rename to proxy_file

userspace/ksud/src/defs.rs

@@ -40,5 +40,3 @@ pub const BACKUP_FILENAME: &str = "stock_image.sha1";
 
 pub const NO_TMPFS_PATH: &str = concatcp!(WORKING_DIR, ".notmpfs");
 pub const NO_MOUNT_PATH: &str = concatcp!(WORKING_DIR, ".nomount");
-
-pub const NO_FD_WRAPPER_PATH: &str = concatcp!(WORKING_DIR, ".nofdwrapper");

userspace/ksud/src/ksucalls.rs

@@ -15,7 +15,7 @@ const KSU_IOCTL_SET_SEPOLICY: u32 = 0xc0004b04; // _IOC(_IOC_READ|_IOC_WRITE, 'K
 const KSU_IOCTL_CHECK_SAFEMODE: u32 = 0x80004b05; // _IOC(_IOC_READ, 'K', 5, 0)
 const KSU_IOCTL_GET_FEATURE: u32 = 0xc0004b0d; // _IOC(_IOC_READ|_IOC_WRITE, 'K', 13, 0)
 const KSU_IOCTL_SET_FEATURE: u32 = 0x40004b0e; // _IOC(_IOC_WRITE, 'K', 14, 0)
-const KSU_IOCTL_GET_WRAPPER_FD: u32 = 0x00006f10; // _IOC(_IOC_NONE, 'K', 10000, 0)
+const KSU_IOCTL_PROXY_FILE: u32 = 0x00004b0f; // _IOC(_IOC_NONE, 'K', 15, 0)
 #[allow(dead_code)]
 const KSU_IOCTL_KPM: u32 = 0xc0004bc8; // _IOC(_IOC_READ|_IOC_WRITE, 'K', 200, 0)
 #[allow(dead_code)]
@@ -63,7 +63,7 @@ struct SetFeatureCmd {
 
 #[repr(C)]
 #[derive(Clone, Copy, Default)]
-struct GetWrapperFdCmd {
+struct ProxyFileCmd {
     fd: i32,
     flags: u32,
 }
@@ -233,9 +233,9 @@ pub fn set_feature(feature_id: u32, value: u64) -> std::io::Result<()> {
     Ok(())
 }
 
-pub fn get_wrapped_fd(fd: RawFd) -> std::io::Result<RawFd> {
-    let mut cmd = GetWrapperFdCmd { fd, flags: 0 };
-    let result = ksuctl(KSU_IOCTL_GET_WRAPPER_FD, &mut cmd as *mut _)?;
+pub fn proxy_file(fd: RawFd) -> std::io::Result<RawFd> {
+    let mut cmd = ProxyFileCmd { fd, flags: 0 };
+    let result = ksuctl(KSU_IOCTL_PROXY_FILE, &mut cmd as *mut _)?;
     Ok(result)
 }
 

userspace/ksud/src/su.rs

@@ -9,9 +9,7 @@ use log::{debug, error, info};
 #[cfg(unix)]
 use std::os::unix::process::CommandExt;
 use std::{env, ffi::CStr, path::PathBuf, process::Command};
-
-use crate::defs::NO_FD_WRAPPER_PATH;
-use crate::ksucalls::get_wrapped_fd;
+use crate::ksucalls::proxy_file;
 
 #[cfg(any(target_os = "linux", target_os = "android"))]
 use rustix::{
@@ -70,10 +68,10 @@ fn set_identity(uid: u32, gid: u32, groups: &[u32]) {
 fn wrap_tty(fd: c_int) {
     let inner_fn = move || -> Result<()> {
         if unsafe { libc::isatty(fd) != 1 } {
-            debug!("not a tty: {fd}");
+            warn!("not a tty: {fd}");
             return Ok(());
         }
-        let new_fd = get_wrapped_fd(fd).context("get_wrapped_fd")?;
+        let new_fd = proxy_file(fd).context("proxy_file")?;
         if unsafe { libc::dup2(new_fd, fd) } == -1 {
             bail!("dup {new_fd} -> {fd} errno: {}", unsafe {
                 *libc::__errno()
@@ -149,8 +147,6 @@ pub fn root_shell() -> Result<()> {
         "Specify a supplementary group. The first specified supplementary group is also used as a primary group if the option -g is not specified.",
         "GROUP",
     );
-    opts.optflag("w", "wrapper", "Use mksu fd wrapper");
-    opts.optflag("W", "no-wrapper", "Don't use mksu fd wrapper");
 
     // Replace -cn with -z, -mm with -M for supporting getopt_long
     let args = args
@@ -194,11 +190,6 @@ pub fn root_shell() -> Result<()> {
     let mut is_login = matches.opt_present("l");
     let preserve_env = matches.opt_present("p");
     let mount_master = matches.opt_present("M");
-    let use_fd_wrapper = (!std::path::Path::new(NO_FD_WRAPPER_PATH).exists()
-        || matches.opt_present("w"))
-        && !matches.opt_present("W");
-
-    info!("use_fd_wrapper={use_fd_wrapper}");
 
     let groups = matches
         .opt_strs("G")
@@ -298,7 +289,7 @@ pub fn root_shell() -> Result<()> {
             }
 
             #[cfg(target_os = "android")]
-            if use_fd_wrapper {
+            if true {
                 wrap_tty(0);
                 wrap_tty(1);
                 wrap_tty(2);