diff options
author | Treehugger Robot <android-test-infra-autosubmit@system.gserviceaccount.com> | 2024-04-04 21:58:14 +0000 |
---|---|---|
committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2024-04-04 21:58:14 +0000 |
commit | 068bb7a296d46701f7c076d9234acae876eac895 (patch) | |
tree | ac821e4c21f93ca14d968d9f449b91b271219d8c | |
parent | 147b6cbba53dfe643a205f0a76374aa86639b505 (diff) | |
parent | 38eafb7efd9e59222688192df948428f73759f3a (diff) | |
download | native-068bb7a296d46701f7c076d9234acae876eac895.tar.gz |
Merge "libbinder: Disable shell commands on non-IPC builds" into main
-rw-r--r-- | libs/binder/ndk/Android.bp | 1 | ||||
-rw-r--r-- | libs/binder/ndk/ibinder.cpp | 7 |
2 files changed, 8 insertions, 0 deletions
diff --git a/libs/binder/ndk/Android.bp b/libs/binder/ndk/Android.bp index 30dbdddc60..2a8a353518 100644 --- a/libs/binder/ndk/Android.bp +++ b/libs/binder/ndk/Android.bp @@ -50,6 +50,7 @@ cc_library { ], cflags: [ + "-DBINDER_WITH_KERNEL_IPC", "-Wall", "-Wextra", "-Werror", diff --git a/libs/binder/ndk/ibinder.cpp b/libs/binder/ndk/ibinder.cpp index bf7a0ba5f0..e6d4f46c16 100644 --- a/libs/binder/ndk/ibinder.cpp +++ b/libs/binder/ndk/ibinder.cpp @@ -24,6 +24,7 @@ #include <private/android_filesystem_config.h> #endif +#include "../BuildFlags.h" #include "ibinder_internal.h" #include "parcel_internal.h" #include "status_internal.h" @@ -211,6 +212,12 @@ status_t ABBinder::onTransact(transaction_code_t code, const Parcel& data, Parce binder_status_t status = getClass()->onTransact(this, code, &in, &out); return PruneStatusT(status); } else if (code == SHELL_COMMAND_TRANSACTION && getClass()->handleShellCommand != nullptr) { + if constexpr (!android::kEnableKernelIpc) { + // Non-IPC builds do not have getCallingUid(), + // so we have no way of authenticating the caller + return STATUS_PERMISSION_DENIED; + } + int in = data.readFileDescriptor(); int out = data.readFileDescriptor(); int err = data.readFileDescriptor(); |