Chromium Code Reviews Chromium Code Reviews
Issue 251743003:
telemetry: android: use both methods to access protected files (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| Index: build/android/pylib/android_commands.py |
| diff --git a/build/android/pylib/android_commands.py b/build/android/pylib/android_commands.py |
| index b734d17597838541dbda1a12527f05949a2d9eac..68794098ea1601c104d179bdb2ed7acabd110882 100644 |
| --- a/build/android/pylib/android_commands.py |
| +++ b/build/android/pylib/android_commands.py |
| @@ -297,6 +297,7 @@ class AndroidCommands(object): |
| 'command': None, |
| 'cached': False, |
| } |
| + self._protected_file_access_method = None |
| @property |
| def system_properties(self): |
| @@ -1103,29 +1104,74 @@ class AndroidCommands(object): |
| def RunShellCommandWithSU(self, command, timeout_time=20, log_result=False): |
| return self.RunShellCommand('su -c %s' % command, timeout_time, log_result) |
| + _ACCESS_METHOD_NO_ACCESS = 0 |
|
bulach
2014/04/29 10:21:39
nit: you may as well start with 1 (and if you like
|
| + _ACCESS_METHOD_AS_ROOT = 1 |
| + _ACCESS_METHOD_WITH_SU = 2 |
| + |
| def CanAccessProtectedFileContents(self): |
| - """Returns True if Get/SetProtectedFileContents would work via "su". |
| + """Returns True if Get/SetProtectedFileContents would work via "su" or adb |
| + shell running as root. |
| Devices running user builds don't have adb root, but may provide "su" which |
| can be used for accessing protected files. |
| """ |
| - r = self.RunShellCommandWithSU('cat /dev/null') |
| - return r == [] or r[0].strip() == '' |
| + return (self._ProtectedFileAccessMethod() != |
| + AndroidCommands._ACCESS_METHOD_NO_ACCESS) |
| + |
| + def _ProtectedFileAccessMethod(self): |
| + """Tests for the best method to access protected files on the device. |
| + |
| + Returns: |
| + _ACCESS_METHOD_NO_ACCESS: if protected files cannot be accessed |
| + _ACCESS_METHOD_AS_ROOT: if the adb shell has root privileges |
| + _ACCESS_METHOD_WITH_SU: if the 'su' command properly works on the device |
| + """ |
| + if self._protected_file_access_method is not None: |
| + return self._protected_file_access_method |
| + |
| + def IsValidAuxContents(contents): |
|
bulach
2014/04/29 10:21:39
I'm not sure it'd be more readable, but how about:
pasko
2014/04/29 12:57:38
Maybe. This method is elegant, but introduces a si
|
| + # The leading 4 or 8-bytes of auxv vector is a_type. There are not many |
| + # reserved a_type values, hence byte 2 must always be '\0' for a realistic |
| + # auxv. See /usr/include/elf.h. |
| + return len(contents) > 0 and (contents[0][2] == '\0') |
| + |
| + self._protected_file_access_method = ( |
| + AndroidCommands._ACCESS_METHOD_NO_ACCESS) |
| + |
| + # Get contents of the auxv vector for the init(8) process from a small |
| + # binary file that always exists on linux and is always read-protected. |
| + contents = self.RunShellCommand('cat /proc/1/auxv') |
| + if IsValidAuxContents(contents): |
| + # Protected data is available without SU, hence adb is running as root. |
| + self._protected_file_access_method = ( |
| + AndroidCommands._ACCESS_METHOD_AS_ROOT) |
| + else: |
| + contents = self.RunShellCommandWithSU('cat /proc/1/auxv') |
| + if IsValidAuxContents(contents): |
| + # Protected data is available when asked with SU. |
| + self._protected_file_access_method = ( |
| + AndroidCommands._ACCESS_METHOD_WITH_SU) |
| + return self._protected_file_access_method |
| def GetProtectedFileContents(self, filename): |
| """Gets contents from the protected file specified by |filename|. |
| - This is less efficient than GetFileContents, but will work for protected |
| - files and device files. |
| + This is potentially less efficient than GetFileContents. |
| """ |
| - # Run the script as root |
| - return self.RunShellCommandWithSU('cat "%s" 2> /dev/null' % filename) |
| + command = 'cat "%s" 2> /dev/null' % filename |
| + access_method = self._ProtectedFileAccessMethod() |
| + if access_method == AndroidCommands._ACCESS_METHOD_WITH_SU: |
| + return self.RunShellCommandWithSU(command) |
| + elif access_method == AndroidCommands._ACCESS_METHOD_AS_ROOT: |
| + return self.RunShellCommand(command) |
| + else: |
| + logging.warning('Could not access protected file: %s' % filename) |
| + return [] |
| def SetProtectedFileContents(self, filename, contents): |
| """Writes |contents| to the protected file specified by |filename|. |
| - This is less efficient than SetFileContents, but will work for protected |
| - files and device files. |
| + This is less efficient than SetFileContents. |
| """ |
| temp_file = self._GetDeviceTempFileName(AndroidCommands._TEMP_FILE_BASE_FMT) |
| temp_script = self._GetDeviceTempFileName( |
| @@ -1135,8 +1181,16 @@ class AndroidCommands(object): |
| self.SetFileContents(temp_file, contents) |
| # Create a script to copy the file contents to its final destination |
| self.SetFileContents(temp_script, 'cat %s > %s' % (temp_file, filename)) |
| - # Run the script as root |
| - self.RunShellCommandWithSU('sh %s' % temp_script) |
| + |
| + command = 'sh %s' % temp_script |
| + access_method = self._ProtectedFileAccessMethod() |
| + if access_method == AndroidCommands._ACCESS_METHOD_WITH_SU: |
| + return self.RunShellCommandWithSU(command) |
| + elif access_method == AndroidCommands._ACCESS_METHOD_AS_ROOT: |
| + return self.RunShellCommand(command) |
| + else: |
| + logging.warning('Could not set contents of protected file: %s' % filename) |
| + |
| # And remove the temporary files |
| self.RunShellCommand('rm ' + temp_file) |
| self.RunShellCommand('rm ' + temp_script) |
