1edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project/* 2edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project * Copyright (C) 2005 The Android Open Source Project 3edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project * 4edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project * Licensed under the Apache License, Version 2.0 (the "License"); 5edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project * you may not use this file except in compliance with the License. 6edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project * You may obtain a copy of the License at 7edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project * 8edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project * http://www.apache.org/licenses/LICENSE-2.0 9edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project * 10edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project * Unless required by applicable law or agreed to in writing, software 11edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project * distributed under the License is distributed on an "AS IS" BASIS, 12edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project * See the License for the specific language governing permissions and 14edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project * limitations under the License. 15edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project */ 16edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project 17edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project#define LOG_TAG "PermissionController" 18edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project 19c5b2c0bf8007562536b822eb060fc54a01f8e08bMathias Agopian#include <binder/IPermissionController.h> 20edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project 21edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project#include <utils/Log.h> 22c5b2c0bf8007562536b822eb060fc54a01f8e08bMathias Agopian#include <binder/Parcel.h> 23edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project#include <utils/String8.h> 24edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project 25208059f67ed2dd9fa025e07fcb6954d3cb61c79eMathias Agopian#include <private/binder/Static.h> 26edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project 27edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Projectnamespace android { 28edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project 29edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project// ---------------------------------------------------------------------- 30edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project 31edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Projectclass BpPermissionController : public BpInterface<IPermissionController> 32edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project{ 33edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Projectpublic: 34edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project BpPermissionController(const sp<IBinder>& impl) 35edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project : BpInterface<IPermissionController>(impl) 36edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project { 37edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project } 38837a0d0fb2c3fba8082d47d04cb6120af1eb9a54Brad Fitzpatrick 39edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project virtual bool checkPermission(const String16& permission, int32_t pid, int32_t uid) 40edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project { 41edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project Parcel data, reply; 42edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project data.writeInterfaceToken(IPermissionController::getInterfaceDescriptor()); 43edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project data.writeString16(permission); 44edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project data.writeInt32(pid); 45edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project data.writeInt32(uid); 46edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project remote()->transact(CHECK_PERMISSION_TRANSACTION, data, &reply); 47edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project // fail on exception 48837a0d0fb2c3fba8082d47d04cb6120af1eb9a54Brad Fitzpatrick if (reply.readExceptionCode() != 0) return 0; 49edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project return reply.readInt32() != 0; 50edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project } 51f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov 52f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov virtual void getPackagesForUid(const uid_t uid, Vector<String16>& packages) 53f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov { 54f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov Parcel data, reply; 55f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov data.writeInterfaceToken(IPermissionController::getInterfaceDescriptor()); 56f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov data.writeInt32(uid); 57f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov remote()->transact(GET_PACKAGES_FOR_UID_TRANSACTION, data, &reply); 58f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov // fail on exception 59f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov if (reply.readExceptionCode() != 0) { 60f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov return; 61f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov } 62f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov const int32_t size = reply.readInt32(); 63f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov if (size <= 0) { 64f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov return; 65f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov } 66f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov for (int i = 0; i < size; i++) { 67f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov packages.push(reply.readString16()); 68f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov } 69f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov } 70b412f6e203b38f8047f760261a5e3dc6d0722f08Svetoslav 71b412f6e203b38f8047f760261a5e3dc6d0722f08Svetoslav virtual bool isRuntimePermission(const String16& permission) 72b412f6e203b38f8047f760261a5e3dc6d0722f08Svetoslav { 73b412f6e203b38f8047f760261a5e3dc6d0722f08Svetoslav Parcel data, reply; 74b412f6e203b38f8047f760261a5e3dc6d0722f08Svetoslav data.writeInterfaceToken(IPermissionController::getInterfaceDescriptor()); 75b412f6e203b38f8047f760261a5e3dc6d0722f08Svetoslav data.writeString16(permission); 76b412f6e203b38f8047f760261a5e3dc6d0722f08Svetoslav remote()->transact(IS_RUNTIME_PERMISSION_TRANSACTION, data, &reply); 77b412f6e203b38f8047f760261a5e3dc6d0722f08Svetoslav // fail on exception 78b412f6e203b38f8047f760261a5e3dc6d0722f08Svetoslav if (reply.readExceptionCode() != 0) return false; 79b412f6e203b38f8047f760261a5e3dc6d0722f08Svetoslav return reply.readInt32() != 0; 80b412f6e203b38f8047f760261a5e3dc6d0722f08Svetoslav } 81edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project}; 82edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project 83edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source ProjectIMPLEMENT_META_INTERFACE(PermissionController, "android.os.IPermissionController"); 84edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project 85edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project// ---------------------------------------------------------------------- 86edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project 87edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Projectstatus_t BnPermissionController::onTransact( 88edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project uint32_t code, const Parcel& data, Parcel* reply, uint32_t flags) 89edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project{ 90edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project switch(code) { 91edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project case CHECK_PERMISSION_TRANSACTION: { 92edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project CHECK_INTERFACE(IPermissionController, data, reply); 93edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project String16 permission = data.readString16(); 94edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project int32_t pid = data.readInt32(); 95edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project int32_t uid = data.readInt32(); 96edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project bool res = checkPermission(permission, pid, uid); 97837a0d0fb2c3fba8082d47d04cb6120af1eb9a54Brad Fitzpatrick reply->writeNoException(); 98edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project reply->writeInt32(res ? 1 : 0); 99edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project return NO_ERROR; 100edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project } break; 101f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov 102f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov case GET_PACKAGES_FOR_UID_TRANSACTION: { 103f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov CHECK_INTERFACE(IPermissionController, data, reply); 104f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov int32_t uid = data.readInt32(); 105f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov Vector<String16> packages; 106f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov getPackagesForUid(uid, packages); 107f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov reply->writeNoException(); 108f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov size_t size = packages.size(); 109f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov reply->writeInt32(size); 110f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov for (size_t i = 0; i < size; i++) { 111f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov reply->writeString16(packages[i]); 112f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov } 113f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov return NO_ERROR; 114f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov } break; 115f1377f506c764a8b254b60ee28e38e12ccc8135cSvet Ganov 116b412f6e203b38f8047f760261a5e3dc6d0722f08Svetoslav case IS_RUNTIME_PERMISSION_TRANSACTION: { 117b412f6e203b38f8047f760261a5e3dc6d0722f08Svetoslav CHECK_INTERFACE(IPermissionController, data, reply); 118b412f6e203b38f8047f760261a5e3dc6d0722f08Svetoslav String16 permission = data.readString16(); 119b412f6e203b38f8047f760261a5e3dc6d0722f08Svetoslav const bool res = isRuntimePermission(permission); 120b412f6e203b38f8047f760261a5e3dc6d0722f08Svetoslav reply->writeNoException(); 121b412f6e203b38f8047f760261a5e3dc6d0722f08Svetoslav reply->writeInt32(res ? 1 : 0); 122b412f6e203b38f8047f760261a5e3dc6d0722f08Svetoslav return NO_ERROR; 123b412f6e203b38f8047f760261a5e3dc6d0722f08Svetoslav } break; 124b412f6e203b38f8047f760261a5e3dc6d0722f08Svetoslav 125edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project default: 126edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project return BBinder::onTransact(code, data, reply, flags); 127edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project } 128edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project} 129edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project 130edbf3b6af777b721cd2a1ef461947e51e88241e1The Android Open Source Project}; // namespace android 131