| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Vendor processes do not have access to /dev/binder. Calling
defaultServiceManager() without RW permission will crash the process
with error message "Binder driver could not be opened. Terminating."
Normally, VNDK version of libcutils.so would not have the codepath of
ashmemd. However, on non-VNDK this codepath is exercised.
We check if the current process has permissions to /dev/binder before
calling defaultServiceManager() to avoid crashing. The calling code in
libcutils.so handles inability to connect ashmemd correctly. It will
fall back to opening /dev/ashmem directly. Vendor code should already
have permissions for that.
This SELinux denial shows which permissions need to be checked for:
avc: denied { read write } for name="binder" dev="tmpfs" ino=5570
scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:binder_device:s0
tclass=chr_file permissive=0
Note that the problem only manifests on non-VNDK devices.
Bug: 129073672
Test: ashmemd_test
Test: VtsHalSensorsV1_0TargetTest
--gtest_filter=SensorsHidlTest.AccelerometerAshmemDirectReportOperationNormal
Test: atest CtsOsTestCases:android.os.cts.SeccompTest#testIsolatedServicePolicy
Change-Id: I23bef7986298811ce2bd84c3fdc9c9e22837c368
|
|
|
|
|
|
|
|
|
|
| |
defaultServiceManager()'"
This reverts commit a526f3d41640506ebd457c2ed91b923d6f187d0b.
Reason for revert: b/129483782 Isolated apps don't have seccomp permissions to access() syscall. CTS seccomp test is broken.
Change-Id: I90ddf2016c8d2e433d2c8a4f8dd5e8563104533e
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Vendor processes do not have access to /dev/binder. Calling
defaultServiceManager() without RW permission will crash the process
with error message "Binder driver could not be opened. Terminating."
Normally, VNDK version of libcutils.so would not have the codepath of
ashmemd. However, on non-VNDK this codepath is exercised.
We check if the current process has permissions to /dev/binder before
calling defaultServiceManager() to avoid crashing. The calling code in
libcutils.so handles inability to connect ashmemd correctly. It will
fall back to opening /dev/ashmem directly. Vendor code should already
have permissions for that.
This SELinux denial shows which permissions need to be checked for:
avc: denied { read write } for name="binder" dev="tmpfs" ino=5570
scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:binder_device:s0
tclass=chr_file permissive=0
Note that the problem only manifests on non-VNDK devices.
Bug: 129073672
Test: ashmemd_test
Test: VtsHalSensorsV1_0TargetTest
--gtest_filter=SensorsHidlTest.AccelerometerAshmemDirectReportOperationNormal
Change-Id: If7319d09d092946d6f9bfac0d15b6ca2eae85a24
|
|
|
|
|
|
|
|
| |
This reverts commit 41b7c708217752a4b30cc022b5917957274c47e2.
Reason for revert: boot denial on sailfish/marlin
Change-Id: I3dad32c3b07bcab0a0bfffb9a06d66f767af7391
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Vendor processes do not have access to /dev/binder. Calling
defaultServiceManager() without RW permission will crash the process
with error message "Binder driver could not be opened. Terminating."
Normally, VNDK version of libcutils.so would not have the codepath of
ashmemd. However, on non-VNDK this codepath is exercised.
We check if the current process has permissions to /dev/binder before
calling defaultServiceManager() to avoid crashing. The calling code in
libcutils.so handles inability to connect ashmemd correctly. It will
fall back to opening /dev/ashmem directly. Vendor code should already
have permissions for that.
This SELinux denial shows which permissions need to be checked for:
avc: denied { read write } for name="binder" dev="tmpfs" ino=5570
scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:binder_device:s0
tclass=chr_file permissive=0
Note that the problem only manifests on non-VNDK devices.
Bug: 129073672
Test: ashmemd_test
Test: VtsHalSensorsV1_0TargetTest
--gtest_filter=SensorsHidlTest.AccelerometerAshmemDirectReportOperationNormal
Change-Id: I6f4992fd701de77db7b0f9a1b0f1c7b58e547aec
|
|
|
|
|
|
|
|
|
|
|
| |
On non-VNDK device (e.g. sailfish) the code path to ashmemd is the same,
which results in vendor processes always failing to get ashmemd service.
Use checkService() to fail immediately, instead of waiting for the
service.
Fixes: 123999623
Test: boot sailfish, no sleep cycles when trying to reach ashmemd.
Change-Id: I4fce14fad28b509cd112370bc4cc2eafd45c6c75
|
|
Motivation: we want to replace /dev/ashmem with memfd. To do so we need
all usage of /dev/ashmem to go through libcutils. Once that happens, we
migrate libcutils to use memfd.
ashmemd is our way to enforce that apps are using the existing
ASharedMemory_create API and not bypassing it to go directly to
/dev/ashmem.
ashmemd serves opened file descriptors. The following way should be the
only way for apps to open an fd to /dev/ashmem:
app -> ASharedMemory_create -> libcutils -> ashmemd -> /dev/ashmem
Bug: 113362644
Test: ashmemd_test
Change-Id: I9068cefa950f91dba0f1b75daca23f02d933b1c8
|