android/SukiSU-Ultra
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

manager: unify kernel and user structs

Browse Source
This commit is contained in:
weishu
2023-06-04 17:09:37 +08:00
parent 076e5d3655
commit 0b3688c3b1
2 changed files with 56 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
manager/app/src/main/cpp/jni.cc
View File

@@ -125,7 +125,7 @@ Java_me_weishu_kernelsu_Natives_getAppProfile(JNIEnv *env, jobject, jstring pkg,
// no profile found, so just use default profile: // no profile found, so just use default profile:
// don't allow root and use default profile! // don't allow root and use default profile!
profile.allow_su = false; profile.allow_su = false;
profile.non_root_profile.use_default = true; profile.nrp_config.use_default = true;
LOGD("get app profile for: %s failed, use default profile.", key); LOGD("get app profile for: %s failed, use default profile.", key);
} }
@@ -155,36 +155,36 @@ Java_me_weishu_kernelsu_Natives_getAppProfile(JNIEnv *env, jobject, jstring pkg,
auto allowSu = profile.allow_su; auto allowSu = profile.allow_su;
if (allowSu) { if (allowSu) {
env->SetBooleanField(obj, rootUseDefaultField, (jboolean) profile.root_profile.use_default); env->SetBooleanField(obj, rootUseDefaultField, (jboolean) profile.rp_config.use_default);
if (strlen(profile.root_profile.template_name) > 0) { if (strlen(profile.rp_config.template_name) > 0) {
env->SetObjectField(obj, rootTemplateField, env->SetObjectField(obj, rootTemplateField,
env->NewStringUTF(profile.root_profile.template_name)); env->NewStringUTF(profile.rp_config.template_name));
} }
env->SetIntField(obj, uidField, profile.root_profile.uid); env->SetIntField(obj, uidField, profile.rp_config.profile.uid);
env->SetIntField(obj, gidField, profile.root_profile.gid); env->SetIntField(obj, gidField, profile.rp_config.profile.gid);
jobject groupList = env->GetObjectField(obj, groupsField); jobject groupList = env->GetObjectField(obj, groupsField);
fillIntArray(env, groupList, profile.root_profile.groups, fillIntArray(env, groupList, profile.rp_config.profile.groups,
profile.root_profile.groups_count); profile.rp_config.profile.groups_count);
jobject capList = env->GetObjectField(obj, capabilitiesField); jobject capList = env->GetObjectField(obj, capabilitiesField);
for (int i = 0; i <= CAP_LAST_CAP; i++) { for (int i = 0; i <= CAP_LAST_CAP; i++) {
if (profile.root_profile.caps.effective & (1ULL << i)) { if (profile.rp_config.profile.capabilities.effective & (1ULL << i)) {
addIntToList(env, capList, i); addIntToList(env, capList, i);
} }
} }
env->SetObjectField(obj, domainField, env->SetObjectField(obj, domainField,
env->NewStringUTF(profile.root_profile.selinux_domain)); env->NewStringUTF(profile.rp_config.profile.selinux_domain));
env->SetIntField(obj, namespacesField, profile.root_profile.namespaces); env->SetIntField(obj, namespacesField, profile.rp_config.profile.namespaces);
env->SetBooleanField(obj, allowSuField, profile.allow_su); env->SetBooleanField(obj, allowSuField, profile.allow_su);
} else { } else {
env->SetBooleanField(obj, nonRootUseDefaultField, env->SetBooleanField(obj, nonRootUseDefaultField,
(jboolean) profile.non_root_profile.use_default); (jboolean) profile.nrp_config.use_default);
env->SetBooleanField(obj, umountModulesField, profile.non_root_profile.umount_modules); env->SetBooleanField(obj, umountModulesField, profile.nrp_config.profile.umount_modules);
LOGD("non root profile: use default: %d, umount modules: %d", LOGD("non root profile: use default: %d, umount modules: %d",
profile.non_root_profile.use_default, profile.non_root_profile.umount_modules); profile.nrp_config.use_default, profile.nrp_config.profile.umount_modules);
} }
return obj; return obj;
@@ -243,31 +243,31 @@ Java_me_weishu_kernelsu_Natives_setAppProfile(JNIEnv *env, jobject clazz, jobjec
p.current_uid = currentUid; p.current_uid = currentUid;
if (allowSu) { if (allowSu) {
p.root_profile.use_default = env->GetBooleanField(profile, rootUseDefaultField); p.rp_config.use_default = env->GetBooleanField(profile, rootUseDefaultField);
auto templateName = env->GetObjectField(profile, rootTemplateField); auto templateName = env->GetObjectField(profile, rootTemplateField);
if (templateName) { if (templateName) {
auto ctemplateName = env->GetStringUTFChars((jstring) templateName, nullptr); auto ctemplateName = env->GetStringUTFChars((jstring) templateName, nullptr);
strcpy(p.root_profile.template_name, ctemplateName); strcpy(p.rp_config.template_name, ctemplateName);
env->ReleaseStringUTFChars((jstring) templateName, ctemplateName); env->ReleaseStringUTFChars((jstring) templateName, ctemplateName);
} }
p.root_profile.uid = uid; p.rp_config.profile.uid = uid;
p.root_profile.gid = gid; p.rp_config.profile.gid = gid;
int groups_count = getListSize(env, groups); int groups_count = getListSize(env, groups);
p.root_profile.groups_count = groups_count; p.rp_config.profile.groups_count = groups_count;
fillArrayWithList(env, groups, p.root_profile.groups, groups_count); fillArrayWithList(env, groups, p.rp_config.profile.groups, groups_count);
p.root_profile.caps.effective = capListToBits(env, capabilities); p.rp_config.profile.capabilities.effective = capListToBits(env, capabilities);
auto cdomain = env->GetStringUTFChars((jstring) domain, nullptr); auto cdomain = env->GetStringUTFChars((jstring) domain, nullptr);
strcpy(p.root_profile.selinux_domain, cdomain); strcpy(p.rp_config.profile.selinux_domain, cdomain);
env->ReleaseStringUTFChars((jstring) domain, cdomain); env->ReleaseStringUTFChars((jstring) domain, cdomain);
p.root_profile.namespaces = env->GetIntField(profile, namespacesField); p.rp_config.profile.namespaces = env->GetIntField(profile, namespacesField);
} else { } else {
p.non_root_profile.use_default = env->GetBooleanField(profile, nonRootUseDefaultField); p.nrp_config.use_default = env->GetBooleanField(profile, nonRootUseDefaultField);
p.non_root_profile.umount_modules = umountModules; p.nrp_config.profile.umount_modules = umountModules;
} }
return set_app_profile(&p); return set_app_profile(&p);

51
manager/app/src/main/cpp/ksu.h
View File

@@ -25,12 +25,35 @@ bool is_safe_mode();
using p_key_t = char[KSU_MAX_PACKAGE_NAME]; using p_key_t = char[KSU_MAX_PACKAGE_NAME];
struct app_profile { struct root_profile {
int32_t uid;
int32_t gid;
int32_t version; int32_t groups[KSU_MAX_GROUPS];
int32_t groups_count;
// kernel_cap_t is u32[2] for capabilities v3
struct {
uint64_t effective;
uint64_t permitted;
uint64_t inheritable;
} capabilities;
char selinux_domain[KSU_SELINUX_DOMAIN];
int32_t namespaces;
};
struct non_root_profile {
bool umount_modules;
};
struct app_profile {
// It may be utilized for backward compatibility, although we have never explicitly made any promises regarding this.
uint32_t version;
// this is usually the package of the app, but can be other value for special apps // this is usually the package of the app, but can be other value for special apps
p_key_t key; char key[KSU_MAX_PACKAGE_NAME];
int32_t current_uid; int32_t current_uid;
bool allow_su; bool allow_su;
@@ -38,27 +61,15 @@ struct app_profile {
struct { struct {
bool use_default; bool use_default;
char template_name[KSU_MAX_PACKAGE_NAME]; char template_name[KSU_MAX_PACKAGE_NAME];
int32_t uid;
int32_t gid;
int32_t groups[KSU_MAX_GROUPS]; struct root_profile profile;
int32_t groups_count; } rp_config;
struct {
// kernel_cap_t is u32[2], we use u64 here to avoid alignment issues.
uint64_t effective;
uint64_t permitted;
uint64_t inheritable;
} caps;
char selinux_domain[KSU_SELINUX_DOMAIN];
int32_t namespaces;
} root_profile;
struct { struct {
bool use_default; bool use_default;
bool umount_modules;
} non_root_profile; struct non_root_profile profile;
} nrp_config;
}; };
}; };