Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 47f876b7 authored by Jiyong Park's avatar Jiyong Park
Browse files

Hide some headers from libbinder to vendors 

The headers that are related to system services are now hidden to
vendors. Note that this does not break anything because vendors have
already been disallowed to talk to system services via sepolicy. Their
use of binder is strictly limited within themselves (via
/dev/vndbinder).

The hidden headers are now guarded with __ANDROID_VNDK__ and including
them from vendors (or vendor variants of other VNDK libraries) will
trigger a build-time error.

Bug: 78113963
Test: m -j
Test: devices boots to the UI
Change-Id: I19be5ca024fc4081b7861d908d75758c1d956a83
parent 7e959e42

libs/binder/Android.bp

+22 −0
Original line number Diff line number Diff line
@@ -75,6 +75,28 @@ cc_library { 
        ":libbinder_aidl",

    ],



    target: {

        vendor: {

            exclude_srcs: [

                "ActivityManager.cpp",

                "AppOpsManager.cpp",

                "IActivityManager.cpp",

                "IAppOpsCallback.cpp",

                "IAppOpsService.cpp",

                "IBatteryStats.cpp",

                "IMediaResourceMonitor.cpp",

                "IPermissionController.cpp",

                "IProcessInfoService.cpp",

                "IUidObserver.cpp",

                "PermissionCache.cpp",

                "PermissionController.cpp",

                "ProcessInfoService.cpp",

                "IpPrefix.cpp",

                ":libbinder_aidl",

            ],

        },

    },



    aidl: {

        export_aidl_headers: true,

    },

libs/binder/IServiceManager.cpp

+8 −0
Original line number Diff line number Diff line
@@ -20,6 +20,9 @@ 


#include <utils/Log.h>

#include <binder/IPCThreadState.h>

#ifndef __ANDROID_VNDK__

#include <binder/IPermissionController.h>

#endif

#include <binder/Parcel.h>

#include <utils/String8.h>

#include <utils/SystemClock.h>
@@ -48,6 +51,9 @@ sp<IServiceManager> defaultServiceManager() 
    return gDefaultServiceManager;

}



#ifndef __ANDROID_VNDK__

// IPermissionController is not accessible to vendors



bool checkCallingPermission(const String16& permission)

{

    return checkCallingPermission(permission, NULL, NULL);
@@ -122,6 +128,8 @@ bool checkPermission(const String16& permission, pid_t pid, uid_t uid) 
    }

}



#endif //__ANDROID_VNDK__



// ----------------------------------------------------------------------



class BpServiceManager : public BpInterface<IServiceManager>

libs/binder/Static.cpp

+2 −0
Original line number Diff line number Diff line
@@ -94,6 +94,8 @@ static LibBinderIPCtStatics gIPCStatics; 


Mutex gDefaultServiceManagerLock;

sp<IServiceManager> gDefaultServiceManager;

#ifndef __ANDROID_VNDK__

sp<IPermissionController> gPermissionController;

#endif



}   // namespace android

libs/binder/include/binder/ActivityManager.h

+6 −0
Original line number Diff line number Diff line
@@ -17,6 +17,8 @@ 
#ifndef ANDROID_ACTIVITY_MANAGER_H

#define ANDROID_ACTIVITY_MANAGER_H



#ifndef __ANDROID_VNDK__



#include <binder/IActivityManager.h>



#include <utils/threads.h>
@@ -64,4 +66,8 @@ private: 


}; // namespace android

// ---------------------------------------------------------------------------

#else // __ANDROID_VNDK__

#error "This header is not visible to vendors"

#endif // __ANDROID_VNDK__



#endif // ANDROID_ACTIVITY_MANAGER_H

libs/binder/include/binder/AppOpsManager.h

+6 −0
Original line number Diff line number Diff line
@@ -17,6 +17,8 @@ 
#ifndef ANDROID_APP_OPS_MANAGER_H

#define ANDROID_APP_OPS_MANAGER_H



#ifndef __ANDROID_VNDK__



#include <binder/IAppOpsService.h>



#include <utils/threads.h>
@@ -117,4 +119,8 @@ private: 


}; // namespace android

// ---------------------------------------------------------------------------

#else // __ANDROID_VNDK__

#error "This header is not visible to vendors"

#endif // __ANDROID_VNDK__



#endif // ANDROID_APP_OPS_MANAGER_H