From dbee7f4650dfb419d12ebaf13e96bc54ae880b99 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arve=20Hj=C3=B8nnev=C3=A5g?= Date: Mon, 1 Aug 2016 16:05:17 -0700 Subject: DO NOT MERGE ServiceManager: Restore basic uid check Prevent apps from registering services without relying on selinux checks. Bug: 29431260 Change-Id: I38c6e8bc7f7cba1cbd3568e8fed1ae7ac2054a9b (cherry picked from commit f03ba2c0d878071603d73b7f8e9a4a468364ac27) --- cmds/servicemanager/service_manager.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'cmds') diff --git a/cmds/servicemanager/service_manager.c b/cmds/servicemanager/service_manager.c index 7fa9a39..4c993c2 100644 --- a/cmds/servicemanager/service_manager.c +++ b/cmds/servicemanager/service_manager.c @@ -107,9 +107,14 @@ static bool check_mac_perms_from_lookup(pid_t spid, const char *perm, const char return allowed; } -static int svc_can_register(const uint16_t *name, size_t name_len, pid_t spid) +static int svc_can_register(const uint16_t *name, size_t name_len, pid_t spid, uid_t uid) { const char *perm = "add"; + + if (uid >= AID_APP) { + return 0; /* Don't allow apps to register services */ + } + return check_mac_perms_from_lookup(spid, perm, str8(name, name_len)) ? 1 : 0; } @@ -204,7 +209,7 @@ int do_add_service(struct binder_state *bs, if (!handle || (len == 0) || (len > 127)) return -1; - if (!svc_can_register(s, len, spid)) { + if (!svc_can_register(s, len, spid, uid)) { ALOGE("add_service('%s',%x) uid=%d - PERMISSION DENIED\n", str8(s, len), handle, uid); return -1; -- cgit v1.1 From 390c2d3512fcbf0f4e1890baef12f3bd1d23dc56 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arve=20Hj=C3=B8nnev=C3=A5g?= Date: Thu, 18 Aug 2016 15:42:35 -0700 Subject: ServiceManager: Allow system services running as secondary users to add services This should be reverted when all system services have been cleaned up to not do this. A process looking up a service while running in the background will see the service registered by the active user (assuming the service is registered on every user switch), not the service registered by the user that the process itself belongs to. BUG: 30795333 Change-Id: I1b74d58be38ed358f43c163692f9e704f8f31dbe (cherry picked from commit e6bbe69ba739c8a08837134437aaccfea5f1d943) --- cmds/servicemanager/Android.mk | 2 +- cmds/servicemanager/service_manager.c | 4 +++- 2 files changed, 4 insertions(+), 2 deletions(-) (limited to 'cmds') diff --git a/cmds/servicemanager/Android.mk b/cmds/servicemanager/Android.mk index 155cfc5..5bafd53 100644 --- a/cmds/servicemanager/Android.mk +++ b/cmds/servicemanager/Android.mk @@ -18,7 +18,7 @@ LOCAL_MODULE_TAGS := optional include $(BUILD_EXECUTABLE) include $(CLEAR_VARS) -LOCAL_SHARED_LIBRARIES := liblog libselinux +LOCAL_SHARED_LIBRARIES := liblog libcutils libselinux LOCAL_SRC_FILES := service_manager.c binder.c LOCAL_CFLAGS += $(svc_c_flags) LOCAL_MODULE := servicemanager diff --git a/cmds/servicemanager/service_manager.c b/cmds/servicemanager/service_manager.c index 4c993c2..031f848 100644 --- a/cmds/servicemanager/service_manager.c +++ b/cmds/servicemanager/service_manager.c @@ -8,6 +8,8 @@ #include #include +#include + #include #include @@ -111,7 +113,7 @@ static int svc_can_register(const uint16_t *name, size_t name_len, pid_t spid, u { const char *perm = "add"; - if (uid >= AID_APP) { + if (multiuser_get_app_id(uid) >= AID_APP) { return 0; /* Don't allow apps to register services */ } -- cgit v1.1