Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / hardware / qcom / display / 52fc4cdb4df6fe5ced235cde7f409481c71a2b21^! / . / libqservice / IQService.cpp
commit52fc4cdb4df6fe5ced235cde7f409481c71a2b21[log] [tgz]
authorNaseer Ahmed <naseer@codeaurora.org>Mon Sep 24 13:38:00 2012 -0400
committerIliyan Malchev <malchev@google.com>Tue Sep 25 21:54:19 2012 -0700
tree1c27577ea56c03340b2440cb2751290593c2a63b
parent2dd04a873bc3d4b3ca50121347a8c702d097a2df [diff] [blame]
hwc: qservice: Pass through binder calls

Pass through binder calls for non qservice calls.

Change-Id: I9cae0d40b8377bda9627fbc3e6f90d5aed1f1e0f
Signed-off-by: Iliyan Malchev <malchev@google.com>

diff --git a/libqservice/IQService.cpp b/libqservice/IQService.cpp
index 5f71732..420d59c 100644
--- a/libqservice/IQService.cpp
+++ b/libqservice/IQService.cpp

@@ -26,6 +26,7 @@
 #include <binder/IInterface.h>
 #include <binder/IPCThreadState.h>
 #include <utils/Errors.h>
+#include <private/android_filesystem_config.h>
 
 #include <IQService.h>
 
@@ -68,25 +69,32 @@
     // IPC should be from mediaserver only
     IPCThreadState* ipc = IPCThreadState::self();
     const int callerPid = ipc->getCallingPid();
+    const int callerUid = ipc->getCallingUid();
     const size_t MAX_BUF_SIZE = 1024;
-    const char *mediaServer = "/system/bin/mediaserver";
     char callingProcName[MAX_BUF_SIZE] = {0};
 
     getProcName(callerPid, callingProcName, MAX_BUF_SIZE);
-    if(strcmp(callingProcName, mediaServer) != 0 ) { //Some rogue process
-        ALOGE("No Permission:can't access display.qservice pid=%d process=%s",
-                callerPid, callingProcName);
-        return PERMISSION_DENIED;
-    }
+
+    const bool permission = (callerUid == AID_MEDIA);
 
     switch(code) {
         case SECURING: {
+            if(!permission) {
+                ALOGE("display.qservice SECURING access denied: pid=%d uid=%d process=%s",
+                      callerPid, callerUid, callingProcName);
+                return PERMISSION_DENIED;
+            }
             CHECK_INTERFACE(IQService, data, reply);
             uint32_t startEnd = data.readInt32();
             securing(startEnd);
             return NO_ERROR;
         } break;
         case UNSECURING: {
+            if(!permission) {
+                ALOGE("display.qservice UNSECURING access denied: pid=%d uid=%d process=%s",
+                      callerPid, callerUid, callingProcName);
+                return PERMISSION_DENIED;
+            }
             CHECK_INTERFACE(IQService, data, reply);
             uint32_t startEnd = data.readInt32();
             unsecuring(startEnd);