MarcoBuster/Magisk
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add -n option for noaudit

Browse Source
This commit is contained in:
Pierre-Hugues Husson 2015-11-01 20:57:00 +01:00
parent 4ab478c49c
commit ca7d09d1cb
1 changed files with 11 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
sepolicy-inject.c
View File

@ -128,7 +128,7 @@ void create_domain(char *d, policydb_t *policy) {
set_attr("domain", value, policy); set_attr("domain", value, policy);
} }
int add_rule(char *s, char *t, char *c, char *p, policydb_t *policy) { int add_rule(char *s, char *t, char *c, char *p, int effect, policydb_t *policy) {
type_datum_t *src, *tgt; type_datum_t *src, *tgt;
class_datum_t *cls; class_datum_t *cls;
perm_datum_t *perm; perm_datum_t *perm;
@ -167,7 +167,7 @@ int add_rule(char *s, char *t, char *c, char *p, policydb_t *policy) {
key.source_type = src->s.value; key.source_type = src->s.value;
key.target_type = tgt->s.value; key.target_type = tgt->s.value;
key.target_class = cls->s.value; key.target_class = cls->s.value;
key.specified = AVTAB_ALLOWED; key.specified = effect;
av = avtab_search(&policy->te_avtab, &key); av = avtab_search(&policy->te_avtab, &key);
if (av == NULL) { if (av == NULL) {
@ -354,7 +354,7 @@ int main(int argc, char **argv)
sidtab_t sidtab; sidtab_t sidtab;
char ch; char ch;
FILE *fp; FILE *fp;
int permissive_value = 0; int permissive_value = 0, noaudit = 0;
struct option long_options[] = { struct option long_options[] = {
@ -365,6 +365,7 @@ int main(int argc, char **argv)
{"perm", required_argument, NULL, 'p'}, {"perm", required_argument, NULL, 'p'},
{"fcon", required_argument, NULL, 'f'}, {"fcon", required_argument, NULL, 'f'},
{"filetransition", required_argument, NULL, 'g'}, {"filetransition", required_argument, NULL, 'g'},
{"noaudit", no_argument, NULL, 'n'},
{"policy", required_argument, NULL, 'P'}, {"policy", required_argument, NULL, 'P'},
{"output", required_argument, NULL, 'o'}, {"output", required_argument, NULL, 'o'},
{"permissive", required_argument, NULL, 'Z'}, {"permissive", required_argument, NULL, 'Z'},
@ -372,7 +373,7 @@ int main(int argc, char **argv)
{NULL, 0, NULL, 0} {NULL, 0, NULL, 0}
}; };
while ((ch = getopt_long(argc, argv, "a:f:g:s:t:c:p:P:o:Z:z:", long_options, NULL)) != -1) { while ((ch = getopt_long(argc, argv, "a:f:g:s:t:c:p:P:o:Z:z:n", long_options, NULL)) != -1) {
switch (ch) { switch (ch) {
case 'a': case 'a':
attr = optarg; attr = optarg;
@ -409,6 +410,9 @@ int main(int argc, char **argv)
permissive = optarg; permissive = optarg;
permissive_value = 0; permissive_value = 0;
break; break;
case 'n':
noaudit = 1;
break;
default: default:
usage(argv[0]); usage(argv[0]);
} }
@ -450,9 +454,11 @@ int main(int argc, char **argv)
add_transition(source, fcon, target, class, &policydb); add_transition(source, fcon, target, class, &policydb);
} else if(attr) { } else if(attr) {
add_type(source, attr, &policydb); add_type(source, attr, &policydb);
} else if(noaudit) {
add_rule(source, target, class, perm, AVTAB_AUDITDENY, &policydb);
} else { } else {
create_domain(source, &policydb); create_domain(source, &policydb);
if (add_rule(source, target, class, perm, &policydb)) { if (add_rule(source, target, class, perm, AVTAB_ALLOWED, &policydb)) {
fprintf(stderr, "Could not add rule\n"); fprintf(stderr, "Could not add rule\n");
return 1; return 1;
} }