From d70160f2989f18d4209ea464eb1635d4cc7ff827 Mon Sep 17 00:00:00 2001
From: Steven Moreland <smoreland@google.com>
Date: Tue, 23 Jul 2019 10:20:38 -0700
Subject: libbinder: vendor binder has a different header

Right now, on a regular device, libbinder and libbinder.vndk (the
vendor, VNDK variant, of libbinder) are in sync. So, if there is some
error, they will be able to communicate with each other. However, there
is no ABI stability guarantee here. In order to provide an extra layer
of guarantee, we are writing a header to vendor transactions.

This header is not written on system transactions in order to save the
function call, but it may be sane to. Ideally also, it may be sane to
write some hash or similar value instead of a secret code in a specific
case. This would be more flexible.

Bug: 136027762
Test: boot
Change-Id: I664caf6b7082d97e0310e502bf2cd6393e2da9a7
---
 libs/binder/Parcel.cpp | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/libs/binder/Parcel.cpp b/libs/binder/Parcel.cpp
index 85822efa09..d5ad8c864a 100644
--- a/libs/binder/Parcel.cpp
+++ b/libs/binder/Parcel.cpp
@@ -590,6 +590,12 @@ void Parcel::updateWorkSourceRequestHeaderPosition() const {
     }
 }
 
+#ifdef __ANDROID_VNDK__
+constexpr int32_t kHeader = B_PACK_CHARS('V', 'N', 'D', 'R');
+#else
+constexpr int32_t kHeader = B_PACK_CHARS('S', 'Y', 'S', 'T');
+#endif
+
 // Write RPC headers.  (previously just the interface token)
 status_t Parcel::writeInterfaceToken(const String16& interface)
 {
@@ -598,6 +604,7 @@ status_t Parcel::writeInterfaceToken(const String16& interface)
     updateWorkSourceRequestHeaderPosition();
     writeInt32(threadState->shouldPropagateWorkSource() ?
             threadState->getCallingWorkSourceUid() : IPCThreadState::kUnsetWorkSource);
+    writeInt32(kHeader);
     // currently the interface identification token is just its name as a string
     return writeString16(interface);
 }
@@ -655,6 +662,12 @@ bool Parcel::enforceInterface(const String16& interface,
     updateWorkSourceRequestHeaderPosition();
     int32_t workSource = readInt32();
     threadState->setCallingWorkSourceUidWithoutPropagation(workSource);
+    // vendor header
+    int32_t header = readInt32();
+    if (header != kHeader) {
+        ALOGE("Expecting header 0x%x but found 0x%x. Mixing copies of libbinder?", kHeader, header);
+        return false;
+    }
     // Interface descriptor.
     const String16 str(readString16());
     if (str == interface) {
-- 
cgit v1.2.3-59-g8ed1b