diff options
author | TreeHugger Robot <treehugger-gerrit@google.com> | 2020-08-03 22:25:08 +0000 |
---|---|---|
committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2020-08-03 22:25:08 +0000 |
commit | 140f65189fd2aaa43bc991556a9678a4ff981731 (patch) | |
tree | b3b12760f9c2172d58e3a7ef0d2dcdfe3a1290d2 | |
parent | bad1977db570ac0d137118b37eb10ba2728982ad (diff) | |
parent | 916c766b31ec99bf57a5249d7a0d3eaf553e24d0 (diff) | |
download | native-140f65189fd2aaa43bc991556a9678a4ff981731.tar.gz |
Merge "GpuService: secure setUpdatableDriverPath" into rvc-dev am: 916c766b31
Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/native/+/12257974
Change-Id: I630ad28304ca52e8c2d9cc759b2f93b3d204d87b
-rw-r--r-- | services/gpuservice/GpuService.cpp | 16 | ||||
-rw-r--r-- | services/gpuservice/GpuService.h | 3 |
2 files changed, 16 insertions, 3 deletions
diff --git a/services/gpuservice/GpuService.cpp b/services/gpuservice/GpuService.cpp index 304f1d059e..81b0a46e0c 100644 --- a/services/gpuservice/GpuService.cpp +++ b/services/gpuservice/GpuService.cpp @@ -63,11 +63,23 @@ void GpuService::setTargetStats(const std::string& appPackageName, const uint64_ } void GpuService::setUpdatableDriverPath(const std::string& driverPath) { - developerDriverPath = driverPath; + IPCThreadState* ipc = IPCThreadState::self(); + const int pid = ipc->getCallingPid(); + const int uid = ipc->getCallingUid(); + + // only system_server is allowed to set updatable driver path + if (uid != AID_SYSTEM) { + ALOGE("Permission Denial: can't set updatable driver path from pid=%d, uid=%d\n", pid, uid); + return; + } + + std::lock_guard<std::mutex> lock(mLock); + mDeveloperDriverPath = driverPath; } std::string GpuService::getUpdatableDriverPath() { - return developerDriverPath; + std::lock_guard<std::mutex> lock(mLock); + return mDeveloperDriverPath; } status_t GpuService::shellCommand(int /*in*/, int out, int err, std::vector<String16>& args) { diff --git a/services/gpuservice/GpuService.h b/services/gpuservice/GpuService.h index ba44fe04d4..d1c3aabcce 100644 --- a/services/gpuservice/GpuService.h +++ b/services/gpuservice/GpuService.h @@ -75,7 +75,8 @@ private: * Attributes */ std::unique_ptr<GpuStats> mGpuStats; - std::string developerDriverPath; + std::mutex mLock; + std::string mDeveloperDriverPath; }; } // namespace android |