Merge "VehicleHal::set() should not be able to tamper with a property's AVAILABLE status Properties being (UN)AVAILABLE is used as a one-way communication mechanism from the hardware to the operating system, and not viceversa." into pi-dev

2018-03-17 03:43:20 +00:00 · 2018-03-17 03:43:20 +00:00 · 7371502a1f
commit 7371502a1f
parent 1d853503ef 74268e6490
1 changed files with 17 additions and 0 deletions
--- a/automotive/vehicle/2.0/default/impl/vhal_v2_0/EmulatedVehicleHal.cpp
+++ b/automotive/vehicle/2.0/default/impl/vhal_v2_0/EmulatedVehicleHal.cpp
@ -138,6 +138,7 @@ StatusCode EmulatedVehicleHal::set(const VehiclePropValue& propValue) {
            return status;
        }
    } else if (mHvacPowerProps.count(propValue.prop)) {
+        // TODO(75328113): this should be handled by property status
        auto hvacPowerOn = mPropStore->readValueOrNull(
            toInt(VehicleProperty::HVAC_POWER_ON),
            (VehicleAreaZone::ROW_1_LEFT | VehicleAreaZone::ROW_1_RIGHT));
@ -165,6 +166,22 @@ StatusCode EmulatedVehicleHal::set(const VehiclePropValue& propValue) {
        }
    }

+    if (propValue.status != VehiclePropertyStatus::AVAILABLE) {
+        // Android side cannot set property status - this value is the
+        // purview of the HAL implementation to reflect the state of
+        // its underlying hardware
+        return StatusCode::INVALID_ARG;
+    }
+    auto currentPropValue = mPropStore->readValueOrNull(propValue);
+
+    if (currentPropValue == nullptr) {
+        return StatusCode::INVALID_ARG;
+    }
+    if (currentPropValue->status != VehiclePropertyStatus::AVAILABLE) {
+        // do not allow Android side to set() a disabled/error property
+        return StatusCode::NOT_AVAILABLE;
+    }
+
    if (!mPropStore->writeValue(propValue)) {
        return StatusCode::INVALID_ARG;
    }