TheArchive/Magisk
1
0
Fork 0
mirror of https://github.com/topjohnwu/Magisk.git synced 2024-11-28 12:35:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add namespace mode support

Browse Source
This commit is contained in:
topjohnwu 2017-06-08 22:50:39 +08:00
parent 1ddd746862
commit c9286624d4
3 changed files with 31 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
db.c
View File

@ -46,6 +46,8 @@ static int settings_callback(void *v, int argc, char **argv, char **azColName) {
target = &ctx->info->root_access; target = &ctx->info->root_access;
else if (strcmp(argv[i], MULTIUSER_MODE_ENTRY) == 0) else if (strcmp(argv[i], MULTIUSER_MODE_ENTRY) == 0)
target = &ctx->info->multiuser_mode; target = &ctx->info->multiuser_mode;
else if (strcmp(argv[i], NAMESPACE_MODE_ENTRY) == 0)
target = &ctx->info->mnt_ns;
entry = argv[i]; entry = argv[i];
} else if (strcmp(azColName[i], "value") == 0) { } else if (strcmp(azColName[i], "value") == 0) {
value = atoi(argv[i]); value = atoi(argv[i]);
@ -62,6 +64,7 @@ void database_check(struct su_context *ctx) {
// Set default values // Set default values
ctx->info->root_access = ROOT_ACCESS_APPS_AND_ADB; ctx->info->root_access = ROOT_ACCESS_APPS_AND_ADB;
ctx->info->multiuser_mode = MULTIUSER_MODE_OWNER_ONLY; ctx->info->multiuser_mode = MULTIUSER_MODE_OWNER_ONLY;
ctx->info->mnt_ns = NAMESPACE_MODE_REQUESTER;
ctx->info->policy = QUERY; ctx->info->policy = QUERY;
// Check if file is readable // Check if file is readable

11
su.h
View File

@ -11,19 +11,25 @@
#define MAGISKSU_VER_STR xstr(MAGISK_VERSION) ":MAGISKSU (topjohnwu)" #define MAGISKSU_VER_STR xstr(MAGISK_VERSION) ":MAGISKSU (topjohnwu)"
// Property check for root access // DB settings for root access
#define ROOT_ACCESS_ENTRY "root_access" #define ROOT_ACCESS_ENTRY "root_access"
#define ROOT_ACCESS_DISABLED 0 #define ROOT_ACCESS_DISABLED 0
#define ROOT_ACCESS_APPS_ONLY 1 #define ROOT_ACCESS_APPS_ONLY 1
#define ROOT_ACCESS_ADB_ONLY 2 #define ROOT_ACCESS_ADB_ONLY 2
#define ROOT_ACCESS_APPS_AND_ADB 3 #define ROOT_ACCESS_APPS_AND_ADB 3
// Property for multiuser // DB settings for multiuser
#define MULTIUSER_MODE_ENTRY "multiuser_mode" #define MULTIUSER_MODE_ENTRY "multiuser_mode"
#define MULTIUSER_MODE_OWNER_ONLY 0 #define MULTIUSER_MODE_OWNER_ONLY 0
#define MULTIUSER_MODE_OWNER_MANAGED 1 #define MULTIUSER_MODE_OWNER_MANAGED 1
#define MULTIUSER_MODE_USER 2 #define MULTIUSER_MODE_USER 2
// DB settings for namespace seperation
#define NAMESPACE_MODE_ENTRY "mnt_ns"
#define NAMESPACE_MODE_GLOBAL 0
#define NAMESPACE_MODE_REQUESTER 1
#define NAMESPACE_MODE_ISOLATE 2
// DO NOT CHANGE LINE BELOW, java package name will always be the same // DO NOT CHANGE LINE BELOW, java package name will always be the same
#define JAVA_PACKAGE_NAME "com.topjohnwu.magisk" #define JAVA_PACKAGE_NAME "com.topjohnwu.magisk"
@ -59,6 +65,7 @@ struct su_info {
int clock; int clock;
int multiuser_mode; int multiuser_mode;
int root_access; int root_access;
int mnt_ns;
struct list_head pos; struct list_head pos;
}; };

19
su_daemon.c
View File

@ -10,6 +10,7 @@
#include <fcntl.h> #include <fcntl.h>
#include <string.h> #include <string.h>
#include <signal.h> #include <signal.h>
#include <sched.h>
#include <sys/socket.h> #include <sys/socket.h>
#include <sys/types.h> #include <sys/types.h>
#include <sys/stat.h> #include <sys/stat.h>
@ -260,6 +261,24 @@ void su_daemon_receiver(int client) {
// Become session leader // Become session leader
xsetsid(); xsetsid();
// Handle namespaces
switch (info->mnt_ns) {
case NAMESPACE_MODE_GLOBAL:
LOGD("su: use global namespace\n");
break;
case NAMESPACE_MODE_REQUESTER:
LOGD("su: use namespace of pid=[%d]\n", su_ctx->pid);
if (switch_mnt_ns(su_ctx->pid)) {
LOGD("su: setns failed, fallback to isolated\n");
unshare(CLONE_NEWNS);
}
break;
case NAMESPACE_MODE_ISOLATE:
LOGD("su: use new isolated namespace\n");
unshare(CLONE_NEWNS);
break;
}
// Let's read some info from the socket // Let's read some info from the socket
int argc = read_int(client); int argc = read_int(client);
if (argc < 0 || argc > 512) { if (argc < 0 || argc > 512) {