am ef8f96a7: Merge "Start of work on passing around StrictMode policy over Binder calls." into gingerbread
Merge commit 'ef8f96a717554a85aa63a60f8c61be2afbd12a5c' into gingerbread-plus-aosp * commit 'ef8f96a717554a85aa63a60f8c61be2afbd12a5c': Start of work on passing around StrictMode policy over Binder calls.
This commit is contained in:
Brad Fitzpatrick
Android Git Automerger
@ -14,6 +14,7 @@ void *svcmgr_lookup(struct binder_state *bs, void *target, const char *name)
|
|||||||
struct binder_io msg, reply;
|
struct binder_io msg, reply;
|
||||||
|
|
||||||
bio_init(&msg, iodata, sizeof(iodata), 4);
|
bio_init(&msg, iodata, sizeof(iodata), 4);
|
||||||
|
bio_put_uint32(&msg, 0); // strict mode header
|
||||||
bio_put_string16_x(&msg, SVC_MGR_NAME);
|
bio_put_string16_x(&msg, SVC_MGR_NAME);
|
||||||
bio_put_string16_x(&msg, name);
|
bio_put_string16_x(&msg, name);
|
||||||
|
|
||||||
@ -37,7 +38,7 @@ int svcmgr_publish(struct binder_state *bs, void *target, const char *name, void
|
|||||||
struct binder_io msg, reply;
|
struct binder_io msg, reply;
|
||||||
|
|
||||||
bio_init(&msg, iodata, sizeof(iodata), 4);
|
bio_init(&msg, iodata, sizeof(iodata), 4);
|
||||||
|
bio_put_uint32(&msg, 0); // strict mode header
|
||||||
bio_put_string16_x(&msg, SVC_MGR_NAME);
|
bio_put_string16_x(&msg, SVC_MGR_NAME);
|
||||||
bio_put_string16_x(&msg, name);
|
bio_put_string16_x(&msg, name);
|
||||||
bio_put_obj(&msg, ptr);
|
bio_put_obj(&msg, ptr);
|
||||||
|
|||||||
@ -193,6 +193,7 @@ int svcmgr_handler(struct binder_state *bs,
|
|||||||
uint16_t *s;
|
uint16_t *s;
|
||||||
unsigned len;
|
unsigned len;
|
||||||
void *ptr;
|
void *ptr;
|
||||||
|
uint32_t strict_policy;
|
||||||
|
|
||||||
// LOGI("target=%p code=%d pid=%d uid=%d\n",
|
// LOGI("target=%p code=%d pid=%d uid=%d\n",
|
||||||
// txn->target, txn->code, txn->sender_pid, txn->sender_euid);
|
// txn->target, txn->code, txn->sender_pid, txn->sender_euid);
|
||||||
@ -200,8 +201,12 @@ int svcmgr_handler(struct binder_state *bs,
|
|||||||
if (txn->target != svcmgr_handle)
|
if (txn->target != svcmgr_handle)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
|
// Equivalent to Parcel::enforceInterface(), reading the RPC
|
||||||
|
// header with the strict mode policy mask and the interface name.
|
||||||
|
// Note that we ignore the strict_policy and don't propagate it
|
||||||
|
// further (since we do no outbound RPCs anyway).
|
||||||
|
strict_policy = bio_get_uint32(msg);
|
||||||
s = bio_get_string16(msg, &len);
|
s = bio_get_string16(msg, &len);
|
||||||
|
|
||||||
if ((len != (sizeof(svcmgr_id) / 2)) ||
|
if ((len != (sizeof(svcmgr_id) / 2)) ||
|
||||||
memcmp(svcmgr_id, s, sizeof(svcmgr_id))) {
|
memcmp(svcmgr_id, s, sizeof(svcmgr_id))) {
|
||||||
fprintf(stderr,"invalid id %s\n", str8(s));
|
fprintf(stderr,"invalid id %s\n", str8(s));
|
||||||
|
|||||||
@ -41,6 +41,9 @@ public:
|
|||||||
int getCallingPid();
|
int getCallingPid();
|
||||||
int getCallingUid();
|
int getCallingUid();
|
||||||
|
|
||||||
|
void setStrictModePolicy(int32_t policy);
|
||||||
|
int32_t getStrictModePolicy() const;
|
||||||
|
|
||||||
int64_t clearCallingIdentity();
|
int64_t clearCallingIdentity();
|
||||||
void restoreCallingIdentity(int64_t token);
|
void restoreCallingIdentity(int64_t token);
|
||||||
|
|
||||||
@ -109,6 +112,7 @@ private:
|
|||||||
status_t mLastError;
|
status_t mLastError;
|
||||||
pid_t mCallingPid;
|
pid_t mCallingPid;
|
||||||
uid_t mCallingUid;
|
uid_t mCallingUid;
|
||||||
|
int32_t mStrictModePolicy;
|
||||||
};
|
};
|
||||||
|
|
||||||
}; // namespace android
|
}; // namespace android
|
||||||
|
|||||||
@ -56,7 +56,10 @@ public:
|
|||||||
|
|
||||||
bool hasFileDescriptors() const;
|
bool hasFileDescriptors() const;
|
||||||
|
|
||||||
|
// Writes the RPC header.
|
||||||
status_t writeInterfaceToken(const String16& interface);
|
status_t writeInterfaceToken(const String16& interface);
|
||||||
|
// Parses the RPC header, returning true if the interface name
|
||||||
|
// in the header matches the expected interface from the caller.
|
||||||
bool enforceInterface(const String16& interface) const;
|
bool enforceInterface(const String16& interface) const;
|
||||||
bool checkInterface(IBinder*) const;
|
bool checkInterface(IBinder*) const;
|
||||||
|
|
||||||
|
|||||||
@ -367,6 +367,16 @@ int64_t IPCThreadState::clearCallingIdentity()
|
|||||||
return token;
|
return token;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void IPCThreadState::setStrictModePolicy(int32_t policy)
|
||||||
|
{
|
||||||
|
mStrictModePolicy = policy;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
int32_t IPCThreadState::getStrictModePolicy() const {
|
||||||
|
return mStrictModePolicy;
|
||||||
|
}
|
||||||
|
|
||||||
void IPCThreadState::restoreCallingIdentity(int64_t token)
|
void IPCThreadState::restoreCallingIdentity(int64_t token)
|
||||||
{
|
{
|
||||||
mCallingUid = (int)(token>>32);
|
mCallingUid = (int)(token>>32);
|
||||||
@ -588,7 +598,8 @@ status_t IPCThreadState::clearDeathNotification(int32_t handle, BpBinder* proxy)
|
|||||||
}
|
}
|
||||||
|
|
||||||
IPCThreadState::IPCThreadState()
|
IPCThreadState::IPCThreadState()
|
||||||
: mProcess(ProcessState::self()), mMyThreadId(androidGetTid())
|
: mProcess(ProcessState::self()), mMyThreadId(androidGetTid()),
|
||||||
|
mStrictModePolicy(0)
|
||||||
{
|
{
|
||||||
pthread_setspecific(gTLS, this);
|
pthread_setspecific(gTLS, this);
|
||||||
clearCaller();
|
clearCaller();
|
||||||
|
|||||||
@ -136,7 +136,7 @@ public:
|
|||||||
for (n = 0; n < 5; n++){
|
for (n = 0; n < 5; n++){
|
||||||
sp<IBinder> svc = checkService(name);
|
sp<IBinder> svc = checkService(name);
|
||||||
if (svc != NULL) return svc;
|
if (svc != NULL) return svc;
|
||||||
LOGI("Waiting for sevice %s...\n", String8(name).string());
|
LOGI("Waiting for service %s...\n", String8(name).string());
|
||||||
sleep(1);
|
sleep(1);
|
||||||
}
|
}
|
||||||
return NULL;
|
return NULL;
|
||||||
@ -226,4 +226,3 @@ status_t BnServiceManager::onTransact(
|
|||||||
}
|
}
|
||||||
|
|
||||||
}; // namespace android
|
}; // namespace android
|
||||||
|
|
||||||
|
|||||||
@ -19,6 +19,7 @@
|
|||||||
|
|
||||||
#include <binder/Parcel.h>
|
#include <binder/Parcel.h>
|
||||||
|
|
||||||
|
#include <binder/IPCThreadState.h>
|
||||||
#include <binder/Binder.h>
|
#include <binder/Binder.h>
|
||||||
#include <binder/BpBinder.h>
|
#include <binder/BpBinder.h>
|
||||||
#include <utils/Debug.h>
|
#include <utils/Debug.h>
|
||||||
@ -436,8 +437,10 @@ bool Parcel::hasFileDescriptors() const
|
|||||||
return mHasFds;
|
return mHasFds;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Write RPC headers. (previously just the interface token)
|
||||||
status_t Parcel::writeInterfaceToken(const String16& interface)
|
status_t Parcel::writeInterfaceToken(const String16& interface)
|
||||||
{
|
{
|
||||||
|
writeInt32(IPCThreadState::self()->getStrictModePolicy());
|
||||||
// currently the interface identification token is just its name as a string
|
// currently the interface identification token is just its name as a string
|
||||||
return writeString16(interface);
|
return writeString16(interface);
|
||||||
}
|
}
|
||||||
@ -449,6 +452,7 @@ bool Parcel::checkInterface(IBinder* binder) const
|
|||||||
|
|
||||||
bool Parcel::enforceInterface(const String16& interface) const
|
bool Parcel::enforceInterface(const String16& interface) const
|
||||||
{
|
{
|
||||||
|
int32_t strict_policy = readInt32();
|
||||||
const String16 str(readString16());
|
const String16 str(readString16());
|
||||||
if (str == interface) {
|
if (str == interface) {
|
||||||
return true;
|
return true;
|
||||||
|
|||||||
Reference in New Issue
Block a user