问题
I have an Android application that call a native shared library by jni. This shared library invokes some loadable kernel modules .ko
My app run fail when jni calls the function in shared library that invokes kernel module. But when I write an executable using this shared library, it works fine when call above function.
I found that my app run with user name is "u0_axx" and my executable run by command line with root. So maybe it doesn't have permission to invokes kernel module.
My question is how does this native code run with root permission? Or some solution to solve such kind of issue?
Ps: I also tried to use Runtime.getRuntime().exec("su") and added <uses-permission android:name="android.permission.ACCESS_SUPERUSER"/> into manifest but it doesn't help and get an exception that permission denied. My device is rooted and my app is built as system app.
回答1:
You can set your app to run as System,
android:sharedUserId="android.uid.system"
This requires some extra steps, but it won't give your JNI code access to kernel module.
For that, you need some mediator process (running as root) which can receive a request from your Java or native code, and call the kernel function for you. You can use
Runtime.getRuntime().exec("su …")
But it may be easier to start this mediator process as a service from init.rc. A specialized library like https://github.com/SpazeDog/rootfw may help, too.
You can find more explanations at https://boundarydevices.com/android-security-part-1-application-signatures-permissions/.
来源:https://stackoverflow.com/questions/51856601/android-native-how-does-native-code-written-in-jni-run-with-root-permission