pa-fazil
/
android_packages_modules_Virtualization
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Check calling user in composd. 

Access to our service is already restricted by selinux, so this is
really just an extra safety check.

Test: Run composd
Bug: 186126194
Change-Id: Ib997c4bb282ac1c3d654d57bb84845a455893f2c
This commit is contained in:
Alan Stokes 2021-11-16 15:18:13 +00:00
parent e4eeaedbeb
commit cb732dc9fd
2 changed files with 15 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
compos/composd/Android.bp
View File

@ -19,6 +19,7 @@ rust_binary {
"libcomposd_native_rust", "libcomposd_native_rust",
"libnum_traits", "libnum_traits",
"liblog_rust", "liblog_rust",
"librustutils",
"libshared_child", "libshared_child",
], ],
proc_macros: ["libnum_derive"], proc_macros: ["libnum_derive"],

17
compos/composd/src/service.rs
View File

@ -25,12 +25,15 @@ use android_system_composd::aidl::android::system::composd::{
ICompilationTaskCallback::ICompilationTaskCallback, ICompilationTaskCallback::ICompilationTaskCallback,
IIsolatedCompilationService::{BnIsolatedCompilationService, IIsolatedCompilationService}, IIsolatedCompilationService::{BnIsolatedCompilationService, IIsolatedCompilationService},
}; };
use android_system_composd::binder::{self, BinderFeatures, Interface, Strong}; use android_system_composd::binder::{
self, BinderFeatures, ExceptionCode, Interface, Status, Strong, ThreadState,
};
use anyhow::{Context, Result}; use anyhow::{Context, Result};
use binder_common::new_binder_service_specific_error; use binder_common::new_binder_service_specific_error;
use compos_aidl_interface::aidl::com::android::compos::{ use compos_aidl_interface::aidl::com::android::compos::{
CompilationResult::CompilationResult, FdAnnotation::FdAnnotation, CompilationResult::CompilationResult, FdAnnotation::FdAnnotation,
}; };
use rustutils::users::{AID_ROOT, AID_SYSTEM};
pub struct IsolatedCompilationService { pub struct IsolatedCompilationService {
instance_manager: InstanceManager, instance_manager: InstanceManager,
@ -48,7 +51,11 @@ impl IIsolatedCompilationService for IsolatedCompilationService {
&self, &self,
callback: &Strong<dyn ICompilationTaskCallback>, callback: &Strong<dyn ICompilationTaskCallback>,
) -> binder::Result<Strong<dyn ICompilationTask>> { ) -> binder::Result<Strong<dyn ICompilationTask>> {
// TODO - check caller is system or shell/root? let calling_uid = ThreadState::get_calling_uid();
// This should only be called by system server, or root while testing
if calling_uid != AID_SYSTEM && calling_uid != AID_ROOT {
return Err(Status::new_exception(ExceptionCode::SECURITY, None));
}
to_binder_result(self.do_start_test_compile(callback)) to_binder_result(self.do_start_test_compile(callback))
} }
@ -57,7 +64,11 @@ impl IIsolatedCompilationService for IsolatedCompilationService {
args: &[String], args: &[String],
fd_annotation: &FdAnnotation, fd_annotation: &FdAnnotation,
) -> binder::Result<CompilationResult> { ) -> binder::Result<CompilationResult> {
// TODO - check caller is odrefresh let calling_uid = ThreadState::get_calling_uid();
// This should only be called by odrefresh, which runs as root
if calling_uid != AID_ROOT {
return Err(Status::new_exception(ExceptionCode::SECURITY, None));
}
to_binder_result(self.do_compile_cmd(args, fd_annotation)) to_binder_result(self.do_compile_cmd(args, fd_annotation))
} }