diff options
| author | android-build-team Robot <android-build-team-robot@google.com> | 2019-04-10 03:07:44 +0000 |
|---|---|---|
| committer | android-build-team Robot <android-build-team-robot@google.com> | 2019-04-10 03:07:44 +0000 |
| commit | 7761e34bbb8d7956341c67b5e5c7677b6e7ad35c (patch) | |
| tree | 77826f26294270bd508b0519b8348674bd6958a5 | |
| parent | ece6d9cbaa008b98f04684e20c5a4f4cc14314e7 (diff) | |
| parent | 540d579f3079b1796414f12118632c6adc9387e3 (diff) | |
| download | platform_system_ashmemd-android10-release.tar.gz platform_system_ashmemd-android10-release.tar.bz2 platform_system_ashmemd-android10-release.zip | |
Snap for 5452883 from 540d579f3079b1796414f12118632c6adc9387e3 to qt-releaseandroid-vts-10.0_r5android-vts-10.0_r4android-vts-10.0_r3android-vts-10.0_r2android-vts-10.0_r1android-mainline-10.0.0_r3android-mainline-10.0.0_r2android-mainline-10.0.0_r1android-cts-10.0_r5android-cts-10.0_r4android-cts-10.0_r3android-cts-10.0_r2android-cts-10.0_r1android-10.0.0_r6android-10.0.0_r5android-10.0.0_r46android-10.0.0_r4android-10.0.0_r3android-10.0.0_r2android-10.0.0_r17android-10.0.0_r11android-10.0.0_r10android-10.0.0_r1android10-tests-releaseandroid10-security-releaseandroid10-s3-releaseandroid10-s2-releaseandroid10-s1-releaseandroid10-releaseandroid10-mainline-releaseandroid10-mainline-a-releaseandroid10-gsi
Change-Id: I75a62e1cb397cb3e7beddd525ad85d7c6fda38e6
| -rw-r--r-- | ashmemd_client.cpp | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/ashmemd_client.cpp b/ashmemd_client.cpp index 3380209..a9041a0 100644 --- a/ashmemd_client.cpp +++ b/ashmemd_client.cpp @@ -17,6 +17,7 @@ #include <android-base/logging.h> #include <android/ashmemd/IAshmemDeviceService.h> #include <binder/IServiceManager.h> +#include <cutils/android_filesystem_config.h> using android::IBinder; using android::IServiceManager; @@ -27,7 +28,25 @@ using android::os::ParcelFileDescriptor; namespace android { namespace ashmemd { +static bool checkBinderAccess() { + // Isolated apps are potentially subject to seccomp policy that restricts use of access() + // (b/129483782). However, apps always have access to binder, so return true. + auto uid = getuid() % AID_USER; + if (AID_ISOLATED_START <= uid && uid <= AID_ISOLATED_END) { + return true; + } + if (access("/dev/binder", R_OK | W_OK) == 0) { + return true; + } + return false; +} + sp<IAshmemDeviceService> getAshmemService() { + // Calls to defaultServiceManager() crash the process if it doesn't have appropriate + // binder permissions. Check these permissions proactively. + if (!checkBinderAccess()) { + return nullptr; + } sp<IServiceManager> sm = android::defaultServiceManager(); sp<IBinder> binder = sm->checkService(String16("ashmem_device_service")); return interface_cast<IAshmemDeviceService>(binder); |