I saw Huawei released kernel sources codes for our P20 pro, can anyone make a SELinux permissive kernel?
my device is rooted and i tried to change it to permissive but it seems its locked, it changes back to enforcing
Currently there are several custom roms available for Yureka Black ranging from noughat to android pie. But the roms with android versions Oreo and Pie run permissive SeLinux ( even the official roms in yuforums ). Switching to enforcing mode on these roms usually breaks the camera or the fingerprint . So are there any other custom roms available that have SeLinux enforcing by default?
Brainyboy said:
Currently there are several custom roms available for Yureka Black ranging from noughat to android pie. But the roms with android versions Oreo and Pie run permissive SeLinux ( even the official roms in yuforums ). Switching to enforcing mode on these roms usually breaks the camera or the fingerprint . So are there any other custom roms available that have SeLinux enforcing by default?
Click to expand...
Click to collapse
Probably not, enforcing mode gets in the way of a lot of things when it comes to custom ROMs and using root, permissive mode is required for certain modifications incorporated in custom ROMs.
Using stock firmware or manually switching to enforcing in your custom ROMs might be your only options.
Sent from my LGL84VL using Tapatalk
Droidriven said:
Probably not, enforcing mode gets in the way of a lot of things when it comes to custom ROMs and using root, permissive mode is required for certain modifications incorporated in custom ROMs.
Using stock firmware or manually switching to enforcing in your custom ROMs might be your only options.
Click to expand...
Click to collapse
But isn't permissive SeLinux less secure than a rooted device with enforcing SeLinux? Is permissive SeLinux still insecure even if the ROM has latest security patches?
Brainyboy said:
But isn't permissive SeLinux less secure than a rooted device with enforcing SeLinux? Is permissive SeLinux still insecure even if the ROM has latest security patches?
Click to expand...
Click to collapse
Certain mods require permissive mode, plain and simple, otherwise, the mods won't work.
The reason why custom ROMs use permissive has more to do with allowing software features and functionality to work than it does with how secure the device is or isn't.
Sent from my LGL84VL using Tapatalk
@Brainyboy, to add to what @Droidriven had already stated...
The following post explains why so many of the recent Custom Firmwares for the newer Android versions has been provided in a Permanent Permissive Mode...
https://forum.xda-developers.com/showthread.php?p=78054819
Good Luck & Enjoy!
~~~~~~~~~~~~~~~
UNLESS asked to do so, PLEASE don't PM me regarding support. Sent using The ClaRetoX Forum App on my SM-G900T device.
There are 69 ROMs with SELinux Enforcing now...
Recently i asked about Android 10 in the pixel experience thread, i asked because of the website saying "This version Is no longer Supported". I wanted to know if this means no more updates at ALL or just no more updates for Pie.
after this. i started the quest of Android 10, (thats what i like to call it) first i tried with treble roms and found out: everything based on pixel is very buggy and never gets out of the "Finishing Update" lag period, Also everything which wasnt the android 10 beta 5 build advertised by jarlpenguin and phhusson.
gapps which are imbedded into the rom dont work at all on treble Android 10.
Because of that, the only rom with gapps working right now is lineage 17.1..... the problem with that though is that you have no data (no signal/no sim) message and thus cant receive or send anything.
so i started looking at other motorola devices with the same chipset as our device, and search for possibilities for this already working. well i patched a version of aosp 10 from cedric aka the moto G5 which also has a snapdragon 430 processor. the kernel was well...... missing. After flashing radium for non treble roms fixed the problem. we have very similar problems though. 1. We still hav eno REAL signal, yeah it shows up but stays at 0 2.Gapps Dont Work BUT Begone "Finishing Update Lag" , what i am trying to say is: we should probably base on those builds and try if that works with different tweaks and patches to get all features working.
Also i am going to experiment further with this, for example: i am going to experiment with Pixel Experience 10 in the same way i did with Aosp!
thanks for reading i guess
Android 10 development is being postponed in favor of SELinux enforcing on Pie. Plus cedric's Android 10 builds are not Treble enabled, whereas montana's ROMs are, so it won't boot.
Of course I could release a build of LineageOS 17.1, but that would have broken camera, battery drain, possibly memory leaks, and partially broken audio playback. That is why I haven't released it.
---------- Post added at 02:42 PM ---------- Previous post was at 02:37 PM ----------
Furthermore, the reason we haven't been able to work on SELinux in P is because the non-treble policy was completely unfit for treble. When we attempted addressing SELinux denials, we hit neverallow build errors. As it turns out, our RIL blobs are too old for Treble compatibility, so we need to update them.
Oh. Okay! Thanks for the information. I guess this just means that at some point PE will get continued. Maybe I will try some modifications on my side to try and get it working.
Hmm
Guess it's set to enforcing. For security and rom compatibility reasons I did deactivate a lot of things first
Some random said:
Hmm
Click to expand...
Click to collapse
Seems spoofed. We didn't have enforcing on any Pie builds.
JarlPenguin said:
Seems spoofed. We didn't have enforcing on any Pie builds.
Click to expand...
Click to collapse
The picture is by me.... A lot of things broke afterwards tho. So it isn't just a manipulated settings screen...
This is a picture on RR pie btw
And for context: this is NOT how the ROM comes on its own, I used an application called "The Selinux switch" to set it to enforcing
Some random said:
And for context: this is NOT how the ROM comes on its own, I used an application called "The Selinux switch" to set it to enforcing
Click to expand...
Click to collapse
Right. That's what I thought. It's either spoofed or someone manually enabled it. Lots of things broken are expected.
Hi i have a S20FE 5G rooted i want to know how to change the selinux plz
Iam new here. therefor i DonĀ“t know wether my question was answered: lineage 12.1 and 13 by meler are selinux disabled. Can i selinux enable? When yes, how?