MarcoBuster/Magisk
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Update rules

Browse Source
This commit is contained in:
topjohnwu 2017-07-14 00:49:40 +08:00
parent 4c7e081e15
commit c1c6f55f8f
2 changed files with 3 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
magiskpolicy.c
View File

@ -3,19 +3,7 @@
* Includes all the parsing logic for the policy statements * Includes all the parsing logic for the policy statements
*/ */
#ifdef INDEP_BINARY
int magiskpolicy_main(int argc, char *argv[]);
int main(int argc, char *argv[]) {
return magiskpolicy_main(argc, argv);
}
#define SELINUX_PATH "/sys/fs/selinux/"
#define SELINUX_ENFORCE SELINUX_PATH "enforce"
#define SELINUX_POLICY SELINUX_PATH "policy"
#define SELINUX_LOAD SELINUX_PATH "load"
#else
#include "magisk.h" #include "magisk.h"
#endif
#include "magiskpolicy.h" #include "magiskpolicy.h"
#include "sepolicy.h" #include "sepolicy.h"

3
rules.c
View File

@ -227,6 +227,9 @@ void sepol_min_rules() {
sepol_allow("su", "labeledfs", "filesystem", "unmount"); sepol_allow("su", "labeledfs", "filesystem", "unmount");
sepol_allow("kernel", "system_data_file", "file", "read"); sepol_allow("kernel", "system_data_file", "file", "read");
// For changing attributes
sepol_allow("rootfs", "tmpfs", "filesystem", "associate");
// Xposed // Xposed
sepol_allow("untrusted_app", "untrusted_app", "capability", "setgid"); sepol_allow("untrusted_app", "untrusted_app", "capability", "setgid");
sepol_allow("system_server", "dex2oat_exec", "file", ALL); sepol_allow("system_server", "dex2oat_exec", "file", ALL);