils::*, restorecon::setsyscon};
 use crate::{defs, restorecon};
 
 use anyhow::{bail, ensure, Context, Result};
@@ -309,6 +309,8 @@ pub fn install_module(zip: String) -> Result<()> {
 
     mount_image(tmp_module_img, module_update_tmp_dir)?;
 
+    setsyscon(module_update_tmp_dir)?;
+
     let result = {
         let module_dir = format!("{}/{}", module_update_tmp_dir, module_id);
         ensure_clean_dir(&module_dir)?;
diff --git a/userspace/ksud/src/restorecon.rs b/userspace/ksud/src/restorecon.rs
index c0a9c82f..e9658ee4 100644
--- a/userspace/ksud/src/restorecon.rs
+++ b/userspace/ksud/src/restorecon.rs
@@ -6,6 +6,18 @@ use subprocess::Exec;
 const SYSTEM_CON: &str = "u:object_r:system_file:s0";
 const _ADB_CON: &str = "u:object_r:adb_data_file:s0";
 
+pub fn setcon(path: &str, con: &str) -> Result<()> {
+    // todo use libselinux directly
+    let cmd = format!("chcon {} {}", con, path);
+    let result = Exec::shell(cmd).join()?;
+    ensure!(result.success(), "chcon for: {} failed.", path);
+    Ok(())
+}
+
+pub fn setsyscon(path: &str) -> Result<()> {
+    setcon(path, SYSTEM_CON)
+}
+
 pub fn restore_syscon(dir: &str) -> Result<()> {
     // todo use libselinux directly
     let cmd = format!("chcon -R {} {}", SYSTEM_CON, dir);