diff options
| author | 2019-08-05 20:30:14 -0700 | |
|---|---|---|
| committer | 2019-08-07 10:03:09 -0700 | |
| commit | c709dd898617f795e5cccff9aa482423a162f0dd (patch) | |
| tree | b535aea1ff956f7bab53780885953c760a9d36bb /libs/binder/Parcel.cpp | |
| parent | 8c5dd6de2c30b1e0250fb725993864183050f25e (diff) | |
libbinder: stability check moved to trans time
Before: stability check done when binder is read from a parcel
After: stability check done when binder is transacted on
Why this change is being made/benefits:
- vendor binders can be used as tokens in system context
- pingBinder/interfaceChain/etc.. can be done on vendor binders in a
system context, so code can generically operate on binders. This is
particularly useful for service manager and dumpstate, which previously
I was going to special-case
- policy on which binders go where is entirely reliant on SELinux
whereas before there were additional runtime restrictions
Cons to this change:
- allowed binders must be determined by context. BpBinder now checks
stability based on kLocalStability. More work would need to be done to
get this working with APEX.
Bug: 136027762
Test: binderStabilityTest
Change-Id: Iff026e81a130dbb8885ca82ec24e69a5768847eb
Merged-In: Iff026e81a130dbb8885ca82ec24e69a5768847eb
Diffstat (limited to 'libs/binder/Parcel.cpp')
| -rw-r--r-- | libs/binder/Parcel.cpp | 15 |
1 files changed, 3 insertions, 12 deletions
diff --git a/libs/binder/Parcel.cpp b/libs/binder/Parcel.cpp index a2333ae07e..c75f0365f5 100644 --- a/libs/binder/Parcel.cpp +++ b/libs/binder/Parcel.cpp @@ -35,6 +35,7 @@ #include <binder/IPCThreadState.h> #include <binder/Parcel.h> #include <binder/ProcessState.h> +#include <binder/Stability.h> #include <binder/Status.h> #include <binder/TextOutput.h> @@ -167,11 +168,10 @@ static void release_object(const sp<ProcessState>& proc, status_t Parcel::finishFlattenBinder( const sp<IBinder>& /*binder*/, const flat_binder_object& flat) { - // internal::Stability::tryMarkCompilationUnit(binder.get()); - status_t status = writeObject(flat, false); if (status != OK) return status; + // internal::Stability::tryMarkCompilationUnit(binder.get()); // Cannot change wire protocol w/o SM update // return writeInt32(internal::Stability::get(binder.get())); return OK; @@ -185,10 +185,6 @@ status_t Parcel::finishUnflattenBinder( // status_t status = readInt32(&stability); // if (status != OK) return status; - // if (binder != nullptr && !internal::Stability::check(stability, mRequiredStability)) { - // return BAD_TYPE; - // } - // status = internal::Stability::set(binder.get(), stability, true /*log*/); // if (status != OK) return status; @@ -356,10 +352,6 @@ status_t Parcel::setDataCapacity(size_t size) return NO_ERROR; } -void Parcel::setTransactingBinder(const sp<IBinder>& binder) const { - mRequiredStability = internal::Stability::get(binder.get()); -} - status_t Parcel::setData(const uint8_t* buffer, size_t len) { if (len > INT32_MAX) { @@ -2615,10 +2607,9 @@ void Parcel::initState() mObjectsCapacity = 0; mNextObjectHint = 0; mObjectsSorted = false; - mAllowFds = true; mHasFds = false; mFdsKnown = true; - mRequiredStability = internal::Stability::UNDECLARED; + mAllowFds = true; mOwner = nullptr; mOpenAshmemSize = 0; |