diff options
author | Pablo Ceballos <pceballos@google.com> | 2016-02-11 18:01:49 -0800 |
---|---|---|
committer | The Android Automerger <android-build@google.com> | 2016-03-01 15:26:40 -0800 |
commit | 28a83d4206e97c149a72408bc76c6487f57ed1b4 (patch) | |
tree | 3f91e13cb13e9b1f483eaf9cccf34a2502dc6f37 /libs/gui | |
parent | 6df23e81f762ec7bdf3d575582ad51aaef5172cf (diff) | |
download | frameworks_native-28a83d4206e97c149a72408bc76c6487f57ed1b4.zip frameworks_native-28a83d4206e97c149a72408bc76c6487f57ed1b4.tar.gz frameworks_native-28a83d4206e97c149a72408bc76c6487f57ed1b4.tar.bz2 |
BQ: Add permission check to BufferQueueConsumer::dump
Bug 27046057
Change-Id: Id7bd8cf95045b497943ea39dde49e877aa6f5c4e
Diffstat (limited to 'libs/gui')
-rw-r--r-- | libs/gui/BufferQueueConsumer.cpp | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/libs/gui/BufferQueueConsumer.cpp b/libs/gui/BufferQueueConsumer.cpp index bb3e1b0..158eeb4 100644 --- a/libs/gui/BufferQueueConsumer.cpp +++ b/libs/gui/BufferQueueConsumer.cpp @@ -26,6 +26,10 @@ #include <gui/IConsumerListener.h> #include <gui/IProducerListener.h> +#include <binder/IPCThreadState.h> +#include <binder/PermissionCache.h> +#include <private/android_filesystem_config.h> + namespace android { BufferQueueConsumer::BufferQueueConsumer(const sp<BufferQueueCore>& core) : @@ -572,7 +576,17 @@ sp<NativeHandle> BufferQueueConsumer::getSidebandStream() const { } void BufferQueueConsumer::dump(String8& result, const char* prefix) const { - mCore->dump(result, prefix); + const IPCThreadState* ipc = IPCThreadState::self(); + const pid_t pid = ipc->getCallingPid(); + const uid_t uid = ipc->getCallingUid(); + if ((uid != AID_SHELL) + && !PermissionCache::checkPermission(String16( + "android.permission.DUMP"), pid, uid)) { + result.appendFormat("Permission Denial: can't dump BufferQueueConsumer " + "from pid=%d, uid=%d\n", pid, uid); + } else { + mCore->dump(result, prefix); + } } } // namespace android |