Gitiles
Code Review Sign In
gerrit.omnirom.org / android_frameworks_native / d67c8e89d2589866f509640bfbac3799c1eca4f8^! / . / libs / binder / Binder.cpp
commitd67c8e89d2589866f509640bfbac3799c1eca4f8[log] [tgz]
authorKalesh Singh <kaleshsingh@google.com>Tue Dec 29 15:46:25 2020 -0500
committerSteven Moreland <smoreland@google.com>Thu Jun 03 23:15:03 2021 +0000
treeba4356daf1d618c0639bf056d6464a51bcd9912e
parent14e4cfae36aa878c6a9838299bc7b9aa42a16dfa [diff] [blame]
libbinder: Add binder already sent checks

These operations should only be done before the binder object
is sent out to another process:
  - setRequestingSid
  - setMinSchedulerPolicy
  - setInheritRt
  - setExtension

Add log and abort if these are attempted after the binder object
has been sent already.

Bug: 166282674
Test: binderParcelTest
Change-Id: Id2c1d0dc783cad75754a06a3047cf6c7bf704c63

diff --git a/libs/binder/Binder.cpp b/libs/binder/Binder.cpp
index c83c383..415b44e 100644
--- a/libs/binder/Binder.cpp
+++ b/libs/binder/Binder.cpp

@@ -197,9 +197,7 @@
 
 // ---------------------------------------------------------------------------
 
-BBinder::BBinder() : mExtras(nullptr), mStability(0)
-{
-}
+BBinder::BBinder() : mExtras(nullptr), mStability(0), mParceled(false) {}
 
 bool BBinder::isBinderAlive() const
 {
@@ -322,6 +320,10 @@
 
 void BBinder::setRequestingSid(bool requestingSid)
 {
+    ALOGW_IF(mParceled,
+             "setRequestingSid() should not be called after a binder object "
+             "is parceled/sent to another process");
+
     Extras* e = mExtras.load(std::memory_order_acquire);
 
     if (!e) {
@@ -344,6 +346,10 @@
 }
 
 void BBinder::setMinSchedulerPolicy(int policy, int priority) {
+    ALOGW_IF(mParceled,
+             "setMinSchedulerPolicy() should not be called after a binder object "
+             "is parceled/sent to another process");
+
     switch (policy) {
     case SCHED_NORMAL:
       LOG_ALWAYS_FATAL_IF(priority < -20 || priority > 19, "Invalid priority for SCHED_NORMAL: %d", priority);
@@ -391,6 +397,10 @@
 }
 
 void BBinder::setInheritRt(bool inheritRt) {
+    ALOGW_IF(mParceled,
+             "setInheritRt() should not be called after a binder object "
+             "is parceled/sent to another process");
+
     Extras* e = mExtras.load(std::memory_order_acquire);
 
     if (!e) {
@@ -410,10 +420,22 @@
 }
 
 void BBinder::setExtension(const sp<IBinder>& extension) {
+    ALOGW_IF(mParceled,
+             "setExtension() should not be called after a binder object "
+             "is parceled/sent to another process");
+
     Extras* e = getOrCreateExtras();
     e->mExtension = extension;
 }
 
+bool BBinder::wasParceled() {
+    return mParceled;
+}
+
+void BBinder::setParceled() {
+    mParceled = true;
+}
+
 status_t BBinder::setRpcClientDebug(const Parcel& data) {
     if constexpr (!kEnableRpcDevServers) {
         ALOGW("%s: disallowed because RPC is not enabled", __PRETTY_FUNCTION__);