Expose binder security context to rust binder services This patch exposes AIBinder_setRequestingSid and AIBinder_getCallingSid to binder services written in Rust. This is required by services to effectively enforce SEPolicy because relying only on the caller's PID is racy. Bug: 165070170 Test: atest rustBinderTest Change-Id: Iae25d4fedded7d133354ba4c82527f33e5d5e1ce

commit: 798a09a7213b792b779334e45f6931d511983d09 [log] [tgz]
author: Janis Danisevskis <jdanis@google.com> Tue Aug 18 08:35:38 2020 -0700
committer: Stephen Crane <sjc@immunant.com> Wed Sep 09 16:21:03 2020 -0700
tree: b36fbcf245918db4b31250f2cd0a77a74f8ef242
parent: eeabafba1667681738e7e7ed8df581f3c37e50df [diff] [blame]
diff --git a/libs/binder/rust/src/proxy.rs b/libs/binder/rust/src/proxy.rs
index 13e5619..fde8b68 100644
--- a/libs/binder/rust/src/proxy.rs
+++ b/libs/binder/rust/src/proxy.rs

@@ -242,6 +242,12 @@
         status_result(status)
     }
 
+    fn set_requesting_sid(&mut self, enable: bool) {
+        unsafe {
+            sys::AIBinder_setRequestingSid(self.as_native_mut(), enable)
+        };
+    }
+
     fn dump<F: AsRawFd>(&mut self, fp: &F, args: &[&str]) -> Result<()> {
         let args: Vec<_> = args.iter().map(|a| CString::new(*a).unwrap()).collect();
         let mut arg_ptrs: Vec<_> = args.iter().map(|a| a.as_ptr()).collect();
commit	798a09a7213b792b779334e45f6931d511983d09	[log] [tgz]
author	Janis Danisevskis <jdanis@google.com>	Tue Aug 18 08:35:38 2020 -0700
committer	Stephen Crane <sjc@immunant.com>	Wed Sep 09 16:21:03 2020 -0700
tree	b36fbcf245918db4b31250f2cd0a77a74f8ef242
parent	eeabafba1667681738e7e7ed8df581f3c37e50df [diff] [blame]