Loading cmds/installd/Android.bp +0 −50 Original line number Original line Diff line number Diff line cc_defaults { name: "installd_defaults", cflags: [ "-Wall", "-Werror", ], srcs: [ "commands.cpp", "globals.cpp", "utils.cpp", ], shared_libs: [ "libbase", "libcutils", "liblog", "liblogwrap", "libselinux", ], clang: true, } // // Static library used in testing and executable // cc_library_static { name: "libinstalld", defaults: ["installd_defaults"], export_include_dirs: ["."], } // // Executable // cc_binary { name: "installd", defaults: ["installd_defaults"], srcs: ["installd.cpp"], static_libs: ["libdiskusage"], init_rc: ["installd.rc"], } // OTA chroot tool // OTA chroot tool cc_binary { cc_binary { Loading @@ -62,5 +14,3 @@ cc_binary { "liblog", "liblog", ], ], } } subdirs = ["tests"] cmds/installd/Android.mk +49 −0 Original line number Original line Diff line number Diff line Loading @@ -61,3 +61,52 @@ LOCAL_SRC_FILES := otapreopt_script.sh LOCAL_REQUIRED_MODULES := otapreopt otapreopt_chroot otapreopt_slot LOCAL_REQUIRED_MODULES := otapreopt otapreopt_chroot otapreopt_slot include $(BUILD_PREBUILT) include $(BUILD_PREBUILT) common_src_files := commands.cpp globals.cpp utils.cpp common_cflags := -Wall -Werror # # Static library used in testing and executable # include $(CLEAR_VARS) LOCAL_MODULE := libinstalld LOCAL_MODULE_TAGS := eng tests LOCAL_SRC_FILES := $(common_src_files) LOCAL_CFLAGS := $(common_cflags) LOCAL_SHARED_LIBRARIES := \ libbase \ liblogwrap \ libselinux \ LOCAL_ADDITIONAL_DEPENDENCIES += $(LOCAL_PATH)/Android.mk LOCAL_CLANG := true include $(BUILD_STATIC_LIBRARY) # # Executable # include $(CLEAR_VARS) LOCAL_MODULE := installd LOCAL_MODULE_TAGS := optional LOCAL_CFLAGS := $(common_cflags) LOCAL_SRC_FILES := $(common_src_files) \ installd.cpp \ InstalldNativeService.cpp \ binder/android/os/IInstalld.aidl \ LOCAL_SHARED_LIBRARIES := \ libbase \ libbinder \ libcutils \ liblog \ liblogwrap \ libselinux \ libutils LOCAL_STATIC_LIBRARIES := libdiskusage LOCAL_ADDITIONAL_DEPENDENCIES += $(LOCAL_PATH)/Android.mk LOCAL_INIT_RC := installd.rc LOCAL_CLANG := true include $(BUILD_EXECUTABLE) cmds/installd/InstalldNativeService.cpp 0 → 100644 +120 −0 Original line number Original line Diff line number Diff line /** * Copyright (c) 2016, The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #define LOG_TAG "installd" #include <vector> #include <fstream> #include <android-base/stringprintf.h> #include <binder/IPCThreadState.h> #include <binder/IServiceManager.h> #include <cutils/log.h> #include <cutils/properties.h> #include <private/android_filesystem_config.h> #include <utils/Errors.h> #include <utils/String16.h> #include "InstalldNativeService.h" #include "commands.h" using android::base::StringPrintf; namespace android { namespace installd { namespace { constexpr const char* kDump = "android.permission.DUMP"; binder::Status checkPermission(const char* permission) { pid_t pid; uid_t uid; if (checkCallingPermission(String16(permission), reinterpret_cast<int32_t*>(&pid), reinterpret_cast<int32_t*>(&uid))) { return binder::Status::ok(); } else { auto err = StringPrintf("UID %d / PID %d lacks permission %s", uid, pid, permission); return binder::Status::fromExceptionCode(binder::Status::EX_SECURITY, String8(err.c_str())); } } binder::Status checkUid(uid_t expectedUid) { uid_t uid = IPCThreadState::self()->getCallingUid(); if (uid == expectedUid) { return binder::Status::ok(); } else { auto err = StringPrintf("UID %d is not expected UID %d", uid, expectedUid); return binder::Status::fromExceptionCode(binder::Status::EX_SECURITY, String8(err.c_str())); } } #define ENFORCE_UID(uid) { \ binder::Status status = checkUid((uid)); \ if (!status.isOk()) { \ return status; \ } \ } } // namespace status_t InstalldNativeService::start() { IPCThreadState::self()->disableBackgroundScheduling(true); status_t ret = BinderService<InstalldNativeService>::publish(); if (ret != android::OK) { return ret; } sp<ProcessState> ps(ProcessState::self()); ps->startThreadPool(); ps->giveThreadPoolName(); return android::OK; } status_t InstalldNativeService::dump(int fd, const Vector<String16> & /* args */) { const binder::Status dump_permission = checkPermission(kDump); if (!dump_permission.isOk()) { const String8 msg(dump_permission.toString8()); write(fd, msg.string(), msg.size()); return PERMISSION_DENIED; } std::string msg = "installd is happy\n"; write(fd, msg.c_str(), strlen(msg.c_str())); return NO_ERROR; } static binder::Status translateStatus(int ret) { if (ret != 0) { auto err = StringPrintf("Failed with error %d", ret); return binder::Status::fromServiceSpecificError(ret, String8(err.c_str())); } else { return binder::Status::ok(); } } binder::Status InstalldNativeService::createAppData(const std::unique_ptr<std::string>& uuid, const std::string& pkgname, int32_t userid, int32_t flags, int32_t appid, const std::string& seinfo, int32_t targetSdkVersion) { ENFORCE_UID(AID_SYSTEM); const char* _uuid = uuid ? (*uuid).c_str() : nullptr; return translateStatus(create_app_data(_uuid, pkgname.c_str(), userid, flags, appid, seinfo.c_str(), targetSdkVersion)); } } // namespace installd } // namespace android cmds/installd/InstalldNativeService.h 0 → 100644 +43 −0 Original line number Original line Diff line number Diff line /** * Copyright (c) 2016, The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #ifndef _INSTALLD_NATIVE_SERVICE_H_ #define _INSTALLD_NATIVE_SERVICE_H_ #include <vector> #include <binder/BinderService.h> #include "android/os/BnInstalld.h" namespace android { namespace installd { class InstalldNativeService : public BinderService<InstalldNativeService>, public os::BnInstalld { public: static status_t start(); static char const* getServiceName() { return "installd"; } virtual status_t dump(int fd, const Vector<String16> &args) override; binder::Status createAppData(const std::unique_ptr<std::string>& uuid, const std::string& pkgname, int32_t userid, int32_t flags, int32_t appid, const std::string& seinfo, int32_t targetSdkVersion); }; } // namespace installd } // namespace android #endif // _INSTALLD_NATIVE_SERVICE_H_ cmds/installd/binder/android/os/IInstalld.aidl 0 → 100644 +22 −0 Original line number Original line Diff line number Diff line /* * Copyright (C) 2016 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package android.os; interface IInstalld { void createAppData(in @nullable @utf8InCpp String uuid, in @utf8InCpp String pkgname, int userid, int flags, int appid, in @utf8InCpp String seinfo, int targetSdkVersion); } Loading
cmds/installd/Android.bp +0 −50 Original line number Original line Diff line number Diff line cc_defaults { name: "installd_defaults", cflags: [ "-Wall", "-Werror", ], srcs: [ "commands.cpp", "globals.cpp", "utils.cpp", ], shared_libs: [ "libbase", "libcutils", "liblog", "liblogwrap", "libselinux", ], clang: true, } // // Static library used in testing and executable // cc_library_static { name: "libinstalld", defaults: ["installd_defaults"], export_include_dirs: ["."], } // // Executable // cc_binary { name: "installd", defaults: ["installd_defaults"], srcs: ["installd.cpp"], static_libs: ["libdiskusage"], init_rc: ["installd.rc"], } // OTA chroot tool // OTA chroot tool cc_binary { cc_binary { Loading @@ -62,5 +14,3 @@ cc_binary { "liblog", "liblog", ], ], } } subdirs = ["tests"]
cmds/installd/Android.mk +49 −0 Original line number Original line Diff line number Diff line Loading @@ -61,3 +61,52 @@ LOCAL_SRC_FILES := otapreopt_script.sh LOCAL_REQUIRED_MODULES := otapreopt otapreopt_chroot otapreopt_slot LOCAL_REQUIRED_MODULES := otapreopt otapreopt_chroot otapreopt_slot include $(BUILD_PREBUILT) include $(BUILD_PREBUILT) common_src_files := commands.cpp globals.cpp utils.cpp common_cflags := -Wall -Werror # # Static library used in testing and executable # include $(CLEAR_VARS) LOCAL_MODULE := libinstalld LOCAL_MODULE_TAGS := eng tests LOCAL_SRC_FILES := $(common_src_files) LOCAL_CFLAGS := $(common_cflags) LOCAL_SHARED_LIBRARIES := \ libbase \ liblogwrap \ libselinux \ LOCAL_ADDITIONAL_DEPENDENCIES += $(LOCAL_PATH)/Android.mk LOCAL_CLANG := true include $(BUILD_STATIC_LIBRARY) # # Executable # include $(CLEAR_VARS) LOCAL_MODULE := installd LOCAL_MODULE_TAGS := optional LOCAL_CFLAGS := $(common_cflags) LOCAL_SRC_FILES := $(common_src_files) \ installd.cpp \ InstalldNativeService.cpp \ binder/android/os/IInstalld.aidl \ LOCAL_SHARED_LIBRARIES := \ libbase \ libbinder \ libcutils \ liblog \ liblogwrap \ libselinux \ libutils LOCAL_STATIC_LIBRARIES := libdiskusage LOCAL_ADDITIONAL_DEPENDENCIES += $(LOCAL_PATH)/Android.mk LOCAL_INIT_RC := installd.rc LOCAL_CLANG := true include $(BUILD_EXECUTABLE)
cmds/installd/InstalldNativeService.cpp 0 → 100644 +120 −0 Original line number Original line Diff line number Diff line /** * Copyright (c) 2016, The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #define LOG_TAG "installd" #include <vector> #include <fstream> #include <android-base/stringprintf.h> #include <binder/IPCThreadState.h> #include <binder/IServiceManager.h> #include <cutils/log.h> #include <cutils/properties.h> #include <private/android_filesystem_config.h> #include <utils/Errors.h> #include <utils/String16.h> #include "InstalldNativeService.h" #include "commands.h" using android::base::StringPrintf; namespace android { namespace installd { namespace { constexpr const char* kDump = "android.permission.DUMP"; binder::Status checkPermission(const char* permission) { pid_t pid; uid_t uid; if (checkCallingPermission(String16(permission), reinterpret_cast<int32_t*>(&pid), reinterpret_cast<int32_t*>(&uid))) { return binder::Status::ok(); } else { auto err = StringPrintf("UID %d / PID %d lacks permission %s", uid, pid, permission); return binder::Status::fromExceptionCode(binder::Status::EX_SECURITY, String8(err.c_str())); } } binder::Status checkUid(uid_t expectedUid) { uid_t uid = IPCThreadState::self()->getCallingUid(); if (uid == expectedUid) { return binder::Status::ok(); } else { auto err = StringPrintf("UID %d is not expected UID %d", uid, expectedUid); return binder::Status::fromExceptionCode(binder::Status::EX_SECURITY, String8(err.c_str())); } } #define ENFORCE_UID(uid) { \ binder::Status status = checkUid((uid)); \ if (!status.isOk()) { \ return status; \ } \ } } // namespace status_t InstalldNativeService::start() { IPCThreadState::self()->disableBackgroundScheduling(true); status_t ret = BinderService<InstalldNativeService>::publish(); if (ret != android::OK) { return ret; } sp<ProcessState> ps(ProcessState::self()); ps->startThreadPool(); ps->giveThreadPoolName(); return android::OK; } status_t InstalldNativeService::dump(int fd, const Vector<String16> & /* args */) { const binder::Status dump_permission = checkPermission(kDump); if (!dump_permission.isOk()) { const String8 msg(dump_permission.toString8()); write(fd, msg.string(), msg.size()); return PERMISSION_DENIED; } std::string msg = "installd is happy\n"; write(fd, msg.c_str(), strlen(msg.c_str())); return NO_ERROR; } static binder::Status translateStatus(int ret) { if (ret != 0) { auto err = StringPrintf("Failed with error %d", ret); return binder::Status::fromServiceSpecificError(ret, String8(err.c_str())); } else { return binder::Status::ok(); } } binder::Status InstalldNativeService::createAppData(const std::unique_ptr<std::string>& uuid, const std::string& pkgname, int32_t userid, int32_t flags, int32_t appid, const std::string& seinfo, int32_t targetSdkVersion) { ENFORCE_UID(AID_SYSTEM); const char* _uuid = uuid ? (*uuid).c_str() : nullptr; return translateStatus(create_app_data(_uuid, pkgname.c_str(), userid, flags, appid, seinfo.c_str(), targetSdkVersion)); } } // namespace installd } // namespace android
cmds/installd/InstalldNativeService.h 0 → 100644 +43 −0 Original line number Original line Diff line number Diff line /** * Copyright (c) 2016, The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #ifndef _INSTALLD_NATIVE_SERVICE_H_ #define _INSTALLD_NATIVE_SERVICE_H_ #include <vector> #include <binder/BinderService.h> #include "android/os/BnInstalld.h" namespace android { namespace installd { class InstalldNativeService : public BinderService<InstalldNativeService>, public os::BnInstalld { public: static status_t start(); static char const* getServiceName() { return "installd"; } virtual status_t dump(int fd, const Vector<String16> &args) override; binder::Status createAppData(const std::unique_ptr<std::string>& uuid, const std::string& pkgname, int32_t userid, int32_t flags, int32_t appid, const std::string& seinfo, int32_t targetSdkVersion); }; } // namespace installd } // namespace android #endif // _INSTALLD_NATIVE_SERVICE_H_
cmds/installd/binder/android/os/IInstalld.aidl 0 → 100644 +22 −0 Original line number Original line Diff line number Diff line /* * Copyright (C) 2016 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package android.os; interface IInstalld { void createAppData(in @nullable @utf8InCpp String uuid, in @utf8InCpp String pkgname, int userid, int flags, int appid, in @utf8InCpp String seinfo, int targetSdkVersion); }
