MarcoBuster/Magisk
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix Android 8.0 selinux rules

Browse Source
This commit is contained in:
topjohnwu 2020-09-20 14:39:11 -07:00
parent 9908dfd79a
commit 17b5291bbb
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
native/jni/magiskpolicy/rules.cpp
View File

@ -54,11 +54,15 @@ void sepolicy::magisk_rules() {
allow(SEPOL_CLIENT_DOMAIN, SEPOL_EXEC_TYPE, "file", ALL); allow(SEPOL_CLIENT_DOMAIN, SEPOL_EXEC_TYPE, "file", ALL);
allow(SEPOL_CLIENT_DOMAIN, SEPOL_CLIENT_DOMAIN, ALL, ALL); allow(SEPOL_CLIENT_DOMAIN, SEPOL_CLIENT_DOMAIN, ALL, ALL);
// Allow su client termios ioctl
const char *pts[] { const char *pts[] {
"devpts", "untrusted_app_devpts", "devpts", "untrusted_app_devpts",
"untrusted_app_25_devpts", "untrusted_app_all_devpts" }; "untrusted_app_25_devpts", "untrusted_app_all_devpts" };
for (auto type : pts) { for (auto type : pts) {
allow(SEPOL_CLIENT_DOMAIN, type, "chr_file", "open");
allow(SEPOL_CLIENT_DOMAIN, type, "chr_file", "getattr");
allow(SEPOL_CLIENT_DOMAIN, type, "chr_file", "read");
allow(SEPOL_CLIENT_DOMAIN, type, "chr_file", "write");
allow(SEPOL_CLIENT_DOMAIN, type, "chr_file", "ioctl");
allowxperm(SEPOL_CLIENT_DOMAIN, type, "chr_file", "0x5400-0x54FF"); allowxperm(SEPOL_CLIENT_DOMAIN, type, "chr_file", "0x5400-0x54FF");
} }