CM specific changes to allow disabling of root access from system settings

ChainsDD · ChainsDD · commit 538413f2b709 · 2012-07-01T02:30:25.000+01:00
diff --git a/Android.mk b/Android.mk
@@ -2,7 +2,7 @@ LOCAL_PATH := $(call my-dir)
 include $(CLEAR_VARS)
 
 LOCAL_MODULE := su
-LOCAL_SRC_FILES := su.c db.c activity.c
+LOCAL_SRC_FILES := su.c db.c activity.c utils.c
 
 LOCAL_C_INCLUDES += external/sqlite/dist
 
diff --git a/su.c b/su.c
@@ -38,6 +38,7 @@
 #include <cutils/log.h>
 
 #include "su.h"
+#include "utils.h"
 
 /* Still lazt, will fix this */
 static char socket_path[PATH_MAX];
@@ -375,8 +376,10 @@ int main(int argc, char *argv[])
     };
     struct stat st;
     int socket_serv_fd, fd;
-    char buf[64], *result;
-    int c, dballow;
+    char buf[64], *result, debuggable[PROPERTY_VALUE_MAX];
+    char enabled[PROPERTY_VALUE_MAX], build_type[PROPERTY_VALUE_MAX];
+    char cm_version[PROPERTY_VALUE_MAX];;
+    int c, dballow, len;
     struct option long_opts[] = {
         { "command",			required_argument,	NULL, 'c' },
         { "help",			no_argument,		NULL, 'h' },
@@ -386,6 +389,8 @@ int main(int argc, char *argv[])
         { "version",			no_argument,		NULL, 'v' },
         { NULL, 0, NULL, 0 },
     };
+    char *data;
+    unsigned sz;
 
     while ((c = getopt_long(argc, argv, "+c:hlmps:Vv", long_opts, NULL)) != -1) {
         switch(c) {
@@ -450,8 +455,52 @@ int main(int argc, char *argv[])
         deny(&ctx);
     }
 
+    // we can't simply use the property service, since we aren't launched from init and
+    // can't trust the location of the property workspace. find the properties ourselves.
+    data = read_file("/default.prop", &sz);
+    get_property(data, debuggable, "ro.debuggable", "0");
+    free(data);
+
+    data = read_file("/system/build.prop", &sz);
+    get_property(data, cm_version, "ro.cm.version", "");
+    get_property(data, build_type, "ro.build.type", "");
+    free(data);
+
+    data = read_file("/data/property/persist.sys.root_access", &sz);
+    if (data != NULL) {
+        len = strlen(data);
+        if (len >= PROPERTY_VALUE_MAX)
+            memcpy(enabled, "1", 2);
+        else
+            memcpy(enabled, data, len + 1);
+        free(data);
+    } else
+        memcpy(enabled, "1", 2);
+
     ctx.umask = umask(027);
 
+    // CyanogenMod-specific behavior
+    if (strlen(cm_version) > 0) {
+        // only allow su on debuggable builds
+        if (strcmp("1", debuggable) != 0) {
+            LOGE("Root access is disabled on non-debug builds");
+            deny(&ctx);
+        }
+
+        // enforce persist.sys.root_access on non-eng builds
+        if (strcmp("eng", build_type) != 0 &&
+               (atoi(enabled) & 1) != 1 ) {
+            LOGE("Root access is disabled by system setting - enable it under settings -> developer options");
+            deny(&ctx);
+        }
+
+        // disallow su in a shell if appropriate
+        if (ctx.from.uid == AID_SHELL && (atoi(enabled) == 1)) {
+            LOGE("Root access is disabled by a system setting - enable it under settings -> developer options");
+            deny(&ctx);
+        }
+    }
+
     if (ctx.from.uid == AID_ROOT || ctx.from.uid == AID_SHELL)
         allow(&ctx);
 
diff --git a/su.h b/su.h
@@ -42,8 +42,8 @@
 #define VERSION_EXTRA	""
 #endif
 
-#define VERSION "3.1" VERSION_EXTRA
-#define VERSION_CODE 16
+#define VERSION "3.1.1" VERSION_EXTRA
+#define VERSION_CODE 17
 
 #define DATABASE_VERSION 6
 #define PROTO_VERSION 0
diff --git a/utils.c b/utils.c
@@ -0,0 +1,103 @@
+/*
+** Copyright 2012, The CyanogenMod Project
+**
+** Licensed under the Apache License, Version 2.0 (the "License");
+** you may not use this file except in compliance with the License.
+** You may obtain a copy of the License at
+**
+**     http://www.apache.org/licenses/LICENSE-2.0
+**
+** Unless required by applicable law or agreed to in writing, software
+** distributed under the License is distributed on an "AS IS" BASIS,
+** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+** See the License for the specific language governing permissions and
+** limitations under the License.
+*/
+
+#include <unistd.h>
+#include <limits.h>
+#include <fcntl.h>
+#include <errno.h>
+#include <endian.h>
+#include <ctype.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <cutils/properties.h>
+
+/* reads a file, making sure it is terminated with \n \0 */
+char* read_file(const char *fn, unsigned *_sz)
+{
+    char *data;
+    int sz;
+    int fd;
+
+    data = 0;
+    fd = open(fn, O_RDONLY);
+    if(fd < 0) return 0;
+
+    sz = lseek(fd, 0, SEEK_END);
+    if(sz < 0) goto oops;
+
+    if(lseek(fd, 0, SEEK_SET) != 0) goto oops;
+
+    data = (char*) malloc(sz + 2);
+    if(data == 0) goto oops;
+
+    if(read(fd, data, sz) != sz) goto oops;
+    close(fd);
+    data[sz] = '\n';
+    data[sz+1] = 0;
+    if(_sz) *_sz = sz;
+    return data;
+
+oops:
+    close(fd);
+    if(data != 0) free(data);
+    return 0;
+}
+
+int get_property(const char *data, char *found, const char *searchkey, const char *not_found)
+{
+    char *key, *value, *eol, *sol, *tmp;
+    if (data == NULL) goto defval;
+    int matched = 0;
+    sol = strdup(data);
+    while((eol = strchr(sol, '\n'))) {
+        key = sol;
+        *eol++ = 0;
+        sol = eol;
+
+        value = strchr(key, '=');
+        if(value == 0) continue;
+        *value++ = 0;
+
+        while(isspace(*key)) key++;
+        if(*key == '#') continue;
+        tmp = value - 2;
+        while((tmp > key) && isspace(*tmp)) *tmp-- = 0;
+
+        while(isspace(*value)) value++;
+        tmp = eol - 2;
+        while((tmp > value) && isspace(*tmp)) *tmp-- = 0;
+
+        if (strncmp(searchkey, key, strlen(searchkey)) == 0) {
+            matched = 1;
+            break;
+        }
+    }
+    int len;
+    if (matched) {
+        len = strlen(value);
+        if (len >= PROPERTY_VALUE_MAX)
+            return -1;
+        memcpy(found, value, len + 1);
+    } else goto defval;
+    return len;
+
+defval:
+    len = strlen(not_found);
+    memcpy(found, not_found, len + 1);
+    return len;
+}
diff --git a/utils.h b/utils.h
@@ -0,0 +1,24 @@
+/*
+** Copyright 2012, The CyanogenMod Project
+**
+** Licensed under the Apache License, Version 2.0 (the "License");
+** you may not use this file except in compliance with the License.
+** You may obtain a copy of the License at
+**
+**     http://www.apache.org/licenses/LICENSE-2.0
+**
+** Unless required by applicable law or agreed to in writing, software
+** distributed under the License is distributed on an "AS IS" BASIS,
+** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+** See the License for the specific language governing permissions and
+** limitations under the License.
+*/
+
+#ifndef _UTILS_H_
+#define _UTILS_H_
+
+/* reads a file, making sure it is terminated with \n \0 */
+char* read_file(const char *fn, unsigned *_sz);
+
+int get_property(const char *data, char *found, const char *searchkey, const char *not_found);
+#endif
