This repository has been archived by the owner on Dec 12, 2023. It is now read-only.
forked from AndyCGYan/lineage_build_unified
-
Notifications
You must be signed in to change notification settings - Fork 78
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: Re-add
Try to fallback mCallingSid to getpidcon patch
- Loading branch information
Showing
1 changed file
with
65 additions
and
0 deletions.
There are no files selected for viewing
65 changes: 65 additions & 0 deletions
65
...s/personal/platform_frameworks_native/0001-Try-to-fallback-mCallingSid-to-getpidcon.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,65 @@ | ||
| From 32b422310c275a8c5da94e5ab26d3e63f80b6a17 Mon Sep 17 00:00:00 2001 | ||
| From: Pierre-Hugues Husson <[email protected]> | ||
| Date: Wed, 20 Oct 2021 09:39:47 -0400 | ||
| Subject: [PATCH] Try to fallback mCallingSid to getpidcon | ||
|
|
||
| This is needed because old vendors (before April 2019 ~) don't support | ||
| reporting SELinux context of the caller. | ||
| This doesn't work for all processes, because it requires some additional | ||
| SELinux permissions. At the moment, only keystore2 requires this | ||
|
|
||
| Change-Id: I3b6c4dac9d0e20a3d66f931b283e3a535ab499cd | ||
| --- | ||
| libs/binder/IPCThreadState.cpp | 22 ++++++++++++++++++++++ | ||
| 1 file changed, 22 insertions(+) | ||
|
|
||
| diff --git a/libs/binder/IPCThreadState.cpp b/libs/binder/IPCThreadState.cpp | ||
| index 3c97dcab93..65dc182b03 100644 | ||
| --- a/libs/binder/IPCThreadState.cpp | ||
| +++ b/libs/binder/IPCThreadState.cpp | ||
| @@ -35,6 +35,7 @@ | ||
| #include <sched.h> | ||
| #include <signal.h> | ||
| #include <stdio.h> | ||
| +#include <stdlib.h> | ||
| #include <sys/ioctl.h> | ||
| #include <sys/resource.h> | ||
| #include <unistd.h> | ||
| @@ -1269,6 +1270,26 @@ status_t IPCThreadState::executeCommand(int32_t cmd) | ||
| mCallingUid = tr.sender_euid; | ||
| mLastTransactionBinderFlags = tr.flags; | ||
|
|
||
| + // This is recoding libselinux's getpidcon() | ||
| + // We are in a NDK lib, so we need to keep changes to a minimum | ||
| + bool allocatedSid = false; | ||
| + if (mCallingSid == nullptr && mCallingPid != 0) { | ||
| + char buf[4096]; | ||
| + char *path = NULL; | ||
| + (void)asprintf(&path, "/proc/%d/attr/current", mCallingPid); | ||
| + int fd = open(path, O_RDONLY | O_CLOEXEC); | ||
| + if (fd != -1) { | ||
| + int readRet = read(fd, buf, sizeof(buf)-1); | ||
| + if(readRet != -1) { | ||
| + buf[readRet] = 0; | ||
| + mCallingSid = strdup(buf); | ||
| + allocatedSid = true; | ||
| + } | ||
| + close(fd); | ||
| + } | ||
| + free(path); | ||
| + } | ||
| + | ||
| // ALOGI(">>>> TRANSACT from pid %d sid %s uid %d\n", mCallingPid, | ||
| // (mCallingSid ? mCallingSid : "<N/A>"), mCallingUid); | ||
|
|
||
| @@ -1333,6 +1354,7 @@ status_t IPCThreadState::executeCommand(int32_t cmd) | ||
|
|
||
| mServingStackPointer = origServingStackPointer; | ||
| mCallingPid = origPid; | ||
| + if (allocatedSid) free((void*)mCallingSid); | ||
| mCallingSid = origSid; | ||
| mCallingUid = origUid; | ||
| mStrictModePolicy = origStrictModePolicy; | ||
| -- | ||
| 2.34.1 | ||
|
|