1、问题
近日,客户反馈,设备无法执行pm uninstall <packageName>卸载第三方apk的命令,提示无权限。设备是高通平台的Android12系统,提示如下:
W/System.err: java.io.IOException: Cannot run program "su": error=13, Permission denied
下面针对该系统下配置root权限,做一个记录分享。
2、解决
**注意:以下目录均是在项目的UM***中,在QSSI中修改无效。**
(1)frameworks/base/core/jni/com_android_internal_os_Zygote.cpp
static void DropCapabilitiesBoundingSet(fail_fn_t fail_fn) {
/*
for (int i = 0; prctl(PR_CAPBSET_READ, i, 0, 0, 0) >= 0; i++) {;
if (prctl(PR_CAPBSET_DROP, i, 0, 0, 0) == -1) {
if (errno == EINVAL) {
ALOGE("prctl(PR_CAPBSET_DROP) failed with EINVAL. Please verify "
"your kernel is compiled with file capabilities support");
} else {
fail_fn(CREATE_ERROR("prctl(PR_CAPBSET_DROP, %d) failed: %s", i, strerror(errno)));
}
}
}
*/
}
(2)kernel/msm-4.19/security/commoncap.c
/*
* Implement PR_CAPBSET_DROP. Attempt to remove the specified capability from
* the current task's bounding set. Returns 0 on success, -ve on error.
*/
static int cap_prctl_drop(unsigned long cap)
{
struct cred *new;
/* if (!ns_capable(current_user_ns(), CAP_SETPCAP))
return -EPERM;
if (!cap_valid(cap))
return -EINVAL; */
new = prepare_creds();
if (!new)
return -ENOMEM;
cap_lower(new->cap_bset, cap);
return commit_creds(new);
}
(3)system/core/libcutils/fs_config.cpp
// the following two files are INTENTIONALLY set-uid, but they
// are NOT included on user builds.
{ 06755, AID_ROOT, AID_ROOT, 0, "system/xbin/procmem" },
{ 06755, AID_ROOT, AID_SHELL, 0, "system/xbin/su" },
{ 00755, AID_ROOT, AID_SHELL, 0, "system/vendor" },
{ 00755, AID_ROOT, AID_SHELL, 0, "system/xbin" },
(4)system/extras/su/su.cpp
int main(int argc, char** argv) {
/* uid_t current_uid = getuid();
//if (current_uid != AID_ROOT && current_uid != AID_SHELL) error(1, 0, "not allowed");
if (current_uid != AID_ROOT && current_uid != AID_SHELL) fprintf(stderr, "current_uid %d\n",current_uid); */
// Handle -h and --help.
++argv;
if (*argv && (strcmp(*argv, "--help") == 0 || strcmp(*argv, "-h") == 0)) {
fprintf(stderr,
"usage: su [WHO [COMMAND...]]\n"
"\n"
"Switch to WHO (default 'root') and run the given COMMAND (default sh).\n"
"\n"
"WHO is a comma-separated list of user, group, and supplementary groups\n"
"in that order.\n"
"\n");
return 0;
}