194afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood/* Copyright 2008 The Android Open Source Project
294afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood */
394afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
494afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood#include <errno.h>
594afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood#include <fcntl.h>
60b41ad5d6ec86cd2d481969dcff7e88f2805324fElliott Hughes#include <inttypes.h>
713df5f5f8fbc5a3fdfdd5d1ba5dc853cf3f017f0Mark Salyzyn#include <stdio.h>
813df5f5f8fbc5a3fdfdd5d1ba5dc853cf3f017f0Mark Salyzyn#include <stdlib.h>
913df5f5f8fbc5a3fdfdd5d1ba5dc853cf3f017f0Mark Salyzyn#include <string.h>
1094afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
116b9c6d23f69a64f76fc26cda6989183042b0621cArve Hjønnevåg#include <cutils/multiuser.h>
126b9c6d23f69a64f76fc26cda6989183042b0621cArve Hjønnevåg
1394afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood#include <private/android_filesystem_config.h>
1494afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
1569154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn#include <selinux/android.h>
167d42a3c31ba78a418f9bdde0e0ab951469f321b5Nick Kralevich#include <selinux/avc.h>
1769154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn
1894afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood#include "binder.h"
1994afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
2031361232e1e7965d00c638ead2903f08f168f1c9Martijn Coenen#ifdef VENDORSERVICEMANAGER
2131361232e1e7965d00c638ead2903f08f168f1c9Martijn Coenen#define LOG_TAG "VendorServiceManager"
2294afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood#else
2394afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood#define LOG_TAG "ServiceManager"
2494afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood#endif
2531361232e1e7965d00c638ead2903f08f168f1c9Martijn Coenen#include <log/log.h>
2694afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
278fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Robertsstruct audit_data {
288fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Roberts    pid_t pid;
298fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Roberts    uid_t uid;
308fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Roberts    const char *name;
318fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Roberts};
328fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Roberts
337d42a3c31ba78a418f9bdde0e0ab951469f321b5Nick Kralevichconst char *str8(const uint16_t *x, size_t x_len)
3494afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood{
3594afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    static char buf[128];
367d42a3c31ba78a418f9bdde0e0ab951469f321b5Nick Kralevich    size_t max = 127;
3794afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    char *p = buf;
3894afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
397d42a3c31ba78a418f9bdde0e0ab951469f321b5Nick Kralevich    if (x_len < max) {
407d42a3c31ba78a418f9bdde0e0ab951469f321b5Nick Kralevich        max = x_len;
417d42a3c31ba78a418f9bdde0e0ab951469f321b5Nick Kralevich    }
427d42a3c31ba78a418f9bdde0e0ab951469f321b5Nick Kralevich
4394afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    if (x) {
447d42a3c31ba78a418f9bdde0e0ab951469f321b5Nick Kralevich        while ((max > 0) && (*x != '\0')) {
4594afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood            *p++ = *x++;
467d42a3c31ba78a418f9bdde0e0ab951469f321b5Nick Kralevich            max--;
4794afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        }
4894afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    }
4994afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    *p++ = 0;
5094afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    return buf;
5194afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood}
5294afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
539b738bb4110926b85da65d36b2e6f1a50199ec4cSerban Constantinescuint str16eq(const uint16_t *a, const char *b)
5494afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood{
5594afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    while (*a && *b)
5694afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        if (*a++ != *b++) return 0;
5794afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    if (*a || *b)
5894afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        return 0;
5994afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    return 1;
6094afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood}
6194afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
62c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahnstatic char *service_manager_context;
6369154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahnstatic struct selabel_handle* sehandle;
6469154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn
658fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Robertsstatic bool check_mac_perms(pid_t spid, uid_t uid, const char *tctx, const char *perm, const char *name)
6669154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn{
6769154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn    char *sctx = NULL;
68c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn    const char *class = "service_manager";
69c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn    bool allowed;
708fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Roberts    struct audit_data ad;
7169154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn
72c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn    if (getpidcon(spid, &sctx) < 0) {
73c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn        ALOGE("SELinux: getpidcon(pid=%d) failed to retrieve pid context.\n", spid);
7469154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn        return false;
7569154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn    }
7669154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn
778fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Roberts    ad.pid = spid;
788fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Roberts    ad.uid = uid;
798fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Roberts    ad.name = name;
808fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Roberts
818fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Roberts    int result = selinux_check_access(sctx, tctx, class, perm, (void *) &ad);
82c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn    allowed = (result == 0);
83c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn
84c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn    freecon(sctx);
85c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn    return allowed;
86c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn}
87c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn
888fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Robertsstatic bool check_mac_perms_from_getcon(pid_t spid, uid_t uid, const char *perm)
89c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn{
908fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Roberts    return check_mac_perms(spid, uid, service_manager_context, perm, NULL);
91c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn}
92c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn
938fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Robertsstatic bool check_mac_perms_from_lookup(pid_t spid, uid_t uid, const char *perm, const char *name)
94c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn{
95c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn    bool allowed;
96c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn    char *tctx = NULL;
97c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn
98c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn    if (!sehandle) {
99c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn        ALOGE("SELinux: Failed to find sehandle. Aborting service_manager.\n");
100c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn        abort();
10169154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn    }
10269154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn
103c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn    if (selabel_lookup(sehandle, &tctx, name, 0) != 0) {
104c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn        ALOGE("SELinux: No match for %s in service_contexts.\n", name);
10569154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn        return false;
10669154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn    }
10769154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn
1088fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Roberts    allowed = check_mac_perms(spid, uid, tctx, perm, name);
10969154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn    freecon(tctx);
11069154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn    return allowed;
11169154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn}
11269154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn
1138fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Robertsstatic int svc_can_register(const uint16_t *name, size_t name_len, pid_t spid, uid_t uid)
114c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn{
115c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn    const char *perm = "add";
1165fa90a063f77054fc6068f45f6a21f43d64364b6Arve Hjønnevåg
1176b9c6d23f69a64f76fc26cda6989183042b0621cArve Hjønnevåg    if (multiuser_get_app_id(uid) >= AID_APP) {
1185fa90a063f77054fc6068f45f6a21f43d64364b6Arve Hjønnevåg        return 0; /* Don't allow apps to register services */
1195fa90a063f77054fc6068f45f6a21f43d64364b6Arve Hjønnevåg    }
1205fa90a063f77054fc6068f45f6a21f43d64364b6Arve Hjønnevåg
1218fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Roberts    return check_mac_perms_from_lookup(spid, uid, perm, str8(name, name_len)) ? 1 : 0;
122c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn}
123c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn
1248fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Robertsstatic int svc_can_list(pid_t spid, uid_t uid)
12594afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood{
126c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn    const char *perm = "list";
1278fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Roberts    return check_mac_perms_from_getcon(spid, uid, perm) ? 1 : 0;
128c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn}
129c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn
1308fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Robertsstatic int svc_can_find(const uint16_t *name, size_t name_len, pid_t spid, uid_t uid)
131c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn{
132c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn    const char *perm = "find";
1338fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Roberts    return check_mac_perms_from_lookup(spid, uid, perm, str8(name, name_len)) ? 1 : 0;
13494afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood}
13594afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
1369b738bb4110926b85da65d36b2e6f1a50199ec4cSerban Constantinescustruct svcinfo
13794afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood{
13894afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    struct svcinfo *next;
1395fb1b8836aa5cf0f38b49bc7bfb8343b84fdf9bfSerban Constantinescu    uint32_t handle;
14094afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    struct binder_death death;
14194afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    int allow_isolated;
1429b738bb4110926b85da65d36b2e6f1a50199ec4cSerban Constantinescu    size_t len;
14394afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    uint16_t name[0];
14494afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood};
14594afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
1469b738bb4110926b85da65d36b2e6f1a50199ec4cSerban Constantinescustruct svcinfo *svclist = NULL;
14794afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
1489b738bb4110926b85da65d36b2e6f1a50199ec4cSerban Constantinescustruct svcinfo *find_svc(const uint16_t *s16, size_t len)
14994afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood{
15094afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    struct svcinfo *si;
15194afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
15294afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    for (si = svclist; si; si = si->next) {
15394afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        if ((len == si->len) &&
15494afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood            !memcmp(s16, si->name, len * sizeof(uint16_t))) {
15594afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood            return si;
15694afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        }
15794afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    }
1589b738bb4110926b85da65d36b2e6f1a50199ec4cSerban Constantinescu    return NULL;
15994afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood}
16094afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
16194afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwoodvoid svcinfo_death(struct binder_state *bs, void *ptr)
16294afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood{
1639b738bb4110926b85da65d36b2e6f1a50199ec4cSerban Constantinescu    struct svcinfo *si = (struct svcinfo* ) ptr;
1649b738bb4110926b85da65d36b2e6f1a50199ec4cSerban Constantinescu
1657d42a3c31ba78a418f9bdde0e0ab951469f321b5Nick Kralevich    ALOGI("service '%s' died\n", str8(si->name, si->len));
1665fb1b8836aa5cf0f38b49bc7bfb8343b84fdf9bfSerban Constantinescu    if (si->handle) {
1675fb1b8836aa5cf0f38b49bc7bfb8343b84fdf9bfSerban Constantinescu        binder_release(bs, si->handle);
1685fb1b8836aa5cf0f38b49bc7bfb8343b84fdf9bfSerban Constantinescu        si->handle = 0;
1699b738bb4110926b85da65d36b2e6f1a50199ec4cSerban Constantinescu    }
17094afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood}
17194afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
1729b738bb4110926b85da65d36b2e6f1a50199ec4cSerban Constantinescuuint16_t svcmgr_id[] = {
17394afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    'a','n','d','r','o','i','d','.','o','s','.',
1749b738bb4110926b85da65d36b2e6f1a50199ec4cSerban Constantinescu    'I','S','e','r','v','i','c','e','M','a','n','a','g','e','r'
17594afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood};
17694afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
1779b738bb4110926b85da65d36b2e6f1a50199ec4cSerban Constantinescu
178d57d9b900da83b1b5431d90e250f86c0047c618aIan Pedowitzuint32_t do_find_service(const uint16_t *s, size_t len, uid_t uid, pid_t spid)
17994afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood{
180b27bbd18bb65b3744ae066fcd6826285dec8b469Nick Kralevich    struct svcinfo *si = find_svc(s, len);
18194afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
182b27bbd18bb65b3744ae066fcd6826285dec8b469Nick Kralevich    if (!si || !si->handle) {
183c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn        return 0;
184c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn    }
185b27bbd18bb65b3744ae066fcd6826285dec8b469Nick Kralevich
186b27bbd18bb65b3744ae066fcd6826285dec8b469Nick Kralevich    if (!si->allow_isolated) {
187b27bbd18bb65b3744ae066fcd6826285dec8b469Nick Kralevich        // If this service doesn't allow access from isolated processes,
188b27bbd18bb65b3744ae066fcd6826285dec8b469Nick Kralevich        // then check the uid to see if it is isolated.
189b27bbd18bb65b3744ae066fcd6826285dec8b469Nick Kralevich        uid_t appid = uid % AID_USER;
190b27bbd18bb65b3744ae066fcd6826285dec8b469Nick Kralevich        if (appid >= AID_ISOLATED_START && appid <= AID_ISOLATED_END) {
191b27bbd18bb65b3744ae066fcd6826285dec8b469Nick Kralevich            return 0;
19294afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        }
193b27bbd18bb65b3744ae066fcd6826285dec8b469Nick Kralevich    }
194b27bbd18bb65b3744ae066fcd6826285dec8b469Nick Kralevich
1958fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Roberts    if (!svc_can_find(s, len, spid, uid)) {
19694afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        return 0;
19794afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    }
198b27bbd18bb65b3744ae066fcd6826285dec8b469Nick Kralevich
199b27bbd18bb65b3744ae066fcd6826285dec8b469Nick Kralevich    return si->handle;
20094afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood}
20194afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
20294afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwoodint do_add_service(struct binder_state *bs,
2039b738bb4110926b85da65d36b2e6f1a50199ec4cSerban Constantinescu                   const uint16_t *s, size_t len,
20469154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn                   uint32_t handle, uid_t uid, int allow_isolated,
20569154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn                   pid_t spid)
20694afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood{
20794afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    struct svcinfo *si;
2083a345f0df5f62d77e875a289e9aee89f0d1b526eSerban Constantinescu
2097d42a3c31ba78a418f9bdde0e0ab951469f321b5Nick Kralevich    //ALOGI("add_service('%s',%x,%s) uid=%d\n", str8(s, len), handle,
21094afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    //        allow_isolated ? "allow_isolated" : "!allow_isolated", uid);
21194afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
2125fb1b8836aa5cf0f38b49bc7bfb8343b84fdf9bfSerban Constantinescu    if (!handle || (len == 0) || (len > 127))
21394afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        return -1;
21494afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
2158fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Roberts    if (!svc_can_register(s, len, spid, uid)) {
2165fb1b8836aa5cf0f38b49bc7bfb8343b84fdf9bfSerban Constantinescu        ALOGE("add_service('%s',%x) uid=%d - PERMISSION DENIED\n",
2177d42a3c31ba78a418f9bdde0e0ab951469f321b5Nick Kralevich             str8(s, len), handle, uid);
21894afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        return -1;
21994afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    }
22094afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
22194afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    si = find_svc(s, len);
22294afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    if (si) {
2235fb1b8836aa5cf0f38b49bc7bfb8343b84fdf9bfSerban Constantinescu        if (si->handle) {
2245fb1b8836aa5cf0f38b49bc7bfb8343b84fdf9bfSerban Constantinescu            ALOGE("add_service('%s',%x) uid=%d - ALREADY REGISTERED, OVERRIDE\n",
2257d42a3c31ba78a418f9bdde0e0ab951469f321b5Nick Kralevich                 str8(s, len), handle, uid);
22694afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood            svcinfo_death(bs, si);
22794afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        }
2285fb1b8836aa5cf0f38b49bc7bfb8343b84fdf9bfSerban Constantinescu        si->handle = handle;
22994afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    } else {
23094afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        si = malloc(sizeof(*si) + (len + 1) * sizeof(uint16_t));
23194afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        if (!si) {
2325fb1b8836aa5cf0f38b49bc7bfb8343b84fdf9bfSerban Constantinescu            ALOGE("add_service('%s',%x) uid=%d - OUT OF MEMORY\n",
2337d42a3c31ba78a418f9bdde0e0ab951469f321b5Nick Kralevich                 str8(s, len), handle, uid);
23494afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood            return -1;
23594afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        }
2365fb1b8836aa5cf0f38b49bc7bfb8343b84fdf9bfSerban Constantinescu        si->handle = handle;
23794afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        si->len = len;
23894afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        memcpy(si->name, s, (len + 1) * sizeof(uint16_t));
23994afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        si->name[len] = '\0';
2409b738bb4110926b85da65d36b2e6f1a50199ec4cSerban Constantinescu        si->death.func = (void*) svcinfo_death;
24194afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        si->death.ptr = si;
24294afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        si->allow_isolated = allow_isolated;
24394afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        si->next = svclist;
24494afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        svclist = si;
24594afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    }
24694afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
2475fb1b8836aa5cf0f38b49bc7bfb8343b84fdf9bfSerban Constantinescu    binder_acquire(bs, handle);
2485fb1b8836aa5cf0f38b49bc7bfb8343b84fdf9bfSerban Constantinescu    binder_link_to_death(bs, handle, &si->death);
24994afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    return 0;
25094afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood}
25194afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
25294afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwoodint svcmgr_handler(struct binder_state *bs,
253bcf38880c65297da58194eb0c0ce8d6e2bab7d94Serban Constantinescu                   struct binder_transaction_data *txn,
25494afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood                   struct binder_io *msg,
25594afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood                   struct binder_io *reply)
25694afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood{
25794afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    struct svcinfo *si;
25894afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    uint16_t *s;
2599b738bb4110926b85da65d36b2e6f1a50199ec4cSerban Constantinescu    size_t len;
2605fb1b8836aa5cf0f38b49bc7bfb8343b84fdf9bfSerban Constantinescu    uint32_t handle;
26194afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    uint32_t strict_policy;
26294afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    int allow_isolated;
26394afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
2640b41ad5d6ec86cd2d481969dcff7e88f2805324fElliott Hughes    //ALOGI("target=%p code=%d pid=%d uid=%d\n",
2650b41ad5d6ec86cd2d481969dcff7e88f2805324fElliott Hughes    //      (void*) txn->target.ptr, txn->code, txn->sender_pid, txn->sender_euid);
26694afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
2670b41ad5d6ec86cd2d481969dcff7e88f2805324fElliott Hughes    if (txn->target.ptr != BINDER_SERVICE_MANAGER)
26894afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        return -1;
26994afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
270e5245cbf5d4e830cf605ef07f5d284d7c5d2867eArve Hjønnevåg    if (txn->code == PING_TRANSACTION)
271e5245cbf5d4e830cf605ef07f5d284d7c5d2867eArve Hjønnevåg        return 0;
272e5245cbf5d4e830cf605ef07f5d284d7c5d2867eArve Hjønnevåg
27394afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    // Equivalent to Parcel::enforceInterface(), reading the RPC
27494afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    // header with the strict mode policy mask and the interface name.
27594afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    // Note that we ignore the strict_policy and don't propagate it
27694afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    // further (since we do no outbound RPCs anyway).
27794afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    strict_policy = bio_get_uint32(msg);
27894afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    s = bio_get_string16(msg, &len);
2797d42a3c31ba78a418f9bdde0e0ab951469f321b5Nick Kralevich    if (s == NULL) {
2807d42a3c31ba78a418f9bdde0e0ab951469f321b5Nick Kralevich        return -1;
2817d42a3c31ba78a418f9bdde0e0ab951469f321b5Nick Kralevich    }
2827d42a3c31ba78a418f9bdde0e0ab951469f321b5Nick Kralevich
28394afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    if ((len != (sizeof(svcmgr_id) / 2)) ||
28494afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        memcmp(svcmgr_id, s, sizeof(svcmgr_id))) {
2857d42a3c31ba78a418f9bdde0e0ab951469f321b5Nick Kralevich        fprintf(stderr,"invalid id %s\n", str8(s, len));
28694afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        return -1;
28794afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    }
28894afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
28969154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn    if (sehandle && selinux_status_updated() > 0) {
29069154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn        struct selabel_handle *tmp_sehandle = selinux_android_service_context_handle();
29169154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn        if (tmp_sehandle) {
29269154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn            selabel_close(sehandle);
29369154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn            sehandle = tmp_sehandle;
29469154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn        }
29569154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn    }
29669154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn
29794afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    switch(txn->code) {
29894afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    case SVC_MGR_GET_SERVICE:
29994afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    case SVC_MGR_CHECK_SERVICE:
30094afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        s = bio_get_string16(msg, &len);
3017d42a3c31ba78a418f9bdde0e0ab951469f321b5Nick Kralevich        if (s == NULL) {
3027d42a3c31ba78a418f9bdde0e0ab951469f321b5Nick Kralevich            return -1;
3037d42a3c31ba78a418f9bdde0e0ab951469f321b5Nick Kralevich        }
304d57d9b900da83b1b5431d90e250f86c0047c618aIan Pedowitz        handle = do_find_service(s, len, txn->sender_euid, txn->sender_pid);
3055fb1b8836aa5cf0f38b49bc7bfb8343b84fdf9bfSerban Constantinescu        if (!handle)
30694afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood            break;
3075fb1b8836aa5cf0f38b49bc7bfb8343b84fdf9bfSerban Constantinescu        bio_put_ref(reply, handle);
30894afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        return 0;
30994afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
31094afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    case SVC_MGR_ADD_SERVICE:
31194afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        s = bio_get_string16(msg, &len);
3127d42a3c31ba78a418f9bdde0e0ab951469f321b5Nick Kralevich        if (s == NULL) {
3137d42a3c31ba78a418f9bdde0e0ab951469f321b5Nick Kralevich            return -1;
3147d42a3c31ba78a418f9bdde0e0ab951469f321b5Nick Kralevich        }
3155fb1b8836aa5cf0f38b49bc7bfb8343b84fdf9bfSerban Constantinescu        handle = bio_get_ref(msg);
31694afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        allow_isolated = bio_get_uint32(msg) ? 1 : 0;
31769154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn        if (do_add_service(bs, s, len, handle, txn->sender_euid,
31869154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn            allow_isolated, txn->sender_pid))
31994afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood            return -1;
32094afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        break;
32194afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
32294afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    case SVC_MGR_LIST_SERVICES: {
3233a345f0df5f62d77e875a289e9aee89f0d1b526eSerban Constantinescu        uint32_t n = bio_get_uint32(msg);
32494afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
3258fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Roberts        if (!svc_can_list(txn->sender_pid, txn->sender_euid)) {
326c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn            ALOGE("list_service() uid=%d - PERMISSION DENIED\n",
327c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn                    txn->sender_euid);
328c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn            return -1;
329c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn        }
33094afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        si = svclist;
33194afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        while ((n-- > 0) && si)
33294afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood            si = si->next;
33394afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        if (si) {
33494afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood            bio_put_string16(reply, si->name);
33594afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood            return 0;
33694afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        }
33794afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        return -1;
33894afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    }
33994afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    default:
34094afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        ALOGE("unknown code %d\n", txn->code);
34194afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        return -1;
34294afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    }
34394afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
34494afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    bio_put_uint32(reply, 0);
34594afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    return 0;
34694afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood}
34794afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
34869154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn
349d57d9b900da83b1b5431d90e250f86c0047c618aIan Pedowitzstatic int audit_callback(void *data, __unused security_class_t cls, char *buf, size_t len)
35069154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn{
3518fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Roberts    struct audit_data *ad = (struct audit_data *)data;
3528fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Roberts
3538fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Roberts    if (!ad || !ad->name) {
3548fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Roberts        ALOGE("No service manager audit data");
3558fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Roberts        return 0;
3568fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Roberts    }
3578fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Roberts
3588fb0f92e0fe3c286ebb120bae9e1570ee109fa12William Roberts    snprintf(buf, len, "service=%s pid=%d uid=%d", ad->name, ad->pid, ad->uid);
35969154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn    return 0;
36069154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn}
36169154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn
36269b0515dcd58a479c41977aca7bd18b865571d09Martijn Coenenint main(int argc, char** argv)
36394afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood{
36494afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    struct binder_state *bs;
36593ba7019cb473158bdea1b8fc73a1db34ea9a129Sandeep Patil    union selinux_callback cb;
36669b0515dcd58a479c41977aca7bd18b865571d09Martijn Coenen    char *driver;
36794afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
36869b0515dcd58a479c41977aca7bd18b865571d09Martijn Coenen    if (argc > 1) {
36969b0515dcd58a479c41977aca7bd18b865571d09Martijn Coenen        driver = argv[1];
37069b0515dcd58a479c41977aca7bd18b865571d09Martijn Coenen    } else {
37169b0515dcd58a479c41977aca7bd18b865571d09Martijn Coenen        driver = "/dev/binder";
37269b0515dcd58a479c41977aca7bd18b865571d09Martijn Coenen    }
37369b0515dcd58a479c41977aca7bd18b865571d09Martijn Coenen
37469b0515dcd58a479c41977aca7bd18b865571d09Martijn Coenen    bs = binder_open(driver, 128*1024);
375a44542ca74b7da5b44ba30c205c3244805bb0600Serban Constantinescu    if (!bs) {
37631361232e1e7965d00c638ead2903f08f168f1c9Martijn Coenen#ifdef VENDORSERVICEMANAGER
37731361232e1e7965d00c638ead2903f08f168f1c9Martijn Coenen        ALOGW("failed to open binder driver %s\n", driver);
37831361232e1e7965d00c638ead2903f08f168f1c9Martijn Coenen        while (true) {
37931361232e1e7965d00c638ead2903f08f168f1c9Martijn Coenen            sleep(UINT_MAX);
38031361232e1e7965d00c638ead2903f08f168f1c9Martijn Coenen        }
38131361232e1e7965d00c638ead2903f08f168f1c9Martijn Coenen#else
38269b0515dcd58a479c41977aca7bd18b865571d09Martijn Coenen        ALOGE("failed to open binder driver %s\n", driver);
38331361232e1e7965d00c638ead2903f08f168f1c9Martijn Coenen#endif
384a44542ca74b7da5b44ba30c205c3244805bb0600Serban Constantinescu        return -1;
385a44542ca74b7da5b44ba30c205c3244805bb0600Serban Constantinescu    }
38694afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
38794afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    if (binder_become_context_manager(bs)) {
38894afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        ALOGE("cannot become context manager (%s)\n", strerror(errno));
38994afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood        return -1;
39094afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    }
39194afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood
39293ba7019cb473158bdea1b8fc73a1db34ea9a129Sandeep Patil    cb.func_audit = audit_callback;
39393ba7019cb473158bdea1b8fc73a1db34ea9a129Sandeep Patil    selinux_set_callback(SELINUX_CB_AUDIT, cb);
39493ba7019cb473158bdea1b8fc73a1db34ea9a129Sandeep Patil    cb.func_log = selinux_log_callback;
39593ba7019cb473158bdea1b8fc73a1db34ea9a129Sandeep Patil    selinux_set_callback(SELINUX_CB_LOG, cb);
39693ba7019cb473158bdea1b8fc73a1db34ea9a129Sandeep Patil
39731361232e1e7965d00c638ead2903f08f168f1c9Martijn Coenen#ifdef VENDORSERVICEMANAGER
39831361232e1e7965d00c638ead2903f08f168f1c9Martijn Coenen    sehandle = selinux_android_vendor_service_context_handle();
39931361232e1e7965d00c638ead2903f08f168f1c9Martijn Coenen#else
40069154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn    sehandle = selinux_android_service_context_handle();
40131361232e1e7965d00c638ead2903f08f168f1c9Martijn Coenen#endif
402bea0746b241d15626cf0a56828efc1d4640dbda7Stephen Smalley    selinux_status_open(true);
40369154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn
404eb4d5cbde02b17259e968321ef457b158ce1da4eNick Kralevich    if (sehandle == NULL) {
405eb4d5cbde02b17259e968321ef457b158ce1da4eNick Kralevich        ALOGE("SELinux: Failed to acquire sehandle. Aborting.\n");
406eb4d5cbde02b17259e968321ef457b158ce1da4eNick Kralevich        abort();
407eb4d5cbde02b17259e968321ef457b158ce1da4eNick Kralevich    }
408c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn
409eb4d5cbde02b17259e968321ef457b158ce1da4eNick Kralevich    if (getcon(&service_manager_context) != 0) {
410eb4d5cbde02b17259e968321ef457b158ce1da4eNick Kralevich        ALOGE("SELinux: Failed to acquire service_manager context. Aborting.\n");
411eb4d5cbde02b17259e968321ef457b158ce1da4eNick Kralevich        abort();
412c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn    }
413c67e6307cadb1f2cd876907c42d39b8374b93acdRiley Spahn
41469154df9efd3ffb7580b72a0138f58a2f5443db6Riley Spahn
41594afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    binder_loop(bs, svcmgr_handler);
4169b738bb4110926b85da65d36b2e6f1a50199ec4cSerban Constantinescu
41794afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood    return 0;
41894afecf4b6f437b3ee9a076242402e421c6c07a6Mike Lockwood}
419