diff options
| author | 2019-08-05 20:30:14 -0700 | |
|---|---|---|
| committer | 2019-08-07 10:03:09 -0700 | |
| commit | c709dd898617f795e5cccff9aa482423a162f0dd (patch) | |
| tree | b535aea1ff956f7bab53780885953c760a9d36bb /libs/binder/Binder.cpp | |
| parent | 8c5dd6de2c30b1e0250fb725993864183050f25e (diff) | |
libbinder: stability check moved to trans time
Before: stability check done when binder is read from a parcel
After: stability check done when binder is transacted on
Why this change is being made/benefits:
- vendor binders can be used as tokens in system context
- pingBinder/interfaceChain/etc.. can be done on vendor binders in a
system context, so code can generically operate on binders. This is
particularly useful for service manager and dumpstate, which previously
I was going to special-case
- policy on which binders go where is entirely reliant on SELinux
whereas before there were additional runtime restrictions
Cons to this change:
- allowed binders must be determined by context. BpBinder now checks
stability based on kLocalStability. More work would need to be done to
get this working with APEX.
Bug: 136027762
Test: binderStabilityTest
Change-Id: Iff026e81a130dbb8885ca82ec24e69a5768847eb
Merged-In: Iff026e81a130dbb8885ca82ec24e69a5768847eb
Diffstat (limited to 'libs/binder/Binder.cpp')
| -rw-r--r-- | libs/binder/Binder.cpp | 2 |
1 files changed, 0 insertions, 2 deletions
diff --git a/libs/binder/Binder.cpp b/libs/binder/Binder.cpp index 985d8177f8..9e55c2c8c3 100644 --- a/libs/binder/Binder.cpp +++ b/libs/binder/Binder.cpp @@ -124,7 +124,6 @@ status_t BBinder::transact( uint32_t code, const Parcel& data, Parcel* reply, uint32_t flags) { data.setDataPosition(0); - data.setTransactingBinder(this); status_t err = NO_ERROR; switch (code) { @@ -139,7 +138,6 @@ status_t BBinder::transact( // In case this is being transacted on in the same process. if (reply != nullptr) { reply->setDataPosition(0); - reply->setTransactingBinder(this); } return err; |