object *make_environment(void) { object *env; env = setup_environment(); populate_environment(env); return env; }
static __attribute__ ((noreturn)) void allow(struct su_context *ctx) { char *arg0; int argc, err; umask(ctx->umask); // No send to UI accepted requests for shell and root users (they are in the log) // if( ctx->from.uid != AID_SHELL && ctx->from.uid != AID_ROOT ) { send_result(ctx, ALLOW); // } arg0 = strrchr (ctx->to.shell, '/'); arg0 = (arg0) ? arg0 + 1 : ctx->to.shell; if (ctx->to.login) { int s = strlen(arg0) + 2; char *p = malloc(s); if (!p) exit(EXIT_FAILURE); *p = '-'; strcpy(p + 1, arg0); arg0 = p; } populate_environment(ctx); set_identity(ctx->to.uid); #define PARG(arg) \ (ctx->to.optind + (arg) < ctx->to.argc) ? " " : "", \ (ctx->to.optind + (arg) < ctx->to.argc) ? ctx->to.argv[ctx->to.optind + (arg)] : "" LOGD("%u %s executing %u %s using shell %s : %s%s%s%s%s%s%s%s%s%s%s%s%s%s", ctx->from.uid, ctx->from.bin, ctx->to.uid, get_command(&ctx->to), ctx->to.shell, arg0, PARG(0), PARG(1), PARG(2), PARG(3), PARG(4), PARG(5), (ctx->to.optind + 6 < ctx->to.argc) ? " ..." : ""); argc = ctx->to.optind; if (ctx->to.command) { ctx->to.argv[--argc] = ctx->to.command; ctx->to.argv[--argc] = "-c"; } ctx->to.argv[--argc] = arg0; execv(ctx->to.shell, ctx->to.argv + argc); err = errno; PLOGE("exec"); fprintf(stderr, "Cannot execute %s: %s\n", ctx->to.shell, strerror(err)); exit(EXIT_FAILURE); }
static __attribute__ ((noreturn)) void allow(struct su_context *ctx) { char *arg0; int argc, err; hacks_update_context(ctx); umask(ctx->umask); int send_to_app = 1; // no need to log if called by root if (ctx->from.uid == AID_ROOT) send_to_app = 0; // dumpstate (which logs to logcat/shell) will spam the crap out of the system with su calls if (strcmp("/system/bin/dumpstate", ctx->from.bin) == 0) send_to_app = 0; if (send_to_app) send_result(ctx, ALLOW); if(ctx->bind.from[0] && ctx->bind.to[0]) allow_bind(ctx); if(ctx->init[0]) allow_init(ctx); char *binary; argc = ctx->to.optind; if (ctx->to.command) { binary = ctx->to.shell; ctx->to.argv[--argc] = ctx->to.command; ctx->to.argv[--argc] = "-c"; } else if (ctx->to.shell) { binary = ctx->to.shell; } else { if (ctx->to.argv[argc]) { binary = ctx->to.argv[argc++]; } else { binary = DEFAULT_SHELL; } } arg0 = strrchr (binary, '/'); arg0 = (arg0) ? arg0 + 1 : binary; if (ctx->to.login) { int s = strlen(arg0) + 2; char *p = malloc(s); if (!p) exit(EXIT_FAILURE); *p = '-'; strcpy(p + 1, arg0); arg0 = p; } populate_environment(ctx); set_identity(ctx->to.uid); #define PARG(arg) \ (argc + (arg) < ctx->to.argc) ? " " : "", \ (argc + (arg) < ctx->to.argc) ? ctx->to.argv[argc + (arg)] : "" LOGD("%u %s executing %u %s using binary %s : %s%s%s%s%s%s%s%s%s%s%s%s%s%s", ctx->from.uid, ctx->from.bin, ctx->to.uid, get_command(&ctx->to), binary, arg0, PARG(0), PARG(1), PARG(2), PARG(3), PARG(4), PARG(5), (ctx->to.optind + 6 < ctx->to.argc) ? " ..." : ""); if(ctx->to.context && strcmp(ctx->to.context, "u:r:su_light:s0") == 0) { setexeccon(ctx->to.context); } else { setexeccon("u:r:su:s0"); } ctx->to.argv[--argc] = arg0; execvp(binary, ctx->to.argv + argc); err = errno; PLOGE("exec"); fprintf(stderr, "Cannot execute %s: %s\n", binary, strerror(err)); exit(EXIT_FAILURE); }
static __attribute__ ((noreturn)) void allow(const struct su_context *ctx) { char *arg0; int argc, err; umask(ctx->umask); send_intent(ctx, "", 1, ACTION_RESULT); arg0 = strrchr (ctx->to.shell, '/'); arg0 = (arg0) ? arg0 + 1 : ctx->to.shell; if (ctx->to.login) { int s = strlen(arg0) + 2; char *p = malloc(s); if (!p) exit(EXIT_FAILURE); *p = '-'; strcpy(p + 1, arg0); arg0 = p; } /* * Set effective uid back to root, otherwise setres[ug]id will fail * if ctx->to.uid isn't root. */ if (seteuid(0)) { PLOGE("seteuid (root)"); exit(EXIT_FAILURE); } populate_environment(ctx); if (setresgid(ctx->to.uid, ctx->to.uid, ctx->to.uid)) { PLOGE("setresgid (%u)", ctx->to.uid); exit(EXIT_FAILURE); } if (setresuid(ctx->to.uid, ctx->to.uid, ctx->to.uid)) { PLOGE("setresuid (%u)", ctx->to.uid); exit(EXIT_FAILURE); } #define PARG(arg) \ (ctx->to.optind + (arg) < ctx->to.argc) ? " " : "", \ (ctx->to.optind + (arg) < ctx->to.argc) ? ctx->to.argv[ctx->to.optind + (arg)] : "" LOGD("%u %s executing %u %s using shell %s : %s%s%s%s%s%s%s%s%s%s%s%s%s%s", ctx->from.uid, ctx->from.bin, ctx->to.uid, get_command(&ctx->to), ctx->to.shell, arg0, PARG(0), PARG(1), PARG(2), PARG(3), PARG(4), PARG(5), (ctx->to.optind + 6 < ctx->to.argc) ? " ..." : ""); argc = ctx->to.optind; if (ctx->to.command) { ctx->to.argv[--argc] = ctx->to.command; ctx->to.argv[--argc] = "-c"; } ctx->to.argv[--argc] = arg0; execv(ctx->to.shell, ctx->to.argv + argc); err = errno; PLOGE("exec"); fprintf(stderr, "Cannot execute %s: %s\n", ctx->to.shell, strerror(err)); exit(EXIT_FAILURE); }