On some devices `dex2oat` cannot access files (fd) received from sockets due to SELinux restrictions.
Hence, we add a new rule according to the avc logs, which showed that permissions `open` and `getattr` were needed.
1. The SELinux context label `magisk_file` is widely used by Zygisk implementation modules. It is improper for LSPosed to abuse this label for its own files. We replace it by `xposed_file`.
2. A new rule added according to the SELinux logs, which is needed to write to the mangaer's SharedPreference.
3. `xposed_data` is a new SELinux context label for XSharedPreference files, it is not meant to provide MAC restricted access but to conform with Android's rule: https://developer.android.com/about/versions/pie/android-9.0-changes-28#per-app-selinux.
4. We add attribute `mlstrustedobject` to ignore the `Multi-Level and Multi-Category Security` enforced on Android.
JingMatrix
南宫雪珊
Nullptr