问题描述
是否可以使用C ++ API粘结剂两个非特权进程间通信?
所有的例子,我发现(如 https://github.com/mcr/Android-HelloWorldService)依靠通过注册服务 ServiceManager-> addService()非根深蒂固的电话上执行时会抛出以下错误:
E /的ServiceManager:add_service('my.test.service',0x48)的uid = 2000 - 权限被拒绝
AOSP(Android开源项目)内
你可以找到下面的方法:
INT svc_can_register(将uid_t UID,常量uint16_t *名)
{
为size_t N; 如果((UID == 0)||(UID == AID_SYSTEM))
返回1; 为(N = 0; N<的sizeof(允许)/ sizeof的(允许[0]); N ++)
如果(允许(UID == [n]的.uid)及&放大器; str16eq(姓名,允许[n]的。名称))
返回1; 返回0;
}
和略高于:
/ * TODO:
*这些应该来自一个配置文件或者是
*基于某种形式的一些命名空间规则(媒体
* UID可以注册媒体。*等)
* /
静态结构{
将uid_t UID;
为const char *名称;
}允许[] = {
{AID_MEDIA,media.audio_flinger},
{AID_MEDIA,media.log},
{AID_MEDIA,media.player},
{AID_MEDIA,media.camera},
{AID_MEDIA,media.audio_policy},
{AID_DRM,drm.drmManager},
{AID_NFC,NFC},
{AID_BLUETOOTH,蓝牙},
{AID_RADIO,radio.phone},
{AID_RADIO,radio.sms},
{AID_RADIO,radio.phonesubinfo},
{AID_RADIO,radio.simphonebook},
/ * TODO:删除电话服务更新后:* /
{AID_RADIO,手机},
{AID_RADIO,SIP},
{AID_RADIO,主义},
{AID_RADIO,iphonesubinfo},
{AID_RADIO,simphonebook},
{AID_MEDIA,common_time.clock},
{AID_MEDIA,common_time.config},
{AID_KEYSTORE,android.security.keystore},
};
和进一步下跌:
如果(!svc_can_register(UID,S)){
ALOGE(add_service('%s'的,%x)的UID =%d个 - 许可被拒绝\\ n
STR8(S),拉手,UID);
返回-1;
}
结论:/系统/ bin中的二进制系统/的ServiceManager不允许它。 (出于安全原因)
可能的解决方案:
- 杀死和重用PID和服务的名称列出
- 重新编译自己的ServiceManager二进制和使用这一个
- 注入你code在这个二元,让大家
- 修改PID的ServiceManager读取(改的ioctl响应的ServiceManager在binder.h得到(同一目录))
- 或只是开始你的二进制具有root权限的服务器。客户端可以连接没有根,但服务器需要它。
Is it possible to use C++ Binder API to communicate between two non-privileged processes?
All examples I found (e.g. https://github.com/mcr/Android-HelloWorldService) rely on registering service via ServiceManager->addService() which throws following error when executing on a non-rooted phone:
E/ServiceManager﹕ add_service('my.test.service',0x48) uid=2000 - PERMISSION DENIED
Inside the AOSP (Android Open Source Project) in the file frameworks/native/cmds/servicemanager/service_manager.cyou can find the following method:
int svc_can_register(uid_t uid, const uint16_t *name)
{
size_t n;
if ((uid == 0) || (uid == AID_SYSTEM))
return 1;
for (n = 0; n < sizeof(allowed) / sizeof(allowed[0]); n++)
if ((uid == allowed[n].uid) && str16eq(name, allowed[n].name))
return 1;
return 0;
}
and a bit above:
/* TODO:
* These should come from a config file or perhaps be
* based on some namespace rules of some sort (media
* uid can register media.*, etc)
*/
static struct {
uid_t uid;
const char *name;
} allowed[] = {
{ AID_MEDIA, "media.audio_flinger" },
{ AID_MEDIA, "media.log" },
{ AID_MEDIA, "media.player" },
{ AID_MEDIA, "media.camera" },
{ AID_MEDIA, "media.audio_policy" },
{ AID_DRM, "drm.drmManager" },
{ AID_NFC, "nfc" },
{ AID_BLUETOOTH, "bluetooth" },
{ AID_RADIO, "radio.phone" },
{ AID_RADIO, "radio.sms" },
{ AID_RADIO, "radio.phonesubinfo" },
{ AID_RADIO, "radio.simphonebook" },
/* TODO: remove after phone services are updated: */
{ AID_RADIO, "phone" },
{ AID_RADIO, "sip" },
{ AID_RADIO, "isms" },
{ AID_RADIO, "iphonesubinfo" },
{ AID_RADIO, "simphonebook" },
{ AID_MEDIA, "common_time.clock" },
{ AID_MEDIA, "common_time.config" },
{ AID_KEYSTORE, "android.security.keystore" },
};
and further down:
if (!svc_can_register(uid, s)) {
ALOGE("add_service('%s',%x) uid=%d - PERMISSION DENIED\n",
str8(s), handle, uid);
return -1;
}
Conclusion: the system binary in /system/bin/servicemanager doesn't allow it. (for security reasons)Possible solutions:
- kill and reuse PID and name of service listed
- recompile your own servicemanager binary and use this one
- inject your code in this binary, to allow everyone
- change the PID servicemanager reads (change the ioctl response servicemanager gets in binder.h (same directory))
- or just start your server in a binary having root permissions. Clients can connect without root, but the server needs it.
这篇关于C ++无粘结剂addService()的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!