WeiguangTWK
/
LSPosed
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Properly set SELinux context after reboot 

After reboot, the SELinux context labels for files located in `/data/adb` are reset to `u:object_r:adb_data_file:s0`.

To fully address the issue in ed1f61d2, we should always compare the SELinux context and reset it when necessary.
This commit is contained in:
JingMatrix 2025-11-08 20:13:53 +01:00
parent b270bd55df
commit 487e835559
2 changed files with 32 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
daemon/src/main/java/org/lsposed/lspd/service/ConfigFileManager.java
View File

@ -70,6 +70,7 @@ import java.util.ArrayList;
import java.util.HashSet; import java.util.HashSet;
import java.util.List; import java.util.List;
import java.util.Locale; import java.util.Locale;
import java.util.stream.Stream;
import java.util.zip.Deflater; import java.util.zip.Deflater;
import java.util.zip.ZipEntry; import java.util.zip.ZipEntry;
import java.util.zip.ZipFile; import java.util.zip.ZipFile;
@ -454,20 +455,38 @@ public class ConfigFileManager {
static Path resolveModuleDir(String packageName, String dir, int userId, int uid) throws IOException { static Path resolveModuleDir(String packageName, String dir, int userId, int uid) throws IOException {
var path = modulePath.resolve(String.valueOf(userId)).resolve(packageName).resolve(dir).normalize(); var path = modulePath.resolve(String.valueOf(userId)).resolve(packageName).resolve(dir).normalize();
if (uid != -1) { // Ensure the directory and any necessary parent directories exist.
if (path.toFile().mkdirs()) { path.toFile().mkdirs();
try {
SELinux.setFileContext(path.toString(), "u:object_r:xposed_data:s0"); if (SELinux.getFileContext(path.toString()) != "u:object_r:xposed_data:s0") {
Os.chown(path.toString(), uid, uid); // SELinux label could be reset after a reboot.
Os.chmod(path.toString(), 0755); try {
} catch (ErrnoException e) { setSelinuxContextRecursive(path, "u:object_r:xposed_data:s0");
throw new IOException(e); Os.chown(path.toString(), uid, uid);
} Os.chmod(path.toString(), 0755);
} catch (ErrnoException e) {
throw new IOException(e);
} }
} }
return path; return path;
} }
private static void setSelinuxContextRecursive(Path path, String context) throws IOException {
try {
SELinux.setFileContext(path.toString(), context);
if (Files.isDirectory(path)) {
try (Stream<Path> stream = Files.list(path)) {
for (Path entry : (Iterable<Path>) stream::iterator) {
setSelinuxContextRecursive(entry, context);
}
}
}
} catch (Exception e) {
throw new IOException("Failed to recursively set SELinux context for " + path, e);
}
}
private static class FileLocker { private static class FileLocker {
private final FileChannel lockChannel; private final FileChannel lockChannel;
private final FileLock locker; private final FileLock locker;

4
hiddenapi/stubs/src/main/java/android/os/SELinux.java
View File

@ -9,6 +9,10 @@ public class SELinux {
throw new UnsupportedOperationException("Stub"); throw new UnsupportedOperationException("Stub");
} }
public static String getFileContext(String path) {
throw new UnsupportedOperationException("Stub");
}
public static boolean setFSCreateContext(String context){ public static boolean setFSCreateContext(String context){
throw new UnsupportedOperationException("Stub"); throw new UnsupportedOperationException("Stub");
} }