201 lines
5.1 KiB
C
201 lines
5.1 KiB
C
/*
|
|
** Copyright 2017, John Wu (@topjohnwu)
|
|
** Copyright 2010, Adam Shanks (@ChainsDD)
|
|
** Copyright 2008, Zinx Verituse (@zinxv)
|
|
**
|
|
** Licensed under the Apache License, Version 2.0 (the "License");
|
|
** you may not use this file except in compliance with the License.
|
|
** You may obtain a copy of the License at
|
|
**
|
|
** http://www.apache.org/licenses/LICENSE-2.0
|
|
**
|
|
** Unless required by applicable law or agreed to in writing, software
|
|
** distributed under the License is distributed on an "AS IS" BASIS,
|
|
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
** See the License for the specific language governing permissions and
|
|
** limitations under the License.
|
|
*/
|
|
|
|
#include <sys/types.h>
|
|
#include <sys/wait.h>
|
|
#include <unistd.h>
|
|
#include <stdlib.h>
|
|
#include <fcntl.h>
|
|
#include <paths.h>
|
|
#include <stdio.h>
|
|
#include <stdarg.h>
|
|
|
|
#include "su.h"
|
|
|
|
/* intent actions */
|
|
#define ACTION_REQUEST "start", "-n", REQUESTOR "/" REQUESTOR_PREFIX ".RequestActivity"
|
|
#define ACTION_NOTIFY "start", "-n", REQUESTOR "/" REQUESTOR_PREFIX ".NotifyActivity"
|
|
#define ACTION_RESULT "broadcast", "-n", REQUESTOR "/" REQUESTOR_PREFIX ".SuReceiver"
|
|
|
|
#define AM_PATH "/system/bin/app_process", "/system/bin", "com.android.commands.am.Am"
|
|
|
|
// TODO: leverage this with exec_log?
|
|
int silent_run(char* const args[]) {
|
|
set_identity(0);
|
|
pid_t pid;
|
|
pid = fork();
|
|
/* Parent */
|
|
if (pid < 0) {
|
|
PLOGE("fork");
|
|
return -1;
|
|
}
|
|
else if (pid > 0) {
|
|
return 0;
|
|
}
|
|
int zero = open("/dev/zero", O_RDONLY | O_CLOEXEC);
|
|
dup2(zero, 0);
|
|
int null = open("/dev/null", O_WRONLY | O_CLOEXEC);
|
|
dup2(null, 1);
|
|
dup2(null, 2);
|
|
setenv("CLASSPATH", "/system/framework/am.jar", 1);
|
|
execv(args[0], args);
|
|
PLOGE("exec am");
|
|
_exit(EXIT_FAILURE);
|
|
return -1;
|
|
}
|
|
|
|
int get_owner_login_user_args(struct su_context *ctx, char* user, int user_len) {
|
|
int needs_owner_login_prompt = 0;
|
|
|
|
if (ctx->user.multiuser_mode == MULTIUSER_MODE_OWNER_MANAGED) {
|
|
if (0 != ctx->user.android_user_id) {
|
|
needs_owner_login_prompt = 1;
|
|
}
|
|
snprintf(user, user_len, "0");
|
|
}
|
|
else if (ctx->user.multiuser_mode == MULTIUSER_MODE_USER) {
|
|
snprintf(user, user_len, "%d", ctx->user.android_user_id);
|
|
}
|
|
else if (ctx->user.multiuser_mode == MULTIUSER_MODE_NONE) {
|
|
user[0] = '\0';
|
|
}
|
|
else {
|
|
snprintf(user, user_len, "0");
|
|
}
|
|
|
|
return needs_owner_login_prompt;
|
|
}
|
|
|
|
int send_result(struct su_context *ctx, policy_t policy) {
|
|
char binary_version[256];
|
|
sprintf(binary_version, "%d", VERSION_CODE);
|
|
|
|
char uid[256];
|
|
sprintf(uid, "%d", ctx->from.uid);
|
|
|
|
char toUid[256];
|
|
sprintf(toUid, "%d", ctx->to.uid);
|
|
|
|
char pid[256];
|
|
sprintf(pid, "%d", ctx->from.pid);
|
|
|
|
char user[64];
|
|
get_owner_login_user_args(ctx, user, sizeof(user));
|
|
|
|
if (0 != ctx->user.android_user_id) {
|
|
char android_user_id[256];
|
|
sprintf(android_user_id, "%d", ctx->user.android_user_id);
|
|
|
|
char *user_result_command[] = {
|
|
AM_PATH,
|
|
ACTION_RESULT,
|
|
"--ei",
|
|
"from.uid",
|
|
uid,
|
|
"--ei",
|
|
"to.uid",
|
|
toUid,
|
|
"--ei",
|
|
"pid",
|
|
pid,
|
|
"--es",
|
|
"command",
|
|
get_command(&ctx->to),
|
|
"--es",
|
|
"action",
|
|
policy == ALLOW ? "allow" : "deny",
|
|
user[0] ? "--user" : NULL,
|
|
android_user_id,
|
|
NULL
|
|
};
|
|
silent_run(user_result_command);
|
|
}
|
|
|
|
char *result_command[] = {
|
|
AM_PATH,
|
|
ACTION_RESULT,
|
|
"--ei",
|
|
"from.uid",
|
|
uid,
|
|
"--ei",
|
|
"to.uid",
|
|
toUid,
|
|
"--ei",
|
|
"pid",
|
|
pid,
|
|
"--es",
|
|
"command",
|
|
get_command(&ctx->to),
|
|
"--es",
|
|
"action",
|
|
policy == ALLOW ? "allow" : "deny",
|
|
user[0] ? "--user" : NULL,
|
|
user,
|
|
NULL
|
|
};
|
|
return silent_run(result_command);
|
|
}
|
|
|
|
int send_request(struct su_context *ctx) {
|
|
// if su is operating in MULTIUSER_MODEL_OWNER,
|
|
// and the user requestor is not the owner,
|
|
// the owner needs to be notified of the request.
|
|
// so there will be two activities shown.
|
|
char user[64];
|
|
int needs_owner_login_prompt = get_owner_login_user_args(ctx, user, sizeof(user));
|
|
|
|
int ret;
|
|
if (needs_owner_login_prompt) {
|
|
char uid[256];
|
|
sprintf(uid, "%d", ctx->from.uid);
|
|
|
|
char android_user_id[256];
|
|
sprintf(android_user_id, "%d", ctx->user.android_user_id);
|
|
|
|
// in multiuser mode, the owner gets the su prompt
|
|
char *notify_command[] = {
|
|
AM_PATH,
|
|
ACTION_NOTIFY,
|
|
"--ei",
|
|
"caller_uid",
|
|
uid,
|
|
"--user",
|
|
android_user_id,
|
|
NULL
|
|
};
|
|
|
|
int ret = silent_run(notify_command);
|
|
if (ret) {
|
|
return ret;
|
|
}
|
|
}
|
|
|
|
char *request_command[] = {
|
|
AM_PATH,
|
|
ACTION_REQUEST,
|
|
"--es",
|
|
"socket",
|
|
ctx->sock_path,
|
|
user[0] ? "--user" : NULL,
|
|
user,
|
|
NULL
|
|
};
|
|
|
|
return silent_run(request_command);
|
|
}
|