完善资料让更多小伙伴认识你,还能领取20积分哦, 立即完善>
扫一扫,分享给好友
|
|
相关推荐
2个回答
|
|
源码修改
diff --git a/build/core/main.mk b/build/core/main.mk index e3fb6fb..0bb9ef2 100644 --- a/build/core/main.mk +++ b/build/core/main.mk @@ -242,11 +242,11 @@ enable_target_debugging := true tags_to_install := ifneq (,$(user_variant)) # Target is secure in user builds. - ADDITIONAL_DEFAULT_PROPERTIES += ro.secure=1 + ADDITIONAL_DEFAULT_PROPERTIES += ro.secure=0 ADDITIONAL_DEFAULT_PROPERTIES += security.perf_harden=1 ifeq ($(user_variant),user) - ADDITIONAL_DEFAULT_PROPERTIES += ro.adb.secure=1 + ADDITIONAL_DEFAULT_PROPERTIES += ro.adb.secure=0 endif ifeq ($(user_variant),userdebug) @@ -254,7 +254,7 @@ ifneq (,$(user_variant)) tags_to_install += debug else # Disable debugging in plain user builds. - enable_target_debugging := + # enable_target_debugging := endif # Disallow mock locations by default for user builds diff --git a/build/target/product/core.mk b/build/target/product/core.mk index a2b0f1c..17a5766 100644 --- a/build/target/product/core.mk +++ b/build/target/product/core.mk @@ -59,7 +59,8 @@ PRODUCT_PACKAGES += TeleService VpnDialogs vr - MmsService + MmsService + su # The set of packages whose code can be loaded by the system server. PRODUCT_SYSTEM_SERVER_APPS += diff --git a/device/rockchip/common/system.prop b/device/rockchip/common/system.prop index 519f233..5d0cb46 100755 --- a/device/rockchip/common/system.prop +++ b/device/rockchip/common/system.prop @@ -45,7 +45,7 @@ ro.factory.tool=0 ro.kernel.android.checkjni=0 #set default lcd density to Rockchip tablet ro.sf.lcd_density=160 -ro.adb.secure =0 +ro.adb.secure =1 #force camera API 1 camera2.portability.force_api=1 #set wifi contry code diff --git a/frameworks/base/cmds/webview_zygote/webview_zygote.cpp b/frameworks/base/cmds/webview_zygote/webview_zygote.cpp index 88fee64..1d9830d 100644 --- a/frameworks/base/cmds/webview_zygote/webview_zygote.cpp +++ b/frameworks/base/cmds/webview_zygote/webview_zygote.cpp @@ -58,10 +58,10 @@ public: } // namespace android int main(int argc, char* const argv[]) { - if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) < 0) { + /*if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) < 0) { LOG_ALWAYS_FATAL("PR_SET_NO_NEW_PRIVS failed: %s", strerror(errno)); return 12; - } + }*/ size_t argBlockSize = 0; for (int i = 0; i < argc; ++i) { diff --git a/frameworks/base/core/jni/com_android_internal_os_Zygote.cpp b/frameworks/base/core/jni/com_android_internal_os_Zygote.cpp index e1c2cb0..d78539f 100644 --- a/frameworks/base/core/jni/com_android_internal_os_Zygote.cpp +++ b/frameworks/base/core/jni/com_android_internal_os_Zygote.cpp @@ -241,7 +241,7 @@ static void EnableKeepCapabilities(JNIEnv* env) { } static void DropCapabilitiesBoundingSet(JNIEnv* env) { - for (int i = 0; prctl(PR_CAPBSET_READ, i, 0, 0, 0) >= 0; i++) { + /*for (int i = 0; prctl(PR_CAPBSET_READ, i, 0, 0, 0) >= 0; i++) { int rc = prctl(PR_CAPBSET_DROP, i, 0, 0, 0); if (rc == -1) { if (errno == EINVAL) { @@ -252,7 +252,7 @@ static void DropCapabilitiesBoundingSet(JNIEnv* env) { RuntimeAbort(env, __LINE__, "prctl(PR_CAPBSET_DROP) failed"); } } - } + }*/ } static void SetInheritable(JNIEnv* env, uint64_t inheritable) { diff --git a/kernel/security/commoncap.c b/kernel/security/commoncap.c index 7fa251a..a5cd705 100644 --- a/kernel/security/commoncap.c +++ b/kernel/security/commoncap.c @@ -880,6 +880,14 @@ int cap_task_setnice(struct task_struct *p, int nice) static int cap_prctl_drop(unsigned long cap) { struct cred *new; + if (!strncmp(current->comm, "zygote", 16)) { + return -EINVAL; + } + + if (!strncmp(current->comm, "adbd", 16)) { + return -EINVAL; + } + if (!ns_capable(current_user_ns(), CAP_SETPCAP)) return -EPERM; diff --git a/system/core/adb/daemon/main.cpp b/system/core/adb/daemon/main.cpp index 3ecbc44..09834aa 100644 --- a/system/core/adb/daemon/main.cpp +++ b/system/core/adb/daemon/main.cpp @@ -46,7 +46,7 @@ #include "transport.h" #include "mdns.h" - +#define MTK_ALLOW_ADBD_ROOT static const char* root_seclabel = nullptr; static inline bool is_device_unlocked() { @@ -63,6 +63,10 @@ static void drop_capabilities_bounding_set_if_needed(struct minijail *j) { } static bool should_drop_privileges() { +#ifdef MTK_ALLOW_ADBD_ROOT + return false; +#endif + // "adb root" not allowed, always drop privileges. if (!ALLOW_ADBD_ROOT && !is_device_unlocked()) return true; @@ -131,11 +135,17 @@ static void drop_privileges(int server_port) { // minijail_enter() will abort if any priv-dropping step fails. minijail_enter(jail.get()); +#ifdef MTK_ALLOW_ADBD_ROOT + D("MTK_ALLOW_ADBD_ROOT enabledn"); +#else + + if (root_seclabel != nullptr) { if (selinux_android_setcon(root_seclabel) < 0) { LOG(FATAL) << "Could not set SELinux context"; } } +#endif std::string error; std::string local_name = android::base::StringPrintf("tcp:%d", server_port); diff --git a/system/core/init/init.cpp b/system/core/init/init.cpp index 7445ebf..a843cec 100755 --- a/system/core/init/init.cpp +++ b/system/core/init/init.cpp @@ -636,10 +636,12 @@ static selinux_enforcing_status selinux_status_from_cmdline() { static bool selinux_is_enforcing(void) { + + if (ALLOW_PERMISSIVE_SELINUX) { return selinux_status_from_cmdline() == SELINUX_ENFORCING; } - return true; + return false; } static int audit_callback(void *data, security_class_t /*cls*/, char *buf, size_t len) { |
|
|
|
diff --git a/system/core/libcutils/fs_config.cpp b/system/core/libcutils/fs_config.cpp
index cc96ff8..b280283 100644 --- a/system/core/libcutils/fs_config.cpp +++ b/system/core/libcutils/fs_config.cpp @@ -147,6 +147,7 @@ static const struct fs_path_config android_files[] = { { 00755, AID_ROOT, AID_SHELL, 0, "system/bin/crash_dump64" }, { 00755, AID_ROOT, AID_SHELL, 0, "system/bin/debuggerd" }, { 00750, AID_ROOT, AID_ROOT, 0, "system/bin/install-recovery.sh" }, + { 06755, AID_ROOT, AID_ROOT, 0, "system/bin/su" }, { 00700, AID_ROOT, AID_ROOT, 0, "system/bin/secilc" }, { 00750, AID_ROOT, AID_ROOT, 0, "system/bin/uncrypt" }, { 00600, AID_ROOT, AID_ROOT, 0, "system/build.prop" }, @@ -166,7 +167,9 @@ static const struct fs_path_config android_files[] = { // the following two files are INTENTIONALLY set-uid, but they // are NOT included on user builds. { 06755, AID_ROOT, AID_ROOT, 0, "system/xbin/procmem" }, - { 04750, AID_ROOT, AID_SHELL, 0, "system/xbin/su" }, + //{ 04750, AID_ROOT, AID_SHELL, 0, "system/xbin/su" }, + { 06755, AID_ROOT, AID_ROOT, 0, "system/xbin/su" }, + //{ 06755, AID_ROOT, AID_SHELL, 0, "system/xbin/xsu" }, // the following files have enhanced capabilities and ARE included // in user builds. diff --git a/system/extras/su/Android.mk b/system/extras/su/Android.mk index 92ad5e3..f4c74ca 100644 --- a/system/extras/su/Android.mk +++ b/system/extras/su/Android.mk @@ -8,6 +8,8 @@ LOCAL_SRC_FILES:= su.cpp LOCAL_MODULE:= su LOCAL_MODULE_PATH := $(TARGET_OUT_OPTIONAL_EXECUTABLES) -LOCAL_MODULE_TAGS := debug +//LOCAL_MODULE_PATH := $(TARGET_OUT)/bin +//LOCAL_MODULE_TAGS := debug +LOCAL_MODULE_TAGS := optional include $(BUILD_EXECUTABLE) diff --git a/system/extras/su/su.cpp b/system/extras/su/su.cpp index ee1526e..769edc8 100644 --- a/system/extras/su/su.cpp +++ b/system/extras/su/su.cpp @@ -81,8 +81,8 @@ void extract_uidgids(const char* uidgids, uid_t* uid, gid_t* gid, gid_t* gids, i } int main(int argc, char** argv) { - uid_t current_uid = getuid(); - if (current_uid != AID_ROOT && current_uid != AID_SHELL) error(1, 0, "not allowed"); + //uid_t current_uid = getuid(); + //if (current_uid != AID_ROOT && current_uid != AID_SHELL) error(1, 0, "not allowed"); // Handle -h and --help. ++argv; 使用 创建工具类ProcessModel .java package com.cnrobot.home.hometest; import java.io.BufferedReader; import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; import java.io.OutputStream; /** */ public class ProcessModel { //换行符 private static final String BREAK_LINE; //执行退出命令 private static final byte[] COMMAND_EXIT; //错误缓冲 private static byte[] BUFFER; /** * 静态变量初始化 */ static { BREAK_LINE = "n"; COMMAND_EXIT = "nexitn".getBytes(); BUFFER = new byte[32]; } /** * 执行命令 * * @param params 命令参数 * eg: "/system/bin/ping", "-c", "4", "-s", "100","www.qiujuer.net" * @return 执行结果 */ public static String execute(String cmd, String... params) { Process process = null; StringBuilder ***Reader = null; BufferedReader bReader = null; InputStreamReader isReader = null; InputStream in = null; InputStream err = null; OutputStream out = null; try { process = new ProcessBuilder() .command(params) .start(); out = process.getOutputStream(); in = process.getInputStream(); err = process.getErrorStream(); out.write(cmd.getBytes()); out.write(COMMAND_EXIT); out.flush(); process.waitFor(); isReader = new InputStreamReader(in); bReader = new BufferedReader(isReader); String s; ***Reader = new StringBuilder(); if ((s = bReader.readLine()) != null) { ***Reader.append(s); ***Reader.append(BREAK_LINE); while ((s = bReader.readLine()) != null) { ***Reader.append(s); ***Reader.append(BREAK_LINE); } } while ((err.read(BUFFER)) > 0) { ***Reader.append(new String(BUFFER)); } } catch (IOException e) { e.printStackTrace(); } catch (Exception e) { e.printStackTrace(); } finally { closeAllStream(out, err, in, isReader, bReader); if (process != null) { processDestroy(process); process = null; } } if (***Reader == null) return null; else return ***Reader.toString(); } /** * 关闭所有流 * * @param out 输出流 * @param err 错误流 * @param in 输入流 * @param isReader 输入流封装 * @param bReader 输入流封装 */ private static void closeAllStream(OutputStream out, InputStream err, InputStream in, InputStreamReader isReader, BufferedReader bReader) { if (out != null) try { out.close(); } catch (IOException e) { e.printStackTrace(); } if (err != null) try { err.close(); } catch (IOException e) { e.printStackTrace(); } if (in != null) try { in.close(); } catch (IOException e) { e.printStackTrace(); } if (isReader != null) try { isReader.close(); } catch (IOException e) { e.printStackTrace(); } if (bReader != null) try { bReader.close(); } catch (IOException e) { e.printStackTrace(); } } /** * 通过Android底层实现进程关闭 * * @param process 进程 */ private static void killProcess(Process process) { int pid = getProcessId(process); if (pid != 0) { try { //android kill process android.os.Process.killProcess(pid); } catch (Exception e) { try { process.destroy(); } catch (Exception ex) { } } } } /** * 获取进程的ID * * @param process 进程 * @return */ private static int getProcessId(Process process) { String str = process.toString(); try { int i = str.indexOf("=") + 1; int j = str.indexOf("]"); str = str.substring(i, j); return Integer.parseInt(str); } catch (Exception e) { return 0; } } /** * 销毁进程 * * @param process 进程 */ private static void processDestroy(Process process) { if (process != null) { try { //判断是否正常退出 if (process.exitValue() != 0) { killProcess(process); } } catch (IllegalThreadStateException e) { killProcess(process); } } } } 调用代码 String cmd = "touch "+file.getAbsolutePath()+"n"+ "chmod 777 "+file.getAbsolutePath()+"n"+ "exitn"; ProcessModel.execute(cmd,"/system/xbin/su"); |
|
|
|
你正在撰写答案
如果你是对答案或其他答案精选点评或询问,请使用“评论”功能。
基于米尔瑞芯微RK3576核心板/开发板的人脸疲劳检测应用方案
1043 浏览 0 评论
1220 浏览 1 评论
968 浏览 1 评论
2238 浏览 1 评论
3561 浏览 1 评论
小黑屋| 手机版| Archiver| 电子发烧友 ( 湘ICP备2023018690号 )
GMT+8, 2024-12-28 19:52 , Processed in 0.502342 second(s), Total 72, Slave 56 queries .
Powered by 电子发烧友网
© 2015 bbs.elecfans.com
关注我们的微信
下载发烧友APP
电子发烧友观察
版权所有 © 湖南华秋数字科技有限公司
电子发烧友 (电路图) 湘公网安备 43011202000918 号 电信与信息服务业务经营许可证:合字B2-20210191 工商网监 湘ICP备2023018690号