kernel: support sepolicy

2023-01-31 18:54:28 +07:00
parent 2766e24007
commit b9e27621ee
3 changed files with 328 additions and 9 deletions
--- a/kernel/core_hook.c
+++ b/kernel/core_hook.c
@@ -23,6 +23,8 @@
 #include "selinux/selinux.h"
 #include "uid_observer.h"

+extern int handle_sepolicy(unsigned long arg3, void __user *arg4);
+
 static inline bool is_allow_su()
 {
 	if (is_manager()) {
@@ -230,6 +232,16 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3,
 		return 0;
 	}

+	if (arg2 == CMD_SET_SEPOLICY) {
+		if (!handle_sepolicy(arg3, arg4)) {
+			if (copy_to_user(result, &reply_ok, sizeof(reply_ok))) {
+				pr_err("sepolicy: prctl reply error\n");
+			}
+		}
+
+		return 0;
+	}
+
 	// all other cmds are for 'root manager'
 	if (!is_manager()) {
 		pr_info("Only manager can do cmd: %d\n", arg2);