So far I have tried a few methods available on the official website and other online sources. Such as getting the result by executing the getenforce command.
private fun isSELinuxEnabled(): () -> Boolean {
return {
val process = Runtime.getRuntime().exec(arrayOf("getenforce"))
val reader = BufferedReader(InputStreamReader(process.inputStream))
val status = reader.readLine()
process.waitFor()
Log.d(TAG, "isSELinuxEnabled(): $status")
status == "enforcing"
}
}
I also tried JNI to get the status using the following:
FILE *file = fopen("/sys/fs/selinux/enforce", "r");
if (file == NULL) {
return (*env)->NewStringUTF(env, "Unknown"); // Return "Unknown" if the file cannot be opened
}
char status[10];
fgets(status, sizeof(status), file);
fclose(file);
if (strcmp(status, "1\n") == 0) {
return (*env)->NewStringUTF(env, "Enforcing");
} else {
return (*env)->NewStringUTF(env, "Permissive");
}
Additionally, there are some properties also available, like ro.boot.selinux and ro.build.selinux to get the SELinux status. So far no luck, None of the devices produce any result, all of the methods return either null or unknown value and never Enforcing or Permissive, even if the Enforcing is enabled which I verified using adb shell getenfoce.
The adb command works in the terminal of my system but when even that is executed from the app, it produces the same result.
So folks, here is my burning question: Is there any reliable way to get the status of SELinux in Android using either JNI or pure Kotlin/Java?