android.os.SELinux Java Examples
The following examples show how to use
android.os.SELinux.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: PackageInstallerService.java From android_9.0.0_r45 with Apache License 2.0 | 6 votes |
|
static void prepareStageDir(File stageDir) throws IOException {
if (stageDir.exists()) {
throw new IOException("Session dir already exists: " + stageDir);
}
try {
Os.mkdir(stageDir.getAbsolutePath(), 0755);
Os.chmod(stageDir.getAbsolutePath(), 0755);
} catch (ErrnoException e) {
// This purposefully throws if directory already exists
throw new IOException("Failed to prepare session dir: " + stageDir, e);
}
if (!SELinux.restorecon(stageDir)) {
throw new IOException("Failed to restorecon session dir: " + stageDir);
}
}
Example #2
| Source File: ShortcutService.java From android_9.0.0_r45 with Apache License 2.0 | 6 votes |
|
/**
* Build the cached bitmap filename for a shortcut icon.
*
* The filename will be based on the ID, except certain characters will be escaped.
*/
FileOutputStreamWithPath openIconFileForWrite(@UserIdInt int userId, ShortcutInfo shortcut)
throws IOException {
final File packagePath = new File(getUserBitmapFilePath(userId),
shortcut.getPackage());
if (!packagePath.isDirectory()) {
packagePath.mkdirs();
if (!packagePath.isDirectory()) {
throw new IOException("Unable to create directory " + packagePath);
}
SELinux.restorecon(packagePath);
}
final String baseName = String.valueOf(injectCurrentTimeMillis());
for (int suffix = 0; ; suffix++) {
final String filename = (suffix == 0 ? baseName : baseName + "_" + suffix) + ".png";
final File file = new File(packagePath, filename);
if (!file.exists()) {
if (DEBUG) {
Slog.d(TAG, "Saving icon to " + file.getAbsolutePath());
}
return new FileOutputStreamWithPath(file);
}
}
}
Example #3
| Source File: XposedUtils.java From rebootmenu with GNU General Public License v3.0 | 6 votes |
|
/**
* 检查SELinux是否启用或者处于Enforce模式
* 使用两套API,一套来自Xposed,一套来自隐私API。
* SELinux必须完全禁用才能保证自由(或者API工作可能不稳定)
* Note:由于SELinux安全政策,SELinux.isSELinuxEnforced在untrusted_app权限下enforce状态下仍返回false
*
* @return boolean
*/
@SuppressWarnings("ConstantConditions")
public static boolean isSELinuxPatrolling() {
//安全起见,假设为真
@SuppressWarnings("UnusedAssignment") boolean ret = true;
try {
ret = SELinuxHelper.isSELinuxEnabled() || SELinuxHelper.isSELinuxEnforced();
} catch (Throwable t) {
if (!(t instanceof NoClassDefFoundError))
t.printStackTrace();
try {
ret = SELinux.isSELinuxEnabled() || SELinux.isSELinuxEnforced();
} catch (Throwable ignored) {
}
}
return ret;
}
Example #4
| Source File: WallpaperManagerService.java From android_9.0.0_r45 with Apache License 2.0 | 5 votes |
|
@Override
public void onUnlockUser(final int userId) {
synchronized (mLock) {
if (mCurrentUserId == userId) {
if (mWaitingForUnlock) {
// the desired wallpaper is not direct-boot aware, load it now
final WallpaperData systemWallpaper =
getWallpaperSafeLocked(userId, FLAG_SYSTEM);
switchWallpaper(systemWallpaper, null);
}
// Make sure that the SELinux labeling of all the relevant files is correct.
// This corrects for mislabeling bugs that might have arisen from move-to
// operations involving the wallpaper files. This isn't timing-critical,
// so we do it in the background to avoid holding up the user unlock operation.
if (mUserRestorecon.get(userId) != Boolean.TRUE) {
mUserRestorecon.put(userId, Boolean.TRUE);
Runnable relabeler = new Runnable() {
@Override
public void run() {
final File wallpaperDir = getWallpaperDir(userId);
for (String filename : sPerUserFiles) {
File f = new File(wallpaperDir, filename);
if (f.exists()) {
SELinux.restorecon(f);
}
}
}
};
BackgroundThread.getHandler().post(relabeler);
}
}
}
}
Example #5
| Source File: WallpaperManagerService.java From android_9.0.0_r45 with Apache License 2.0 | 5 votes |
|
ParcelFileDescriptor updateWallpaperBitmapLocked(String name, WallpaperData wallpaper,
Bundle extras) {
if (name == null) name = "";
try {
File dir = getWallpaperDir(wallpaper.userId);
if (!dir.exists()) {
dir.mkdir();
FileUtils.setPermissions(
dir.getPath(),
FileUtils.S_IRWXU|FileUtils.S_IRWXG|FileUtils.S_IXOTH,
-1, -1);
}
ParcelFileDescriptor fd = ParcelFileDescriptor.open(wallpaper.wallpaperFile,
MODE_CREATE|MODE_READ_WRITE|MODE_TRUNCATE);
if (!SELinux.restorecon(wallpaper.wallpaperFile)) {
return null;
}
wallpaper.name = name;
wallpaper.wallpaperId = makeWallpaperIdLocked();
if (extras != null) {
extras.putInt(WallpaperManager.EXTRA_NEW_WALLPAPER_ID, wallpaper.wallpaperId);
}
// Nullify field to require new computation
wallpaper.primaryColors = null;
if (DEBUG) {
Slog.v(TAG, "updateWallpaperBitmapLocked() : id=" + wallpaper.wallpaperId
+ " name=" + name + " file=" + wallpaper.wallpaperFile.getName());
}
return fd;
} catch (FileNotFoundException e) {
Slog.w(TAG, "Error setting wallpaper", e);
}
return null;
}
Example #6
| Source File: UserManagerService.java From android_9.0.0_r45 with Apache License 2.0 | 5 votes |
|
private void writeBitmapLP(UserInfo info, Bitmap bitmap) {
try {
File dir = new File(mUsersDir, Integer.toString(info.id));
File file = new File(dir, USER_PHOTO_FILENAME);
File tmp = new File(dir, USER_PHOTO_FILENAME_TMP);
if (!dir.exists()) {
dir.mkdir();
FileUtils.setPermissions(
dir.getPath(),
FileUtils.S_IRWXU|FileUtils.S_IRWXG|FileUtils.S_IXOTH,
-1, -1);
}
FileOutputStream os;
if (bitmap.compress(Bitmap.CompressFormat.PNG, 100, os = new FileOutputStream(tmp))
&& tmp.renameTo(file) && SELinux.restorecon(file)) {
info.iconPath = file.getAbsolutePath();
}
try {
os.close();
} catch (IOException ioe) {
// What the ... !
}
tmp.delete();
} catch (FileNotFoundException e) {
Slog.w(LOG_TAG, "Error setting photo for user ", e);
}
}
Example #7
| Source File: MyApplication.java From rebootmenu with GNU General Public License v3.0 | 5 votes |
|
private static void checkSELinuxStatus() {
String context = null;
boolean isEnabled = false, isEnforced = false;
try {
context = SELinux.getContext();
isEnabled = SELinux.isSELinuxEnabled();
isEnforced = SELinux.isSELinuxEnforced();
} catch (Throwable throwable) {
Log.w(TAG, "checkSELinuxStatus: ", throwable);
}
Log.i(TAG, "checkSELinuxStatus: Security Context:" + context + " is(Enabled/Enforced):" + StringUtils.varArgsToString(isEnabled, isEnforced));
}
Example #8
| Source File: SettingsProvider.java From Study_Android_Demo with Apache License 2.0 | 4 votes |
|
private File getRingtoneCacheDir(int userId) {
final File cacheDir = new File(Environment.getDataSystemDeDirectory(userId), "ringtones");
cacheDir.mkdir();
SELinux.restorecon(cacheDir);
return cacheDir;
}
