Add hidesu program.

This is a test program, this will probably be integrated into su daemon. This hides su by bind-mounting something (/system) over /sbin, so that there is no /sbin/su binary. Usage: hidesu /proc/<one pid of the namespace>/ns/mnt This uses the fact that when a program wants access to /sdcard, zygote does this using mount namespaces, so every program accessing /sdcard will be in a custom mount namespace, that can be modified.
2016-09-27 00:08:18 +02:00 · 2016-09-27 00:08:18 +02:00 · e1279c29c2
commit e1279c29c2
parent 2d6fb1c45e
2 changed files with 31 additions and 0 deletions
--- a/jni/Android.mk
+++ b/jni/Android.mk
@ -2,6 +2,15 @@ my_path := $(call my-dir)

 LOCAL_PATH := $(my_path)

+include $(CLEAR_VARS)
+LOCAL_MODULE := hidesu
+LOCAL_MODULE_TAGS := optional
+LOCAL_FORCE_STATIC_EXECUTABLE := true
+LOCAL_LDFLAGS := -static
+LOCAL_STATIC_LIBRARIES := libc libcutils
+LOCAL_SRC_FILES := hidesu.c
+include $(BUILD_EXECUTABLE)
+
 include $(CLEAR_VARS)
 LOCAL_MODULE := bootimgtools
 LOCAL_MODULE_TAGS := optional
--- a/jni/hidesu.c
+++ b/jni/hidesu.c
@ -0,0 +1,22 @@
+#define _GNU_SOURCE
+#include <sched.h>
+#include <fcntl.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <sys/mount.h>
+#include <sys/syscall.h>
+
+int main(int argc, char **argv) {
+	if(argc != 2) exit(5);
+	int fd = open(argv[1], O_RDONLY);
+	if(fd == -1) exit(2);
+//TODO: Fix non arm platforms
+#define SYS_setns 375
+	int res = syscall(SYS_setns, fd, 0);
+	if(res == -1) exit(3);
+
+	//XXX: What to mount to /sbin...?
+	res = mount("/system", "/sbin", "bind", MS_BIND, "");
+	if(res == -1) exit(4);
+	exit(0);
+}