diff options
author | TreeHugger Robot <treehugger-gerrit@google.com> | 2020-08-03 22:02:59 +0000 |
---|---|---|
committer | Android (Google) Code Review <android-gerrit@google.com> | 2020-08-03 22:02:59 +0000 |
commit | 916c766b31ec99bf57a5249d7a0d3eaf553e24d0 (patch) | |
tree | ceb2d76fe6d227a4fb5eeb551818316714cb71ea | |
parent | 9e8311faec4a7be43200cdeb2e0b317c8feb12b1 (diff) | |
parent | 2b65d6ca48773901c396344c5fdc851ec14a4bdf (diff) | |
download | native-916c766b31ec99bf57a5249d7a0d3eaf553e24d0.tar.gz |
Merge "GpuService: secure setUpdatableDriverPath" into rvc-dev
-rw-r--r-- | services/gpuservice/GpuService.cpp | 16 | ||||
-rw-r--r-- | services/gpuservice/GpuService.h | 3 |
2 files changed, 16 insertions, 3 deletions
diff --git a/services/gpuservice/GpuService.cpp b/services/gpuservice/GpuService.cpp index 304f1d059e..81b0a46e0c 100644 --- a/services/gpuservice/GpuService.cpp +++ b/services/gpuservice/GpuService.cpp @@ -63,11 +63,23 @@ void GpuService::setTargetStats(const std::string& appPackageName, const uint64_ } void GpuService::setUpdatableDriverPath(const std::string& driverPath) { - developerDriverPath = driverPath; + IPCThreadState* ipc = IPCThreadState::self(); + const int pid = ipc->getCallingPid(); + const int uid = ipc->getCallingUid(); + + // only system_server is allowed to set updatable driver path + if (uid != AID_SYSTEM) { + ALOGE("Permission Denial: can't set updatable driver path from pid=%d, uid=%d\n", pid, uid); + return; + } + + std::lock_guard<std::mutex> lock(mLock); + mDeveloperDriverPath = driverPath; } std::string GpuService::getUpdatableDriverPath() { - return developerDriverPath; + std::lock_guard<std::mutex> lock(mLock); + return mDeveloperDriverPath; } status_t GpuService::shellCommand(int /*in*/, int out, int err, std::vector<String16>& args) { diff --git a/services/gpuservice/GpuService.h b/services/gpuservice/GpuService.h index ba44fe04d4..d1c3aabcce 100644 --- a/services/gpuservice/GpuService.h +++ b/services/gpuservice/GpuService.h @@ -75,7 +75,8 @@ private: * Attributes */ std::unique_ptr<GpuStats> mGpuStats; - std::string developerDriverPath; + std::mutex mLock; + std::string mDeveloperDriverPath; }; } // namespace android |