212c88143ebdeabbab364fca7680d8cd2caff256 |
|
02-Aug-2017 |
Yifan Hong <elsk@google.com> |
Use cutils/android_filesystem_config.h private/android_filesystem_config.h is not available for vndservicemanager. Test: m -j Test: BOARD_VNDK_VERSION m -j Bug: 63135587 Change-Id: Iaf9911a519ebbb798184e93b2911d0e813e6026c
/frameworks/native/cmds/servicemanager/service_manager.c
|
61f8dfa24b0846ae66328891f8facf9e06237c15 |
|
13-Jun-2017 |
Kouji Shiotani <kouji.shiotani@sony.com> |
Avoid SELinux violation at vndservicemanager Avoid following SELinux violation. avc: denied { read } for comm="vndservicemanag" name="nonplat_service_contexts" dev="rootfs" ino=17045 scontext=u:r:vndservicemanager:s0 tcontext=u:object_r:service_contexts_file:s0 tclass=file permissive=0 ppid=1 pcomm="init" pgid=1 pgcomm="init" This violation caused by vndservicemanager reading service_contexts at svcmgr_handler(). In main() loading as well, processing is divided by the VENDORSERVICEMANAGER flag. Therefore, even in svcmgr_handler(), processing is divided by flags like main(). Bug: 62562415 Test: mma Change-Id: I06b0308a80fc6ea1ca57cd10d9555dd269b8e12d
/frameworks/native/cmds/servicemanager/service_manager.c
|
bb26dd29563d90f25aa55b79a32203f0cebc1dc0 |
|
18-Apr-2017 |
Dan Cashman <dcashman@google.com> |
Reflect removal of vndservice_manager SELinux object manager. (preemptive cherry-pick of commit: 2762a7833ffc68cb731be53730e2364920a9d041 to avoid merge conflict) Bug: 34454312 Bug: 36052864 Test: policy builds and device boots. Change-Id: Ic2aebb15f4ae9085bf2cb440cceef6b4beb5ddc5
/frameworks/native/cmds/servicemanager/service_manager.c
|
4339a83c0f840fcfaa0bcd45f0aeb2d3d7675b63 |
|
06-Apr-2017 |
Martijn Coenen <maco@google.com> |
vndservicemanager: use separate SELinux class. For doing access control. Bug: 36052864 Test: device boots Change-Id: I263679ed4532ec52b1e64e5e60bdc064b7484073
/frameworks/native/cmds/servicemanager/service_manager.c
|
31361232e1e7965d00c638ead2903f08f168f1c9 |
|
01-Apr-2017 |
Martijn Coenen <maco@google.com> |
vndservicemanager: load vendor service_contexts. Also, don't crash when /dev/vndbinder is not accessible. Bug: 36052864 Test: loads vendor service contexts Test: doesn't crash without /dev/vndbinder, works with it Change-Id: Ida9dd94791206e14246348a8b8e66be09ed8fca7
/frameworks/native/cmds/servicemanager/service_manager.c
|
69b0515dcd58a479c41977aca7bd18b865571d09 |
|
21-Mar-2017 |
Martijn Coenen <maco@google.com> |
Add vndservicemanager. vndservicemanager is the context manager for binder services that are exclusively used from the vendor binder domain, "/dev/vndbinder"; these services can only be registered and accessed by vendor processes. To facilitate code re-use, vndservicemanager is just framework servicemanager accessing the vendor binder devnode. Bug: 36052864 Test: modified binder_test to use /dev/vndbinder Change-Id: Iac19a1180321a5be78d7be5ceb4ba211c593dc47
/frameworks/native/cmds/servicemanager/service_manager.c
|
93ba7019cb473158bdea1b8fc73a1db34ea9a129 |
|
27-Dec-2016 |
Sandeep Patil <sspatil@google.com> |
servicemanager: selinux: set selinux callbacks early SELinux library error logs are never be shown in logcat if there's a failure before the callbacks are set. We missed all logs from service context initialization because of this. Bug: 33746484 Test: Restart new service manager to make sure context init logs show up in logcat. Change-Id: I5479cf5fe10ceb1a210eda26946b6ea344792e24 Signed-off-by: Sandeep Patil <sspatil@google.com>
/frameworks/native/cmds/servicemanager/service_manager.c
|
7823e124e00576e20e47ec717cbe8bc89f0f2bf2 |
|
29-Sep-2016 |
Mark Salyzyn <salyzyn@google.com> |
Replace cutils/log.h and rationalize log/log.h and android/log.h - cutils/log.h treat as deprecated and lead by example - android/log.h to be used instead of log/log.h if possible - add system includes that are assumed as side effects - define LOG_TAG first Test: compile Bug: 31289077 Bug: 30465923 Change-Id: I8d99b24c333578c9b5aa9f2a01324bd0bba268dd
/frameworks/native/cmds/servicemanager/service_manager.c
|
a5e161b1207ef447a51e99856097d69d4a6111e1 |
|
29-Sep-2016 |
Mark Salyzyn <salyzyn@google.com> |
Replace cutils/log.h and rationalize log/log.h and android/log.h - cutils/log.h treat as deprecated and lead by example - android/log.h to be used instead of log/log.h if required - add system includes that are assumed as side effects of log.h - modules that use SLOG should use SLOG for all logging (installd) - define LOG_TAG first - remove logging infrastructure if not used Test: build Bug: 31289077 Change-Id: Iea147a0104c7ab7f12451304131d6500f42141e7
/frameworks/native/cmds/servicemanager/service_manager.c
|
eb4d5cbde02b17259e968321ef457b158ce1da4e |
|
10-Dec-2016 |
Nick Kralevich <nnk@google.com> |
service_manager.c: remove is_selinux_enabled calls SELinux is always enabled. No need to check for it. Test: Device boots and service manager works without errors. Change-Id: I12be7336e7c31a5f5796ea1383f3dc934eb3c97c
/frameworks/native/cmds/servicemanager/service_manager.c
|
6b9c6d23f69a64f76fc26cda6989183042b0621c |
|
19-Aug-2016 |
Arve Hjønnevåg <arve@android.com> |
ServiceManager: Allow system services running as secondary users to add services This should be reverted when all system services have been cleaned up to not do this. A process looking up a service while running in the background will see the service registered by the active user (assuming the service is registered on every user switch), not the service registered by the user that the process itself belongs to. BUG: 30795333 Change-Id: I1b74d58be38ed358f43c163692f9e704f8f31dbe
/frameworks/native/cmds/servicemanager/service_manager.c
|
5fa90a063f77054fc6068f45f6a21f43d64364b6 |
|
02-Aug-2016 |
Arve Hjønnevåg <arve@android.com> |
ServiceManager: Restore basic uid check Prevent apps from registering services without relying on selinux checks. Bug: 29431260 Change-Id: I38c6e8bc7f7cba1cbd3568e8fed1ae7ac2054a9b
/frameworks/native/cmds/servicemanager/service_manager.c
|
d57d9b900da83b1b5431d90e250f86c0047c618a |
|
19-Feb-2016 |
Ian Pedowitz <ijpedowitz@google.com> |
Revert "Revert "Fix warnings in servicemanager and KeyCharacterMap"" This reverts commit b480269b0f8e933fa6fc6bd4c9e1e504e1b51508. Change-Id: If405c0786c5bdd02e3f2c3356d56a4200c6b9dfb
/frameworks/native/cmds/servicemanager/service_manager.c
|
b480269b0f8e933fa6fc6bd4c9e1e504e1b51508 |
|
19-Feb-2016 |
Ian Pedowitz <ijpedowitz@google.com> |
Revert "Fix warnings in servicemanager and KeyCharacterMap" This reverts commit d3b4c050f6bcdfd44bfb9c8ed885fd1c482c50bb. Change-Id: I961f89d4446ac23f0e267c6541b504c4ec6b3af1
/frameworks/native/cmds/servicemanager/service_manager.c
|
d3b4c050f6bcdfd44bfb9c8ed885fd1c482c50bb |
|
19-Feb-2016 |
Aurimas Liutikas <aurimas@google.com> |
Fix warnings in servicemanager and KeyCharacterMap - Suppress unused parameter warnings. - Remove a few unused parameters. - Set the correct formatting for size_t log. Bug: 26936282 Change-Id: I2e2acb15d1bc05c6ba09563a87d5baceebe7ebd9
/frameworks/native/cmds/servicemanager/service_manager.c
|
8fb0f92e0fe3c286ebb120bae9e1570ee109fa12 |
|
02-Oct-2015 |
William Roberts <william.c.roberts@intel.com> |
servicemanager: log pid and uid on selinux denial The audit logs for servicemanager were missing the pid and uid of the source. This is useful for debugging. Before: ... SELinux : avc: denied { find } for service=android.security.keystore scontext=u:r:system_app:s0 ... After: ... SELinux : avc: denied { find } for service=android.security.keystore pid=1252 uid=1000 scontext=u:r:system_app:s0 ... Change-Id: Id1a6f38b99f11a31315439620ead2f01108b18b2 Signed-off-by: William Roberts <william.c.roberts@intel.com>
/frameworks/native/cmds/servicemanager/service_manager.c
|
bea0746b241d15626cf0a56828efc1d4640dbda7 |
|
03-Jun-2015 |
Stephen Smalley <sds@tycho.nsa.gov> |
Call selinux_status_open() prior to use of selinux_status_updated(). The selinux_status_*() interfaces require calling selinux_status_open() first. Since this was not being called by servicemanager, the selinux_status_updated() call was always failing and servicemanager was not reloading service_contexts upon a policy reload. Change-Id: I6ac62e114bbca99c5f0999feb918fcde15009274 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
/frameworks/native/cmds/servicemanager/service_manager.c
|
0b41ad5d6ec86cd2d481969dcff7e88f2805324f |
|
04-Apr-2015 |
Elliott Hughes <enh@google.com> |
Remove useless 'svcmgr_handle' (which had wrong type). Also use the 'ptr' union member rather than 'handle'. Signed-off-by: Serban Constantinescu <serban.constantinescu@arm.com> Change-Id: I68e5336cd3af3bc61dbddd2b33d7e1512c0c329c
/frameworks/native/cmds/servicemanager/service_manager.c
|
13df5f5f8fbc5a3fdfdd5d1ba5dc853cf3f017f0 |
|
01-Apr-2015 |
Mark Salyzyn <salyzyn@google.com> |
servicemanager: service_manager missing include for string.h service_manager.c gets string.h inherited from private/android_filesystem_config.h it should not rely on this in the future. The intent is to move fs_config function into libcutils and thus deprecate any need for string.h in this include file. Bug: 19908228 Change-Id: Icc95ee02bf02c596463868b1330d209d1bd5c58a
/frameworks/native/cmds/servicemanager/service_manager.c
|
b27bbd18bb65b3744ae066fcd6826285dec8b469 |
|
05-Mar-2015 |
Nick Kralevich <nnk@google.com> |
service_manager: reorder permission checks for find Reorder the find permission checks. This avoids generating misleading SELinux denials when a service doesn't exist, or when a service is prohibited to isolated apps. The original reason for structuring the code this way is explained in https://android-review.googlesource.com/#/c/100530/4/cmds/servicemanager/service_manager.c@172 The concern at the time was to avoid leaking a situation where a caller could probe for the existance of a service. This turns out to be unnecessary. The same return value is used for both a permission denied and a service not found. The only side effect is the generation of an SELinux audit log, which likely won't be accessible to the calling application. Change-Id: I9760e1821ed16102fa5f9bec07f8c34944565be9
/frameworks/native/cmds/servicemanager/service_manager.c
|
c67e6307cadb1f2cd876907c42d39b8374b93acd |
|
08-Jul-2014 |
Riley Spahn <rileyspahn@google.com> |
Add MAC for remaining service_manager functionality. Add SELinux MAC for the list and find functionality to service_manager. By default the list action uses the service_manager_type attribute as its target object. Change-Id: I7630f21a9f3232ae3d6d8b9a1119230b40899aef
/frameworks/native/cmds/servicemanager/service_manager.c
|
7d42a3c31ba78a418f9bdde0e0ab951469f321b5 |
|
13-Jul-2014 |
Nick Kralevich <nnk@google.com> |
service_manager: check binder passed lengths 1) Pass length through to str8 function. 2) Fix implicit function definition warning. 3) Check for NULL from bio_get_string16 functions. Bug: 15886919 Bug: 15888753 Change-Id: I78a401d55b84f382ab83911be32b8d501998aa82
/frameworks/native/cmds/servicemanager/service_manager.c
|
1244edcb85811e9e58d9d40fd05f10dd22e497ca |
|
26-Jun-2014 |
Riley Spahn <rileyspahn@google.com> |
Remove inline access control in service_manager. Remove the hardcoded tuples of UIDs and the services that each is allowed to register. We will rely only on permissions from SELinux. Change-Id: I1c44555a6e274814282398865b30ee938f40dabb
/frameworks/native/cmds/servicemanager/service_manager.c
|
69154df9efd3ffb7580b72a0138f58a2f5443db6 |
|
05-Jun-2014 |
Riley Spahn <rileyspahn@google.com> |
Add SELinux checks when adding a service. Add a MAC check to the svc_can_register function in service_manager. The types are defined in external/sepolicy/service.te and the mapping from service names is defined in external/sepolicy/service_contexts. Currently uses the property context backend to parse the contexts file. Bug: 12909011 Change-Id: I5d90a614263c60571c7c70c2882e6fa929911ca5
/frameworks/native/cmds/servicemanager/service_manager.c
|
e5245cbf5d4e830cf605ef07f5d284d7c5d2867e |
|
29-Jan-2014 |
Arve Hjønnevåg <arve@android.com> |
ServiceManager: Implement PING_TRANSACTION Stop printing "invalid id " to stderr every time a process tries to connect to the servicemanager. Change-Id: Ib0e5a0375bfa2dec2c2f9cd668bd5dda46ed6588
/frameworks/native/cmds/servicemanager/service_manager.c
|
3a345f0df5f62d77e875a289e9aee89f0d1b526e |
|
19-Dec-2013 |
Serban Constantinescu <serban.constantinescu@arm.com> |
ServiceManager: Fix the binder interface This patch adds support for binder transactions on 64bit systems without breaking the existing 32bit ABI. It has been tested on the Android emulator and ARMv8 Model. Most of the changes in this patch just follow the binder ABI. Change-Id: I8c37b847ea65008d56554d34d4696fe3d22f7533 Signed-off-by: Serban Constantinescu <serban.constantinescu@arm.com>
/frameworks/native/cmds/servicemanager/service_manager.c
|
5fb1b8836aa5cf0f38b49bc7bfb8343b84fdf9bf |
|
30-Jan-2014 |
Serban Constantinescu <serban.constantinescu@arm.com> |
ServiceManager: Store handles in uint32_t instead of void * This patch corrects the types used for storing handles. Change-Id: If9c10782345f1de9e12b4b3fd6be9e02e6b568cd Signed-off-by: Serban Constantinescu <serban.constantinescu@arm.com>
/frameworks/native/cmds/servicemanager/service_manager.c
|
9b738bb4110926b85da65d36b2e6f1a50199ec4c |
|
10-Jan-2014 |
Serban Constantinescu <serban.constantinescu@arm.com> |
ServiceManager: Generic Fixes This patch fixes some of the ServiceManager issues. The following patches of the series add fixes to the ABI. Change-Id: Ib479234c8704e12592f1b149ddec67881bc50230 Signed-off-by: Serban Constantinescu <serban.constantinescu@arm.com>
/frameworks/native/cmds/servicemanager/service_manager.c
|
a44542ca74b7da5b44ba30c205c3244805bb0600 |
|
30-Jan-2014 |
Serban Constantinescu <serban.constantinescu@arm.com> |
ServiceManager: Add extra error handling This patch extends the error handling. It also adds a check for a matching binder version - kernel/userspace. Change-Id: I43a262934b38c5711536aaa42754fed1ef04b39e Signed-off-by: Serban Constantinescu <serban.constantinescu@arm.com>
/frameworks/native/cmds/servicemanager/service_manager.c
|
bcf38880c65297da58194eb0c0ce8d6e2bab7d94 |
|
10-Jan-2014 |
Serban Constantinescu <serban.constantinescu@arm.com> |
ServiceManager: Make use of kernel exported structures This patch switches ServiceManager to use the structures exported in the kernel headers rather then redefining its own. struct binder_txn is replaced with struct binder_transaction_data and struct binder_object with struct flat_binder_object, both defined in the binder driver header <linux/binder.h>. Change-Id: I3b3e97918173ea35a289e184774ae06193192da3 Signed-off-by: Serban Constantinescu <serban.constantinescu@arm.com>
/frameworks/native/cmds/servicemanager/service_manager.c
|
64c8be07878a6a110e5386c5f789fa9db51c5746 |
|
16-Jan-2013 |
Glenn Kasten <gkasten@google.com> |
Add media.log service Change-Id: Ic17752fff30676fe692c80260ff68284543385dd
/frameworks/native/cmds/servicemanager/service_manager.c
|
244408786cf1f374eeacbf6d16dd5a6f7b5e3c59 |
|
15-Nov-2012 |
Kenny Root <kroot@google.com> |
Switch keystore to binder Change-Id: Ie15781de079e8ecc9616cab9a5e392f5c814d9d8
/frameworks/native/cmds/servicemanager/service_manager.c
|
94afecf4b6f437b3ee9a076242402e421c6c07a6 |
|
24-Oct-2012 |
Mike Lockwood <lockwood@google.com> |
Move non-Java commands over from frameworks/base Change-Id: I0571813c1cfcf66abd36eb9f178fc49b618e88a6 Signed-off-by: Mike Lockwood <lockwood@google.com>
/frameworks/native/cmds/servicemanager/service_manager.c
|