On 02/27/2015 09:04 AM, P S wrote:
> Hello,
>
> This might be an easy question but I can't seem to find a clear answer
> anywhere. Apologies if this isn't the right mailing list to ask these
> kind of things and thank you for your time. :)
> -----------------------------------
> The scenario is as follows:
>
> I have a third party app (aka not a system app so just installed by a
> user/marketplace service) called MyApp.
>
> Inside MyApp I have some jni bindings that call native C code. This
> native C code starts two processes (let's call them ProcessA and
> ProcessB). From that point on the jni bindings communicate with
> ProcessA only. ProcessB in the meantime forks and now has 1-3 children
> processes. ProcessB acts like a manager for those processes and is
> their parent.
> The IPC in both cases (between processA <-processB and between
> processB <-> children) is done via Unix Sockets. This works fine with
> glibc and on *nix OSes without SELinux.
>
> My question is: would the default SELinux policy used in most devices
> cause problems with the usage of unix sockets for IPC? I know that
> using the native binders provided by bionic is preffered for IPC but
> it would be pretty costly to reimplement it again in my app.
>
> If it's not feasible by default what kind of changes would be
> necessary to make it work?
Relevant rules in external/sepolicy:
domain.te:
allow domain self:unix_dgram_socket { create_socket_perms sendto };
allow domain self:unix_stream_socket { create_stream_socket_perms
connectto };
(In English, all domains are allowed to create Unix sockets and
send/connect to processes within the same domain)
app.te:
allow { appdomain -isolated_app } app_data_file:notdevfile_class_set
create_file_perms;
(In English, all app domains are allowed to create, read, write, ...
files of any kind other than device files in their /data/data/<pkgdir>
directory, including socket files.)
So Unix socket IPC is fully supported within a domain (which covers not
only your case of a single app but even multiple third party apps, as
they all run in a single domain, untrusted_app).
Where you may run afoul of SELinux is if you try to perform such IPC
across apps running for different users on a device set up for
multi-user support. But that is only presently restricted in AOSP
master, not in 5.x.
_______________________________________________
Seandroid-list mailing list
[email protected]
To unsubscribe, send email to [email protected].
To get help, send an email containing "help" to
[email protected].
