/**
* Applies zygote security policy per bug #1042973. A root peer may spawn an instance with any
* capabilities. All other uids may spawn instances with any of the capabilities in the peer's
* permitted set but no more.
*
* @param args non-null; zygote spawner arguments
* @param peer non-null; peer credentials
* @throws ZygoteSecurityException
*/
private static void applyCapabilitiesSecurityPolicy(
Arguments args, Credentials peer, String peerSecurityContext) throws ZygoteSecurityException {
if (args.permittedCapabilities == 0 && args.effectiveCapabilities == 0) {
// nothing to check
return;
}
boolean allowed =
SELinux.checkSELinuxAccess(
peerSecurityContext, peerSecurityContext, "zygote", "specifycapabilities");
if (!allowed) {
throw new ZygoteSecurityException("Peer may not specify capabilities");
}
if (peer.getUid() == 0) {
// root may specify anything
return;
}
long permittedCaps;
try {
permittedCaps = ZygoteInit.capgetPermitted(peer.getPid());
} catch (IOException ex) {
throw new ZygoteSecurityException("Error retrieving peer's capabilities.");
}
/*
* Ensure that the client did not specify an effective set larger
* than the permitted set. The kernel will enforce this too, but we
* do it here to make the following check easier.
*/
if (((~args.permittedCapabilities) & args.effectiveCapabilities) != 0) {
throw new ZygoteSecurityException(
"Effective capabilities cannot be superset of " + " permitted capabilities");
}
/*
* Ensure that the new permitted (and thus the new effective) set is
* a subset of the peer process's permitted set
*/
if (((~permittedCaps) & args.permittedCapabilities) != 0) {
throw new ZygoteSecurityException("Peer specified unpermitted capabilities");
}
}
/**
* Applies zygote security policy per bugs #875058 and #1082165. Based on the credentials of the
* process issuing a zygote command:
*
* <ol>
* <li>uid 0 (root) may specify any uid, gid, and setgroups() list
* <li>uid 1000 (Process.SYSTEM_UID) may specify any uid > 1000 in normal operation. It may
* also specify any gid and setgroups() list it chooses. In factory test mode, it may
* specify any UID.
* <li>Any other uid may not specify any uid, gid, or setgroups list. The uid and gid will be
* inherited from the requesting process.
* </ul>
*
* @param args non-null; zygote spawner arguments
* @param peer non-null; peer credentials
* @throws ZygoteSecurityException
*/
private static void applyUidSecurityPolicy(
Arguments args, Credentials peer, String peerSecurityContext) throws ZygoteSecurityException {
int peerUid = peer.getUid();
if (peerUid == 0) {
// Root can do what it wants
} else if (peerUid == Process.SYSTEM_UID) {
// System UID is restricted, except in factory test mode
String factoryTest = SystemProperties.get("ro.factorytest");
boolean uidRestricted;
/* In normal operation, SYSTEM_UID can only specify a restricted
* set of UIDs. In factory test mode, SYSTEM_UID may specify any uid.
*/
uidRestricted = !(factoryTest.equals("1") || factoryTest.equals("2"));
if (uidRestricted && args.uidSpecified && (args.uid < Process.SYSTEM_UID)) {
throw new ZygoteSecurityException(
"System UID may not launch process with UID < " + Process.SYSTEM_UID);
}
} else {
// Everything else
if (args.uidSpecified || args.gidSpecified || args.gids != null) {
throw new ZygoteSecurityException("App UIDs may not specify uid's or gid's");
}
}
if (args.uidSpecified || args.gidSpecified || args.gids != null) {
boolean allowed =
SELinux.checkSELinuxAccess(
peerSecurityContext, peerSecurityContext, "zygote", "specifyids");
if (!allowed) {
throw new ZygoteSecurityException("Peer may not specify uid's or gid's");
}
}
// If not otherwise specified, uid and gid are inherited from peer
if (!args.uidSpecified) {
args.uid = peer.getUid();
args.uidSpecified = true;
}
if (!args.gidSpecified) {
args.gid = peer.getGid();
args.gidSpecified = true;
}
}
/**
* Constructs instance from connected socket.
*
* @param socket non-null; connected socket
* @throws IOException
*/
ZygoteConnection(LocalSocket socket) throws IOException {
mSocket = socket;
mSocketOutStream = new DataOutputStream(socket.getOutputStream());
mSocketReader = new BufferedReader(new InputStreamReader(socket.getInputStream()), 256);
mSocket.setSoTimeout(CONNECTION_TIMEOUT_MILLIS);
try {
peer = mSocket.getPeerCredentials();
} catch (IOException ex) {
Log.e(TAG, "Cannot read peer credentials", ex);
throw ex;
}
peerSecurityContext = SELinux.getPeerContext(mSocket.getFileDescriptor());
}
/**
* Applies zygote security policy. Based on the credentials of the process issuing a zygote
* command:
*
* <ol>
* <li>uid 0 (root) may specify --invoke-with to launch Zygote with a wrapper command.
* <li>Any other uid may not specify any invoke-with argument.
* </ul>
*
* @param args non-null; zygote spawner arguments
* @param peer non-null; peer credentials
* @throws ZygoteSecurityException
*/
private static void applyInvokeWithSecurityPolicy(
Arguments args, Credentials peer, String peerSecurityContext) throws ZygoteSecurityException {
int peerUid = peer.getUid();
if (args.invokeWith != null && peerUid != 0) {
throw new ZygoteSecurityException(
"Peer is not permitted to specify " + "an explicit invoke-with wrapper command");
}
if (args.invokeWith != null) {
boolean allowed =
SELinux.checkSELinuxAccess(
peerSecurityContext, peerSecurityContext, "zygote", "specifyinvokewith");
if (!allowed) {
throw new ZygoteSecurityException(
"Peer is not permitted to specify " + "an explicit invoke-with wrapper command");
}
}
}
/**
* Applies zygote security policy per bug #1042973. Based on the credentials of the process
* issuing a zygote command:
*
* <ol>
* <li>peers of uid 0 (root) and uid 1000 (Process.SYSTEM_UID) may specify any rlimits.
* <li>All other uids may not specify rlimits.
* </ul>
*
* @param args non-null; zygote spawner arguments
* @param peer non-null; peer credentials
* @throws ZygoteSecurityException
*/
private static void applyRlimitSecurityPolicy(
Arguments args, Credentials peer, String peerSecurityContext) throws ZygoteSecurityException {
int peerUid = peer.getUid();
if (!(peerUid == 0 || peerUid == Process.SYSTEM_UID)) {
// All peers with UID other than root or SYSTEM_UID
if (args.rlimits != null) {
throw new ZygoteSecurityException("This UID may not specify rlimits.");
}
}
if (args.rlimits != null) {
boolean allowed =
SELinux.checkSELinuxAccess(
peerSecurityContext, peerSecurityContext, "zygote", "specifyrlimits");
if (!allowed) {
throw new ZygoteSecurityException("Peer may not specify rlimits");
}
}
}
/**
* Applies zygote security policy for SEAndroid information.
*
* @param args non-null; zygote spawner arguments
* @param peer non-null; peer credentials
* @throws ZygoteSecurityException
*/
private static void applyseInfoSecurityPolicy(
Arguments args, Credentials peer, String peerSecurityContext) throws ZygoteSecurityException {
int peerUid = peer.getUid();
if (args.seInfo == null) {
// nothing to check
return;
}
if (!(peerUid == 0 || peerUid == Process.SYSTEM_UID)) {
// All peers with UID other than root or SYSTEM_UID
throw new ZygoteSecurityException("This UID may not specify SEAndroid info.");
}
boolean allowed =
SELinux.checkSELinuxAccess(
peerSecurityContext, peerSecurityContext, "zygote", "specifyseinfo");
if (!allowed) {
throw new ZygoteSecurityException("Peer may not specify SEAndroid info");
}
return;
}
@Override
public void onCreate(Bundle icicle) {
super.onCreate(icicle);
addPreferencesFromResource(R.xml.device_info_settings);
setStringSummary(KEY_FIRMWARE_VERSION, Build.VERSION.RELEASE);
findPreference(KEY_FIRMWARE_VERSION).setEnabled(true);
setValueSummary(KEY_BASEBAND_VERSION, "gsm.version.baseband");
setStringSummary(KEY_DEVICE_MODEL, Build.MODEL + getMsvSuffix());
setValueSummary(KEY_EQUIPMENT_ID, PROPERTY_EQUIPMENT_ID);
setStringSummary(KEY_DEVICE_MODEL, Build.MODEL);
setStringSummary(KEY_BUILD_NUMBER, Build.DISPLAY);
findPreference(KEY_BUILD_NUMBER).setEnabled(true);
findPreference(KEY_KERNEL_VERSION).setSummary(getFormattedKernelVersion());
setValueSummary(KEY_MOD_VERSION, "ro.cm.version");
findPreference(KEY_MOD_VERSION).setEnabled(true);
setValueSummary(KEY_MOD_BUILD_DATE, "ro.build.date");
if (!SELinux.isSELinuxEnabled()) {
String status = getResources().getString(R.string.selinux_status_disabled);
setStringSummary(KEY_SELINUX_STATUS, status);
} else if (!SELinux.isSELinuxEnforced()) {
String status = getResources().getString(R.string.selinux_status_permissive);
setStringSummary(KEY_SELINUX_STATUS, status);
}
findPreference(KEY_SELINUX_STATUS).setEnabled(true);
if (MSimTelephonyManager.getDefault().isMultiSimEnabled()) {
findPreference(KEY_STATUS)
.getIntent()
.setClassName("com.android.settings", "com.android.settings.deviceinfo.msim.MSimStatus");
}
// Remove selinux information if property is not present
removePreferenceIfPropertyMissing(
getPreferenceScreen(), KEY_SELINUX_STATUS, PROPERTY_SELINUX_STATUS);
String cpuInfo = getCPUInfo();
String memInfo = getMemInfo();
// Only the owner should see the Updater settings, if it exists
if (UserHandle.myUserId() == UserHandle.USER_OWNER) {
removePreferenceIfPackageNotInstalled(findPreference(KEY_CM_UPDATES));
} else {
getPreferenceScreen().removePreference(findPreference(KEY_CM_UPDATES));
}
if (cpuInfo != null) {
setStringSummary(KEY_DEVICE_CPU, cpuInfo);
} else {
getPreferenceScreen().removePreference(findPreference(KEY_DEVICE_CPU));
}
if (memInfo != null) {
setStringSummary(KEY_DEVICE_MEMORY, memInfo);
} else {
getPreferenceScreen().removePreference(findPreference(KEY_DEVICE_MEMORY));
}
// Remove Safety information preference if PROPERTY_URL_SAFETYLEGAL is not set
removePreferenceIfPropertyMissing(
getPreferenceScreen(), "safetylegal", PROPERTY_URL_SAFETYLEGAL);
// Remove Equipment id preference if FCC ID is not set by RIL
removePreferenceIfPropertyMissing(
getPreferenceScreen(), KEY_EQUIPMENT_ID, PROPERTY_EQUIPMENT_ID);
// Remove Baseband version if wifi-only device
if (Utils.isWifiOnly(getActivity())
|| (MSimTelephonyManager.getDefault().isMultiSimEnabled())) {
getPreferenceScreen().removePreference(findPreference(KEY_BASEBAND_VERSION));
}
/*
* Settings is a generic app and should not contain any device-specific
* info.
*/
final Activity act = getActivity();
// These are contained in the "container" preference group
PreferenceGroup parentPreference = (PreferenceGroup) findPreference(KEY_CONTAINER);
Utils.updatePreferenceToSpecificActivityOrRemove(
act,
parentPreference,
KEY_TERMS,
Utils.UPDATE_PREFERENCE_FLAG_SET_TITLE_TO_MATCHING_ACTIVITY);
Utils.updatePreferenceToSpecificActivityOrRemove(
act,
parentPreference,
KEY_LICENSE,
Utils.UPDATE_PREFERENCE_FLAG_SET_TITLE_TO_MATCHING_ACTIVITY);
Utils.updatePreferenceToSpecificActivityOrRemove(
act,
parentPreference,
KEY_COPYRIGHT,
Utils.UPDATE_PREFERENCE_FLAG_SET_TITLE_TO_MATCHING_ACTIVITY);
Utils.updatePreferenceToSpecificActivityOrRemove(
act,
parentPreference,
KEY_TEAM,
Utils.UPDATE_PREFERENCE_FLAG_SET_TITLE_TO_MATCHING_ACTIVITY);
// These are contained by the root preference screen
parentPreference = getPreferenceScreen();
if (UserHandle.myUserId() == UserHandle.USER_OWNER) {
Utils.updatePreferenceToSpecificActivityOrRemove(
act,
parentPreference,
KEY_SYSTEM_UPDATE_SETTINGS,
Utils.UPDATE_PREFERENCE_FLAG_SET_TITLE_TO_MATCHING_ACTIVITY);
/* Make sure the activity is provided by who we want... */
if (findPreference(KEY_SYSTEM_UPDATE_SETTINGS) != null)
removePreferenceIfPackageNotInstalled(findPreference(KEY_SYSTEM_UPDATE_SETTINGS));
} else {
// Remove for secondary users
removePreference(KEY_SYSTEM_UPDATE_SETTINGS);
}
Utils.updatePreferenceToSpecificActivityOrRemove(
act,
parentPreference,
KEY_CONTRIBUTORS,
Utils.UPDATE_PREFERENCE_FLAG_SET_TITLE_TO_MATCHING_ACTIVITY);
// Read platform settings for additional system update setting
removePreferenceIfBoolFalse(
KEY_UPDATE_SETTING, R.bool.config_additional_system_update_setting_enable);
// Remove regulatory information if not enabled.
removePreferenceIfBoolFalse(KEY_REGULATORY_INFO, R.bool.config_show_regulatory_info);
}
@Override
public boolean onPreferenceTreeClick(PreferenceScreen preferenceScreen, Preference preference) {
if (preference.getKey().equals(KEY_FIRMWARE_VERSION)) {
System.arraycopy(mHits, 1, mHits, 0, mHits.length - 1);
mHits[mHits.length - 1] = SystemClock.uptimeMillis();
if (mHits[0] >= (SystemClock.uptimeMillis() - 500)) {
Intent intent = new Intent(Intent.ACTION_MAIN);
intent.setClassName("android", com.android.internal.app.PlatLogoActivity.class.getName());
try {
startActivity(intent);
} catch (Exception e) {
Log.e(LOG_TAG, "Unable to start activity " + intent.toString());
}
}
} else if (preference.getKey().equals(KEY_BUILD_NUMBER)) {
// Don't enable developer options for secondary users.
if (UserHandle.myUserId() != UserHandle.USER_OWNER) return true;
if (mDevHitCountdown > 0) {
mDevHitCountdown--;
if (mDevHitCountdown == 0) {
getActivity()
.getSharedPreferences(DevelopmentSettings.PREF_FILE, Context.MODE_PRIVATE)
.edit()
.putBoolean(DevelopmentSettings.PREF_SHOW, true)
.apply();
if (mDevHitToast != null) {
mDevHitToast.cancel();
}
mDevHitToast = Toast.makeText(getActivity(), R.string.show_dev_on, Toast.LENGTH_LONG);
mDevHitToast.show();
} else if (mDevHitCountdown > 0 && mDevHitCountdown < (TAPS_TO_BE_A_DEVELOPER - 2)) {
if (mDevHitToast != null) {
mDevHitToast.cancel();
}
mDevHitToast =
Toast.makeText(
getActivity(),
getResources()
.getQuantityString(
R.plurals.show_dev_countdown, mDevHitCountdown, mDevHitCountdown),
Toast.LENGTH_SHORT);
mDevHitToast.show();
}
} else if (mDevHitCountdown < 0) {
if (mDevHitToast != null) {
mDevHitToast.cancel();
}
mDevHitToast = Toast.makeText(getActivity(), R.string.show_dev_already, Toast.LENGTH_LONG);
mDevHitToast.show();
}
} else if (preference.getKey().equals(KEY_MOD_VERSION)) {
System.arraycopy(mHits, 1, mHits, 0, mHits.length - 1);
mHits[mHits.length - 1] = SystemClock.uptimeMillis();
if (mHits[0] >= (SystemClock.uptimeMillis() - 500)) {
Intent intent = new Intent(Intent.ACTION_MAIN);
intent.putExtra("is_cid", true);
intent.setClassName("android", com.android.internal.app.PlatLogoActivity.class.getName());
try {
startActivity(intent);
} catch (Exception e) {
Log.e(LOG_TAG, "Unable to start activity " + intent.toString());
}
}
} else if (preference.getKey().equals(KEY_SELINUX_STATUS)) {
System.arraycopy(mHits, 1, mHits, 0, mHits.length - 1);
mHits[mHits.length - 1] = SystemClock.uptimeMillis();
if (mHits[0] >= (SystemClock.uptimeMillis() - 500)) {
if (SELinux.isSELinuxEnabled()) {
if (!SELinux.isSELinuxEnforced()) {
/* Display the warning dialog */
AlertDialog alertDialog = new AlertDialog.Builder(getActivity()).create();
alertDialog.setTitle(R.string.selinux_enable_title);
alertDialog.setMessage(getResources().getString(R.string.selinux_enable_warning));
alertDialog.setButton(
DialogInterface.BUTTON_POSITIVE,
getResources().getString(com.android.internal.R.string.ok),
new DialogInterface.OnClickListener() {
public void onClick(DialogInterface dialog, int which) {
SELinux.setSELinuxEnforce(true);
String status = getResources().getString(R.string.selinux_status_enforcing);
setStringSummary(KEY_SELINUX_STATUS, status);
}
});
alertDialog.setButton(
DialogInterface.BUTTON_NEGATIVE,
getResources().getString(com.android.internal.R.string.cancel),
new DialogInterface.OnClickListener() {
public void onClick(DialogInterface dialog, int which) {}
});
alertDialog.setOnCancelListener(
new DialogInterface.OnCancelListener() {
public void onCancel(DialogInterface dialog) {}
});
alertDialog.show();
} else {
SELinux.setSELinuxEnforce(false);
}
}
if (!SELinux.isSELinuxEnabled()) {
String status = getResources().getString(R.string.selinux_status_disabled);
setStringSummary(KEY_SELINUX_STATUS, status);
} else if (!SELinux.isSELinuxEnforced()) {
String status = getResources().getString(R.string.selinux_status_permissive);
setStringSummary(KEY_SELINUX_STATUS, status);
} else if (SELinux.isSELinuxEnforced()) {
String status = getResources().getString(R.string.selinux_status_enforcing);
setStringSummary(KEY_SELINUX_STATUS, status);
}
}
}
return super.onPreferenceTreeClick(preferenceScreen, preference);
}
@Override
public void onCreate(Bundle icicle) {
super.onCreate(icicle);
addPreferencesFromResource(R.xml.device_info_settings);
setStringSummary(KEY_FIRMWARE_VERSION, Build.VERSION.RELEASE);
findPreference(KEY_FIRMWARE_VERSION).setEnabled(true);
setValueSummary(KEY_BASEBAND_VERSION, "gsm.version.baseband");
setStringSummary(KEY_DEVICE_MODEL, Build.MODEL + getMsvSuffix());
setValueSummary(KEY_EQUIPMENT_ID, PROPERTY_EQUIPMENT_ID);
setStringSummary(KEY_DEVICE_MODEL, Build.MODEL);
setStringSummary(KEY_BUILD_NUMBER, Build.DISPLAY);
findPreference(KEY_BUILD_NUMBER).setEnabled(true);
findPreference(KEY_KERNEL_VERSION).setSummary(getFormattedKernelVersion());
setValueSummary(KEY_MOD_VERSION, "ro.aokp.version");
findPreference(KEY_MOD_VERSION).setEnabled(true);
if (!SELinux.isSELinuxEnabled()) {
String status = getResources().getString(R.string.selinux_status_disabled);
setStringSummary(KEY_SELINUX_STATUS, status);
} else if (!SELinux.isSELinuxEnforced()) {
String status = getResources().getString(R.string.selinux_status_permissive);
setStringSummary(KEY_SELINUX_STATUS, status);
}
// Remove selinux information if property is not present
removePreferenceIfPropertyMissing(
getPreferenceScreen(), KEY_SELINUX_STATUS, PROPERTY_SELINUX_STATUS);
addStringPreference(KEY_DEVICE_CHIPSET, SystemProperties.get("ro.device.chipset", null));
addStringPreference(KEY_DEVICE_CPU, SystemProperties.get("ro.device.cpu", getCPUInfo()));
addStringPreference(KEY_DEVICE_GPU, SystemProperties.get("ro.device.gpu", null));
addStringPreference(KEY_DEVICE_MEMORY, getMemInfo());
addStringPreference(KEY_DEVICE_FRONT_CAMERA, SystemProperties.get("ro.device.front_cam", null));
addStringPreference(KEY_DEVICE_REAR_CAMERA, SystemProperties.get("ro.device.rear_cam", null));
addStringPreference(
KEY_DEVICE_SCREEN_RESOLUTION, SystemProperties.get("ro.device.screen_res", null));
// Remove Safety information preference if PROPERTY_URL_SAFETYLEGAL is not set
removePreferenceIfPropertyMissing(
getPreferenceScreen(), "safetylegal", PROPERTY_URL_SAFETYLEGAL);
// Remove Equipment id preference if FCC ID is not set by RIL
removePreferenceIfPropertyMissing(
getPreferenceScreen(), KEY_EQUIPMENT_ID, PROPERTY_EQUIPMENT_ID);
// Remove Baseband version if wifi-only device
if (Utils.isWifiOnly(getActivity())) {
getPreferenceScreen().removePreference(findPreference(KEY_BASEBAND_VERSION));
}
/*
* Settings is a generic app and should not contain any device-specific
* info.
*/
final Activity act = getActivity();
// These are contained in the "container" preference group
PreferenceGroup parentPreference = (PreferenceGroup) findPreference(KEY_CONTAINER);
Utils.updatePreferenceToSpecificActivityOrRemove(
act,
parentPreference,
KEY_TERMS,
Utils.UPDATE_PREFERENCE_FLAG_SET_TITLE_TO_MATCHING_ACTIVITY);
Utils.updatePreferenceToSpecificActivityOrRemove(
act,
parentPreference,
KEY_LICENSE,
Utils.UPDATE_PREFERENCE_FLAG_SET_TITLE_TO_MATCHING_ACTIVITY);
Utils.updatePreferenceToSpecificActivityOrRemove(
act,
parentPreference,
KEY_COPYRIGHT,
Utils.UPDATE_PREFERENCE_FLAG_SET_TITLE_TO_MATCHING_ACTIVITY);
Utils.updatePreferenceToSpecificActivityOrRemove(
act,
parentPreference,
KEY_TEAM,
Utils.UPDATE_PREFERENCE_FLAG_SET_TITLE_TO_MATCHING_ACTIVITY);
// These are contained by the root preference screen
parentPreference = getPreferenceScreen();
if (UserHandle.myUserId() == UserHandle.USER_OWNER) {
Utils.updatePreferenceToSpecificActivityOrRemove(
act,
parentPreference,
KEY_SYSTEM_UPDATE_SETTINGS,
Utils.UPDATE_PREFERENCE_FLAG_SET_TITLE_TO_MATCHING_ACTIVITY);
} else {
// Remove for secondary users
removePreference(KEY_SYSTEM_UPDATE_SETTINGS);
}
Utils.updatePreferenceToSpecificActivityOrRemove(
act,
parentPreference,
KEY_CONTRIBUTORS,
Utils.UPDATE_PREFERENCE_FLAG_SET_TITLE_TO_MATCHING_ACTIVITY);
// Read platform settings for additional system update setting
removePreferenceIfBoolFalse(
KEY_UPDATE_SETTING, R.bool.config_additional_system_update_setting_enable);
// Remove regulatory information if not enabled.
removePreferenceIfBoolFalse(KEY_REGULATORY_INFO, R.bool.config_show_regulatory_info);
}