做网站用商标吗,南昌seo数据监控,企业邮箱登录入口免费,wordpress前台后台都空白一、为什么需要adb root权限
问题#xff1a;Relese版本#xff0c;默认adb访问会降级到shell权限#xff0c;一些敏感操作不能进行#xff0c;远程调试比较麻烦。且Release版本没有su模块#xff0c;不能切换Root用户。
开启adb调试以后#xff0c;默认进入adb是syste…一、为什么需要adb root权限
问题Relese版本默认adb访问会降级到shell权限一些敏感操作不能进行远程调试比较麻烦。且Release版本没有su模块不能切换Root用户。
开启adb调试以后默认进入adb是system权限不能切换到root因为Release没有集成su.
有两种方式切换Root:
1) Release也集成su模块
2默认Release版本adb 开启Root权限 二、开启adb ROOT权限
开启Root权限
ro.secure表示root权限要开启Root权限系统配置ro.secure0 开启ROOT权限
2.1 编译时默认开启ROOT权限
build/make/core/main.mk
ifneq (,$(user_variant))# modify begin # fix: zhouronghua default as root# Target is secure in user builds.ADDITIONAL_DEFAULT_PROPERTIES ro.secure0# modify end ADDITIONAL_DEFAULT_PROPERTIES security.perf_harden1ifeq ($(user_variant),user)# modify begin fix: default as rootADDITIONAL_DEFAULT_PROPERTIES ro.adb.secure0# modify end endifuser版本就是Releae版本userdebug版本就是debug版本。
2.2 Zygote关闭权限降级
frameworks/base/core/jni/com_android_internal_os_Zygote.cpp
static void DropCapabilitiesBoundingSet(fail_fn_t fail_fn) {// modify begin zhouronghua #if 0for (int i 0; prctl(PR_CAPBSET_READ, i, 0, 0, 0) 0; i) {;if (prctl(PR_CAPBSET_DROP, i, 0, 0, 0) -1) {if (errno EINVAL) {ALOGE(prctl(PR_CAPBSET_DROP) failed with EINVAL. Please verify your kernel is compiled with file capabilities support);} else {fail_fn(CREATE_ERROR(prctl(PR_CAPBSET_DROP, %d) failed: %s, i, strerror(errno)));}}}#endif// modify end }
2.3 Android.bp允许暴力修改selinux权限
system/core/init/Android.bp
-DALLOW_PERMISSIVE_SELINUX0 修改为 -DALLOW_PERMISSIVE_SELINUX1
cc_defaults {name: init_defaults,cpp_std: experimental,sanitize: {misc_undefined: [signed-integer-overflow],},cflags: [-DLOG_UEVENTS0,-Wall,-Wextra,-Wno-unused-parameter,-Werror,-Wthread-safety,-DALLOW_FIRST_STAGE_CONSOLE0,-DALLOW_LOCAL_PROP_OVERRIDE0,-DALLOW_PERMISSIVE_SELINUX1,-DREBOOT_BOOTLOADER_ON_PANIC0,-DWORLD_WRITABLE_KMSG0,-DDUMP_ON_UMOUNT_FAILURE0,2.4 init程序允许暴力修改selinux权限
system/core/init/Android.mk
ifneq (,$(filter userdebug eng,$(TARGET_BUILD_VARIANT)))
init_options \-DALLOW_FIRST_STAGE_CONSOLE1 \-DALLOW_LOCAL_PROP_OVERRIDE1 \-DALLOW_PERMISSIVE_SELINUX1 \-DREBOOT_BOOTLOADER_ON_PANIC1 \-DWORLD_WRITABLE_KMSG1 \-DDUMP_ON_UMOUNT_FAILURE1
else
# modify begin zhouronghua allow permissive
init_options \-DALLOW_FIRST_STAGE_CONSOLE0 \-DALLOW_LOCAL_PROP_OVERRIDE0 \-DALLOW_PERMISSIVE_SELINUX1 \-DREBOOT_BOOTLOADER_ON_PANIC0 \-DWORLD_WRITABLE_KMSG0 \-DDUMP_ON_UMOUNT_FAILURE0
# modify end
endif2.5 su程序权限提级
system/core/libcutils/fs_config.cpp // the following two files are INTENTIONALLY set-uid, but they// are NOT included on user builds.{ 06755, AID_ROOT, AID_ROOT, 0, system/xbin/procmem },// modify begin zhouronghua su right improve{ 06755, AID_ROOT, AID_SHELL, 0, system/xbin/su },2.6 修改su程序权限
system/core/rootdir/init.rc chown system system /sys/devices/system/cpu/cpufreq/interactive/io_is_busychmod 0660 /sys/devices/system/cpu/cpufreq/interactive/io_is_busy# modify begin zhouronghua su rightchmod 6755 /system/xbin/su# modify end
2.7 su程序构建
system/extras/su/Android.mk
LOCAL_MODULE_PATH : $(TARGET_OUT_OPTIONAL_EXECUTABLES)# modify begin zhouronghua su as common module
LOCAL_MODULE_TAGS : optional
# modify end 2.8 su程序去掉Root用户检测
system/extras/su/su.cpp
int main(int argc, char** argv) {// modify begin zhouronghua delete root shell check#if 0uid_t current_uid getuid();if (current_uid ! AID_ROOT current_uid ! AID_SHELL) error(1, 0, not allowed);#endif// modify end 2.9 关闭selinux.cpp强制安全检测
system/core/init/selinux.cpp
bool IsEnforcing() {// modify start zhouronghua 不需要强制安全检测return false;// modify endif (ALLOW_PERMISSIVE_SELINUX) {return StatusFromCmdline() SELINUX_ENFORCING;}return true;
}
2.10 adb不降级采用ROOT访问
adbd启动时检查属性决定是否进行权限降级到AID_SHELL
system/core/adb/daemon/main.cpp
static bool should_drop_privileges() {// modify begin // fix: zhouronghua adb root not allowed, always drop privileges.if (!ALLOW_ADBD_ROOT !is_device_unlocked()) return false;// modifu end
adb Root权限访问不需要降级。
2.11 安卓内核默认开启selLinux
kernel/configs/o-mr1/android-3.18/android-base.config
kernel/configs/o-mr1/android-4.4/android-base.config
kernel/configs/o-mr1/android-4.9/android-base.config
kernel/configs/o/android-3.18/android-base.config
kernel/configs/o/android-3.18/android-base.config
kernel/configs/o/android-4.4/android-base.config
kernel/configs/o/android-4.9/android-base.config
kernel/configs/p/android-4.14/android-base.config
kernel/configs/p/android-4.4/android-base.config
kernel/configs/p/android-4.9/android-base.config
kernel/configs/q/android-4.14/android-base.config
kernel/configs/q/android-4.19/android-base.config
kernel/configs/q/android-4.9/android-base.config
kernel/configs/r/android-4.14/android-base.config
kernel/configs/r/android-4.19/android-base.config
kernel/configs/r/android-5.4/android-base.config
CONFIG_XFRM_USERy
# modify begin zhouronghua selinux
CONFIG_SECURITY_SELINUX_DEVELOPy
# # modify end
