1dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project/* 2dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project * Copyright (C) 2007 The Android Open Source Project 3dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project * 4dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project * Licensed under the Apache License, Version 2.0 (the "License"); 5dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project * you may not use this file except in compliance with the License. 6dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project * You may obtain a copy of the License at 7dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project * 8dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project * http://www.apache.org/licenses/LICENSE-2.0 9dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project * 10dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project * Unless required by applicable law or agreed to in writing, software 11dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project * distributed under the License is distributed on an "AS IS" BASIS, 12dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project * See the License for the specific language governing permissions and 14dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project * limitations under the License. 15dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project */ 16dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 17dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project/* This file is used to define the properties of the filesystem 18dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project** images generated by build tools (mkbootfs and mkyaffs2image) and 19dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project** by the device side of adb. 20dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project*/ 21dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 22dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#ifndef _ANDROID_FILESYSTEM_CONFIG_H_ 23dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define _ANDROID_FILESYSTEM_CONFIG_H_ 24dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 25dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#include <string.h> 26dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#include <sys/stat.h> 27dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#include <sys/types.h> 28e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich#include <stdint.h> 29dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 30fe8135739c5a9195e74786205c077964ba4f9c44Nick Kralevich#ifdef HAVE_ANDROID_OS 31fe8135739c5a9195e74786205c077964ba4f9c44Nick Kralevich#include <linux/capability.h> 32fe8135739c5a9195e74786205c077964ba4f9c44Nick Kralevich#else 33fe8135739c5a9195e74786205c077964ba4f9c44Nick Kralevich#include "android_filesystem_capability.h" 34fe8135739c5a9195e74786205c077964ba4f9c44Nick Kralevich#endif 35fe8135739c5a9195e74786205c077964ba4f9c44Nick Kralevich 36dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project/* This is the master Users and Groups config for the platform. 37dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey * DO NOT EVER RENUMBER 38dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey */ 39dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 40dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_ROOT 0 /* traditional unix root user */ 41dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 42dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_SYSTEM 1000 /* system server */ 43dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 44dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_RADIO 1001 /* telephony subsystem, RIL */ 45dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_BLUETOOTH 1002 /* bluetooth subsystem */ 46dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_GRAPHICS 1003 /* graphics devices */ 47dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_INPUT 1004 /* input devices */ 48dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_AUDIO 1005 /* audio devices */ 49dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_CAMERA 1006 /* camera devices */ 50dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_LOG 1007 /* log devices */ 51dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_COMPASS 1008 /* compass device */ 52dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_MOUNT 1009 /* mountd socket */ 53dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_WIFI 1010 /* wifi subsystem */ 54dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_ADB 1011 /* android debug bridge (adbd) */ 55dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_INSTALL 1012 /* group for installing packages */ 56dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_MEDIA 1013 /* mediaserver process */ 57dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_DHCP 1014 /* dhcp client */ 586e1f21584f43311f35ae7f6a4737c6a7e846083aSan Mehat#define AID_SDCARD_RW 1015 /* external storage write access */ 594a6f2321e76685b9489d020980dffb1d9ac73fc0San Mehat#define AID_VPN 1016 /* vpn system */ 601f75d709c10f49d2e2390b888e766bcfd17da860Chung-yih Wang#define AID_KEYSTORE 1017 /* keystore subsystem */ 6193ac1559b8c7ad3125ddcd896082b030faadbbd4Mike Lockwood#define AID_USB 1018 /* USB devices */ 62e572d596b3715198fb48b3d8cef4939a71d58db2aimitakeshi#define AID_DRM 1019 /* DRM server */ 631d91fcf7c0a31d27097b196579a37873ba1c0934Robert Greenwalt#define AID_MDNSR 1020 /* MulticastDNSResponder (service discovery) */ 64c29919c8d75ad218012daeda62e1e62200cad889Mike Lockwood#define AID_GPS 1021 /* GPS daemon */ 65a6a36c0b799b84d06b695027d205f21d13a3275bJeff Hamilton#define AID_UNUSED1 1022 /* deprecated, DO NOT USE */ 662e0047bdc067006d1e38418b2a0e24612d8068baMike Lockwood#define AID_MEDIA_RW 1023 /* internal media storage write access */ 67af7bdc646088e3112052f4fd35061bb720393287Mike Lockwood#define AID_MTP 1024 /* MTP USB driver access */ 68097b4ed4100369862793cf4f0fbbb969b50c154eNick Pelly#define AID_UNUSED2 1025 /* deprecated, DO NOT USE */ 697005c0375416abb595721fe9c1324ed7356beb02Jeffrey Tinker#define AID_DRMRPC 1026 /* group for drm rpc */ 70097b4ed4100369862793cf4f0fbbb969b50c154eNick Pelly#define AID_NFC 1027 /* nfc subsystem */ 7150458cf76ea7b0b03598c785acb1481ed0ae5b1dDianne Hackborn#define AID_SDCARD_R 1028 /* external storage read access */ 72b49183f122956137b8eb3487a19ae980540842c8Daniel Drown#define AID_CLAT 1029 /* clat part of nat464 */ 738cc97302b2cc42d70af3c6d84a6a46984a09fe24Doug Zongker#define AID_LOOP_RADIO 1030 /* loop radio devices */ 7408d64308b93594c587036cffcd8f6780eaf2c417Jeff Tinker#define AID_MEDIA_DRM 1031 /* MediaDrm plugins */ 75dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey#define AID_PACKAGE_INFO 1032 /* access to installed package details */ 76dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey#define AID_SDCARD_PICS 1033 /* external storage photos access */ 77dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey#define AID_SDCARD_AV 1034 /* external storage audio/video access */ 78dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey#define AID_SDCARD_ALL 1035 /* access all users external storage */ 793e76e0a49760c4970b7cda6153e51026af98e4f3Nick Kralevich#define AID_LOGD 1036 /* log daemon */ 80234f696ea7f97dc489290827c1c68f26279de294Torne (Richard Coles)#define AID_SHARED_RELRO 1037 /* creator of shared GNU RELRO files */ 81dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 82dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_SHELL 2000 /* adb and debug shell user */ 83dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_CACHE 2001 /* cache access */ 84dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_DIAG 2002 /* access to diagnostic resources */ 85dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 86dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project/* The 3000 series are intended for use as supplemental group id's only. 87dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project * They indicate special Android capabilities that the kernel is aware of. */ 88dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_NET_BT_ADMIN 3001 /* bluetooth: create any socket */ 89dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_NET_BT 3002 /* bluetooth: create sco, rfcomm or l2cap sockets */ 90dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_INET 3003 /* can create AF_INET and AF_INET6 sockets */ 91dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_NET_RAW 3004 /* can create raw INET sockets */ 9288dc657d50cb3289a9011828c497eee996ed958cChia-chi Yeh#define AID_NET_ADMIN 3005 /* can configure interfaces and routing tables. */ 934f1df18766fa13959f347f9c0cbb3dfa67273fa7Jeff Sharkey#define AID_NET_BW_STATS 3006 /* read bandwidth statistics */ 944f1df18766fa13959f347f9c0cbb3dfa67273fa7Jeff Sharkey#define AID_NET_BW_ACCT 3007 /* change bandwidth statistics accounting */ 95971153aa4a65c4fbc8d916c619a17d3912b2cb02Matthew Xie#define AID_NET_BT_STACK 3008 /* bluetooth: access config files */ 96dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 97b3ef03951cecf4515d0cba759fb1b94c34111adcRobin Lee#define AID_EVERYBODY 9997 /* shared between all apps in the same profile */ 98dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_MISC 9998 /* access to misc storage */ 99dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_NOBODY 9999 100dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 101ca185abcb58582ab58805f792eb868681ebdb55eDianne Hackborn#define AID_APP 10000 /* first app user */ 102ca185abcb58582ab58805f792eb868681ebdb55eDianne Hackborn 103ca185abcb58582ab58805f792eb868681ebdb55eDianne Hackborn#define AID_ISOLATED_START 99000 /* start of uids for fully isolated sandboxed processes */ 104ca185abcb58582ab58805f792eb868681ebdb55eDianne Hackborn#define AID_ISOLATED_END 99999 /* end of uids for fully isolated sandboxed processes */ 105ca185abcb58582ab58805f792eb868681ebdb55eDianne Hackborn 106ca185abcb58582ab58805f792eb868681ebdb55eDianne Hackborn#define AID_USER 100000 /* offset for uid ranges for each user */ 107dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 1087e41c8420e015f6b96e35e90c8a9a8ebf643cdacKenny Root#define AID_SHARED_GID_START 50000 /* start of gids for apps in each user to share */ 1097e41c8420e015f6b96e35e90c8a9a8ebf643cdacKenny Root#define AID_SHARED_GID_END 59999 /* start of gids for apps in each user to share */ 1107e41c8420e015f6b96e35e90c8a9a8ebf643cdacKenny Root 111dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#if !defined(EXCLUDE_FS_CONFIG_STRUCTURES) 112dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Projectstruct android_id_info { 113dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project const char *name; 114dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project unsigned aid; 115dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project}; 116dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 1174688ac5b73abf15798415f7260f21bd87d23dd2bNick Kralevichstatic const struct android_id_info android_ids[] = { 118dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "root", AID_ROOT, }, 119dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey 120dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "system", AID_SYSTEM, }, 121dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey 122dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "radio", AID_RADIO, }, 123dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "bluetooth", AID_BLUETOOTH, }, 124dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "graphics", AID_GRAPHICS, }, 125dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "input", AID_INPUT, }, 126dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "audio", AID_AUDIO, }, 127dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "camera", AID_CAMERA, }, 128dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "log", AID_LOG, }, 129dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "compass", AID_COMPASS, }, 130dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "mount", AID_MOUNT, }, 131dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "wifi", AID_WIFI, }, 132dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "adb", AID_ADB, }, 133dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "install", AID_INSTALL, }, 134dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "media", AID_MEDIA, }, 135dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "dhcp", AID_DHCP, }, 136dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "sdcard_rw", AID_SDCARD_RW, }, 137dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "vpn", AID_VPN, }, 138dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "keystore", AID_KEYSTORE, }, 139dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "usb", AID_USB, }, 140dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "drm", AID_DRM, }, 141dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "mdnsr", AID_MDNSR, }, 142dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "gps", AID_GPS, }, 143dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey // AID_UNUSED1 144dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "media_rw", AID_MEDIA_RW, }, 145dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "mtp", AID_MTP, }, 146dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey // AID_UNUSED2 147dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "drmrpc", AID_DRMRPC, }, 148dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "nfc", AID_NFC, }, 149dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "sdcard_r", AID_SDCARD_R, }, 150dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "clat", AID_CLAT, }, 151dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "loop_radio", AID_LOOP_RADIO, }, 152dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "mediadrm", AID_MEDIA_DRM, }, 153dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "package_info", AID_PACKAGE_INFO, }, 154dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "sdcard_pics", AID_SDCARD_PICS, }, 155dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "sdcard_av", AID_SDCARD_AV, }, 156dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "sdcard_all", AID_SDCARD_ALL, }, 1573e76e0a49760c4970b7cda6153e51026af98e4f3Nick Kralevich { "logd", AID_LOGD, }, 158234f696ea7f97dc489290827c1c68f26279de294Torne (Richard Coles) { "shared_relro", AID_SHARED_RELRO, }, 159dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey 160dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "shell", AID_SHELL, }, 161dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "cache", AID_CACHE, }, 162dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "diag", AID_DIAG, }, 163dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey 164dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "net_bt_admin", AID_NET_BT_ADMIN, }, 165dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "net_bt", AID_NET_BT, }, 166dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "inet", AID_INET, }, 167dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "net_raw", AID_NET_RAW, }, 168dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "net_admin", AID_NET_ADMIN, }, 169dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "net_bw_stats", AID_NET_BW_STATS, }, 170dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "net_bw_acct", AID_NET_BW_ACCT, }, 171dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "net_bt_stack", AID_NET_BT_STACK, }, 172dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey 173b3ef03951cecf4515d0cba759fb1b94c34111adcRobin Lee { "everybody", AID_EVERYBODY, }, 174dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "misc", AID_MISC, }, 175dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "nobody", AID_NOBODY, }, 176dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project}; 177dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 178dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define android_id_count \ 179dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project (sizeof(android_ids) / sizeof(android_ids[0])) 18008c370cc50e4bdae5a59f4ddfd1e3874bb36579dDoug Zongker 181dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Projectstruct fs_path_config { 182dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project unsigned mode; 183dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project unsigned uid; 184dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project unsigned gid; 185e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich uint64_t capabilities; 186dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project const char *prefix; 187dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project}; 188dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 189dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project/* Rules for directories. 190dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project** These rules are applied based on "first match", so they 191dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project** should start with the most specific path and work their 192dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project** way up to the root. 193dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project*/ 194dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 195e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevichstatic const struct fs_path_config android_dirs[] = { 196e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00770, AID_SYSTEM, AID_CACHE, 0, "cache" }, 197e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00771, AID_SYSTEM, AID_SYSTEM, 0, "data/app" }, 198e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00771, AID_SYSTEM, AID_SYSTEM, 0, "data/app-private" }, 199c692410e1607a39cd6d55f4be8164fc630d9772cAlex Light { 00771, AID_ROOT, AID_ROOT, 0, "data/dalvik-cache" }, 200e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00771, AID_SYSTEM, AID_SYSTEM, 0, "data/data" }, 201e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00771, AID_SHELL, AID_SHELL, 0, "data/local/tmp" }, 202e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00771, AID_SHELL, AID_SHELL, 0, "data/local" }, 203e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 01771, AID_SYSTEM, AID_MISC, 0, "data/misc" }, 204e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00770, AID_DHCP, AID_DHCP, 0, "data/misc/dhcp" }, 205234f696ea7f97dc489290827c1c68f26279de294Torne (Richard Coles) { 00771, AID_SHARED_RELRO, AID_SHARED_RELRO, 0, "data/misc/shared_relro" }, 206e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00775, AID_MEDIA_RW, AID_MEDIA_RW, 0, "data/media" }, 207e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00775, AID_MEDIA_RW, AID_MEDIA_RW, 0, "data/media/Music" }, 208e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00771, AID_SYSTEM, AID_SYSTEM, 0, "data" }, 209e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00750, AID_ROOT, AID_SHELL, 0, "sbin" }, 210e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00755, AID_ROOT, AID_SHELL, 0, "system/bin" }, 211e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00755, AID_ROOT, AID_SHELL, 0, "system/vendor" }, 212e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00755, AID_ROOT, AID_SHELL, 0, "system/xbin" }, 213e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00755, AID_ROOT, AID_ROOT, 0, "system/etc/ppp" }, 2140b56fc769dc193e8714d6c1f304cfbc90d593dc5Colin Cross { 00755, AID_ROOT, AID_SHELL, 0, "vendor" }, 215e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00777, AID_ROOT, AID_ROOT, 0, "sdcard" }, 216e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00755, AID_ROOT, AID_ROOT, 0, 0 }, 217dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project}; 218dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 219dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project/* Rules for files. 220dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project** These rules are applied based on "first match", so they 221dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project** should start with the most specific path and work their 222dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project** way up to the root. Prefixes ending in * denotes wildcard 223dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project** and will allow partial matches. 224dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project*/ 225e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevichstatic const struct fs_path_config android_files[] = { 226e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00440, AID_ROOT, AID_SHELL, 0, "system/etc/init.goldfish.rc" }, 227e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00550, AID_ROOT, AID_SHELL, 0, "system/etc/init.goldfish.sh" }, 228e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00440, AID_ROOT, AID_SHELL, 0, "system/etc/init.trout.rc" }, 229e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00550, AID_ROOT, AID_SHELL, 0, "system/etc/init.ril" }, 230e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00550, AID_ROOT, AID_SHELL, 0, "system/etc/init.testmenu" }, 231e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00550, AID_DHCP, AID_SHELL, 0, "system/etc/dhcpcd/dhcpcd-run-hooks" }, 232e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00444, AID_RADIO, AID_AUDIO, 0, "system/etc/AudioPara4.csv" }, 233e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00555, AID_ROOT, AID_ROOT, 0, "system/etc/ppp/*" }, 234e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00555, AID_ROOT, AID_ROOT, 0, "system/etc/rc.*" }, 235e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00644, AID_SYSTEM, AID_SYSTEM, 0, "data/app/*" }, 236e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00644, AID_MEDIA_RW, AID_MEDIA_RW, 0, "data/media/*" }, 237e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00644, AID_SYSTEM, AID_SYSTEM, 0, "data/app-private/*" }, 238e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00644, AID_APP, AID_APP, 0, "data/data/*" }, 239fe8135739c5a9195e74786205c077964ba4f9c44Nick Kralevich { 00755, AID_ROOT, AID_ROOT, 0, "system/bin/ping" }, 240fe8135739c5a9195e74786205c077964ba4f9c44Nick Kralevich 241fe8135739c5a9195e74786205c077964ba4f9c44Nick Kralevich /* the following file is INTENTIONALLY set-gid and not set-uid. 242fe8135739c5a9195e74786205c077964ba4f9c44Nick Kralevich * Do not change. */ 243e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 02750, AID_ROOT, AID_INET, 0, "system/bin/netcfg" }, 244fe8135739c5a9195e74786205c077964ba4f9c44Nick Kralevich 245fe8135739c5a9195e74786205c077964ba4f9c44Nick Kralevich /* the following five files are INTENTIONALLY set-uid, but they 246fe8135739c5a9195e74786205c077964ba4f9c44Nick Kralevich * are NOT included on user builds. */ 247c3df8d756291b5258c21335e1266efb941fd7d0aNick Kralevich { 04750, AID_ROOT, AID_SHELL, 0, "system/xbin/su" }, 248e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 06755, AID_ROOT, AID_ROOT, 0, "system/xbin/librank" }, 249e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 06755, AID_ROOT, AID_ROOT, 0, "system/xbin/procrank" }, 250e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 06755, AID_ROOT, AID_ROOT, 0, "system/xbin/procmem" }, 251e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 04770, AID_ROOT, AID_RADIO, 0, "system/bin/pppd-ril" }, 252fe8135739c5a9195e74786205c077964ba4f9c44Nick Kralevich 253c6d7e200eddd620d8ac55259ab3aa5f8bfa2aadbBenoit Goby /* the following files have enhanced capabilities and ARE included in user builds. */ 254fe8135739c5a9195e74786205c077964ba4f9c44Nick Kralevich { 00750, AID_ROOT, AID_SHELL, (1 << CAP_SETUID) | (1 << CAP_SETGID), "system/bin/run-as" }, 255fe8135739c5a9195e74786205c077964ba4f9c44Nick Kralevich 2567baebf1345ff9e861ea8ccf9712128a3b7cd9fccDoug Zongker { 00750, AID_ROOT, AID_ROOT, 0, "system/bin/uncrypt" }, 2579526202d84387df3950bf526bbbaeac1ede129d2Doug Zongker { 00750, AID_ROOT, AID_ROOT, 0, "system/bin/install-recovery.sh" }, 258e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00755, AID_ROOT, AID_SHELL, 0, "system/bin/*" }, 259e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00755, AID_ROOT, AID_ROOT, 0, "system/lib/valgrind/*" }, 2606b7ab90ca9e67324c4f07bfc46e1b6ed86c741c5Narayan Kamath { 00755, AID_ROOT, AID_ROOT, 0, "system/lib64/valgrind/*" }, 261e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00755, AID_ROOT, AID_SHELL, 0, "system/xbin/*" }, 262e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00755, AID_ROOT, AID_SHELL, 0, "system/vendor/bin/*" }, 2630b56fc769dc193e8714d6c1f304cfbc90d593dc5Colin Cross { 00755, AID_ROOT, AID_SHELL, 0, "vendor/bin/*" }, 264e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00750, AID_ROOT, AID_SHELL, 0, "sbin/*" }, 265e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00755, AID_ROOT, AID_ROOT, 0, "bin/*" }, 266e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00750, AID_ROOT, AID_SHELL, 0, "init*" }, 267e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00750, AID_ROOT, AID_SHELL, 0, "sbin/fs_mgr" }, 268e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00640, AID_ROOT, AID_SHELL, 0, "fstab.*" }, 269e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00644, AID_ROOT, AID_ROOT, 0, 0 }, 270dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project}; 271dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 272dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Projectstatic inline void fs_config(const char *path, int dir, 273e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich unsigned *uid, unsigned *gid, unsigned *mode, uint64_t *capabilities) 274dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project{ 275e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich const struct fs_path_config *pc; 276dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project int plen; 27708c370cc50e4bdae5a59f4ddfd1e3874bb36579dDoug Zongker 27804aaf5a424b1f88a481a17a6bc3518e2116250e2Colin Cross if (path[0] == '/') { 27904aaf5a424b1f88a481a17a6bc3518e2116250e2Colin Cross path++; 28004aaf5a424b1f88a481a17a6bc3518e2116250e2Colin Cross } 28104aaf5a424b1f88a481a17a6bc3518e2116250e2Colin Cross 282dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project pc = dir ? android_dirs : android_files; 283dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project plen = strlen(path); 284dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project for(; pc->prefix; pc++){ 285dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project int len = strlen(pc->prefix); 286dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project if (dir) { 287dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project if(plen < len) continue; 288dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project if(!strncmp(pc->prefix, path, len)) break; 289dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project continue; 290dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project } 291dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project /* If name ends in * then allow partial matches. */ 292dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project if (pc->prefix[len -1] == '*') { 293dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project if(!strncmp(pc->prefix, path, len - 1)) break; 294dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project } else if (plen == len){ 295dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project if(!strncmp(pc->prefix, path, len)) break; 296dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project } 297dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project } 298dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project *uid = pc->uid; 299dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project *gid = pc->gid; 300dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project *mode = (*mode & (~07777)) | pc->mode; 301e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich *capabilities = pc->capabilities; 30208c370cc50e4bdae5a59f4ddfd1e3874bb36579dDoug Zongker 303dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#if 0 30408c370cc50e4bdae5a59f4ddfd1e3874bb36579dDoug Zongker fprintf(stderr,"< '%s' '%s' %d %d %o >\n", 305dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project path, pc->prefix ? pc->prefix : "", *uid, *gid, *mode); 306dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#endif 307dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project} 308dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#endif 309dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#endif 310