diff options
| author | Tri Vo <trong@google.com> | 2019-01-28 17:56:43 -0800 |
|---|---|---|
| committer | Tri Vo <trong@google.com> | 2019-02-04 10:30:24 -0800 |
| commit | 2891ba09d5c3636ffc15afa9df5700f6764cbd06 (patch) | |
| tree | aa65327dc2efa4af8294b61713bfc81a6b62bfeb /libcutils | |
| parent | 3e4b2ec29d236b8dc4a0936e48eb5d1f120ebdc4 (diff) | |
| download | system_core-2891ba09d5c3636ffc15afa9df5700f6764cbd06.tar.gz system_core-2891ba09d5c3636ffc15afa9df5700f6764cbd06.tar.bz2 system_core-2891ba09d5c3636ffc15afa9df5700f6764cbd06.zip | |
libcutils: route to ashmemd
If libcutils is not a VNDK version and /dev/ashmem is not available,
then ask ashmemd for opened fd to /dev/ashmem.
We rely on SELinux policy to determine what's allowed to open
/dev/ashmem directly.
Bug: 113362644
Test: device boots (in selinux permissive mode)
Change-Id: I93c4fa6044b0bfa5282097c6c32139a8d8f67deb
Diffstat (limited to 'libcutils')
| -rw-r--r-- | libcutils/ashmem-dev.cpp | 38 |
1 files changed, 37 insertions, 1 deletions
diff --git a/libcutils/ashmem-dev.cpp b/libcutils/ashmem-dev.cpp index 0cc4fc084..f65dc8b02 100644 --- a/libcutils/ashmem-dev.cpp +++ b/libcutils/ashmem-dev.cpp @@ -23,6 +23,9 @@ */ #define LOG_TAG "ashmem" +#ifndef __ANDROID_VNDK__ +#include <dlfcn.h> +#endif #include <errno.h> #include <fcntl.h> #include <linux/ashmem.h> @@ -45,13 +48,46 @@ static dev_t __ashmem_rdev; */ static pthread_mutex_t __ashmem_lock = PTHREAD_MUTEX_INITIALIZER; +/* + * We use ashmemd to enforce that apps don't open /dev/ashmem directly. Vendor + * code can't access system aidl services per Treble requirements. So we limit + * ashmemd access to the system variant of libcutils. + */ +#ifndef __ANDROID_VNDK__ +using openFdType = int (*)(); + +openFdType initOpenAshmemFd() { + openFdType openFd = nullptr; + void* handle = dlopen("libashmemd_client.so", RTLD_NOW); + if (!handle) { + ALOGE("Failed to dlopen() libashmemd_client.so: %s", dlerror()); + return openFd; + } + + openFd = reinterpret_cast<openFdType>(dlsym(handle, "openAshmemdFd")); + if (!openFd) { + ALOGE("Failed to dlsym() openAshmemdFd() function: %s", dlerror()); + } + return openFd; +} +#endif + /* logistics of getting file descriptor for ashmem */ static int __ashmem_open_locked() { int ret; struct stat st; - int fd = TEMP_FAILURE_RETRY(open(ASHMEM_DEVICE, O_RDWR | O_CLOEXEC)); + int fd = -1; +#ifndef __ANDROID_VNDK__ + static auto openFd = initOpenAshmemFd(); + if (openFd) { + fd = openFd(); + } +#endif + if (fd < 0) { + fd = TEMP_FAILURE_RETRY(open(ASHMEM_DEVICE, O_RDWR | O_CLOEXEC)); + } if (fd < 0) { return fd; } |