Gitiles
Code Review Sign In
review.evervolv.com / android_bootable_recovery / f0e31b89b96ace2bfee7b9fd0d68e0c5ee613b9c / . / hijack / hijack.c
blob: eb55de5942dd3e50dca1e410538583dc32c4e669 [file] [log] [blame]
Koushik Duttad632c0d2010-08-16 09:22:18 -0700[diff] [blame]1#include <ctype.h>
2#include <errno.h>
3#include <fcntl.h>
4#include <getopt.h>
5#include <limits.h>
6#include <linux/input.h>
7#include <stdio.h>
8#include <stdlib.h>
9#include <string.h>
10#include <sys/reboot.h>
11#include <sys/types.h>
12#include <time.h>
13#include <unistd.h>
14
15#include <sys/wait.h>
16#include <sys/limits.h>
17#include <dirent.h>
18#include <sys/stat.h>
19
20#include <signal.h>
21#include <sys/wait.h>
Koushik Duttaf0e31b82010-08-17 16:55:38 -0700[diff] [blame^]22#include <sys/types.h>
23#include <sys/stat.h>
24#include <stdio.h>
25#include <errno.h>
26#include <stdlib.h>
27#include <sys/mount.h>
28#include <sys/stat.h>
29#include <sys/types.h>
30#include <unistd.h>
Koushik Duttad632c0d2010-08-16 09:22:18 -0700[diff] [blame]31
Koushik Duttaf0e31b82010-08-17 16:55:38 -0700[diff] [blame^]32#include <limits.h>
Koushik Duttad632c0d2010-08-16 09:22:18 -0700[diff] [blame]33
Koushik Duttaf0e31b82010-08-17 16:55:38 -0700[diff] [blame^]34#include <cutils/properties.h>
35
36#define RECOVERY_MODE_FILE "/data/.recovery_mode"
Koushik Duttad632c0d2010-08-16 09:22:18 -0700[diff] [blame]37#define UPDATE_BINARY BOARD_HIJACK_RECOVERY_PATH"/update-binary"
38#define UPDATE_PACKAGE BOARD_HIJACK_RECOVERY_PATH"/recovery.zip"
Koushik Duttaf0e31b82010-08-17 16:55:38 -0700[diff] [blame^]39#define PRERECOVERY_BOOT BOARD_HIJACK_RECOVERY_PATH"/prerecoveryboot.sh"
Koushik Duttad632c0d2010-08-16 09:22:18 -0700[diff] [blame]40
Koushik Duttad632c0d2010-08-16 09:22:18 -0700[diff] [blame]41int
Koushik Duttaf0e31b82010-08-17 16:55:38 -0700[diff] [blame^]42exec_and_wait(char** argp)
Koushik Duttad632c0d2010-08-16 09:22:18 -0700[diff] [blame]43{
44 pid_t pid;
45 sig_t intsave, quitsave;
46 sigset_t mask, omask;
47 int pstat;
Koushik Duttaf0e31b82010-08-17 16:55:38 -0700[diff] [blame^]48
Koushik Duttad632c0d2010-08-16 09:22:18 -0700[diff] [blame]49 sigemptyset(&mask);
50 sigaddset(&mask, SIGCHLD);
51 sigprocmask(SIG_BLOCK, &mask, &omask);
52 switch (pid = vfork()) {
53 case -1: /* error */
54 sigprocmask(SIG_SETMASK, &omask, NULL);
55 return(-1);
56 case 0: /* child */
57 sigprocmask(SIG_SETMASK, &omask, NULL);
Koushik Duttaf0e31b82010-08-17 16:55:38 -0700[diff] [blame^]58 execve(argp[0], argp, environ);
Koushik Duttad632c0d2010-08-16 09:22:18 -0700[diff] [blame]59 _exit(127);
60 }
61
62 intsave = (sig_t) bsd_signal(SIGINT, SIG_IGN);
63 quitsave = (sig_t) bsd_signal(SIGQUIT, SIG_IGN);
64 pid = waitpid(pid, (int *)&pstat, 0);
65 sigprocmask(SIG_SETMASK, &omask, NULL);
66 (void)bsd_signal(SIGINT, intsave);
67 (void)bsd_signal(SIGQUIT, quitsave);
68 return (pid == -1 ? -1 : pstat);
69}
70
Koushik Duttaf0e31b82010-08-17 16:55:38 -0700[diff] [blame^]71typedef char* string;
72
Koushik Duttad632c0d2010-08-16 09:22:18 -0700[diff] [blame]73int main(int argc, char** argv) {
74 char* hijacked_executable = argv[0];
75 struct stat info;
76
77 if (NULL != strstr(hijacked_executable, "hijack")) {
78 // no op
Koushik Duttaf0e31b82010-08-17 16:55:38 -0700[diff] [blame^]79 if (argc >= 2) {
80 if (strcmp("sh", argv[1]) == 0) {
81 return ash_main(argc - 1, argv + 1);
82 }
83 if (strcmp("mount", argv[1]) == 0) {
84 printf("mount!\n");
85 return mount_main(argc - 1, argv + 1);
86 }
87 if (strcmp("umount", argv[1]) == 0) {
88 printf("umount!\n");
89 return umount_main(argc - 1, argv + 1);
90 }
91 }
Koushik Duttad632c0d2010-08-16 09:22:18 -0700[diff] [blame]92 printf("Hijack!\n");
93 return 0;
94 }
95
96 char cmd[PATH_MAX];
97 if (0 == stat(RECOVERY_MODE_FILE, &info)) {
98 remove(RECOVERY_MODE_FILE);
Koushik Duttad632c0d2010-08-16 09:22:18 -0700[diff] [blame]99 sprintf(cmd, "%s 2 0 %s", UPDATE_BINARY, UPDATE_PACKAGE);
Koushik Duttaf0e31b82010-08-17 16:55:38 -0700[diff] [blame^]100
101 char* remount_root_args[] = { "/system/bin/hijack", "mount", "-orw,remount", "/", NULL };
102 //mount_main(3, remount_root_args);
103 //__system("/system/bin/hijack mount -orw,remount /");
104 exec_and_wait(remount_root_args);
105
106 mkdir("/preinstall", S_IRWXU);
107 mkdir("/tmp", S_IRWXU);
108 mkdir("/res", S_IRWXU);
109 mkdir("/res/images", S_IRWXU);
110 remove("/etc");
111 mkdir("/etc", S_IRWXU);
112 rename("/sbin/adbd", "/sbin/adbd.old");
113 property_set("ctl.stop", "runtime");
114 property_set("ctl.stop", "zygote");
115 property_set("persist.service.adb.enable", "1");
116
117 char* mount_preinstall_args[] = { "/system/bin/hijack", "mount", "/dev/block/preinstall", "/preinstall", NULL };
118 //mount_main(3, mount_preinstall_args);
119 //__system("/system/bin/hijack mount /dev/block/preinstall /preinstall");
120 exec_and_wait(mount_preinstall_args);
121
122 char* umount_args[] = { "/system/bin/hijack", "umount", "-l", "/system", NULL };
123 exec_and_wait(umount_args);
124
125 char* updater_args[] = { UPDATE_BINARY, "2", "0", UPDATE_PACKAGE, NULL };
126 return exec_and_wait(updater_args);
Koushik Duttad632c0d2010-08-16 09:22:18 -0700[diff] [blame]127 }
128
Koushik Duttaf0e31b82010-08-17 16:55:38 -0700[diff] [blame^]129 char real_executable[PATH_MAX];
130 sprintf(real_executable, "%s.bin", hijacked_executable);
131 string* argp = (string*)malloc(sizeof(string) * (argc + 1));
Koushik Duttad632c0d2010-08-16 09:22:18 -0700[diff] [blame]132 int i;
Koushik Duttaf0e31b82010-08-17 16:55:38 -0700[diff] [blame^]133 for (i = 0; i < argc; i++) {
134 argp[i]=argv[i];
Koushik Duttad632c0d2010-08-16 09:22:18 -0700[diff] [blame]135 }
Koushik Duttaf0e31b82010-08-17 16:55:38 -0700[diff] [blame^]136 argp[argc] = NULL;
Koushik Duttad632c0d2010-08-16 09:22:18 -0700[diff] [blame]137
Koushik Duttaf0e31b82010-08-17 16:55:38 -0700[diff] [blame^]138 argp[0] = real_executable;
139
140 return exec_and_wait(argp);
Koushik Duttad632c0d2010-08-16 09:22:18 -0700[diff] [blame]141}