diff --git a/native/jni/init/early_mount.cpp b/native/jni/init/early_mount.cpp index 05b913e64..3930e2ac7 100644 --- a/native/jni/init/early_mount.cpp +++ b/native/jni/init/early_mount.cpp @@ -135,14 +135,6 @@ void SARCompatInit::early_mount() { xmkdir("/system", 0755); xmount("/system_root/system", "/system", nullptr, MS_BIND, nullptr); - // Android Q - if (is_lnk("/system_root/init")) - load_sepol = true; - - // System-as-root with monolithic sepolicy - if (access("/system_root/sepolicy", F_OK) == 0) - cp_afc("/system_root/sepolicy", "/sepolicy"); - link_root("/vendor"); link_root("/product"); link_root("/odm"); diff --git a/native/jni/init/init.h b/native/jni/init/init.h index b7a2d3d94..ae7d2835f 100644 --- a/native/jni/init/init.h +++ b/native/jni/init/init.h @@ -27,7 +27,6 @@ class MagiskInit : public BaseInit { protected: raw_data self{}; int root = -1; - bool load_sepol = false; bool mnt_system = false; bool mnt_vendor = false; bool mnt_product = false; diff --git a/native/jni/init/rootdir.cpp b/native/jni/init/rootdir.cpp index 52d00203c..78a58ba8c 100644 --- a/native/jni/init/rootdir.cpp +++ b/native/jni/init/rootdir.cpp @@ -40,8 +40,6 @@ constexpr const char wrapper[] = ; void RootFSInit::setup_rootfs() { - bool patch_init = patch_sepolicy(); - if (cmd->system_as_root) { // Clone rootfs LOGD("Clone root dir from system to rootfs\n"); @@ -50,7 +48,7 @@ void RootFSInit::setup_rootfs() { close(system_root); } - if (patch_init) { + if (patch_sepolicy()) { constexpr char SYSTEM_INIT[] = "/system/bin/init"; // If init is symlink, copy it to rootfs so we can patch if (is_lnk("/init")) @@ -157,21 +155,12 @@ bool MagiskInit::patch_sepolicy() { sepol_allow(SEPOL_PROC_DOMAIN, ALL, ALL, ALL); dump_policydb("/sepolicy"); - // Load policy to kernel so we can label rootfs - if (load_sepol) { - LOGD("sepol: preload sepolicy\n"); - dump_policydb(SELINUX_LOAD); - } - // Remove OnePlus stupid debug sepolicy and use our own if (access("/sepolicy_debug", F_OK) == 0) { unlink("/sepolicy_debug"); link("/sepolicy", "/sepolicy_debug"); } - // Enable selinux functions - selinux_builtin_impl(); - return patch_init; }