/data/adb/service.d/se
内容为
magiskpolicy --live "deny untrusted_app sysfs_thermal file * " magiskpolicy --live "deny untrusted_app sysfs_thermal lnk_file * " magiskpolicy --live "deny untrusted_app sysfs_thermal dir * " magiskpolicy --live "deny untrusted_app_27 sysfs_thermal file * " magiskpolicy --live "deny untrusted_app_27 sysfs_thermal lnk_file * " magiskpolicy --live "deny untrusted_app_27 sysfs_thermal dir * " magiskpolicy --live "deny untrusted_app_25 sysfs_thermal file * " magiskpolicy --live "deny untrusted_app_25 sysfs_thermal lnk_file * " magiskpolicy --live "deny untrusted_app_25 sysfs_thermal dir * " magiskpolicy --live "deny untrusted_app untrusted_app netlink_route_socket * " magiskpolicy --live "deny untrusted_app_27 untrusted_app_27 netlink_route_socket * " magiskpolicy --live "deny untrusted_app_25 untrusted_app_25 netlink_route_socket * " magiskpolicy --live "deny untrusted_app untrusted_app udp_socket ioctl" magiskpolicy --live "deny untrusted_app untrusted_app tcp_socket ioctl" magiskpolicy --live "deny untrusted_app_27 untrusted_app_27 udp_socket ioctl" magiskpolicy --live "deny untrusted_app_27 untrusted_app_27 tcp_socket ioctl" magiskpolicy --live "deny untrusted_app_25 untrusted_app_25 udp_socket ioctl" magiskpolicy --live "deny untrusted_app_25 untrusted_app_25 tcp_socket ioctl"
/data/adb/post-fs-data.d/hiden
resetprop gsm.version.baseband MPSS.Gen5.2020 resetprop gsm.imei1 unkown resetprop gsm.imei2 unkown resetprop gsm.meid unkown
搜索规则
./sesearch --all --target sysfs_thermal --source untrusted_app Found 3 semantic av rules: allow untrusted_app sysfs_thermal : file { ioctl read getattr lock map open } ; allow untrusted_app sysfs_thermal : dir { ioctl read getattr lock search open } ; allow untrusted_app sysfs_thermal : lnk_file { ioctl read getattr lock map open } ; ./sesearch --all --class netlink_route_socket --target untrusted_app allow untrusted_app untrusted_app : netlink_route_socket { read write create getattr setattr lock append bind connect getopt setopt shutdown nlmsg_read } ; ./sesearch --all --class udp_socket --target untrusted_app allow untrusted_app untrusted_app : udp_socket { ioctl read write create getattr setattr lock append map bind connect getopt setopt shutdown } ;