原创 RK3562编译Android13 ROOT固件教程，触觉智能开发板演示

 2025-1-8 00:06  89 0 分类: MCU/ 嵌入式

本文介绍编译Android13 ROOT权限固件的方法，触觉智能RK3562开发板演示，搭载4核A53处理器，主频高达2.0GHz；内置独立1Tops算力NPU，可应用于物联网网关、平板电脑、智能家居、教育电子、工业显示与控制等行业。

关闭selinux

修改此文件（"+"号为修改内容）

device/rockchip/common/BoardConfig.mk

BOARD_BOOT_HEADER_VERSION ?= 2BOARD_MKBOOTIMG_ARGS :=BOARD_PREBUILT_DTBOIMAGE ?= $(TARGET_DEVICE_DIR)/dtbo.imgBOARD_ROCKCHIP_VIRTUAL_AB_ENABLE ?= false-BOARD_SELINUX_ENFORCING?=true+BOARD_SELINUX_ENFORCING?=false

注释用户组权限检测

修改此文件（"+"号为修改内容）

system/extras/su/su.cpp

void extract_uidgids(const char* uidgids, uid_t* uid, gid_t*gid, gid_t* gids, i}int main(int argc, char** argv) {- uid_t current_uid = getuid();- if (current_uid != AID_ROOT && current_uid != AID_SHELL) error(1, 0, "notallowed");+ //uid_t current_uid = getuid();+ //if (current_uid != AID_ROOT && current_uid != AID_SHELL) error(1, 0, "notallowed");

给su文件默认授予root权限

修改此文件（"+"号为修改内容）

system/core/libcutils/fs_config.cpp

staticconststructfs_path_configandroid_dirs[] = {     { 00751, AID_ROOT,         AID_SHELL,        0, "system/bin" },     { 00755, AID_ROOT,         AID_ROOT,         0, "system/etc/ppp" },     { 00755, AID_ROOT,         AID_SHELL,        0, "system/vendor" },-    { 00750, AID_ROOT,         AID_SHELL,        0, "system/xbin" },+    { 00755, AID_ROOT,         AID_SHELL,        0, "system/xbin" },     { 00751, AID_ROOT,         AID_SHELL,        0, "system/apex/*/bin" },     { 00751, AID_ROOT,         AID_SHELL,        0, "system_ext/bin" },     { 00751, AID_ROOT,         AID_SHELL,        0, "system_ext/apex/*/bin" },staticconststructfs_path_configandroid_files[] = {// the following two files are INTENTIONALLY set-uid, but they// are NOT included on user builds.     { 06755, AID_ROOT,      AID_ROOT,      0, "system/xbin/procmem" },-    { 04750, AID_ROOT,      AID_SHELL,     0, "system/xbin/su" },+    { 06755, AID_ROOT,      AID_SHELL,     0, "system/xbin/su" },

然后修改此文件（"+"号为修改内容）

frameworks/base/core/jni/com_android_internal_os_Zygote.cpp

static void DropCapabilitiesBoundingSet(fail_fn_t fail_fn) {+/*for (int i = 0; prctl(PR_CAPBSET_READ, i, 0, 0, 0) >= 0; i++) {;if (prctl(PR_CAPBSET_DROP, i, 0, 0, 0) == -1) {if (errno == EINVAL) {        ALOGE("prctl(PR_CAPBSET_DROP) failed with EINVAL. Please verify ""your kernel is compiled with file capabilities support");      } else {        fail_fn(CREATE_ERROR("prctl(PR_CAPBSET_DROP, %d) failed: %s", i, strerror(errno)));      }    }  }+ */}

最后修改此文件（"+"号为修改内容）kernel-5.10/security/commoncap.c

intcap_task_setnice(struct task_struct *p, int nice)staticintcap_prctl_drop(unsigned long cap){struct cred *new;+/*    if (!ns_capable(current_user_ns(), CAP_SETPCAP))    return -EPERM;    if (!cap_valid(cap))    return -EINVAL;-+*/new = prepare_creds();