Loading adb/adb.c +1 −19 Original line number Diff line number Diff line Loading @@ -1199,9 +1199,8 @@ static void drop_capabilities_bounding_set_if_needed() { #endif int i; for (i = 0; prctl(PR_CAPBSET_READ, i, 0, 0, 0) >= 0; i++) { if (i == CAP_SETUID || i == CAP_SETGID || i == CAP_SYS_BOOT) { if (i == CAP_SETUID || i == CAP_SETGID) { // CAP_SETUID CAP_SETGID needed by /system/bin/run-as // CAP_SYS_BOOT needed by /system/bin/reboot continue; } int err = prctl(PR_CAPBSET_DROP, i, 0, 0, 0); Loading Loading @@ -1302,13 +1301,6 @@ int adb_main(int is_daemon, int server_port) /* don't listen on a port (default 5037) if running in secure mode */ /* don't run as root if we are running in secure mode */ if (should_drop_privileges()) { struct __user_cap_header_struct header; struct __user_cap_data_struct cap[2]; if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) != 0) { exit(1); } drop_capabilities_bounding_set_if_needed(); /* add extra groups: Loading Loading @@ -1338,16 +1330,6 @@ int adb_main(int is_daemon, int server_port) exit(1); } memset(&header, 0, sizeof(header)); memset(cap, 0, sizeof(cap)); /* set CAP_SYS_BOOT capability, so "adb reboot" will succeed */ header.version = _LINUX_CAPABILITY_VERSION_3; header.pid = 0; cap[CAP_TO_INDEX(CAP_SYS_BOOT)].effective |= CAP_TO_MASK(CAP_SYS_BOOT); cap[CAP_TO_INDEX(CAP_SYS_BOOT)].permitted |= CAP_TO_MASK(CAP_SYS_BOOT); capset(&header, cap); D("Local port disabled\n"); } else { char local_name[30]; Loading adb/services.c +11 −2 Original line number Diff line number Diff line Loading @@ -165,6 +165,7 @@ void restart_usb_service(int fd, void *cookie) void reboot_service(int fd, void *arg) { char buf[100]; char property_val[PROPERTY_VALUE_MAX]; int pid, ret; sync(); Loading @@ -182,11 +183,19 @@ void reboot_service(int fd, void *arg) waitpid(pid, &ret, 0); } ret = android_reboot(ANDROID_RB_RESTART2, 0, (char *) arg); ret = snprintf(property_val, sizeof(property_val), "reboot,%s", (char *) arg); if (ret >= (int) sizeof(property_val)) { snprintf(buf, sizeof(buf), "reboot string too long. length=%d\n", ret); writex(fd, buf, strlen(buf)); goto cleanup; } ret = property_set(ANDROID_RB_PROPERTY, property_val); if (ret < 0) { snprintf(buf, sizeof(buf), "reboot failed: %s\n", strerror(errno)); snprintf(buf, sizeof(buf), "reboot failed: %d\n", ret); writex(fd, buf, strlen(buf)); } cleanup: free(arg); adb_close(fd); } Loading include/cutils/android_reboot.h +2 −3 Original line number Diff line number Diff line Loading @@ -24,9 +24,8 @@ __BEGIN_DECLS #define ANDROID_RB_POWEROFF 0xDEAD0002 #define ANDROID_RB_RESTART2 0xDEAD0003 /* Flags */ #define ANDROID_RB_FLAG_NO_SYNC 0x1 #define ANDROID_RB_FLAG_NO_REMOUNT_RO 0x2 /* Properties */ #define ANDROID_RB_PROPERTY "sys.powerctl" int android_reboot(int cmd, int flags, char *arg); Loading include/private/android_filesystem_config.h +0 −1 Original line number Diff line number Diff line Loading @@ -230,7 +230,6 @@ static const struct fs_path_config android_files[] = { /* the following files have enhanced capabilities and ARE included in user builds. */ { 00750, AID_ROOT, AID_SHELL, (1 << CAP_SETUID) | (1 << CAP_SETGID), "system/bin/run-as" }, { 00750, AID_ROOT, AID_SHELL, 1 << CAP_SYS_BOOT, "system/bin/reboot" }, { 00755, AID_ROOT, AID_SHELL, 0, "system/bin/*" }, { 00755, AID_ROOT, AID_ROOT, 0, "system/lib/valgrind/*" }, Loading init/builtins.c +38 −0 Original line number Diff line number Diff line Loading @@ -32,6 +32,7 @@ #include <sys/wait.h> #include <linux/loop.h> #include <cutils/partition_utils.h> #include <cutils/android_reboot.h> #include <sys/system_properties.h> #include <fs_mgr.h> Loading Loading @@ -599,6 +600,43 @@ int do_restart(int nargs, char **args) return 0; } int do_powerctl(int nargs, char **args) { char command[PROP_VALUE_MAX]; int res; int len = 0; int cmd = 0; char *reboot_target; res = expand_props(command, args[1], sizeof(command)); if (res) { ERROR("powerctl: cannot expand '%s'\n", args[1]); return -EINVAL; } if (strncmp(command, "shutdown", 8) == 0) { cmd = ANDROID_RB_POWEROFF; len = 8; } else if (strncmp(command, "reboot", 6) == 0) { cmd = ANDROID_RB_RESTART2; len = 6; } else { ERROR("powerctl: unrecognized command '%s'\n", command); return -EINVAL; } if (command[len] == ',') { reboot_target = &command[len + 1]; } else if (command[len] == '\0') { reboot_target = ""; } else { ERROR("powerctl: unrecognized reboot target '%s'\n", &command[len]); return -EINVAL; } return android_reboot(cmd, 0, reboot_target); } int do_trigger(int nargs, char **args) { action_for_each_trigger(args[1], action_add_queue_tail); Loading Loading
adb/adb.c +1 −19 Original line number Diff line number Diff line Loading @@ -1199,9 +1199,8 @@ static void drop_capabilities_bounding_set_if_needed() { #endif int i; for (i = 0; prctl(PR_CAPBSET_READ, i, 0, 0, 0) >= 0; i++) { if (i == CAP_SETUID || i == CAP_SETGID || i == CAP_SYS_BOOT) { if (i == CAP_SETUID || i == CAP_SETGID) { // CAP_SETUID CAP_SETGID needed by /system/bin/run-as // CAP_SYS_BOOT needed by /system/bin/reboot continue; } int err = prctl(PR_CAPBSET_DROP, i, 0, 0, 0); Loading Loading @@ -1302,13 +1301,6 @@ int adb_main(int is_daemon, int server_port) /* don't listen on a port (default 5037) if running in secure mode */ /* don't run as root if we are running in secure mode */ if (should_drop_privileges()) { struct __user_cap_header_struct header; struct __user_cap_data_struct cap[2]; if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) != 0) { exit(1); } drop_capabilities_bounding_set_if_needed(); /* add extra groups: Loading Loading @@ -1338,16 +1330,6 @@ int adb_main(int is_daemon, int server_port) exit(1); } memset(&header, 0, sizeof(header)); memset(cap, 0, sizeof(cap)); /* set CAP_SYS_BOOT capability, so "adb reboot" will succeed */ header.version = _LINUX_CAPABILITY_VERSION_3; header.pid = 0; cap[CAP_TO_INDEX(CAP_SYS_BOOT)].effective |= CAP_TO_MASK(CAP_SYS_BOOT); cap[CAP_TO_INDEX(CAP_SYS_BOOT)].permitted |= CAP_TO_MASK(CAP_SYS_BOOT); capset(&header, cap); D("Local port disabled\n"); } else { char local_name[30]; Loading
adb/services.c +11 −2 Original line number Diff line number Diff line Loading @@ -165,6 +165,7 @@ void restart_usb_service(int fd, void *cookie) void reboot_service(int fd, void *arg) { char buf[100]; char property_val[PROPERTY_VALUE_MAX]; int pid, ret; sync(); Loading @@ -182,11 +183,19 @@ void reboot_service(int fd, void *arg) waitpid(pid, &ret, 0); } ret = android_reboot(ANDROID_RB_RESTART2, 0, (char *) arg); ret = snprintf(property_val, sizeof(property_val), "reboot,%s", (char *) arg); if (ret >= (int) sizeof(property_val)) { snprintf(buf, sizeof(buf), "reboot string too long. length=%d\n", ret); writex(fd, buf, strlen(buf)); goto cleanup; } ret = property_set(ANDROID_RB_PROPERTY, property_val); if (ret < 0) { snprintf(buf, sizeof(buf), "reboot failed: %s\n", strerror(errno)); snprintf(buf, sizeof(buf), "reboot failed: %d\n", ret); writex(fd, buf, strlen(buf)); } cleanup: free(arg); adb_close(fd); } Loading
include/cutils/android_reboot.h +2 −3 Original line number Diff line number Diff line Loading @@ -24,9 +24,8 @@ __BEGIN_DECLS #define ANDROID_RB_POWEROFF 0xDEAD0002 #define ANDROID_RB_RESTART2 0xDEAD0003 /* Flags */ #define ANDROID_RB_FLAG_NO_SYNC 0x1 #define ANDROID_RB_FLAG_NO_REMOUNT_RO 0x2 /* Properties */ #define ANDROID_RB_PROPERTY "sys.powerctl" int android_reboot(int cmd, int flags, char *arg); Loading
include/private/android_filesystem_config.h +0 −1 Original line number Diff line number Diff line Loading @@ -230,7 +230,6 @@ static const struct fs_path_config android_files[] = { /* the following files have enhanced capabilities and ARE included in user builds. */ { 00750, AID_ROOT, AID_SHELL, (1 << CAP_SETUID) | (1 << CAP_SETGID), "system/bin/run-as" }, { 00750, AID_ROOT, AID_SHELL, 1 << CAP_SYS_BOOT, "system/bin/reboot" }, { 00755, AID_ROOT, AID_SHELL, 0, "system/bin/*" }, { 00755, AID_ROOT, AID_ROOT, 0, "system/lib/valgrind/*" }, Loading
init/builtins.c +38 −0 Original line number Diff line number Diff line Loading @@ -32,6 +32,7 @@ #include <sys/wait.h> #include <linux/loop.h> #include <cutils/partition_utils.h> #include <cutils/android_reboot.h> #include <sys/system_properties.h> #include <fs_mgr.h> Loading Loading @@ -599,6 +600,43 @@ int do_restart(int nargs, char **args) return 0; } int do_powerctl(int nargs, char **args) { char command[PROP_VALUE_MAX]; int res; int len = 0; int cmd = 0; char *reboot_target; res = expand_props(command, args[1], sizeof(command)); if (res) { ERROR("powerctl: cannot expand '%s'\n", args[1]); return -EINVAL; } if (strncmp(command, "shutdown", 8) == 0) { cmd = ANDROID_RB_POWEROFF; len = 8; } else if (strncmp(command, "reboot", 6) == 0) { cmd = ANDROID_RB_RESTART2; len = 6; } else { ERROR("powerctl: unrecognized command '%s'\n", command); return -EINVAL; } if (command[len] == ',') { reboot_target = &command[len + 1]; } else if (command[len] == '\0') { reboot_target = ""; } else { ERROR("powerctl: unrecognized reboot target '%s'\n", &command[len]); return -EINVAL; } return android_reboot(cmd, 0, reboot_target); } int do_trigger(int nargs, char **args) { action_for_each_trigger(args[1], action_add_queue_tail); Loading
