diff options
Diffstat (limited to 'libs/binder/IPCThreadState.cpp')
| -rw-r--r-- | libs/binder/IPCThreadState.cpp | 34 |
1 files changed, 28 insertions, 6 deletions
diff --git a/libs/binder/IPCThreadState.cpp b/libs/binder/IPCThreadState.cpp index 22f6f54e28..e60f03ae54 100644 --- a/libs/binder/IPCThreadState.cpp +++ b/libs/binder/IPCThreadState.cpp @@ -88,7 +88,8 @@ static const char *kReturnStrings[] = { "BR_FINISHED", "BR_DEAD_BINDER", "BR_CLEAR_DEATH_NOTIFICATION_DONE", - "BR_FAILED_REPLY" + "BR_FAILED_REPLY", + "BR_TRANSACTION_SEC_CTX", }; static const char *kCommandStrings[] = { @@ -363,6 +364,11 @@ pid_t IPCThreadState::getCallingPid() const return mCallingPid; } +const char* IPCThreadState::getCallingSid() const +{ + return mCallingSid; +} + uid_t IPCThreadState::getCallingUid() const { return mCallingUid; @@ -370,6 +376,7 @@ uid_t IPCThreadState::getCallingUid() const int64_t IPCThreadState::clearCallingIdentity() { + // ignore mCallingSid for legacy reasons int64_t token = ((int64_t)mCallingUid<<32) | mCallingPid; clearCaller(); return token; @@ -398,12 +405,14 @@ int32_t IPCThreadState::getLastTransactionBinderFlags() const void IPCThreadState::restoreCallingIdentity(int64_t token) { mCallingUid = (int)(token>>32); + mCallingSid = nullptr; // not enough data to restore mCallingPid = (int)token; } void IPCThreadState::clearCaller() { mCallingPid = getpid(); + mCallingSid = nullptr; // expensive to lookup mCallingUid = getuid(); } @@ -1089,10 +1098,19 @@ status_t IPCThreadState::executeCommand(int32_t cmd) } break; + case BR_TRANSACTION_SEC_CTX: case BR_TRANSACTION: { - binder_transaction_data tr; - result = mIn.read(&tr, sizeof(tr)); + binder_transaction_data_secctx tr_secctx; + binder_transaction_data& tr = tr_secctx.transaction_data; + + if (cmd == (int) BR_TRANSACTION_SEC_CTX) { + result = mIn.read(&tr_secctx, sizeof(tr_secctx)); + } else { + result = mIn.read(&tr, sizeof(tr)); + tr_secctx.secctx = 0; + } + ALOG_ASSERT(result == NO_ERROR, "Not enough command data for brTRANSACTION"); if (result != NO_ERROR) break; @@ -1108,15 +1126,18 @@ status_t IPCThreadState::executeCommand(int32_t cmd) tr.offsets_size/sizeof(binder_size_t), freeBuffer, this); const pid_t origPid = mCallingPid; + const char* origSid = mCallingSid; const uid_t origUid = mCallingUid; const int32_t origStrictModePolicy = mStrictModePolicy; const int32_t origTransactionBinderFlags = mLastTransactionBinderFlags; mCallingPid = tr.sender_pid; + mCallingSid = reinterpret_cast<const char*>(tr_secctx.secctx); mCallingUid = tr.sender_euid; mLastTransactionBinderFlags = tr.flags; - //ALOGI(">>>> TRANSACT from pid %d uid %d\n", mCallingPid, mCallingUid); + // ALOGI(">>>> TRANSACT from pid %d sid %s uid %d\n", mCallingPid, + // (mCallingSid ? mCallingSid : "<N/A>"), mCallingUid); Parcel reply; status_t error; @@ -1148,8 +1169,8 @@ status_t IPCThreadState::executeCommand(int32_t cmd) } mIPCThreadStateBase->popCurrentState(); - //ALOGI("<<<< TRANSACT from pid %d restore pid %d uid %d\n", - // mCallingPid, origPid, origUid); + //ALOGI("<<<< TRANSACT from pid %d restore pid %d sid %s uid %d\n", + // mCallingPid, origPid, (origSid ? origSid : "<N/A>"), origUid); if ((tr.flags & TF_ONE_WAY) == 0) { LOG_ONEWAY("Sending reply to %d!", mCallingPid); @@ -1160,6 +1181,7 @@ status_t IPCThreadState::executeCommand(int32_t cmd) } mCallingPid = origPid; + mCallingSid = origSid; mCallingUid = origUid; mStrictModePolicy = origStrictModePolicy; mLastTransactionBinderFlags = origTransactionBinderFlags; |