android/SukiSU-Ultra
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Use rustix to replace some unsafe calls

Browse Source
This commit is contained in:
LoveSy
2024-01-31 23:09:04 +08:00
parent 4b1fb121b4
commit c1a2cbf1e4
5 changed files with 46 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
userspace/ksud/Cargo.lock generated
View File

@@ -256,9 +256,9 @@ dependencies = [
[[package]] [[package]]
name = "clang-sys" name = "clang-sys"
version = "1.4.0" version = "1.7.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fa2e27ae6ab525c3d369ded447057bca5438d86dc3a68f6faafb8269ba82ebf3" checksum = "67523a3b4be3ce1989d607a828d036249522dd9c1c8de7f4dd2dae43a37369d1"
dependencies = [ dependencies = [
"glob", "glob",
"libc", "libc",
@@ -858,6 +858,7 @@ dependencies = [
"regex", "regex",
"retry", "retry",
"rust-embed", "rust-embed",
"rustix 0.38.30",
"serde", "serde",
"serde_json", "serde_json",
"sha256", "sha256",
@@ -908,12 +909,12 @@ dependencies = [
[[package]] [[package]]
name = "libloading" name = "libloading"
version = "0.7.4" version = "0.8.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b67380fd3b2fbe7527a606e18729d21c6f3951633d0500574c4dc22d2d638b9f" checksum = "c571b676ddfc9a8c12f1f3d3085a7b163966a8fd8098a90640953ce5f6170161"
dependencies = [ dependencies = [
"cfg-if 1.0.0", "cfg-if 1.0.0",
"winapi", "windows-sys 0.48.0",
] ]
[[package]] [[package]]
@@ -1376,8 +1377,10 @@ checksum = "322394588aaf33c24007e8bb3238ee3e4c5c09c084ab32bc73890b99ff326bca"
dependencies = [ dependencies = [
"bitflags 2.4.1", "bitflags 2.4.1",
"errno 0.3.8", "errno 0.3.8",
"itoa",
"libc", "libc",
"linux-raw-sys 0.4.13", "linux-raw-sys 0.4.13",
"once_cell",
"windows-sys 0.52.0", "windows-sys 0.52.0",
] ]
@@ -1456,9 +1459,9 @@ dependencies = [
[[package]] [[package]]
name = "shlex" name = "shlex"
version = "1.1.0" version = "1.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "43b2853a4d09f215c24cc5489c992ce46052d359b5109343cbafbf26bc62f8a3" checksum = "0fda2ff0d084019ba4d7c6f371c95d8fd75ce3524c3cb8fb653a3023f6323e64"
[[package]] [[package]]
name = "smart-default" name = "smart-default"
@@ -1598,11 +1601,10 @@ dependencies = [
[[package]] [[package]]
name = "tracing" name = "tracing"
version = "0.1.37" version = "0.1.40"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8ce8c33a8d48bd45d624a6e523445fd21ec13d3653cd51f681abf67418f54eb8" checksum = "c3523ab5a71916ccf420eebdf5521fcef02141234bbc0b8a49f2fdc4544364ef"
dependencies = [ dependencies = [
"cfg-if 1.0.0",
"pin-project-lite", "pin-project-lite",
"tracing-attributes", "tracing-attributes",
"tracing-core", "tracing-core",
@@ -1610,20 +1612,20 @@ dependencies = [
[[package]] [[package]]
name = "tracing-attributes" name = "tracing-attributes"
version = "0.1.23" version = "0.1.27"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4017f8f45139870ca7e672686113917c71c7a6e02d4924eda67186083c03081a" checksum = "34704c8d6ebcbc939824180af020566b01a7c01f80641264eba0999f6c2b6be7"
dependencies = [ dependencies = [
"proc-macro2", "proc-macro2",
"quote", "quote",
"syn 1.0.107", "syn 2.0.48",
] ]
[[package]] [[package]]
name = "tracing-core" name = "tracing-core"
version = "0.1.30" version = "0.1.32"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "24eb03ba0eab1fd845050058ce5e616558e8f8d8fca633e6b163fe25c797213a" checksum = "c06d3da6113f116aaee68e4d601191614c9053067f9ab7f6edbcb161237daa54"
dependencies = [ dependencies = [
"once_cell", "once_cell",
] ]

1
userspace/ksud/Cargo.toml
View File

@@ -40,6 +40,7 @@ hole-punch = { git = "https://github.com/tiann/hole-punch" }
[target.'cfg(any(target_os = "android", target_os = "linux"))'.dependencies] [target.'cfg(any(target_os = "android", target_os = "linux"))'.dependencies]
sys-mount = { git = "https://github.com/tiann/sys-mount", branch = "loopfix" } sys-mount = { git = "https://github.com/tiann/sys-mount", branch = "loopfix" }
rustix = { version = "0.38", features = ["all-apis"] }
# some android specific dependencies which compiles under unix are also listed here for convenience of coding # some android specific dependencies which compiles under unix are also listed here for convenience of coding
android-properties = { version = "0.2.2", features = ["bionic-deprecated"] } android-properties = { version = "0.2.2", features = ["bionic-deprecated"] }
procfs = "0.16" procfs = "0.16"

1
userspace/ksud/src/event.rs
View File

@@ -1,6 +1,5 @@
use anyhow::{bail, Context, Result}; use anyhow::{bail, Context, Result};
use log::{info, warn}; use log::{info, warn};
use std::path::PathBuf;
use std::{collections::HashMap, path::Path}; use std::{collections::HashMap, path::Path};
use crate::module::prune_modules; use crate::module::prune_modules;

17
userspace/ksud/src/ksu.rs
View File

@@ -14,6 +14,12 @@ use crate::{
utils::{self, umask}, utils::{self, umask},
}; };
#[cfg(any(target_os = "linux", target_os = "android"))]
use rustix::{
process::getuid,
thread::{set_thread_res_gid, set_thread_res_uid, Gid, Uid},
};
pub const KERNEL_SU_OPTION: u32 = 0xDEAD_BEEF; pub const KERNEL_SU_OPTION: u32 = 0xDEAD_BEEF;
const CMD_GRANT_ROOT: u64 = 0; const CMD_GRANT_ROOT: u64 = 0;
@@ -65,8 +71,13 @@ fn set_identity(uid: u32, gid: u32, groups: &[u32]) {
if !groups.is_empty() { if !groups.is_empty() {
libc::setgroups(groups.len(), groups.as_ptr()); libc::setgroups(groups.len(), groups.as_ptr());
} }
libc::setresgid(gid, gid, gid); }
libc::setresuid(uid, uid, uid); #[cfg(any(target_os = "linux", target_os = "android"))]
{
let gid = unsafe { Gid::from_raw(gid) };
let uid = unsafe { Uid::from_raw(uid) };
set_thread_res_gid(gid, gid, gid).ok();
set_thread_res_uid(uid, uid, uid).ok();
} }
} }
@@ -203,7 +214,7 @@ pub fn root_shell() -> Result<()> {
} }
// use current uid if no user specified, these has been done in kernel! // use current uid if no user specified, these has been done in kernel!
let mut uid = unsafe { libc::getuid() }; let mut uid = getuid().as_raw();
if free_idx < matches.free.len() { if free_idx < matches.free.len() {
let name = &matches.free[free_idx]; let name = &matches.free[free_idx];
uid = unsafe { uid = unsafe {

23
userspace/ksud/src/utils.rs
View File

@@ -15,6 +15,12 @@ use std::os::unix::prelude::PermissionsExt;
use hole_punch::*; use hole_punch::*;
use std::io::{Read, Seek, SeekFrom}; use std::io::{Read, Seek, SeekFrom};
#[cfg(any(target_os = "linux", target_os = "android"))]
use rustix::{
process,
thread::{move_into_link_name_space, unshare, LinkNameSpaceType, UnshareFlags},
};
pub fn ensure_clean_dir(dir: &str) -> Result<()> { pub fn ensure_clean_dir(dir: &str) -> Result<()> {
let path = Path::new(dir); let path = Path::new(dir);
log::debug!("ensure_clean_dir: {}", path.display()); log::debug!("ensure_clean_dir: {}", path.display());
@@ -115,24 +121,23 @@ pub fn get_zip_uncompressed_size(zip_path: &str) -> Result<u64> {
#[cfg(any(target_os = "linux", target_os = "android"))] #[cfg(any(target_os = "linux", target_os = "android"))]
pub fn switch_mnt_ns(pid: i32) -> Result<()> { pub fn switch_mnt_ns(pid: i32) -> Result<()> {
use anyhow::ensure; use rustix::{
use std::os::fd::AsRawFd; fd::AsFd,
fs::{open, Mode, OFlags},
};
let path = format!("/proc/{pid}/ns/mnt"); let path = format!("/proc/{pid}/ns/mnt");
let fd = std::fs::File::open(path)?; let fd = open(path, OFlags::RDONLY, Mode::from_raw_mode(0))?;
let current_dir = std::env::current_dir(); let current_dir = std::env::current_dir();
let ret = unsafe { libc::setns(fd.as_raw_fd(), libc::CLONE_NEWNS) }; move_into_link_name_space(fd.as_fd(), Some(LinkNameSpaceType::Mount))?;
if let std::result::Result::Ok(current_dir) = current_dir { if let std::result::Result::Ok(current_dir) = current_dir {
let _ = std::env::set_current_dir(current_dir); let _ = std::env::set_current_dir(current_dir);
} }
ensure!(ret == 0, "switch mnt ns failed");
Ok(()) Ok(())
} }
#[cfg(any(target_os = "linux", target_os = "android"))] #[cfg(any(target_os = "linux", target_os = "android"))]
pub fn unshare_mnt_ns() -> Result<()> { pub fn unshare_mnt_ns() -> Result<()> {
use anyhow::ensure; unshare(UnshareFlags::NEWNS)?;
let ret = unsafe { libc::unshare(libc::CLONE_NEWNS) };
ensure!(ret == 0, "unshare mnt ns failed");
Ok(()) Ok(())
} }
@@ -164,7 +169,7 @@ pub fn switch_cgroups() {
#[cfg(any(target_os = "linux", target_os = "android"))] #[cfg(any(target_os = "linux", target_os = "android"))]
pub fn umask(mask: u32) { pub fn umask(mask: u32) {
unsafe { libc::umask(mask) }; process::umask(rustix::fs::Mode::from_raw_mode(mask));
} }
#[cfg(not(any(target_os = "linux", target_os = "android")))] #[cfg(not(any(target_os = "linux", target_os = "android")))]