Add SELinux permissive state check (#49)

app/src/main/java/io/github/lsposed/manager/Constants.java

@@ -36,6 +36,10 @@ public class Constants {
         return App.getInstance().getApplicationInfo().deviceProtectedDataDir + "/";
     }
 
+    public static boolean isPermissive() {
+        return true;
+    }
+
     public static void showErrorToast(int type) {
         Toast.makeText(App.getInstance(), R.string.app_destroyed, Toast.LENGTH_LONG).show();
     }

app/src/main/java/io/github/lsposed/manager/ui/activity/MainActivity.java

@@ -64,13 +64,19 @@ public class MainActivity extends BaseActivity {
         String installedXposedVersion = Constants.getXposedVersion();
         if (installedXposedVersion != null) {
             binding.statusTitle.setText(String.format(Locale.US, "%s %s", getString(R.string.Activated), Constants.getXposedVariant()));
-            binding.statusSummary.setText(String.format(Locale.US, "%s (%d)", installedXposedVersion, Constants.getXposedVersionCode()));
-            binding.status.setCardBackgroundColor(ContextCompat.getColor(this, R.color.download_status_update_available));
-            binding.statusIcon.setImageResource(R.drawable.ic_check_circle);
+            if (!Constants.isPermissive()) {
+                binding.status.setCardBackgroundColor(ContextCompat.getColor(this, R.color.colorNormal));
+                binding.statusIcon.setImageResource(R.drawable.ic_check_circle);
+                binding.statusSummary.setText(String.format(Locale.US, "%s (%d)", installedXposedVersion, Constants.getXposedVersionCode()));
+            } else {
+                binding.status.setCardBackgroundColor(ContextCompat.getColor(this, R.color.colorError));
+                binding.statusIcon.setImageResource(R.drawable.ic_warning);
+                binding.statusSummary.setText(R.string.selinux_permissive_summary);
+            }
         } else {
             binding.statusTitle.setText(R.string.Install);
             binding.statusSummary.setText(R.string.InstallDetail);
-            binding.status.setCardBackgroundColor(ContextCompat.getColor(this, R.color.colorPrimary));
+            binding.status.setCardBackgroundColor(ContextCompat.getColor(this, R.color.colorInstall));
             binding.statusIcon.setImageResource(R.drawable.ic_error);
         }
     }

app/src/main/java/io/github/lsposed/manager/ui/activity/ModulesActivity.java

@@ -18,7 +18,6 @@ import android.widget.TextView;
 import androidx.annotation.NonNull;
 import androidx.appcompat.app.ActionBar;
 import androidx.appcompat.widget.SearchView;
-import androidx.core.content.ContextCompat;
 import androidx.recyclerview.widget.DividerItemDecoration;
 import androidx.recyclerview.widget.RecyclerView;
 
@@ -276,7 +275,6 @@ public class ModulesActivity extends BaseActivity implements ModuleUtil.ModuleLi
                 descriptionText.setText(item.getDescription());
             } else {
                 descriptionText.setText(getString(R.string.module_empty_description));
-                descriptionText.setTextColor(ContextCompat.getColor(ModulesActivity.this, R.color.warning));
             }
             TextView warningText = holder.warningText;
 

app/src/main/java/io/github/lsposed/manager/ui/fragment/StatusDialogBuilder.java

@@ -3,11 +3,11 @@ package io.github.lsposed.manager.ui.fragment;
 import android.annotation.SuppressLint;
 import android.content.Context;
 import android.os.Build;
-import android.util.Log;
 import android.view.LayoutInflater;
+import android.view.View;
 
 import androidx.annotation.NonNull;
-import androidx.core.content.ContextCompat;
+import androidx.core.text.HtmlCompat;
 
 import com.google.android.material.dialog.MaterialAlertDialogBuilder;
 
@@ -15,11 +15,9 @@ import java.io.BufferedReader;
 import java.io.File;
 import java.io.FileReader;
 import java.io.IOException;
-import java.lang.reflect.Method;
 import java.util.Locale;
 
 import dalvik.system.VMRuntime;
-import io.github.lsposed.manager.App;
 import io.github.lsposed.manager.BuildConfig;
 import io.github.lsposed.manager.Constants;
 import io.github.lsposed.manager.R;
@@ -62,7 +60,10 @@ public class StatusDialogBuilder extends MaterialAlertDialogBuilder {
         binding.manufacturer.setText(getUIFramework());
         binding.cpu.setText(getCompleteArch());
 
-        determineVerifiedBootState(binding);
+        if (Constants.isPermissive()) {
+            binding.selinux.setVisibility(View.VISIBLE);
+            binding.selinux.setText(HtmlCompat.fromHtml(context.getString(R.string.selinux_permissive), HtmlCompat.FROM_HTML_MODE_LEGACY));
+        }
         setView(binding.getRoot());
     }
 
@@ -106,39 +107,6 @@ public class StatusDialogBuilder extends MaterialAlertDialogBuilder {
         }
     }
 
-    private void determineVerifiedBootState(StatusInstallerBinding binding) {
-        try {
-            @SuppressLint("PrivateApi") Class<?> c = Class.forName("android.os.SystemProperties");
-            Method m = c.getDeclaredMethod("get", String.class, String.class);
-            m.setAccessible(true);
-
-            String propSystemVerified = (String) m.invoke(null, "partition.system.verified", "0");
-            String propState = (String) m.invoke(null, "ro.boot.verifiedbootstate", "");
-            File fileDmVerityModule = new File("/sys/module/dm_verity");
-
-            boolean verified = false;
-            if (propSystemVerified != null) {
-                verified = !propSystemVerified.equals("0");
-            }
-            boolean detected = false;
-            if (propState != null) {
-                detected = !propState.isEmpty() || fileDmVerityModule.exists();
-            }
-
-            if (verified) {
-                binding.dmverity.setText(R.string.verified_boot_active);
-                binding.dmverity.setTextColor(ContextCompat.getColor(getContext(), R.color.warning));
-            } else if (detected) {
-                binding.dmverity.setText(R.string.verified_boot_deactivated);
-            } else {
-                binding.dmverity.setText(R.string.verified_boot_none);
-                binding.dmverity.setTextColor(ContextCompat.getColor(getContext(), R.color.warning));
-            }
-        } catch (Exception e) {
-            Log.e(App.TAG, "Could not detect Verified Boot state", e);
-        }
-    }
-
     private String getAndroidVersion() {
         switch (Build.VERSION.SDK_INT) {
             case 26:

app/src/main/res/drawable/ic_verified.xml

@@ -1,10 +0,0 @@
-<vector xmlns:android="http://schemas.android.com/apk/res/android"
-    android:width="24dp"
-    android:height="24dp"
-    android:tint="?attr/colorControlNormal"
-    android:viewportWidth="24"
-    android:viewportHeight="24">
-    <path
-        android:fillColor="@android:color/white"
-        android:pathData="M12,1L3,5v6c0,5.55 3.84,10.74 9,12 5.16,-1.26 9,-6.45 9,-12L21,5l-9,-4zM19,11c0,4.52 -2.98,8.69 -7,9.93 -4.02,-1.24 -7,-5.41 -7,-9.93L5,6.3l7,-3.11 7,3.11L19,11zM7.41,11.59L6,13l4,4 8,-8 -1.41,-1.42L10,14.17z" />
-</vector>

app/src/main/res/layout/activity_crash_report.xml

@@ -18,7 +18,7 @@
             android:layout_height="wrap_content"
             android:layout_margin="16dp"
             android:orientation="horizontal"
-            app:cardBackgroundColor="@color/amber_500">
+            app:cardBackgroundColor="@color/material_amber_500">
 
             <RelativeLayout
                 android:layout_width="wrap_content"

app/src/main/res/layout/item_module.xml

@@ -92,7 +92,7 @@
             android:layout_gravity="center_vertical"
             android:layout_marginBottom="8dp"
             android:textAppearance="?android:attr/textAppearanceSmall"
-            android:textColor="@color/warning"
+            android:textColor="@color/material_red_500"
             android:visibility="gone"
             app:layout_constraintStart_toStartOf="@+id/description"
             app:layout_constraintTop_toBottomOf="@+id/description"

app/src/main/res/layout/status_installer.xml

@@ -85,16 +85,13 @@
             app:drawableStartCompat="@drawable/ic_chip" />
 
         <TextView
-            android:id="@+id/dmverity"
+            android:id="@+id/selinux"
             android:paddingTop="8dp"
-            android:drawablePadding="8dp"
-            android:minHeight="48dp"
-            android:paddingBottom="8dp"
             android:gravity="center_vertical"
             android:layout_width="wrap_content"
-            app:drawableStartCompat="@drawable/ic_verified"
             android:layout_height="wrap_content"
-            android:textAppearance="@style/TextAppearance.AppCompat.Subhead" />
+            android:textAppearance="@style/TextAppearance.AppCompat.Subhead"
+            android:visibility="gone" />
 
     </LinearLayout>
 </ScrollView>

app/src/main/res/values-night/colors.xml

@@ -5,4 +5,7 @@
     <color name="colorPrimaryDark">#2E2E2E</color>
     <color name="colorActionBar">#383838</color>
     <color name="navigationBarColor">#B3000000</color>
+    <color name="colorError">@color/material_red_700</color>
+    <color name="colorNormal">@color/material_green_700</color>
+    <color name="colorInstall">@color/material_blue_700</color>
 </resources>

app/src/main/res/values-zh-rCN/strings.xml

@@ -32,7 +32,6 @@
     <string name="module_is_not_activated_yet_detailed">%s 已安装, 但尚未激活</string>
     <string name="module_empty_description">(未提供介绍)</string>
     <string name="module_no_ui">该模块未提供用户界面</string>
-    <string name="xposed_module_list_updated">LSPosed 模块列表已更新</string>
     <string name="xposed_module_updated_notification_title">LSPosed 模块已更新</string>
     <string name="warning_xposed_min_version">该模块需要更新版本的 LSPosed(%d), 因此无法被激活</string>
     <string name="no_min_version_specified">该模块未指定所需的 LSPosed 版本</string>
@@ -86,10 +85,6 @@
     <string name="menu_title_compile_reset">取消优化</string>
     <string name="compile_reset_msg">清除中…</string>
     <string name="compile_speed_msg">优化中…</string>
-    <string name="notinstalled">LSPosed 框架未安装</string>
-    <string name="verified_boot_active">引导验证已启用</string>
-    <string name="verified_boot_deactivated">引导验证已禁用</string>
-    <string name="verified_boot_none">无法获取引导验证状态</string>
     <string name="done">完成！</string>
 
     <string name="pref_title_disable_verbose_log">禁用详细日志</string>
@@ -137,4 +132,6 @@
     <string name="module_disabled_no_selection">由于未选择任何应用，模块 %s 已被禁用。</string>
     <string name="android_framework">系统框架</string>
     <string name="app_destroyed">此应用程序已被损坏，请确保您从官方来源下载该应用程序。</string>
+    <string name="selinux_permissive">&lt;b&gt;警告：&lt;\/b&gt;SELinux 未处于严格模式！对此进行攻击的恶意程序可以完全控制你的设备，并可能造成你的财产损失和法律责任。</string>
+    <string name="selinux_permissive_summary">SELinux 未处于严格模式！</string>
 </resources>

app/src/main/res/values-zh-rHK/strings.xml

@@ -32,7 +32,6 @@
     <string name="module_is_not_activated_yet_detailed">%s 已安裝, 但尚未激活</string>
     <string name="module_empty_description">(未提供介紹)</string>
     <string name="module_no_ui">該模塊未提供用户界面</string>
-    <string name="xposed_module_list_updated">LSPosed 模塊列表已更新</string>
     <string name="xposed_module_updated_notification_title">LSPosed 模塊已更新</string>
     <string name="warning_xposed_min_version">該模塊需要更新版本的 LSPosed(%d), 因此無法被激活</string>
     <string name="no_min_version_specified">該模塊未指定所需的 LSPosed 版本</string>
@@ -85,10 +84,6 @@
     <string name="menu_title_compile_reset">取消優化</string>
     <string name="compile_reset_msg">清除中…</string>
     <string name="compile_speed_msg">優化中…</string>
-    <string name="notinstalled">LSPosed 框架未安裝</string>
-    <string name="verified_boot_active">引導驗證已啟用</string>
-    <string name="verified_boot_deactivated">引導驗證已禁用</string>
-    <string name="verified_boot_none">無法獲取引導驗證狀態</string>
     <string name="done">完成！</string>
 
     <string name="pref_title_disable_verbose_log">禁用詳細日誌</string>

app/src/main/res/values-zh-rTW/strings.xml

@@ -32,7 +32,6 @@
     <string name="module_is_not_activated_yet_detailed">%s 已安裝, 但尚未啟用</string>
     <string name="module_empty_description">(未提供介紹)</string>
     <string name="module_no_ui">該模組未提供使用者介面</string>
-    <string name="xposed_module_list_updated">LSPosed 模組列表已更新</string>
     <string name="xposed_module_updated_notification_title">LSPosed 模組已更新</string>
     <string name="warning_xposed_min_version">該模組需要更新版本的 LSPosed(%d), 因此無法被啟用</string>
     <string name="no_min_version_specified">該模組未指定所需的 LSPosed 版本</string>
@@ -85,10 +84,6 @@
     <string name="menu_title_compile_reset">取消優化</string>
     <string name="compile_reset_msg">清除中…</string>
     <string name="compile_speed_msg">優化中…</string>
-    <string name="notinstalled">LSPosed 框架未安裝</string>
-    <string name="verified_boot_active">引導驗證已啟用</string>
-    <string name="verified_boot_deactivated">引導驗證已禁用</string>
-    <string name="verified_boot_none">無法獲取引導驗證狀態</string>
     <string name="done">完成！</string>
 
     <string name="pref_title_disable_verbose_log">禁用詳細日誌</string>

app/src/main/res/values/colors.xml

@@ -5,10 +5,9 @@
     <color name="colorPrimaryDark">#dddddd</color>
     <color name="colorAccent">#e91e63</color>
     <color name="colorActionBar">#F0F0F0</color>
-    <color name="red_500">#F44336</color>
-    <color name="warning">@color/red_500</color>
-    <color name="download_status_update_available">#4CAF50</color>
-    <color name="amber_500">#FFC107</color>
     <color name="navigationBarColor">@color/colorPrimary</color>
     <color name="navigationBarColorBlack">@android:color/black</color>
+    <color name="colorError">@color/material_red_500</color>
+    <color name="colorNormal">@color/material_green_500</color>
+    <color name="colorInstall">@color/material_blue_500</color>
 </resources>

app/src/main/res/values/strings.xml

@@ -33,7 +33,6 @@
     <string name="module_is_not_activated_yet_detailed">%s has been installed, but is not activated yet</string>
     <string name="module_empty_description">(no description provided)</string>
     <string name="module_no_ui">This module does not provide a user interface</string>
-    <string name="xposed_module_list_updated">LSPosed module list was updated</string>
     <string name="xposed_module_updated_notification_title">LSPosed module updated</string>
     <string name="warning_xposed_min_version">This module requires a newer LSPosed version (%d) and thus cannot be activated</string>
     <string name="no_min_version_specified">This module does not specify the LSPosed version it needs.</string>
@@ -88,9 +87,6 @@
     <string name="not_logcat">This is the LSPosed Framework and modules log\nif you need a Android logcat, you can try our Log Catcher Magisk module</string>
 
     <string name="done">Done!</string>
-    <string name="verified_boot_deactivated">Verified Boot is deactivated</string>
-    <string name="verified_boot_none">Could not detect Verified Boot state</string>
-    <string name="verified_boot_active">Verified Boot is active</string>
 
     <!-- LSPd related -->
     <string name="menu_title_compile_reset">De-optimize</string>
@@ -100,7 +96,6 @@
     <string name="about_source" translatable="false">https://github.com/LSPosed/LSPosed/</string>
 
     <string name="group_telegram_channel_link" translatable="false">http://t.me/LSPosed</string>
-    <string name="notinstalled">The LSPosed framework is not installed.</string>
 
     <string name="pref_title_disable_verbose_log">Disable verbose logs</string>
     <string name="logs_cannot_read">Cannot read log: \n</string>
@@ -144,4 +139,6 @@
     <string name="module_disabled_no_selection">Module %s has been disabled since no app selected.</string>
     <string name="android_framework">System Framework</string>
     <string name="app_destroyed">This application has been destroyed, please make sure you download it from the official source.</string>
+    <string name="selinux_permissive">&lt;b&gt;WARNING:&lt;\/b&gt; SELinux is not enforcing! the malicious program that attacks this can completely control your device and may cause your property damage and legal liability.</string>
+    <string name="selinux_permissive_summary">SELinux is not enforcing!</string>
 </resources>