From 2b65d6ca48773901c396344c5fdc851ec14a4bdf Mon Sep 17 00:00:00 2001 From: Yiwei Zhang Date: Tue, 28 Jul 2020 23:11:21 -0700 Subject: GpuService: secure setUpdatableDriverPath setUpdatableDriverPath should only be called by system_server and developer driver path needs to be protected by a lock. Bug: 162383705 Bug: 159240322 Test: ./gapit validate_gpu_profiling --os android Change-Id: I48896325598acab89079dbc658ddf9b92d303244 Merged-In: I48896325598acab89079dbc658ddf9b92d303244 --- services/gpuservice/GpuService.cpp | 16 ++++++++++++++-- services/gpuservice/GpuService.h | 3 ++- 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/services/gpuservice/GpuService.cpp b/services/gpuservice/GpuService.cpp index 304f1d059e..81b0a46e0c 100644 --- a/services/gpuservice/GpuService.cpp +++ b/services/gpuservice/GpuService.cpp @@ -63,11 +63,23 @@ void GpuService::setTargetStats(const std::string& appPackageName, const uint64_ } void GpuService::setUpdatableDriverPath(const std::string& driverPath) { - developerDriverPath = driverPath; + IPCThreadState* ipc = IPCThreadState::self(); + const int pid = ipc->getCallingPid(); + const int uid = ipc->getCallingUid(); + + // only system_server is allowed to set updatable driver path + if (uid != AID_SYSTEM) { + ALOGE("Permission Denial: can't set updatable driver path from pid=%d, uid=%d\n", pid, uid); + return; + } + + std::lock_guard lock(mLock); + mDeveloperDriverPath = driverPath; } std::string GpuService::getUpdatableDriverPath() { - return developerDriverPath; + std::lock_guard lock(mLock); + return mDeveloperDriverPath; } status_t GpuService::shellCommand(int /*in*/, int out, int err, std::vector& args) { diff --git a/services/gpuservice/GpuService.h b/services/gpuservice/GpuService.h index ba44fe04d4..d1c3aabcce 100644 --- a/services/gpuservice/GpuService.h +++ b/services/gpuservice/GpuService.h @@ -75,7 +75,8 @@ private: * Attributes */ std::unique_ptr mGpuStats; - std::string developerDriverPath; + std::mutex mLock; + std::string mDeveloperDriverPath; }; } // namespace android -- cgit v1.2.3-59-g8ed1b