android/SukiSU-Ultra
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

kernel: add uid observer, correctly prune uid allowlist when app is installed/uninstalled.

Browse Source
This commit is contained in:
weishu
2023-01-17 12:44:22 +07:00
parent 2ab60750d4
commit ab36e1fa0c
7 changed files with 256 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
kernel/selinux/rules.c
View File

@@ -51,6 +51,12 @@ void apply_kernelsu_rules()
ksu_allow(db, "kernel", "adb_data_file", "file", ALL);
// we may need to do mount on shell
ksu_allow(db, "kernel", "shell_data_file", "file", ALL);
// we need to read /data/system/packages.list
ksu_allow(db, "kernel", "kernel", "capability", "dac_override");
// Android 10+: http://aospxref.com/android-12.0.0_r3/xref/system/sepolicy/private/file_contexts#512
ksu_allow(db, "kernel", "packages_list_file", "file", ALL);
// Android 9-: http://aospxref.com/android-9.0.0_r61/xref/system/sepolicy/private/file_contexts#360
ksu_allow(db, "kernel", "system_data_file", "file", ALL);
// our ksud triggered by init
ksu_allow(db, "init", "adb_data_file", "file", "execute");