1、位置:
system\extras\su\su.cpp
android 7.1
system\extras\su\su.c
int main(int argc, char** argv) {
-//uid_t current_uid = getuid();
-//if (current_uid != AID_ROOT && current_uid != AID_SHELL) error(1, 0, "not allowed");
3、这一步不改不知道行不行,还没时间测试
android9\system\core\libcutils\fs_config.cpp
// the following two files are INTENTIONALLY set-uid, but they
// are NOT included on user builds.
{ 06755, AID_ROOT, AID_ROOT, 0, "system/xbin/procmem" },
- //{ 04750, AID_ROOT, AID_SHELL, 0, "system/xbin/su" },
+ { 06755, AID_ROOT, AID_SHELL, 0, "system/xbin/su" },
4、可能需要修改,frameworks\base\core\jni\com_android_internal_os_Zygote.cpp
static void DropCapabilitiesBoundingSet(JNIEnv* env) {
+/*
for (int i = 0; prctl(PR_CAPBSET_READ, i, 0, 0, 0) >= 0; i++) {
int rc = prctl(PR_CAPBSET_DROP, i, 0, 0, 0);
if (rc == -1) {
if (errno == EINVAL) {
ALOGE("prctl(PR_CAPBSET_DROP) failed with EINVAL. Please verify "
"your kernel is compiled with file capabilities support");
} else {
ALOGE("prctl(PR_CAPBSET_DROP) failed");
RuntimeAbort(env);
}
}
}
+*/
}
5、system\core\init\ selinux.cpp
bool IsEnforcing() {
+ return false;
if (ALLOW_PERMISSIVE_SELINUX) {
return StatusFromCmdline() == SELINUX_ENFORCING;
}
return true;
}
android 8.0 / 7.1
system\core\init\init.cpp
static bool selinux_is_enforcing(void)
{
return false;
if (ALLOW_PERMISSIVE_SELINUX) {
return selinux_status_from_cmdline() == SELINUX_ENFORCING;
}
return true;
}
android 7.1 (有的系统需要改)
frameworks\base\cmds\app_process\app_main.cpp
int main(int argc, char* const argv[])
{
+/*
if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) < 0) {
// Older kernels don't understand PR_SET_NO_NEW_PRIVS and return
// EINVAL. Don't die on such kernels.
if (errno != EINVAL) {
LOG_ALWAYS_FATAL("PR_SET_NO_NEW_PRIVS failed: %s", strerror(errno));
return 12;
}
}
+*/
AppRuntime runtime(argv[0], computeArgBlockSize(argc, argv));
// Process command line arguments
// ignore argv[0]
argc--;
argv++;
2、路径 (这个好像不用改,如果改下面文件的话)
android9\out\target\product\evk_8mm\obj\KERNEL_OBJ\source\security\commoncap.c
for (;;) {
/* Do we have the necessary capabilities? */
if (ns == cred->user_ns)
-//return cap_raised(cred->cap_effective, cap) ? 0 : -EPERM;
+return 0;
参考:
https://blog.csdn.net/liuhongbin2011net/article/details/83536367