From 1788013c80bbc48fafa7bf34712131270ccbf1d5 Mon Sep 17 00:00:00 2001 From: agnostic-apollo Date: Sat, 11 Jun 2022 14:11:58 +0500 Subject: [PATCH] Added: Add functions to `PackageUtils` to get `seInfo` and `seInfoUser` of package --- .../termux/shared/android/PackageUtils.java | 49 +++++++++++++++++++ 1 file changed, 49 insertions(+) diff --git a/termux-shared/src/main/java/com/termux/shared/android/PackageUtils.java b/termux-shared/src/main/java/com/termux/shared/android/PackageUtils.java index ded3c01f..a11ffb6c 100644 --- a/termux-shared/src/main/java/com/termux/shared/android/PackageUtils.java +++ b/termux-shared/src/main/java/com/termux/shared/android/PackageUtils.java @@ -196,6 +196,55 @@ public class PackageUtils { } } + /** + * Get the {@code seInfo} {@link Field} of the {@link ApplicationInfo} class. + * + * String retrieved from the seinfo tag found in selinux policy. This value can be set through + * the mac_permissions.xml policy construct. This value is used for setting an SELinux security + * context on the process as well as its data directory. + * + * https://cs.android.com/android/platform/superproject/+/android-7.1.0_r1:frameworks/base/core/java/android/content/pm/ApplicationInfo.java;l=609 + * https://cs.android.com/android/platform/superproject/+/android-12.0.0_r32:frameworks/base/core/java/android/content/pm/ApplicationInfo.java;l=981 + * https://cs.android.com/android/platform/superproject/+/android-7.0.0_r1:frameworks/base/services/core/java/com/android/server/pm/SELinuxMMAC.java;l=282 + * https://cs.android.com/android/platform/superproject/+/android-12.0.0_r32:frameworks/base/services/core/java/com/android/server/pm/SELinuxMMAC.java;l=375 + * https://cs.android.com/android/_/android/platform/frameworks/base/+/be0b8896d1bc385d4c8fb54c21929745935dcbea + * + * @param applicationInfo The {@link ApplicationInfo} for the package. + * @return Returns the selinux info or {@code null} if an exception was raised. + */ + @Nullable + public static String getApplicationInfoSeInfoForPackage(@NonNull final ApplicationInfo applicationInfo) { + ReflectionUtils.bypassHiddenAPIReflectionRestrictions(); + try { + return (String) ReflectionUtils.invokeField(ApplicationInfo.class, Build.VERSION.SDK_INT < Build.VERSION_CODES.O ? "seinfo" : "seInfo", applicationInfo).value; + } catch (Exception e) { + // ClassCastException may be thrown + Logger.logStackTraceWithMessage(LOG_TAG, "Failed to get seInfo field value for ApplicationInfo class", e); + return null; + } + } + + /** + * Get the {@code seInfoUser} {@link Field} of the {@link ApplicationInfo} class. + * + * Also check {@link #getApplicationInfoSeInfoForPackage(ApplicationInfo)}. + * + * @param applicationInfo The {@link ApplicationInfo} for the package. + * @return Returns the selinux info user or {@code null} if an exception was raised. + */ + @Nullable + public static String getApplicationInfoSeInfoUserForPackage(@NonNull final ApplicationInfo applicationInfo) { + if (Build.VERSION.SDK_INT < Build.VERSION_CODES.O) return null; + ReflectionUtils.bypassHiddenAPIReflectionRestrictions(); + try { + return (String) ReflectionUtils.invokeField(ApplicationInfo.class, "seInfoUser", applicationInfo).value; + } catch (Exception e) { + // ClassCastException may be thrown + Logger.logStackTraceWithMessage(LOG_TAG, "Failed to get seInfoUser field value for ApplicationInfo class", e); + return null; + } + } + /** * Get the {@code privateFlags} {@link Field} of the {@link ApplicationInfo} class. *