xref: /aosp_15_r20/frameworks/native/libs/binder/PermissionController.cpp (revision 38e8c45f13ce32b0dcecb25141ffecaf386fa17f) 
1*38e8c45fSAndroid Build Coastguard Worker /*
2*38e8c45fSAndroid Build Coastguard Worker  * Copyright (C) 2018 The Android Open Source Project
3*38e8c45fSAndroid Build Coastguard Worker  *
4*38e8c45fSAndroid Build Coastguard Worker  * Licensed under the Apache License, Version 2.0 (the "License");
5*38e8c45fSAndroid Build Coastguard Worker  * you may not use this file except in compliance with the License.
6*38e8c45fSAndroid Build Coastguard Worker  * You may obtain a copy of the License at
7*38e8c45fSAndroid Build Coastguard Worker  *
8*38e8c45fSAndroid Build Coastguard Worker  *      http://www.apache.org/licenses/LICENSE-2.0
9*38e8c45fSAndroid Build Coastguard Worker  *
10*38e8c45fSAndroid Build Coastguard Worker  * Unless required by applicable law or agreed to in writing, software
11*38e8c45fSAndroid Build Coastguard Worker  * distributed under the License is distributed on an "AS IS" BASIS,
12*38e8c45fSAndroid Build Coastguard Worker  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13*38e8c45fSAndroid Build Coastguard Worker  * See the License for the specific language governing permissions and
14*38e8c45fSAndroid Build Coastguard Worker  * limitations under the License.
15*38e8c45fSAndroid Build Coastguard Worker  */
16*38e8c45fSAndroid Build Coastguard Worker 
17*38e8c45fSAndroid Build Coastguard Worker #include <mutex>
18*38e8c45fSAndroid Build Coastguard Worker #include <binder/PermissionController.h>
19*38e8c45fSAndroid Build Coastguard Worker #include <binder/Binder.h>
20*38e8c45fSAndroid Build Coastguard Worker #include <binder/IServiceManager.h>
21*38e8c45fSAndroid Build Coastguard Worker 
22*38e8c45fSAndroid Build Coastguard Worker namespace android {
23*38e8c45fSAndroid Build Coastguard Worker 
24*38e8c45fSAndroid Build Coastguard Worker using namespace std::chrono_literals;
25*38e8c45fSAndroid Build Coastguard Worker 
PermissionController()26*38e8c45fSAndroid Build Coastguard Worker PermissionController::PermissionController()
27*38e8c45fSAndroid Build Coastguard Worker {
28*38e8c45fSAndroid Build Coastguard Worker }
29*38e8c45fSAndroid Build Coastguard Worker 
getService()30*38e8c45fSAndroid Build Coastguard Worker sp<IPermissionController> PermissionController::getService()
31*38e8c45fSAndroid Build Coastguard Worker {
32*38e8c45fSAndroid Build Coastguard Worker     std::lock_guard<Mutex> scoped_lock(mLock);
33*38e8c45fSAndroid Build Coastguard Worker     auto startTime = std::chrono::steady_clock::now().min();
34*38e8c45fSAndroid Build Coastguard Worker     sp<IPermissionController> service = mService;
35*38e8c45fSAndroid Build Coastguard Worker     while (service == nullptr || !IInterface::asBinder(service)->isBinderAlive()) {
36*38e8c45fSAndroid Build Coastguard Worker         sp<IBinder> binder = defaultServiceManager()->checkService(String16("permission"));
37*38e8c45fSAndroid Build Coastguard Worker         if (binder == nullptr) {
38*38e8c45fSAndroid Build Coastguard Worker             // Wait for the activity service to come back...
39*38e8c45fSAndroid Build Coastguard Worker             if (startTime == startTime.min()) {
40*38e8c45fSAndroid Build Coastguard Worker                 startTime = std::chrono::steady_clock::now();
41*38e8c45fSAndroid Build Coastguard Worker                 ALOGI("Waiting for permission service");
42*38e8c45fSAndroid Build Coastguard Worker             } else if (std::chrono::steady_clock::now() - startTime > 10s) {
43*38e8c45fSAndroid Build Coastguard Worker                 ALOGW("Waiting too long for permission service, giving up");
44*38e8c45fSAndroid Build Coastguard Worker                 service = nullptr;
45*38e8c45fSAndroid Build Coastguard Worker                 break;
46*38e8c45fSAndroid Build Coastguard Worker             }
47*38e8c45fSAndroid Build Coastguard Worker             sleep(1);
48*38e8c45fSAndroid Build Coastguard Worker         } else {
49*38e8c45fSAndroid Build Coastguard Worker             service = interface_cast<IPermissionController>(binder);
50*38e8c45fSAndroid Build Coastguard Worker             mService = service;
51*38e8c45fSAndroid Build Coastguard Worker         }
52*38e8c45fSAndroid Build Coastguard Worker     }
53*38e8c45fSAndroid Build Coastguard Worker     return service;
54*38e8c45fSAndroid Build Coastguard Worker }
55*38e8c45fSAndroid Build Coastguard Worker 
checkPermission(const String16 & permission,int32_t pid,int32_t uid)56*38e8c45fSAndroid Build Coastguard Worker bool PermissionController::checkPermission(const String16& permission, int32_t pid, int32_t uid)
57*38e8c45fSAndroid Build Coastguard Worker {
58*38e8c45fSAndroid Build Coastguard Worker     sp<IPermissionController> service = getService();
59*38e8c45fSAndroid Build Coastguard Worker     return service != nullptr ? service->checkPermission(permission, pid, uid) : false;
60*38e8c45fSAndroid Build Coastguard Worker }
61*38e8c45fSAndroid Build Coastguard Worker 
noteOp(const String16 & op,int32_t uid,const String16 & packageName)62*38e8c45fSAndroid Build Coastguard Worker int32_t PermissionController::noteOp(const String16& op, int32_t uid, const String16& packageName)
63*38e8c45fSAndroid Build Coastguard Worker {
64*38e8c45fSAndroid Build Coastguard Worker     sp<IPermissionController> service = getService();
65*38e8c45fSAndroid Build Coastguard Worker     return service != nullptr ? service->noteOp(op, uid, packageName) : MODE_ERRORED;
66*38e8c45fSAndroid Build Coastguard Worker }
67*38e8c45fSAndroid Build Coastguard Worker 
getPackagesForUid(const uid_t uid,Vector<String16> & packages)68*38e8c45fSAndroid Build Coastguard Worker void PermissionController::getPackagesForUid(const uid_t uid, Vector<String16> &packages)
69*38e8c45fSAndroid Build Coastguard Worker {
70*38e8c45fSAndroid Build Coastguard Worker     sp<IPermissionController> service = getService();
71*38e8c45fSAndroid Build Coastguard Worker     if (service != nullptr) {
72*38e8c45fSAndroid Build Coastguard Worker         service->getPackagesForUid(uid, packages);
73*38e8c45fSAndroid Build Coastguard Worker     }
74*38e8c45fSAndroid Build Coastguard Worker }
75*38e8c45fSAndroid Build Coastguard Worker 
isRuntimePermission(const String16 & permission)76*38e8c45fSAndroid Build Coastguard Worker bool PermissionController::isRuntimePermission(const String16& permission)
77*38e8c45fSAndroid Build Coastguard Worker {
78*38e8c45fSAndroid Build Coastguard Worker     sp<IPermissionController> service = getService();
79*38e8c45fSAndroid Build Coastguard Worker     return service != nullptr ? service->isRuntimePermission(permission) : false;
80*38e8c45fSAndroid Build Coastguard Worker }
81*38e8c45fSAndroid Build Coastguard Worker 
getPackageUid(const String16 & package,int flags)82*38e8c45fSAndroid Build Coastguard Worker int PermissionController::getPackageUid(const String16& package, int flags)
83*38e8c45fSAndroid Build Coastguard Worker {
84*38e8c45fSAndroid Build Coastguard Worker     sp<IPermissionController> service = getService();
85*38e8c45fSAndroid Build Coastguard Worker     return service != nullptr ? service->getPackageUid(package, flags) : -1;
86*38e8c45fSAndroid Build Coastguard Worker }
87*38e8c45fSAndroid Build Coastguard Worker 
88*38e8c45fSAndroid Build Coastguard Worker } // namespace android
89