Merge tag 'android-6.0.1_r72' into HEAD

Android 6.0.1 Release 72 (M4B30X)

# gpg: Signature made Tue 04 Oct 2016 09:47:41 AM PDT using DSA key ID 9AB10E78
# gpg: Can't check signature: public key not found

2 files changed, 10 insertions, 3 deletions

diff --git a/cmds/servicemanager/Android.mk b/cmds/servicemanager/Android.mk
index 155cfc5..5bafd53 100644
--- a/cmds/servicemanager/Android.mk
+++ b/cmds/servicemanager/Android.mk
@@ -18,7 +18,7 @@ LOCAL_MODULE_TAGS := optional
 include $(BUILD_EXECUTABLE)
 
 include $(CLEAR_VARS)
-LOCAL_SHARED_LIBRARIES := liblog libselinux
+LOCAL_SHARED_LIBRARIES := liblog libcutils libselinux
 LOCAL_SRC_FILES := service_manager.c binder.c
 LOCAL_CFLAGS += $(svc_c_flags)
 LOCAL_MODULE := servicemanager
diff --git a/cmds/servicemanager/service_manager.c b/cmds/servicemanager/service_manager.c
index 7fa9a39..031f848 100644
--- a/cmds/servicemanager/service_manager.c
+++ b/cmds/servicemanager/service_manager.c
@@ -8,6 +8,8 @@
 #include <stdlib.h>
 #include <string.h>
 
+#include <cutils/multiuser.h>
+
 #include <private/android_filesystem_config.h>
 
 #include <selinux/android.h>
@@ -107,9 +109,14 @@ static bool check_mac_perms_from_lookup(pid_t spid, const char *perm, const char
     return allowed;
 }
 
-static int svc_can_register(const uint16_t *name, size_t name_len, pid_t spid)
+static int svc_can_register(const uint16_t *name, size_t name_len, pid_t spid, uid_t uid)
 {
     const char *perm = "add";
+
+    if (multiuser_get_app_id(uid) >= AID_APP) {
+        return 0; /* Don't allow apps to register services */
+    }
+
     return check_mac_perms_from_lookup(spid, perm, str8(name, name_len)) ? 1 : 0;
 }
 
@@ -204,7 +211,7 @@ int do_add_service(struct binder_state *bs,
     if (!handle || (len == 0) || (len > 127))
         return -1;
 
-    if (!svc_can_register(s, len, spid)) {
+    if (!svc_can_register(s, len, spid, uid)) {
         ALOGE("add_service('%s',%x) uid=%d - PERMISSION DENIED\n",
              str8(s, len), handle, uid);
         return -1;