search

aind-containers / aind

AinD: Android in Docker. Ain't an emulator.
Apache License 2.0
1.49k stars 90 forks source link

No permission to access ASHMEM #54

Open XunShi2000 opened 3 years ago

XunShi2000 commented 3 years ago

I cannot acces /dev/ashmem from aind anbox neither read or write, from both user or root, even if permission are apparently correct.

AIND:

$ docker exec -it aind bash
root@2c22efff24b8:/# ls -la /dev/ashmem
crw-rw-rw- 1 root root 10, 58 Oct 26 16:35 /dev/ashmem
root@2c22efff24b8:/# cat /dev/ashmem
root@2c22efff24b8:/# adb shell
* daemon not running; starting now at tcp:5037
* daemon started successfully
x86_64:/ $ ls -la /dev/ashmem
crw-rw-rw- 1 root root 10,  58 2020-10-26 16:35 /dev/ashmem
x86_64:/ $ cat /dev/ashmem
/system/bin/sh: cat: /dev/ashmem: Permission denied
1|x86_64:/ $ su
x86_64:/ # cat /dev/ashmem
/system/bin/sh: cat: /dev/ashmem: Permission denied
1|x86_64:/ #

cat is just as a proof of concept, opening fails also using open syscall. Of course I do not get Permission denied from normal anbox neither from the host.

NORMAL ANBOX:

$ sudo anbox.shell
NOTE: This shell will give you full root access inside the Android
      container. Be careful with what you're doing!

x86_64:/ # ls -la /dev/ashmem
crw-rw-rw- 1 u1_root u1_root 10,  58 2020-10-26 16:04 /dev/ashmem
x86_64:/ # cat /dev/ashmem
x86_64:/ #

HOST:

# ls -la /dev/ashmem
crw-rw-rw- 1 root root 10, 58 oct 18 12:46 /dev/ashmem
# cat /dev/ashmem
#
Fuseteam commented 3 years ago

this may be due to secureboot can you check if secure boot is enabled?