From 64e357ddf546a069f5c7eaa748de46b7045a6339 Mon Sep 17 00:00:00 2001
From: Pablo Ceballos <pceballos@google.com>
Date: Thu, 11 Feb 2016 19:15:35 -0800
Subject: DO NOT MERGE BQ: Add permission check to BufferQueueConsumer::dump

Bug 27046057
Change-Id: I387178708f460596433f75bb059854a26cc22e78
---
 libs/gui/BufferQueue.cpp | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

(limited to 'libs/gui/BufferQueue.cpp')

diff --git a/libs/gui/BufferQueue.cpp b/libs/gui/BufferQueue.cpp
index 2aecb67788..5240a61c17 100644
--- a/libs/gui/BufferQueue.cpp
+++ b/libs/gui/BufferQueue.cpp
@@ -33,6 +33,10 @@
 #include <utils/Trace.h>
 #include <utils/CallStack.h>
 
+#include <binder/IPCThreadState.h>
+#include <binder/PermissionCache.h>
+#include <private/android_filesystem_config.h>
+
 // Macros for including the BufferQueue name in log messages
 #define ST_LOGV(x, ...) ALOGV("[%s] "x, mConsumerName.string(), ##__VA_ARGS__)
 #define ST_LOGD(x, ...) ALOGD("[%s] "x, mConsumerName.string(), ##__VA_ARGS__)
@@ -769,6 +773,16 @@ status_t BufferQueue::disconnect(int api) {
 }
 
 void BufferQueue::dump(String8& result, const char* prefix) const {
+    const IPCThreadState* ipc = IPCThreadState::self();
+    const pid_t pid = ipc->getCallingPid();
+    const uid_t uid = ipc->getCallingUid();
+    if ((uid != AID_SHELL)
+            && !PermissionCache::checkPermission(String16(
+            "android.permission.DUMP"), pid, uid)) {
+        result.appendFormat("Permission Denial: can't dump BufferQueueConsumer "
+                "from pid=%d, uid=%d\n", pid, uid);
+        return;
+    }
     Mutex::Autolock _l(mMutex);
 
     String8 fifo;
-- 
cgit v1.2.3-59-g8ed1b