欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  IT编程

高通平台user版本debug

程序员文章站 2022-03-15 21:14:43
一、user开启root 一些平台可以通过单刷eng版本的boot.imag来root user版本,如果无法通过单刷bootimage来root,可以通过修改代码,使默认开启root。1.1system/core/adb/ Android.mk修改如下://LOCAL_CFLAGS +=-DALLOW_ADBD_ROOT=$(if $(filter userdebug eng,$(TARGET_BUILD_VARIANT)),1,0)LOCAL_CFLAGS += -DALLOW......

一、user开启root

    一些平台可以通过单刷eng版本的boot.imag来root user版本,如果无法通过单刷bootimage来root,可以通过修改代码,使默认开启root。

1.1 system/core/adb/ Android.mk修改如下:

//LOCAL_CFLAGS +=-DALLOW_ADBD_ROOT=$(if $(filter userdebug eng,$(TARGET_BUILD_VARIANT)),1,0)

LOCAL_CFLAGS += -DALLOW_ADBD_ROOT=$(if $(filter user userdebug eng,$(TARGET_BUILD_VARIANT)),1,0)

LOCAL_CFLAGS += -DALLOW_ADBD_NO_AUTH=$(if $(filter userdebug eng,$(TARGET_BUILD_VARIANT)),1,0)

10.0平台使用 system/core/adb/ Android.bp修改如下

    cflags: [

        "-Wall",

        "-Wextra",

        "-Werror",

        "-Wexit-time-destructors",

        "-Wno-unused-parameter",

        "-Wno-missing-field-initializers",

        "-Wthread-safety",

        "-Wvla",

        "-DADB_HOST=1",         // overridden by adbd_defaults

        "-DALLOW_ADBD_ROOT=1",  // overridden by adbd_defaults

"-DALLOW_ADBD_DISABLE_VERITY=1",

],



cc_defaults {

    name: "adbd_defaults",

    defaults: ["adb_defaults"],



    cflags: ["-UADB_HOST", "-DADB_HOST=0"],

    product_variables: {

        debuggable: {

            cflags: [

                "-UALLOW_ADBD_ROOT",

                "-DALLOW_ADBD_ROOT=1",

                "-DALLOW_ADBD_DISABLE_VERITY=1",

                "-DALLOW_ADBD_NO_AUTH",

            ],

        },

    },

}

 

1.2 ​​​​​​​system/core/adb/ services.cpp修改如下:

void restart_root_service(int fd, void *cookie) {

    if (getuid() == 0) {

        WriteFdExactly(fd, "adbd is already running as root\n");

        adb_close(fd);

    } else {

// 注释掉以下判断,默认允许root

        /*if (!__android_log_is_debuggable()) {

            WriteFdExactly(fd, "adbd cannot run as root in production builds\n");

            adb_close(fd);

            return;

        }*/

        android::base::SetProperty("service.adb.root", "1");

        WriteFdExactly(fd, "restarting adbd as root\n");

        adb_close(fd);

    }

}

       10.0平台相关修改移到 system/core/adb/daemon/restart_service.cpp

void restart_root_service(unique_fd fd) {

    if (getuid() == 0) {

        WriteFdExactly(fd.get(), "adbd is already running as root\n");

        return;

    }

   /* if (!__android_log_is_debuggable()) {

        WriteFdExactly(fd.get(), "adbd cannot run as root in production builds\n");

        return;

    }*/

    LOG(INFO) << "adbd restarting as root";

    android::base::SetProperty("service.adb.root", "1");

    WriteFdExactly(fd.get(), "restarting adbd as root\n");

}

 

​​​​​​​1.3 关闭SeLinux ,system/core/init/init.cpp 修改如下:

enum selinux_enforcing_status { SELINUX_PERMISSIVE, SELINUX_ENFORCING };

static selinux_enforcing_status selinux_status_from_cmdline() {

    selinux_enforcing_status status = SELINUX_ENFORCING;

    import_kernel_cmdline(false, [&](const std::string& key, const std::string& value, bool in_qemu) {

        if (key == "androidboot.selinux" && value == "permissive") {

            status = SELINUX_PERMISSIVE;

        }

    });

    //return status;

return SELINUX_PERMISSIVE;

}

static bool selinux_is_enforcing(void)
{

    if (ALLOW_PERMISSIVE_SELINUX) {

        return selinux_status_from_cmdline() == SELINUX_ENFORCING;

    }

    //return true;

return false;
}

9.0以后平台相关修改移到 system/core/init/selinux.cpp 文件

enum EnforcingStatus { SELINUX_PERMISSIVE, SELINUX_ENFORCING };

EnforcingStatus StatusFromCmdline() {

    EnforcingStatus status = SELINUX_ENFORCING;

    … …

    //return status;

return SELINUX_PERMISSIVE;

}

bool IsEnforcing() {

    if (ALLOW_PERMISSIVE_SELINUX) {

        return StatusFromCmdline() == SELINUX_ENFORCING;

    }

    //return true;

    return false;

}

​​​​​​​1.4 system/core/adb/daemon/main.cpp 修改如下:

       static bool should_drop_capabilities_bounding_set() {

           If (ALLOW_ADBD_ROOT || is_device_unlocked()) {

               if (__android_log_is_debuggable()) {

                   return false;

               }

           }

           //return true;

           return false;

       }

​​​​​​​1.5 system/core/liblog/properties.c 修改如下:

LIBLOG_ABI_PUBLIC int __android_log_is_debuggable() {

… …

    unlock();

  }

  //return ret;

  return 1;

}

 

二、user版本开启串口log

kernel/msm-4.9/arch/arm64/configs/*product*-perf_defconfig 添加如下

CONFIG_SERIAL_MSM=y

CONFIG_SERIAL_MSM_CONSOLE=y

 

三、user版本获取dmesg 方法

3.1 在/device/qcom/sepolicy/vendor/common/shell.te修改如下:

diff --git a/vendor/common/shell.te b/vendor/common/shell.te

index 901b56c..13f7b20 100644

--- a/vendor/common/shell.te

+++ b/vendor/common/shell.te

@@ -35,3 +35,4 @@ r_dir_file(shell, qti_logkit_pub_data_file)



 # allow shell permissions to perf

 get_prop(shell, vendor_mpctl_prop);

+allow shell kernel:system { syslog_read };

 

3.2 解决se冲突,在system/sepolicy/下修改如下:

diff --git a/prebuilts/api/28.0/public/app.te b/prebuilts/api/28.0/public/app.te

index 439c1f8..3b664ce 100644

--- a/prebuilts/api/28.0/public/app.te

+++ b/prebuilts/api/28.0/public/app.te

@@ -509,7 +509,7 @@ neverallow appdomain

     proc:dir_file_class_set write;



 # Access to syslog(2) or /proc/kmsg.

-neverallow appdomain kernel:system { syslog_read syslog_mod syslog_console };

+neverallow { appdomain -shell } kernel:system { syslog_read syslog_mod syslog_console };



 # SELinux is not an API for apps to use

 neverallow { appdomain -shell } *:security { compute_av check_context };

diff --git a/public/app.te b/public/app.te

index 439c1f8..3b664ce 100644

--- a/public/app.te

+++ b/public/app.te

@@ -509,7 +509,7 @@ neverallow appdomain

     proc:dir_file_class_set write;



 # Access to syslog(2) or /proc/kmsg.

-neverallow appdomain kernel:system { syslog_read syslog_mod syslog_console };

+neverallow { appdomain -shell } kernel:system { syslog_read syslog_mod syslog_console };



 # SELinux is not an API for apps to use

 neverallow { appdomain -shell } *:security { compute_av check_context };

 

本文地址:https://blog.csdn.net/tq501501/article/details/114312093

相关标签: Android