| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
This should be reverted when all system services have been cleaned up to not
do this. A process looking up a service while running in the background will
see the service registered by the active user (assuming the service is
registered on every user switch), not the service registered by the user that
the process itself belongs to.
BUG: 30795333
Change-Id: I1b74d58be38ed358f43c163692f9e704f8f31dbe
(cherry picked from commit e6bbe69ba739c8a08837134437aaccfea5f1d943)
|
| |
|
|
|
|
|
|
|
| |
Prevent apps from registering services without relying on selinux checks.
Bug: 29431260
Change-Id: I38c6e8bc7f7cba1cbd3568e8fed1ae7ac2054a9b
(cherry picked from commit f03ba2c0d878071603d73b7f8e9a4a468364ac27)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The selinux_status_*() interfaces require calling selinux_status_open()
first. Since this was not being called by servicemanager, the
selinux_status_updated() call was always failing and servicemanager
was not reloading service_contexts upon a policy reload.
(cherrypicked from commit bea0746b241d15626cf0a56828efc1d4640dbda7)
Change-Id: I6ac62e114bbca99c5f0999feb918fcde15009274
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
| |
|
|
|
|
|
| |
Also use the 'ptr' union member rather than 'handle'.
Signed-off-by: Serban Constantinescu <serban.constantinescu@arm.com>
Change-Id: I68e5336cd3af3bc61dbddd2b33d7e1512c0c329c
|
| |
|
|
|
|
|
|
|
|
|
|
| |
service_manager.c gets string.h inherited from
private/android_filesystem_config.h it should
not rely on this in the future. The intent is
to move fs_config function into libcutils and
thus deprecate any need for string.h in this
include file.
Bug: 19908228
Change-Id: Icc95ee02bf02c596463868b1330d209d1bd5c58a
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Reorder the find permission checks. This avoids generating misleading
SELinux denials when a service doesn't exist, or when a service is
prohibited to isolated apps.
The original reason for structuring the code this way is explained
in https://android-review.googlesource.com/#/c/100530/4/cmds/servicemanager/service_manager.c@172
The concern at the time was to avoid leaking a situation where
a caller could probe for the existance of a service. This turns out
to be unnecessary. The same return value is used for both a
permission denied and a service not found. The only side effect
is the generation of an SELinux audit log, which likely won't be
accessible to the calling application.
Change-Id: I9760e1821ed16102fa5f9bec07f8c34944565be9
|
| |
|
|
|
|
|
|
|
| |
Add SELinux MAC for the list and find functionality
to service_manager. By default the list action uses
the service_manager_type attribute as its target
object.
Change-Id: I7630f21a9f3232ae3d6d8b9a1119230b40899aef
|
| |
|
|
|
|
|
|
|
|
| |
1) Pass length through to str8 function.
2) Fix implicit function definition warning.
3) Check for NULL from bio_get_string16 functions.
Bug: 15886919
Bug: 15888753
Change-Id: I78a401d55b84f382ab83911be32b8d501998aa82
|
| |
|
|
|
|
|
|
| |
Remove the hardcoded tuples of UIDs and the services that
each is allowed to register. We will rely only on permissions
from SELinux.
Change-Id: I1c44555a6e274814282398865b30ee938f40dabb
|
| |
|
|
|
|
|
|
|
|
|
| |
Add a MAC check to the svc_can_register function in
service_manager. The types are defined in
external/sepolicy/service.te and the mapping from service
names is defined in external/sepolicy/service_contexts.
Currently uses the property context backend to parse the
contexts file.
Bug: 12909011
Change-Id: I5d90a614263c60571c7c70c2882e6fa929911ca5
|
| |
|
|
|
|
|
| |
Stop printing "invalid id " to stderr every time a process tries to
connect to the servicemanager.
Change-Id: Ib0e5a0375bfa2dec2c2f9cd668bd5dda46ed6588
|
| |
|
|
|
|
|
|
|
|
|
| |
This patch adds support for binder transactions on 64bit systems
without breaking the existing 32bit ABI. It has been tested on
the Android emulator and ARMv8 Model.
Most of the changes in this patch just follow the binder ABI.
Change-Id: I8c37b847ea65008d56554d34d4696fe3d22f7533
Signed-off-by: Serban Constantinescu <serban.constantinescu@arm.com>
|
| |
|
|
|
|
|
| |
This patch corrects the types used for storing handles.
Change-Id: If9c10782345f1de9e12b4b3fd6be9e02e6b568cd
Signed-off-by: Serban Constantinescu <serban.constantinescu@arm.com>
|
| |
|
|
|
|
|
|
| |
This patch fixes some of the ServiceManager issues. The following patches
of the series add fixes to the ABI.
Change-Id: Ib479234c8704e12592f1b149ddec67881bc50230
Signed-off-by: Serban Constantinescu <serban.constantinescu@arm.com>
|
| |
|
|
|
|
|
|
| |
This patch extends the error handling. It also adds a check for a matching
binder version - kernel/userspace.
Change-Id: I43a262934b38c5711536aaa42754fed1ef04b39e
Signed-off-by: Serban Constantinescu <serban.constantinescu@arm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This patch switches ServiceManager to use the structures exported in the
kernel headers rather then redefining its own.
struct binder_txn is replaced with struct binder_transaction_data and struct
binder_object with struct flat_binder_object, both defined in the binder driver
header <linux/binder.h>.
Change-Id: I3b3e97918173ea35a289e184774ae06193192da3
Signed-off-by: Serban Constantinescu <serban.constantinescu@arm.com>
|
| |
|
|
| |
Change-Id: Ic17752fff30676fe692c80260ff68284543385dd
|
| |
|
|
| |
Change-Id: Ie15781de079e8ecc9616cab9a5e392f5c814d9d8
|
|
|
Change-Id: I0571813c1cfcf66abd36eb9f178fc49b618e88a6
Signed-off-by: Mike Lockwood <lockwood@google.com>
|
