mirror of
https://github.com/topjohnwu/Magisk.git
synced 2024-12-26 05:57:39 +00:00
Add rules for magiskinit daemon
This commit is contained in:
parent
e5b6121d17
commit
8ee9984e4e
7
rules.c
7
rules.c
@ -163,11 +163,12 @@ void sepol_min_rules() {
|
|||||||
sepol_attradd("su", "mlstrustedsubject");
|
sepol_attradd("su", "mlstrustedsubject");
|
||||||
sepol_attradd("su_device", "mlstrustedobject");
|
sepol_attradd("su_device", "mlstrustedobject");
|
||||||
|
|
||||||
// Let pre-init do stuffs
|
// Let magiskinit daemon monitor and transit to su
|
||||||
sepol_allow("kernel", "kernel", "security", "load_policy");
|
|
||||||
sepol_allow("kernel", "kernel", "capability", "dac_override");
|
|
||||||
sepol_allow("kernel", "device", "dir", ALL);
|
sepol_allow("kernel", "device", "dir", ALL);
|
||||||
sepol_allow("kernel", "device", "file", ALL);
|
sepol_allow("kernel", "device", "file", ALL);
|
||||||
|
sepol_allow("kernel", "su", "unix_stream_socket", "connectto");
|
||||||
|
sepol_allow("kernel", "kernel", "process", "setcurrent");
|
||||||
|
sepol_allow("kernel", "su", "process", "dyntransition");
|
||||||
|
|
||||||
// Let init run stuffs in su context
|
// Let init run stuffs in su context
|
||||||
sepol_allow("kernel", "su", "fd", "use");
|
sepol_allow("kernel", "su", "fd", "use");
|
||||||
|
Loading…
x
Reference in New Issue
Block a user