| /* |
| * Copyright (C) 2012 The Android Open Source Project |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| #define LOG_TAG "SELinuxJNI" |
| #include <utils/Log.h> |
| |
| #include <nativehelper/JNIHelp.h> |
| #include "jni.h" |
| #include "core_jni_helpers.h" |
| #include "selinux/selinux.h" |
| #include "selinux/android.h" |
| #include <errno.h> |
| #include <memory> |
| #include <atomic> |
| #include <nativehelper/ScopedLocalRef.h> |
| #include <nativehelper/ScopedUtfChars.h> |
| |
| namespace android { |
| namespace { |
| std::atomic<selabel_handle*> sehandle{nullptr}; |
| |
| selabel_handle* GetSELabelHandle() { |
| selabel_handle* h = sehandle.load(); |
| if (h != nullptr) { |
| return h; |
| } |
| |
| h = selinux_android_file_context_handle(); |
| selabel_handle* expected = nullptr; |
| if (!sehandle.compare_exchange_strong(expected, h)) { |
| selabel_close(h); |
| return sehandle.load(); |
| } |
| return h; |
| } |
| |
| } |
| |
| struct SecurityContext_Delete { |
| void operator()(security_context_t p) const { |
| freecon(p); |
| } |
| }; |
| typedef std::unique_ptr<char[], SecurityContext_Delete> Unique_SecurityContext; |
| |
| static jboolean isSELinuxDisabled = true; |
| |
| /* |
| * Function: isSELinuxEnabled |
| * Purpose: checks whether SELinux is enabled/disbaled |
| * Parameters: none |
| * Return value : true (enabled) or false (disabled) |
| * Exceptions: none |
| */ |
| static jboolean isSELinuxEnabled(JNIEnv *env, jobject) { |
| return !isSELinuxDisabled; |
| } |
| |
| /* |
| * Function: isSELinuxEnforced |
| * Purpose: return the current SELinux enforce mode |
| * Parameters: none |
| * Return value: true (enforcing) or false (permissive) |
| * Exceptions: none |
| */ |
| static jboolean isSELinuxEnforced(JNIEnv *env, jobject) { |
| return (security_getenforce() == 1) ? true : false; |
| } |
| |
| static jstring fileSelabelLookup(JNIEnv* env, jobject, jstring pathStr) { |
| if (isSELinuxDisabled) { |
| ALOGE("fileSelabelLookup => SELinux is disabled"); |
| return NULL; |
| } |
| |
| if (pathStr == NULL) { |
| ALOGE("fileSelabelLookup => got null path."); |
| jniThrowNullPointerException( |
| env, "Trying to get security context of a null path."); |
| return NULL; |
| } |
| |
| ScopedUtfChars path(env, pathStr); |
| const char* path_c_str = path.c_str(); |
| if (path_c_str == NULL) { |
| ALOGE("fileSelabelLookup => Got null path"); |
| jniThrowNullPointerException( |
| env, "Trying to get security context of a null path."); |
| return NULL; |
| } |
| |
| auto* selabel_handle = GetSELabelHandle(); |
| if (selabel_handle == NULL) { |
| ALOGE("fileSelabelLookup => Failed to get SEHandle"); |
| return NULL; |
| } |
| |
| security_context_t tmp = NULL; |
| if (selabel_lookup(selabel_handle, &tmp, path_c_str, S_IFREG) != 0) { |
| ALOGE("fileSelabelLookup => selabel_lookup for %s failed: %d", path_c_str, errno); |
| return NULL; |
| } |
| |
| Unique_SecurityContext context(tmp); |
| return env->NewStringUTF(context.get()); |
| } |
| |
| static jstring getFdConInner(JNIEnv *env, jobject fileDescriptor, bool isSocket) { |
| if (isSELinuxDisabled) { |
| return NULL; |
| } |
| |
| if (fileDescriptor == NULL) { |
| jniThrowNullPointerException(env, |
| "Trying to check security context of a null FileDescriptor."); |
| return NULL; |
| } |
| |
| int fd = jniGetFDFromFileDescriptor(env, fileDescriptor); |
| if (env->ExceptionCheck()) { |
| ALOGE("getFdCon => getFD for %p failed", fileDescriptor); |
| return NULL; |
| } |
| |
| security_context_t tmp = NULL; |
| int ret; |
| if (isSocket) { |
| ret = getpeercon(fd, &tmp); |
| } else{ |
| ret = fgetfilecon(fd, &tmp); |
| } |
| Unique_SecurityContext context(tmp); |
| |
| ScopedLocalRef<jstring> contextStr(env, NULL); |
| if (ret != -1) { |
| contextStr.reset(env->NewStringUTF(context.get())); |
| } |
| |
| ALOGV("getFdCon(%d) => %s", fd, context.get()); |
| return contextStr.release(); |
| } |
| |
| /* |
| * Function: getPeerCon |
| * Purpose: retrieves security context of peer socket |
| * Parameters: |
| * fileDescriptor: peer socket file as a FileDescriptor object |
| * Returns: jstring representing the security_context of socket or NULL if error |
| * Exceptions: NullPointerException if fileDescriptor object is NULL |
| */ |
| static jstring getPeerCon(JNIEnv *env, jobject, jobject fileDescriptor) { |
| return getFdConInner(env, fileDescriptor, true); |
| } |
| |
| /* |
| * Function: getFdCon |
| * Purpose: retrieves security context of a file descriptor. |
| * Parameters: |
| * fileDescriptor: a FileDescriptor object |
| * Returns: jstring representing the security_context of socket or NULL if error |
| * Exceptions: NullPointerException if fileDescriptor object is NULL |
| */ |
| static jstring getFdCon(JNIEnv *env, jobject, jobject fileDescriptor) { |
| return getFdConInner(env, fileDescriptor, false); |
| } |
| |
| /* |
| * Function: setFSCreateCon |
| * Purpose: set security context used for creating a new file system object |
| * Parameters: |
| * context: security_context_t representing the new context of a file system object, |
| * set to NULL to return to the default policy behavior |
| * Returns: true on success, false on error |
| * Exception: none |
| */ |
| static jboolean setFSCreateCon(JNIEnv *env, jobject, jstring contextStr) { |
| if (isSELinuxDisabled) { |
| return false; |
| } |
| |
| std::unique_ptr<ScopedUtfChars> context; |
| const char* context_c_str = NULL; |
| if (contextStr != NULL) { |
| context.reset(new ScopedUtfChars(env, contextStr)); |
| context_c_str = context->c_str(); |
| if (context_c_str == NULL) { |
| return false; |
| } |
| } |
| |
| int ret = setfscreatecon(const_cast<char *>(context_c_str)); |
| |
| ALOGV("setFSCreateCon(%s) => %d", context_c_str, ret); |
| |
| return (ret == 0) ? true : false; |
| } |
| |
| /* |
| * Function: setFileCon |
| * Purpose: set the security context of a file object |
| * Parameters: |
| * path: the location of the file system object |
| * context: the new security context of the file system object |
| * Returns: true on success, false on error |
| * Exception: NullPointerException is thrown if either path or context strign are NULL |
| */ |
| static jboolean setFileCon(JNIEnv *env, jobject, jstring pathStr, jstring contextStr) { |
| if (isSELinuxDisabled) { |
| return false; |
| } |
| |
| ScopedUtfChars path(env, pathStr); |
| if (path.c_str() == NULL) { |
| return false; |
| } |
| |
| ScopedUtfChars context(env, contextStr); |
| if (context.c_str() == NULL) { |
| return false; |
| } |
| |
| // GetStringUTFChars returns const char * yet setfilecon needs char * |
| char *tmp = const_cast<char *>(context.c_str()); |
| int ret = setfilecon(path.c_str(), tmp); |
| |
| ALOGV("setFileCon(%s, %s) => %d", path.c_str(), context.c_str(), ret); |
| return (ret == 0) ? true : false; |
| } |
| |
| /* |
| * Function: getFileCon |
| * Purpose: retrieves the context associated with the given path in the file system |
| * Parameters: |
| * path: given path in the file system |
| * Returns: |
| * string representing the security context string of the file object |
| * the string may be NULL if an error occured |
| * Exceptions: NullPointerException if the path object is null |
| */ |
| static jstring getFileCon(JNIEnv *env, jobject, jstring pathStr) { |
| if (isSELinuxDisabled) { |
| return NULL; |
| } |
| |
| ScopedUtfChars path(env, pathStr); |
| if (path.c_str() == NULL) { |
| return NULL; |
| } |
| |
| security_context_t tmp = NULL; |
| int ret = getfilecon(path.c_str(), &tmp); |
| Unique_SecurityContext context(tmp); |
| |
| ScopedLocalRef<jstring> securityString(env, NULL); |
| if (ret != -1) { |
| securityString.reset(env->NewStringUTF(context.get())); |
| } |
| |
| ALOGV("getFileCon(%s) => %s", path.c_str(), context.get()); |
| return securityString.release(); |
| } |
| |
| /* |
| * Function: getCon |
| * Purpose: Get the context of the current process. |
| * Parameters: none |
| * Returns: a jstring representing the security context of the process, |
| * the jstring may be NULL if there was an error |
| * Exceptions: none |
| */ |
| static jstring getCon(JNIEnv *env, jobject) { |
| if (isSELinuxDisabled) { |
| return NULL; |
| } |
| |
| security_context_t tmp = NULL; |
| int ret = getcon(&tmp); |
| Unique_SecurityContext context(tmp); |
| |
| ScopedLocalRef<jstring> securityString(env, NULL); |
| if (ret != -1) { |
| securityString.reset(env->NewStringUTF(context.get())); |
| } |
| |
| ALOGV("getCon() => %s", context.get()); |
| return securityString.release(); |
| } |
| |
| /* |
| * Function: getPidCon |
| * Purpose: Get the context of a process identified by its pid |
| * Parameters: |
| * pid: a jint representing the process |
| * Returns: a jstring representing the security context of the pid, |
| * the jstring may be NULL if there was an error |
| * Exceptions: none |
| */ |
| static jstring getPidCon(JNIEnv *env, jobject, jint pid) { |
| if (isSELinuxDisabled) { |
| return NULL; |
| } |
| |
| security_context_t tmp = NULL; |
| int ret = getpidcon(static_cast<pid_t>(pid), &tmp); |
| Unique_SecurityContext context(tmp); |
| |
| ScopedLocalRef<jstring> securityString(env, NULL); |
| if (ret != -1) { |
| securityString.reset(env->NewStringUTF(context.get())); |
| } |
| |
| ALOGV("getPidCon(%d) => %s", pid, context.get()); |
| return securityString.release(); |
| } |
| |
| /* |
| * Function: checkSELinuxAccess |
| * Purpose: Check permissions between two security contexts. |
| * Parameters: subjectContextStr: subject security context as a string |
| * objectContextStr: object security context as a string |
| * objectClassStr: object's security class name as a string |
| * permissionStr: permission name as a string |
| * Returns: boolean: (true) if permission was granted, (false) otherwise |
| * Exceptions: None |
| */ |
| static jboolean checkSELinuxAccess(JNIEnv *env, jobject, jstring subjectContextStr, |
| jstring objectContextStr, jstring objectClassStr, jstring permissionStr) { |
| if (isSELinuxDisabled) { |
| return true; |
| } |
| |
| ScopedUtfChars subjectContext(env, subjectContextStr); |
| if (subjectContext.c_str() == NULL) { |
| return false; |
| } |
| |
| ScopedUtfChars objectContext(env, objectContextStr); |
| if (objectContext.c_str() == NULL) { |
| return false; |
| } |
| |
| ScopedUtfChars objectClass(env, objectClassStr); |
| if (objectClass.c_str() == NULL) { |
| return false; |
| } |
| |
| ScopedUtfChars permission(env, permissionStr); |
| if (permission.c_str() == NULL) { |
| return false; |
| } |
| |
| char *tmp1 = const_cast<char *>(subjectContext.c_str()); |
| char *tmp2 = const_cast<char *>(objectContext.c_str()); |
| int accessGranted = selinux_check_access(tmp1, tmp2, objectClass.c_str(), permission.c_str(), |
| NULL); |
| |
| ALOGV("checkSELinuxAccess(%s, %s, %s, %s) => %d", subjectContext.c_str(), objectContext.c_str(), |
| objectClass.c_str(), permission.c_str(), accessGranted); |
| |
| return (accessGranted == 0) ? true : false; |
| } |
| |
| /* |
| * Function: native_restorecon |
| * Purpose: restore default SELinux security context |
| * Parameters: pathname: the pathname for the file to be relabeled |
| * Returns: boolean: (true) file label successfully restored, (false) otherwise |
| * Exceptions: none |
| */ |
| static jboolean native_restorecon(JNIEnv *env, jobject, jstring pathnameStr, jint flags) { |
| if (isSELinuxDisabled) { |
| return true; |
| } |
| |
| ScopedUtfChars pathname(env, pathnameStr); |
| if (pathname.c_str() == NULL) { |
| ALOGV("restorecon(%p) => threw exception", pathnameStr); |
| return false; |
| } |
| |
| int ret = selinux_android_restorecon(pathname.c_str(), flags); |
| ALOGV("restorecon(%s) => %d", pathname.c_str(), ret); |
| return (ret == 0); |
| } |
| |
| /* |
| * JNI registration. |
| */ |
| static const JNINativeMethod method_table[] = { |
| /* name, signature, funcPtr */ |
| { "checkSELinuxAccess" , "(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)Z" , (void*)checkSELinuxAccess }, |
| { "getContext" , "()Ljava/lang/String;" , (void*)getCon }, |
| { "getFileContext" , "(Ljava/lang/String;)Ljava/lang/String;" , (void*)getFileCon }, |
| { "getPeerContext" , "(Ljava/io/FileDescriptor;)Ljava/lang/String;" , (void*)getPeerCon }, |
| { "getFileContext" , "(Ljava/io/FileDescriptor;)Ljava/lang/String;" , (void*)getFdCon }, |
| { "getPidContext" , "(I)Ljava/lang/String;" , (void*)getPidCon }, |
| { "isSELinuxEnforced" , "()Z" , (void*)isSELinuxEnforced}, |
| { "isSELinuxEnabled" , "()Z" , (void*)isSELinuxEnabled }, |
| { "native_restorecon" , "(Ljava/lang/String;I)Z" , (void*)native_restorecon}, |
| { "setFileContext" , "(Ljava/lang/String;Ljava/lang/String;)Z" , (void*)setFileCon }, |
| { "setFSCreateContext" , "(Ljava/lang/String;)Z" , (void*)setFSCreateCon }, |
| { "fileSelabelLookup" , "(Ljava/lang/String;)Ljava/lang/String;" , (void*)fileSelabelLookup}, |
| }; |
| |
| static int log_callback(int type, const char *fmt, ...) { |
| va_list ap; |
| int priority; |
| |
| switch (type) { |
| case SELINUX_WARNING: |
| priority = ANDROID_LOG_WARN; |
| break; |
| case SELINUX_INFO: |
| priority = ANDROID_LOG_INFO; |
| break; |
| default: |
| priority = ANDROID_LOG_ERROR; |
| break; |
| } |
| va_start(ap, fmt); |
| LOG_PRI_VA(priority, "SELinux", fmt, ap); |
| va_end(ap); |
| return 0; |
| } |
| |
| int register_android_os_SELinux(JNIEnv *env) { |
| union selinux_callback cb; |
| cb.func_log = log_callback; |
| selinux_set_callback(SELINUX_CB_LOG, cb); |
| |
| isSELinuxDisabled = (is_selinux_enabled() != 1) ? true : false; |
| |
| return RegisterMethodsOrDie(env, "android/os/SELinux", method_table, NELEM(method_table)); |
| } |
| |
| } |
