Fix multiuser mode
This commit is contained in:
parent
40b6de599c
commit
875c687e3f
38
db.c
38
db.c
@ -60,6 +60,8 @@ static int settings_callback(void *v, int argc, char **argv, char **azColName) {
|
||||
|
||||
void database_check(struct su_context *ctx) {
|
||||
sqlite3 *db = NULL;
|
||||
int ret;
|
||||
char query[512], *err = NULL;
|
||||
|
||||
// Set default values
|
||||
ctx->info->root_access = ROOT_ACCESS_APPS_AND_ADB;
|
||||
@ -67,33 +69,57 @@ void database_check(struct su_context *ctx) {
|
||||
ctx->info->mnt_ns = NAMESPACE_MODE_REQUESTER;
|
||||
ctx->info->policy = QUERY;
|
||||
|
||||
// First query the from app data
|
||||
// Check if file is readable
|
||||
if (access(ctx->user.database_path, R_OK) == -1)
|
||||
if (access(APP_DATA_PATH REQUESTOR_DATABASE_PATH, R_OK) == -1)
|
||||
return;
|
||||
|
||||
// Open database
|
||||
int ret = sqlite3_open_v2(ctx->user.database_path, &db, SQLITE_OPEN_READONLY, NULL);
|
||||
ret = sqlite3_open_v2(APP_DATA_PATH REQUESTOR_DATABASE_PATH, &db, SQLITE_OPEN_READONLY, NULL);
|
||||
if (ret) {
|
||||
LOGD("sqlite3 open failure: %s\n", sqlite3_errstr(ret));
|
||||
sqlite3_close(db);
|
||||
return;
|
||||
}
|
||||
|
||||
char query[512], *err = NULL;
|
||||
// Check multiuser mode settings
|
||||
snprintf(query, sizeof(query), "SELECT key, value FROM settings WHERE key='%s'", MULTIUSER_MODE_ENTRY);
|
||||
sqlite3_exec(db, query, settings_callback, ctx, &err);
|
||||
|
||||
err = NULL;
|
||||
|
||||
if (ctx->user.android_user_id != 0 && ctx->info->multiuser_mode == MULTIUSER_MODE_USER) {
|
||||
sqlite3_close(db);
|
||||
// Check if file is readable
|
||||
if (access(ctx->user.database_path, R_OK) == -1)
|
||||
return;
|
||||
|
||||
// Open database
|
||||
ret = sqlite3_open_v2(ctx->user.database_path, &db, SQLITE_OPEN_READONLY, NULL);
|
||||
if (ret) {
|
||||
LOGD("sqlite3 open failure: %s\n", sqlite3_errstr(ret));
|
||||
sqlite3_close(db);
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
// Query for policy
|
||||
snprintf(query, sizeof(query), "SELECT policy, until FROM policies WHERE uid=%d", ctx->info->uid % 100000);
|
||||
sqlite3_exec(db, query, policy_callback, ctx, &err);
|
||||
if (err != NULL)
|
||||
if (err != NULL) {
|
||||
LOGE("sqlite3_exec: %s\n", err);
|
||||
return;
|
||||
}
|
||||
|
||||
err = NULL;
|
||||
|
||||
// Query for settings
|
||||
snprintf(query, sizeof(query), "SELECT key, value FROM settings");
|
||||
snprintf(query, sizeof(query), "SELECT key, value FROM settings WHERE key!='%s'", MULTIUSER_MODE_ENTRY);
|
||||
sqlite3_exec(db, query, settings_callback, ctx, &err);
|
||||
if (err != NULL)
|
||||
if (err != NULL) {
|
||||
LOGE("sqlite3_exec: %s\n", err);
|
||||
return;
|
||||
}
|
||||
|
||||
sqlite3_close(db);
|
||||
}
|
||||
|
6
su.h
6
su.h
@ -89,12 +89,6 @@ struct su_user_info {
|
||||
// the user in android userspace (multiuser)
|
||||
// that invoked this action.
|
||||
unsigned android_user_id;
|
||||
// path to superuser directory. this is populated according
|
||||
// to the multiuser mode.
|
||||
// this is used to check uid/gid for protecting socket.
|
||||
// this is used instead of database, as it is more likely
|
||||
// to exist. db will not exist if su has never launched.
|
||||
char base_path[PATH_MAX];
|
||||
// path to su database. this is populated according
|
||||
// to the multiuser mode.
|
||||
char database_path[PATH_MAX];
|
||||
|
@ -155,11 +155,9 @@ void su_daemon_receiver(int client) {
|
||||
|
||||
snprintf(su_ctx->user.database_path, PATH_MAX, "%s/%d/%s",
|
||||
USER_DATA_PATH, su_ctx->user.android_user_id, REQUESTOR_DATABASE_PATH);
|
||||
snprintf(su_ctx->user.base_path, PATH_MAX, "%s/%d/%s",
|
||||
USER_DATA_PATH, su_ctx->user.android_user_id, REQUESTOR);
|
||||
|
||||
// verify if Magisk Manager is installed
|
||||
xstat(su_ctx->user.base_path, &su_ctx->st);
|
||||
xstat(APP_DATA_PATH REQUESTOR, &su_ctx->st);
|
||||
// odd perms on superuser data dir
|
||||
if (su_ctx->st.st_gid != su_ctx->st.st_uid) {
|
||||
LOGE("Bad uid/gid %d/%d for Superuser Requestor application", su_ctx->st.st_uid, su_ctx->st.st_gid);
|
||||
|
Loading…
Reference in New Issue
Block a user