From e989195a6868028f4dd08888dc1d1b17163e9864 Mon Sep 17 00:00:00 2001
From: topjohnwu <topjohnwu@gmail.com>
Date: Thu, 30 Nov 2017 20:57:40 +0800
Subject: [PATCH] Update magiskpolicy

---
 jni/Android.mk             |  1 +
 jni/core/daemon.c          |  1 -
 jni/core/magiskinit.c      |  6 ++++--
 jni/include/magiskpolicy.h | 36 ------------------------------------
 jni/magiskpolicy           |  2 +-
 5 files changed, 6 insertions(+), 40 deletions(-)
 delete mode 100644 jni/include/magiskpolicy.h

diff --git a/jni/Android.mk b/jni/Android.mk
index 30b263e48..51df2c8db 100644
--- a/jni/Android.mk
+++ b/jni/Android.mk
@@ -63,6 +63,7 @@ LOCAL_MODULE := magiskinit
 LOCAL_STATIC_LIBRARIES := libsepol liblzma
 LOCAL_C_INCLUDES := \
 	jni/include \
+	jni/magiskpolicy \
 	out/$(TARGET_ARCH_ABI) \
 	$(LIBSEPOL) \
 	$(LIBLZMA)
diff --git a/jni/core/daemon.c b/jni/core/daemon.c
index 89b7a92e5..4418e2ee0 100644
--- a/jni/core/daemon.c
+++ b/jni/core/daemon.c
@@ -19,7 +19,6 @@
 #include "magisk.h"
 #include "utils.h"
 #include "daemon.h"
-#include "magiskpolicy.h"
 #include "resetprop.h"
 
 pthread_t sepol_patch;
diff --git a/jni/core/magiskinit.c b/jni/core/magiskinit.c
index a045193bd..56dd764ad 100644
--- a/jni/core/magiskinit.c
+++ b/jni/core/magiskinit.c
@@ -299,7 +299,7 @@ static void patch_sepolicy() {
 		compile_cil();
 	}
 
-	sepol_med_rules();
+	sepol_magisk_rules();
 	dump_policydb("/sepolicy");
 }
 
@@ -345,6 +345,8 @@ static int dump_magiskrc(const char *path, mode_t mode) {
 
 static void magisk_init_daemon() {
 	setsid();
+
+	// Full patch
 	sepol_allow("su", ALL, ALL, ALL);
 
 	// Wait till init cold boot done
@@ -358,7 +360,7 @@ static void magisk_init_daemon() {
 
 	// Dump full patch to kernel
 	dump_policydb(SELINUX_LOAD);
-	close(open(PATCHDONE, O_RDONLY | O_CREAT, 0));
+	close(creat(PATCHDONE, 0));
 	destroy_policydb();
 
 	// Keep Magisk daemon always alive
diff --git a/jni/include/magiskpolicy.h b/jni/include/magiskpolicy.h
deleted file mode 100644
index 062e0bb03..000000000
--- a/jni/include/magiskpolicy.h
+++ /dev/null
@@ -1,36 +0,0 @@
-/* magiskpolicy.h - Public API for policy patching
- */
-
-#ifndef _MAGISKPOLICY_H
-#define _MAGISKPOLICY_H
-
-#include <stdlib.h>
-
-#define ALL NULL
-
-// policydb functions
-int load_policydb(const char *filename);
-int dump_policydb(const char *filename);
-void destroy_policydb();
-
-// Handy functions
-int sepol_allow(char *s, char *t, char *c, char *p);
-int sepol_deny(char *s, char *t, char *c, char *p);
-int sepol_auditallow(char *s, char *t, char *c, char *p);
-int sepol_auditdeny(char *s, char *t, char *c, char *p);
-int sepol_typetrans(char *s, char *t, char *c, char *d, char *o);
-int sepol_allowxperm(char *s, char *t, char *c, char *range);
-int sepol_auditallowxperm(char *s, char *t, char *c, char *range);
-int sepol_dontauditxperm(char *s, char *t, char *c, char *range);
-int sepol_create(char *s);
-int sepol_permissive(char *s);
-int sepol_enforce(char *s);
-int sepol_attradd(char *s, char *a);
-int sepol_exists(char *source);
-
-// Built in rules
-void sepol_min_rules();
-void sepol_med_rules();
-void sepol_full_rules();
-
-#endif
diff --git a/jni/magiskpolicy b/jni/magiskpolicy
index 8ee9984e4..d7a612727 160000
--- a/jni/magiskpolicy
+++ b/jni/magiskpolicy
@@ -1 +1 @@
-Subproject commit 8ee9984e4e0a0ce1917d4b131205c79a15f85876
+Subproject commit d7a6127273407a32bccf75e70fa7bbe84c14e4f8