Fix SELinuxHelper
May still not work at some devices.............
This commit is contained in:
Jim Wu
parent
e905664403
commit
ffa7ced044
|
|
@ -3,6 +3,8 @@ package com.elderdrivers.riru.edxp.proxy;
|
|||
import com.elderdrivers.riru.edxp.config.ConfigManager;
|
||||
import com.elderdrivers.riru.edxp.deopt.PrebuiltMethodsDeopter;
|
||||
|
||||
import de.robv.android.xposed.SELinuxHelper;
|
||||
|
||||
import static com.elderdrivers.riru.edxp.util.FileUtils.getDataPathPrefix;
|
||||
|
||||
public class NormalProxy extends BaseProxy {
|
||||
|
|
@ -18,6 +20,7 @@ public class NormalProxy extends BaseProxy {
|
|||
String appDataDir) {
|
||||
// mainly for secondary zygote
|
||||
mRouter.onForkStart();
|
||||
SELinuxHelper.initOnce();
|
||||
mRouter.initResourcesHook();
|
||||
// call this to ensure the flag is set to false ASAP
|
||||
mRouter.prepare(false);
|
||||
|
|
@ -36,6 +39,7 @@ public class NormalProxy extends BaseProxy {
|
|||
public void forkSystemServerPre(int uid, int gid, int[] gids, int debugFlags, int[][] rlimits,
|
||||
long permittedCapabilities, long effectiveCapabilities) {
|
||||
mRouter.onForkStart();
|
||||
SELinuxHelper.initOnce();
|
||||
mRouter.initResourcesHook();
|
||||
// set startsSystemServer flag used when loadModules
|
||||
mRouter.prepare(true);
|
||||
|
|
|
|||
|
|
@ -1,6 +1,11 @@
|
|||
package de.robv.android.xposed;
|
||||
|
||||
import android.os.SELinux;
|
||||
import android.util.Log;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.FileInputStream;
|
||||
import java.io.IOException;
|
||||
|
||||
import de.robv.android.xposed.services.BaseService;
|
||||
import de.robv.android.xposed.services.BinderService;
|
||||
|
|
@ -28,7 +33,36 @@ public final class SELinuxHelper {
|
|||
* @return A boolean indicating whether SELinux is enforcing.
|
||||
*/
|
||||
public static boolean isSELinuxEnforced() {
|
||||
return sIsSELinuxEnabled && SELinux.isSELinuxEnforced();
|
||||
if (!sIsSELinuxEnabled) {
|
||||
return false;
|
||||
}
|
||||
boolean result = false;
|
||||
final File SELINUX_STATUS_FILE = new File("/sys/fs/selinux/enforce");
|
||||
if (SELINUX_STATUS_FILE.exists()) {
|
||||
try {
|
||||
FileInputStream fis = new FileInputStream(SELINUX_STATUS_FILE);
|
||||
int status = fis.read();
|
||||
switch (status) {
|
||||
case 49:
|
||||
result = true;
|
||||
break;
|
||||
case 48:
|
||||
result = false;
|
||||
break;
|
||||
default:
|
||||
XposedBridge.log("Unexpected byte " + status + " in /sys/fs/selinux/enforce");
|
||||
}
|
||||
fis.close();
|
||||
} catch (IOException e) {
|
||||
if (e.getMessage().contains("Permission denied")) {
|
||||
result = true;
|
||||
} else {
|
||||
XposedBridge.log("Failed to read SELinux status: " + e.getMessage());
|
||||
result = false;
|
||||
}
|
||||
}
|
||||
}
|
||||
return result;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -56,14 +90,15 @@ public final class SELinuxHelper {
|
|||
|
||||
|
||||
// ----------------------------------------------------------------------------
|
||||
// TODO: SELinux status
|
||||
private static boolean sIsSELinuxEnabled = false;
|
||||
private static BaseService sServiceAppDataFile = new DirectAccessService(); // ed: initialized directly
|
||||
|
||||
/*package*/ static void initOnce() {
|
||||
/*package*/ public static void initOnce() {
|
||||
// ed: we assume all selinux policies have been added lively using magiskpolicy
|
||||
// try {
|
||||
// sIsSELinuxEnabled = SELinux.isSELinuxEnabled();
|
||||
// } catch (NoClassDefFoundError ignored) {}
|
||||
try {
|
||||
sIsSELinuxEnabled = SELinux.isSELinuxEnabled();
|
||||
} catch (NoClassDefFoundError ignored) {}
|
||||
}
|
||||
|
||||
/*package*/ static void initForProcess(String packageName) {
|
||||
|
|
|
|||
Loading…
Reference in New Issue