2 files changed, 28 insertions, 1 deletions

diff --git a/ANDROID_3.4.5/security/selinux/hooks.c b/ANDROID_3.4.5/security/selinux/hooks.c
index d85b793c..581b8c71 100644
--- a/ANDROID_3.4.5/security/selinux/hooks.c
+++ b/ANDROID_3.4.5/security/selinux/hooks.c
@@ -5717,8 +5717,33 @@ static struct security_operations selinux_ops = {
 #endif
 };
 
+extern int wmt_getsyspara(char *varname, unsigned char *varval, int *varlen);
+
 static __init int selinux_init(void)
 {
+    // 2013-12-10 YJChen: Add Begin
+    char selinux_env_name[] = "wmt.selinux.param";
+    char selinux_env_buf[32] = "0";
+    int varlen = 32;
+    unsigned int nEnable = 0;
+
+    if (wmt_getsyspara(selinux_env_name, selinux_env_buf, &varlen) == 0) {
+        sscanf(selinux_env_buf, "%x", &nEnable);
+        printk("wmt.selinux.param = %x\n", nEnable);
+        if (nEnable != 0x1) {
+            printk("setting disable selinux\n");
+            selinux_enabled = 0;
+            return 0;
+        }
+    }
+    else {
+        // not define wmt.selinux.param, default disable
+        printk("default disable selinux\n");
+        selinux_enabled = 0;
+        return 0;
+    }
+    // 2013-12-10 YJChen: Add End
+
 	if (!security_module_enable(&selinux_ops)) {
 		selinux_enabled = 0;
 		return 0;
diff --git a/ANDROID_3.4.5/security/selinux/include/classmap.h b/ANDROID_3.4.5/security/selinux/include/classmap.h
index b8c53723..c9275002 100644
--- a/ANDROID_3.4.5/security/selinux/include/classmap.h
+++ b/ANDROID_3.4.5/security/selinux/include/classmap.h
@@ -145,7 +145,9 @@ struct security_class_mapping secclass_map[] = {
 	    "node_bind", "name_connect", NULL } },
 	{ "memprotect", { "mmap_zero", NULL } },
 	{ "peer", { "recv", NULL } },
-	{ "capability2", { "mac_override", "mac_admin", "syslog", NULL } },
+	{ "capability2", 
+	  { "mac_override", "mac_admin", "syslog", "wake_alarm", "block_suspend",
+	    NULL } },
 	{ "kernel_service", { "use_as_override", "create_files_as", NULL } },
 	{ "tun_socket",
 	  { COMMON_SOCK_PERMS, NULL } },