1 /*
2  * Copyright (C) 2017 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #include "server.h"
18 
19 #include <binder/IPCThreadState.h>
20 
21 #include <private/android_filesystem_config.h>
22 
isSystemUser()23 static bool isSystemUser() {
24     uid_t uid = IPCThreadState::self()->getCallingUid();
25     uid_t aid = uid % AID_USER_OFFSET;
26     switch (aid) {
27         case AID_ROOT:
28         case AID_SYSTEM: {
29             return true;
30         } break;
31         default: {
32             ALOGE("aid %u (uid %u) is not root nor system - access denied", aid, uid);
33         } break;
34     }
35     return false;
36 }
37 
38 namespace procfsinspector {
39 class BpProcfsInspector: public BpInterface<IProcfsInspector> {
40     public:
BpProcfsInspector(sp<IBinder> binder)41         explicit BpProcfsInspector(sp<IBinder> binder) : BpInterface<IProcfsInspector>(binder) {}
42 
readProcessTable()43         std::vector<ProcessInfo> readProcessTable() override {
44             Parcel data, reply;
45             remote()->transact((uint32_t)IProcfsInspector::Call::READ_PROCESS_TABLE, data, &reply);
46 
47             std::vector<ProcessInfo> result;
48             reply.readParcelableVector(&result);
49             return result;
50         }
51 };
52 
53 IMPLEMENT_META_INTERFACE(ProcfsInspector, "com.android.car.procfsinspector.IProcfsInspector");
54 
onTransact(uint32_t code,const Parcel & data,Parcel * reply,uint32_t flags)55 status_t Impl::onTransact(uint32_t code,
56     const Parcel& data, Parcel* reply, uint32_t flags) {
57 
58     if (code == (uint32_t)IProcfsInspector::Call::READ_PROCESS_TABLE) {
59         CHECK_INTERFACE(IProcfsInspector, data, reply);
60         if (isSystemUser()) {
61             reply->writeNoException();
62             reply->writeParcelableVector(readProcessTable());
63             return NO_ERROR;
64         } else {
65             return PERMISSION_DENIED;
66         }
67     }
68 
69     return BBinder::onTransact(code, data, reply, flags);
70 }
71 
72 }  // namespace procfsinspector
73