1 /* 2 * Copyright (C) 2011 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #include <cutils/sockets.h> 18 19 #define LOG_TAG "socket-unix" 20 21 #include <stdio.h> 22 #include <stdlib.h> 23 #include <string.h> 24 #include <sys/socket.h> 25 #include <sys/uio.h> 26 #include <sys/un.h> 27 #include <time.h> 28 #include <unistd.h> 29 30 #include <cutils/android_get_control_file.h> 31 #include <log/log.h> 32 33 #include "android_get_control_env.h" 34 35 #ifndef TEMP_FAILURE_RETRY 36 #define TEMP_FAILURE_RETRY(exp) (exp) // KISS implementation 37 #endif 38 39 #if defined(__ANDROID__) 40 /* For the socket trust (credentials) check */ 41 #include <private/android_filesystem_config.h> 42 #define __android_unused 43 #else 44 #define __android_unused __attribute__((__unused__)) 45 #endif 46 47 bool socket_peer_is_trusted(int fd __android_unused) { 48 #if defined(__ANDROID__) 49 ucred cr; 50 socklen_t len = sizeof(cr); 51 int n = getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &cr, &len); 52 53 if (n != 0) { 54 ALOGE("could not get socket credentials: %s\n", strerror(errno)); 55 return false; 56 } 57 58 if ((cr.uid != AID_ROOT) && (cr.uid != AID_SHELL)) { 59 ALOGE("untrusted userid on other end of socket: userid %d\n", cr.uid); 60 return false; 61 } 62 #endif 63 64 return true; 65 } 66 67 int socket_close(int sock) { 68 return close(sock); 69 } 70 71 int socket_set_receive_timeout(cutils_socket_t sock, int timeout_ms) { 72 timeval tv; 73 tv.tv_sec = timeout_ms / 1000; 74 tv.tv_usec = (timeout_ms % 1000) * 1000; 75 return setsockopt(sock, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(tv)); 76 } 77 78 ssize_t socket_send_buffers(cutils_socket_t sock, 79 const cutils_socket_buffer_t* buffers, 80 size_t num_buffers) { 81 if (num_buffers > SOCKET_SEND_BUFFERS_MAX_BUFFERS) { 82 return -1; 83 } 84 85 iovec iovec_buffers[SOCKET_SEND_BUFFERS_MAX_BUFFERS]; 86 for (size_t i = 0; i < num_buffers; ++i) { 87 // It's safe to cast away const here; iovec declares non-const 88 // void* because it's used for both send and receive, but since 89 // we're only sending, the data won't be modified. 90 iovec_buffers[i].iov_base = const_cast<void*>(buffers[i].data); 91 iovec_buffers[i].iov_len = buffers[i].length; 92 } 93 94 return writev(sock, iovec_buffers, num_buffers); 95 } 96 97 int android_get_control_socket(const char* name) { 98 int fd = __android_get_control_from_env(ANDROID_SOCKET_ENV_PREFIX, name); 99 100 if (fd < 0) return fd; 101 102 // Compare to UNIX domain socket name, must match! 103 struct sockaddr_un addr; 104 socklen_t addrlen = sizeof(addr); 105 int ret = TEMP_FAILURE_RETRY(getsockname(fd, (struct sockaddr *)&addr, &addrlen)); 106 if (ret < 0) return -1; 107 char *path = NULL; 108 if (asprintf(&path, ANDROID_SOCKET_DIR "/%s", name) < 0) return -1; 109 if (!path) return -1; 110 int cmp = strcmp(addr.sun_path, path); 111 free(path); 112 if (cmp != 0) return -1; 113 114 // It is what we think it is 115 return fd; 116 } 117