Oh, I should add - this is for giving applications raw unix-type access. A lot of things on android reserve that for something running in the system server process under the system group, and have it export android services to applications, putting the permission checks on the exported interfaces.
So it's really a question if you want android apps to interact at device file level, or with a wrapping service. On Dec 14, 12:15 pm, Chris Stratton <cs07...@gmail.com> wrote: > Assuming your device driver is interacted with via a device file, I > think the cleanest of currently in-use mechanisms is to create a unix > group for your capability and set the device file to be owned by root > but with that as the group and as appropriate read or read/write > permissions to the group. Then you need to find where the package > permissions are converted to unix group assignments. > > An uglier way to do it, but perhaps necessary if there's no device > file, is to hard code the value of the group id and check that > programmatically in the kernel. This is how android implements > internet permission with a tiny kernel patch. > > The grep feature on android.git.kernel.org is handy (or grep -R on > your local repos). Start grepping for a permission name, then > whatever identifiers you find from that such as a group name. > > On Dec 13, 1:07 pm, Bryan Ashby <nuskoo...@gmail.com> wrote: > > > I have a kernel module I would like to protect access to. I'd like to > > do this cleanly via the Android model, e.g.: invent a new feature and/ > > or permission(s) that restrict access to it's usage. How do I go about > > doing this? Let's assume I am modifying the Android distribution if > > needed. > > > To clarify, I'd like something like this: > > - mymodule.ko: kernel module provides functionality X, Y, and Z > > - New feature (e.g. <feature> in app XML manifest): > > com.me.myself.and.i.FEAT_MY_MODULE > > - New permissions (in XML manifest): com.me.myself.and.i.PERM_X, > > PERM_Y, PERM_Z > > > Any pointers / tips / etc. on how to do this are greatly appreciated! > > > (Forgive me if a similar post from me shows up -- I attempted to post > > a few days ago but it never showed up.) > > -- unsubscribe: android-kernel+unsubscr...@googlegroups.com website: http://groups.google.com/group/android-kernel
