eclair snapshot
diff --git a/init/property_service.c b/init/property_service.c
index 23a8821..7db7c2c 100644
--- a/init/property_service.c
+++ b/init/property_service.c
@@ -52,29 +52,32 @@
struct {
const char *prefix;
unsigned int uid;
+ unsigned int gid;
} property_perms[] = {
- { "net.rmnet0.", AID_RADIO },
- { "net.gprs.", AID_RADIO },
- { "ril.", AID_RADIO },
- { "gsm.", AID_RADIO },
- { "net.dns", AID_RADIO },
- { "net.", AID_SYSTEM },
- { "dev.", AID_SYSTEM },
- { "runtime.", AID_SYSTEM },
- { "hw.", AID_SYSTEM },
- { "sys.", AID_SYSTEM },
- { "service.", AID_SYSTEM },
- { "wlan.", AID_SYSTEM },
- { "dhcp.", AID_SYSTEM },
- { "dhcp.", AID_DHCP },
- { "vpn.", AID_SYSTEM },
- { "vpn.", AID_VPN },
- { "debug.", AID_SHELL },
- { "log.", AID_SHELL },
- { "service.adb.root", AID_SHELL },
- { "persist.sys.", AID_SYSTEM },
- { "persist.service.", AID_SYSTEM },
- { NULL, 0 }
+ { "net.rmnet0.", AID_RADIO, 0 },
+ { "net.gprs.", AID_RADIO, 0 },
+ { "net.ppp", AID_RADIO, 0 },
+ { "ril.", AID_RADIO, 0 },
+ { "gsm.", AID_RADIO, 0 },
+ { "persist.radio", AID_RADIO, 0 },
+ { "net.dns", AID_RADIO, 0 },
+ { "net.", AID_SYSTEM, 0 },
+ { "dev.", AID_SYSTEM, 0 },
+ { "runtime.", AID_SYSTEM, 0 },
+ { "hw.", AID_SYSTEM, 0 },
+ { "sys.", AID_SYSTEM, 0 },
+ { "service.", AID_SYSTEM, 0 },
+ { "wlan.", AID_SYSTEM, 0 },
+ { "dhcp.", AID_SYSTEM, 0 },
+ { "dhcp.", AID_DHCP, 0 },
+ { "vpn.", AID_SYSTEM, 0 },
+ { "vpn.", AID_VPN, 0 },
+ { "debug.", AID_SHELL, 0 },
+ { "log.", AID_SHELL, 0 },
+ { "service.adb.root", AID_SHELL, 0 },
+ { "persist.sys.", AID_SYSTEM, 0 },
+ { "persist.service.", AID_SYSTEM, 0 },
+ { NULL, 0, 0 }
};
/*
@@ -84,8 +87,10 @@
struct {
const char *service;
unsigned int uid;
+ unsigned int gid;
} control_perms[] = {
- {NULL, 0 }
+ { "dumpstate",AID_SHELL, AID_LOG },
+ {NULL, 0, 0 }
};
typedef struct {
@@ -181,7 +186,7 @@
*
* Returns 1 if uid allowed, 0 otherwise.
*/
-static int check_control_perms(const char *name, int uid) {
+static int check_control_perms(const char *name, int uid, int gid) {
int i;
if (uid == AID_SYSTEM || uid == AID_ROOT)
return 1;
@@ -189,8 +194,10 @@
/* Search the ACL */
for (i = 0; control_perms[i].service; i++) {
if (strcmp(control_perms[i].service, name) == 0) {
- if (control_perms[i].uid == uid)
+ if ((uid && control_perms[i].uid == uid) ||
+ (gid && control_perms[i].gid == gid)) {
return 1;
+ }
}
}
return 0;
@@ -200,7 +207,7 @@
* Checks permissions for setting system properties.
* Returns 1 if uid allowed, 0 otherwise.
*/
-static int check_perms(const char *name, unsigned int uid)
+static int check_perms(const char *name, unsigned int uid, int gid)
{
int i;
if (uid == 0)
@@ -213,7 +220,8 @@
int tmp;
if (strncmp(property_perms[i].prefix, name,
strlen(property_perms[i].prefix)) == 0) {
- if (property_perms[i].uid == uid) {
+ if ((uid && property_perms[i].uid == uid) ||
+ (gid && property_perms[i].gid == gid)) {
return 1;
}
}
@@ -237,7 +245,7 @@
}
}
-static void write_peristent_property(const char *name, const char *value)
+static void write_persistent_property(const char *name, const char *value)
{
const char *tempPath = PERSISTENT_PROPERTY_DIR "/.temp";
char path[PATH_MAX];
@@ -248,7 +256,7 @@
fd = open(tempPath, O_WRONLY|O_CREAT|O_TRUNC, 0600);
if (fd < 0) {
ERROR("Unable to write persistent property to temp file %s errno: %d\n", tempPath, errno);
- return;
+ return;
}
write(fd, value, strlen(value));
close(fd);
@@ -302,7 +310,7 @@
if (strcmp("net.change", name) == 0) {
return 0;
}
- /*
+ /*
* The 'net.change' property is a special property used track when any
* 'net.*' property name is updated. It is _ONLY_ updated here. Its value
* contains the last updated 'net.*' property.
@@ -310,11 +318,11 @@
property_set("net.change", name);
} else if (persistent_properties_loaded &&
strncmp("persist.", name, strlen("persist.")) == 0) {
- /*
+ /*
* Don't write properties to disk until after we have read all default properties
* to prevent them from being overwritten by default values.
*/
- write_peristent_property(name, value);
+ write_persistent_property(name, value);
}
property_changed(name, value);
return 0;
@@ -371,14 +379,14 @@
msg.value[PROP_VALUE_MAX-1] = 0;
if(memcmp(msg.name,"ctl.",4) == 0) {
- if (check_control_perms(msg.value, cr.uid)) {
+ if (check_control_perms(msg.value, cr.uid, cr.gid)) {
handle_control_message((char*) msg.name + 4, (char*) msg.value);
} else {
ERROR("sys_prop: Unable to %s service ctl [%s] uid: %d pid:%d\n",
msg.name + 4, msg.value, cr.uid, cr.pid);
}
} else {
- if (check_perms(msg.name, cr.uid)) {
+ if (check_perms(msg.name, cr.uid, cr.gid)) {
property_set((char*) msg.name, (char*) msg.value);
} else {
ERROR("sys_prop: permission denied uid:%d name:%s\n",
@@ -474,7 +482,7 @@
} else {
ERROR("Unable to open persistent property directory %s errno: %d\n", PERSISTENT_PROPERTY_DIR, errno);
}
-
+
persistent_properties_loaded = 1;
}