Move all permission check into daemon.cpp

This commit is contained in:
topjohnwu 2022-03-01 02:58:39 -08:00 committed by John Wu
parent be7586137c
commit 9968af0785
5 changed files with 30 additions and 24 deletions

View File

@ -160,6 +160,7 @@ static void handle_request_async(int client, int code, const sock_cred &cred) {
reboot();
break;
case MainRequest::ZYGISK:
case MainRequest::ZYGISK_PASSTHROUGH:
zygisk_handler(client, &cred);
break;
default:
@ -208,18 +209,24 @@ static void handle_request(pollfd *pfd) {
bool is_zygote;
int code;
if (!get_client_cred(client, &cred))
if (!get_client_cred(client, &cred)) {
// Client died
goto done;
}
is_root = cred.uid == UID_ROOT;
is_zygote = cred.context == "u:r:zygote:s0";
if (!is_root && !is_zygote && !is_client(cred.pid))
if (!is_root && !is_zygote && !is_client(cred.pid)) {
// Unsupported client state
write_int(client, MainResponse::ACCESS_DENIED);
goto done;
}
code = read_int(client);
if (code < 0 || code >= MainRequest::END || code == MainRequest::_SYNC_BARRIER_)
if (code < 0 || code >= MainRequest::END || code == MainRequest::_SYNC_BARRIER_) {
// Unknown request code
goto done;
}
// Check client permissions
switch (code) {
@ -237,7 +244,14 @@ static void handle_request(pollfd *pfd) {
break;
case MainRequest::REMOVE_MODULES:
if (!is_root && cred.uid != UID_SHELL) {
write_int(client, MainResponse::ROOT_REQUIRED);
write_int(client, MainResponse::ACCESS_DENIED);
goto done;
}
break;
case MainRequest::ZYGISK:
if (!is_zygote) {
// Invalid client context
write_int(client, MainResponse::ACCESS_DENIED);
goto done;
}
break;
@ -252,7 +266,7 @@ static void handle_request(pollfd *pfd) {
goto done;
}
// Handle complex requests in another thread
// Handle async requests in another thread
exec_task([=] { handle_request_async(client, code, cred); });
return;
@ -422,8 +436,8 @@ int connect_daemon(int req, bool create) {
case MainResponse::ROOT_REQUIRED:
LOGE("Root is required for this operation\n");
exit(-1);
case MainResponse::INVALID_REQUEST:
LOGE("Invalid request\n");
case MainResponse::ACCESS_DENIED:
LOGE("Access denied\n");
exit(-1);
default:
__builtin_unreachable();

View File

@ -28,6 +28,7 @@ enum : int {
SQLITE_CMD,
REMOVE_MODULES,
ZYGISK,
ZYGISK_PASSTHROUGH,
END,
};
}
@ -38,7 +39,7 @@ enum : int {
ERROR = -1,
OK = 0,
ROOT_REQUIRED,
INVALID_REQUEST,
ACCESS_DENIED,
END
};
}

View File

@ -35,10 +35,6 @@ void denylist_handler(int client, const sock_cred *cred) {
int req = read_int(client);
int res = DenyResponse::ERROR;
if (req < 0 || req >= DenyRequest::END) {
goto done;
}
switch (req) {
case DenyRequest::ENFORCE:
res = enable_deny();
@ -60,9 +56,9 @@ void denylist_handler(int client, const sock_cred *cred) {
? DenyResponse::ENFORCED : DenyResponse::NOT_ENFORCED;
break;
default:
__builtin_unreachable();
// Unknown request code
break;
}
done:
write_int(client, res);
close(client);
}

View File

@ -401,13 +401,6 @@ static void get_moddir(int client) {
void zygisk_handler(int client, const sock_cred *cred) {
int code = read_int(client);
char buf[256];
if (code < ZygiskRequest::SETUP || code >= ZygiskRequest::END) {
write_int(client, -1);
return;
}
if (code != ZygiskRequest::PASSTHROUGH && cred->context != "u:r:zygote:s0") {
return;
}
switch (code) {
case ZygiskRequest::SETUP:
setup_files(client, cred);
@ -429,7 +422,8 @@ void zygisk_handler(int client, const sock_cred *cred) {
get_moddir(client);
break;
default:
__builtin_unreachable();
// Unknown code
break;
}
close(client);
}

View File

@ -173,7 +173,8 @@ int zygisk_main(int argc, char *argv[]) {
int is_64_bit = parse_int(argv[3]);
if (fcntl(client, F_GETFD) < 0)
return 1;
if (int magiskd = zygisk_request(ZygiskRequest::PASSTHROUGH); magiskd >= 0) {
if (int magiskd = connect_daemon(MainRequest::ZYGISK_PASSTHROUGH); magiskd >= 0) {
write_int(magiskd, ZygiskRequest::PASSTHROUGH);
write_int(magiskd, is_64_bit);
if (read_int(magiskd) != 0) {