android_filesystem_config.h revision 9526202d84387df3950bf526bbbaeac1ede129d2
1dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project/* 2dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project * Copyright (C) 2007 The Android Open Source Project 3dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project * 4dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project * Licensed under the Apache License, Version 2.0 (the "License"); 5dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project * you may not use this file except in compliance with the License. 6dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project * You may obtain a copy of the License at 7dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project * 8dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project * http://www.apache.org/licenses/LICENSE-2.0 9dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project * 10dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project * Unless required by applicable law or agreed to in writing, software 11dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project * distributed under the License is distributed on an "AS IS" BASIS, 12dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project * See the License for the specific language governing permissions and 14dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project * limitations under the License. 15dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project */ 16dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 17dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project/* This file is used to define the properties of the filesystem 18dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project** images generated by build tools (mkbootfs and mkyaffs2image) and 19dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project** by the device side of adb. 20dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project*/ 21dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 22dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#ifndef _ANDROID_FILESYSTEM_CONFIG_H_ 23dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define _ANDROID_FILESYSTEM_CONFIG_H_ 24dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 25dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#include <string.h> 26dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#include <sys/stat.h> 27dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#include <sys/types.h> 28e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich#include <stdint.h> 29dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 30fe8135739c5a9195e74786205c077964ba4f9c44Nick Kralevich#ifdef HAVE_ANDROID_OS 31fe8135739c5a9195e74786205c077964ba4f9c44Nick Kralevich#include <linux/capability.h> 32fe8135739c5a9195e74786205c077964ba4f9c44Nick Kralevich#else 33fe8135739c5a9195e74786205c077964ba4f9c44Nick Kralevich#include "android_filesystem_capability.h" 34fe8135739c5a9195e74786205c077964ba4f9c44Nick Kralevich#endif 35fe8135739c5a9195e74786205c077964ba4f9c44Nick Kralevich 36dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project/* This is the master Users and Groups config for the platform. 37dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey * DO NOT EVER RENUMBER 38dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey */ 39dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 40dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_ROOT 0 /* traditional unix root user */ 41dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 42dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_SYSTEM 1000 /* system server */ 43dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 44dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_RADIO 1001 /* telephony subsystem, RIL */ 45dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_BLUETOOTH 1002 /* bluetooth subsystem */ 46dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_GRAPHICS 1003 /* graphics devices */ 47dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_INPUT 1004 /* input devices */ 48dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_AUDIO 1005 /* audio devices */ 49dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_CAMERA 1006 /* camera devices */ 50dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_LOG 1007 /* log devices */ 51dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_COMPASS 1008 /* compass device */ 52dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_MOUNT 1009 /* mountd socket */ 53dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_WIFI 1010 /* wifi subsystem */ 54dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_ADB 1011 /* android debug bridge (adbd) */ 55dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_INSTALL 1012 /* group for installing packages */ 56dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_MEDIA 1013 /* mediaserver process */ 57dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_DHCP 1014 /* dhcp client */ 586e1f21584f43311f35ae7f6a4737c6a7e846083aSan Mehat#define AID_SDCARD_RW 1015 /* external storage write access */ 594a6f2321e76685b9489d020980dffb1d9ac73fc0San Mehat#define AID_VPN 1016 /* vpn system */ 601f75d709c10f49d2e2390b888e766bcfd17da860Chung-yih Wang#define AID_KEYSTORE 1017 /* keystore subsystem */ 6193ac1559b8c7ad3125ddcd896082b030faadbbd4Mike Lockwood#define AID_USB 1018 /* USB devices */ 62e572d596b3715198fb48b3d8cef4939a71d58db2aimitakeshi#define AID_DRM 1019 /* DRM server */ 631d91fcf7c0a31d27097b196579a37873ba1c0934Robert Greenwalt#define AID_MDNSR 1020 /* MulticastDNSResponder (service discovery) */ 64c29919c8d75ad218012daeda62e1e62200cad889Mike Lockwood#define AID_GPS 1021 /* GPS daemon */ 65a6a36c0b799b84d06b695027d205f21d13a3275bJeff Hamilton#define AID_UNUSED1 1022 /* deprecated, DO NOT USE */ 662e0047bdc067006d1e38418b2a0e24612d8068baMike Lockwood#define AID_MEDIA_RW 1023 /* internal media storage write access */ 67af7bdc646088e3112052f4fd35061bb720393287Mike Lockwood#define AID_MTP 1024 /* MTP USB driver access */ 68097b4ed4100369862793cf4f0fbbb969b50c154eNick Pelly#define AID_UNUSED2 1025 /* deprecated, DO NOT USE */ 697005c0375416abb595721fe9c1324ed7356beb02Jeffrey Tinker#define AID_DRMRPC 1026 /* group for drm rpc */ 70097b4ed4100369862793cf4f0fbbb969b50c154eNick Pelly#define AID_NFC 1027 /* nfc subsystem */ 7150458cf76ea7b0b03598c785acb1481ed0ae5b1dDianne Hackborn#define AID_SDCARD_R 1028 /* external storage read access */ 72b49183f122956137b8eb3487a19ae980540842c8Daniel Drown#define AID_CLAT 1029 /* clat part of nat464 */ 738cc97302b2cc42d70af3c6d84a6a46984a09fe24Doug Zongker#define AID_LOOP_RADIO 1030 /* loop radio devices */ 7408d64308b93594c587036cffcd8f6780eaf2c417Jeff Tinker#define AID_MEDIA_DRM 1031 /* MediaDrm plugins */ 75dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey#define AID_PACKAGE_INFO 1032 /* access to installed package details */ 76dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey#define AID_SDCARD_PICS 1033 /* external storage photos access */ 77dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey#define AID_SDCARD_AV 1034 /* external storage audio/video access */ 78dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey#define AID_SDCARD_ALL 1035 /* access all users external storage */ 79dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 80dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_SHELL 2000 /* adb and debug shell user */ 81dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_CACHE 2001 /* cache access */ 82dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_DIAG 2002 /* access to diagnostic resources */ 83dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 84dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project/* The 3000 series are intended for use as supplemental group id's only. 85dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project * They indicate special Android capabilities that the kernel is aware of. */ 86dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_NET_BT_ADMIN 3001 /* bluetooth: create any socket */ 87dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_NET_BT 3002 /* bluetooth: create sco, rfcomm or l2cap sockets */ 88dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_INET 3003 /* can create AF_INET and AF_INET6 sockets */ 89dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_NET_RAW 3004 /* can create raw INET sockets */ 9088dc657d50cb3289a9011828c497eee996ed958cChia-chi Yeh#define AID_NET_ADMIN 3005 /* can configure interfaces and routing tables. */ 914f1df18766fa13959f347f9c0cbb3dfa67273fa7Jeff Sharkey#define AID_NET_BW_STATS 3006 /* read bandwidth statistics */ 924f1df18766fa13959f347f9c0cbb3dfa67273fa7Jeff Sharkey#define AID_NET_BW_ACCT 3007 /* change bandwidth statistics accounting */ 93971153aa4a65c4fbc8d916c619a17d3912b2cb02Matthew Xie#define AID_NET_BT_STACK 3008 /* bluetooth: access config files */ 94dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 95dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_MISC 9998 /* access to misc storage */ 96dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define AID_NOBODY 9999 97dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 98ca185abcb58582ab58805f792eb868681ebdb55eDianne Hackborn#define AID_APP 10000 /* first app user */ 99ca185abcb58582ab58805f792eb868681ebdb55eDianne Hackborn 100ca185abcb58582ab58805f792eb868681ebdb55eDianne Hackborn#define AID_ISOLATED_START 99000 /* start of uids for fully isolated sandboxed processes */ 101ca185abcb58582ab58805f792eb868681ebdb55eDianne Hackborn#define AID_ISOLATED_END 99999 /* end of uids for fully isolated sandboxed processes */ 102ca185abcb58582ab58805f792eb868681ebdb55eDianne Hackborn 103ca185abcb58582ab58805f792eb868681ebdb55eDianne Hackborn#define AID_USER 100000 /* offset for uid ranges for each user */ 104dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 1057e41c8420e015f6b96e35e90c8a9a8ebf643cdacKenny Root#define AID_SHARED_GID_START 50000 /* start of gids for apps in each user to share */ 1067e41c8420e015f6b96e35e90c8a9a8ebf643cdacKenny Root#define AID_SHARED_GID_END 59999 /* start of gids for apps in each user to share */ 1077e41c8420e015f6b96e35e90c8a9a8ebf643cdacKenny Root 108dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#if !defined(EXCLUDE_FS_CONFIG_STRUCTURES) 109dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Projectstruct android_id_info { 110dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project const char *name; 111dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project unsigned aid; 112dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project}; 113dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 1144688ac5b73abf15798415f7260f21bd87d23dd2bNick Kralevichstatic const struct android_id_info android_ids[] = { 115dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "root", AID_ROOT, }, 116dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey 117dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "system", AID_SYSTEM, }, 118dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey 119dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "radio", AID_RADIO, }, 120dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "bluetooth", AID_BLUETOOTH, }, 121dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "graphics", AID_GRAPHICS, }, 122dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "input", AID_INPUT, }, 123dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "audio", AID_AUDIO, }, 124dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "camera", AID_CAMERA, }, 125dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "log", AID_LOG, }, 126dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "compass", AID_COMPASS, }, 127dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "mount", AID_MOUNT, }, 128dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "wifi", AID_WIFI, }, 129dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "adb", AID_ADB, }, 130dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "install", AID_INSTALL, }, 131dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "media", AID_MEDIA, }, 132dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "dhcp", AID_DHCP, }, 133dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "sdcard_rw", AID_SDCARD_RW, }, 134dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "vpn", AID_VPN, }, 135dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "keystore", AID_KEYSTORE, }, 136dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "usb", AID_USB, }, 137dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "drm", AID_DRM, }, 138dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "mdnsr", AID_MDNSR, }, 139dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "gps", AID_GPS, }, 140dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey // AID_UNUSED1 141dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "media_rw", AID_MEDIA_RW, }, 142dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "mtp", AID_MTP, }, 143dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey // AID_UNUSED2 144dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "drmrpc", AID_DRMRPC, }, 145dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "nfc", AID_NFC, }, 146dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "sdcard_r", AID_SDCARD_R, }, 147dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "clat", AID_CLAT, }, 148dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "loop_radio", AID_LOOP_RADIO, }, 149dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "mediadrm", AID_MEDIA_DRM, }, 150dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "package_info", AID_PACKAGE_INFO, }, 151dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "sdcard_pics", AID_SDCARD_PICS, }, 152dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "sdcard_av", AID_SDCARD_AV, }, 153dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "sdcard_all", AID_SDCARD_ALL, }, 154dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey 155dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "shell", AID_SHELL, }, 156dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "cache", AID_CACHE, }, 157dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "diag", AID_DIAG, }, 158dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey 159dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "net_bt_admin", AID_NET_BT_ADMIN, }, 160dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "net_bt", AID_NET_BT, }, 161dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "inet", AID_INET, }, 162dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "net_raw", AID_NET_RAW, }, 163dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "net_admin", AID_NET_ADMIN, }, 164dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "net_bw_stats", AID_NET_BW_STATS, }, 165dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "net_bw_acct", AID_NET_BW_ACCT, }, 166dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "net_bt_stack", AID_NET_BT_STACK, }, 167dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey 168dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "misc", AID_MISC, }, 169dfe0cbab3f9039f34af1dc9e31faf8155737ec2dJeff Sharkey { "nobody", AID_NOBODY, }, 170dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project}; 171dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 172dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#define android_id_count \ 173dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project (sizeof(android_ids) / sizeof(android_ids[0])) 17408c370cc50e4bdae5a59f4ddfd1e3874bb36579dDoug Zongker 175dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Projectstruct fs_path_config { 176dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project unsigned mode; 177dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project unsigned uid; 178dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project unsigned gid; 179e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich uint64_t capabilities; 180dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project const char *prefix; 181dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project}; 182dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 183dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project/* Rules for directories. 184dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project** These rules are applied based on "first match", so they 185dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project** should start with the most specific path and work their 186dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project** way up to the root. 187dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project*/ 188dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 189e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevichstatic const struct fs_path_config android_dirs[] = { 190e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00770, AID_SYSTEM, AID_CACHE, 0, "cache" }, 191e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00771, AID_SYSTEM, AID_SYSTEM, 0, "data/app" }, 192e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00771, AID_SYSTEM, AID_SYSTEM, 0, "data/app-private" }, 193e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00771, AID_SYSTEM, AID_SYSTEM, 0, "data/dalvik-cache" }, 194e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00771, AID_SYSTEM, AID_SYSTEM, 0, "data/data" }, 195e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00771, AID_SHELL, AID_SHELL, 0, "data/local/tmp" }, 196e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00771, AID_SHELL, AID_SHELL, 0, "data/local" }, 197e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 01771, AID_SYSTEM, AID_MISC, 0, "data/misc" }, 198e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00770, AID_DHCP, AID_DHCP, 0, "data/misc/dhcp" }, 199e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00775, AID_MEDIA_RW, AID_MEDIA_RW, 0, "data/media" }, 200e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00775, AID_MEDIA_RW, AID_MEDIA_RW, 0, "data/media/Music" }, 201e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00771, AID_SYSTEM, AID_SYSTEM, 0, "data" }, 202e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00750, AID_ROOT, AID_SHELL, 0, "sbin" }, 203e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00755, AID_ROOT, AID_SHELL, 0, "system/bin" }, 204e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00755, AID_ROOT, AID_SHELL, 0, "system/vendor" }, 205e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00755, AID_ROOT, AID_SHELL, 0, "system/xbin" }, 206e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00755, AID_ROOT, AID_ROOT, 0, "system/etc/ppp" }, 2070b56fc769dc193e8714d6c1f304cfbc90d593dc5Colin Cross { 00755, AID_ROOT, AID_SHELL, 0, "vendor" }, 208e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00777, AID_ROOT, AID_ROOT, 0, "sdcard" }, 209e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00755, AID_ROOT, AID_ROOT, 0, 0 }, 210dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project}; 211dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 212dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project/* Rules for files. 213dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project** These rules are applied based on "first match", so they 214dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project** should start with the most specific path and work their 215dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project** way up to the root. Prefixes ending in * denotes wildcard 216dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project** and will allow partial matches. 217dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project*/ 218e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevichstatic const struct fs_path_config android_files[] = { 219e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00440, AID_ROOT, AID_SHELL, 0, "system/etc/init.goldfish.rc" }, 220e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00550, AID_ROOT, AID_SHELL, 0, "system/etc/init.goldfish.sh" }, 221e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00440, AID_ROOT, AID_SHELL, 0, "system/etc/init.trout.rc" }, 222e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00550, AID_ROOT, AID_SHELL, 0, "system/etc/init.ril" }, 223e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00550, AID_ROOT, AID_SHELL, 0, "system/etc/init.testmenu" }, 224e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00550, AID_DHCP, AID_SHELL, 0, "system/etc/dhcpcd/dhcpcd-run-hooks" }, 225e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00444, AID_RADIO, AID_AUDIO, 0, "system/etc/AudioPara4.csv" }, 226e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00555, AID_ROOT, AID_ROOT, 0, "system/etc/ppp/*" }, 227e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00555, AID_ROOT, AID_ROOT, 0, "system/etc/rc.*" }, 228e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00644, AID_SYSTEM, AID_SYSTEM, 0, "data/app/*" }, 229e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00644, AID_MEDIA_RW, AID_MEDIA_RW, 0, "data/media/*" }, 230e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00644, AID_SYSTEM, AID_SYSTEM, 0, "data/app-private/*" }, 231e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00644, AID_APP, AID_APP, 0, "data/data/*" }, 232fe8135739c5a9195e74786205c077964ba4f9c44Nick Kralevich { 00755, AID_ROOT, AID_ROOT, 0, "system/bin/ping" }, 233fe8135739c5a9195e74786205c077964ba4f9c44Nick Kralevich 234fe8135739c5a9195e74786205c077964ba4f9c44Nick Kralevich /* the following file is INTENTIONALLY set-gid and not set-uid. 235fe8135739c5a9195e74786205c077964ba4f9c44Nick Kralevich * Do not change. */ 236e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 02750, AID_ROOT, AID_INET, 0, "system/bin/netcfg" }, 237fe8135739c5a9195e74786205c077964ba4f9c44Nick Kralevich 238fe8135739c5a9195e74786205c077964ba4f9c44Nick Kralevich /* the following five files are INTENTIONALLY set-uid, but they 239fe8135739c5a9195e74786205c077964ba4f9c44Nick Kralevich * are NOT included on user builds. */ 240e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 06755, AID_ROOT, AID_ROOT, 0, "system/xbin/su" }, 241e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 06755, AID_ROOT, AID_ROOT, 0, "system/xbin/librank" }, 242e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 06755, AID_ROOT, AID_ROOT, 0, "system/xbin/procrank" }, 243e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 06755, AID_ROOT, AID_ROOT, 0, "system/xbin/procmem" }, 244e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 06755, AID_ROOT, AID_ROOT, 0, "system/xbin/tcpdump" }, 245e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 04770, AID_ROOT, AID_RADIO, 0, "system/bin/pppd-ril" }, 246fe8135739c5a9195e74786205c077964ba4f9c44Nick Kralevich 247c6d7e200eddd620d8ac55259ab3aa5f8bfa2aadbBenoit Goby /* the following files have enhanced capabilities and ARE included in user builds. */ 248fe8135739c5a9195e74786205c077964ba4f9c44Nick Kralevich { 00750, AID_ROOT, AID_SHELL, (1 << CAP_SETUID) | (1 << CAP_SETGID), "system/bin/run-as" }, 249fe8135739c5a9195e74786205c077964ba4f9c44Nick Kralevich 2507baebf1345ff9e861ea8ccf9712128a3b7cd9fccDoug Zongker { 00750, AID_ROOT, AID_ROOT, 0, "system/bin/uncrypt" }, 2519526202d84387df3950bf526bbbaeac1ede129d2Doug Zongker { 00750, AID_ROOT, AID_ROOT, 0, "system/bin/install-recovery.sh" }, 252e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00755, AID_ROOT, AID_SHELL, 0, "system/bin/*" }, 253e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00755, AID_ROOT, AID_ROOT, 0, "system/lib/valgrind/*" }, 254e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00755, AID_ROOT, AID_SHELL, 0, "system/xbin/*" }, 255e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00755, AID_ROOT, AID_SHELL, 0, "system/vendor/bin/*" }, 2560b56fc769dc193e8714d6c1f304cfbc90d593dc5Colin Cross { 00755, AID_ROOT, AID_SHELL, 0, "vendor/bin/*" }, 257e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00750, AID_ROOT, AID_SHELL, 0, "sbin/*" }, 258e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00755, AID_ROOT, AID_ROOT, 0, "bin/*" }, 259e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00750, AID_ROOT, AID_SHELL, 0, "init*" }, 260e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00750, AID_ROOT, AID_SHELL, 0, "sbin/fs_mgr" }, 261e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00640, AID_ROOT, AID_SHELL, 0, "fstab.*" }, 262e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich { 00644, AID_ROOT, AID_ROOT, 0, 0 }, 263dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project}; 264dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project 265dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Projectstatic inline void fs_config(const char *path, int dir, 266e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich unsigned *uid, unsigned *gid, unsigned *mode, uint64_t *capabilities) 267dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project{ 268e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich const struct fs_path_config *pc; 269dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project int plen; 27008c370cc50e4bdae5a59f4ddfd1e3874bb36579dDoug Zongker 27104aaf5a424b1f88a481a17a6bc3518e2116250e2Colin Cross if (path[0] == '/') { 27204aaf5a424b1f88a481a17a6bc3518e2116250e2Colin Cross path++; 27304aaf5a424b1f88a481a17a6bc3518e2116250e2Colin Cross } 27404aaf5a424b1f88a481a17a6bc3518e2116250e2Colin Cross 275dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project pc = dir ? android_dirs : android_files; 276dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project plen = strlen(path); 277dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project for(; pc->prefix; pc++){ 278dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project int len = strlen(pc->prefix); 279dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project if (dir) { 280dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project if(plen < len) continue; 281dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project if(!strncmp(pc->prefix, path, len)) break; 282dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project continue; 283dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project } 284dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project /* If name ends in * then allow partial matches. */ 285dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project if (pc->prefix[len -1] == '*') { 286dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project if(!strncmp(pc->prefix, path, len - 1)) break; 287dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project } else if (plen == len){ 288dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project if(!strncmp(pc->prefix, path, len)) break; 289dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project } 290dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project } 291dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project *uid = pc->uid; 292dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project *gid = pc->gid; 293dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project *mode = (*mode & (~07777)) | pc->mode; 294e9e74f3c881bd73bd86be4db8b12200a61f143e1Nick Kralevich *capabilities = pc->capabilities; 29508c370cc50e4bdae5a59f4ddfd1e3874bb36579dDoug Zongker 296dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#if 0 29708c370cc50e4bdae5a59f4ddfd1e3874bb36579dDoug Zongker fprintf(stderr,"< '%s' '%s' %d %d %o >\n", 298dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project path, pc->prefix ? pc->prefix : "", *uid, *gid, *mode); 299dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#endif 300dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project} 301dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#endif 302dd7bc3319deb2b77c5d07a51b7d6cd7e11b5beb0The Android Open Source Project#endif 303