If we can get this data directly without parsing in a guaranteed normalized way, that would be great....we were hoping that getpwnam's implementation would normalize it for us, but it does not. So it was either add the logic to our code or change getpwnam's implementation and we did not know what the implications of making that change would be.
I looked through system/core/include/private/android_filesystem_config.h really quick and I don't see how we could get the username in a normalized way from that, I missed it? I see it specifies the ID's for fixed things in the system, but it does not specify a way to get username for a generic app.
What we do is normalize the username to app_*, mostly for matching rules in seapp_contexts. This broke when you can run services in another process space (android:isolatedProcess). We normalize that back to the older app_ method and then extract the number to use as the MLS category.
Bill
--
Respectfully,
William C Roberts
On Fri, Sep 14, 2012 at 5:21 PM, Kenny Root <kroot@xxxxxxxxxx> wrote:
It might just be better to provide the information directly. Right now getpwnam's implementation is in bionic/libc/bionic/stubs.cpp, but perhaps it's worth it to just include system/core/include/private/android_filesystem_config.h when available. Does this get compiled on non-Android platforms? I'd rather have it just get what it needs directly instead of parsing a string.--
On Fri, Sep 14, 2012 at 5:09 PM, William Roberts <bill.c.roberts@xxxxxxxxx> wrote:Would anyone object to me cleaning up the setcon and setfilecon2 code that does the mls level stuff:Currently the below code is duplicated:pw = getpwuid(uid);if (!pw)goto err;username = pw->pw_name;if (!strncmp(username, "app_", 4)) {id = strtoul(username + 4, NULL, 10);if (id >= MLS_CATS)goto err;} else if (username[0] == 'u' && isdigit(username[1])) {unsigned long unused;unused = strtoul(username+1, &end, 10);if (end[0] != '_')goto err;id = strtoul(end + 2, NULL, 10);if (id >= MLS_CATS/2)goto err;if (end[1] == 'i')id += MLS_CATS/2;else if (end[1] != 'a')goto err;/* use app_ for matching on the user= field */username = "app_";}I want to break it up into two functions.1. that gets the normalized username2. that computes the id, takes username, returns -1 on errorThis way of the username stuff changes again in the future, we can normalize it one spot. The one that computes the id doesn't gain much by putting it in a function, but I think it will make the code more readable.--
Respectfully,
William C Roberts
Kenny Root
Respectfully,
William C Roberts
