android/SukiSU-Ultra
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

manager: Add default minimal caps for default root profile

Browse Source
This commit is contained in:
weishu
2023-06-05 09:07:38 +08:00
parent e8755f8ae0
commit 9ae0126be5
1 changed files with 21 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
manager/app/src/main/cpp/jni.cc
View File

@@ -121,13 +121,7 @@ Java_me_weishu_kernelsu_Natives_getAppProfile(JNIEnv *env, jobject, jstring pkg,
strcpy(profile.key, key); strcpy(profile.key, key);
profile.current_uid = uid; profile.current_uid = uid;
if (!get_app_profile(key, &profile)) { bool useDefaultProfile = !get_app_profile(key, &profile);
// no profile found, so just use default profile:
// don't allow root and use default profile!
profile.allow_su = false;
profile.nrp_config.use_default = true;
LOGD("get app profile for: %s failed, use default profile.", key);
}
auto cls = env->FindClass("me/weishu/kernelsu/Natives$Profile"); auto cls = env->FindClass("me/weishu/kernelsu/Natives$Profile");
auto constructor = env->GetMethodID(cls, "<init>", "()V"); auto constructor = env->GetMethodID(cls, "<init>", "()V");
@@ -149,6 +143,26 @@ Java_me_weishu_kernelsu_Natives_getAppProfile(JNIEnv *env, jobject, jstring pkg,
auto nonRootUseDefaultField = env->GetFieldID(cls, "nonRootUseDefault", "Z"); auto nonRootUseDefaultField = env->GetFieldID(cls, "nonRootUseDefault", "Z");
auto umountModulesField = env->GetFieldID(cls, "umountModules", "Z"); auto umountModulesField = env->GetFieldID(cls, "umountModules", "Z");
if (useDefaultProfile) {
// no profile found, so just use default profile:
// don't allow root and use default profile!
LOGD("use default profile for: %s, %d", key, uid);
// allow_su = false
// non root use default = true
env->SetBooleanField(obj, allowSuField, false);
env->SetBooleanField(obj, nonRootUseDefaultField, true);
jobject capList = env->GetObjectField(obj, capabilitiesField);
int DEFAULT_CAPS[] = {CAP_DAC_OVERRIDE };
for (auto i: DEFAULT_CAPS) {
addIntToList(env, capList, i);
}
return obj;
}
env->SetObjectField(obj, keyField, env->NewStringUTF(profile.key)); env->SetObjectField(obj, keyField, env->NewStringUTF(profile.key));
env->SetIntField(obj, currentUidField, profile.current_uid); env->SetIntField(obj, currentUidField, profile.current_uid);
@@ -183,8 +197,6 @@ Java_me_weishu_kernelsu_Natives_getAppProfile(JNIEnv *env, jobject, jstring pkg,
env->SetBooleanField(obj, nonRootUseDefaultField, env->SetBooleanField(obj, nonRootUseDefaultField,
(jboolean) profile.nrp_config.use_default); (jboolean) profile.nrp_config.use_default);
env->SetBooleanField(obj, umountModulesField, profile.nrp_config.profile.umount_modules); env->SetBooleanField(obj, umountModulesField, profile.nrp_config.profile.umount_modules);
LOGD("non root profile: use default: %d, umount modules: %d",
profile.nrp_config.use_default, profile.nrp_config.profile.umount_modules);
} }
return obj; return obj;