From 81742fbcbcfa4a9c23e13344e34418d0b72ea71f Mon Sep 17 00:00:00 2001
From: Matt Mower <mowerm@gmail.com>
Date: Mon, 1 Sep 2014 14:40:52 -0500
Subject: Only use SELinux tools from toolbox if not in busybox

If busybox has SELinux support, we don't need toolbox to provide SELinux
specific tools. Check busybox for restorecon to see if SELinux support
is present and then adjust the tools built by toolbox based on this.

Change-Id: I30a2b036b97ac3e26510d5e0498c52d7a8af36e1
---
 Android.mk         | 12 +++++++++---
 toolbox/Android.mk |  5 ++++-
 2 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/Android.mk b/Android.mk
index 089485a15..3d95c840c 100644
--- a/Android.mk
+++ b/Android.mk
@@ -310,11 +310,17 @@ include $(CLEAR_VARS)
 # Create busybox symlinks... gzip and gunzip are excluded because those need to link to pigz instead
 BUSYBOX_LINKS := $(shell cat external/busybox/busybox-full.links)
 exclude := tune2fs mke2fs mkdosfs gzip gunzip
+
+# If busybox does not have restorecon, assume it does not have SELinux support.
+# Then, let toolbox provide 'ls' so -Z is available to list SELinux contexts.
 ifeq ($(TWHAVE_SELINUX), true)
-	exclude += ls
-	# toolbox will provide ls support with ls -Z capability for listing SELinux contexts
+	ifeq ($(filter restorecon, $(notdir $(BUSYBOX_LINKS))),)
+		exclude += ls
+	endif
 endif
-RECOVERY_BUSYBOX_SYMLINKS := $(addprefix $(TARGET_RECOVERY_ROOT_OUT)/sbin/,$(filter-out $(exclude),$(notdir $(BUSYBOX_LINKS))))
+
+RECOVERY_BUSYBOX_TOOLS := $(filter-out $(exclude), $(notdir $(BUSYBOX_LINKS)))
+RECOVERY_BUSYBOX_SYMLINKS := $(addprefix $(TARGET_RECOVERY_ROOT_OUT)/sbin/, $(RECOVERY_BUSYBOX_TOOLS))
 $(RECOVERY_BUSYBOX_SYMLINKS): BUSYBOX_BINARY := busybox
 $(RECOVERY_BUSYBOX_SYMLINKS): $(LOCAL_INSTALLED_MODULE)
 	@echo "Symlink: $@ -> $(BUSYBOX_BINARY)"
diff --git a/toolbox/Android.mk b/toolbox/Android.mk
index 73868976a..053660ab1 100644
--- a/toolbox/Android.mk
+++ b/toolbox/Android.mk
@@ -7,8 +7,10 @@ TOOLS := \
 	getprop \
 	setprop
 
+# If busybox does not have SELinux support, provide these tools with toolbox.
+# Note that RECOVERY_BUSYBOX_TOOLS will be empty if TW_USE_TOOLBOX == true.
 ifeq ($(TWHAVE_SELINUX), true)
-	TOOLS += \
+	TOOLS_FOR_SELINUX := \
 		ls \
 		getenforce \
 		setenforce \
@@ -18,6 +20,7 @@ ifeq ($(TWHAVE_SELINUX), true)
 		getsebool \
 		setsebool \
 		load_policy
+	TOOLS += $(filter-out $(RECOVERY_BUSYBOX_TOOLS), $(TOOLS_FOR_SELINUX))
 endif
 
 ifeq ($(TW_USE_TOOLBOX), true)
-- 
cgit v1.2.3