Do not support systems without SELinux

2024-12-21 23:47:39 +00:00 · 2023-09-25 15:10:54 -07:00 · 2023-09-25 15:10:54 -07:00 · 5d07d0b964
commit 5d07d0b964
parent ec115cd7e3
6 changed files with 3 additions and 31 deletions
--- a/native/src/base/include/selinux.hpp
+++ b/native/src/base/include/selinux.hpp
@ -34,7 +34,6 @@ extern int (*fsetfilecon)(int fd, const char *con);
 void getfilecon_at(int dirfd, const char *name, char **con);
 void setfilecon_at(int dirfd, const char *name, const char *con);

-bool selinux_enabled();
 void enable_selinux();
 void restorecon();
 void restore_tmpcon();
--- a/native/src/base/selinux.cpp
+++ b/native/src/base/selinux.cpp
@ -102,23 +102,7 @@ void setfilecon_at(int dirfd, const char *name, const char *con) {
    lsetfilecon(path, con);
 }

-#if MAGISK_DEBUG
-static bool se_state = false;
-bool selinux_enabled() {
-    return se_state;
-}
-#else
-bool selinux_enabled() {
-    return true;
-}
-#endif
-
 void enable_selinux() {
-#if MAGISK_DEBUG
-    if (access(SELINUX_MNT, F_OK) != 0)
-        return;
-    se_state = true;
-#endif
    setcon = __setcon;
    getfilecon = __getfilecon;
    lgetfilecon = __lgetfilecon;
--- a/native/src/core/daemon.cpp
+++ b/native/src/core/daemon.cpp
@ -251,7 +251,7 @@ static void handle_request(pollfd *pfd) {
        }
        break;
    case MainRequest::ZYGISK:
-        if (!is_zygote && selinux_enabled()) {
+        if (!is_zygote) {
            // Invalid client context
            write_int(client, MainResponse::ACCESS_DENIED);
            goto done;
--- a/native/src/core/restorecon.cpp
+++ b/native/src/core/restorecon.cpp
@ -64,8 +64,6 @@ static void restore_syscon(int dirfd) {
 }

 void restorecon() {
-    if (!selinux_enabled())
-        return;
    int fd = xopen(SELINUX_CONTEXT, O_WRONLY | O_CLOEXEC);
    if (write(fd, ADB_CON, sizeof(ADB_CON)) >= 0)
        lsetfilecon(SECURE_DIR, ADB_CON);
@ -76,8 +74,6 @@ void restorecon() {
 }

 void restore_tmpcon() {
-    if (!selinux_enabled())
-        return;
    if (MAGISKTMP == "/sbin")
        setfilecon(MAGISKTMP.data(), ROOT_CON);
    else
--- a/native/src/core/su/su_daemon.cpp
+++ b/native/src/core/su/su_daemon.cpp
@ -458,7 +458,7 @@ void su_daemon_handler(int client, const sock_cred *cred) {
    sigset_t block_set;
    sigemptyset(&block_set);
    sigprocmask(SIG_SETMASK, &block_set, nullptr);
-    if (!ctx.req.context.empty() && selinux_enabled()) {
+    if (!ctx.req.context.empty()) {
        auto f = xopen_file("/proc/self/attr/exec", "we");
        if (f) fprintf(f.get(), "%s", ctx.req.context.data());
    }
--- a/native/src/zygisk/main.cpp
+++ b/native/src/zygisk/main.cpp
@ -19,14 +19,7 @@ int app_process_main(int argc, char *argv[]) {
    char buf[PATH_MAX];

    bool zygote = false;
-    if (!selinux_enabled()) {
-        for (int i = 0; i < argc; ++i) {
-            if (argv[i] == "--zygote"sv) {
-                zygote = true;
-                break;
-            }
-        }
-    } else if (auto fp = open_file("/proc/self/attr/current", "r")) {
+    if (auto fp = open_file("/proc/self/attr/current", "r")) {
        fscanf(fp.get(), "%s", buf);
        zygote = (buf == "u:r:zygote:s0"sv);
    }