Merge "Do not rely on android_is_in_vendor_process" into main am: aa627355e4

Original change: https://android-review.googlesource.com/c/platform/frameworks/native/+/2825852 Change-Id: Ic2db9f794a46780eed82a7b7d32bc38c022af3c6 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
author: Treehugger Robot <android-test-infra-autosubmit@system.gserviceaccount.com> 2023-11-28 08:31:33 +0000
committer: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> 2023-11-28 08:31:33 +0000
commit: feecbd27423e5026b3ed76c7bdb5a2aff75f39f0 (patch)
tree: c66f9a93ab0e88e24723c9eec29259043340a160 /libs/gui/BufferQueueConsumer.cpp
parent: 9d3f99b0ce13d872cba558d62f2ad4c41dc2a744 (diff)
parent: aa627355e44f15f22703515253adae994e6aafe6 (diff)
1 files changed, 35 insertions, 3 deletions
diff --git a/libs/gui/BufferQueueConsumer.cpp b/libs/gui/BufferQueueConsumer.cpp
index b6a47fb4e9..744201a5df 100644
--- a/libs/gui/BufferQueueConsumer.cpp
+++ b/libs/gui/BufferQueueConsumer.cpp
@@ -36,13 +36,45 @@
 #include <gui/TraceUtils.h>
 
 #include <private/gui/BufferQueueThreadState.h>
-#ifndef __ANDROID_VNDK__
+#if !defined(__ANDROID_VNDK__) && !defined(NO_BINDER)
 #include <binder/PermissionCache.h>
-#include <vndksupport/linker.h>
+#include <selinux/android.h>
+#include <selinux/selinux.h>
 #endif
 
 #include <system/window.h>
 
+namespace {
+#if !defined(__ANDROID_VNDK__) && !defined(NO_BINDER)
+int selinux_log_suppress_callback(int, const char*, ...) { // NOLINT
+    // DO NOTHING
+    return 0;
+}
+
+bool hasAccessToPermissionService() {
+    char* ctx;
+
+    if (getcon(&ctx) == -1) {
+        // Failed to get current selinux context
+        return false;
+    }
+
+    union selinux_callback cb;
+
+    cb.func_log = selinux_log_suppress_callback;
+    selinux_set_callback(SELINUX_CB_LOG, cb);
+
+    bool hasAccess = selinux_check_access(ctx, "u:object_r:permission_service:s0",
+                                          "service_manager", "find", NULL) == 0;
+    freecon(ctx);
+    cb.func_log = hasAccess ? selinux_log_callback : selinux_vendor_log_callback;
+    selinux_set_callback(SELINUX_CB_LOG, cb);
+
+    return hasAccess;
+}
+#endif
+} // namespace
+
 namespace android {
 
 // Macros for include BufferQueueCore information in log messages
@@ -814,7 +846,7 @@ status_t BufferQueueConsumer::dumpState(const String8& prefix, String8* outResul
     // the PermissionController. We need to do a runtime check as well, since
     // the system variant of libgui can be loaded in a vendor process. For eg:
     // if a HAL uses an llndk library that depends on libgui (libmediandk etc).
-    if (!android_is_in_vendor_process()) {
+    if (hasAccessToPermissionService()) {
         const pid_t pid = BufferQueueThreadState::getCallingPid();
         if ((uid != shellUid) &&
             !PermissionCache::checkPermission(String16("android.permission.DUMP"), pid, uid)) {
author	Treehugger Robot <android-test-infra-autosubmit@system.gserviceaccount.com>	2023-11-28 08:31:33 +0000
committer	Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-11-28 08:31:33 +0000
commit	feecbd27423e5026b3ed76c7bdb5a2aff75f39f0 (patch)
tree	c66f9a93ab0e88e24723c9eec29259043340a160 /libs/gui/BufferQueueConsumer.cpp
parent	9d3f99b0ce13d872cba558d62f2ad4c41dc2a744 (diff)
parent	aa627355e44f15f22703515253adae994e6aafe6 (diff)