ksud: fix selinux unlabeled of modules dir

userspace/ksud/src/module.rs

@@ -12,7 +12,7 @@ use std::{
 use subprocess::Exec;
 use zip_extensions::*;
 
-use crate::utils::*;
+use crate::{utils::*, restorecon::setsyscon};
 use crate::{defs, restorecon};
 
 use anyhow::{bail, ensure, Context, Result};
@@ -309,6 +309,8 @@ pub fn install_module(zip: String) -> Result<()> {
 
     mount_image(tmp_module_img, module_update_tmp_dir)?;
 
+    setsyscon(module_update_tmp_dir)?;
+
     let result = {
         let module_dir = format!("{}/{}", module_update_tmp_dir, module_id);
         ensure_clean_dir(&module_dir)?;

userspace/ksud/src/restorecon.rs

@@ -6,6 +6,18 @@ use subprocess::Exec;
 const SYSTEM_CON: &str = "u:object_r:system_file:s0";
 const _ADB_CON: &str = "u:object_r:adb_data_file:s0";
 
+pub fn setcon(path: &str, con: &str) -> Result<()> {
+    // todo use libselinux directly
+    let cmd = format!("chcon {} {}", con, path);
+    let result = Exec::shell(cmd).join()?;
+    ensure!(result.success(), "chcon for: {} failed.", path);
+    Ok(())
+}
+
+pub fn setsyscon(path: &str) -> Result<()> {
+    setcon(path, SYSTEM_CON)
+}
+
 pub fn restore_syscon(dir: &str) -> Result<()> {
     // todo use libselinux directly
     let cmd = format!("chcon -R {} {}", SYSTEM_CON, dir);