From 699189d29bd5385ee36621940c9256f8921e31f4 Mon Sep 17 00:00:00 2001
From: Victor Hsieh <victorhsieh@chromium.org>
Date: Tue, 28 Jul 2020 10:31:22 -0700
Subject: sign_android_image: use ARCVM file context if needed

Apparently the file android_file_contexts has a different name for ARCVM
with _vm suffix.  Choose _vm if the container one is not found.

BUG=b:161828692
TEST=sign_official_build.sh base recovery_image.bin mykey signed.bin
BRANCH=none

Signed-off-by: Victor Hsieh <victorhsieh@chromium.org>
Change-Id: I8a93d8e1dd5b824f319d7de804f8f74825166a97
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2323647
Reviewed-by: Mike Frysinger <vapier@chromium.org>
---
 scripts/image_signing/sign_android_image.sh | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/scripts/image_signing/sign_android_image.sh b/scripts/image_signing/sign_android_image.sh
index 2558a980..c1f7c76b 100755
--- a/scripts/image_signing/sign_android_image.sh
+++ b/scripts/image_signing/sign_android_image.sh
@@ -206,9 +206,16 @@ reapply_file_security_context() {
 
   info "Reapplying file security context"
 
-  sudo /sbin/setfiles -v -r "${system_mnt}" \
-      "${root_fs_dir}/etc/selinux/arc/contexts/files/android_file_contexts" \
-      "${system_mnt}"
+  local selinux_dir="${root_fs_dir}/etc/selinux"
+  local file_contexts="${selinux_dir}/arc/contexts/files/android_file_contexts"
+  if [[ ! -f "${file_contexts}" ]]; then
+    file_contexts="${file_contexts}_vm"
+    if [[ ! -f "${file_contexts}" ]]; then
+      die "Can't find Android's file contexts"
+    fi
+  fi
+
+  sudo /sbin/setfiles -v -r "${system_mnt}" "${file_contexts}" "${system_mnt}"
 }
 
 # Snapshot file properties in a directory recursively.
-- 
cgit v1.2.1