Fix multiuser mode

This commit is contained in:
topjohnwu 2017-08-07 00:31:27 +08:00
parent 40b6de599c
commit 875c687e3f
3 changed files with 35 additions and 17 deletions

40
db.c
View File

@ -60,6 +60,8 @@ static int settings_callback(void *v, int argc, char **argv, char **azColName) {
void database_check(struct su_context *ctx) { void database_check(struct su_context *ctx) {
sqlite3 *db = NULL; sqlite3 *db = NULL;
int ret;
char query[512], *err = NULL;
// Set default values // Set default values
ctx->info->root_access = ROOT_ACCESS_APPS_AND_ADB; ctx->info->root_access = ROOT_ACCESS_APPS_AND_ADB;
@ -67,33 +69,57 @@ void database_check(struct su_context *ctx) {
ctx->info->mnt_ns = NAMESPACE_MODE_REQUESTER; ctx->info->mnt_ns = NAMESPACE_MODE_REQUESTER;
ctx->info->policy = QUERY; ctx->info->policy = QUERY;
// First query the from app data
// Check if file is readable // Check if file is readable
if (access(ctx->user.database_path, R_OK) == -1) if (access(APP_DATA_PATH REQUESTOR_DATABASE_PATH, R_OK) == -1)
return; return;
// Open database // Open database
int ret = sqlite3_open_v2(ctx->user.database_path, &db, SQLITE_OPEN_READONLY, NULL); ret = sqlite3_open_v2(APP_DATA_PATH REQUESTOR_DATABASE_PATH, &db, SQLITE_OPEN_READONLY, NULL);
if (ret) { if (ret) {
LOGD("sqlite3 open failure: %s\n", sqlite3_errstr(ret)); LOGD("sqlite3 open failure: %s\n", sqlite3_errstr(ret));
sqlite3_close(db); sqlite3_close(db);
return; return;
} }
char query[512], *err = NULL; // Check multiuser mode settings
snprintf(query, sizeof(query), "SELECT key, value FROM settings WHERE key='%s'", MULTIUSER_MODE_ENTRY);
sqlite3_exec(db, query, settings_callback, ctx, &err);
err = NULL;
if (ctx->user.android_user_id != 0 && ctx->info->multiuser_mode == MULTIUSER_MODE_USER) {
sqlite3_close(db);
// Check if file is readable
if (access(ctx->user.database_path, R_OK) == -1)
return;
// Open database
ret = sqlite3_open_v2(ctx->user.database_path, &db, SQLITE_OPEN_READONLY, NULL);
if (ret) {
LOGD("sqlite3 open failure: %s\n", sqlite3_errstr(ret));
sqlite3_close(db);
return;
}
}
// Query for policy // Query for policy
snprintf(query, sizeof(query), "SELECT policy, until FROM policies WHERE uid=%d", ctx->info->uid % 100000); snprintf(query, sizeof(query), "SELECT policy, until FROM policies WHERE uid=%d", ctx->info->uid % 100000);
sqlite3_exec(db, query, policy_callback, ctx, &err); sqlite3_exec(db, query, policy_callback, ctx, &err);
if (err != NULL) if (err != NULL) {
LOGE("sqlite3_exec: %s\n", err); LOGE("sqlite3_exec: %s\n", err);
return;
}
err = NULL; err = NULL;
// Query for settings // Query for settings
snprintf(query, sizeof(query), "SELECT key, value FROM settings"); snprintf(query, sizeof(query), "SELECT key, value FROM settings WHERE key!='%s'", MULTIUSER_MODE_ENTRY);
sqlite3_exec(db, query, settings_callback, ctx, &err); sqlite3_exec(db, query, settings_callback, ctx, &err);
if (err != NULL) if (err != NULL) {
LOGE("sqlite3_exec: %s\n", err); LOGE("sqlite3_exec: %s\n", err);
return;
}
sqlite3_close(db); sqlite3_close(db);
} }

6
su.h
View File

@ -89,12 +89,6 @@ struct su_user_info {
// the user in android userspace (multiuser) // the user in android userspace (multiuser)
// that invoked this action. // that invoked this action.
unsigned android_user_id; unsigned android_user_id;
// path to superuser directory. this is populated according
// to the multiuser mode.
// this is used to check uid/gid for protecting socket.
// this is used instead of database, as it is more likely
// to exist. db will not exist if su has never launched.
char base_path[PATH_MAX];
// path to su database. this is populated according // path to su database. this is populated according
// to the multiuser mode. // to the multiuser mode.
char database_path[PATH_MAX]; char database_path[PATH_MAX];

View File

@ -155,11 +155,9 @@ void su_daemon_receiver(int client) {
snprintf(su_ctx->user.database_path, PATH_MAX, "%s/%d/%s", snprintf(su_ctx->user.database_path, PATH_MAX, "%s/%d/%s",
USER_DATA_PATH, su_ctx->user.android_user_id, REQUESTOR_DATABASE_PATH); USER_DATA_PATH, su_ctx->user.android_user_id, REQUESTOR_DATABASE_PATH);
snprintf(su_ctx->user.base_path, PATH_MAX, "%s/%d/%s",
USER_DATA_PATH, su_ctx->user.android_user_id, REQUESTOR);
// verify if Magisk Manager is installed // verify if Magisk Manager is installed
xstat(su_ctx->user.base_path, &su_ctx->st); xstat(APP_DATA_PATH REQUESTOR, &su_ctx->st);
// odd perms on superuser data dir // odd perms on superuser data dir
if (su_ctx->st.st_gid != su_ctx->st.st_uid) { if (su_ctx->st.st_gid != su_ctx->st.st_uid) {
LOGE("Bad uid/gid %d/%d for Superuser Requestor application", su_ctx->st.st_uid, su_ctx->st.st_gid); LOGE("Bad uid/gid %d/%d for Superuser Requestor application", su_ctx->st.st_uid, su_ctx->st.st_gid);
@ -342,7 +340,7 @@ void su_daemon_receiver(int client) {
su_daemon_main(argc, argv); su_daemon_main(argc, argv);
} }
/* /*
* Connect daemon, send argc, argv, cwd, pts slave * Connect daemon, send argc, argv, cwd, pts slave
*/ */
int su_client_main(int argc, char *argv[]) { int su_client_main(int argc, char *argv[]) {