kernel: allow manager to be installed in work profile
This commit is contained in:
tiann
@@ -38,14 +38,16 @@ static inline bool is_allow_su()
|
||||
return ksu_is_allow_uid(current_uid().val);
|
||||
}
|
||||
|
||||
static inline bool is_isolated_uid(uid_t uid) {
|
||||
static inline bool is_isolated_uid(uid_t uid)
|
||||
{
|
||||
#define FIRST_ISOLATED_UID 99000
|
||||
#define LAST_ISOLATED_UID 99999
|
||||
#define FIRST_APP_ZYGOTE_ISOLATED_UID 90000
|
||||
#define LAST_APP_ZYGOTE_ISOLATED_UID 98999
|
||||
uid_t appid = uid % 100000;
|
||||
return (appid >= FIRST_ISOLATED_UID && appid <= LAST_ISOLATED_UID)
|
||||
|| (appid >= FIRST_APP_ZYGOTE_ISOLATED_UID && appid <= LAST_APP_ZYGOTE_ISOLATED_UID);
|
||||
return (appid >= FIRST_ISOLATED_UID && appid <= LAST_ISOLATED_UID) ||
|
||||
(appid >= FIRST_APP_ZYGOTE_ISOLATED_UID &&
|
||||
appid <= LAST_APP_ZYGOTE_ISOLATED_UID);
|
||||
}
|
||||
|
||||
static struct group_info root_groups = { .usage = ATOMIC_INIT(2) };
|
||||
@@ -168,14 +170,25 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3,
|
||||
}
|
||||
|
||||
// someone wants to be root manager, just check it!
|
||||
// arg3 should be `/data/data/<manager_package_name>`
|
||||
// arg3 should be `/data/user/<userId>/<manager_package_name>`
|
||||
char param[128];
|
||||
const char *prefix = "/data/data/";
|
||||
if (copy_from_user(param, arg3, sizeof(param))) {
|
||||
pr_err("become_manager: copy param err\n");
|
||||
return 0;
|
||||
}
|
||||
|
||||
// for user 0, it is /data/data
|
||||
// for user 999, it is /data/user/999
|
||||
const char *prefix;
|
||||
char prefixTmp[64];
|
||||
int userId = current_uid().val / 100000;
|
||||
if (userId == 0) {
|
||||
prefix = "/data/data";
|
||||
} else {
|
||||
snprintf(prefixTmp, 10, "/data/user/%d", userId);
|
||||
prefix = prefixTmp;
|
||||
}
|
||||
|
||||
if (startswith(param, (char *)prefix) != 0) {
|
||||
pr_info("become_manager: invalid param: %s\n", param);
|
||||
return 0;
|
||||
@@ -335,7 +348,8 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3,
|
||||
return 0;
|
||||
}
|
||||
|
||||
static bool is_appuid(kuid_t uid) {
|
||||
static bool is_appuid(kuid_t uid)
|
||||
{
|
||||
#define PER_USER_RANGE 100000
|
||||
#define FIRST_APPLICATION_UID 10000
|
||||
#define LAST_APPLICATION_UID 19999
|
||||
@@ -344,7 +358,8 @@ static bool is_appuid(kuid_t uid) {
|
||||
return appid >= FIRST_APPLICATION_UID && appid <= LAST_APPLICATION_UID;
|
||||
}
|
||||
|
||||
static bool should_umount(struct path* path) {
|
||||
static bool should_umount(struct path *path)
|
||||
{
|
||||
if (!path) {
|
||||
return false;
|
||||
}
|
||||
@@ -356,7 +371,8 @@ static bool should_umount(struct path* path) {
|
||||
return false;
|
||||
}
|
||||
|
||||
static void try_umount(const char *mnt) {
|
||||
static void try_umount(const char *mnt)
|
||||
{
|
||||
struct path path;
|
||||
int err = kern_path(mnt, 0, &path);
|
||||
if (err) {
|
||||
@@ -376,7 +392,8 @@ static void try_umount(const char *mnt) {
|
||||
#endif
|
||||
}
|
||||
|
||||
int ksu_handle_setuid(struct cred *new, const struct cred *old) {
|
||||
int ksu_handle_setuid(struct cred *new, const struct cred *old)
|
||||
{
|
||||
if (!new || !old) {
|
||||
return 0;
|
||||
}
|
||||
@@ -509,7 +526,8 @@ static int ksu_inode_rename(struct inode *old_inode, struct dentry *old_dentry,
|
||||
}
|
||||
|
||||
static int ksu_task_fix_setuid(struct cred *new, const struct cred *old,
|
||||
int flags) {
|
||||
int flags)
|
||||
{
|
||||
return ksu_handle_setuid(new, old);
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user