网站建设内容方法,国内网站做得好的公司,石大远程网页设计与网站建设答案,用c语言怎么做网站需求描述#xff1a; user版本默认是不会开启root权限的#xff0c;但是一般性能版本需要设置CPU GPU DDR performance或者监听节点信息等debug手段去验证当前问题是否与CPU GPU DDR有关系。
基线代码判断逻辑#xff1a;
1.adb代码会检测相关属性
ro.secure ro.debugga…需求描述 user版本默认是不会开启root权限的但是一般性能版本需要设置CPU GPU DDR performance或者监听节点信息等debug手段去验证当前问题是否与CPU GPU DDR有关系。
基线代码判断逻辑
1.adb代码会检测相关属性
ro.secure ro.debuggable (通过调用__android_log_is_debuggable()获取返回值)
2.代码path
2.1 adbd启动时检查属性决定是否进行权限降级到AID_SHELL pathsystem/adb/core/daemon/main.cpp line:121 if (should_drop_privileges()){ … …
2.2 system/adb/core/下搜索__android_log_is_debuggable()
3.修改思路
3.1 should_drop_privileges() 修改强制返回false保持adb root用户级别 3.2 __android_log_is_debuggable() 返回true
packages/modules/adb/daemon/main.cpp
static bool should_drop_privileges() {// The properties that affect adb root and adb unroot are ro.secure and// ro.debuggable. In this context the names dont make the expected behavior// particularly obvious.//// ro.debuggable:// Allowed to become root, but not necessarily the default. Set to 1 on// eng and userdebug builds.//// ro.secure:// Drop privileges by default. Set to 1 on userdebug and user builds.bool ro_secure android::base::GetBoolProperty(ro.secure, true);bool ro_debuggable __android_log_is_debuggable();// Drop privileges if ro.secure is set...bool drop ro_secure;std::string build_prop android::base::GetProperty(ro.build.type, );bool adb_build_root (build_prop userdebug);if (adb_build_root) {return false;}// ... except adb root lets you keep privileges in a debuggable build.std::string prop android::base::GetProperty(service.adb.root, );bool adb_root (prop 1);bool adb_unroot (prop 0);if (ro_debuggable adb_root) {drop false;}// ... and adb unroot lets you explicitly drop privileges.if (adb_unroot) {drop true;}return drop;
}
具体实现
1.关闭ro.secure、ro.adb.secure打开ro.debuggable 文件路径qssi/build/make/core/main.mk 详细修改
diff --git a/core/main.mk b/core/main.mk
index 1579294..f223432 100644
--- a/core/main.mkb/core/main.mk-365,11 365,11 tags_to_install :ifneq (,$(user_variant))# Target is secure in user builds.
- ADDITIONAL_SYSTEM_PROPERTIES ro.secure1ADDITIONAL_SYSTEM_PROPERTIES ro.secure0ADDITIONAL_SYSTEM_PROPERTIES security.perf_harden1ifeq ($(user_variant),user)
- ADDITIONAL_SYSTEM_PROPERTIES ro.adb.secure1ADDITIONAL_SYSTEM_PROPERTIES ro.adb.secure0endififeq ($(user_variant),userdebug)-377,7 377,7 tags_to_install debugelse# Disable debugging in plain user builds.
- enable_target_debugging :enable_target_debugging : trueendif# Disallow mock locations by default for user builds-399,7 399,7 ADDITIONAL_SYSTEM_PROPERTIES dalvik.vm.lockprof.threshold500else # !enable_target_debugging# Target is less debuggable and adbd is off by default
- ADDITIONAL_SYSTEM_PROPERTIES ro.debuggable0ADDITIONAL_SYSTEM_PROPERTIES ro.debuggable1endif # !enable_target_debugging## eng ##
2.should_drop_privileges return false,allow adb root 文件路径qssi/packages/modules/adb/daemon/main.cpp 详细修改
diff --git a/daemon/main.cpp b/daemon/main.cpp
index 1d4e626..6c9792f 100644
--- a/daemon/main.cppb/daemon/main.cpp-74,6 74,7 //// ro.secure:// Drop privileges by default. Set to 1 on userdebug and user builds.return false;bool ro_secure android::base::GetBoolProperty(ro.secure, true);bool ro_debuggable __android_log_is_debuggable();
3.ALLOW_ADBD_DISABLE_VERITY1 文件路径qssi/system/core/fs_mgr/Android.bp 详细修改
diff --git a/fs_mgr/Android.bp b/fs_mgr/Android.bp
index 49761ac..ac1c31d 100644
--- a/fs_mgr/Android.bpb/fs_mgr/Android.bp-109,7 109,8 libfstab,],cppflags: [
- -DALLOW_ADBD_DISABLE_VERITY0,-UALLOW_ADBD_DISABLE_VERITY,-DALLOW_ADBD_DISABLE_VERITY1,],product_variables: {debuggable: {-237,7 238,8 fs_mgr_remount.cpp,],cppflags: [
- -DALLOW_ADBD_DISABLE_VERITY0,-UALLOW_ADBD_DISABLE_VERITY,-DALLOW_ADBD_DISABLE_VERITY1,],product_variables: {debuggable: {
4.close selinux enforcePermissive 文件路径qssi/system/core/init/selinux.cpp 详细修改
diff --git a/init/selinux.cpp b/init/selinux.cpp
index 6ae4bc0..4d50cb6 100644
--- a/init/selinux.cppb/init/selinux.cpp-124,6 124,7 bool IsEnforcing() {// close selinux for user version with rootreturn false;#if defined(LCT_BUILD_TYPE_FACTORY)return false;#endif
5.sepolicy 文件路径qssi/system/sepolicy/Android.mk 详细修改
diff --git a/Android.mk b/Android.mk
index a2793af..da5cebf 100644
--- a/Android.mkb/Android.mk-613,7 613,7 ifneq ($(filter address,$(SANITIZE_TARGET)),)local_fc_files $(wildcard $(addsuffix /file_contexts_asan, $(PLAT_PRIVATE_POLICY)))endif
-ifneq (,$(filter userdebug eng,$(TARGET_BUILD_VARIANT)))
ifneq (,$(filter user userdebug eng,$(TARGET_BUILD_VARIANT)))local_fc_files $(wildcard $(addsuffix /file_contexts_overlayfs, $(PLAT_PRIVATE_POLICY)))endif
