Commit Graph

55 Commits

Author SHA1 Message Date
topjohnwu
76eb629fc2 Merge attribute allow with type allow 2017-02-04 04:24:22 +08:00
topjohnwu
91de738563 Whole new command-line 2017-02-04 01:58:15 +08:00
topjohnwu
abaffc1908 Rename to minimal rules 2017-02-01 23:07:37 +08:00
topjohnwu
ea61d5c1a5 Remove su_daemon domain 2017-02-01 23:04:01 +08:00
topjohnwu
9a14931175 Update rules 2017-02-01 06:00:55 +08:00
topjohnwu
6900c197cd Project restructure 2017-02-01 00:51:45 +08:00
topjohnwu
7dea682713 Add Android.mk 2016-12-30 06:02:26 +08:00
topjohnwu
f760a9d0c2 Add rules to allow chcon to rootfs 2016-11-12 03:03:59 +08:00
topjohnwu
be1dcb7264 Update built-in rules 2016-11-03 01:20:35 +08:00
topjohnwu
3a0df56605 More rules 2016-10-02 23:03:44 +08:00
topjohnwu
98cdee7f03 Add Magisk rules 2016-10-02 22:48:49 +08:00
topjohnwu
f140f5f14b Add rules 2016-09-17 16:53:51 +08:00
topjohnwu
c69db035ee Add built-in rules 2016-09-13 06:34:20 +08:00
topjohnwu
60a7eaf2bb Refacter add_rule to auto mode 2016-09-13 06:34:13 +08:00
topjohnwu
3f43567c8f Delete files not for ndk 2016-09-13 06:33:48 +08:00
topjohnwu
b56a757f2e Add live patch 2016-08-18 04:50:56 +08:00
topjohnwu
f7c0499158 Add auto allow patch support
The patch will work like this:

./sepolicy-inject --auto -P sepolicy
This will allow all possible transition (just like selinux disabled)

./sepolicy-inject --auto -s su -P sepolicy
This will allow all transitions from su to any type

./sepolicy-inject --auto -t su -P sepolicy
This will allow all transitions from any type to su

./sepolicy-inject --auto -c file -P sepolicy
This will allow any transitions involving the class file

./sepolicy-inject --auto -s su -t system_data_file -P sepolicy
This will allow all transitions from su to system_data_file

You should get the logic now :)
2016-08-12 02:50:50 +08:00
topjohnwu
9ebcefee00 Slight refactor 2016-08-11 23:13:10 +08:00
Pierre-Hugues Husson
957e319649 Add --not option to add a DENY rule (or rather delete allow) 2016-02-02 22:17:34 +01:00
Pierre-Hugues Husson
a8978a0d4d Update README 2015-11-14 17:02:09 +01:00
Pierre-Hugues Husson
10712c5ec0 Add -e option to know if a type/class exists 2015-11-14 16:44:13 +01:00
Pierre-Hugues Husson
83c39f57f0 Wrong check 2015-11-14 16:18:07 +01:00
Pierre-Hugues Husson
173757cfa2 Add possibility, when adding a rule, to have target of the format =ATTRIBUTE-remove1-remove2 2015-11-13 00:56:52 +01:00
Pierre-Hugues HUSSON
c6be73dba2 Merge pull request #5 from superr/master
Added arch detection to makefile for x86 and x86_64
2015-11-11 21:30:34 +01:00
superr
ccf293906a Added arch detection to makefile for x86 and x86_64 2015-11-11 14:27:53 -06:00
Pierre-Hugues Husson
0f4c0b95e2 Stop commiting the executable. Commit libs instead, see #4 2015-11-11 21:09:51 +01:00
Pierre-Hugues Husson
82973e7608 Update binary 2015-11-11 14:02:25 +01:00
Pierre-Hugues Husson
c011bccc45 We can now have a list of permissions instead of just one permission, coma separated 2015-11-11 14:02:15 +01:00
Pierre-Hugues Husson
8473caf5a6 Update build options. See #2 2015-11-09 21:33:32 +01:00
Pierre-Hugues Husson
85b038525b Update sepolicy-inject binary 2015-11-03 10:52:16 +01:00
Pierre-Hugues Husson
51a5c3c664 Indent 2015-11-03 10:52:03 +01:00
Pierre-Hugues Husson
d6cda9df0a getopt_long returns int not ch 2015-11-03 10:49:53 +01:00
Pierre-Hugues Husson
ca7d09d1cb Add -n option for noaudit 2015-11-01 20:57:00 +01:00
Pierre-Hugues Husson
4ab478c49c Update prebuilt 2015-11-01 17:39:42 +01:00
Pierre-Hugues Husson
1a1c1fd0da Rename trust function to attr, to be more generic 2015-11-01 17:39:35 +01:00
Pierre-Hugues Husson
370951ab67 Change add_type to update constraints when adding new types 2015-11-01 17:39:06 +01:00
Pierre-Hugues Husson
a0632a572a Add -g option to enable filename-based transitions 2015-11-01 17:38:32 +01:00
Pierre-Hugues Husson
10601e7760 Rename variables in add_transition to be more explicit 2015-11-01 17:32:32 +01:00
Pierre-Hugues Husson
088ce9c2ad Clearer mallocs 2015-11-01 17:32:00 +01:00
Pierre-Hugues Husson
e1a69b97db Fix set_attr 2015-10-26 00:11:37 +01:00
Pierre-Hugues Husson
a2fd45bb95 Add -a option to put a domain in mlstrustedobjects 2015-10-25 18:10:06 +01:00
Pierre-Hugues Husson
01ddd8eaa8 Add -f option to support transition rules 2015-10-25 16:20:42 +01:00
Pierre-Hugues Husson
22fa57b82c Delete that ugly binary 2015-10-25 01:57:03 +02:00
Pierre-Hugues Husson
92a51ca546 Update sepolicy-inject binary with more recent libsepol 2015-10-09 23:57:37 +02:00
Pierre-Hugues Husson
6a9234e634 Fix creating domain when adding rules 2015-10-09 23:56:50 +02:00
Pierre-Hugues Husson
e8d062a95a Compile fail 2015-06-12 19:13:57 +02:00
Pierre-Hugues Husson
3394d64f6c Create domain if it doesn't exist 2015-06-12 12:03:58 +02:00
Pierre-Hugues Husson
0fd5a277ed If out file is not specified, assume outfile = policy 2015-06-12 12:03:27 +02:00
Pierre-Hugues Husson
8eef2818fa Update readme with -z option 2015-06-07 23:00:43 +02:00
Pierre-Hugues Husson
a15703d5af Add -z option to set a domain to NOT permissive 2015-06-07 22:51:10 +02:00