Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit e0984b06 authored by Yiwei Zhang's avatar Yiwei Zhang Committed by android-build-team Robot
Browse files

GpuService: secure setUpdatableDriverPath 

setUpdatableDriverPath should only be called by system_server and
developer driver path needs to be protected by a lock.

Bug: 162383705
Bug: 159240322
Test: ./gapit validate_gpu_profiling --os android
Change-Id: I48896325598acab89079dbc658ddf9b92d303244
Merged-In: I48896325598acab89079dbc658ddf9b92d303244
(cherry picked from commit 2b65d6ca)
parent b8293fd0

services/gpuservice/GpuService.cpp

+14 −2
Original line number Diff line number Diff line
@@ -63,11 +63,23 @@ void GpuService::setTargetStats(const std::string& appPackageName, const uint64_ 
}



void GpuService::setUpdatableDriverPath(const std::string& driverPath) {

    developerDriverPath = driverPath;

    IPCThreadState* ipc = IPCThreadState::self();

    const int pid = ipc->getCallingPid();

    const int uid = ipc->getCallingUid();



    // only system_server is allowed to set updatable driver path

    if (uid != AID_SYSTEM) {

        ALOGE("Permission Denial: can't set updatable driver path from pid=%d, uid=%d\n", pid, uid);

        return;

    }



    std::lock_guard<std::mutex> lock(mLock);

    mDeveloperDriverPath = driverPath;

}



std::string GpuService::getUpdatableDriverPath() {

    return developerDriverPath;

    std::lock_guard<std::mutex> lock(mLock);

    return mDeveloperDriverPath;

}



status_t GpuService::shellCommand(int /*in*/, int out, int err, std::vector<String16>& args) {

services/gpuservice/GpuService.h

+2 −1
Original line number Diff line number Diff line
@@ -75,7 +75,8 @@ private: 
     * Attributes

     */

    std::unique_ptr<GpuStats> mGpuStats;

    std::string developerDriverPath;

    std::mutex mLock;

    std::string mDeveloperDriverPath;

};



} // namespace android