On 02/10/2015 09:00 AM, STEFANO CATTANEO wrote: > Hi, > > I'm working on my thesis and stumbled upon a problem. I'm using AOSP > 5.0.0 and both an emulator and a Nexus7 flo with the same results. > My goal is to monitor any process calling the SQLiteDatabase class (I'm > logging some of the method calls like rawQueryWithFactory, insert, > update) with Binder.getcallingPid (I'm okay with receiving the pid of > the process running SQLiteDatabase itself if a IPC call was not > involved) and then getting the process security context with > SELinux.getPidContext(). > My solution works almost every time because I get some null contexts, > only when i'm asking for the label for com.android.systemui . > This happens as soon as the com.android.systemui process is created and > later on. Then, on the last time it asks for some SQLiteDatabase > methods, it has a label (u:r:platform_app:s0). > If the process is destroyed and recreated (sometimes it happens) with a > different Pid, it goes back to having a null label and to finally have > one later on. > Why does this happens to com.android.systemui? Is there a way to have > him properly labeled? Or is it properly labeled and I'm doing something > wrong?
getPidContext (and the underlying libselinux function, getpidcon) can only work when the process is still alive and its context can be read from /proc/pid/attr/current. So if you are getting a null label, that implies that either the process has exited or you do not have permission to read its /proc/pid/attr/current file. The latter would show up as an avc: denied message in your dmesg or logcat output, and would always fail, not just sometimes. It sounds like you are encountering the former issue instead. I don't think this would be a problem if you perform the getPidContext() call immediately upon receiving the binder IPC and pass the resulting context down to your SQLiteDatabase code, although I could be wrong. If so, then the only solution may be to revive work we originally did to support passing security contexts on binder IPC, see: https://code.google.com/p/android/issues/detail?id=72971 _______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
