Move things to the correct location

This commit is contained in:
topjohnwu 2022-05-30 02:09:07 -07:00
parent c29636c452
commit 2e51fe20a1
7 changed files with 16 additions and 20 deletions

View File

@ -6,16 +6,10 @@
#include <string_view> #include <string_view>
#include <bitset> #include <bitset>
#define UID_ROOT 0
#define UID_SHELL 2000
#define DISALLOW_COPY_AND_MOVE(clazz) \ #define DISALLOW_COPY_AND_MOVE(clazz) \
clazz(const clazz &) = delete; \ clazz(const clazz &) = delete; \
clazz(clazz &&) = delete; clazz(clazz &&) = delete;
#define to_app_id(uid) (uid % 100000)
#define to_user_id(uid) (uid / 100000)
class mutex_guard { class mutex_guard {
DISALLOW_COPY_AND_MOVE(mutex_guard) DISALLOW_COPY_AND_MOVE(mutex_guard)
public: public:

View File

@ -220,7 +220,7 @@ static void handle_request(pollfd *pfd) {
// Client died // Client died
goto done; goto done;
} }
is_root = cred.uid == UID_ROOT; is_root = cred.uid == AID_ROOT;
is_zygote = cred.context == "u:r:zygote:s0"; is_zygote = cred.context == "u:r:zygote:s0";
if (!is_root && !is_zygote && !is_client(cred.pid)) { if (!is_root && !is_zygote && !is_client(cred.pid)) {
@ -251,7 +251,7 @@ static void handle_request(pollfd *pfd) {
} }
break; break;
case MainRequest::REMOVE_MODULES: case MainRequest::REMOVE_MODULES:
if (!is_root && cred.uid != UID_SHELL) { if (!is_root && cred.uid != AID_SHELL) {
write_int(client, MainResponse::ACCESS_DENIED); write_int(client, MainResponse::ACCESS_DENIED);
goto done; goto done;
} }
@ -414,7 +414,7 @@ int connect_daemon(int req, bool create) {
socklen_t len = setup_sockaddr(&sun, MAIN_SOCKET); socklen_t len = setup_sockaddr(&sun, MAIN_SOCKET);
int fd = xsocket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0); int fd = xsocket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0);
if (connect(fd, (sockaddr *) &sun, len)) { if (connect(fd, (sockaddr *) &sun, len)) {
if (!create || getuid() != UID_ROOT) { if (!create || getuid() != AID_ROOT) {
LOGE("No daemon is currently running!\n"); LOGE("No daemon is currently running!\n");
close(fd); close(fd);
return -1; return -1;

View File

@ -9,10 +9,15 @@
#include <socket.hpp> #include <socket.hpp>
#define AID_ROOT 0
#define AID_SHELL 2000
#define AID_APP_START 10000 #define AID_APP_START 10000
#define AID_APP_END 19999 #define AID_APP_END 19999
#define AID_USER_OFFSET 100000 #define AID_USER_OFFSET 100000
#define to_app_id(uid) (uid % AID_USER_OFFSET)
#define to_user_id(uid) (uid / AID_USER_OFFSET)
// Daemon command codes // Daemon command codes
namespace MainRequest { namespace MainRequest {
enum : int { enum : int {

View File

@ -5,7 +5,6 @@
#include <selinux.hpp> #include <selinux.hpp>
#include "su.hpp" #include "su.hpp"
#include "daemon.hpp"
extern int SDK_INT; extern int SDK_INT;

View File

@ -14,7 +14,6 @@
#include <sys/stat.h> #include <sys/stat.h>
#include <magisk.hpp> #include <magisk.hpp>
#include <daemon.hpp>
#include <base.hpp> #include <base.hpp>
#include <flags.h> #include <flags.h>

View File

@ -5,6 +5,7 @@
#include <memory> #include <memory>
#include <db.hpp> #include <db.hpp>
#include <daemon.hpp>
#define DEFAULT_SHELL "/system/bin/sh" #define DEFAULT_SHELL "/system/bin/sh"
@ -41,7 +42,7 @@ private:
}; };
struct su_req_base { struct su_req_base {
int uid = UID_ROOT; int uid = AID_ROOT;
bool login = false; bool login = false;
bool keepenv = false; bool keepenv = false;
bool mount_master = false; bool mount_master = false;

View File

@ -5,11 +5,9 @@
#include <sys/wait.h> #include <sys/wait.h>
#include <sys/mount.h> #include <sys/mount.h>
#include <daemon.hpp>
#include <magisk.hpp> #include <magisk.hpp>
#include <base.hpp> #include <base.hpp>
#include <selinux.hpp> #include <selinux.hpp>
#include <db.hpp>
#include "su.hpp" #include "su.hpp"
#include "pts.hpp" #include "pts.hpp"
@ -88,7 +86,7 @@ void su_info::check_db() {
} }
bool uid_granted_root(int uid) { bool uid_granted_root(int uid) {
if (uid == UID_ROOT) if (uid == AID_ROOT)
return true; return true;
db_settings cfg; db_settings cfg;
@ -99,11 +97,11 @@ bool uid_granted_root(int uid) {
case ROOT_ACCESS_DISABLED: case ROOT_ACCESS_DISABLED:
return false; return false;
case ROOT_ACCESS_APPS_ONLY: case ROOT_ACCESS_APPS_ONLY:
if (uid == UID_SHELL) if (uid == AID_SHELL)
return false; return false;
break; break;
case ROOT_ACCESS_ADB_ONLY: case ROOT_ACCESS_ADB_ONLY:
if (uid != UID_SHELL) if (uid != AID_SHELL)
return false; return false;
break; break;
case ROOT_ACCESS_APPS_AND_ADB: case ROOT_ACCESS_APPS_AND_ADB:
@ -186,7 +184,7 @@ static shared_ptr<su_info> get_su_info(unsigned uid) {
info->check_db(); info->check_db();
// If it's root or the manager, allow it silently // If it's root or the manager, allow it silently
if (info->uid == UID_ROOT || to_app_id(info->uid) == to_app_id(info->mgr_uid)) { if (info->uid == AID_ROOT || to_app_id(info->uid) == to_app_id(info->mgr_uid)) {
info->access = SILENT_SU_ACCESS; info->access = SILENT_SU_ACCESS;
return info; return info;
} }
@ -198,13 +196,13 @@ static shared_ptr<su_info> get_su_info(unsigned uid) {
info->access = NO_SU_ACCESS; info->access = NO_SU_ACCESS;
break; break;
case ROOT_ACCESS_ADB_ONLY: case ROOT_ACCESS_ADB_ONLY:
if (info->uid != UID_SHELL) { if (info->uid != AID_SHELL) {
LOGW("Root access limited to ADB only!\n"); LOGW("Root access limited to ADB only!\n");
info->access = NO_SU_ACCESS; info->access = NO_SU_ACCESS;
} }
break; break;
case ROOT_ACCESS_APPS_ONLY: case ROOT_ACCESS_APPS_ONLY:
if (info->uid == UID_SHELL) { if (info->uid == AID_SHELL) {
LOGW("Root access is disabled for ADB!\n"); LOGW("Root access is disabled for ADB!\n");
info->access = NO_SU_ACCESS; info->access = NO_SU_ACCESS;
} }