Question: Permissions required for running in Android in System user mode
Adithya Prakash
adithya.prakash at gmail.com
Wed Aug 19 23:00:01 PDT 2015
Thomas, Arend, Thank you and really appreciate your responses. This
helped make progress in my debugging.
Thanks,
Adithya
On Wed, Aug 19, 2015 at 7:55 AM, Arend van Spriel <arend at broadcom.com> wrote:
> On 08/19/2015 02:22 PM, Thomas Haller wrote:
>>
>> On Tue, 2015-08-18 at 08:57 -0700, Adithya Prakash wrote:
>>>
>>> Hello,
>>>
>>> I am calling a few libnl API's to send a vendor specific command
>>> which
>>> queries the properties of the current WiFi P2P connection (like
>>> frequency, mode etc).
>>>
>>> The code sets few callback functions and sends the command message
>>> using libnl API's and waits for the callback function to be called
>>> with the property parameters.
>>>
>>> Question: When I run my code as a ROOT user, This works fine and I
>>> get
>>> the callback with the properties of the connection. But when I run my
>>> code as a SYSTEM user, which is the actual end use case, I dont get
>>> the callback. Any suggestions what changes are needed when the user
>>> group changes?
>>>
>>> Context: This is a C++ code written as a standalone command line unit
>>> test to verify this feature and is run on Android L.
>>>
>>> Other points:
>>>
>>> All SELinux permissions have already been provided. I have also tried
>>> running this in permissive mode.
>>>
>>> Some debugging appears to hint that the user space to kernel
>>> communication is not taking place after sending the command message.
>>> Not 100% sure, but likely issue.
>>>
>>> If you have any insight into this and can provide some pointers, that
>>> would be very helpful. Thanks!
>>
>>
>> Hi,
>>
>> I don't think that libnl behaves any differently whether you run it as
>> root or not. It just reads the socket, does the parsing, and invokes
>> the callbacks.
>>
>> Probably the other side (kernel) checks the user and refuses to answer.
>
>
> Indeed. In this case it is nl80211 family which imposes the requirement per
> command. It is in struct genl_ops nl80211_ops[] in net/wireless/nl80211.c.
> The NL80211_VENDOR_CMD is here [1] and is flagged with GENL_ADMIN_PERM.
>
> Regards,
> Arend
>
> [1] http://lxr.free-electrons.com/source/net/wireless/nl80211.c#L10990
>
>> If you set the NL_CB_MSG_IN callback, you might see the most. This
>> callback is called always and as first.
>> nl_socket_modify_cb (sk, NL_CB_MSG_IN, NL_CB_CUSTOM, my_func,
>> user_data);
>>
>>
>>
>> Thomas
>>
>>
>>
>> _______________________________________________
>> libnl mailing list
>> libnl at lists.infradead.org
>> http://lists.infradead.org/mailman/listinfo/libnl
>>
>
More information about the libnl
mailing list