'How to access root permission in JNI written, C++ library?

I searched many post and answers here but none of these can solve problem for me!!
Issue from logcat (Fixed)

2022-03-22 14:23:54.391 951-951/com.testopen I/com.testopen: type=1400 audit(0.0:6247): avc: denied { getattr } for comm=50726F66696C65205361766572 path="/data/app" dev="sda29" ino=2916353 scontext=u:r:zygote:s0 tcontext=u:object_r:apk_data_file:s0 tclass=dir permissive=1
2022-03-22 14:23:56.481 951-951/com.testopen I/com.testopen: type=1400 audit(0.0:6248): avc: denied { read } for name="maps" dev="proc" ino=140900 scontext=u:r:zygote:s0 tcontext=u:r:init:s0 tclass=file permissive=1
2022-03-22 14:23:56.481 951-951/com.testopen I/com.testopen: type=1400 audit(0.0:6249): avc: denied { open } for path="/proc/1/maps" dev="proc" ino=140900 scontext=u:r:zygote:s0 tcontext=u:r:init:s0 tclass=file permissive=1
2022-03-22 14:23:57.471 951-951/com.testopen I/com.testopen: type=1400 audit(0.0:6250): avc: denied { search } for name="1" dev="proc" ino=22170 scontext=u:r:zygote:s0 tcontext=u:r:init:s0 tclass=dir permissive=1

What I tried (Fixed)
I created zygote.te from this solution: https://stackoverflow.com/a/47930362

allow zygote init:file { open read };
allow zygote init:dir { search };
allow zygote apk_data_file:dir { getattr };

But I really don't know how to use audit2allow, at least i know that this tool for linux pc only and also don't know about android has it or not. And also don't know where to place zygote.te into android.
Progress so far

  1. Create java & jni function
    JNI:
bool IsFileOpen() {
    FILE *fp = fopen(OBFUSCATE("/proc/23142/maps"), OBFUSCATE("r"));
    if (fp != NULL) {
        LOGI("This file has been opened!!");
        return true;
    } else {
        perror("Error: ");
    }
    fclose(fp);
    LOGI("Done!");
    return false;
}

JAVA:

 static {
        System.loadLibrary("TestOpen");
    }
 @Override
    protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        Shell.rootAccess();
        setContentView(R.layout.activity_main);
    }
  1. Make app run as system.
  2. Allow permission in SELinux Policy.
  3. Get stuck by read memory maps.

Phone Info
My OS: Android 10, arm64
Status: SELinux: enabled, Mode: Permissive, Root: Rooted Magisk
My plan is let app run native code written in jni with root permission!!
Edit:
I fixed by allow all permission in SELinux policy but still missing something, when i get PID running process and put it in "proc/PID/maps", it will have error occured:
Error: No such file or directory
Then i edited "/maps" to some path like "/cmdline", "/attr/exec",... and it works!! It seem they're trying hidden some files to avoid get read by 3rd app!!
In the End: So if you have your opinion or any solution, please answer here, thanks!!

javaandroidjava-native-interfaceandroid-permissionsselinux


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions