libselinux: be strict about what symbols we export
Make sure shared libraries we create export only the minimum number of
symbols, and not a bit more. We want to be careful what SELinux APIs we
(directly or indirectly) expose to other processes.
Test: Android compiles. Link time restrictions only.
Change-Id: Ia6d1788cd944b46f1e97f621f4466fb8ada29191
diff --git a/libselinux/Android.bp b/libselinux/Android.bp
index a4e599c..c868353 100644
--- a/libselinux/Android.bp
+++ b/libselinux/Android.bp
@@ -122,6 +122,8 @@
local_include_dirs: [ "src" ],
+ version_script: "exported.map",
+
// 1003 corresponds to auditd, from system/core/logd/event.logtags
cflags: [
"-DAUDITD_LOG_TAG=1003",
diff --git a/libselinux/exported.map b/libselinux/exported.map
new file mode 100644
index 0000000..49b8606
--- /dev/null
+++ b/libselinux/exported.map
@@ -0,0 +1,36 @@
+{
+ global:
+ fgetfilecon;
+ fsetfilecon;
+ freecon;
+ getcon;
+ getfilecon;
+ getpeercon;
+ getpidcon;
+ is_selinux_enabled;
+ lgetfilecon;
+ lsetfilecon;
+ selabel_close;
+ selabel_lookup;
+ selabel_open;
+ selinux_android_file_context_handle;
+ selinux_android_prop_context_handle;
+ selinux_android_restorecon;
+ selinux_android_restorecon_pkgdir;
+ selinux_android_setcontext;
+ selinux_android_set_sehandle;
+ selinux_android_service_context_handle;
+ selinux_check_access;
+ security_getenforce;
+ security_setenforce;
+ security_load_policy;
+ selinux_log_callback;
+ selinux_set_callback;
+ selinux_status_open;
+ selinux_status_updated;
+ setcon;
+ setexeccon;
+ setfilecon;
+ setfscreatecon;
+ local: *;
+};
