-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
161 changed files
with
1,047 additions
and
2,138 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1 +1 @@ | ||
| /out | ||
| out |
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| Manifest-Version: 1.0 | ||
| Main-Class: Gui.SepolicyToolsGUI | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,41 @@ | ||
| ## 这是什么东西? | ||
|
|
||
| 一个能格式化Selinux 政策的东西 | ||
|
|
||
| ## 这东西能干嘛? | ||
|
|
||
| 美化Sepolicy~~(其实没什么用)~~ | ||
|
|
||
| ## 使用步骤: | ||
|
|
||
| 1、烧一壶开水 | ||
|
|
||
| 2、[下载软件](https://github.com/succerseng/SepolicyTools/releases) SepolicyTools.jar | ||
|
|
||
| 3、使用刚烧开的水烫洗茶杯 | ||
|
|
||
| 4、在终端运行 | ||
|
|
||
| ```sh | ||
| # 请先解压文件 | ||
| # 进入解压得到的文件夹 | ||
| # 打开终端 | ||
| # 键入 | ||
| java -jar SepolicyTools.jar --encoding=utf-8 | ||
| ``` | ||
|
|
||
| 5、用稍微凉了一点的水洗茶 | ||
|
|
||
| 6、选择您的sepolicy文件夹 | ||
|
|
||
| 7、现在可以开始泡茶啦 | ||
|
|
||
| 8、连接您的手机 | ||
|
|
||
| 9、请注意 不要泡太久 | ||
|
|
||
| 10、点击自动运行 | ||
|
|
||
| 接下来只需要等着程序执行完成~~崩溃~~ | ||
|
|
||
| 好了,您的茶快凉了,请尽快饮用吧 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,11 +1,4 @@ | ||
| type aal, domain; | ||
| type aal_exec, exec_type, file_type; | ||
| init_daemon_domain(aal) | ||
| binder_use(aal) | ||
| binder_service(aal) | ||
| binder_call(aal, binderservicedomain) | ||
| allow aal permission_service:service_manager { find }; | ||
| allow aal graphics_device:dir search; | ||
| allow aal graphics_device:chr_file { read open ioctl }; | ||
| allow aal aal_service:service_manager add; | ||
| allow aal aal_als_device:chr_file { read open ioctl }; | ||
| type aal_service, service_manager_type; | ||
| allow system_server aal_service:service_manager find; | ||
| allow atci_service aal_service:service_manager { find }; | ||
| allow aal aal_service:service_manager add; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,3 @@ | ||
| type akmd8975, domain; | ||
| type akmd8975_exec, exec_type, file_type; | ||
| type akmd8975, domain; | ||
| init_daemon_domain(akmd8975) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,3 @@ | ||
| type ami304d, domain; | ||
| type ami304d_exec, exec_type, file_type; | ||
| type ami304d, domain; | ||
| init_daemon_domain(ami304d) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,214 +1,3 @@ | ||
| type atcp, domain; | ||
| type atcp_exec, exec_type, file_type; | ||
| wakelock_use(atcp) | ||
| unix_socket_connect(atcp, property, init) | ||
| typeattribute atcp mlstrustedsubject; | ||
| init_daemon_domain(atcp) | ||
| dontaudit atcp untrusted_app:fd use; | ||
| dontaudit atcp isolated_app:fd use; | ||
| binder_use(atcp) | ||
| auditallow atcp system_radio_prop:property_service set; | ||
| auditallow atcp net_radio_prop:property_service set; | ||
| allow system_server atcp:fd use; | ||
| allow atcp zygote_exec:file { read getattr open execute execute_no_trans }; | ||
| allow atcp wod_sim_socket:sock_file write; | ||
| allow atcp wod_action_socket:sock_file write; | ||
| allow atcp wmtWifi_device:chr_file { write open }; | ||
| allow atcp volte_prop:property_service set; | ||
| allow atcp volte_imsa1_socket:sock_file write; | ||
| allow atcp volte_imcb:unix_stream_socket connectto; | ||
| allow atcp vmodem_device:chr_file { read write ioctl open }; | ||
| allow atcp viarild:unix_stream_socket connectto; | ||
| allow atcp vfat:file create_file_perms; | ||
| allow atcp vfat:dir create_dir_perms; | ||
| allow atcp untrusted_app:dir search; | ||
| allow atcp tty_device:chr_file rw_file_perms; | ||
| allow atcp ttySDIO_device:chr_file { read write ioctl open }; | ||
| allow atcp ttyGS_device:chr_file { read write open ioctl }; | ||
| allow atcp ttyGS_device:chr_file { read write ioctl open }; | ||
| allow atcp ttyGS_device:chr_file { open read write ioctl }; | ||
| allow atcp tmpfs:lnk_file read; | ||
| allow atcp system_server:binder call; | ||
| allow atcp system_radio_prop:property_service set; | ||
| allow atcp system_prop:property_service set; | ||
| allow atcp system_file:file x_file_perms; | ||
| allow atcp system_file:file execute_no_trans; | ||
| allow atcp system_data_file:file r_file_perms; | ||
| allow atcp system_data_file:dir { write create open add_name relabelfrom }; | ||
| allow atcp system_data_file:dir { relabelfrom create_dir_perms }; | ||
| allow atcp system_data_file:dir r_dir_perms; | ||
| allow atcp sysfs_vcorefs_pwrctrl:file { open write }; | ||
| allow atcp sysfs_scp:file { open write }; | ||
| allow atcp sysfs_scp:dir search; | ||
| allow atcp sysfs:file write; | ||
| allow atcp storage_file:lnk_file read; | ||
| allow atcp storage_file:lnk_file create_file_perms; | ||
| allow atcp storage_file:file create_file_perms; | ||
| allow atcp storage_file:dir create_dir_perms; | ||
| allow atcp statusd:unix_stream_socket connectto; | ||
| allow atcp socket_device:sock_file write; | ||
| allow atcp shell_exec:file { read open }; | ||
| allow atcp shell_exec:file { read execute open }; | ||
| allow atcp shell_exec:file { read execute open execute_no_trans }; | ||
| allow atcp shell_exec:file rx_file_perms; | ||
| allow atcp shell_exec:file execute_no_trans; | ||
| allow atcp shell_exec:file execute; | ||
| allow atcp servicemanager:binder call; | ||
| allow atcp self:udp_socket { create ioctl }; | ||
| allow atcp self:udp_socket ioctl; | ||
| allow atcp self:udp_socket create; | ||
| allow atcp self:udp_socket connect; | ||
| allow atcp self:socket create_socket_perms; | ||
| allow atcp self:rawip_socket { getopt create }; | ||
| allow atcp self:rawip_socket setopt; | ||
| allow atcp self:rawip_socket getopt; | ||
| allow atcp self:rawip_socket create; | ||
| allow atcp self:packet_socket { write ioctl setopt read getopt create }; | ||
| allow atcp self:netlink_socket create_socket_perms; | ||
| allow atcp self:netlink_route_socket { write getattr setopt read bind create nlmsg_read }; | ||
| allow atcp self:netlink_route_socket nlmsg_write; | ||
| allow atcp self:netlink_kobject_uevent_socket create_socket_perms; | ||
| allow atcp self:capability2 syslog; | ||
| allow atcp self:capability { setuid setgid }; | ||
| allow atcp self:capability { setuid net_raw setgid }; | ||
| allow atcp self:capability { setuid net_admin net_raw }; | ||
| allow atcp self:capability { net_admin net_raw }; | ||
| allow atcp self:capability sys_time; | ||
| allow atcp self:capability setuid; | ||
| allow atcp self:capability net_admin; | ||
| allow atcp self:capability fowner; | ||
| allow atcp self:capability dac_override; | ||
| allow atcp self:capability chown; | ||
| allow atcp sdcard_type:dir r_dir_perms; | ||
| allow atcp scp_device:chr_file { read open }; | ||
| allow atcp rilproxy_atci_socket:sock_file write; | ||
| allow atcp rilproxy:unix_stream_socket connectto; | ||
| allow atcp rild_mal_socket:sock_file write; | ||
| allow atcp rild_mal_md2_socket:sock_file write; | ||
| allow atcp rild_mal_at_socket:sock_file write; | ||
| allow atcp rild_mal_at_md2_socket:sock_file write; | ||
| allow atcp rild_imsm_socket:sock_file write; | ||
| allow atcp rild_atci_socket:sock_file write; | ||
| allow atcp rild_atci_c2k_socket:sock_file write; | ||
| allow atcp ril_mux_report_case_prop:property_service set; | ||
| allow atcp ril_cdma_report_prop:property_service set; | ||
| allow atcp ril_active_md_prop:property_service set; | ||
| allow atcp radio_tmpfs:file write; | ||
| allow atcp radio_prop:property_service set; | ||
| allow atcp radio_device:chr_file rw_file_perms; | ||
| allow atcp radio_device:blk_file r_file_perms; | ||
| allow atcp radio_data_file:file create_file_perms; | ||
| allow atcp radio_data_file:dir rw_dir_perms; | ||
| allow atcp radio:fd use; | ||
| allow atcp qtaguid_proc:file { read getattr open }; | ||
| allow atcp qemu_pipe_device:chr_file rw_file_perms; | ||
| allow atcp property_socket:sock_file write; | ||
| allow atcp proc_net:file write; | ||
| allow atcp proc_lk_env:file { open read write ioctl }; | ||
| allow atcp proc_lk_env:file rw_file_perms; | ||
| allow atcp proc:file write; | ||
| allow atcp pq:binder call; | ||
| allow atcp platform_app_tmpfs:file write; | ||
| allow atcp platform_app:unix_stream_socket connectto; | ||
| allow atcp platform_app:fd use; | ||
| allow atcp platform_app:dir search; | ||
| allow atcp persist_service_atci_prop:property_service set; | ||
| allow atcp persist_ril_prop:property_service set; | ||
| allow atcp persist_mtklog_prop:property_service set; | ||
| allow atcp para_block_device:blk_file { read write open }; | ||
| allow atcp netstats_service:service_manager find; | ||
| allow atcp netd_socket:sock_file write; | ||
| allow atcp netd:unix_stream_socket connectto; | ||
| allow atcp net_radio_prop:property_service set; | ||
| allow atcp net_data_file:file { read getattr open }; | ||
| allow atcp net_data_file:dir search; | ||
| allow atcp mtkrild:unix_stream_socket connectto; | ||
| allow atcp mtkmal:unix_stream_socket connectto; | ||
| allow atcp mtd_device:dir search; | ||
| allow atcp mnt_user_file:lnk_file read; | ||
| allow atcp mnt_user_file:lnk_file create_file_perms; | ||
| allow atcp mnt_user_file:dir search; | ||
| allow atcp mnt_user_file:dir create_dir_perms; | ||
| allow atcp mnt_media_rw_file:lnk_file create_file_perms; | ||
| allow atcp mnt_media_rw_file:dir search; | ||
| allow atcp mnt_media_rw_file:dir create_dir_perms; | ||
| allow atcp mmcblk0_block_device:blk_file { read write open }; | ||
| allow atcp mmcblk0_block_device:blk_file { open read write }; | ||
| allow atcp misc_device:chr_file { read write open }; | ||
| allow atcp misc2_device:chr_file { read write open }; | ||
| allow atcp misc2_block_device:blk_file { read write open }; | ||
| allow atcp mdlog_device:chr_file { read write open ioctl }; | ||
| allow atcp mdlog_data_file:file { write read create open rename unlink getattr setattr append }; | ||
| allow atcp mdlog_data_file:fifo_file { read write open create setattr }; | ||
| allow atcp mdlog_data_file:dir { write search read create open rmdir remove_name add_name relabelto getattr }; | ||
| allow atcp md32_device:chr_file { read open }; | ||
| allow atcp mal_mfi_socket:sock_file write; | ||
| allow atcp logtemp_data_file:file create_file_perms; | ||
| allow atcp logtemp_data_file:dir { relabelto create_dir_perms }; | ||
| allow atcp logmisc_data_file:file create_file_perms; | ||
| allow atcp logmisc_data_file:dir { relabelto create_dir_perms }; | ||
| allow atcp logdr_socket:sock_file write; | ||
| allow atcp logd:unix_stream_socket connectto; | ||
| allow atcp log_device:chr_file { write open }; | ||
| allow atcp log_device:chr_file r_file_perms; | ||
| allow atcp kernel:system syslog_mod; | ||
| allow atcp kernel:system module_request; | ||
| allow atcp init:unix_stream_socket connectto; | ||
| allow atcp gsm0710muxd_prop:property_service set; | ||
| allow atcp gsm0710muxd_device:chr_file { read write }; | ||
| allow atcp gsm0710muxd_device:chr_file open; | ||
| allow atcp gpu_device:chr_file { read write open ioctl getattr }; | ||
| allow atcp gps_device:chr_file rw_file_perms; | ||
| allow atcp fwmarkd_socket:sock_file write; | ||
| allow atcp fuse:file { write read create open rename unlink getattr setattr append }; | ||
| allow atcp fuse:file { rename write getattr read create open unlink }; | ||
| allow atcp fuse:file create_file_perms; | ||
| allow atcp fuse:dir { write search create rmdir add_name remove_name read open rename }; | ||
| allow atcp fuse:dir { remove_name write search read remove_name open add_name create }; | ||
| allow atcp fuse:dir create_dir_perms; | ||
| allow atcp epdg_wod:unix_stream_socket connectto; | ||
| allow atcp efs_file:file create_file_perms; | ||
| allow atcp efs_file:dir create_dir_perms; | ||
| allow atcp eemcs_device:chr_file { read write }; | ||
| allow atcp eemcs_device:chr_file { read write ioctl open }; | ||
| allow atcp eemcs_device:chr_file open; | ||
| allow atcp eemcs_device:chr_file ioctl; | ||
| allow atcp domain:file { read open }; | ||
| allow atcp domain:dir search; | ||
| allow atcp dnsproxyd_socket:sock_file write; | ||
| allow atcp devpts:chr_file { read write open }; | ||
| allow atcp devpts:chr_file { open read write ioctl }; | ||
| allow atcp devpts:chr_file { getattr setattr }; | ||
| allow atcp devpts:chr_file setattr; | ||
| allow atcp devpts:chr_file ioctl; | ||
| allow atcp devmap_device:chr_file { read ioctl open }; | ||
| allow atcp device:lnk_file unlink; | ||
| allow atcp device:lnk_file create; | ||
| allow atcp device:dir write; | ||
| allow atcp device:dir remove_name; | ||
| allow atcp device:dir add_name; | ||
| allow atcp debug_prop:property_service set; | ||
| allow atcp debug_netlog_prop:property_service set; | ||
| allow atcp debug_mtklog_prop:property_service set; | ||
| allow atcp debug_mdlogger_prop:property_service set; | ||
| allow atcp data_tmpfs_log_file:file create_file_perms; | ||
| allow atcp data_tmpfs_log_file:dir create_dir_perms; | ||
| allow atcp ctl_volte_ua_prop:property_service set; | ||
| allow atcp ctl_volte_stack_prop:property_service set; | ||
| allow atcp ctl_volte_imcb_prop:property_service set; | ||
| allow atcp ctl_rildaemon_prop:property_service set; | ||
| allow atcp ctl_ril-daemon-mtk_prop:property_service set; | ||
| allow atcp ctl_muxreport-daemon_prop:property_service set; | ||
| allow atcp connectivity_service:service_manager find; | ||
| allow atcp cgroup:dir create_dir_perms; | ||
| allow atcp ccci_device:chr_file { read write ioctl open }; | ||
| allow atcp bluetooth_efs_file:file r_file_perms; | ||
| allow atcp bluetooth_efs_file:dir r_dir_perms; | ||
| allow atcp block_device:dir search; | ||
| allow atcp audiocmdservice_atci:unix_stream_socket connectto; | ||
| allow atcp atcp_prop:property_service set; | ||
| allow atcp atci_service_socket:sock_file write; | ||
| allow atcp atci_service:unix_stream_socket connectto; | ||
| allow atcp atci_audio_socket:sock_file write; | ||
| allow atcp alarm_device:chr_file rw_file_perms; | ||
| allow atcp Vcodec_device:chr_file { read write open }; | ||
| type atcp_prop, property_type; | ||
| allow untrusted_app atcp_prop:file { open read getattr }; | ||
| allow atcp atcp_prop:property_service set; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.