commit 2e036c98b4e5d9871840bc87e31db45b38cfec7e
author Yifan Hong <elsk@google.com> Tue Mar 07 13:18:12 2017 -0800
committer Yifan Hong <elsk@google.com> Wed Mar 08 17:08:18 2017 -0800
tree aee1a2e90d99c43b4f332a78a29b780f71ec1db2
parent 3ac9f70571828f62152e1c0c84b2d655fd2e83bd

Disable getDebugInfo address leak for production builds.

On production builds debugfs won't be available, so lshal cannot
infer binder relationships anyway. The address leak on production
builds also expose a security hole for address space attacks.
Added a build-time flag to disable the address leak on user builds.
The address will still be exposed for eng and userdebug builds so
that lshal can work properly.

Bug: 34899586
Test: lshal still works
Change-Id: Ib28b03fa1aab344cb0c49880640076493db6ff37

Interface.cpp

diff --git a/Interface.cpp b/Interface.cpp
index 154f91e..abf7317 100644
--- a/Interface.cpp
+++ b/Interface.cpp
@@ -328,9 +328,15 @@
             },
             {IMPL_STUB_IMPL,
                 [this](auto &out) {
-                    out << "_hidl_cb({ getpid(), reinterpret_cast<uint64_t>(this), \n"
-                        << sArch
-                        << "});\n"
+                    out << "_hidl_cb(";
+                    out.block([&] {
+                        out << "::android::hardware::details::debuggable()"
+                            << "? getpid() : -1 /* pid */,\n"
+                            << "::android::hardware::details::debuggable()"
+                            << "? reinterpret_cast<uint64_t>(this) : 0 /* ptr */,\n"
+                            << sArch << "\n";
+                    });
+                    out << ");\n"
                         << "return ::android::hardware::Void();";
                 }
             }