From 73f9a8d6af62a008fb885bd47c14e04f563c4b5f Mon Sep 17 00:00:00 2001
From: tehcneko <7764726+tehcneko@users.noreply.github.com>
Date: Tue, 2 Feb 2021 16:12:59 +0800
Subject: [PATCH] Add SELinux permissive state check (#49)
---
.../io/github/lsposed/manager/Constants.java | 4 ++
.../manager/ui/activity/MainActivity.java | 14 ++++--
.../manager/ui/activity/ModulesActivity.java | 2 -
.../ui/fragment/StatusDialogBuilder.java | 44 +++----------------
app/src/main/res/drawable/ic_verified.xml | 10 -----
.../main/res/layout/activity_crash_report.xml | 2 +-
app/src/main/res/layout/item_module.xml | 2 +-
app/src/main/res/layout/status_installer.xml | 9 ++--
app/src/main/res/values-night/colors.xml | 3 ++
app/src/main/res/values-zh-rCN/strings.xml | 7 +--
app/src/main/res/values-zh-rHK/strings.xml | 5 ---
app/src/main/res/values-zh-rTW/strings.xml | 5 ---
app/src/main/res/values/colors.xml | 7 ++-
app/src/main/res/values/strings.xml | 7 +--
14 files changed, 35 insertions(+), 86 deletions(-)
delete mode 100644 app/src/main/res/drawable/ic_verified.xml
diff --git a/app/src/main/java/io/github/lsposed/manager/Constants.java b/app/src/main/java/io/github/lsposed/manager/Constants.java
index 5dbdc699..867bad30 100644
--- a/app/src/main/java/io/github/lsposed/manager/Constants.java
+++ b/app/src/main/java/io/github/lsposed/manager/Constants.java
@@ -36,6 +36,10 @@ public class Constants {
return App.getInstance().getApplicationInfo().deviceProtectedDataDir + "/";
}
+ public static boolean isPermissive() {
+ return true;
+ }
+
public static void showErrorToast(int type) {
Toast.makeText(App.getInstance(), R.string.app_destroyed, Toast.LENGTH_LONG).show();
}
diff --git a/app/src/main/java/io/github/lsposed/manager/ui/activity/MainActivity.java b/app/src/main/java/io/github/lsposed/manager/ui/activity/MainActivity.java
index 4baa4a35..427b0555 100644
--- a/app/src/main/java/io/github/lsposed/manager/ui/activity/MainActivity.java
+++ b/app/src/main/java/io/github/lsposed/manager/ui/activity/MainActivity.java
@@ -64,13 +64,19 @@ public class MainActivity extends BaseActivity {
String installedXposedVersion = Constants.getXposedVersion();
if (installedXposedVersion != null) {
binding.statusTitle.setText(String.format(Locale.US, "%s %s", getString(R.string.Activated), Constants.getXposedVariant()));
- binding.statusSummary.setText(String.format(Locale.US, "%s (%d)", installedXposedVersion, Constants.getXposedVersionCode()));
- binding.status.setCardBackgroundColor(ContextCompat.getColor(this, R.color.download_status_update_available));
- binding.statusIcon.setImageResource(R.drawable.ic_check_circle);
+ if (!Constants.isPermissive()) {
+ binding.status.setCardBackgroundColor(ContextCompat.getColor(this, R.color.colorNormal));
+ binding.statusIcon.setImageResource(R.drawable.ic_check_circle);
+ binding.statusSummary.setText(String.format(Locale.US, "%s (%d)", installedXposedVersion, Constants.getXposedVersionCode()));
+ } else {
+ binding.status.setCardBackgroundColor(ContextCompat.getColor(this, R.color.colorError));
+ binding.statusIcon.setImageResource(R.drawable.ic_warning);
+ binding.statusSummary.setText(R.string.selinux_permissive_summary);
+ }
} else {
binding.statusTitle.setText(R.string.Install);
binding.statusSummary.setText(R.string.InstallDetail);
- binding.status.setCardBackgroundColor(ContextCompat.getColor(this, R.color.colorPrimary));
+ binding.status.setCardBackgroundColor(ContextCompat.getColor(this, R.color.colorInstall));
binding.statusIcon.setImageResource(R.drawable.ic_error);
}
}
diff --git a/app/src/main/java/io/github/lsposed/manager/ui/activity/ModulesActivity.java b/app/src/main/java/io/github/lsposed/manager/ui/activity/ModulesActivity.java
index 3b709a48..fe9cfb22 100644
--- a/app/src/main/java/io/github/lsposed/manager/ui/activity/ModulesActivity.java
+++ b/app/src/main/java/io/github/lsposed/manager/ui/activity/ModulesActivity.java
@@ -18,7 +18,6 @@ import android.widget.TextView;
import androidx.annotation.NonNull;
import androidx.appcompat.app.ActionBar;
import androidx.appcompat.widget.SearchView;
-import androidx.core.content.ContextCompat;
import androidx.recyclerview.widget.DividerItemDecoration;
import androidx.recyclerview.widget.RecyclerView;
@@ -276,7 +275,6 @@ public class ModulesActivity extends BaseActivity implements ModuleUtil.ModuleLi
descriptionText.setText(item.getDescription());
} else {
descriptionText.setText(getString(R.string.module_empty_description));
- descriptionText.setTextColor(ContextCompat.getColor(ModulesActivity.this, R.color.warning));
}
TextView warningText = holder.warningText;
diff --git a/app/src/main/java/io/github/lsposed/manager/ui/fragment/StatusDialogBuilder.java b/app/src/main/java/io/github/lsposed/manager/ui/fragment/StatusDialogBuilder.java
index b3f1a559..c825dd71 100644
--- a/app/src/main/java/io/github/lsposed/manager/ui/fragment/StatusDialogBuilder.java
+++ b/app/src/main/java/io/github/lsposed/manager/ui/fragment/StatusDialogBuilder.java
@@ -3,11 +3,11 @@ package io.github.lsposed.manager.ui.fragment;
import android.annotation.SuppressLint;
import android.content.Context;
import android.os.Build;
-import android.util.Log;
import android.view.LayoutInflater;
+import android.view.View;
import androidx.annotation.NonNull;
-import androidx.core.content.ContextCompat;
+import androidx.core.text.HtmlCompat;
import com.google.android.material.dialog.MaterialAlertDialogBuilder;
@@ -15,11 +15,9 @@ import java.io.BufferedReader;
import java.io.File;
import java.io.FileReader;
import java.io.IOException;
-import java.lang.reflect.Method;
import java.util.Locale;
import dalvik.system.VMRuntime;
-import io.github.lsposed.manager.App;
import io.github.lsposed.manager.BuildConfig;
import io.github.lsposed.manager.Constants;
import io.github.lsposed.manager.R;
@@ -62,7 +60,10 @@ public class StatusDialogBuilder extends MaterialAlertDialogBuilder {
binding.manufacturer.setText(getUIFramework());
binding.cpu.setText(getCompleteArch());
- determineVerifiedBootState(binding);
+ if (Constants.isPermissive()) {
+ binding.selinux.setVisibility(View.VISIBLE);
+ binding.selinux.setText(HtmlCompat.fromHtml(context.getString(R.string.selinux_permissive), HtmlCompat.FROM_HTML_MODE_LEGACY));
+ }
setView(binding.getRoot());
}
@@ -106,39 +107,6 @@ public class StatusDialogBuilder extends MaterialAlertDialogBuilder {
}
}
- private void determineVerifiedBootState(StatusInstallerBinding binding) {
- try {
- @SuppressLint("PrivateApi") Class c = Class.forName("android.os.SystemProperties");
- Method m = c.getDeclaredMethod("get", String.class, String.class);
- m.setAccessible(true);
-
- String propSystemVerified = (String) m.invoke(null, "partition.system.verified", "0");
- String propState = (String) m.invoke(null, "ro.boot.verifiedbootstate", "");
- File fileDmVerityModule = new File("/sys/module/dm_verity");
-
- boolean verified = false;
- if (propSystemVerified != null) {
- verified = !propSystemVerified.equals("0");
- }
- boolean detected = false;
- if (propState != null) {
- detected = !propState.isEmpty() || fileDmVerityModule.exists();
- }
-
- if (verified) {
- binding.dmverity.setText(R.string.verified_boot_active);
- binding.dmverity.setTextColor(ContextCompat.getColor(getContext(), R.color.warning));
- } else if (detected) {
- binding.dmverity.setText(R.string.verified_boot_deactivated);
- } else {
- binding.dmverity.setText(R.string.verified_boot_none);
- binding.dmverity.setTextColor(ContextCompat.getColor(getContext(), R.color.warning));
- }
- } catch (Exception e) {
- Log.e(App.TAG, "Could not detect Verified Boot state", e);
- }
- }
-
private String getAndroidVersion() {
switch (Build.VERSION.SDK_INT) {
case 26:
diff --git a/app/src/main/res/drawable/ic_verified.xml b/app/src/main/res/drawable/ic_verified.xml
deleted file mode 100644
index 97b7632e..00000000
--- a/app/src/main/res/drawable/ic_verified.xml
+++ /dev/null
@@ -1,10 +0,0 @@
-
-
-
diff --git a/app/src/main/res/layout/activity_crash_report.xml b/app/src/main/res/layout/activity_crash_report.xml
index c7eca616..8d73f08a 100644
--- a/app/src/main/res/layout/activity_crash_report.xml
+++ b/app/src/main/res/layout/activity_crash_report.xml
@@ -18,7 +18,7 @@
android:layout_height="wrap_content"
android:layout_margin="16dp"
android:orientation="horizontal"
- app:cardBackgroundColor="@color/amber_500">
+ app:cardBackgroundColor="@color/material_amber_500">
+ android:textAppearance="@style/TextAppearance.AppCompat.Subhead"
+ android:visibility="gone" />
\ No newline at end of file
diff --git a/app/src/main/res/values-night/colors.xml b/app/src/main/res/values-night/colors.xml
index 6b6b9163..24558a19 100644
--- a/app/src/main/res/values-night/colors.xml
+++ b/app/src/main/res/values-night/colors.xml
@@ -5,4 +5,7 @@
#2E2E2E
#383838
#B3000000
+ @color/material_red_700
+ @color/material_green_700
+ @color/material_blue_700
\ No newline at end of file
diff --git a/app/src/main/res/values-zh-rCN/strings.xml b/app/src/main/res/values-zh-rCN/strings.xml
index dbb112f5..5042e655 100644
--- a/app/src/main/res/values-zh-rCN/strings.xml
+++ b/app/src/main/res/values-zh-rCN/strings.xml
@@ -32,7 +32,6 @@
%s 已安装, 但尚未激活
(未提供介绍)
该模块未提供用户界面
- LSPosed 模块列表已更新
LSPosed 模块已更新
该模块需要更新版本的 LSPosed(%d), 因此无法被激活
该模块未指定所需的 LSPosed 版本
@@ -86,10 +85,6 @@
取消优化
清除中…
优化中…
- LSPosed 框架未安装
- 引导验证已启用
- 引导验证已禁用
- 无法获取引导验证状态
完成!
禁用详细日志
@@ -137,4 +132,6 @@
由于未选择任何应用,模块 %s 已被禁用。
系统框架
此应用程序已被损坏,请确保您从官方来源下载该应用程序。
+ <b>警告:<\/b>SELinux 未处于严格模式!对此进行攻击的恶意程序可以完全控制你的设备,并可能造成你的财产损失和法律责任。
+ SELinux 未处于严格模式!
diff --git a/app/src/main/res/values-zh-rHK/strings.xml b/app/src/main/res/values-zh-rHK/strings.xml
index 4b60a4fe..770f3f61 100644
--- a/app/src/main/res/values-zh-rHK/strings.xml
+++ b/app/src/main/res/values-zh-rHK/strings.xml
@@ -32,7 +32,6 @@
%s 已安裝, 但尚未激活
(未提供介紹)
該模塊未提供用户界面
- LSPosed 模塊列表已更新
LSPosed 模塊已更新
該模塊需要更新版本的 LSPosed(%d), 因此無法被激活
該模塊未指定所需的 LSPosed 版本
@@ -85,10 +84,6 @@
取消優化
清除中…
優化中…
- LSPosed 框架未安裝
- 引導驗證已啟用
- 引導驗證已禁用
- 無法獲取引導驗證狀態
完成!
禁用詳細日誌
diff --git a/app/src/main/res/values-zh-rTW/strings.xml b/app/src/main/res/values-zh-rTW/strings.xml
index 68c09c63..724a1146 100644
--- a/app/src/main/res/values-zh-rTW/strings.xml
+++ b/app/src/main/res/values-zh-rTW/strings.xml
@@ -32,7 +32,6 @@
%s 已安裝, 但尚未啟用
(未提供介紹)
該模組未提供使用者介面
- LSPosed 模組列表已更新
LSPosed 模組已更新
該模組需要更新版本的 LSPosed(%d), 因此無法被啟用
該模組未指定所需的 LSPosed 版本
@@ -85,10 +84,6 @@
取消優化
清除中…
優化中…
- LSPosed 框架未安裝
- 引導驗證已啟用
- 引導驗證已禁用
- 無法獲取引導驗證狀態
完成!
禁用詳細日誌
diff --git a/app/src/main/res/values/colors.xml b/app/src/main/res/values/colors.xml
index 524f4f65..820b1388 100644
--- a/app/src/main/res/values/colors.xml
+++ b/app/src/main/res/values/colors.xml
@@ -5,10 +5,9 @@
#dddddd
#e91e63
#F0F0F0
- #F44336
- @color/red_500
- #4CAF50
- #FFC107
@color/colorPrimary
@android:color/black
+ @color/material_red_500
+ @color/material_green_500
+ @color/material_blue_500
diff --git a/app/src/main/res/values/strings.xml b/app/src/main/res/values/strings.xml
index 9aacca07..2917aeef 100644
--- a/app/src/main/res/values/strings.xml
+++ b/app/src/main/res/values/strings.xml
@@ -33,7 +33,6 @@
%s has been installed, but is not activated yet
(no description provided)
This module does not provide a user interface
- LSPosed module list was updated
LSPosed module updated
This module requires a newer LSPosed version (%d) and thus cannot be activated
This module does not specify the LSPosed version it needs.
@@ -88,9 +87,6 @@
This is the LSPosed Framework and modules log\nif you need a Android logcat, you can try our Log Catcher Magisk module
Done!
- Verified Boot is deactivated
- Could not detect Verified Boot state
- Verified Boot is active
De-optimize
@@ -100,7 +96,6 @@
https://github.com/LSPosed/LSPosed/
http://t.me/LSPosed
- The LSPosed framework is not installed.
Disable verbose logs
Cannot read log: \n
@@ -144,4 +139,6 @@
Module %s has been disabled since no app selected.
System Framework
This application has been destroyed, please make sure you download it from the official source.
+ <b>WARNING:<\/b> SELinux is not enforcing! the malicious program that attacks this can completely control your device and may cause your property damage and legal liability.
+ SELinux is not enforcing!