commit a44514e9616cd7bcef7c31afaaebc1b3f4c1af2e
author Anthony Stange <stange@google.com> Wed Oct 06 19:21:43 2021 +0000
committer Anthony Stange <stange@google.com> Thu Oct 07 19:24:05 2021 +0000
tree ff62773985057a19a539d7e6dabd4d0d851c0d29
parent a22f94bd81e5225095d777d91b47e721c4335819

Prevent multiple outstanding permission queries per client

Under stress tests, it's possible for several messages to be sent before
CHRE has time to respond to the permission query which can cause several
permission queries to be sent and CHRE to be overwhelmed.

Fixes: 202201157
Test: Flash device and run stress test
Change-Id: I16871a116216cd288f0eba0e6c5572f5afa6b959

services/core/java/com/android/server/location/contexthub/ContextHubClientBroker.java

diff --git a/services/core/java/com/android/server/location/contexthub/ContextHubClientBroker.java b/services/core/java/com/android/server/location/contexthub/ContextHubClientBroker.java
index fa33338..03e421b 100644
--- a/services/core/java/com/android/server/location/contexthub/ContextHubClientBroker.java
+++ b/services/core/java/com/android/server/location/contexthub/ContextHubClientBroker.java
@@ -209,6 +209,12 @@
      */
     private AtomicBoolean mIsPendingIntentCancelled = new AtomicBoolean(false);
 
+    /**
+     * True if a permissions query has been issued and is being processed. Used to prevent too many
+     * queries from being issued by a single client at once.
+     */
+    private AtomicBoolean mIsPermQueryIssued = new AtomicBoolean(false);
+
     /*
      * True if the application creating the client has the ACCESS_CONTEXT_HUB permission.
      */
@@ -240,11 +246,11 @@
     private final IContextHubTransactionCallback mQueryPermsCallback =
             new IContextHubTransactionCallback.Stub() {
             @Override
-            public void onTransactionComplete(int result) {
-            }
+            public void onTransactionComplete(int result) {}
 
             @Override
             public void onQueryResponse(int result, List<NanoAppState> nanoAppStateList) {
+                mIsPermQueryIssued.set(false);
                 if (result != ContextHubTransaction.RESULT_SUCCESS && nanoAppStateList != null) {
                     Log.e(TAG, "Permissions query failed, but still received nanoapp state");
                 } else if (nanoAppStateList != null) {
@@ -656,9 +662,11 @@
      * communicated with in the past.
      */
     private void checkNanoappPermsAsync() {
-        ContextHubServiceTransaction transaction = mTransactionManager.createQueryTransaction(
-                mAttachedContextHubInfo.getId(), mQueryPermsCallback, mPackage);
-        mTransactionManager.addTransaction(transaction);
+        if (!mIsPermQueryIssued.getAndSet(true)) {
+            ContextHubServiceTransaction transaction = mTransactionManager.createQueryTransaction(
+                    mAttachedContextHubInfo.getId(), mQueryPermsCallback, mPackage);
+            mTransactionManager.addTransaction(transaction);
+        }
     }
 
     private int updateNanoAppAuthState(