From 67845f9c2178cd9b70c9d7598ae695773d6e751f Mon Sep 17 00:00:00 2001 From: LoveSy Date: Thu, 19 Jan 2023 04:25:44 +0800 Subject: [PATCH] Clear sepolicy rules when disable/remove modules Co-authored-by: topjohnwu --- native/src/core/module.cpp | 27 +++++++++++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) diff --git a/native/src/core/module.cpp b/native/src/core/module.cpp index 330b26fa8..6df585d01 100644 --- a/native/src/core/module.cpp +++ b/native/src/core/module.cpp @@ -779,17 +779,40 @@ void handle_modules() { collect_modules(true); } +static int check_rules_dir(char *buf, size_t sz) { + int off = ssprintf(buf, sz, "%s/%s", MAGISKTMP.data(), RULESDIR); + struct stat st1{}; + struct stat st2{}; + if (xstat(buf, &st1) < 0 || xstat(MODULEROOT, &st2) < 0) + return 0; + if (st1.st_dev == st2.st_dev && st1.st_ino == st2.st_ino) + return 0; + return off; +} + void disable_modules() { - foreach_module([](int, auto, int modfd) { + char buf[4096]; + int off = check_rules_dir(buf, sizeof(buf)); + foreach_module([&](int, dirent *entry, int modfd) { close(xopenat(modfd, "disable", O_RDONLY | O_CREAT | O_CLOEXEC, 0)); + if (off) { + ssprintf(buf + off, sizeof(buf) - off, "/%s/%s", entry->d_name, "sepolicy.rule"); + unlink(buf); + } }); } void remove_modules() { - foreach_module([](int, dirent *entry, int) { + char buf[4096]; + int off = check_rules_dir(buf, sizeof(buf)); + foreach_module([&](int, dirent *entry, int) { auto uninstaller = MODULEROOT + "/"s + entry->d_name + "/uninstall.sh"; if (access(uninstaller.data(), F_OK) == 0) exec_script(uninstaller.data()); + if (off) { + ssprintf(buf + off, sizeof(buf) - off, "/%s/%s", entry->d_name, "sepolicy.rule"); + unlink(buf); + } }); rm_rf(MODULEROOT); }