Martijn Coenen | 3924742 | 2017-09-25 15:29:06 +0200 | [diff] [blame] | 1 | #define LOG_TAG "hwservicemanager" |
| 2 | |
Martijn Coenen | 7ce83be | 2017-04-07 16:19:32 -0700 | [diff] [blame] | 3 | #include <android-base/logging.h> |
| 4 | #include <hidl-util/FQName.h> |
| 5 | #include <log/log.h> |
| 6 | |
| 7 | #include "AccessControl.h" |
| 8 | |
| 9 | namespace android { |
| 10 | |
| 11 | static const char *kPermissionAdd = "add"; |
| 12 | static const char *kPermissionGet = "find"; |
| 13 | static const char *kPermissionList = "list"; |
| 14 | |
| 15 | struct audit_data { |
| 16 | const char* interfaceName; |
Steven Moreland | 7185a89 | 2019-01-09 18:00:05 -0800 | [diff] [blame^] | 17 | const char* sid; |
Martijn Coenen | 7ce83be | 2017-04-07 16:19:32 -0700 | [diff] [blame] | 18 | pid_t pid; |
| 19 | }; |
| 20 | |
| 21 | using android::FQName; |
| 22 | |
| 23 | AccessControl::AccessControl() { |
| 24 | mSeHandle = selinux_android_hw_service_context_handle(); |
Yi Kong | 00892ee | 2018-07-31 16:50:28 -0700 | [diff] [blame] | 25 | LOG_ALWAYS_FATAL_IF(mSeHandle == nullptr, "Failed to acquire SELinux handle."); |
Martijn Coenen | 7ce83be | 2017-04-07 16:19:32 -0700 | [diff] [blame] | 26 | |
| 27 | if (getcon(&mSeContext) != 0) { |
| 28 | LOG_ALWAYS_FATAL("Failed to acquire hwservicemanager context."); |
| 29 | } |
| 30 | |
| 31 | selinux_status_open(true); |
| 32 | |
| 33 | mSeCallbacks.func_audit = AccessControl::auditCallback; |
| 34 | selinux_set_callback(SELINUX_CB_AUDIT, mSeCallbacks); |
| 35 | |
| 36 | mSeCallbacks.func_log = selinux_log_callback; /* defined in libselinux */ |
| 37 | selinux_set_callback(SELINUX_CB_LOG, mSeCallbacks); |
| 38 | } |
| 39 | |
Steven Moreland | 7185a89 | 2019-01-09 18:00:05 -0800 | [diff] [blame^] | 40 | bool AccessControl::canAdd(const std::string& fqName, const CallingContext& callingContext) { |
Steven Moreland | 0cd38f0 | 2018-03-06 15:09:22 -0800 | [diff] [blame] | 41 | FQName fqIface; |
Martijn Coenen | 7ce83be | 2017-04-07 16:19:32 -0700 | [diff] [blame] | 42 | |
Steven Moreland | 0cd38f0 | 2018-03-06 15:09:22 -0800 | [diff] [blame] | 43 | if (!FQName::parse(fqName, &fqIface)) { |
Martijn Coenen | 7ce83be | 2017-04-07 16:19:32 -0700 | [diff] [blame] | 44 | return false; |
| 45 | } |
| 46 | const std::string checkName = fqIface.package() + "::" + fqIface.name(); |
| 47 | |
Steven Moreland | 7185a89 | 2019-01-09 18:00:05 -0800 | [diff] [blame^] | 48 | return checkPermission(callingContext, kPermissionAdd, checkName.c_str()); |
Martijn Coenen | 7ce83be | 2017-04-07 16:19:32 -0700 | [diff] [blame] | 49 | } |
| 50 | |
Steven Moreland | 7185a89 | 2019-01-09 18:00:05 -0800 | [diff] [blame^] | 51 | bool AccessControl::canGet(const std::string& fqName, const CallingContext& callingContext) { |
Steven Moreland | 0cd38f0 | 2018-03-06 15:09:22 -0800 | [diff] [blame] | 52 | FQName fqIface; |
Martijn Coenen | 7ce83be | 2017-04-07 16:19:32 -0700 | [diff] [blame] | 53 | |
Steven Moreland | 0cd38f0 | 2018-03-06 15:09:22 -0800 | [diff] [blame] | 54 | if (!FQName::parse(fqName, &fqIface)) { |
Martijn Coenen | 7ce83be | 2017-04-07 16:19:32 -0700 | [diff] [blame] | 55 | return false; |
| 56 | } |
| 57 | const std::string checkName = fqIface.package() + "::" + fqIface.name(); |
| 58 | |
Steven Moreland | 7185a89 | 2019-01-09 18:00:05 -0800 | [diff] [blame^] | 59 | return checkPermission(callingContext, kPermissionGet, checkName.c_str()); |
Martijn Coenen | 7ce83be | 2017-04-07 16:19:32 -0700 | [diff] [blame] | 60 | } |
| 61 | |
Steven Moreland | 7185a89 | 2019-01-09 18:00:05 -0800 | [diff] [blame^] | 62 | bool AccessControl::canList(const CallingContext& callingContext) { |
| 63 | return checkPermission(callingContext, mSeContext, kPermissionList, nullptr); |
Martijn Coenen | 7ce83be | 2017-04-07 16:19:32 -0700 | [diff] [blame] | 64 | } |
| 65 | |
Steven Moreland | 7185a89 | 2019-01-09 18:00:05 -0800 | [diff] [blame^] | 66 | AccessControl::CallingContext AccessControl::getCallingContext(pid_t sourcePid) { |
Yi Kong | 00892ee | 2018-07-31 16:50:28 -0700 | [diff] [blame] | 67 | char *sourceContext = nullptr; |
Martijn Coenen | 7ce83be | 2017-04-07 16:19:32 -0700 | [diff] [blame] | 68 | |
| 69 | if (getpidcon(sourcePid, &sourceContext) < 0) { |
Martijn Coenen | 3924742 | 2017-09-25 15:29:06 +0200 | [diff] [blame] | 70 | ALOGE("SELinux: failed to retrieve process context for pid %d", sourcePid); |
Steven Moreland | 7185a89 | 2019-01-09 18:00:05 -0800 | [diff] [blame^] | 71 | return { false, "", sourcePid }; |
Steven Moreland | 4034c1c | 2017-11-03 17:42:27 -0700 | [diff] [blame] | 72 | } |
| 73 | |
Steven Moreland | 7185a89 | 2019-01-09 18:00:05 -0800 | [diff] [blame^] | 74 | std::string context = sourceContext; |
| 75 | freecon(sourceContext); |
| 76 | return { true, context, sourcePid }; |
Steven Moreland | 4034c1c | 2017-11-03 17:42:27 -0700 | [diff] [blame] | 77 | } |
| 78 | |
Steven Moreland | 7185a89 | 2019-01-09 18:00:05 -0800 | [diff] [blame^] | 79 | bool AccessControl::checkPermission(const CallingContext& source, const char *targetContext, const char *perm, const char *interface) { |
| 80 | if (!source.sidPresent) { |
Martijn Coenen | 7ce83be | 2017-04-07 16:19:32 -0700 | [diff] [blame] | 81 | return false; |
| 82 | } |
| 83 | |
Steven Moreland | 4034c1c | 2017-11-03 17:42:27 -0700 | [diff] [blame] | 84 | bool allowed = false; |
Steven Moreland | 4034c1c | 2017-11-03 17:42:27 -0700 | [diff] [blame] | 85 | |
Steven Moreland | 7185a89 | 2019-01-09 18:00:05 -0800 | [diff] [blame^] | 86 | struct audit_data ad; |
| 87 | ad.pid = source.pid; |
| 88 | ad.sid = source.sid.c_str(); |
Martijn Coenen | 7ce83be | 2017-04-07 16:19:32 -0700 | [diff] [blame] | 89 | ad.interfaceName = interface; |
| 90 | |
Steven Moreland | 7185a89 | 2019-01-09 18:00:05 -0800 | [diff] [blame^] | 91 | allowed = (selinux_check_access(source.sid.c_str(), targetContext, "hwservice_manager", |
Martijn Coenen | 7ce83be | 2017-04-07 16:19:32 -0700 | [diff] [blame] | 92 | perm, (void *) &ad) == 0); |
| 93 | |
Martijn Coenen | 7ce83be | 2017-04-07 16:19:32 -0700 | [diff] [blame] | 94 | return allowed; |
| 95 | } |
| 96 | |
Steven Moreland | 7185a89 | 2019-01-09 18:00:05 -0800 | [diff] [blame^] | 97 | bool AccessControl::checkPermission(const CallingContext& source, const char *perm, const char *interface) { |
Yi Kong | 00892ee | 2018-07-31 16:50:28 -0700 | [diff] [blame] | 98 | char *targetContext = nullptr; |
Martijn Coenen | 7ce83be | 2017-04-07 16:19:32 -0700 | [diff] [blame] | 99 | bool allowed = false; |
| 100 | |
| 101 | // Lookup service in hwservice_contexts |
| 102 | if (selabel_lookup(mSeHandle, &targetContext, interface, 0) != 0) { |
| 103 | ALOGE("No match for interface %s in hwservice_contexts", interface); |
| 104 | return false; |
| 105 | } |
| 106 | |
Steven Moreland | 7185a89 | 2019-01-09 18:00:05 -0800 | [diff] [blame^] | 107 | allowed = checkPermission(source, targetContext, perm, interface); |
Martijn Coenen | 7ce83be | 2017-04-07 16:19:32 -0700 | [diff] [blame] | 108 | |
| 109 | freecon(targetContext); |
| 110 | |
| 111 | return allowed; |
| 112 | } |
| 113 | |
| 114 | int AccessControl::auditCallback(void *data, security_class_t /*cls*/, char *buf, size_t len) { |
| 115 | struct audit_data *ad = (struct audit_data *)data; |
| 116 | |
| 117 | if (!ad || !ad->interfaceName) { |
| 118 | ALOGE("No valid hwservicemanager audit data"); |
| 119 | return 0; |
| 120 | } |
| 121 | |
Steven Moreland | 7185a89 | 2019-01-09 18:00:05 -0800 | [diff] [blame^] | 122 | const char* sid = ad->sid ? ad->sid : "N/A"; |
| 123 | |
| 124 | snprintf(buf, len, "interface=%s sid=%s pid=%d", ad->interfaceName, sid, ad->pid); |
Martijn Coenen | 7ce83be | 2017-04-07 16:19:32 -0700 | [diff] [blame] | 125 | return 0; |
| 126 | } |
| 127 | |
| 128 | } // namespace android |