Merge "GpuService: secure setUpdatableDriverPath" into rvc-dev am: 916c766b31 am: 140f65189f

Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/native/+/12257974

Change-Id: I925d222edd02bee881630b5199dde18c95c3735c

2 files changed, 16 insertions, 3 deletions

diff --git a/services/gpuservice/GpuService.cpp b/services/gpuservice/GpuService.cpp
index 304f1d059e..81b0a46e0c 100644
--- a/services/gpuservice/GpuService.cpp
+++ b/services/gpuservice/GpuService.cpp
@@ -63,11 +63,23 @@ void GpuService::setTargetStats(const std::string& appPackageName, const uint64_
 }
 
 void GpuService::setUpdatableDriverPath(const std::string& driverPath) {
-    developerDriverPath = driverPath;
+    IPCThreadState* ipc = IPCThreadState::self();
+    const int pid = ipc->getCallingPid();
+    const int uid = ipc->getCallingUid();
+
+    // only system_server is allowed to set updatable driver path
+    if (uid != AID_SYSTEM) {
+        ALOGE("Permission Denial: can't set updatable driver path from pid=%d, uid=%d\n", pid, uid);
+        return;
+    }
+
+    std::lock_guard<std::mutex> lock(mLock);
+    mDeveloperDriverPath = driverPath;
 }
 
 std::string GpuService::getUpdatableDriverPath() {
-    return developerDriverPath;
+    std::lock_guard<std::mutex> lock(mLock);
+    return mDeveloperDriverPath;
 }
 
 status_t GpuService::shellCommand(int /*in*/, int out, int err, std::vector<String16>& args) {
diff --git a/services/gpuservice/GpuService.h b/services/gpuservice/GpuService.h
index ba44fe04d4..d1c3aabcce 100644
--- a/services/gpuservice/GpuService.h
+++ b/services/gpuservice/GpuService.h
@@ -75,7 +75,8 @@ private:
      * Attributes
      */
     std::unique_ptr<GpuStats> mGpuStats;
-    std::string developerDriverPath;
+    std::mutex mLock;
+    std::string mDeveloperDriverPath;
 };
 
 } // namespace android