android/SukiSU-Ultra
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

kernel: selinux: Use switch-case instead of if-else

Browse Source 
Signed-off-by: Faris <rissu.ntk@gmail.com>
This commit is contained in:
Faris
2025-11-07 16:52:14 +07:00
committed by ShirkNeko
parent 97b57de3d0
commit 4d7dd32b11
1 changed files with 71 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

133
kernel/selinux/rules.c
View File

@@ -160,13 +160,13 @@ void apply_kernelsu_rules(void)
struct sepol_data { struct sepol_data {
uint32_t cmd; uint32_t cmd;
uint32_t subcmd; uint32_t subcmd;
uint64_t field_sepol1; uint64_t sepol1;
uint64_t field_sepol2; uint64_t sepol2;
uint64_t field_sepol3; uint64_t sepol3;
uint64_t field_sepol4; uint64_t sepol4;
uint64_t field_sepol5; uint64_t sepol5;
uint64_t field_sepol6; uint64_t sepol6;
uint64_t field_sepol7; uint64_t sepol7;
}; };
static int get_object(char *buf, char __user *user_object, size_t buf_sz, static int get_object(char *buf, char __user *user_object, size_t buf_sz,
@@ -215,59 +215,52 @@ int handle_sepolicy(unsigned long arg3, void __user *arg4)
pr_info("SELinux permissive or disabled when handle policy!\n"); pr_info("SELinux permissive or disabled when handle policy!\n");
} }
u32 cmd, subcmd;
char __user *sepol1, *sepol2, *sepol3, *sepol4, *sepol5, *sepol6,
*sepol7;
struct sepol_data data = { 0 }; struct sepol_data data = { 0 };
if (copy_from_user(&data, arg4, sizeof(struct sepol_data))) { if (copy_from_user(&data, arg4, sizeof(struct sepol_data))) {
pr_err("sepol: copy sepol_data failed.\n"); pr_err("sepol: copy sepol_data failed.\n");
return -EINVAL; return -EINVAL;
} }
sepol1 = (char __user *)data.field_sepol1; u32 cmd = data.cmd;
sepol2 = (char __user *)data.field_sepol2; u32 subcmd = data.subcmd;
sepol3 = (char __user *)data.field_sepol3;
sepol4 = (char __user *)data.field_sepol4;
sepol5 = (char __user *)data.field_sepol5;
sepol6 = (char __user *)data.field_sepol6;
sepol7 = (char __user *)data.field_sepol7;
cmd = data.cmd;
subcmd = data.subcmd;
mutex_lock(&ksu_rules); mutex_lock(&ksu_rules);
db = get_policydb(); db = get_policydb();
int ret = -EINVAL; int ret = -EINVAL;
if (cmd == CMD_NORMAL_PERM) {
switch (cmd) {
case CMD_NORMAL_PERM: {
char src_buf[MAX_SEPOL_LEN]; char src_buf[MAX_SEPOL_LEN];
char tgt_buf[MAX_SEPOL_LEN]; char tgt_buf[MAX_SEPOL_LEN];
char cls_buf[MAX_SEPOL_LEN]; char cls_buf[MAX_SEPOL_LEN];
char perm_buf[MAX_SEPOL_LEN]; char perm_buf[MAX_SEPOL_LEN];
char *s, *t, *c, *p; char *s, *t, *c, *p;
if (get_object(src_buf, sepol1, sizeof(src_buf), &s) < 0) { if (get_object(src_buf, data.sepol1, sizeof(src_buf), &s) < 0) {
pr_err("sepol: copy src failed.\n"); pr_err("sepol: copy src failed.\n");
goto exit; goto exit;
} }
if (get_object(tgt_buf, sepol2, sizeof(tgt_buf), &t) < 0) { if (get_object(tgt_buf, data.sepol2, sizeof(tgt_buf), &t) < 0) {
pr_err("sepol: copy tgt failed.\n"); pr_err("sepol: copy tgt failed.\n");
goto exit; goto exit;
} }
if (get_object(cls_buf, sepol3, sizeof(cls_buf), &c) < 0) { if (get_object(cls_buf, data.sepol3, sizeof(cls_buf), &c) < 0) {
pr_err("sepol: copy cls failed.\n"); pr_err("sepol: copy cls failed.\n");
goto exit; goto exit;
} }
if (get_object(perm_buf, sepol4, sizeof(perm_buf), &p) < 0) { if (get_object(perm_buf, data.sepol4, sizeof(perm_buf), &p) <
0) {
pr_err("sepol: copy perm failed.\n"); pr_err("sepol: copy perm failed.\n");
goto exit; goto exit;
} }
bool success = false; bool success = false;
if (subcmd == 1) { if (subcmd == 1) {
success = ksu_allow(db, s, t, c, p); success = ksu_allow(db, s, t, c, p);
} else if (subcmd == 2) { } else if (subcmd == 2) {
@@ -280,8 +273,9 @@ int handle_sepolicy(unsigned long arg3, void __user *arg4)
pr_err("sepol: unknown subcmd: %d\n", subcmd); pr_err("sepol: unknown subcmd: %d\n", subcmd);
} }
ret = success ? 0 : -EINVAL; ret = success ? 0 : -EINVAL;
break;
} else if (cmd == CMD_XPERM) { }
case CMD_XPERM: {
char src_buf[MAX_SEPOL_LEN]; char src_buf[MAX_SEPOL_LEN];
char tgt_buf[MAX_SEPOL_LEN]; char tgt_buf[MAX_SEPOL_LEN];
char cls_buf[MAX_SEPOL_LEN]; char cls_buf[MAX_SEPOL_LEN];
@@ -291,24 +285,25 @@ int handle_sepolicy(unsigned long arg3, void __user *arg4)
char perm_set[MAX_SEPOL_LEN]; char perm_set[MAX_SEPOL_LEN];
char *s, *t, *c; char *s, *t, *c;
if (get_object(src_buf, sepol1, sizeof(src_buf), &s) < 0) { if (get_object(src_buf, data.sepol1, sizeof(src_buf), &s) < 0) {
pr_err("sepol: copy src failed.\n"); pr_err("sepol: copy src failed.\n");
goto exit; goto exit;
} }
if (get_object(tgt_buf, sepol2, sizeof(tgt_buf), &t) < 0) { if (get_object(tgt_buf, data.sepol2, sizeof(tgt_buf), &t) < 0) {
pr_err("sepol: copy tgt failed.\n"); pr_err("sepol: copy tgt failed.\n");
goto exit; goto exit;
} }
if (get_object(cls_buf, sepol3, sizeof(cls_buf), &c) < 0) { if (get_object(cls_buf, data.sepol3, sizeof(cls_buf), &c) < 0) {
pr_err("sepol: copy cls failed.\n"); pr_err("sepol: copy cls failed.\n");
goto exit; goto exit;
} }
if (strncpy_from_user(operation, sepol4, sizeof(operation)) < if (strncpy_from_user(operation, data.sepol4,
0) { sizeof(operation)) < 0) {
pr_err("sepol: copy operation failed.\n"); pr_err("sepol: copy operation failed.\n");
goto exit; goto exit;
} }
if (strncpy_from_user(perm_set, sepol5, sizeof(perm_set)) < 0) { if (strncpy_from_user(perm_set, data.sepol5, sizeof(perm_set)) <
0) {
pr_err("sepol: copy perm_set failed.\n"); pr_err("sepol: copy perm_set failed.\n");
goto exit; goto exit;
} }
@@ -324,10 +319,12 @@ int handle_sepolicy(unsigned long arg3, void __user *arg4)
pr_err("sepol: unknown subcmd: %d\n", subcmd); pr_err("sepol: unknown subcmd: %d\n", subcmd);
} }
ret = success ? 0 : -EINVAL; ret = success ? 0 : -EINVAL;
} else if (cmd == CMD_TYPE_STATE) { break;
}
case CMD_TYPE_STATE: {
char src[MAX_SEPOL_LEN]; char src[MAX_SEPOL_LEN];
if (strncpy_from_user(src, sepol1, sizeof(src)) < 0) { if (strncpy_from_user(src, data.sepol1, sizeof(src)) < 0) {
pr_err("sepol: copy src failed.\n"); pr_err("sepol: copy src failed.\n");
goto exit; goto exit;
} }
@@ -342,16 +339,18 @@ int handle_sepolicy(unsigned long arg3, void __user *arg4)
} }
if (success) if (success)
ret = 0; ret = 0;
break;
} else if (cmd == CMD_TYPE || cmd == CMD_TYPE_ATTR) { }
case CMD_TYPE:
case CMD_TYPE_ATTR: {
char type[MAX_SEPOL_LEN]; char type[MAX_SEPOL_LEN];
char attr[MAX_SEPOL_LEN]; char attr[MAX_SEPOL_LEN];
if (strncpy_from_user(type, sepol1, sizeof(type)) < 0) { if (strncpy_from_user(type, data.sepol1, sizeof(type)) < 0) {
pr_err("sepol: copy type failed.\n"); pr_err("sepol: copy type failed.\n");
goto exit; goto exit;
} }
if (strncpy_from_user(attr, sepol2, sizeof(attr)) < 0) { if (strncpy_from_user(attr, data.sepol2, sizeof(attr)) < 0) {
pr_err("sepol: copy attr failed.\n"); pr_err("sepol: copy attr failed.\n");
goto exit; goto exit;
} }
@@ -367,11 +366,12 @@ int handle_sepolicy(unsigned long arg3, void __user *arg4)
goto exit; goto exit;
} }
ret = 0; ret = 0;
break;
} else if (cmd == CMD_ATTR) { }
case CMD_ATTR: {
char attr[MAX_SEPOL_LEN]; char attr[MAX_SEPOL_LEN];
if (strncpy_from_user(attr, sepol1, sizeof(attr)) < 0) { if (strncpy_from_user(attr, data.sepol1, sizeof(attr)) < 0) {
pr_err("sepol: copy attr failed.\n"); pr_err("sepol: copy attr failed.\n");
goto exit; goto exit;
} }
@@ -380,37 +380,38 @@ int handle_sepolicy(unsigned long arg3, void __user *arg4)
goto exit; goto exit;
} }
ret = 0; ret = 0;
break;
} else if (cmd == CMD_TYPE_TRANSITION) { }
case CMD_TYPE_TRANSITION: {
char src[MAX_SEPOL_LEN]; char src[MAX_SEPOL_LEN];
char tgt[MAX_SEPOL_LEN]; char tgt[MAX_SEPOL_LEN];
char cls[MAX_SEPOL_LEN]; char cls[MAX_SEPOL_LEN];
char default_type[MAX_SEPOL_LEN]; char default_type[MAX_SEPOL_LEN];
char object[MAX_SEPOL_LEN]; char object[MAX_SEPOL_LEN];
if (strncpy_from_user(src, sepol1, sizeof(src)) < 0) { if (strncpy_from_user(src, data.sepol1, sizeof(src)) < 0) {
pr_err("sepol: copy src failed.\n"); pr_err("sepol: copy src failed.\n");
goto exit; goto exit;
} }
if (strncpy_from_user(tgt, sepol2, sizeof(tgt)) < 0) { if (strncpy_from_user(tgt, data.sepol2, sizeof(tgt)) < 0) {
pr_err("sepol: copy tgt failed.\n"); pr_err("sepol: copy tgt failed.\n");
goto exit; goto exit;
} }
if (strncpy_from_user(cls, sepol3, sizeof(cls)) < 0) { if (strncpy_from_user(cls, data.sepol3, sizeof(cls)) < 0) {
pr_err("sepol: copy cls failed.\n"); pr_err("sepol: copy cls failed.\n");
goto exit; goto exit;
} }
if (strncpy_from_user(default_type, sepol4, if (strncpy_from_user(default_type, data.sepol4,
sizeof(default_type)) < 0) { sizeof(default_type)) < 0) {
pr_err("sepol: copy default_type failed.\n"); pr_err("sepol: copy default_type failed.\n");
goto exit; goto exit;
} }
char *real_object; char *real_object;
if (sepol5 == NULL) { if (data.sepol5 == NULL) {
real_object = NULL; real_object = NULL;
} else { } else {
if (strncpy_from_user(object, sepol5, sizeof(object)) < if (strncpy_from_user(object, data.sepol5,
0) { sizeof(object)) < 0) {
pr_err("sepol: copy object failed.\n"); pr_err("sepol: copy object failed.\n");
goto exit; goto exit;
} }
@@ -421,26 +422,27 @@ int handle_sepolicy(unsigned long arg3, void __user *arg4)
default_type, real_object); default_type, real_object);
if (success) if (success)
ret = 0; ret = 0;
break;
} else if (cmd == CMD_TYPE_CHANGE) { }
case CMD_TYPE_CHANGE: {
char src[MAX_SEPOL_LEN]; char src[MAX_SEPOL_LEN];
char tgt[MAX_SEPOL_LEN]; char tgt[MAX_SEPOL_LEN];
char cls[MAX_SEPOL_LEN]; char cls[MAX_SEPOL_LEN];
char default_type[MAX_SEPOL_LEN]; char default_type[MAX_SEPOL_LEN];
if (strncpy_from_user(src, sepol1, sizeof(src)) < 0) { if (strncpy_from_user(src, data.sepol1, sizeof(src)) < 0) {
pr_err("sepol: copy src failed.\n"); pr_err("sepol: copy src failed.\n");
goto exit; goto exit;
} }
if (strncpy_from_user(tgt, sepol2, sizeof(tgt)) < 0) { if (strncpy_from_user(tgt, data.sepol2, sizeof(tgt)) < 0) {
pr_err("sepol: copy tgt failed.\n"); pr_err("sepol: copy tgt failed.\n");
goto exit; goto exit;
} }
if (strncpy_from_user(cls, sepol3, sizeof(cls)) < 0) { if (strncpy_from_user(cls, data.sepol3, sizeof(cls)) < 0) {
pr_err("sepol: copy cls failed.\n"); pr_err("sepol: copy cls failed.\n");
goto exit; goto exit;
} }
if (strncpy_from_user(default_type, sepol4, if (strncpy_from_user(default_type, data.sepol4,
sizeof(default_type)) < 0) { sizeof(default_type)) < 0) {
pr_err("sepol: copy default_type failed.\n"); pr_err("sepol: copy default_type failed.\n");
goto exit; goto exit;
@@ -457,19 +459,22 @@ int handle_sepolicy(unsigned long arg3, void __user *arg4)
} }
if (success) if (success)
ret = 0; ret = 0;
} else if (cmd == CMD_GENFSCON) { break;
}
case CMD_GENFSCON: {
char name[MAX_SEPOL_LEN]; char name[MAX_SEPOL_LEN];
char path[MAX_SEPOL_LEN]; char path[MAX_SEPOL_LEN];
char context[MAX_SEPOL_LEN]; char context[MAX_SEPOL_LEN];
if (strncpy_from_user(name, sepol1, sizeof(name)) < 0) { if (strncpy_from_user(name, data.sepol1, sizeof(name)) < 0) {
pr_err("sepol: copy name failed.\n"); pr_err("sepol: copy name failed.\n");
goto exit; goto exit;
} }
if (strncpy_from_user(path, sepol2, sizeof(path)) < 0) { if (strncpy_from_user(path, data.sepol2, sizeof(path)) < 0) {
pr_err("sepol: copy path failed.\n"); pr_err("sepol: copy path failed.\n");
goto exit; goto exit;
} }
if (strncpy_from_user(context, sepol3, sizeof(context)) < 0) { if (strncpy_from_user(context, data.sepol3, sizeof(context)) <
0) {
pr_err("sepol: copy context failed.\n"); pr_err("sepol: copy context failed.\n");
goto exit; goto exit;
} }
@@ -479,8 +484,12 @@ int handle_sepolicy(unsigned long arg3, void __user *arg4)
goto exit; goto exit;
} }
ret = 0; ret = 0;
} else { break;
}
default: {
pr_err("sepol: unknown cmd: %d\n", cmd); pr_err("sepol: unknown cmd: %d\n", cmd);
break;
}
} }
exit: exit: