Do not check selinux access for PermissionCache

Change to check selinux for PermissionCache failed because
surfaceflinger did not have access to selinuxfs. Based on the
discussion, it would be better to check PermissionCache without any
further access check, as its failure would mean the same. This change
removes additional access check from dump.

Bug: 313804706
Test: com.google.android.selinux.pts.SELinuxTest#scanBugreport passed
from cheetah

Change-Id: I5f6f882e270d71bc1da37360c6512cac66dd04a9

1 files changed, 8 insertions, 45 deletions

diff --git a/libs/gui/BufferQueueConsumer.cpp b/libs/gui/BufferQueueConsumer.cpp
index 744201a5df..11f5174d76 100644
--- a/libs/gui/BufferQueueConsumer.cpp
+++ b/libs/gui/BufferQueueConsumer.cpp
@@ -38,43 +38,10 @@
 #include <private/gui/BufferQueueThreadState.h>
 #if !defined(__ANDROID_VNDK__) && !defined(NO_BINDER)
 #include <binder/PermissionCache.h>
-#include <selinux/android.h>
-#include <selinux/selinux.h>
 #endif
 
 #include <system/window.h>
 
-namespace {
-#if !defined(__ANDROID_VNDK__) && !defined(NO_BINDER)
-int selinux_log_suppress_callback(int, const char*, ...) { // NOLINT
-    // DO NOTHING
-    return 0;
-}
-
-bool hasAccessToPermissionService() {
-    char* ctx;
-
-    if (getcon(&ctx) == -1) {
-        // Failed to get current selinux context
-        return false;
-    }
-
-    union selinux_callback cb;
-
-    cb.func_log = selinux_log_suppress_callback;
-    selinux_set_callback(SELINUX_CB_LOG, cb);
-
-    bool hasAccess = selinux_check_access(ctx, "u:object_r:permission_service:s0",
-                                          "service_manager", "find", NULL) == 0;
-    freecon(ctx);
-    cb.func_log = hasAccess ? selinux_log_callback : selinux_vendor_log_callback;
-    selinux_set_callback(SELINUX_CB_LOG, cb);
-
-    return hasAccess;
-}
-#endif
-} // namespace
-
 namespace android {
 
 // Macros for include BufferQueueCore information in log messages
@@ -843,18 +810,14 @@ status_t BufferQueueConsumer::dumpState(const String8& prefix, String8* outResul
     const uid_t uid = BufferQueueThreadState::getCallingUid();
 #if !defined(__ANDROID_VNDK__) && !defined(NO_BINDER)
     // permission check can't be done for vendors as vendors have no access to
-    // the PermissionController. We need to do a runtime check as well, since
-    // the system variant of libgui can be loaded in a vendor process. For eg:
-    // if a HAL uses an llndk library that depends on libgui (libmediandk etc).
-    if (hasAccessToPermissionService()) {
-        const pid_t pid = BufferQueueThreadState::getCallingPid();
-        if ((uid != shellUid) &&
-            !PermissionCache::checkPermission(String16("android.permission.DUMP"), pid, uid)) {
-            outResult->appendFormat("Permission Denial: can't dump BufferQueueConsumer "
-                                    "from pid=%d, uid=%d\n",
-                                    pid, uid);
-            denied = true;
-        }
+    // the PermissionController.
+    const pid_t pid = BufferQueueThreadState::getCallingPid();
+    if ((uid != shellUid) &&
+        !PermissionCache::checkPermission(String16("android.permission.DUMP"), pid, uid)) {
+        outResult->appendFormat("Permission Denial: can't dump BufferQueueConsumer "
+                                "from pid=%d, uid=%d\n",
+                                pid, uid);
+        denied = true;
     }
 #else
     if (uid != shellUid) {