I'm writing Android Native programs and setting their SEPolicy
I want to know how to set the process context for non-init program, it seems that the domain transition doesn't work
I wrote 2 programs and put the built executable in /vendor/bin
One program, my_service is running as init daemon service;
While the other one, my_client is a non-init program, which has to be executed manually
These 2 programs use Binder IPC to communicate.
But I have trouble when trying to set the process context for my_client, which is a non-init program
For my_service, it's selinux context is set in mainly 2 files
- my_service.te
- file_context
# In file_context
/vendor/bin/my_service u:object_r:my_service_exec:s0
# In my_service.te
type my_service, domain;
type my_service_exec, exec_type, file_type, vendor_file_type;
init_daemon_domain(my_service)
And I also use seclabel in init.rc files
# In init.rc
service my_service /vendor/bin/my_service
class main
console
seclabel u:r:my_service:s0
I checked both file context and process context for my_service, and they're set as what I expected
For the SEPolicy of my_client, everything is similar to my_service except that it is not written in the init.rc file since it's not an init program
# In file_context
/vendor/bin/my_client u:object_r:my_client_exec:s0
# In my_client.te
type my_client, domain;
type my_client_exec, exec_type, file_type, vendor_file_type;
init_daemon_domain(my_client)
For my_client, however, only file context is set to my_client_exec
I tried to run my_client and viewed the process context:
> # Executing my_client manually
> /vendor/bin/my_client
> ps -AZ | grep my_client
> u:r:su:s0 root 5838 5514 5948 1688 0 0 R my_client
The process context is su, while I expected it to be my_client
Furthermore, I get information about init_daemon_domain(XX) in te_macros
I think that It will do domain transition: When init runs file with XX_exec context, it will transit its process context to XX!
So I change the rule to be :
# init_daemon_domain(my_client)
domain_auto_trans(su, my_client_exec, my_client);
But this violate some pre-defined policy.
By the way, the binder IPC between these 2 programs seems working.
What's confusing is that the following rules still works even the process context is not my_client ?
binder_call(my_client, my_service)
binder_call(my_service, my_service)
Is there any way to do domain transition for non-init program ?
Or I misunderstand anything about SEPolicy? Because all the resources I found are about setting SEPolicy for init program
