X-Git-Url: https://glassweightruler.freedombox.rocks/gitweb/waydroid.git/blobdiff_plain/af296c90a788dde0b33813b12607cfab2fa65b98..HEAD:/tools/helpers/lxc.py diff --git a/tools/helpers/lxc.py b/tools/helpers/lxc.py index c2ca4e7..79eac73 100644 --- a/tools/helpers/lxc.py +++ b/tools/helpers/lxc.py @@ -2,7 +2,6 @@ # SPDX-License-Identifier: GPL-3.0-or-later import subprocess import os -import re import logging import glob import shutil @@ -55,9 +54,8 @@ def generate_nodes_lxc_config(args): make_entry("/dev/pvr_sync") make_entry("/dev/pmsg0") make_entry("/dev/dxg") - render, card = tools.helpers.gpu.getDriNode(args) - make_entry(render, "dev/dri/renderD128") - make_entry(card, "dev/dri/card0") + render, _ = tools.helpers.gpu.getDriNode(args) + make_entry(render) for n in glob.glob("/dev/fb*"): make_entry(n) @@ -65,6 +63,8 @@ def generate_nodes_lxc_config(args): make_entry(n) for n in glob.glob("/dev/video*"): make_entry(n) + for n in glob.glob("/dev/dma_heap/*"): + make_entry(n) # Binder dev nodes make_entry("/dev/" + args.BINDER_DRIVER, "dev/binder", check=False) @@ -247,6 +247,10 @@ def make_base_props(args): if not os.path.exists("/dev/ashmem"): props.append("sys.use_memfd=true") + # Added for security reasons + props.append("ro.adb.secure=1") + props.append("ro.debuggable=0") + egl = tools.helpers.props.host_get(args, "ro.hardware.egl") dri, _ = tools.helpers.gpu.getDriNode(args) @@ -258,6 +262,7 @@ def make_base_props(args): if dri: gralloc = "gbm" egl = "mesa" + props.append("gralloc.gbm.device=" + dri) else: gralloc = "default" egl = "swiftshader" @@ -300,7 +305,7 @@ def make_base_props(args): opengles = tools.helpers.props.host_get(args, "ro.opengles.version") if opengles == "": - opengles = "196609" + opengles = "196610" props.append("ro.opengles.version=" + opengles) if args.images_path not in tools.config.defaults["preinstalled_images_paths"]: @@ -427,8 +432,24 @@ ANDROID_ENV = { "BOOTCLASSPATH": "/apex/com.android.art/javalib/core-oj.jar:/apex/com.android.art/javalib/core-libart.jar:/apex/com.android.art/javalib/core-icu4j.jar:/apex/com.android.art/javalib/okhttp.jar:/apex/com.android.art/javalib/bouncycastle.jar:/apex/com.android.art/javalib/apache-xml.jar:/system/framework/framework.jar:/system/framework/ext.jar:/system/framework/telephony-common.jar:/system/framework/voip-common.jar:/system/framework/ims-common.jar:/system/framework/framework-atb-backward-compatibility.jar:/apex/com.android.conscrypt/javalib/conscrypt.jar:/apex/com.android.media/javalib/updatable-media.jar:/apex/com.android.mediaprovider/javalib/framework-mediaprovider.jar:/apex/com.android.os.statsd/javalib/framework-statsd.jar:/apex/com.android.permission/javalib/framework-permission.jar:/apex/com.android.sdkext/javalib/framework-sdkextensions.jar:/apex/com.android.wifi/javalib/framework-wifi.jar:/apex/com.android.tethering/javalib/framework-tethering.jar" } -def android_env_attach_options(): - env = [k + "=" + v for k, v in ANDROID_ENV.items()] +def android_env_attach_options(args): + local_env = ANDROID_ENV.copy() + # Include CLASSPATH env that was generated by Android + command = ["lxc-attach", "-P", tools.config.defaults["lxc"], + "-n", "waydroid", "--clear-env", "--", + "/system/bin/cat" ,"/data/system/environ/classpath"] + allowed = ["CLASSPATH", "SYSTEMSERVER"] + try: + p = subprocess.Popen(command, stdout=subprocess.PIPE, stderr=subprocess.DEVNULL) + out, _ = p.communicate() + if p.returncode == 0: + for line in out.decode().splitlines(): + _, k, v = line.split(' ', 2) + if any(pattern in k for pattern in allowed): + local_env[k] = v + except: + pass + env = [k + "=" + v for k, v in local_env.items()] return [x for var in env for x in ("--set-var", var)] def shell(args): @@ -440,7 +461,7 @@ def shell(args): return command = ["lxc-attach", "-P", tools.config.defaults["lxc"], "-n", "waydroid", "--clear-env"] - command.extend(android_env_attach_options()) + command.extend(android_env_attach_options(args)) if args.uid!=None: command.append("--uid="+str(args.uid)) if args.gid!=None: @@ -473,7 +494,12 @@ def shell(args): command.extend(args.COMMAND) else: command.append("/system/bin/sh") - subprocess.run(command) + + try: + subprocess.run(command) + except KeyboardInterrupt: + pass + if state == "FROZEN": freeze(args)