br0kenpixel/KernelSU-Next
1
0
Fork 0
mirror of https://github.com/KernelSU-Next/KernelSU-Next.git synced 2025-08-27 23:46:34 +00:00
Code Issues Packages Projects Releases 1 Wiki Activity

Allow toggling unmount setting for all apps (#2450)

Browse Source 
This fixes https://github.com/tiann/KernelSU/issues/2416.
This commit is contained in:
Wang Han
2025-02-18 11:07:52 +08:00
committed by rifsxd
parent 42896dfab1
commit a89985f33e
3 changed files with 9 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
kernel/allowlist.c
View File

@@ -155,11 +155,6 @@ static bool profile_valid(struct app_profile *profile)
return false; return false;
} }
if (forbid_system_uid(profile->current_uid)) {
pr_err("uid lower than 2000 is unsupported: %d\n", profile->current_uid);
return false;
}
if (profile->version < KSU_APP_PROFILE_VER) { if (profile->version < KSU_APP_PROFILE_VER) {
pr_info("Unsupported profile version: %d\n", profile->version); pr_info("Unsupported profile version: %d\n", profile->version);
return false; return false;

10
manager/app/src/main/java/com/rifsxd/ksunext/ui/screen/AppProfile.kt
View File

@@ -95,6 +95,7 @@ fun AppProfileScreen(
val scope = rememberCoroutineScope() val scope = rememberCoroutineScope()
val failToUpdateAppProfile = stringResource(R.string.failed_to_update_app_profile).format(appInfo.label) val failToUpdateAppProfile = stringResource(R.string.failed_to_update_app_profile).format(appInfo.label)
val failToUpdateSepolicy = stringResource(R.string.failed_to_update_sepolicy).format(appInfo.label) val failToUpdateSepolicy = stringResource(R.string.failed_to_update_sepolicy).format(appInfo.label)
val suNotAllowed = stringResource(R.string.su_not_allowed).format(appInfo.label)
val packageName = appInfo.packageName val packageName = appInfo.packageName
val initialProfile = Natives.getAppProfile(packageName, appInfo.uid) val initialProfile = Natives.getAppProfile(packageName, appInfo.uid)
@@ -143,8 +144,13 @@ fun AppProfileScreen(
}, },
onProfileChange = { onProfileChange = {
scope.launch { scope.launch {
if (it.allowSu && !it.rootUseDefault && it.rules.isNotEmpty()) { if (it.allowSu) {
if (!setSepolicy(profile.name, it.rules)) { // sync with allowlist.c - forbid_system_uid
if (appInfo.uid < 2000 && appInfo.uid != 1000) {
snackBarHost.showSnackbar(suNotAllowed)
return@launch
}
if (!it.rootUseDefault && it.rules.isNotEmpty() && !setSepolicy(profile.name, it.rules)) {
snackBarHost.showSnackbar(failToUpdateSepolicy) snackBarHost.showSnackbar(failToUpdateSepolicy)
return@launch return@launch
} }

1
manager/app/src/main/res/values/strings.xml
View File

@@ -134,6 +134,7 @@
<string name="force_stop_app">Force stop</string> <string name="force_stop_app">Force stop</string>
<string name="restart_app">Restart</string> <string name="restart_app">Restart</string>
<string name="failed_to_update_sepolicy">Failed to update SELinux rules for: %s</string> <string name="failed_to_update_sepolicy">Failed to update SELinux rules for: %s</string>
<string name="su_not_allowed">Granting superuser is not allowed for: %s</string>
<string name="module_changelog">Changelog</string> <string name="module_changelog">Changelog</string>
<string name="settings_profile_template">App Profile Template</string> <string name="settings_profile_template">App Profile Template</string>
<string name="settings_profile_template_summary">Manage local and online template of App Profile</string> <string name="settings_profile_template_summary">Manage local and online template of App Profile</string>