From 673fb05c5508643173705d87b129fc6ff406f1cf Mon Sep 17 00:00:00 2001 From: Ziyang Zhou Date: Sun, 9 May 2021 23:12:46 +0800 Subject: [PATCH] ignore selinux --- libselinux/include/selinux/selinux.h | 4 ++++ libselinux/src/android/android_platform.c | 6 ++++++ libselinux/src/checkAccess.c | 1 + libselinux/src/getenforce.c | 1 + libselinux/src/getpeercon.c | 1 + libselinux/src/init.c | 1 + libselinux/src/label.c | 1 + libselinux/src/lgetfilecon.c | 1 + libselinux/src/lsetfilecon.c | 1 + libselinux/src/procattr.c | 2 ++ 10 files changed, 19 insertions(+) diff --git a/libselinux/include/selinux/selinux.h b/libselinux/include/selinux/selinux.h index 01201ee..86db829 100644 --- a/libselinux/include/selinux/selinux.h +++ b/libselinux/include/selinux/selinux.h @@ -4,6 +4,10 @@ #include #include +#define SE_HACK +#define se_hack() if (1) return +#define se_hack1(p) if (1) return p + #ifdef __cplusplus extern "C" { #endif diff --git a/libselinux/src/android/android_platform.c b/libselinux/src/android/android_platform.c index 69566eb..cd6989c 100644 --- a/libselinux/src/android/android_platform.c +++ b/libselinux/src/android/android_platform.c @@ -158,6 +158,7 @@ static struct selabel_handle* selinux_android_file_context(const struct selinux_ struct selabel_handle* selinux_android_file_context_handle(void) { + se_hack1(NULL); struct selinux_opt seopts_file[MAX_FILE_CONTEXT_SIZE]; int size = 0; unsigned int i; @@ -184,6 +185,7 @@ struct selabel_handle* selinux_android_file_context_handle(void) struct selabel_handle* selinux_android_prop_context_handle(void) { + se_hack1(NULL); struct selabel_handle* sehandle; struct selinux_opt seopts_prop[MAX_FILE_CONTEXT_SIZE]; int size = 0; @@ -1098,6 +1100,7 @@ oom: int selinux_android_setcon(const char *con) { + se_hack1(0); int ret = setcon(con); if (ret) return ret; @@ -1114,6 +1117,7 @@ int selinux_android_setcontext(uid_t uid, const char *seinfo, const char *pkgname) { + se_hack1(0); char *orig_ctx_str = NULL, *ctx_str; context_t ctx = NULL; int rc = -1; @@ -1452,6 +1456,7 @@ static int selinux_android_restorecon_common(const char* pathname_orig, uid_t uid, unsigned int flags) { + se_hack1(0); bool nochange = (flags & SELINUX_ANDROID_RESTORECON_NOCHANGE) ? true : false; bool verbose = (flags & SELINUX_ANDROID_RESTORECON_VERBOSE) ? true : false; bool recurse = (flags & SELINUX_ANDROID_RESTORECON_RECURSE) ? true : false; @@ -1665,6 +1670,7 @@ void selinux_android_set_sehandle(const struct selabel_handle *hndl) int selinux_android_load_policy() { + se_hack1(0); int fd = -1; fd = open(sepolicy_file, O_RDONLY | O_NOFOLLOW | O_CLOEXEC); diff --git a/libselinux/src/checkAccess.c b/libselinux/src/checkAccess.c index 8de5747..e1048d8 100644 --- a/libselinux/src/checkAccess.c +++ b/libselinux/src/checkAccess.c @@ -33,6 +33,7 @@ static void avc_init_once(void) } int selinux_check_access(const char *scon, const char *tcon, const char *class, const char *perm, void *aux) { + se_hack1(0); int rc; security_id_t scon_id; security_id_t tcon_id; diff --git a/libselinux/src/getenforce.c b/libselinux/src/getenforce.c index d909dce..fb782b7 100644 --- a/libselinux/src/getenforce.c +++ b/libselinux/src/getenforce.c @@ -11,6 +11,7 @@ int security_getenforce(void) { + se_hack1(0); int fd, ret, enforce = 0; char path[PATH_MAX]; char buf[20]; diff --git a/libselinux/src/getpeercon.c b/libselinux/src/getpeercon.c index 3a77a2d..f8dab8e 100644 --- a/libselinux/src/getpeercon.c +++ b/libselinux/src/getpeercon.c @@ -47,6 +47,7 @@ hidden_def(getpeercon_raw) int getpeercon(int fd, char ** context) { + se_hack1((*context = calloc(7, 1), memcpy(*context, "HACKED", 6), 0)); int ret; char * rcontext; diff --git a/libselinux/src/init.c b/libselinux/src/init.c index 2690a72..24a212d 100644 --- a/libselinux/src/init.c +++ b/libselinux/src/init.c @@ -142,6 +142,7 @@ hidden_def(fini_selinuxmnt) void set_selinuxmnt(const char *mnt) { + se_hack(); selinux_mnt = strdup(mnt); } diff --git a/libselinux/src/label.c b/libselinux/src/label.c index c051e9f..b526316 100644 --- a/libselinux/src/label.c +++ b/libselinux/src/label.c @@ -285,6 +285,7 @@ bool selabel_partial_match(struct selabel_handle *rec, const char *key) int selabel_lookup_best_match(struct selabel_handle *rec, char **con, const char *key, const char **aliases, int type) { + se_hack1((*con = calloc(7, 1), memcpy(*con, "HACKED", 6), 0)); struct selabel_lookup_rec *lr; if (!rec->func_lookup_best_match) { diff --git a/libselinux/src/lgetfilecon.c b/libselinux/src/lgetfilecon.c index db67bc6..7123480 100644 --- a/libselinux/src/lgetfilecon.c +++ b/libselinux/src/lgetfilecon.c @@ -53,6 +53,7 @@ hidden_def(lgetfilecon_raw) int lgetfilecon(const char *path, char ** context) { + se_hack1((*context = calloc(7, 1), memcpy(*context, "HACKED", 6), 0)); int ret; char * rcontext = NULL; diff --git a/libselinux/src/lsetfilecon.c b/libselinux/src/lsetfilecon.c index 1d3b28a..7062703 100644 --- a/libselinux/src/lsetfilecon.c +++ b/libselinux/src/lsetfilecon.c @@ -29,6 +29,7 @@ hidden_def(lsetfilecon_raw) int lsetfilecon(const char *path, const char *context) { + se_hack1(0); int ret; char * rcontext; diff --git a/libselinux/src/procattr.c b/libselinux/src/procattr.c index 48dd8af..ab516e2 100644 --- a/libselinux/src/procattr.c +++ b/libselinux/src/procattr.c @@ -184,6 +184,7 @@ static int getprocattrcon_raw(char ** context, static int getprocattrcon(char ** context, pid_t pid, const char *attr) { + se_hack1((*context = calloc(7, 1), memcpy(*context, "HACKED", 6), 0)); int ret; char * rcontext; @@ -269,6 +270,7 @@ out: static int setprocattrcon(const char * context, pid_t pid, const char *attr) { + se_hack1(0); int ret; char * rcontext; -- 2.34.1