Releases · flipphoneguy/DirtySepolicy_Bypass

What's New

Fully defeats DirtySepolicy v2.2, which rewrote its detection to bypass libselinux entirely and query the kernel's SELinux filesystem directly.

/sys/fs/selinux/access — intercepts write+read to mask framework allow rules from kernel access vector decisions, and rewrites seqno to 1 to defeat the new avdSeqNo policy-reload detection
/sys/fs/selinux/status — patches sequence and policyload fields to clean-boot values (kernel-version-aware: < 6.10 vs >= 6.10)
read + pread64 hooks — new hooks to intercept and modify kernel responses in-flight
Numeric resolution via sysfs — resolves class/perm IDs by reading /sys/fs/selinux/class/ directly, no longer depends on libselinux symbols

Handles fd reuse when close() bypasses PLT hooks (common on some Android versions)
Covers additional selinuxfs query files (create, member, relabel, user, validatetrans) that could be used for future context-existence probing
Matches /proc/*/attr/* broadly (covers thread-self, explicit PIDs, all attr files)
Supports both /sys/fs/selinux/ and legacy /selinux/ mount points
Libselinux API hooks retained as defense-in-depth for older detectors

Flash dirtysepbypass.zip via Magisk app or:

su -c "magisk --install-module /sdcard/dirtysepbypass.zip"
su -c reboot