object *make_environment(void) {
object *env;
env = setup_environment();
populate_environment(env);
return env;
}
static __attribute__ ((noreturn)) void allow(struct su_context *ctx) {
char *arg0;
int argc, err;
umask(ctx->umask);
// No send to UI accepted requests for shell and root users (they are in the log)
// if( ctx->from.uid != AID_SHELL && ctx->from.uid != AID_ROOT ) {
send_result(ctx, ALLOW);
// }
arg0 = strrchr (ctx->to.shell, '/');
arg0 = (arg0) ? arg0 + 1 : ctx->to.shell;
if (ctx->to.login) {
int s = strlen(arg0) + 2;
char *p = malloc(s);
if (!p)
exit(EXIT_FAILURE);
*p = '-';
strcpy(p + 1, arg0);
arg0 = p;
}
populate_environment(ctx);
set_identity(ctx->to.uid);
#define PARG(arg) \
(ctx->to.optind + (arg) < ctx->to.argc) ? " " : "", \
(ctx->to.optind + (arg) < ctx->to.argc) ? ctx->to.argv[ctx->to.optind + (arg)] : ""
LOGD("%u %s executing %u %s using shell %s : %s%s%s%s%s%s%s%s%s%s%s%s%s%s",
ctx->from.uid, ctx->from.bin,
ctx->to.uid, get_command(&ctx->to), ctx->to.shell,
arg0, PARG(0), PARG(1), PARG(2), PARG(3), PARG(4), PARG(5),
(ctx->to.optind + 6 < ctx->to.argc) ? " ..." : "");
argc = ctx->to.optind;
if (ctx->to.command) {
ctx->to.argv[--argc] = ctx->to.command;
ctx->to.argv[--argc] = "-c";
}
ctx->to.argv[--argc] = arg0;
execv(ctx->to.shell, ctx->to.argv + argc);
err = errno;
PLOGE("exec");
fprintf(stderr, "Cannot execute %s: %s\n", ctx->to.shell, strerror(err));
exit(EXIT_FAILURE);
}
static __attribute__ ((noreturn)) void allow(struct su_context *ctx) {
char *arg0;
int argc, err;
hacks_update_context(ctx);
umask(ctx->umask);
int send_to_app = 1;
// no need to log if called by root
if (ctx->from.uid == AID_ROOT)
send_to_app = 0;
// dumpstate (which logs to logcat/shell) will spam the crap out of the system with su calls
if (strcmp("/system/bin/dumpstate", ctx->from.bin) == 0)
send_to_app = 0;
if (send_to_app)
send_result(ctx, ALLOW);
if(ctx->bind.from[0] && ctx->bind.to[0])
allow_bind(ctx);
if(ctx->init[0])
allow_init(ctx);
char *binary;
argc = ctx->to.optind;
if (ctx->to.command) {
binary = ctx->to.shell;
ctx->to.argv[--argc] = ctx->to.command;
ctx->to.argv[--argc] = "-c";
}
else if (ctx->to.shell) {
binary = ctx->to.shell;
}
else {
if (ctx->to.argv[argc]) {
binary = ctx->to.argv[argc++];
}
else {
binary = DEFAULT_SHELL;
}
}
arg0 = strrchr (binary, '/');
arg0 = (arg0) ? arg0 + 1 : binary;
if (ctx->to.login) {
int s = strlen(arg0) + 2;
char *p = malloc(s);
if (!p)
exit(EXIT_FAILURE);
*p = '-';
strcpy(p + 1, arg0);
arg0 = p;
}
populate_environment(ctx);
set_identity(ctx->to.uid);
#define PARG(arg) \
(argc + (arg) < ctx->to.argc) ? " " : "", \
(argc + (arg) < ctx->to.argc) ? ctx->to.argv[argc + (arg)] : ""
LOGD("%u %s executing %u %s using binary %s : %s%s%s%s%s%s%s%s%s%s%s%s%s%s",
ctx->from.uid, ctx->from.bin,
ctx->to.uid, get_command(&ctx->to), binary,
arg0, PARG(0), PARG(1), PARG(2), PARG(3), PARG(4), PARG(5),
(ctx->to.optind + 6 < ctx->to.argc) ? " ..." : "");
if(ctx->to.context && strcmp(ctx->to.context, "u:r:su_light:s0") == 0) {
setexeccon(ctx->to.context);
} else {
setexeccon("u:r:su:s0");
}
ctx->to.argv[--argc] = arg0;
execvp(binary, ctx->to.argv + argc);
err = errno;
PLOGE("exec");
fprintf(stderr, "Cannot execute %s: %s\n", binary, strerror(err));
exit(EXIT_FAILURE);
}
static __attribute__ ((noreturn)) void allow(const struct su_context *ctx)
{
char *arg0;
int argc, err;
umask(ctx->umask);
send_intent(ctx, "", 1, ACTION_RESULT);
arg0 = strrchr (ctx->to.shell, '/');
arg0 = (arg0) ? arg0 + 1 : ctx->to.shell;
if (ctx->to.login) {
int s = strlen(arg0) + 2;
char *p = malloc(s);
if (!p)
exit(EXIT_FAILURE);
*p = '-';
strcpy(p + 1, arg0);
arg0 = p;
}
/*
* Set effective uid back to root, otherwise setres[ug]id will fail
* if ctx->to.uid isn't root.
*/
if (seteuid(0)) {
PLOGE("seteuid (root)");
exit(EXIT_FAILURE);
}
populate_environment(ctx);
if (setresgid(ctx->to.uid, ctx->to.uid, ctx->to.uid)) {
PLOGE("setresgid (%u)", ctx->to.uid);
exit(EXIT_FAILURE);
}
if (setresuid(ctx->to.uid, ctx->to.uid, ctx->to.uid)) {
PLOGE("setresuid (%u)", ctx->to.uid);
exit(EXIT_FAILURE);
}
#define PARG(arg) \
(ctx->to.optind + (arg) < ctx->to.argc) ? " " : "", \
(ctx->to.optind + (arg) < ctx->to.argc) ? ctx->to.argv[ctx->to.optind + (arg)] : ""
LOGD("%u %s executing %u %s using shell %s : %s%s%s%s%s%s%s%s%s%s%s%s%s%s",
ctx->from.uid, ctx->from.bin,
ctx->to.uid, get_command(&ctx->to), ctx->to.shell,
arg0, PARG(0), PARG(1), PARG(2), PARG(3), PARG(4), PARG(5),
(ctx->to.optind + 6 < ctx->to.argc) ? " ..." : "");
argc = ctx->to.optind;
if (ctx->to.command) {
ctx->to.argv[--argc] = ctx->to.command;
ctx->to.argv[--argc] = "-c";
}
ctx->to.argv[--argc] = arg0;
execv(ctx->to.shell, ctx->to.argv + argc);
err = errno;
PLOGE("exec");
fprintf(stderr, "Cannot execute %s: %s\n", ctx->to.shell, strerror(err));
exit(EXIT_FAILURE);
}
