Initial Binder interface for installd.

LOCAL_MODULE := installd

LOCAL_MODULE_TAGS := optional

LOCAL_CFLAGS := $(common_cflags)

LOCAL_SRC_FILES := installd.cpp $(common_src_files)

LOCAL_SRC_FILES := $(common_src_files) \

    installd.cpp \

    InstalldNativeService.cpp \

    binder/android/os/IInstalld.aidl \

LOCAL_SHARED_LIBRARIES := \

    libbase \

    libbinder \

    libcutils \

    liblog \

    liblogwrap \

    libselinux \

    libutils

LOCAL_STATIC_LIBRARIES := libdiskusage

LOCAL_ADDITIONAL_DEPENDENCIES += $(LOCAL_PATH)/Android.mk

/**

 * Copyright (c) 2016, The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *     http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

#define LOG_TAG "installd"

#include <vector>

#include <fstream>

#include <android-base/stringprintf.h>

#include <binder/IPCThreadState.h>

#include <binder/IServiceManager.h>

#include <cutils/log.h>

#include <cutils/properties.h>

#include <private/android_filesystem_config.h>

#include <utils/Errors.h>

#include <utils/String16.h>

#include "InstalldNativeService.h"

#include "commands.h"

using android::base::StringPrintf;

namespace android {

namespace installd {

namespace {

constexpr const char* kDump = "android.permission.DUMP";

binder::Status checkPermission(const char* permission) {

    pid_t pid;

    uid_t uid;

    if (checkCallingPermission(String16(permission), reinterpret_cast<int32_t*>(&pid),

            reinterpret_cast<int32_t*>(&uid))) {

        return binder::Status::ok();

    } else {

        auto err = StringPrintf("UID %d / PID %d lacks permission %s", uid, pid, permission);

        return binder::Status::fromExceptionCode(binder::Status::EX_SECURITY, String8(err.c_str()));

    }

}

binder::Status checkUid(uid_t expectedUid) {

    uid_t uid = IPCThreadState::self()->getCallingUid();

    if (uid == expectedUid) {

        return binder::Status::ok();

    } else {

        auto err = StringPrintf("UID %d is not expected UID %d", uid, expectedUid);

        return binder::Status::fromExceptionCode(binder::Status::EX_SECURITY, String8(err.c_str()));

    }

}

#define ENFORCE_UID(uid) {                                  \

    binder::Status status = checkUid((uid));                \

    if (!status.isOk()) {                                   \

        return status;                                      \

    }                                                       \

}

}  // namespace

status_t InstalldNativeService::start() {

    IPCThreadState::self()->disableBackgroundScheduling(true);

    status_t ret = BinderService<InstalldNativeService>::publish();

    if (ret != android::OK) {

        return ret;

    }

    sp<ProcessState> ps(ProcessState::self());

    ps->startThreadPool();

    ps->giveThreadPoolName();

    return android::OK;

}

status_t InstalldNativeService::dump(int fd, const Vector<String16> & /* args */) {

    const binder::Status dump_permission = checkPermission(kDump);

    if (!dump_permission.isOk()) {

        const String8 msg(dump_permission.toString8());

        write(fd, msg.string(), msg.size());

        return PERMISSION_DENIED;

    }

    std::string msg = "installd is happy\n";

    write(fd, msg.c_str(), strlen(msg.c_str()));

    return NO_ERROR;

}

static binder::Status translateStatus(int ret) {

    if (ret != 0) {

        auto err = StringPrintf("Failed with error %d", ret);

        return binder::Status::fromServiceSpecificError(ret, String8(err.c_str()));

    } else {

        return binder::Status::ok();

    }

}

binder::Status InstalldNativeService::createAppData(const std::unique_ptr<std::string>& uuid,

        const std::string& pkgname, int32_t userid, int32_t flags, int32_t appid,

        const std::string& seinfo, int32_t targetSdkVersion) {

    ENFORCE_UID(AID_SYSTEM);

    const char* _uuid = uuid ? (*uuid).c_str() : nullptr;

    return translateStatus(create_app_data(_uuid, pkgname.c_str(), userid, flags, appid,

            seinfo.c_str(), targetSdkVersion));

}

}  // namespace installd

}  // namespace android

/**

 * Copyright (c) 2016, The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *     http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

#ifndef _INSTALLD_NATIVE_SERVICE_H_

#define _INSTALLD_NATIVE_SERVICE_H_

#include <vector>

#include <binder/BinderService.h>

#include "android/os/BnInstalld.h"

namespace android {

namespace installd {

class InstalldNativeService : public BinderService<InstalldNativeService>, public os::BnInstalld {

  public:

    static status_t start();

    static char const* getServiceName() { return "installd"; }

    virtual status_t dump(int fd, const Vector<String16> &args) override;

    binder::Status createAppData(const std::unique_ptr<std::string>& uuid,

            const std::string& pkgname, int32_t userid, int32_t flags, int32_t appid,

            const std::string& seinfo, int32_t targetSdkVersion);

};

}  // namespace installd

}  // namespace android

#endif  // _INSTALLD_NATIVE_SERVICE_H_

/*

 * Copyright (C) 2016 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

package android.os;

interface IInstalld {

    void createAppData(in @nullable @utf8InCpp String uuid, in @utf8InCpp String pkgname,

            int userid, int flags, int appid, in @utf8InCpp String seinfo, int targetSdkVersion);

}

#include <cutils/sockets.h>

#include <private/android_filesystem_config.h>

#include <InstalldNativeService.h>

#include <commands.h>

#include <globals.h>

#include <installd_constants.h>

    char buf[BUFFER_MAX];

    struct sockaddr addr;

    socklen_t alen;

    int lsocket, s;

    int lsocket, s, ret;

    int selinux_enabled = (is_selinux_enabled() > 0);

    setenv("ANDROID_LOG_TAGS", "*:v", 1);

        exit(1);

    }

    if ((ret = InstalldNativeService::start()) != android::OK) {

        ALOGE("Unable to start InstalldNativeService: %d", ret);

        exit(1);

    }

    lsocket = android_get_control_socket(SOCKET_PATH);

    if (lsocket < 0) {

        ALOGE("Failed to get socket from environment: %s\n", strerror(errno));