TheArchive/Magisk
1
0
Fork 0
mirror of https://github.com/topjohnwu/Magisk.git synced 2025-02-22 09:28:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Move MagiskInit::patch_sepolicy to rust

Browse Source
This commit is contained in:
LoveSy 2025-02-01 21:02:48 +08:00 committed by John Wu
parent da58571ce5
commit caad129d69
3 changed files with 32 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
native/src/init/lib.rs
View File

@ -14,6 +14,7 @@ mod rootdir;
mod getinfo; mod getinfo;
mod init; mod init;
mod twostage; mod twostage;
mod selinux;
#[cxx::bridge] #[cxx::bridge]
pub mod ffi { pub mod ffi {
@ -54,6 +55,8 @@ pub mod ffi {
extern "Rust" { extern "Rust" {
fn print(self: &BootConfig); fn print(self: &BootConfig);
fn patch_sepolicy(self: &MagiskInit, in_: Utf8CStrRef, out: Utf8CStrRef);
} }
unsafe extern "C++" { unsafe extern "C++" {
@ -82,7 +85,6 @@ pub mod ffi {
fn patch_ro_root(self: &mut MagiskInit); fn patch_ro_root(self: &mut MagiskInit);
// SELinux // SELinux
unsafe fn patch_sepolicy(self: &MagiskInit, in_: *const c_char, out: *const c_char);
fn hijack_sepolicy(self: &mut MagiskInit) -> bool; fn hijack_sepolicy(self: &mut MagiskInit) -> bool;
fn backup_init(self: &MagiskInit) -> *const c_char; fn backup_init(self: &MagiskInit) -> *const c_char;
} }

23
native/src/init/selinux.cpp
View File

@ -7,29 +7,6 @@
using namespace std; using namespace std;
void MagiskInit::patch_sepolicy(const char *in, const char *out) const noexcept {
LOGD("Patching monolithic policy\n");
auto sepol = SePolicy::from_file(in);
sepol.magisk_rules();
// Custom rules
auto rule = "/data/" PREINITMIRR "/sepolicy.rule";
if (xaccess(rule, R_OK) == 0) {
LOGD("Loading custom sepolicy patch: [%s]\n", rule);
sepol.load_rule_file(rule);
}
LOGD("Dumping sepolicy to: [%s]\n", out);
sepol.to_file(out);
// Remove OnePlus stupid debug sepolicy and use our own
if (access("/sepolicy_debug", F_OK) == 0) {
unlink("/sepolicy_debug");
link("/sepolicy", "/sepolicy_debug");
}
}
#define MOCK_COMPAT SELINUXMOCK "/compatible" #define MOCK_COMPAT SELINUXMOCK "/compatible"
#define MOCK_LOAD SELINUXMOCK "/load" #define MOCK_LOAD SELINUXMOCK "/load"
#define MOCK_ENFORCE SELINUXMOCK "/enforce" #define MOCK_ENFORCE SELINUXMOCK "/enforce"

29
native/src/init/selinux.rs Normal file
View File

@ -0,0 +1,29 @@
use crate::ffi::MagiskInit;
use base::{cstr, debug, ffi::Utf8CStrRef, FsPath};
use magiskpolicy::ffi::SePolicy;
impl MagiskInit {
pub(crate) fn patch_sepolicy(self: &MagiskInit, in_: Utf8CStrRef, out: Utf8CStrRef) {
debug!("Patching monolithic policy");
let mut sepol = SePolicy::from_file(in_);
sepol.magisk_rules();
// Custom rules
let rule = FsPath::from(cstr!("/data/.magisk/preinit/sepolicy.rule"));
if rule.exists() {
debug!("Loading custom sepolicy patch: [{}]", rule);
sepol.load_rule_file(rule);
}
debug!("Dumping sepolicy to: [{}]", out);
sepol.to_file(out);
// Remove OnePlus stupid debug sepolicy and use our own
let sepol_debug = FsPath::from(cstr!("/sepolicy_debug"));
if sepol_debug.exists() {
sepol_debug.remove().ok();
FsPath::from(cstr!("/sepolicy")).link_to(sepol_debug).ok();
}
}
}