Gitiles
Code Review Sign In
review.blissroms.org / platform_frameworks_native / c0808155fd10d2d5c49bb4c8d4cafed8da28c182^! / . / cmds / dumpstate / dumpstate.cpp
commitc0808155fd10d2d5c49bb4c8d4cafed8da28c182[log] [tgz]
authorFelipe Leme <felipeal@google.com>Fri Jun 17 17:37:13 2016 -0700
committerFelipe Leme <felipeal@google.com>Mon Jun 20 09:32:44 2016 -0700
tree4e984c0b5f13b28ace3a7e8360a4b74d8063eddf
parente1e1e75173d557466e824782c61802a8415c7073 [diff] [blame]
Run iptables as root.

iptables requires root access and su is not available on user builds,
hence it must be ran before dropping uid to shell user.

BUG: 29455997

Change-Id: I10c6337b411875b061ae9556b6e9c44f83301ae1

diff --git a/cmds/dumpstate/dumpstate.cpp b/cmds/dumpstate/dumpstate.cpp
index cd7c4aa..0f39d46 100644
--- a/cmds/dumpstate/dumpstate.cpp
+++ b/cmds/dumpstate/dumpstate.cpp

@@ -627,6 +627,15 @@
     return true;
 }
 
+static void dump_iptables() {
+    run_command("IPTABLES", 10, "iptables", "-L", "-nvx", NULL);
+    run_command("IP6TABLES", 10, "ip6tables", "-L", "-nvx", NULL);
+    run_command("IPTABLE NAT", 10, "iptables", "-t", "nat", "-L", "-nvx", NULL);
+    /* no ip6 nat */
+    run_command("IPTABLE RAW", 10, "iptables", "-t", "raw", "-L", "-nvx", NULL);
+    run_command("IP6TABLE RAW", 10, "ip6tables", "-t", "raw", "-L", "-nvx", NULL);
+}
+
 static void dumpstate(const std::string& screenshot_path, const std::string& version) {
     DurationReporter duration_reporter("DUMPSTATE");
     unsigned long timeout;
@@ -800,16 +809,7 @@
     run_command("ARP CACHE", 10, "ip", "-4", "neigh", "show", NULL);
     run_command("IPv6 ND CACHE", 10, "ip", "-6", "neigh", "show", NULL);
     run_command("MULTICAST ADDRESSES", 10, "ip", "maddr", NULL);
-
-    run_command("IPTABLES", 10, SU_PATH, "root", "iptables", "-L", "-nvx", NULL);
-    run_command("IP6TABLES", 10, SU_PATH, "root", "ip6tables", "-L", "-nvx", NULL);
-    run_command("IPTABLE NAT", 10, SU_PATH, "root", "iptables", "-t", "nat", "-L", "-nvx", NULL);
-    /* no ip6 nat */
-    run_command("IPTABLE RAW", 10, SU_PATH, "root", "iptables", "-t", "raw", "-L", "-nvx", NULL);
-    run_command("IP6TABLE RAW", 10, SU_PATH, "root", "ip6tables", "-t", "raw", "-L", "-nvx", NULL);
-
-    run_command("WIFI NETWORKS", 20,
-            SU_PATH, "root", "wpa_cli", "IFNAME=wlan0", "list_networks", NULL);
+    run_command("WIFI NETWORKS", 20, "wpa_cli", "IFNAME=wlan0", "list_networks", NULL);
 
 #ifdef FWDUMP_bcmdhd
     run_command("ND OFFLOAD TABLE", 5,
@@ -1283,7 +1283,7 @@
     /* collect stack traces from Dalvik and native processes (needs root) */
     dump_traces_path = dump_traces();
 
-    /* Get the tombstone fds, recovery files, and mount info here while we are running as root. */
+    /* Run some operations that require root. */
     get_tombstone_fds(tombstone_data);
     add_dir(RECOVERY_DIR, true);
     add_dir(RECOVERY_DATA_DIR, true);
@@ -1293,6 +1293,7 @@
         add_dir(PROFILE_DATA_DIR_REF, true);
     }
     add_mountinfo();
+    dump_iptables();
 
     if (!drop_root_user()) {
         return -1;