TheArchive/Magisk
1
0
Fork 0
mirror of https://github.com/topjohnwu/Magisk.git synced 2025-08-20 09:07:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

Make ioctl not a special token

Browse Source
This commit is contained in:
topjohnwu
2025-01-27 02:13:58 +08:00
committed by John Wu
parent fc8b3400fc
commit 7ab98dd5ac
1 changed files with 18 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
native/src/sepolicy/statement.rs
View File

@@ -2,9 +2,9 @@ use std::fmt::{Display, Formatter, Write};
use std::io::stderr; use std::io::stderr;
use std::{iter::Peekable, pin::Pin, vec::IntoIter}; use std::{iter::Peekable, pin::Pin, vec::IntoIter};
use base::{error, warn, FmtAdaptor};
use crate::ffi::Xperm; use crate::ffi::Xperm;
use crate::sepolicy; use crate::sepolicy;
use base::{error, warn, FmtAdaptor};
pub enum Token<'a> { pub enum Token<'a> {
AL, AL,
@@ -23,7 +23,6 @@ pub enum Token<'a> {
TC, TC,
TM, TM,
GF, GF,
IO,
LB, LB,
RB, RB,
CM, CM,
@@ -96,18 +95,12 @@ fn parse_term<'a>(tokens: &mut Tokens<'a>) -> ParseResult<'a, Vec<&'a str>> {
// sterm ::= LB names(n) RB { n }; // sterm ::= LB names(n) RB { n };
fn parse_sterm<'a>(tokens: &mut Tokens<'a>) -> ParseResult<'a, Vec<&'a str>> { fn parse_sterm<'a>(tokens: &mut Tokens<'a>) -> ParseResult<'a, Vec<&'a str>> {
match tokens.next() { match tokens.next() {
Some(Token::IO) => Ok(vec!["ioctl"]),
Some(Token::ID(name)) => Ok(vec![name]), Some(Token::ID(name)) => Ok(vec![name]),
Some(Token::ST) => Ok(vec![]), Some(Token::ST) => Ok(vec![]),
Some(Token::LB) => { Some(Token::LB) => {
let mut names = Some(Vec::new()); let mut names = Some(Vec::new());
loop { loop {
match tokens.next() { match tokens.next() {
Some(Token::IO) => {
if let Some(ref mut names) = names {
names.push("ioctl")
}
}
Some(Token::ID(name)) => { Some(Token::ID(name)) => {
if let Some(ref mut names) = names { if let Some(ref mut names) = names {
names.push(name) names.push(name)
@@ -207,13 +200,25 @@ fn parse_xperms<'a>(tokens: &mut Tokens<'a>) -> ParseResult<'a, Vec<Xperm>> {
Ok(xperms) Ok(xperms)
} }
fn match_string<'a>(tokens: &mut Tokens<'a>, pattern: &str) -> ParseResult<'a, ()> {
match tokens.next() {
Some(Token::ID(s)) => {
if s == pattern {
return Ok(());
}
}
_ => {}
}
Err(ParseError::General)
}
// statement ::= AL sterm(s) sterm(t) sterm(c) sterm(p) { sepolicy.allow(s, t, c, p); }; // statement ::= AL sterm(s) sterm(t) sterm(c) sterm(p) { sepolicy.allow(s, t, c, p); };
// statement ::= DN sterm(s) sterm(t) sterm(c) sterm(p) { sepolicy.deny(s, t, c, p); }; // statement ::= DN sterm(s) sterm(t) sterm(c) sterm(p) { sepolicy.deny(s, t, c, p); };
// statement ::= AA sterm(s) sterm(t) sterm(c) sterm(p) { sepolicy.auditallow(s, t, c, p); }; // statement ::= AA sterm(s) sterm(t) sterm(c) sterm(p) { sepolicy.auditallow(s, t, c, p); };
// statement ::= DA sterm(s) sterm(t) sterm(c) sterm(p) { sepolicy.dontaudit(s, t, c, p); }; // statement ::= DA sterm(s) sterm(t) sterm(c) sterm(p) { sepolicy.dontaudit(s, t, c, p); };
// statement ::= AX sterm(s) sterm(t) sterm(c) IO xperms(p) { sepolicy.allowxperm(s, t, c, p); }; // statement ::= AX sterm(s) sterm(t) sterm(c) ID(i) xperms(p) { sepolicy.allowxperm(s, t, c, p); };
// statement ::= AY sterm(s) sterm(t) sterm(c) IO xperms(p) { sepolicy.auditallowxperm(s, t, c, p); }; // statement ::= AY sterm(s) sterm(t) sterm(c) ID(i) xperms(p) { sepolicy.auditallowxperm(s, t, c, p); };
// statement ::= DX sterm(s) sterm(t) sterm(c) IO xperms(p) { sepolicy.dontauditxperm(s, t, c, p); }; // statement ::= DX sterm(s) sterm(t) sterm(c) ID(i) xperms(p) { sepolicy.dontauditxperm(s, t, c, p); };
// statement ::= PM sterm(t) { sepolicy.permissive(t); }; // statement ::= PM sterm(t) { sepolicy.permissive(t); };
// statement ::= EF sterm(t) { sepolicy.enforce(t); }; // statement ::= EF sterm(t) { sepolicy.enforce(t); };
// statement ::= TA term(t) term(a) { sepolicy.typeattribute(t, a); }; // statement ::= TA term(t) term(a) { sepolicy.typeattribute(t, a); };
@@ -265,11 +270,8 @@ fn exec_statement<'a>(
let s = parse_sterm(tokens)?; let s = parse_sterm(tokens)?;
let t = parse_sterm(tokens)?; let t = parse_sterm(tokens)?;
let c = parse_sterm(tokens)?; let c = parse_sterm(tokens)?;
let p = if matches!(tokens.next(), Some(Token::IO)) { match_string(tokens, "ioctl")?;
parse_xperms(tokens)? let p = parse_xperms(tokens)?;
} else {
throw!()
};
check_additional_args(tokens)?; check_additional_args(tokens)?;
match action { match action {
Token::AX => sepolicy.allowxperm(s, t, c, p), Token::AX => sepolicy.allowxperm(s, t, c, p),
@@ -402,7 +404,6 @@ fn extract_token<'a>(s: &'a str, tokens: &mut Vec<Token<'a>>) {
"type_change" => tokens.push(Token::TC), "type_change" => tokens.push(Token::TC),
"type_member" => tokens.push(Token::TM), "type_member" => tokens.push(Token::TM),
"genfscon" => tokens.push(Token::GF), "genfscon" => tokens.push(Token::GF),
"ioctl" => tokens.push(Token::IO),
"*" => tokens.push(Token::ST), "*" => tokens.push(Token::ST),
"" => {} "" => {}
_ => { _ => {
@@ -479,7 +480,6 @@ impl Display for Token<'_> {
Token::TC => f.write_str("type_change"), Token::TC => f.write_str("type_change"),
Token::TM => f.write_str("type_member"), Token::TM => f.write_str("type_member"),
Token::GF => f.write_str("genfscon"), Token::GF => f.write_str("genfscon"),
Token::IO => f.write_str("ioctl"),
Token::LB => f.write_char('{'), Token::LB => f.write_char('{'),
Token::RB => f.write_char('}'), Token::RB => f.write_char('}'),
Token::CM => f.write_char(','), Token::CM => f.write_char(','),