Merge changes I2157efc5,Iaf1d6f9c

* changes: run-as: Migrate to blueprint Add a way to disable run-as at runtime
2018-06-27 20:10:45 +00:00 · 2018-06-27 20:10:45 +00:00 · 78522d3676
commit 78522d3676
parent b27d572d21 5417bcb5bd
3 changed files with 36 additions and 8 deletions
--- a/run-as/Android.bp
+++ b/run-as/Android.bp
@ -0,0 +1,28 @@
+//
+// Copyright (C) 2018 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+cc_binary {
+    name: "run-as",
+    srcs: [
+        "run-as.cpp",
+    ],
+    shared_libs: [
+        "libbase",
+        "libselinux",
+        "libpackagelistparser",
+        "libminijail",
+    ],
+}
--- a/run-as/Android.mk
+++ b/run-as/Android.mk
@ -1,8 +0,0 @@
-LOCAL_PATH:= $(call my-dir)
-
-include $(CLEAR_VARS)
-LOCAL_CFLAGS := -Wall -Werror
-LOCAL_MODULE := run-as
-LOCAL_SHARED_LIBRARIES := libselinux libpackagelistparser libminijail
-LOCAL_SRC_FILES := run-as.cpp
-include $(BUILD_EXECUTABLE)
--- a/run-as/run-as.cpp
+++ b/run-as/run-as.cpp
@ -28,6 +28,7 @@
 #include <libminijail.h>
 #include <scoped_minijail.h>

+#include <android-base/properties.h>
 #include <packagelistparser/packagelistparser.h>
 #include <private/android_filesystem_config.h>
 #include <selinux/android.h>
@ -40,6 +41,7 @@
 //  The 'run-as' binary is installed with CAP_SETUID and CAP_SETGID file
 //  capabilities, but will check the following:
 //
+//  - that the ro.boot.disable_runas property is not set
 //  - that it is invoked from the 'shell' or 'root' user (abort otherwise)
 //  - that '<package-name>' is the name of an installed and debuggable package
 //  - that the package's data directory is well-formed
@ -139,6 +141,12 @@ int main(int argc, char* argv[]) {
    error(1, 0, "only 'shell' or 'root' users can run this program");
  }

+  // Some devices can disable running run-as, such as Chrome OS when running in
+  // non-developer mode.
+  if (android::base::GetBoolProperty("ro.boot.disable_runas", false)) {
+      error(1, 0, "run-as is disabled from the kernel commandline");
+  }
+
  char* pkgname = argv[1];
  int cmd_argv_offset = 2;