Commits

Robert Craig committed f1d74fc

Add install perms code.
-- Add new code to enforcing mode view (toggle mac box)
-- Add new menu item to LogDeniedReaderFragment to view MAC denied messages

Comments (0)

Files changed (5)

res/menu/menu_action_bar.xml

         android:title="Logs"
         android:showAsAction="always" >
     <menu>
+      <item android:id="@+id/MAC"
+            android:icon="@drawable/ic_menu_refresh"
+            android:title="MAC" />
       <item android:id="@+id/AVC"
             android:icon="@drawable/ic_menu_refresh"
             android:title="AVC" />

res/values/strings.xml

     <string name="avc_title">AVC Denied Log</string>
     <string name="log_fragment_title">Logs</string>
     <string name="log_reload_msg">Press One of The "Refresh" Buttons to Update Messages</string>
+    <string name="mac_denied_log_filename">mac_denied_logs</string>
+    <string name="mac_title">MAC Denied Log</string>
+    <string name="mac_set_enforcing">MAC Mode</string>
+    <string name="mac_set_enforcing_summary">Toggle MAC Enforcing Mode</string>
     <string name="manage_selinux_header">MANAGE</string>
     <string name="policy_builder_header">POLICY TOOLS</string>
     <string name="selinux_boolean_fragment_title">Booleans</string>

res/xml/selinux_enforcing_fragment.xml

         android:key="selinux_enforcing"
         android:title="@string/selinux_set_enforcing"
         android:summary="@string/selinux_set_enforcing_summary"/>
+
+    <CheckBoxPreference
+        android:key="mac_enforcing"
+        android:title="@string/mac_set_enforcing"
+        android:summary="@string/mac_set_enforcing_summary"/>
 	
 </PreferenceScreen>

src/com/android/seandroid_manager/LogDeniedReaderFragment.java

                 }
                 return true;
 
+            case R.id.MAC:
+                mActionBar.setTitle(R.string.mac_title);
+                mDefaultMessage.setVisibility(View.GONE);
+                logPrefix = getString(R.string.mac_denied_log_filename);
+                mMessageLog.setText(null);
+                new LogcatReader(handleMessage,
+                                 "system", "PackageManager:D", "install-permission").start();
+                return true;
+
             case R.id.AVC:
                 // display all the avc denials
                 mActionBar.setTitle(R.string.avc_title);

src/com/android/seandroid_manager/SELinuxEnforcingFragment.java

 public class SELinuxEnforcingFragment extends PreferenceFragment {
 
     private static final String KEY_SELINUX_ENFORCING = "selinux_enforcing";
+    private static final String KEY_MAC_ENFORCING = "mac_enforcing";
+    private static final String MAC_SYSTEM_PROPERTY = "persist.mac_enforcing_mode";
 
     private CheckBoxPreference mSELinuxToggleEnforce;
+    private CheckBoxPreference mMACToggleEnforce;
 
     @Override
     public void onCreate(Bundle savedInstanceState) {
             (CheckBoxPreference) getPreferenceScreen().findPreference(KEY_SELINUX_ENFORCING);
 
         mSELinuxToggleEnforce.setChecked(SELinux.isSELinuxEnforced());
+
+        mMACToggleEnforce =
+            (CheckBoxPreference) getPreferenceScreen().findPreference(KEY_MAC_ENFORCING);
         
+        mMACToggleEnforce.setChecked(getMacEnforcingMode());
     }
 
     @Override
         if (mSELinuxToggleEnforce != null) {
             mSELinuxToggleEnforce.setChecked(SELinux.isSELinuxEnforced());
         }
+
+        if (mMACToggleEnforce != null) {
+            mMACToggleEnforce.setChecked(getMacEnforcingMode());
+        }
     }
 
     @Override
             SELinux.setSELinuxEnforce(!SELinux.isSELinuxEnforced());
             mSELinuxToggleEnforce.setChecked(SELinux.isSELinuxEnforced());
             saveEnforcing();
+        } else if (preference == mMACToggleEnforce) {
+            boolean enforce = getMacEnforcingMode();
+            mMACToggleEnforce.setChecked(!enforce);
+            SystemProperties.set(MAC_SYSTEM_PROPERTY, (enforce ? "0" : "1"));
         }
         return true;
     }
+
+    // return true if in Enforcing mode, false otherwise
+    private boolean getMacEnforcingMode() {
+        return SystemProperties.getBoolean(MAC_SYSTEM_PROPERTY, false);
+    }
     
     private void saveEnforcing() {
         String enforcing = SELinux.isSELinuxEnforced() ? "1" : "0";