This post provides an in-depth overview of SELinux, focusing on Android kernel exploitation. Tests were conducted on multiple devices, with a closer look at two devices with a hypervisor that complicates bypassing SELinux. SELinux, a Mandatory Access Control module, enforces a security policy at the Linux kernel level. The post delves into Linux Security Modules and SELinux policy rules. Various bypass methods are explored for gaining root access, including disabling SELinux and overwriting SELinux caches. Exploitation challenges on specific devices like Samsung and Huawei are highlighted. The technical details, code snippets, and bypass strategies offer unique insights into Android security.
https://klecko.github.io/posts/selinux-bypasses/