Cannot connect to native local socket on android 5.1

Question

I have commad-line tool, which sends broadcast and wait result.

Server code (error handling omitted):

    int makeAddr(const char* name, struct sockaddr_un* pAddr, socklen_t* pSockLen)
    {
        int nameLen = strlen(name);
        pAddr->sun_path[0] = '\0';
        strcpy(pAddr->sun_path+1, name);
        pAddr->sun_family = AF_LOCAL;
        *pSockLen = 1 + nameLen + offsetof(struct sockaddr_un, sun_path);
        return 0;
    }

    int main(int argc, char* argv[])
    {
        //...

        // Create socket in abstract namespace
        struct sockaddr_un sockAddr = {0};
        socklen_t sockLen;
        makeAddr("SOCKET_NAME", &sockAddr, &sockLen);

        int serverFd = socket(AF_LOCAL, SOCK_STREAM, PF_UNIX));

        bind(serverFd, (const struct sockaddr*) &sockAddr, sockLen);

        listen(serverFd, 5);

        //set socket non-blocking
        int flags = fcntl(serverFd, F_GETFL, 0);
        fcntl(serverFd, F_SETFL, flags | O_NONBLOCK);

        pollfd pollFd = {0};
        pollFd.fd = serverFd;
        pollFd.events = POLLIN | POLLRDHUP;

        // Send brodcast 
        system("am broadcast ...");

        for(;;)
        {
            // Wait result 
            int pollResult = poll(&pollFd, 1, timeout);
        // Process result

Java client code:

public class CommandReceiver extends BroadcastReceiver{

    @Override
    public void onReceive(Context context, Intent intent) {

            LocalSocket socket = new LocalSocket();
            LocalSocketAddress address = new LocalSocketAddress("SOCKET_NAME", LocalSocketAddress.Namespace.ABSTRACT);
            socket.connect(address);

            // Do something and send result asynchronously 

It all works on android prior 5.1.

On android 5.1 connect() throws exception:

java.io.IOException: Permission denied

at android.net.LocalSocketImpl.connectLocal(Native Method)

at android.net.LocalSocketImpl.connect(LocalSocketImpl.java:290)

at android.net.LocalSocket.connect(LocalSocket.java:130)

In log there is error:

07-27 09:56:08.179: W: type=1400 audit(0.0:3675): avc: denied { connectto } for path=00636F6D2E6B6173706572736B792E6B617368656C6C2E534F434B45542D36313838363731373231343337393833373637 scontext=u:r:untrusted_app:s0 tcontext=u:r:shell:s0 tclass=unix_stream_socket permissive=0

I've found relative android fix: https://android.googlesource.com/device/moto/shamu/+/b2db40f

So, it will not work anymore since android 5.1? What can I do (maybe set permission somehow)? Or is there another mechanism to send data from native command-line tool and wait result?

Answer 1

Use pipes instead of socket: O_RDWR on named pipes with poll()

Create pipe in java process:

        mkfifo(cpath, 0);
        chmod(cpath, S_IRWXU|S_IROTH|S_IRGRP);

Open pipe in native process:

int serverFd = open(PIPE_NAME, O_RDONLY | O_NONBLOCK);
pollfd pollFd = {0};
pollFd.fd = serverFd.get();
pollFd.events = POLLIN | POLLRDHUP;

// send command
....

for(;;)
{
    int pollResult = poll(&pollFd, 1, timeout);

Answer 2

In my experience on Android 10, abstract namespace unix domain sockets and unnamed pipes work within the same application, but not across different apps. I implemented both the client and server natively, though.

For named pipes, you have to create the file somewhere where you have write permissions. Basically your app's data folder.

For inter-process communication, you can attempt sending file descriptors from one process to another to grant access according to this, but I'm not sure how it works. I ended up using network sockets for this.