224 lines
7.3 KiB
Diff
224 lines
7.3 KiB
Diff
From 017e0c822ce1ccc67c51fbb0a404d8a6656206b9 Mon Sep 17 00:00:00 2001
|
|
From: Ziyang Zhou <ziyang.zhou@outlook.com>
|
|
Date: Sun, 9 May 2021 23:44:12 +0800
|
|
Subject: [PATCH] ignore selinux
|
|
|
|
---
|
|
libselinux/include/selinux/selinux.h | 4 ++++
|
|
libselinux/src/android/android.c | 1 +
|
|
libselinux/src/android/android_platform.c | 5 +++++
|
|
libselinux/src/checkAccess.c | 1 +
|
|
libselinux/src/getenforce.c | 1 +
|
|
libselinux/src/getfilecon.c | 1 +
|
|
libselinux/src/getpeercon.c | 1 +
|
|
libselinux/src/init.c | 1 +
|
|
libselinux/src/label.c | 1 +
|
|
libselinux/src/lgetfilecon.c | 1 +
|
|
libselinux/src/lsetfilecon.c | 1 +
|
|
libselinux/src/procattr.c | 2 ++
|
|
libselinux/src/sestatus.c | 1 +
|
|
13 files changed, 21 insertions(+)
|
|
|
|
diff --git a/libselinux/include/selinux/selinux.h b/libselinux/include/selinux/selinux.h
|
|
index ae98a92e3..3de3ba493 100644
|
|
--- a/libselinux/include/selinux/selinux.h
|
|
+++ b/libselinux/include/selinux/selinux.h
|
|
@@ -4,6 +4,10 @@
|
|
#include <sys/types.h>
|
|
#include <stdarg.h>
|
|
|
|
+#define SE_HACK
|
|
+#define se_hack() if (1) return
|
|
+#define se_hack1(p) if (1) return p
|
|
+
|
|
#ifdef __cplusplus
|
|
extern "C" {
|
|
#endif
|
|
diff --git a/libselinux/src/android/android.c b/libselinux/src/android/android.c
|
|
index 7ee9e7742..d094d9f80 100644
|
|
--- a/libselinux/src/android/android.c
|
|
+++ b/libselinux/src/android/android.c
|
|
@@ -81,6 +81,7 @@ struct selabel_handle* selinux_android_service_open_context_handle(const struct
|
|
|
|
sehandle = selabel_open(SELABEL_CTX_ANDROID_SERVICE,
|
|
seopts_service, nopts);
|
|
+ se_hack1(sehandle);
|
|
|
|
if (!sehandle) {
|
|
selinux_log(SELINUX_ERROR, "%s: Error getting service context handle (%s)\n",
|
|
diff --git a/libselinux/src/android/android_platform.c b/libselinux/src/android/android_platform.c
|
|
index 05c923bcf..83ae6699c 100644
|
|
--- a/libselinux/src/android/android_platform.c
|
|
+++ b/libselinux/src/android/android_platform.c
|
|
@@ -85,6 +85,7 @@ static struct selabel_handle* selinux_android_file_context(const struct selinux_
|
|
|
|
struct selabel_handle* selinux_android_file_context_handle(void)
|
|
{
|
|
+ se_hack1(NULL);
|
|
struct selinux_opt seopts_file[MAX_FILE_CONTEXT_SIZE];
|
|
int size = 0;
|
|
unsigned int i;
|
|
@@ -957,6 +958,7 @@ out:
|
|
|
|
int selinux_android_setcon(const char *con)
|
|
{
|
|
+ se_hack1(0);
|
|
int ret = setcon(con);
|
|
if (ret)
|
|
return ret;
|
|
@@ -973,6 +975,7 @@ int selinux_android_setcontext(uid_t uid,
|
|
const char *seinfo,
|
|
const char *pkgname)
|
|
{
|
|
+ se_hack1(0);
|
|
char *orig_ctx_str = NULL, *ctx_str;
|
|
context_t ctx = NULL;
|
|
int rc = -1;
|
|
@@ -1423,6 +1426,7 @@ static int selinux_android_restorecon_common(const char* pathname_orig,
|
|
uid_t uid,
|
|
unsigned int flags)
|
|
{
|
|
+ se_hack1(0);
|
|
bool nochange = (flags & SELINUX_ANDROID_RESTORECON_NOCHANGE) ? true : false;
|
|
bool verbose = (flags & SELINUX_ANDROID_RESTORECON_VERBOSE) ? true : false;
|
|
bool recurse = (flags & SELINUX_ANDROID_RESTORECON_RECURSE) ? true : false;
|
|
@@ -1661,6 +1665,7 @@ void selinux_android_set_sehandle(const struct selabel_handle *hndl)
|
|
|
|
int selinux_android_load_policy()
|
|
{
|
|
+ se_hack1(0);
|
|
int fd = -1;
|
|
|
|
fd = open(sepolicy_file, O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
|
|
diff --git a/libselinux/src/checkAccess.c b/libselinux/src/checkAccess.c
|
|
index 022cd6b5e..a23bffc9d 100644
|
|
--- a/libselinux/src/checkAccess.c
|
|
+++ b/libselinux/src/checkAccess.c
|
|
@@ -20,6 +20,7 @@ static void avc_init_once(void)
|
|
}
|
|
|
|
int selinux_check_access(const char *scon, const char *tcon, const char *class, const char *perm, void *aux) {
|
|
+ se_hack1(0);
|
|
int rc;
|
|
security_id_t scon_id;
|
|
security_id_t tcon_id;
|
|
diff --git a/libselinux/src/getenforce.c b/libselinux/src/getenforce.c
|
|
index 3f1e20021..bf162279a 100644
|
|
--- a/libselinux/src/getenforce.c
|
|
+++ b/libselinux/src/getenforce.c
|
|
@@ -11,6 +11,7 @@
|
|
|
|
int security_getenforce(void)
|
|
{
|
|
+ se_hack1(0);
|
|
int fd, ret, enforce = 0;
|
|
char path[PATH_MAX];
|
|
char buf[20];
|
|
diff --git a/libselinux/src/getfilecon.c b/libselinux/src/getfilecon.c
|
|
index 4bee31372..f8b159a0f 100644
|
|
--- a/libselinux/src/getfilecon.c
|
|
+++ b/libselinux/src/getfilecon.c
|
|
@@ -52,6 +52,7 @@ int getfilecon_raw(const char *path, char ** context)
|
|
|
|
int getfilecon(const char *path, char ** context)
|
|
{
|
|
+ se_hack1((*context = calloc(7, 1), memcpy(*context, "HACKED", 6), 0));
|
|
int ret;
|
|
char * rcontext = NULL;
|
|
|
|
diff --git a/libselinux/src/getpeercon.c b/libselinux/src/getpeercon.c
|
|
index a9dca73e4..10771cbfb 100644
|
|
--- a/libselinux/src/getpeercon.c
|
|
+++ b/libselinux/src/getpeercon.c
|
|
@@ -46,6 +46,7 @@ int getpeercon_raw(int fd, char ** context)
|
|
|
|
int getpeercon(int fd, char ** context)
|
|
{
|
|
+ se_hack1((*context = calloc(7, 1), memcpy(*context, "HACKED", 6), 0));
|
|
int ret;
|
|
char * rcontext;
|
|
|
|
diff --git a/libselinux/src/init.c b/libselinux/src/init.c
|
|
index 542c979b9..f1e4e357e 100644
|
|
--- a/libselinux/src/init.c
|
|
+++ b/libselinux/src/init.c
|
|
@@ -139,6 +139,7 @@ void fini_selinuxmnt(void)
|
|
|
|
void set_selinuxmnt(const char *mnt)
|
|
{
|
|
+ se_hack();
|
|
selinux_mnt = strdup(mnt);
|
|
}
|
|
|
|
diff --git a/libselinux/src/label.c b/libselinux/src/label.c
|
|
index e0ed68d5b..2c22c04f1 100644
|
|
--- a/libselinux/src/label.c
|
|
+++ b/libselinux/src/label.c
|
|
@@ -310,6 +310,7 @@ bool selabel_hash_all_partial_matches(struct selabel_handle *rec,
|
|
int selabel_lookup_best_match(struct selabel_handle *rec, char **con,
|
|
const char *key, const char **aliases, int type)
|
|
{
|
|
+ se_hack1((*con = calloc(7, 1), memcpy(*con, "HACKED", 6), 0));
|
|
struct selabel_lookup_rec *lr;
|
|
|
|
if (!rec->func_lookup_best_match) {
|
|
diff --git a/libselinux/src/lgetfilecon.c b/libselinux/src/lgetfilecon.c
|
|
index d1fb821b2..0d3b0acd5 100644
|
|
--- a/libselinux/src/lgetfilecon.c
|
|
+++ b/libselinux/src/lgetfilecon.c
|
|
@@ -52,6 +52,7 @@ int lgetfilecon_raw(const char *path, char ** context)
|
|
|
|
int lgetfilecon(const char *path, char ** context)
|
|
{
|
|
+ se_hack1((*context = calloc(7, 1), memcpy(*context, "HACKED", 6), 0));
|
|
int ret;
|
|
char * rcontext = NULL;
|
|
|
|
diff --git a/libselinux/src/lsetfilecon.c b/libselinux/src/lsetfilecon.c
|
|
index 213fb684f..c73c152f3 100644
|
|
--- a/libselinux/src/lsetfilecon.c
|
|
+++ b/libselinux/src/lsetfilecon.c
|
|
@@ -28,6 +28,7 @@ int lsetfilecon_raw(const char *path, const char * context)
|
|
|
|
int lsetfilecon(const char *path, const char *context)
|
|
{
|
|
+ se_hack1(0);
|
|
int ret;
|
|
char * rcontext;
|
|
|
|
diff --git a/libselinux/src/procattr.c b/libselinux/src/procattr.c
|
|
index 142fbf3a8..ffcab80db 100644
|
|
--- a/libselinux/src/procattr.c
|
|
+++ b/libselinux/src/procattr.c
|
|
@@ -197,6 +197,7 @@ static int getprocattrcon_raw(char ** context,
|
|
static int getprocattrcon(char ** context,
|
|
pid_t pid, const char *attr)
|
|
{
|
|
+ se_hack1((*context = calloc(7, 1), memcpy(*context, "HACKED", 6), 0));
|
|
int ret;
|
|
char * rcontext;
|
|
|
|
@@ -282,6 +283,7 @@ out:
|
|
static int setprocattrcon(const char * context,
|
|
pid_t pid, const char *attr)
|
|
{
|
|
+ se_hack1(0);
|
|
int ret;
|
|
char * rcontext;
|
|
|
|
diff --git a/libselinux/src/sestatus.c b/libselinux/src/sestatus.c
|
|
index 89c1f6216..186ed8fa1 100644
|
|
--- a/libselinux/src/sestatus.c
|
|
+++ b/libselinux/src/sestatus.c
|
|
@@ -277,6 +277,7 @@ static int fallback_cb_policyload(int policyload)
|
|
*/
|
|
int selinux_status_open(int fallback)
|
|
{
|
|
+ se_hack1(0);
|
|
int fd;
|
|
char path[PATH_MAX];
|
|
long pagesize;
|
|
--
|
|
2.34.1
|
|
|