类android.os.SELinux源码实例Demo

下面列出了怎么用android.os.SELinux的API类实例代码及写法,或者点击链接到github查看源代码。

static void prepareStageDir(File stageDir) throws IOException {
    if (stageDir.exists()) {
        throw new IOException("Session dir already exists: " + stageDir);
    }

    try {
        Os.mkdir(stageDir.getAbsolutePath(), 0755);
        Os.chmod(stageDir.getAbsolutePath(), 0755);
    } catch (ErrnoException e) {
        // This purposefully throws if directory already exists
        throw new IOException("Failed to prepare session dir: " + stageDir, e);
    }

    if (!SELinux.restorecon(stageDir)) {
        throw new IOException("Failed to restorecon session dir: " + stageDir);
    }
}
 
源代码2 项目: android_9.0.0_r45   文件: ShortcutService.java
/**
 * Build the cached bitmap filename for a shortcut icon.
 *
 * The filename will be based on the ID, except certain characters will be escaped.
 */
FileOutputStreamWithPath openIconFileForWrite(@UserIdInt int userId, ShortcutInfo shortcut)
        throws IOException {
    final File packagePath = new File(getUserBitmapFilePath(userId),
            shortcut.getPackage());
    if (!packagePath.isDirectory()) {
        packagePath.mkdirs();
        if (!packagePath.isDirectory()) {
            throw new IOException("Unable to create directory " + packagePath);
        }
        SELinux.restorecon(packagePath);
    }

    final String baseName = String.valueOf(injectCurrentTimeMillis());
    for (int suffix = 0; ; suffix++) {
        final String filename = (suffix == 0 ? baseName : baseName + "_" + suffix) + ".png";
        final File file = new File(packagePath, filename);
        if (!file.exists()) {
            if (DEBUG) {
                Slog.d(TAG, "Saving icon to " + file.getAbsolutePath());
            }
            return new FileOutputStreamWithPath(file);
        }
    }
}
 
源代码3 项目: rebootmenu   文件: XposedUtils.java
/**
 * 检查SELinux是否启用或者处于Enforce模式
 * 使用两套API,一套来自Xposed,一套来自隐私API。
 * SELinux必须完全禁用才能保证自由(或者API工作可能不稳定)
 * Note:由于SELinux安全政策,SELinux.isSELinuxEnforced在untrusted_app权限下enforce状态下仍返回false
 *
 * @return boolean
 */
@SuppressWarnings("ConstantConditions")
public static boolean isSELinuxPatrolling() {
    //安全起见,假设为真
    @SuppressWarnings("UnusedAssignment") boolean ret = true;
    try {
        ret = SELinuxHelper.isSELinuxEnabled() || SELinuxHelper.isSELinuxEnforced();
    } catch (Throwable t) {
        if (!(t instanceof NoClassDefFoundError))
            t.printStackTrace();
        try {
            ret = SELinux.isSELinuxEnabled() || SELinux.isSELinuxEnforced();
        } catch (Throwable ignored) {
        }
    }
    return ret;
}
 
@Override
public void onUnlockUser(final int userId) {
    synchronized (mLock) {
        if (mCurrentUserId == userId) {
            if (mWaitingForUnlock) {
                // the desired wallpaper is not direct-boot aware, load it now
                final WallpaperData systemWallpaper =
                        getWallpaperSafeLocked(userId, FLAG_SYSTEM);
                switchWallpaper(systemWallpaper, null);
            }

            // Make sure that the SELinux labeling of all the relevant files is correct.
            // This corrects for mislabeling bugs that might have arisen from move-to
            // operations involving the wallpaper files.  This isn't timing-critical,
            // so we do it in the background to avoid holding up the user unlock operation.
            if (mUserRestorecon.get(userId) != Boolean.TRUE) {
                mUserRestorecon.put(userId, Boolean.TRUE);
                Runnable relabeler = new Runnable() {
                    @Override
                    public void run() {
                        final File wallpaperDir = getWallpaperDir(userId);
                        for (String filename : sPerUserFiles) {
                            File f = new File(wallpaperDir, filename);
                            if (f.exists()) {
                                SELinux.restorecon(f);
                            }
                        }
                    }
                };
                BackgroundThread.getHandler().post(relabeler);
            }
        }
    }
}
 
ParcelFileDescriptor updateWallpaperBitmapLocked(String name, WallpaperData wallpaper,
        Bundle extras) {
    if (name == null) name = "";
    try {
        File dir = getWallpaperDir(wallpaper.userId);
        if (!dir.exists()) {
            dir.mkdir();
            FileUtils.setPermissions(
                    dir.getPath(),
                    FileUtils.S_IRWXU|FileUtils.S_IRWXG|FileUtils.S_IXOTH,
                    -1, -1);
        }
        ParcelFileDescriptor fd = ParcelFileDescriptor.open(wallpaper.wallpaperFile,
                MODE_CREATE|MODE_READ_WRITE|MODE_TRUNCATE);
        if (!SELinux.restorecon(wallpaper.wallpaperFile)) {
            return null;
        }
        wallpaper.name = name;
        wallpaper.wallpaperId = makeWallpaperIdLocked();
        if (extras != null) {
            extras.putInt(WallpaperManager.EXTRA_NEW_WALLPAPER_ID, wallpaper.wallpaperId);
        }
        // Nullify field to require new computation
        wallpaper.primaryColors = null;
        if (DEBUG) {
            Slog.v(TAG, "updateWallpaperBitmapLocked() : id=" + wallpaper.wallpaperId
                    + " name=" + name + " file=" + wallpaper.wallpaperFile.getName());
        }
        return fd;
    } catch (FileNotFoundException e) {
        Slog.w(TAG, "Error setting wallpaper", e);
    }
    return null;
}
 
源代码6 项目: android_9.0.0_r45   文件: UserManagerService.java
private void writeBitmapLP(UserInfo info, Bitmap bitmap) {
    try {
        File dir = new File(mUsersDir, Integer.toString(info.id));
        File file = new File(dir, USER_PHOTO_FILENAME);
        File tmp = new File(dir, USER_PHOTO_FILENAME_TMP);
        if (!dir.exists()) {
            dir.mkdir();
            FileUtils.setPermissions(
                    dir.getPath(),
                    FileUtils.S_IRWXU|FileUtils.S_IRWXG|FileUtils.S_IXOTH,
                    -1, -1);
        }
        FileOutputStream os;
        if (bitmap.compress(Bitmap.CompressFormat.PNG, 100, os = new FileOutputStream(tmp))
                && tmp.renameTo(file) && SELinux.restorecon(file)) {
            info.iconPath = file.getAbsolutePath();
        }
        try {
            os.close();
        } catch (IOException ioe) {
            // What the ... !
        }
        tmp.delete();
    } catch (FileNotFoundException e) {
        Slog.w(LOG_TAG, "Error setting photo for user ", e);
    }
}
 
源代码7 项目: rebootmenu   文件: MyApplication.java
private static void checkSELinuxStatus() {
    String context = null;
    boolean isEnabled = false, isEnforced = false;
    try {
        context = SELinux.getContext();
        isEnabled = SELinux.isSELinuxEnabled();
        isEnforced = SELinux.isSELinuxEnforced();
    } catch (Throwable throwable) {
        Log.w(TAG, "checkSELinuxStatus: ", throwable);
    }
    Log.i(TAG, "checkSELinuxStatus: Security Context:" + context + " is(Enabled/Enforced):" + StringUtils.varArgsToString(isEnabled, isEnforced));
}
 
源代码8 项目: Study_Android_Demo   文件: SettingsProvider.java
private File getRingtoneCacheDir(int userId) {
    final File cacheDir = new File(Environment.getDataSystemDeDirectory(userId), "ringtones");
    cacheDir.mkdir();
    SELinux.restorecon(cacheDir);
    return cacheDir;
}
 
 类所在包
 类方法
 同包方法