diff options
| author | Brad Fitzpatrick <bradfitz@android.com> | 2010-06-18 13:07:53 -0700 |
|---|---|---|
| committer | Brad Fitzpatrick <bradfitz@android.com> | 2010-06-21 12:56:35 -0700 |
| commit | 27b3a7a75960d026655f3acd1de8a672e80a5776 (patch) | |
| tree | cc5036a00b976b7757f26212abf49ed11f779cd9 | |
| parent | f25c560dcdc0c04e11152fff11f521dae03522cd (diff) | |
| download | frameworks_base-27b3a7a75960d026655f3acd1de8a672e80a5776.zip frameworks_base-27b3a7a75960d026655f3acd1de8a672e80a5776.tar.gz frameworks_base-27b3a7a75960d026655f3acd1de8a672e80a5776.tar.bz2 | |
Start of work on passing around StrictMode policy over Binder calls.
This is (intendend to be) a no-op change.
At this stage, Binder RPCs just have an additional uint32 passed around
in the header, right before the interface name. But nothing is actually
done with them yet. That value should right now always be 0.
This now boots and seems to work.
Change-Id: I135b7c84f07575e6b9717fef2424d301a450df7b
| -rw-r--r-- | cmds/servicemanager/bctest.c | 3 | ||||
| -rw-r--r-- | cmds/servicemanager/service_manager.c | 7 | ||||
| -rw-r--r-- | include/binder/IPCThreadState.h | 6 | ||||
| -rw-r--r-- | include/binder/Parcel.h | 5 | ||||
| -rw-r--r-- | libs/binder/IPCThreadState.cpp | 13 | ||||
| -rw-r--r-- | libs/binder/IServiceManager.cpp | 7 | ||||
| -rw-r--r-- | libs/binder/Parcel.cpp | 8 |
7 files changed, 38 insertions, 11 deletions
diff --git a/cmds/servicemanager/bctest.c b/cmds/servicemanager/bctest.c index 6dee816..ff5aced 100644 --- a/cmds/servicemanager/bctest.c +++ b/cmds/servicemanager/bctest.c @@ -14,6 +14,7 @@ void *svcmgr_lookup(struct binder_state *bs, void *target, const char *name) struct binder_io msg, reply; bio_init(&msg, iodata, sizeof(iodata), 4); + bio_put_uint32(&msg, 0); // strict mode header bio_put_string16_x(&msg, SVC_MGR_NAME); bio_put_string16_x(&msg, name); @@ -37,7 +38,7 @@ int svcmgr_publish(struct binder_state *bs, void *target, const char *name, void struct binder_io msg, reply; bio_init(&msg, iodata, sizeof(iodata), 4); - + bio_put_uint32(&msg, 0); // strict mode header bio_put_string16_x(&msg, SVC_MGR_NAME); bio_put_string16_x(&msg, name); bio_put_obj(&msg, ptr); diff --git a/cmds/servicemanager/service_manager.c b/cmds/servicemanager/service_manager.c index a2006c1..01cddc6 100644 --- a/cmds/servicemanager/service_manager.c +++ b/cmds/servicemanager/service_manager.c @@ -193,6 +193,7 @@ int svcmgr_handler(struct binder_state *bs, uint16_t *s; unsigned len; void *ptr; + uint32_t strict_policy; // LOGI("target=%p code=%d pid=%d uid=%d\n", // txn->target, txn->code, txn->sender_pid, txn->sender_euid); @@ -200,8 +201,12 @@ int svcmgr_handler(struct binder_state *bs, if (txn->target != svcmgr_handle) return -1; + // Equivalent to Parcel::enforceInterface(), reading the RPC + // header with the strict mode policy mask and the interface name. + // Note that we ignore the strict_policy and don't propagate it + // further (since we do no outbound RPCs anyway). + strict_policy = bio_get_uint32(msg); s = bio_get_string16(msg, &len); - if ((len != (sizeof(svcmgr_id) / 2)) || memcmp(svcmgr_id, s, sizeof(svcmgr_id))) { fprintf(stderr,"invalid id %s\n", str8(s)); diff --git a/include/binder/IPCThreadState.h b/include/binder/IPCThreadState.h index 3ab985d..04e24d2 100644 --- a/include/binder/IPCThreadState.h +++ b/include/binder/IPCThreadState.h @@ -40,6 +40,9 @@ public: int getCallingPid(); int getCallingUid(); + + void setStrictModePolicy(int32_t policy); + int32_t getStrictModePolicy() const; int64_t clearCallingIdentity(); void restoreCallingIdentity(int64_t token); @@ -109,8 +112,9 @@ private: status_t mLastError; pid_t mCallingPid; uid_t mCallingUid; + int32_t mStrictModePolicy; }; - + }; // namespace android // --------------------------------------------------------------------------- diff --git a/include/binder/Parcel.h b/include/binder/Parcel.h index 66c34b2..2cc4db9 100644 --- a/include/binder/Parcel.h +++ b/include/binder/Parcel.h @@ -56,9 +56,12 @@ public: bool hasFileDescriptors() const; + // Writes the RPC header. status_t writeInterfaceToken(const String16& interface); + // Parses the RPC header, returning true if the interface name + // in the header matches the expected interface from the caller. bool enforceInterface(const String16& interface) const; - bool checkInterface(IBinder*) const; + bool checkInterface(IBinder*) const; void freeData(); diff --git a/libs/binder/IPCThreadState.cpp b/libs/binder/IPCThreadState.cpp index 0016503..28706ba 100644 --- a/libs/binder/IPCThreadState.cpp +++ b/libs/binder/IPCThreadState.cpp @@ -367,6 +367,16 @@ int64_t IPCThreadState::clearCallingIdentity() return token; } +void IPCThreadState::setStrictModePolicy(int32_t policy) +{ + mStrictModePolicy = policy; +} + + +int32_t IPCThreadState::getStrictModePolicy() const { + return mStrictModePolicy; +} + void IPCThreadState::restoreCallingIdentity(int64_t token) { mCallingUid = (int)(token>>32); @@ -588,7 +598,8 @@ status_t IPCThreadState::clearDeathNotification(int32_t handle, BpBinder* proxy) } IPCThreadState::IPCThreadState() - : mProcess(ProcessState::self()), mMyThreadId(androidGetTid()) + : mProcess(ProcessState::self()), mMyThreadId(androidGetTid()), + mStrictModePolicy(0) { pthread_setspecific(gTLS, this); clearCaller(); diff --git a/libs/binder/IServiceManager.cpp b/libs/binder/IServiceManager.cpp index 0cf4158..a3a3f0e 100644 --- a/libs/binder/IServiceManager.cpp +++ b/libs/binder/IServiceManager.cpp @@ -129,19 +129,19 @@ public: : BpInterface<IServiceManager>(impl) { } - + virtual sp<IBinder> getService(const String16& name) const { unsigned n; for (n = 0; n < 5; n++){ sp<IBinder> svc = checkService(name); if (svc != NULL) return svc; - LOGI("Waiting for sevice %s...\n", String8(name).string()); + LOGI("Waiting for service %s...\n", String8(name).string()); sleep(1); } return NULL; } - + virtual sp<IBinder> checkService( const String16& name) const { Parcel data, reply; @@ -226,4 +226,3 @@ status_t BnServiceManager::onTransact( } }; // namespace android - diff --git a/libs/binder/Parcel.cpp b/libs/binder/Parcel.cpp index 00d2210..c2574bd 100644 --- a/libs/binder/Parcel.cpp +++ b/libs/binder/Parcel.cpp @@ -19,6 +19,7 @@ #include <binder/Parcel.h> +#include <binder/IPCThreadState.h> #include <binder/Binder.h> #include <binder/BpBinder.h> #include <utils/Debug.h> @@ -436,19 +437,22 @@ bool Parcel::hasFileDescriptors() const return mHasFds; } +// Write RPC headers. (previously just the interface token) status_t Parcel::writeInterfaceToken(const String16& interface) { + writeInt32(IPCThreadState::self()->getStrictModePolicy()); // currently the interface identification token is just its name as a string return writeString16(interface); } bool Parcel::checkInterface(IBinder* binder) const { - return enforceInterface(binder->getInterfaceDescriptor()); + return enforceInterface(binder->getInterfaceDescriptor()); } bool Parcel::enforceInterface(const String16& interface) const { + int32_t strict_policy = readInt32(); const String16 str(readString16()); if (str == interface) { return true; @@ -457,7 +461,7 @@ bool Parcel::enforceInterface(const String16& interface) const String8(interface).string(), String8(str).string()); return false; } -} +} const size_t* Parcel::objects() const { |