MarcoBuster/Magisk
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Support removing redundant avtab nodes

Browse Source
This commit is contained in:
topjohnwu 2018-11-29 05:42:08 -05:00
parent 4c2f33a089
commit ac60b51035
2 changed files with 24 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
native/jni/external/selinux vendored

@ -1 +1 @@
Subproject commit c49f5e9d8ee90d256dfdb778701894e100cdfca0 Subproject commit 4d7d59c49675eef4a18c2b1f73e630bf675811f9

36
native/jni/magiskpolicy/sepolicy.c
View File

@ -65,6 +65,18 @@ static int set_attr(const char *type, int value) {
return 0; return 0;
} }
static void check_avtab_node(avtab_ptr_t node) {
int redundant = 0;
if (node->key.specified == AVTAB_AUDITDENY)
redundant = node->datum.data == ~0U;
else if (node->key.specified & AVTAB_XPERMS)
redundant = node->datum.xperms == NULL;
else
redundant = node->datum.data == 0U;
if (redundant)
avtab_remove_node(&policydb->te_avtab, node);
}
static avtab_ptr_t get_avtab_node(avtab_key_t *key, avtab_extended_perms_t *xperms) { static avtab_ptr_t get_avtab_node(avtab_key_t *key, avtab_extended_perms_t *xperms) {
avtab_ptr_t node; avtab_ptr_t node;
avtab_datum_t avdatum; avtab_datum_t avdatum;
@ -102,19 +114,19 @@ static avtab_ptr_t get_avtab_node(avtab_key_t *key, avtab_extended_perms_t *xper
} }
static int add_avrule(avtab_key_t *key, int p, int not) { static int add_avrule(avtab_key_t *key, int p, int not) {
avtab_datum_t *datum = &get_avtab_node(key, NULL)->datum; avtab_ptr_t node = get_avtab_node(key, NULL);
if(not) { if (not) {
if (p < 0) if (p < 0)
datum->data = 0U; node->datum.data = 0U;
else else
datum->data &= ~(1U << (p - 1)); node->datum.data &= ~(1U << (p - 1));
} else { } else {
if (p < 0) if (p < 0)
datum->data = ~0U; node->datum.data = ~0U;
else else
datum->data |= 1U << (p - 1); node->datum.data |= 1U << (p - 1);
} }
check_avtab_node(node);
return 0; return 0;
} }
@ -322,7 +334,7 @@ int dump_policydb(const char *filename) {
size_t len; size_t len;
policydb_to_image(NULL, policydb, &data, &len); policydb_to_image(NULL, policydb, &data, &len);
if (data == NULL) { if (data == NULL) {
LOGE("Fail to dump policy image!"); LOGE("Fail to dump policy image!\n");
return 1; return 1;
} }
@ -590,9 +602,6 @@ int add_type_rule(const char *s, const char *t, const char *c, const char *d, in
type_datum_t *src, *tgt, *def; type_datum_t *src, *tgt, *def;
class_datum_t *cls; class_datum_t *cls;
avtab_key_t key;
avtab_datum_t *av;
src = hashtab_search(policydb->p_types.table, s); src = hashtab_search(policydb->p_types.table, s);
if (src == NULL) { if (src == NULL) {
LOGW("source type %s does not exist\n", s); LOGW("source type %s does not exist\n", s);
@ -614,13 +623,14 @@ int add_type_rule(const char *s, const char *t, const char *c, const char *d, in
return 1; return 1;
} }
avtab_key_t key;
key.source_type = src->s.value; key.source_type = src->s.value;
key.target_type = tgt->s.value; key.target_type = tgt->s.value;
key.target_class = cls->s.value; key.target_class = cls->s.value;
key.specified = effect; key.specified = effect;
av = &get_avtab_node(&key, NULL)->datum; avtab_ptr_t node = get_avtab_node(&key, NULL);
av->data = def->s.value; node->datum.data = def->s.value;
return 0; return 0;
} }