diff options
21 files changed, 130 insertions, 2 deletions
diff --git a/libs/binder/Android.bp b/libs/binder/Android.bp index 6103188801..7c1eaaf923 100644 --- a/libs/binder/Android.bp +++ b/libs/binder/Android.bp @@ -75,6 +75,28 @@ cc_library { ":libbinder_aidl", ], + target: { + vendor: { + exclude_srcs: [ + "ActivityManager.cpp", + "AppOpsManager.cpp", + "IActivityManager.cpp", + "IAppOpsCallback.cpp", + "IAppOpsService.cpp", + "IBatteryStats.cpp", + "IMediaResourceMonitor.cpp", + "IPermissionController.cpp", + "IProcessInfoService.cpp", + "IUidObserver.cpp", + "PermissionCache.cpp", + "PermissionController.cpp", + "ProcessInfoService.cpp", + "IpPrefix.cpp", + ":libbinder_aidl", + ], + }, + }, + aidl: { export_aidl_headers: true, }, diff --git a/libs/binder/IServiceManager.cpp b/libs/binder/IServiceManager.cpp index 70f5108722..711143c34a 100644 --- a/libs/binder/IServiceManager.cpp +++ b/libs/binder/IServiceManager.cpp @@ -20,6 +20,9 @@ #include <utils/Log.h> #include <binder/IPCThreadState.h> +#ifndef __ANDROID_VNDK__ +#include <binder/IPermissionController.h> +#endif #include <binder/Parcel.h> #include <utils/String8.h> #include <utils/SystemClock.h> @@ -48,6 +51,9 @@ sp<IServiceManager> defaultServiceManager() return gDefaultServiceManager; } +#ifndef __ANDROID_VNDK__ +// IPermissionController is not accessible to vendors + bool checkCallingPermission(const String16& permission) { return checkCallingPermission(permission, NULL, NULL); @@ -122,6 +128,8 @@ bool checkPermission(const String16& permission, pid_t pid, uid_t uid) } } +#endif //__ANDROID_VNDK__ + // ---------------------------------------------------------------------- class BpServiceManager : public BpInterface<IServiceManager> diff --git a/libs/binder/Static.cpp b/libs/binder/Static.cpp index f0613d1631..9899b65288 100644 --- a/libs/binder/Static.cpp +++ b/libs/binder/Static.cpp @@ -94,6 +94,8 @@ static LibBinderIPCtStatics gIPCStatics; Mutex gDefaultServiceManagerLock; sp<IServiceManager> gDefaultServiceManager; +#ifndef __ANDROID_VNDK__ sp<IPermissionController> gPermissionController; +#endif } // namespace android diff --git a/libs/binder/include/binder/ActivityManager.h b/libs/binder/include/binder/ActivityManager.h index 3090cae12a..b8db09145f 100644 --- a/libs/binder/include/binder/ActivityManager.h +++ b/libs/binder/include/binder/ActivityManager.h @@ -17,6 +17,8 @@ #ifndef ANDROID_ACTIVITY_MANAGER_H #define ANDROID_ACTIVITY_MANAGER_H +#ifndef __ANDROID_VNDK__ + #include <binder/IActivityManager.h> #include <utils/threads.h> @@ -64,4 +66,8 @@ private: }; // namespace android // --------------------------------------------------------------------------- +#else // __ANDROID_VNDK__ +#error "This header is not visible to vendors" +#endif // __ANDROID_VNDK__ + #endif // ANDROID_ACTIVITY_MANAGER_H diff --git a/libs/binder/include/binder/AppOpsManager.h b/libs/binder/include/binder/AppOpsManager.h index a44d270411..c5b57c7edf 100644 --- a/libs/binder/include/binder/AppOpsManager.h +++ b/libs/binder/include/binder/AppOpsManager.h @@ -17,6 +17,8 @@ #ifndef ANDROID_APP_OPS_MANAGER_H #define ANDROID_APP_OPS_MANAGER_H +#ifndef __ANDROID_VNDK__ + #include <binder/IAppOpsService.h> #include <utils/threads.h> @@ -117,4 +119,8 @@ private: }; // namespace android // --------------------------------------------------------------------------- +#else // __ANDROID_VNDK__ +#error "This header is not visible to vendors" +#endif // __ANDROID_VNDK__ + #endif // ANDROID_APP_OPS_MANAGER_H diff --git a/libs/binder/include/binder/IActivityManager.h b/libs/binder/include/binder/IActivityManager.h index 6607c0e8e6..f34969be51 100644 --- a/libs/binder/include/binder/IActivityManager.h +++ b/libs/binder/include/binder/IActivityManager.h @@ -17,6 +17,8 @@ #ifndef ANDROID_IACTIVITY_MANAGER_H #define ANDROID_IACTIVITY_MANAGER_H +#ifndef __ANDROID_VNDK__ + #include <binder/IInterface.h> #include <binder/IUidObserver.h> @@ -49,4 +51,8 @@ public: }; // namespace android +#else // __ANDROID_VNDK__ +#error "This header is not visible to vendors" +#endif // __ANDROID_VNDK__ + #endif // ANDROID_IACTIVITY_MANAGER_H diff --git a/libs/binder/include/binder/IAppOpsCallback.h b/libs/binder/include/binder/IAppOpsCallback.h index b62e9e264d..e5b12a9720 100644 --- a/libs/binder/include/binder/IAppOpsCallback.h +++ b/libs/binder/include/binder/IAppOpsCallback.h @@ -18,6 +18,8 @@ #ifndef ANDROID_IAPP_OPS_CALLBACK_H #define ANDROID_IAPP_OPS_CALLBACK_H +#ifndef __ANDROID_VNDK__ + #include <binder/IInterface.h> namespace android { @@ -51,5 +53,9 @@ public: }; // namespace android +#else // __ANDROID_VNDK__ +#error "This header is not visible to vendors" +#endif // __ANDROID_VNDK__ + #endif // ANDROID_IAPP_OPS_CALLBACK_H diff --git a/libs/binder/include/binder/IAppOpsService.h b/libs/binder/include/binder/IAppOpsService.h index ecba5d66b3..f0c5e1743d 100644 --- a/libs/binder/include/binder/IAppOpsService.h +++ b/libs/binder/include/binder/IAppOpsService.h @@ -18,6 +18,8 @@ #ifndef ANDROID_IAPP_OPS_SERVICE_H #define ANDROID_IAPP_OPS_SERVICE_H +#ifndef __ANDROID_VNDK__ + #include <binder/IAppOpsCallback.h> #include <binder/IInterface.h> @@ -75,4 +77,8 @@ public: }; // namespace android +#else // __ANDROID_VNDK__ +#error "This header is not visible to vendors" +#endif // __ANDROID_VNDK__ + #endif // ANDROID_IAPP_OPS_SERVICE_H diff --git a/libs/binder/include/binder/IBatteryStats.h b/libs/binder/include/binder/IBatteryStats.h index e15d6f07e9..59e806c177 100644 --- a/libs/binder/include/binder/IBatteryStats.h +++ b/libs/binder/include/binder/IBatteryStats.h @@ -17,6 +17,8 @@ #ifndef ANDROID_IBATTERYSTATS_H #define ANDROID_IBATTERYSTATS_H +#ifndef __ANDROID_VNDK__ + #include <binder/IInterface.h> namespace android { @@ -76,4 +78,8 @@ public: }; // namespace android +#else // __ANDROID_VNDK__ +#error "This header is not visible to vendors" +#endif // __ANDROID_VNDK__ + #endif // ANDROID_IBATTERYSTATS_H diff --git a/libs/binder/include/binder/IMediaResourceMonitor.h b/libs/binder/include/binder/IMediaResourceMonitor.h index b21047fc49..213ee63ea8 100644 --- a/libs/binder/include/binder/IMediaResourceMonitor.h +++ b/libs/binder/include/binder/IMediaResourceMonitor.h @@ -17,6 +17,8 @@ #ifndef ANDROID_I_MEDIA_RESOURCE_MONITOR_H #define ANDROID_I_MEDIA_RESOURCE_MONITOR_H +#ifndef __ANDROID_VNDK__ + #include <binder/IInterface.h> namespace android { @@ -52,4 +54,8 @@ public: }; // namespace android +#else // __ANDROID_VNDK__ +#error "This header is not visible to vendors" +#endif // __ANDROID_VNDK__ + #endif // ANDROID_I_MEDIA_RESOURCE_MONITOR_H diff --git a/libs/binder/include/binder/IPermissionController.h b/libs/binder/include/binder/IPermissionController.h index b83d226189..3ec459fc32 100644 --- a/libs/binder/include/binder/IPermissionController.h +++ b/libs/binder/include/binder/IPermissionController.h @@ -18,6 +18,8 @@ #ifndef ANDROID_IPERMISSION_CONTROLLER_H #define ANDROID_IPERMISSION_CONTROLLER_H +#ifndef __ANDROID_VNDK__ + #include <binder/IInterface.h> #include <stdlib.h> @@ -64,5 +66,9 @@ public: }; // namespace android +#else // __ANDROID_VNDK__ +#error "This header is not visible to vendors" +#endif // __ANDROID_VNDK__ + #endif // ANDROID_IPERMISSION_CONTROLLER_H diff --git a/libs/binder/include/binder/IProcessInfoService.h b/libs/binder/include/binder/IProcessInfoService.h index 2669f9193d..033c145363 100644 --- a/libs/binder/include/binder/IProcessInfoService.h +++ b/libs/binder/include/binder/IProcessInfoService.h @@ -17,6 +17,8 @@ #ifndef ANDROID_I_PROCESS_INFO_SERVICE_H #define ANDROID_I_PROCESS_INFO_SERVICE_H +#ifndef __ANDROID_VNDK__ + #include <binder/IInterface.h> namespace android { @@ -46,4 +48,8 @@ public: }; // namespace android +#else // __ANDROID_VNDK__ +#error "This header is not visible to vendors" +#endif // __ANDROID_VNDK__ + #endif // ANDROID_I_PROCESS_INFO_SERVICE_H diff --git a/libs/binder/include/binder/IServiceManager.h b/libs/binder/include/binder/IServiceManager.h index cf4c08a46a..197026d5d6 100644 --- a/libs/binder/include/binder/IServiceManager.h +++ b/libs/binder/include/binder/IServiceManager.h @@ -19,7 +19,6 @@ #define ANDROID_ISERVICE_MANAGER_H #include <binder/IInterface.h> -#include <binder/IPermissionController.h> #include <utils/Vector.h> #include <utils/String16.h> diff --git a/libs/binder/include/binder/IUidObserver.h b/libs/binder/include/binder/IUidObserver.h index fd4d8a6de1..d81789e399 100644 --- a/libs/binder/include/binder/IUidObserver.h +++ b/libs/binder/include/binder/IUidObserver.h @@ -18,6 +18,8 @@ #ifndef ANDROID_IUID_OBSERVER_H #define ANDROID_IUID_OBSERVER_H +#ifndef __ANDROID_VNDK__ + #include <binder/IInterface.h> namespace android { @@ -55,4 +57,8 @@ public: }; // namespace android +#else // __ANDROID_VNDK__ +#error "This header is not visible to vendors" +#endif // __ANDROID_VNDK__ + #endif // ANDROID_IUID_OBSERVER_H diff --git a/libs/binder/include/binder/IpPrefix.h b/libs/binder/include/binder/IpPrefix.h index 96ebaac437..dd5bc3aafd 100644 --- a/libs/binder/include/binder/IpPrefix.h +++ b/libs/binder/include/binder/IpPrefix.h @@ -17,6 +17,8 @@ #ifndef ANDROID_IP_PREFIX_H #define ANDROID_IP_PREFIX_H +#ifndef __ANDROID_VNDK__ + #include <netinet/in.h> #include <binder/Parcelable.h> @@ -85,4 +87,8 @@ private: } // namespace android +#else // __ANDROID_VNDK__ +#error "This header is not visible to vendors" +#endif // __ANDROID_VNDK__ + #endif // ANDROID_IP_PREFIX_H diff --git a/libs/binder/include/binder/PermissionCache.h b/libs/binder/include/binder/PermissionCache.h index bcdf0c2914..95eabff7ac 100644 --- a/libs/binder/include/binder/PermissionCache.h +++ b/libs/binder/include/binder/PermissionCache.h @@ -17,6 +17,8 @@ #ifndef BINDER_PERMISSION_H #define BINDER_PERMISSION_H +#ifndef __ANDROID_VNDK__ + #include <stdint.h> #include <unistd.h> @@ -77,4 +79,8 @@ public: // --------------------------------------------------------------------------- }; // namespace android +#else // __ANDROID_VNDK__ +#error "This header is not visible to vendors" +#endif // __ANDROID_VNDK__ + #endif /* BINDER_PERMISSION_H */ diff --git a/libs/binder/include/binder/PermissionController.h b/libs/binder/include/binder/PermissionController.h index cc5b6fe02b..d81f5142bc 100644 --- a/libs/binder/include/binder/PermissionController.h +++ b/libs/binder/include/binder/PermissionController.h @@ -17,6 +17,8 @@ #ifndef ANDROID_PERMISSION_CONTROLLER_H #define ANDROID_PERMISSION_CONTROLLER_H +#ifndef __ANDROID_VNDK__ + #include <binder/IPermissionController.h> #include <utils/threads.h> @@ -60,4 +62,8 @@ private: }; // namespace android // --------------------------------------------------------------------------- +#else // __ANDROID_VNDK__ +#error "This header is not visible to vendors" +#endif // __ANDROID_VNDK__ + #endif // ANDROID_PERMISSION_CONTROLLER_H diff --git a/libs/binder/include/binder/ProcessInfoService.h b/libs/binder/include/binder/ProcessInfoService.h index 0da61ee3cb..a03aae98ee 100644 --- a/libs/binder/include/binder/ProcessInfoService.h +++ b/libs/binder/include/binder/ProcessInfoService.h @@ -17,6 +17,8 @@ #ifndef ANDROID_PROCESS_INFO_SERVICE_H #define ANDROID_PROCESS_INFO_SERVICE_H +#ifndef __ANDROID_VNDK__ + #include <binder/IProcessInfoService.h> #include <utils/Errors.h> #include <utils/Singleton.h> @@ -78,5 +80,9 @@ public: }; // namespace android +#else // __ANDROID_VNDK__ +#error "This header is not visible to vendors" +#endif // __ANDROID_VNDK__ + #endif // ANDROID_PROCESS_INFO_SERVICE_H diff --git a/libs/binder/include/private/binder/Static.h b/libs/binder/include/private/binder/Static.h index 3d10456a8d..f04bcae5a7 100644 --- a/libs/binder/include/private/binder/Static.h +++ b/libs/binder/include/private/binder/Static.h @@ -21,7 +21,9 @@ #include <binder/IBinder.h> #include <binder/ProcessState.h> +#ifndef __ANDROID_VNDK__ #include <binder/IPermissionController.h> +#endif #include <binder/IServiceManager.h> namespace android { @@ -36,6 +38,8 @@ extern sp<ProcessState> gProcess; // For IServiceManager.cpp extern Mutex gDefaultServiceManagerLock; extern sp<IServiceManager> gDefaultServiceManager; +#ifndef __ANDROID_VNDK__ extern sp<IPermissionController> gPermissionController; +#endif } // namespace android diff --git a/libs/gui/BufferQueueConsumer.cpp b/libs/gui/BufferQueueConsumer.cpp index 17cf677e09..d70e1422b0 100644 --- a/libs/gui/BufferQueueConsumer.cpp +++ b/libs/gui/BufferQueueConsumer.cpp @@ -35,7 +35,9 @@ #include <gui/IProducerListener.h> #include <binder/IPCThreadState.h> +#ifndef __ANDROID_VNDK__ #include <binder/PermissionCache.h> +#endif #include <system/window.h> @@ -757,12 +759,18 @@ status_t BufferQueueConsumer::dumpState(const String8& prefix, String8* outResul } const IPCThreadState* ipc = IPCThreadState::self(); - const pid_t pid = ipc->getCallingPid(); const uid_t uid = ipc->getCallingUid(); +#ifndef __ANDROID_VNDK__ + // permission check can't be done for vendors as vendors have no access to + // the PermissionController + const pid_t pid = ipc->getCallingPid(); if ((uid != shellUid) && !PermissionCache::checkPermission(String16("android.permission.DUMP"), pid, uid)) { outResult->appendFormat("Permission Denial: can't dump BufferQueueConsumer " "from pid=%d, uid=%d\n", pid, uid); +#else + if (uid != shellUid) { +#endif android_errorWriteWithInfoLog(0x534e4554, "27046057", static_cast<int32_t>(uid), NULL, 0); return PERMISSION_DENIED; diff --git a/libs/sensor/SensorManager.cpp b/libs/sensor/SensorManager.cpp index 6fe72a13ba..b9ae524ee8 100644 --- a/libs/sensor/SensorManager.cpp +++ b/libs/sensor/SensorManager.cpp @@ -27,6 +27,7 @@ #include <utils/Singleton.h> #include <binder/IBinder.h> +#include <binder/IPermissionController.h> #include <binder/IServiceManager.h> #include <sensor/ISensorServer.h> |