Gitiles
Code Review Sign In
LeafOS / LeafOS-Project / android_frameworks_base / a131ad97c1485fcaa77503f619e734cfb3103569
commita131ad97c1485fcaa77503f619e734cfb3103569[log] [tgz]
authorAzhara Assanova <azharaa@google.com>Fri Jun 11 09:53:48 2021 +0000
committerAzhara Assanova <azharaa@google.com>Mon Jun 21 17:14:46 2021 +0000
tree07a73293ab38db31302197f674ca054cb1f4a4eb
parent316e5f067fd190cc3b1938bdcd5a070a13e90811 [diff]
Introduce Android lint checks around Binder.clearCallingIdentity()

Introduce a lint detector that finds the following issues:

1. Unused token of Binder.clearCallingIdentity()
- The token from Binder.clearCallingIdentity() has to be used in
Binder.restoreCallingIdentity().

2. Non-final token of Binder.clearCallingIdentity()
- The variable assigned to the result of Binder.clearCallingIdentity()
has to be final to prevent it from being overwritten.

3. Nested calls of Binder.clearCallingIdentity()
- The identity can be cleared again once it has been restored with the
result of the first call of Binder.clearCallingIdentity().

4. Binder.restoreCallingIdentity() is not in finally block
- Binder.restoreCallingIdentity() has to be in finally block to prevent
the calling application from running with the system identity.

5. Use of caller-aware methods after Binder.clearCallingIdentity()
- Caller-aware methods use the caller's identity to perform operations,
so after Binder.clearCallingIdentity() these methods will be using the
sysem identity instead of the original caller's identity.

The lint check is enabled on platform_service_defaults, which means it
will be enabled on all "services.XXX" modules. The linter issues
encountered in existing code are reported in the hotlist
"security_checker_bugs" (b/hotlists/3279139).

To compile a lint report, pick a service (e.g services.accessibility),
run the test command and view it as lint-report.html. The lint report
won't be generated if you just build the module (i.e m
services.accessibility won't produce the lint report).

Lint report can be found in out/soong/.intermediates/frameworks/base/services/accessibility/services.accessibility/android_common/lint

All tests pass in gradle, but need to run on Soong when it's implemented
(b/162368644).

Bug: 157626959
Test: m out/soong/.intermediates/frameworks/base/services/accessibility/services.accessibility/android_common/lint/lint-report.html
Test: google-chrome out/soong/.intermediates/frameworks/base/services/accessibility/services.accessibility/android_common/lint/lint-report.html
Test: ./gradlew test
Change-Id: I9814e9fbc36989c816900d900c6adec3e07802f7
5 files changed
tree: 07a73293ab38db31302197f674ca054cb1f4a4eb
  1. .prebuilt_info/
  2. apct-tests/
  3. apex/
  4. api/
  5. boot/
  6. cmds/
  7. config/
  8. core/
  9. data/
  10. docs/
  11. drm/
  12. errorprone/
  13. graphics/
  14. identity/
  15. keystore/
  16. libs/
  17. location/
  18. lowpan/
  19. media/
  20. mime/
  21. mms/
  22. native/
  23. nfc-extras/
  24. obex/
  25. opengl/
  26. packages/
  27. proto/
  28. rs/
  29. samples/
  30. sax/
  31. services/
  32. startop/
  33. telecomm/
  34. telephony/
  35. test-base/
  36. test-legacy/
  37. test-mock/
  38. test-runner/
  39. tests/
  40. tools/
  41. wifi/
  42. .clang-format
  43. .gitignore
  44. .mailmap
  45. Android.bp
  46. Android.mk
  47. ApiDocs.bp
  48. BATTERY_STATS_OWNERS
  49. CleanSpec.mk
  50. framework-jarjar-rules.txt
  51. METADATA
  52. MODULE_LICENSE_APACHE2
  53. MULTIUSER_OWNERS
  54. NOTICE
  55. OWNERS
  56. OWNERS.md
  57. pathmap.mk
  58. PREUPLOAD.cfg
  59. ProtoLibraries.bp
  60. StubLibraries.bp
  61. TEST_MAPPING
  62. ZYGOTE_OWNERS