Loading libs/vr/libpdx_uds/Android.bp +3 −0 Original line number Diff line number Diff line Loading @@ -24,6 +24,9 @@ cc_library_static { "libbase", "libpdx", ], whole_static_libs: [ "libselinux", ], } cc_test { Loading libs/vr/libpdx_uds/service_endpoint.cpp +33 −0 Original line number Diff line number Diff line Loading @@ -11,6 +11,7 @@ #include <android-base/strings.h> #include <cutils/sockets.h> #include <pdx/service.h> #include <selinux/selinux.h> #include <uds/channel_manager.h> #include <uds/client_channel_factory.h> #include <uds/ipc_helper.h> Loading Loading @@ -364,6 +365,36 @@ Status<void> Endpoint::ModifyChannelEvents(int channel_id, int clear_mask, Status<void> Endpoint::CreateChannelSocketPair(LocalHandle* local_socket, LocalHandle* remote_socket) { Status<void> status; char* endpoint_context = nullptr; // Make sure the channel socket has the correct SELinux label applied. // Here we get the label from the endpoint file descriptor, which should be // something like "u:object_r:pdx_service_endpoint_socket:s0" and replace // "endpoint" with "channel" to produce the channel label such as this: // "u:object_r:pdx_service_channel_socket:s0". if (fgetfilecon_raw(socket_fd_.Get(), &endpoint_context) > 0) { std::string channel_context = endpoint_context; freecon(endpoint_context); const std::string suffix = "_endpoint_socket"; auto pos = channel_context.find(suffix); if (pos != std::string::npos) { channel_context.replace(pos, suffix.size(), "_channel_socket"); } else { ALOGW( "Endpoint::CreateChannelSocketPair: Endpoint security context '%s' " "does not contain expected substring '%s'", channel_context.c_str(), suffix.c_str()); } ALOGE_IF(setsockcreatecon_raw(channel_context.c_str()) == -1, "Endpoint::CreateChannelSocketPair: Failed to set channel socket " "security context: %s", strerror(errno)); } else { ALOGE( "Endpoint::CreateChannelSocketPair: Failed to obtain the endpoint " "socket's security context: %s", strerror(errno)); } int channel_pair[2] = {}; if (socketpair(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0, channel_pair) == -1) { ALOGE("Endpoint::CreateChannelSocketPair: Failed to create socket pair: %s", Loading @@ -372,6 +403,8 @@ Status<void> Endpoint::CreateChannelSocketPair(LocalHandle* local_socket, return status; } setsockcreatecon_raw(nullptr); local_socket->Reset(channel_pair[0]); remote_socket->Reset(channel_pair[1]); Loading services/surfaceflinger/surfaceflinger.rc +3 −3 Original line number Diff line number Diff line Loading @@ -4,6 +4,6 @@ service surfaceflinger /system/bin/surfaceflinger group graphics drmrpc readproc onrestart restart zygote writepid /dev/stune/foreground/tasks socket pdx/system/vr/display/client stream 0666 system graphics socket pdx/system/vr/display/manager stream 0666 system graphics socket pdx/system/vr/display/vsync stream 0666 system graphics socket pdx/system/vr/display/client stream 0666 system graphics u:object_r:pdx_display_client_endpoint_socket:s0 socket pdx/system/vr/display/manager stream 0666 system graphics u:object_r:pdx_display_manager_endpoint_socket:s0 socket pdx/system/vr/display/vsync stream 0666 system graphics u:object_r:pdx_display_vsync_endpoint_socket:s0 services/vr/bufferhubd/bufferhubd.rc +1 −1 Original line number Diff line number Diff line Loading @@ -3,4 +3,4 @@ service bufferhubd /system/bin/bufferhubd user system group system writepid /dev/cpuset/tasks socket pdx/system/buffer_hub/client stream 0660 system system socket pdx/system/buffer_hub/client stream 0660 system system u:object_r:pdx_bufferhub_client_endpoint_socket:s0 services/vr/performanced/performanced.rc +1 −1 Original line number Diff line number Diff line Loading @@ -3,4 +3,4 @@ service performanced /system/bin/performanced user root group system readproc writepid /dev/cpuset/tasks socket pdx/system/performance/client stream 0666 system system socket pdx/system/performance/client stream 0666 system system u:object_r:pdx_performance_client_endpoint_socket:s0 Loading
libs/vr/libpdx_uds/Android.bp +3 −0 Original line number Diff line number Diff line Loading @@ -24,6 +24,9 @@ cc_library_static { "libbase", "libpdx", ], whole_static_libs: [ "libselinux", ], } cc_test { Loading
libs/vr/libpdx_uds/service_endpoint.cpp +33 −0 Original line number Diff line number Diff line Loading @@ -11,6 +11,7 @@ #include <android-base/strings.h> #include <cutils/sockets.h> #include <pdx/service.h> #include <selinux/selinux.h> #include <uds/channel_manager.h> #include <uds/client_channel_factory.h> #include <uds/ipc_helper.h> Loading Loading @@ -364,6 +365,36 @@ Status<void> Endpoint::ModifyChannelEvents(int channel_id, int clear_mask, Status<void> Endpoint::CreateChannelSocketPair(LocalHandle* local_socket, LocalHandle* remote_socket) { Status<void> status; char* endpoint_context = nullptr; // Make sure the channel socket has the correct SELinux label applied. // Here we get the label from the endpoint file descriptor, which should be // something like "u:object_r:pdx_service_endpoint_socket:s0" and replace // "endpoint" with "channel" to produce the channel label such as this: // "u:object_r:pdx_service_channel_socket:s0". if (fgetfilecon_raw(socket_fd_.Get(), &endpoint_context) > 0) { std::string channel_context = endpoint_context; freecon(endpoint_context); const std::string suffix = "_endpoint_socket"; auto pos = channel_context.find(suffix); if (pos != std::string::npos) { channel_context.replace(pos, suffix.size(), "_channel_socket"); } else { ALOGW( "Endpoint::CreateChannelSocketPair: Endpoint security context '%s' " "does not contain expected substring '%s'", channel_context.c_str(), suffix.c_str()); } ALOGE_IF(setsockcreatecon_raw(channel_context.c_str()) == -1, "Endpoint::CreateChannelSocketPair: Failed to set channel socket " "security context: %s", strerror(errno)); } else { ALOGE( "Endpoint::CreateChannelSocketPair: Failed to obtain the endpoint " "socket's security context: %s", strerror(errno)); } int channel_pair[2] = {}; if (socketpair(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0, channel_pair) == -1) { ALOGE("Endpoint::CreateChannelSocketPair: Failed to create socket pair: %s", Loading @@ -372,6 +403,8 @@ Status<void> Endpoint::CreateChannelSocketPair(LocalHandle* local_socket, return status; } setsockcreatecon_raw(nullptr); local_socket->Reset(channel_pair[0]); remote_socket->Reset(channel_pair[1]); Loading
services/surfaceflinger/surfaceflinger.rc +3 −3 Original line number Diff line number Diff line Loading @@ -4,6 +4,6 @@ service surfaceflinger /system/bin/surfaceflinger group graphics drmrpc readproc onrestart restart zygote writepid /dev/stune/foreground/tasks socket pdx/system/vr/display/client stream 0666 system graphics socket pdx/system/vr/display/manager stream 0666 system graphics socket pdx/system/vr/display/vsync stream 0666 system graphics socket pdx/system/vr/display/client stream 0666 system graphics u:object_r:pdx_display_client_endpoint_socket:s0 socket pdx/system/vr/display/manager stream 0666 system graphics u:object_r:pdx_display_manager_endpoint_socket:s0 socket pdx/system/vr/display/vsync stream 0666 system graphics u:object_r:pdx_display_vsync_endpoint_socket:s0
services/vr/bufferhubd/bufferhubd.rc +1 −1 Original line number Diff line number Diff line Loading @@ -3,4 +3,4 @@ service bufferhubd /system/bin/bufferhubd user system group system writepid /dev/cpuset/tasks socket pdx/system/buffer_hub/client stream 0660 system system socket pdx/system/buffer_hub/client stream 0660 system system u:object_r:pdx_bufferhub_client_endpoint_socket:s0
services/vr/performanced/performanced.rc +1 −1 Original line number Diff line number Diff line Loading @@ -3,4 +3,4 @@ service performanced /system/bin/performanced user root group system readproc writepid /dev/cpuset/tasks socket pdx/system/performance/client stream 0666 system system socket pdx/system/performance/client stream 0666 system system u:object_r:pdx_performance_client_endpoint_socket:s0
