[SOLVED] Sharing a file between an Android app (with native component) and system services

Sharing a file between an Android app (with native component) and system services

Android has been more restrictive with files, while it is very clear how to share files across apps... How would I share a file between a system service like surfaceflinger/audioflinger and an app? Note that I own both the app and the AOSP code (meaning, I can modify both, in C/C++). In previous Android versions, system services can access /data/data. Currently, via testing, I noticed an app can only access its own data/data and shared sdcard storage, while system services cannot access either. What is the best way about this? Is there a shared directory between apps and services that I do not know of? Or is there a way to subvert checks for this specific file

My last resort that I am trying to avoid is to modify system service and my app to communicate via sockets

Note that my modifications are not for a commercial product, this is a personal AOSP modification project I am working on, so my concern is not "privacy/security" at the moment

Solution

You have indeed the FileProvider API
The app client can bound with AIDL to the system service, then share data
You can create you own directory, make it open for everyOne, and set the SEPolicy as you please (open for every one, or restrict it). Then you have an entire directory that you can share between Java and system service written in C.

Creating new files:

from /device/your_flavor/init.*.rc
below "on init"
You can add: mkdir /data/my_folder 0666 system system

Changing SEPolicy (get ride of setenforce):

from /device/your_flavor/sepolicy/*.te
Find the error adb logcat filtering with "avc"
Depending on the error, the files to modify will change (look at the android documentation: https://source.android.com/docs/security/features/selinux/customize)

You are the OS, you can adapt any restriction.