First you want to confirm that you want to turn on adbd root, or let the app get root.
(1). Root Permissions for ADBD
We usually do this when debugging the user version of the problem, or in the user version of Monkey test, in order to debug.
If you want the user version of ADB root to be turned off by default, and when you want to turn it on, you can turn it on by setting it in the project mode, then user2root the function.
This feature is turned off by default, and if turned on, it needs to be set in projectconfig.mk: Mtk_user_root_switch = yes
(2). Root privileges of the app
The root permission of the app is usually obtained by executing the SU command. Note that the KK, because of a variety of restrictions, ordinary su difficult to directly get root permissions, need to make targeted changes.
Typically we have a third-party SU built-in with a control, which is described below with the built-in Supersu and using Google default Su as an example.
(3). How to build a third-party Supersu
This approach bypasses the zygote and adbd restrictions on root capabilities boundset.
3.1. Download Supersu
supersu:http://forum.xda-developers.com/showthread.php?t=1538053
3.2. Built-in superuser.apk to System/app
Copy and rename Su to: Daemonsu
Built-in Su to System/xbin
Built-in Daemonsu to System/xbin
Built-in chattr to System/xbin
Built-in Chattr.pie to/system/xbin
3.3. Built-in install-recovery.sh to System/etc
Update Alps/system/core/inlcude/private/android_filesystem_config.h
Added at the beginning of the android_files array.
{00755, aid_root, aid_root, 0, "system/etc/install-recovery.sh"},
(4). How to build Google default Su
4.1 Let go of Google default Su only the restrictions that shell/root users use.
Delete the following 3 lines of code in SYSTEM/EXTRAS/SU/SU.C
if (myuid! = Aid_root && myUID! = Aid_shell) {
fprintf (stderr, "su:uid%d not allowed to su\n", myUID);
return 1;
}
4.2 First build this compiled su into System/bin, and then modify Su's built-in permissions to enable the Sbit bit.
Update Alps/system/core/inlcude/private/android_filesystem_config.h
In the Android_files array
Increase
{06755, aid_root, aid_root, 0, "System/bin/su"},
Note that this line is to be placed
{00755, aid_root, Aid_shell, 0, "system/bin/*"},
Before
4.3 If it is KK and later, you will need to forcibly remove the zygote and adbd to root capabilities boundset restrictions
The Cap_prctl_drop function in Update kernel/security/commoncap.c is:
Static long Cap_prctl_drop (struct cred *new, unsigned long cap)
{
Begin:let ' zygote ' and ' adbd ' drop Root capabilities Boundset ineffectively
if (!strncmp (Current->comm, "zygote", 16)) {
Return-einval;
}
if (!strncmp (Current->comm, "adbd", 16)) {
Return-einval;
}
Add End
if (!capable (CAP_SETPCAP))
Return-eperm;
if (!cap_valid (CAP))
Return-einval;
Cap_lower (New->cap_bset, CAP);
return 0;
}
After recompiling the system, after re-download, the ADB shell enters and then enters Su to see if the command line is switched to # if the switch is successful.
Android User version How to open root permissions
