android q root权限
文件列表:
frameworks/base/core/jni/com_android_internal_os_Zygote.cpp
system/core/libcutils/fs_config.cpp
system/extras/su/su.cpp
external/autotest/utils/emulator_manager.py
system/core/adb/daemon/main.cpp
system/core/init/selinux.cpp
patch:
diff --git a/blackview_q0/external/autotest/utils/emulator_manager.py b/blackview_q0/external/autotest/utils/emulator_manager.py
index 395d521..0f47256 100644
--- a/blackview_q0/external/autotest/utils/emulator_manager.py
+++ b/blackview_q0/external/autotest/utils/emulator_manager.py
@@ -82,7 +82,7 @@ class EmulatorManager(object):
"""
self.force_stop()
time.sleep(1) # Wait for port to be free
- # TODO(jgiorgi): Add support for x86 / x64 emulators
+ # TODO(jgiorgi): Add support for x86 / x64 emulators lihua 'init=/init androidboot.selinux=permissive"'
args = [
'-dmS', 'emulator-%s' % self.port, 'qemu-system-arm',
'-M', 'vexpress-a9',
@@ -90,7 +90,7 @@ class EmulatorManager(object):
'-kernel', os.path.join(self.imagedir, 'kernel'),
'-append', ('"console=ttyAMA0 ro root=/dev/sda '
'androidboot.hardware=qemu qemu=1 rootwait noinitrd '
- 'init=/init androidboot.selinux=enforcing"'),
+ 'init=/init androidboot.selinux=permissive"'),
'-nographic',
'-device', 'virtio-scsi-device,id=scsi',
'-device', 'scsi-hd,drive=system',
diff --git a/blackview_q0/frameworks/base/core/jni/com_android_internal_os_Zygote.cpp b/blackview_q0/frameworks/base/core/jni/com_android_internal_os_Zygote.cpp
index 82c27f0..1fe4132 100644
--- a/blackview_q0/frameworks/base/core/jni/com_android_internal_os_Zygote.cpp
+++ b/blackview_q0/frameworks/base/core/jni/com_android_internal_os_Zygote.cpp
@@ -540,7 +540,9 @@ static void EnableKeepCapabilities(fail_fn_t fail_fn) {
}
static void DropCapabilitiesBoundingSet(fail_fn_t fail_fn) {
- for (int i = 0; prctl(PR_CAPBSET_READ, i, 0, 0, 0) >= 0; i++) {;
+ //zyf test for root start
+/*
+ for (int i = 0; prctl(PR_CAPBSET_READ, i, 0, 0, 0) >= 0; i++) {;
if (prctl(PR_CAPBSET_DROP, i, 0, 0, 0) == -1) {
if (errno == EINVAL) {
ALOGE("prctl(PR_CAPBSET_DROP) failed with EINVAL. Please verify "
@@ -550,6 +552,8 @@ static void DropCapabilitiesBoundingSet(fail_fn_t fail_fn) {
}
}
}
+*/
+//zyf test for root end
}
static void SetInheritable(uint64_t inheritable, fail_fn_t fail_fn) {
diff --git a/blackview_q0/system/core/adb/daemon/main.cpp b/blackview_q0/system/core/adb/daemon/main.cpp
index e5a4917..3921fe3 100644
--- a/blackview_q0/system/core/adb/daemon/main.cpp
+++ b/blackview_q0/system/core/adb/daemon/main.cpp
@@ -68,7 +68,10 @@ static bool should_drop_capabilities_bounding_set() {
return false;
}
}
- return true;
+ //zyf test for root start
+ return false;
+ //return true;
+ //zyf test for root end
}
static bool should_drop_privileges() {
diff --git a/blackview_q0/system/core/init/selinux.cpp b/blackview_q0/system/core/init/selinux.cpp
index 14eea2b..78c5a0b 100644
--- a/blackview_q0/system/core/init/selinux.cpp
+++ b/blackview_q0/system/core/init/selinux.cpp
@@ -82,7 +82,7 @@ namespace {
selabel_handle* sehandle = nullptr;
enum EnforcingStatus { SELINUX_PERMISSIVE, SELINUX_ENFORCING };
-
+/*
EnforcingStatus StatusFromCmdline() {
EnforcingStatus status = SELINUX_ENFORCING;
@@ -95,12 +95,15 @@ EnforcingStatus StatusFromCmdline() {
return status;
}
-
+*/
bool IsEnforcing() {
- if (ALLOW_PERMISSIVE_SELINUX) {
- return StatusFromCmdline() == SELINUX_ENFORCING;
- }
- return true;
+ //if (ALLOW_PERMISSIVE_SELINUX) {
+ // return StatusFromCmdline() == SELINUX_ENFORCING;
+ //}
+ //zyf test for root start
+ //return true;
+ return false;
+ //zyf test for root end
}
// Forks, executes the provided program in the child, and waits for the completion in the parent.
diff --git a/blackview_q0/system/core/libcutils/fs_config.cpp b/blackview_q0/system/core/libcutils/fs_config.cpp
index a5f4f0e..e0f72d6 100644
--- a/blackview_q0/system/core/libcutils/fs_config.cpp
+++ b/blackview_q0/system/core/libcutils/fs_config.cpp
@@ -177,6 +177,11 @@ static const struct fs_path_config android_files[] = {
{ 00755, AID_ROOT, AID_SHELL, 0, "system/bin/crash_dump64" },
{ 00755, AID_ROOT, AID_SHELL, 0, "system/bin/debuggerd" },
{ 00750, AID_ROOT, AID_ROOT, 0, "system/bin/install-recovery.sh" },
+ //bv lihua test root
+ { 06755, AID_ROOT, AID_ROOT, 0, "system/bin/su" },
+//zyf test for root start
+ // { 06755, AID_ROOT, AID_ROOT, 0, "system/xbin/su" },
+//zyf test for root end
{ 00550, AID_LOGD, AID_LOGD, 0, "system/bin/logd" },
{ 00700, AID_ROOT, AID_ROOT, 0, "system/bin/secilc" },
{ 00750, AID_ROOT, AID_ROOT, 0, "system/bin/uncrypt" },
@@ -197,8 +202,9 @@ static const struct fs_path_config android_files[] = {
// the following two files are INTENTIONALLY set-uid, but they
// are NOT included on user builds.
{ 06755, AID_ROOT, AID_ROOT, 0, "system/xbin/procmem" },
- { 04750, AID_ROOT, AID_SHELL, 0, "system/xbin/su" },
-
+ //lihua add root test
+ // { 04750, AID_ROOT, AID_SHELL, 0, "system/xbin/su" },
+ { 06755, AID_ROOT, AID_SHELL, 0, "system/xbin/su" },
// the following files have enhanced capabilities and ARE included
// in user builds.
{ 00700, AID_SYSTEM, AID_SHELL, CAP_MASK_LONG(CAP_BLOCK_SUSPEND),
diff --git a/blackview_q0/system/extras/su/su.cpp b/blackview_q0/system/extras/su/su.cpp
index 1a1ab6b..c422103 100644
--- a/blackview_q0/system/extras/su/su.cpp
+++ b/blackview_q0/system/extras/su/su.cpp
@@ -80,9 +80,12 @@ void extract_uidgids(const char* uidgids, uid_t* uid, gid_t* gid, gid_t* gids, i
}
int main(int argc, char** argv) {
+//zyf test start for root
+/*
uid_t current_uid = getuid();
if (current_uid != AID_ROOT && current_uid != AID_SHELL) error(1, 0, "not allowed");
-
+*/
+//zyf test for root end
// Handle -h and --help.
++argv;
if (*argv && (strcmp(*argv, "--help") == 0 || strcmp(*argv, "-h") == 0)) {
本文地址:https://blog.csdn.net/zyfzhangyafei/article/details/107495380
上一篇: 买本必读帖:选购时应避免的四大误区
下一篇: 笔记本电脑死机大全 看完你就变高手