java android proxy android-source system-services

Is it possible to restrict access to a System Service in AOSP?

Is it possible to restrict access to certain methods on a System Service in AOSP?

I was thinking of having two Proxies talk to the System Service with one implementing public methods and the other just methods to privileged processes.

Thank you!

Solution

Yes it is possible to restrict access to particular methods in system service in AOSP. To enforce IPC permissions Android typically uses AndroidManifest declared permissions.

You can use AlarmManagerService#setTime(long) as an example:

https://cs.android.com/android/platform/superproject/+/master:frameworks/base/apex/jobscheduler/service/java/com/android/server/alarm/AlarmManagerService.java;l=2980?q=alarmmanagerservice

    public boolean setTime(long millis) {
        getContext().enforceCallingOrSelfPermission(
                "android.permission.SET_TIME",
                "setTime");

        return setTimeImpl(millis);
    }

The permission itself is defined in an xml file in frameworks:

https://cs.android.com/android/platform/superproject/+/master:frameworks/base/core/res/AndroidManifest.xml;l=3338

<!-- Allows applications to set the system time directly.
     <p>Not for use by third-party applications. -->
<permission android:name="android.permission.SET_TIME"
    android:protectionLevel="signature|privileged|role" />

Note that based on the protectionLevel used it is not possible for regular Android apps to obtain this permission. The enforceCallingOrSelfPermission allows processes with system UID access as well if you follow the implementation to the ActivityManager#checkComponentPermission(...) method. I'm not entirely clear on the "role" permission, that appears to be a fairly recent addition to AOSP.