Gitiles
Code Review Sign In
gerrit.omnirom.org / android_frameworks_native / ecf937dd80999d2b37c5b44cda1065bfd4da42fb^! / . / libs / binder / RpcServer.cpp
commitecf937dd80999d2b37c5b44cda1065bfd4da42fb[log] [tgz]
authorYifan Hong <elsk@google.com>Wed Aug 11 17:29:28 2021 -0700
committerYifan Hong <elsk@google.com>Mon Aug 23 13:58:26 2021 -0700
tree6526b821f061ed460b7013e54e515c31ff303cd6
parent588d59c6ae1abcad5012d33b15bf4a064315f9ee [diff] [blame]
binder: RpcServer / RpcSession add API for certs.

These APIs call into RpcTransportCtx::getCertificate
and RpcTransportClientCtx::addTrustedPeerCertificate,
respectively.

For RpcSession, peer (server) certificates are fixed when
it is constructed.

Test: binderRpcTest
Bug: 195166979
Change-Id: I0d1bd93042895aeb3ab1de4fe6b9d90e73d0d116

diff --git a/libs/binder/RpcServer.cpp b/libs/binder/RpcServer.cpp
index a20445b..ad9ba96 100644
--- a/libs/binder/RpcServer.cpp
+++ b/libs/binder/RpcServer.cpp

@@ -39,8 +39,7 @@
 using base::ScopeGuard;
 using base::unique_fd;
 
-RpcServer::RpcServer(std::unique_ptr<RpcTransportCtxFactory> rpcTransportCtxFactory)
-      : mRpcTransportCtxFactory(std::move(rpcTransportCtxFactory)) {}
+RpcServer::RpcServer(std::unique_ptr<RpcTransportCtx> ctx) : mCtx(std::move(ctx)) {}
 RpcServer::~RpcServer() {
     (void)shutdown();
 }
@@ -49,7 +48,9 @@
     // Default is without TLS.
     if (rpcTransportCtxFactory == nullptr)
         rpcTransportCtxFactory = RpcTransportCtxFactoryRaw::make();
-    return sp<RpcServer>::make(std::move(rpcTransportCtxFactory));
+    auto ctx = rpcTransportCtxFactory->newServerCtx();
+    if (ctx == nullptr) return nullptr;
+    return sp<RpcServer>::make(std::move(ctx));
 }
 
 void RpcServer::iUnderstandThisCodeIsExperimentalAndIWillNotUseItInProduction() {
@@ -138,6 +139,20 @@
     return ret;
 }
 
+std::string RpcServer::getCertificate(CertificateFormat format) {
+    std::lock_guard<std::mutex> _l(mLock);
+    return mCtx->getCertificate(format);
+}
+
+status_t RpcServer::addTrustedPeerCertificate(CertificateFormat format, std::string_view cert) {
+    std::lock_guard<std::mutex> _l(mLock);
+    // Ensure that join thread is not running or shutdown trigger is not set up. In either case,
+    // it means there are child threads running. It is invalid to add trusted peer certificates
+    // after join thread and/or child threads are running to avoid race condition.
+    if (mJoinThreadRunning || mShutdownTrigger != nullptr) return INVALID_OPERATION;
+    return mCtx->addTrustedPeerCertificate(format, cert);
+}
+
 static void joinRpcServer(sp<RpcServer>&& thiz) {
     thiz->join();
 }
@@ -159,10 +174,6 @@
         mJoinThreadRunning = true;
         mShutdownTrigger = FdTrigger::make();
         LOG_ALWAYS_FATAL_IF(mShutdownTrigger == nullptr, "Cannot create join signaler");
-
-        mCtx = mRpcTransportCtxFactory->newServerCtx();
-        LOG_ALWAYS_FATAL_IF(mCtx == nullptr, "Unable to create RpcTransportCtx with %s sockets",
-                            mRpcTransportCtxFactory->toCString());
     }
 
     status_t status;
@@ -229,7 +240,6 @@
     LOG_RPC_DETAIL("Finished waiting on shutdown.");
 
     mShutdownTrigger = nullptr;
-    mCtx = nullptr;
     return true;
 }