Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 4191ac8e authored by Treehugger Robot's avatar Treehugger Robot Committed by Automerger Merge Worker
Browse files

Merge "Do not check selinux access for PermissionCache" into main am:... 

Merge "Do not check selinux access for PermissionCache" into main am: 4bf8807c am: dfcc3217 am: b9e13aaa

Original change: https://android-review.googlesource.com/c/platform/frameworks/native/+/2861766



Change-Id: Ie0c24fd0d634b52d1e365bc1669864513c0e5249
Signed-off-by: default avatarAutomerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
parents e58d035a b9e13aaa

libs/gui/Android.bp

+0 −1
Original line number Diff line number Diff line
@@ -423,7 +423,6 @@ cc_defaults { 
        "libhidlbase",

        "liblog",

        "libnativewindow",

        "libselinux",

        "libsync",

        "libui",

        "libutils",

libs/gui/BufferQueueConsumer.cpp

+8 −45
Original line number Diff line number Diff line
@@ -38,43 +38,10 @@ 
#include <private/gui/BufferQueueThreadState.h>

#if !defined(__ANDROID_VNDK__) && !defined(NO_BINDER)

#include <binder/PermissionCache.h>

#include <selinux/android.h>

#include <selinux/selinux.h>

#endif



#include <system/window.h>



namespace {

#if !defined(__ANDROID_VNDK__) && !defined(NO_BINDER)

int selinux_log_suppress_callback(int, const char*, ...) { // NOLINT

    // DO NOTHING

    return 0;

}



bool hasAccessToPermissionService() {

    char* ctx;



    if (getcon(&ctx) == -1) {

        // Failed to get current selinux context

        return false;

    }



    union selinux_callback cb;



    cb.func_log = selinux_log_suppress_callback;

    selinux_set_callback(SELINUX_CB_LOG, cb);



    bool hasAccess = selinux_check_access(ctx, "u:object_r:permission_service:s0",

                                          "service_manager", "find", NULL) == 0;

    freecon(ctx);

    cb.func_log = hasAccess ? selinux_log_callback : selinux_vendor_log_callback;

    selinux_set_callback(SELINUX_CB_LOG, cb);



    return hasAccess;

}

#endif

} // namespace



namespace android {



// Macros for include BufferQueueCore information in log messages
@@ -843,10 +810,7 @@ status_t BufferQueueConsumer::dumpState(const String8& prefix, String8* outResul 
    const uid_t uid = BufferQueueThreadState::getCallingUid();

#if !defined(__ANDROID_VNDK__) && !defined(NO_BINDER)

    // permission check can't be done for vendors as vendors have no access to

    // the PermissionController. We need to do a runtime check as well, since

    // the system variant of libgui can be loaded in a vendor process. For eg:

    // if a HAL uses an llndk library that depends on libgui (libmediandk etc).

    if (hasAccessToPermissionService()) {

    // the PermissionController.

    const pid_t pid = BufferQueueThreadState::getCallingPid();

    if ((uid != shellUid) &&

        !PermissionCache::checkPermission(String16("android.permission.DUMP"), pid, uid)) {
@@ -855,7 +819,6 @@ status_t BufferQueueConsumer::dumpState(const String8& prefix, String8* outResul 
                                pid, uid);

        denied = true;

    }

    }

#else

    if (uid != shellUid) {

        denied = true;