* commit 'c7e28899c3917ad6e72d5dc99401bcd133cbd475': adbd: switch to su domain when running as root
This commit is contained in:
Nick Kralevich
Android Git Automerger
commit
c3af60aff5
2 changed files with 30 additions and 8 deletions
36
adb/adb.c
36
adb/adb.c
|
|
@ -39,6 +39,8 @@
|
|||
#include <sys/capability.h>
|
||||
#include <linux/prctl.h>
|
||||
#include <sys/mount.h>
|
||||
#include <getopt.h>
|
||||
#include <selinux/selinux.h>
|
||||
#else
|
||||
#include "usb_vendors.h"
|
||||
#endif
|
||||
|
|
@ -54,6 +56,7 @@ static int auth_enabled = 0;
|
|||
|
||||
#if !ADB_HOST
|
||||
static const char *adb_device_banner = "device";
|
||||
static const char *root_seclabel = NULL;
|
||||
#endif
|
||||
|
||||
void fatal(const char *fmt, ...)
|
||||
|
|
@ -1355,6 +1358,12 @@ int adb_main(int is_daemon, int server_port)
|
|||
D("Local port disabled\n");
|
||||
} else {
|
||||
char local_name[30];
|
||||
if ((root_seclabel != NULL) && (is_selinux_enabled() > 0)) {
|
||||
// b/12587913: fix setcon to allow const pointers
|
||||
if (setcon((char *)root_seclabel) < 0) {
|
||||
exit(1);
|
||||
}
|
||||
}
|
||||
build_local_name(local_name, sizeof(local_name), server_port);
|
||||
if(install_listener(local_name, "*smartsocket*", NULL, 0)) {
|
||||
exit(1);
|
||||
|
|
@ -1641,10 +1650,6 @@ int handle_host_request(char *service, transport_type ttype, char* serial, int r
|
|||
return -1;
|
||||
}
|
||||
|
||||
#if !ADB_HOST
|
||||
int recovery_mode = 0;
|
||||
#endif
|
||||
|
||||
int main(int argc, char **argv)
|
||||
{
|
||||
#if ADB_HOST
|
||||
|
|
@ -1656,9 +1661,26 @@ int main(int argc, char **argv)
|
|||
/* If adbd runs inside the emulator this will enable adb tracing via
|
||||
* adb-debug qemud service in the emulator. */
|
||||
adb_qemu_trace_init();
|
||||
if((argc > 1) && (!strcmp(argv[1],"recovery"))) {
|
||||
adb_device_banner = "recovery";
|
||||
recovery_mode = 1;
|
||||
while(1) {
|
||||
int c;
|
||||
int option_index = 0;
|
||||
static struct option opts[] = {
|
||||
{"root_seclabel", required_argument, 0, 's' },
|
||||
{"device_banner", required_argument, 0, 'b' }
|
||||
};
|
||||
c = getopt_long(argc, argv, "", opts, &option_index);
|
||||
if (c == -1)
|
||||
break;
|
||||
switch (c) {
|
||||
case 's':
|
||||
root_seclabel = optarg;
|
||||
break;
|
||||
case 'b':
|
||||
adb_device_banner = optarg;
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
start_device_log();
|
||||
|
|
|
|||
|
|
@ -451,7 +451,7 @@ on property:ro.debuggable=1
|
|||
start console
|
||||
|
||||
# adbd is controlled via property triggers in init.<platform>.usb.rc
|
||||
service adbd /sbin/adbd
|
||||
service adbd /sbin/adbd --root_seclabel=u:r:su:s0
|
||||
class core
|
||||
socket adbd stream 660 system system
|
||||
disabled
|
||||
|
|
|
|||
Loading…
Reference in a new issue