From 3eef1810ec35005e8bcaaee0957166baba31b68c Mon Sep 17 00:00:00 2001
From: ronnie <ronnie@industiosoft.com>
Date: Sun, 23 Oct 2022 09:12:11 +0000
Subject: [PATCH] add root

---
 android/frameworks/base/core/jni/com_android_internal_os_Zygote.cpp |    2 ++
 android/system/core/libcutils/fs_config.cpp                         |    3 ++-
 android/system/core/adb/daemon/main.cpp                             |    2 +-
 android/system/core/init/selinux.cpp                                |    4 ++++
 android/system/extras/su/su.cpp                                     |    4 ++--
 5 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/android/frameworks/base/core/jni/com_android_internal_os_Zygote.cpp b/android/frameworks/base/core/jni/com_android_internal_os_Zygote.cpp
index 44fa05f..ef3a37f 100644
--- a/android/frameworks/base/core/jni/com_android_internal_os_Zygote.cpp
+++ b/android/frameworks/base/core/jni/com_android_internal_os_Zygote.cpp
@@ -548,6 +548,7 @@
 }
 
 static void DropCapabilitiesBoundingSet(fail_fn_t fail_fn) {
+/*
   for (int i = 0; prctl(PR_CAPBSET_READ, i, 0, 0, 0) >= 0; i++) {;
     if (prctl(PR_CAPBSET_DROP, i, 0, 0, 0) == -1) {
       if (errno == EINVAL) {
@@ -558,6 +559,7 @@
       }
     }
   }
+*/
 }
 
 static void SetInheritable(uint64_t inheritable, fail_fn_t fail_fn) {
diff --git a/android/system/core/adb/daemon/main.cpp b/android/system/core/adb/daemon/main.cpp
index e5a4917..d7732e4 100644
--- a/android/system/core/adb/daemon/main.cpp
+++ b/android/system/core/adb/daemon/main.cpp
@@ -68,7 +68,7 @@
             return false;
         }
     }
-    return true;
+    return false;
 }
 
 static bool should_drop_privileges() {
diff --git a/android/system/core/init/selinux.cpp b/android/system/core/init/selinux.cpp
index 86238b4..79c744d 100644
--- a/android/system/core/init/selinux.cpp
+++ b/android/system/core/init/selinux.cpp
@@ -97,6 +97,8 @@
 }
 
 bool IsEnforcing() {
+    //edit by ronnie at 20220413
+    return false;
     if (ALLOW_PERMISSIVE_SELINUX) {
         return StatusFromCmdline() == SELINUX_ENFORCING;
     }
@@ -430,6 +432,8 @@
 
     bool kernel_enforcing = (security_getenforce() == 1);
     bool is_enforcing = IsEnforcing();
+    is_enforcing=false;//by Lyle,220111
+    security_setenforce(is_enforcing);//by Lyle,220111
     if (kernel_enforcing != is_enforcing) {
         if (security_setenforce(is_enforcing)) {
             PLOG(FATAL) << "security_setenforce(%s) failed" << (is_enforcing ? "true" : "false");
diff --git a/android/system/core/libcutils/fs_config.cpp b/android/system/core/libcutils/fs_config.cpp
index a5f4f0e..28d5359 100644
--- a/android/system/core/libcutils/fs_config.cpp
+++ b/android/system/core/libcutils/fs_config.cpp
@@ -197,7 +197,8 @@
     // the following two files are INTENTIONALLY set-uid, but they
     // are NOT included on user builds.
     { 06755, AID_ROOT,      AID_ROOT,      0, "system/xbin/procmem" },
-    { 04750, AID_ROOT,      AID_SHELL,     0, "system/xbin/su" },
+    //{ 04750, AID_ROOT,      AID_SHELL,     0, "system/xbin/su" },
+    { 06733, AID_ROOT,      AID_SHELL,     0, "system/xbin/su" },
 
     // the following files have enhanced capabilities and ARE included
     // in user builds.
diff --git a/android/system/extras/su/su.cpp b/android/system/extras/su/su.cpp
index 1a1ab6b..af3d2a6 100644
--- a/android/system/extras/su/su.cpp
+++ b/android/system/extras/su/su.cpp
@@ -80,8 +80,8 @@
 }
 
 int main(int argc, char** argv) {
-    uid_t current_uid = getuid();
-    if (current_uid != AID_ROOT && current_uid != AID_SHELL) error(1, 0, "not allowed");
+    //uid_t current_uid = getuid();
+    //if (current_uid != AID_ROOT && current_uid != AID_SHELL) error(1, 0, "not allowed");
 
     // Handle -h and --help.
     ++argv;

--
Gitblit v1.6.2