Merge changes from topic 'bind'

cc_defaults {

    name: "installd_defaults",

    cflags: [

        "-Wall",

        "-Werror",

    ],

    srcs: [

        "commands.cpp",

        "globals.cpp",

        "utils.cpp",

    ],

    shared_libs: [

        "libbase",

        "libcutils",

        "liblog",

        "liblogwrap",

        "libselinux",

    ],

    clang: true,

}

//

// Static library used in testing and executable

//

cc_library_static {

    name: "libinstalld",

    defaults: ["installd_defaults"],

    export_include_dirs: ["."],

}

//

// Executable

//

cc_binary {

    name: "installd",

    defaults: ["installd_defaults"],

    srcs: ["installd.cpp"],

    static_libs: ["libdiskusage"],

    init_rc: ["installd.rc"],

}

// OTA chroot tool

cc_binary {

        "liblog",

    ],

}

subdirs = ["tests"]

LOCAL_REQUIRED_MODULES := otapreopt otapreopt_chroot otapreopt_slot

include $(BUILD_PREBUILT)

common_src_files := commands.cpp globals.cpp utils.cpp

common_cflags := -Wall -Werror

#

# Static library used in testing and executable

#

include $(CLEAR_VARS)

LOCAL_MODULE := libinstalld

LOCAL_MODULE_TAGS := eng tests

LOCAL_SRC_FILES := $(common_src_files)

LOCAL_CFLAGS := $(common_cflags)

LOCAL_SHARED_LIBRARIES := \

    libbase \

    liblogwrap \

    libselinux \

LOCAL_ADDITIONAL_DEPENDENCIES += $(LOCAL_PATH)/Android.mk

LOCAL_CLANG := true

include $(BUILD_STATIC_LIBRARY)

#

# Executable

#

include $(CLEAR_VARS)

LOCAL_MODULE := installd

LOCAL_MODULE_TAGS := optional

LOCAL_CFLAGS := $(common_cflags)

LOCAL_SRC_FILES := $(common_src_files) \

    installd.cpp \

    InstalldNativeService.cpp \

    binder/android/os/IInstalld.aidl \

LOCAL_SHARED_LIBRARIES := \

    libbase \

    libbinder \

    libcutils \

    liblog \

    liblogwrap \

    libselinux \

    libutils

LOCAL_STATIC_LIBRARIES := libdiskusage

LOCAL_ADDITIONAL_DEPENDENCIES += $(LOCAL_PATH)/Android.mk

LOCAL_INIT_RC := installd.rc

LOCAL_CLANG := true

include $(BUILD_EXECUTABLE)

/**

 * Copyright (c) 2016, The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *     http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

#define LOG_TAG "installd"

#include <vector>

#include <fstream>

#include <android-base/stringprintf.h>

#include <binder/IPCThreadState.h>

#include <binder/IServiceManager.h>

#include <cutils/log.h>

#include <cutils/properties.h>

#include <private/android_filesystem_config.h>

#include <utils/Errors.h>

#include <utils/String16.h>

#include "InstalldNativeService.h"

#include "commands.h"

using android::base::StringPrintf;

namespace android {

namespace installd {

namespace {

constexpr const char* kDump = "android.permission.DUMP";

binder::Status checkPermission(const char* permission) {

    pid_t pid;

    uid_t uid;

    if (checkCallingPermission(String16(permission), reinterpret_cast<int32_t*>(&pid),

            reinterpret_cast<int32_t*>(&uid))) {

        return binder::Status::ok();

    } else {

        auto err = StringPrintf("UID %d / PID %d lacks permission %s", uid, pid, permission);

        return binder::Status::fromExceptionCode(binder::Status::EX_SECURITY, String8(err.c_str()));

    }

}

binder::Status checkUid(uid_t expectedUid) {

    uid_t uid = IPCThreadState::self()->getCallingUid();

    if (uid == expectedUid) {

        return binder::Status::ok();

    } else {

        auto err = StringPrintf("UID %d is not expected UID %d", uid, expectedUid);

        return binder::Status::fromExceptionCode(binder::Status::EX_SECURITY, String8(err.c_str()));

    }

}

#define ENFORCE_UID(uid) {                                  \

    binder::Status status = checkUid((uid));                \

    if (!status.isOk()) {                                   \

        return status;                                      \

    }                                                       \

}

}  // namespace

status_t InstalldNativeService::start() {

    IPCThreadState::self()->disableBackgroundScheduling(true);

    status_t ret = BinderService<InstalldNativeService>::publish();

    if (ret != android::OK) {

        return ret;

    }

    sp<ProcessState> ps(ProcessState::self());

    ps->startThreadPool();

    ps->giveThreadPoolName();

    return android::OK;

}

status_t InstalldNativeService::dump(int fd, const Vector<String16> & /* args */) {

    const binder::Status dump_permission = checkPermission(kDump);

    if (!dump_permission.isOk()) {

        const String8 msg(dump_permission.toString8());

        write(fd, msg.string(), msg.size());

        return PERMISSION_DENIED;

    }

    std::string msg = "installd is happy\n";

    write(fd, msg.c_str(), strlen(msg.c_str()));

    return NO_ERROR;

}

static binder::Status translateStatus(int ret) {

    if (ret != 0) {

        auto err = StringPrintf("Failed with error %d", ret);

        return binder::Status::fromServiceSpecificError(ret, String8(err.c_str()));

    } else {

        return binder::Status::ok();

    }

}

binder::Status InstalldNativeService::createAppData(const std::unique_ptr<std::string>& uuid,

        const std::string& pkgname, int32_t userid, int32_t flags, int32_t appid,

        const std::string& seinfo, int32_t targetSdkVersion) {

    ENFORCE_UID(AID_SYSTEM);

    const char* _uuid = uuid ? (*uuid).c_str() : nullptr;

    return translateStatus(create_app_data(_uuid, pkgname.c_str(), userid, flags, appid,

            seinfo.c_str(), targetSdkVersion));

}

}  // namespace installd

}  // namespace android

/**

 * Copyright (c) 2016, The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *     http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

#ifndef _INSTALLD_NATIVE_SERVICE_H_

#define _INSTALLD_NATIVE_SERVICE_H_

#include <vector>

#include <binder/BinderService.h>

#include "android/os/BnInstalld.h"

namespace android {

namespace installd {

class InstalldNativeService : public BinderService<InstalldNativeService>, public os::BnInstalld {

  public:

    static status_t start();

    static char const* getServiceName() { return "installd"; }

    virtual status_t dump(int fd, const Vector<String16> &args) override;

    binder::Status createAppData(const std::unique_ptr<std::string>& uuid,

            const std::string& pkgname, int32_t userid, int32_t flags, int32_t appid,

            const std::string& seinfo, int32_t targetSdkVersion);

};

}  // namespace installd

}  // namespace android

#endif  // _INSTALLD_NATIVE_SERVICE_H_

/*

 * Copyright (C) 2016 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

package android.os;

interface IInstalld {

    void createAppData(in @nullable @utf8InCpp String uuid, in @utf8InCpp String pkgname,

            int userid, int flags, int appid, in @utf8InCpp String seinfo, int targetSdkVersion);

}