Expose binder security context to rust binder services This patch exposes AIBinder_setRequestingSid and AIBinder_getCallingSid to binder services written in Rust. This is required by services to effectively enforce SEPolicy because relying only on the caller's PID is racy. Bug: 165070170 Test: atest rustBinderTest Change-Id: Iae25d4fedded7d133354ba4c82527f33e5d5e1ce

commit: 798a09a7213b792b779334e45f6931d511983d09 [log] [tgz]
author: Janis Danisevskis <jdanis@google.com> Tue Aug 18 08:35:38 2020 -0700
committer: Stephen Crane <sjc@immunant.com> Wed Sep 09 16:21:03 2020 -0700
tree: b36fbcf245918db4b31250f2cd0a77a74f8ef242
parent: eeabafba1667681738e7e7ed8df581f3c37e50df [diff] [blame]
diff --git a/libs/binder/rust/src/binder.rs b/libs/binder/rust/src/binder.rs
index d55eafe..d8e0609 100644
--- a/libs/binder/rust/src/binder.rs
+++ b/libs/binder/rust/src/binder.rs

@@ -98,6 +98,9 @@
     /// Send a ping transaction to this object
     fn ping_binder(&mut self) -> Result<()>;
 
+    /// Indicate that the service intends to receive caller security contexts.
+    fn set_requesting_sid(&mut self, enable: bool);
+
     /// Dump this object to the given file handle
     fn dump<F: AsRawFd>(&mut self, fp: &F, args: &[&str]) -> Result<()>;
commit	798a09a7213b792b779334e45f6931d511983d09	[log] [tgz]
author	Janis Danisevskis <jdanis@google.com>	Tue Aug 18 08:35:38 2020 -0700
committer	Stephen Crane <sjc@immunant.com>	Wed Sep 09 16:21:03 2020 -0700
tree	b36fbcf245918db4b31250f2cd0a77a74f8ef242
parent	eeabafba1667681738e7e7ed8df581f3c37e50df [diff] [blame]