Having a WebUI simply duplicating the current function of the Action button is unnecessary.
Since most users are migrated to root implementations which realize the Action button feature, we revert commit f8409ad34b to remove the WebUI integration of LSPosed.
1. Magisk manager cuts off the full changelog, it is thus better to move my personal note to the end. Add emoji for easier understanding.
2. Fix locating the generated javascript file. In Parcel 2, this file now has prefix `generate`.
3. Fix the author name, use JingMatrix for accuracy.
On some devices `dex2oat` cannot access files (fd) received from sockets due to SELinux restrictions.
Hence, we add a new rule according to the avc logs, which showed that permissions `open` and `getattr` were needed.
1. The SELinux context label `magisk_file` is widely used by Zygisk implementation modules. It is improper for LSPosed to abuse this label for its own files. We replace it by `xposed_file`.
2. A new rule added according to the SELinux logs, which is needed to write to the mangaer's SharedPreference.
3. `xposed_data` is a new SELinux context label for XSharedPreference files, it is not meant to provide MAC restricted access but to conform with Android's rule: https://developer.android.com/about/versions/pie/android-9.0-changes-28#per-app-selinux.
4. We add attribute `mlstrustedobject` to ignore the `Multi-Level and Multi-Category Security` enforced on Android.
Current commit will restore the modifications 1,4 in the previous
commit 156c6ae855. Thanks for people in
the community, @privacyguy123, @aviraxp and @HuskyDG, just to name a
few, to notice my sever mistakes.
Those mistakes are mainly caused by my inconsistent usage of testing
environments. I wrongly compared the detecting results with different
`Zygisk` implementations and was too assertive and careless to make those
changes. Here is the explanation for reverting the previous commit:
1. `system.prop` is not extracted for Android 1O+ devices in
`customize.sh`;
2. mounting /data/resource-cache is still needed in some systems
(ColorOS, to be confirmed), and it isn't a detection point.
To verify that modifications 2,3 are effective, I tested them with `Zygisk
Next` 1.2.4 (445-031a64c-release) and `Holmes` V1.5.1 Narcissus on
`Magisk` a34c04f9 280002.
1. Avoid changing `system.prop`: there is already no need to add
system-wise `dex2oat` flags, since LSPosed provides a wrapper for it,
see https://nullptr.icu/index.php/archives/53/ for detailed
explanation;
2. Postpone initialization of LSPlant: initialization of `initInfo`
during the `onLoad` Zygisk api will change the order of parsed files
in memory, especially bring the item `libart.so` forward;
3. Close opened virtual map file: this should no longer be a problem
after the second point is applied since it is no longer opened during
`onLoad`, but let us close it as a good practice;
4. Remove /data/resource-cache mount: introduced in
https://github.com/LSPosed/LSPosed/pull/1627, most likely designed to
solve problems in early versions of root solutions and being reverted
does not change the function of deamon since we will have to wait
sufficient time in `waitSystemService` of `LSPosedService` manager.
Of course, more tests are neeeded on different devices to see if
parasitic notification manager will work as expected.
1. Starting daemon during post-fs-data can cause Play Integrity detection
for devices without the PlayIntegrityFix module.
2. Starting LSPosed service daemon in post-fs-data mode is redundant on
many devices
Open the parasitic manager using WebUI of KernelSU / APtach.
In the future the web page could become an alternative manager,
without parasitic manager at all.
See https://github.com/mywalkb/LSPosed_mod/issues/65 for details.
Co-authored-by: mywalk <66966897+mywalkb@users.noreply.github.com>
Magisk 23 is missing some SELinux policies
This fixes a permissions issue with the Dex2Oat wrapper
```
02-04 23:45:00.212 4396 4396 E LSPosedDex2Oat: failed to connect to /dev/c951326ba095346b/dex2oat.sock failed with 13: Permission denied
02-04 23:45:00.209 4396 4396 W dex2oat64: type=1400 audit(0.0:8403): avc: denied { write } for name="dex2oat.sock" dev="tmpfs" ino=26722 scontext=u:r:installd:s0 tcontext=u:object_r:magisk_file:s0 tclass=sock_file permissive=0
02-04 23:45:00.213 1510 3805 V installd: DexInv: --- END '/data/app/~~M2S57MD185N1tyyKQy9PKw==/com.google.android.gm-7Q68xrTQSACXisBuDI6oBg==/base.apk' --- status=0x 100, process failed
02-04 23:45:00.213 1510 3805 E installd: Dex2oat invocation for /data/app/~~M2S57MD185N1tyyKQy9PKw==/com.google.android.gm-7Q68xrTQSACXisBuDI6oBg==/base.apk failed: unspecified dex2oat error (256)
```
Additional rules first appeared in Magisk version 24000
2c44e1bb93
Qing_Feng
JingMatrix
Keeperorowner
Captain Throwback
vvb2060
Howard Wu
Howard Wu
Nullptr
残页
LoveSy
Nullptr