Improve multiuser notifications

This commit is contained in:
topjohnwu 2017-05-28 01:28:18 +08:00
parent 94c2fc80d2
commit 3395c84560
2 changed files with 61 additions and 17 deletions

View File

@ -39,16 +39,17 @@ static void silent_run(char* const args[]) {
_exit(EXIT_FAILURE);
}
static void setup_user(struct su_context *ctx, char* user) {
static int setup_user(struct su_context *ctx, char* user) {
switch (ctx->user.multiuser_mode) {
case MULTIUSER_MODE_OWNER_ONLY: /* Should already be denied if not owner */
case MULTIUSER_MODE_OWNER_MANAGED:
sprintf(user, "%d", 0);
break;
return ctx->user.android_user_id;
case MULTIUSER_MODE_USER:
sprintf(user, "%d", ctx->user.android_user_id);
break;
}
return 0;
}
void app_send_result(struct su_context *ctx, policy_t policy) {
@ -62,11 +63,17 @@ void app_send_result(struct su_context *ctx, policy_t policy) {
sprintf(pid, "%d", ctx->from.pid);
char user[16];
setup_user(ctx, user);
int notify = setup_user(ctx, user);
// Send notice to manager, enable logging
char *result_command[] = {
AM_PATH,
ACTION_RESULT,
"--user",
user,
"--ei",
"mode",
"0",
"--ei",
"from.uid",
fromUid,
@ -82,27 +89,65 @@ void app_send_result(struct su_context *ctx, policy_t policy) {
"--es",
"action",
policy == ALLOW ? "allow" : "deny",
"--user",
user,
NULL
};
silent_run(result_command);
// Send notice to user (if needed) to create toasts
if (notify) {
sprintf(user, "%d", notify);
char *notify_command[] = {
AM_PATH,
ACTION_RESULT,
"--user",
user,
"--ei",
"mode",
"1",
"--ei",
"from.uid",
fromUid,
"--es",
"action",
policy == ALLOW ? "allow" : "deny",
NULL
};
silent_run(notify_command);
}
}
void app_send_request(struct su_context *ctx) {
char user[64];
setup_user(ctx, user);
char user[16];
int notify = setup_user(ctx, user);
char *request_command[] = {
AM_PATH,
ACTION_REQUEST,
"--user",
user,
"--es",
"socket",
ctx->sock_path,
"--user",
user,
"--ez",
"timeout",
notify ? "false" : "true",
NULL
};
silent_run(request_command);
// Send notice to user to tell them root is managed by owner
if (notify) {
sprintf(user, "%d", notify);
char *notify_command[] = {
AM_PATH,
ACTION_RESULT,
"--user",
user,
"--ei",
"mode",
"2",
NULL
};
silent_run(notify_command);
}
}

13
su.c
View File

@ -273,7 +273,7 @@ int su_daemon_main(int argc, char **argv) {
printf("Owner managed: Only owner can manage root access and receive request prompts\n");
break;
case MULTIUSER_MODE_OWNER_ONLY:
printf("User independent: The user has its own separate root rules\n");
printf("User independent: Each user has its own separate root rules\n");
break;
}
exit(EXIT_SUCCESS);
@ -336,6 +336,11 @@ int su_daemon_main(int argc, char **argv) {
// verify if Magisk Manager is installed
xstat(ctx.user.base_path, &st);
// always allow if this is Magisk Manager
if (ctx.from.uid == (st.st_uid % 100000)) {
allow();
}
// odd perms on superuser data dir
if (st.st_gid != st.st_uid) {
LOGE("Bad uid/gid %d/%d for Superuser Requestor application",
@ -368,12 +373,6 @@ int su_daemon_main(int argc, char **argv) {
setprop(ROOT_ACCESS_PROP, xstr(ROOT_ACCESS_APPS_AND_ADB));
}
// always allow if this is the superuser uid
// superuser needs to be able to reenable itself when disabled...
if (ctx.from.uid == st.st_uid) {
allow();
}
// Allow root to start root
if (ctx.from.uid == UID_ROOT) {
allow();