libbinder: support TF_CLEAR_BUF

This flag instructs the kernel to clear transactions from send/reply buffers for certain transactions which may contain sensitive data, as a security precaution. Bug: 171501998 Test: binderLibTest (only checks there is no error) Change-Id: I69d732e5cc2b15472dc52d47c66716bc1b3be6ae
author: Steven Moreland <smoreland@google.com> 2020-10-27 00:12:12 +0000
committer: Steven Moreland <smoreland@google.com> 2020-11-09 21:05:06 +0000
commit: f183fdd024bfa87e929219ac537b7090eabae9b1 (patch)
tree: 4ec6148be9104ef1e4e6b7be15d15599db2ab64b /libs/binder/IPCThreadState.cpp
parent: b40b64d0f8740dfa06da50b56ed48bf496dee4f8 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/libs/binder/IPCThreadState.cpp b/libs/binder/IPCThreadState.cpp
index 05fcc2b878..a3a2f871e6 100644
--- a/libs/binder/IPCThreadState.cpp
+++ b/libs/binder/IPCThreadState.cpp
@@ -1244,7 +1244,9 @@ status_t IPCThreadState::executeCommand(int32_t cmd)
             if ((tr.flags & TF_ONE_WAY) == 0) {
                 LOG_ONEWAY("Sending reply to %d!", mCallingPid);
                 if (error < NO_ERROR) reply.setError(error);
-                sendReply(reply, 0);
+
+                constexpr uint32_t kForwardReplyFlags = TF_CLEAR_BUF;
+                sendReply(reply, (tr.flags & kForwardReplyFlags));
             } else {
                 if (error != OK || reply.dataSize() != 0) {
                     alog << "oneway function results will be dropped but finished with status "
author	Steven Moreland <smoreland@google.com>	2020-10-27 00:12:12 +0000
committer	Steven Moreland <smoreland@google.com>	2020-11-09 21:05:06 +0000
commit	f183fdd024bfa87e929219ac537b7090eabae9b1 (patch)
tree	4ec6148be9104ef1e4e6b7be15d15599db2ab64b /libs/binder/IPCThreadState.cpp
parent	b40b64d0f8740dfa06da50b56ed48bf496dee4f8 (diff)