城茗國際有限公司 CITYBRAND INTERNATIONALLIMITED 第 1 页 共 5 页 Android8.1（app 调用 su）权限开启支持 Gray.Chen 版本：V1.0 系统：Android8.1 ROM 版本 Linux 版本：4.9 1.修改 ro.adb.secure 和 ro.secure 属性， 目前 R311-Android8.1com 版本，这两项已经打开无需修改。 2、修改 SELinux 权限为 Permissive SELinux 常用状态有两个 Permissive 和 Enforcing，通过 adb shell getenforce 可 查看当前所处模式，9.0 改到了 selinux.cpp 中： gray@cb:~/r311_android_8.1_com/android/system/core$ git diff init/init.cpp diff --git a/init/init.cpp b/init/init.cpp old mode 100644 new mode 100755 index f65bfe0..c6d616f --- a/init/init.cpp 

第 2 页 共 5 页 @@ static selinux_enforcing_status 城茗國際有限公司 CITYBRAND INTERNATIONALLIMITED +++ b/init/init.cpp @@ +586,7 -586,6 selinux_status_from_cmdline() { static bool selinux_is_enforcing(void) { + return false; if (ALLOW_PERMISSIVE_SELINUX) { return selinux_status_from_cmdline() == SELINUX_ENFORCING; } 3，system/core/libcutils/fs_config.cpp 添加下面权限： gray@cb:~/r311_android_8.1_com/android/system/core$ libcutils/fs_config.cpp diff --git a/libcutils/fs_config.cpp b/libcutils/fs_config.cpp old mode 100644 new mode 100755 index a4530f1..647db47 --- a/libcutils/fs_config.cpp +++ b/libcutils/fs_config.cpp @@ -147,6 +147,7 @@ static const struct fs_path_config android_files[] = { git diff { 00755, AID_ROOT, { 00755, AID_ROOT, { 00750, AID_ROOT, AID_SHELL, AID_SHELL, 0, "system/bin/crash_dump64" }, 0, "system/bin/debuggerd" }, AID_ROOT, 0, "system/bin/install-recovery.sh" }, + { 06755, AID_ROOT, AID_ROOT, 0, "system/bin/su" }, 0, "system/bin/secilc" }, 0, "system/bin/uncrypt" }, 0, "system/build.prop" }, @@ -166,7 +167,7 @@ static const struct fs_path_config android_files[] = { { 00700, AID_ROOT, { 00750, AID_ROOT, { 00600, AID_ROOT, AID_ROOT, AID_ROOT, AID_ROOT, // the following two files are INTENTIONALLY set-uid, but they // are NOT included on user builds. { 06755, AID_ROOT, { 04750, AID_ROOT, { 06755, AID_ROOT, AID_ROOT, AID_SHELL, AID_SHELL, 0, "system/xbin/procmem" }, 0, "system/xbin/su" }, 0, "system/xbin/su" }, - + // the following files have enhanced capabilities and ARE included // in user builds. 4、system/extras/su/su.cpp 屏蔽下面代码段： gray@cb:~/r311_android_8.1_com/android/system/extras$ git diff diff --git a/su/su.cpp b/su/su.cpp 

城茗國際有限公司 CITYBRAND INTERNATIONALLIMITED 第 3 页 共 5 页 old mode 100644 new mode 100755 index ee1526e..769edc8 --- a/su/su.cpp +++ b/su/su.cpp @@ -81,8 +81,8 @@ void extract_uidgids(const char* uidgids, uid_t* uid, gid_t* gid, gid_t* gids, i } int main(int argc, char** argv) { uid_t current_uid = getuid(); if (current_uid != AID_ROOT && current_uid != AID_SHELL) error(1, 0, "not //uid_t current_uid = getuid(); //if (current_uid != AID_ROOT && current_uid != AID_SHELL) error(1, 0, "not - - allowed"); + + allowed"); // Handle -h and --help. ++argv; 5、修改文件系统可写：device/softwinner/lily-perf/ 6，修改 framework/base: 

城茗國際有限公司 CITYBRAND INTERNATIONALLIMITED 第 4 页 共 5 页 7、若果是编译 user 模式，还需修改 adb 模块： 

城茗國際有限公司 CITYBRAND INTERNATIONALLIMITED 验证方法： APP 调用 su 是否报错。 第 5 页 共 5 页