Commit graph

75 commits

Author SHA1 Message Date
Ytai Ben-Tsvi
11107873aa Improve visibility of IMemory security risks
This change renames the IMemory raw pointer accessors to
unsecure*() to make it apparent to coders and code reviewers
that the returned buffer may potentially be shared with
untrusted processes, who may, after the fact, attempt to
read and/or modify the contents. This may lead to hard to
find security bugs and hopefully the rename makes it harder
to forget.

The change also attempts to fix all the callsites to make
everything build correctly, but in the processes, wherever the
callsite code was not obviously secure, I added a TODO requesting
the owners to either document why it's secure or to change the
code. Apologies in advance to the owners if there are some false
positives here - I don't have enough context to reason about all
the different callsites.

Test: Completely syntactic change. Made sure code still builds.
Change-Id: Icfde96b17f8c763dcf304456c224127310c1c289
2019-09-13 10:31:52 -07:00
Steven Moreland
b3a4d3832e Remove libhwbinder/libhidltransport deps
Since these were combined into libhidlbase.

Bug: 135686713
Test: build only (libhwbinder/libhidltransport are empty)
Change-Id: I075670b64eebbbbd6a6ae0e84ad51bf1c6f5ba36
2019-09-06 01:07:02 +00:00
Peter Kalauskas
caed24ba9b Convert LazyServiceRegistrar usage to singleton
Test: lshal
Bug: 139376253
Change-Id: I32cb803fb73aa15b52676847b6e7eb09b86657dc
2019-08-19 21:15:30 +00:00
Peter Kalauskas
0c7812c7f5 Merge "Convert LazyServiceRegistrar usage to singleton"
am: f71728f04b

Change-Id: Ia9c99cc1b986f266f0239aefcd74600d0c3485da
2019-08-16 11:54:24 -07:00
Peter Kalauskas
701e7f6616 Convert LazyServiceRegistrar usage to singleton
Test: lshal
Bug: 139376253
Change-Id: Ib1cbfabec23a488868e807a4a9c2b29cd960cc1e
2019-08-14 13:53:14 -07:00
Steven Moreland
b2ee26784b Fix cas build.
Bug/Test: N/A

Change-Id: I37eec1138d9a6eff92c7df30b4c1b7ba7a45e3ae
2019-07-16 14:44:10 -07:00
Steven Moreland
99712c08cc Update hidl makefiles for bpfmt
hidl-generated makefiles are now generated such that bpfmt(file) == file.

Bug: 67417008
Test: enable bpfmt hook
Change-Id: I53e5bf67a0d314e1b10c0ba0c7172a7af358ddcc
2019-04-18 18:13:05 -07:00
Steven Moreland
6d494b2346 Merge "Update hidl makefiles for bpfmt" am: ff0bd741ca
am: 96f40f7b02

Change-Id: Idbf030e4993067bdb8181321bca2de00c9b6f7ef
2019-04-18 14:34:45 -07:00
Steven Moreland
1ae4615d9f Update hidl makefiles for bpfmt
hidl-generated makefiles are now generated such that bpfmt(file) == file.

Bug: 67417008
Test: enable bpfmt hook
Change-Id: I1f69d292bc23a7cc293a66110cb02d597e1019ad
2019-04-17 09:38:50 -07:00
Steven Moreland
7f4e21adda Merge "Update makefies: no 'types'" am: 4ee5ec1469 am: bab622f6a6
am: 7224bc9bcf

Change-Id: I434939e0770afa436c532a945542fce30a71ef7d
2019-03-04 16:05:59 -08:00
Steven Moreland
a878aee9ab Update makefies: no 'types'
Bug: 123976090
Test: N/A
Change-Id: I30fb04c81889b62775e1b764b965fdb0f893de17
2019-03-04 11:27:17 -08:00
Henry Fang
a757b1bc0d Add VTS for cas@1.1 hal interface
Added sendSessionEvent and onSessionEvent test case,
so vts can cover new interface in cas@1.1
Test: Manual
bug: 123642769

Change-Id: I3e82a5a7c9d1e8721b2e4fdc2aaffacfe96b91d9
2019-02-12 12:28:03 -08:00
Henry Fang
3e3cbb7c21 Revert "Revert "Update cas@1.0 hal to cas@1.1""
This reverts commit 1b066c8d1d.

Reason for revert: <This CL isn't related to public API which triggered previous revert>

Change-Id: If1fa2a244e5f4ee7f978cda79421172da02220f1
2019-01-31 22:46:57 +00:00
Xusong Wang
1b066c8d1d Revert "Update cas@1.0 hal to cas@1.1"
This reverts commit f9f0a25b26.

Reason for revert: <INSERT REASONING HERE>

Change-Id: I32657e10fa8ff58dd351aa8e0b611195c2826f07
2019-01-31 01:04:02 +00:00
Henry Fang
f9f0a25b26 Update cas@1.0 hal to cas@1.1
Add sendSessionEvent to notify hal what happened on a session.
Add onSessionEvent to listen notification from hal for a session
Test: manual
Bug: 122472761

Change-Id: I98434325915e7bee57e63bdeeedba9ed5578e493
2019-01-28 15:14:32 -08:00
TreeHugger Robot
758ebb9aee Merge "cas: retrieve detailed error from descrambler" 2019-01-15 20:41:05 +00:00
Chong Zhang
521f69550c cas: retrieve detailed error from descrambler
Retrieve detailed error and pass back to client.

bug: 120301718
Change-Id: Iab4324c38318b7aaf73fc4072c6aeb12c3862e06
2019-01-04 12:12:25 -08:00
Peter Kalauskas
b4abef9b0a Rename registerServiceWithCallback
Rename registerServiceWithCallback to registerService

Test: Build and check that cas functions as a lazy hal as before
Change-Id: Id7aac4a4b34e5891e81dcb9ead1239a37c1a70c8
2019-01-03 15:23:12 -08:00
Peter Kalauskas
d6efaf4e7c Fix bug where lazy cas rc file ran wrong service
Test: Modify aosp_marlin-userdebug to use android.hardware.cas@1.0-service-lazy
      and run CtsMediaTestCases
Change-Id: I4f8329b13c7a900cf4c2b14cec1017b6e40dd6c1
2018-12-14 21:31:12 +00:00
Keun Soo YIM
68ae05dd2d pack VTS cc_test binaries as general-tests
Test: make general-tests
Bug: 120093339
Merged-In: I363450d205868f900e4925ccff1430e2a569f2a4
Change-Id: I363450d205868f900e4925ccff1430e2a569f2a4
2018-12-07 10:49:56 -08:00
Peter Kalauskas
f646be06ed Add separate lazy service target to cas
Test: Run cts test android.media.cts.MediaCasTest
Bug: 119050069
Change-Id: I5117e4d10931affe85f2a0bb437d2fefb291e18f
2018-11-28 11:56:04 -08:00
Peter Kalauskas
bf608fcc23 Convert IMediaCasService to use vintf_fragments
Bug: 119669996
Test: Run cts CtsMediaTestCases
Change-Id: I841c64523ce506b923a530b7fb6f2476b4607661
2018-11-20 16:49:06 -08:00
Chong Zhang
42eca4926f cas: do not use hidl_memory if size is > SIZE_MAX
am: e1ce74509e

Change-Id: I4fe12a4ec828605413329d2f771f66bb12e3e9e9
2018-05-11 14:12:51 -07:00
Chong Zhang
e1ce74509e cas: do not use hidl_memory if size is > SIZE_MAX
Bug: 79376389
Test:
POC in bug; CTS MediaCasTest.

Change-Id: Ia3ecf9664ab69ce293e10b73bc20c37a9992db9f
2018-05-10 14:33:47 -07:00
TreeHugger Robot
6b6b1d2c1a Merge "Correct type of appData field" into pi-dev 2018-04-10 04:25:29 +00:00
Chong Zhang
9c6e0dc952 Correct type of appData field
bug: 77732157

test: CTS MediaCasTest; VTS VtsHalCasV1_0Target.
Change-Id: I18b4e9afb52fee72d55b13a48ac1339cf4728983
2018-04-09 12:36:21 -07:00
Chong Zhang
4aabc95234 cas: fix UAF in descrambler
Change the plugin holder in both CasImpl and DescramblerImpl
to shared_ptr, and use atomic store/load for read/write.

bug: 73172817
Test:CTS MediaCasTest, VTS VtsHalCasV1_0Target, poc in bug
Change-Id: I3f1472d3b9d8d3dc74168c07325c5c319a96807d
2018-03-23 18:50:38 -07:00
Chong Zhang
addcb3aa51 cas: fix UAF in descrambler -- DO NOT MERGE
Change the plugin holder in both CasImpl and DescramblerImpl
to shared_ptr, and use atomic store/load for read/write.

bug: 73172817
Test:CTS MediaCasTest, VTS VtsHalCasV1_0Target, poc in bug
Change-Id: I6b040680c28c38cef2fef3042f570dc64e86bb77
2018-03-24 01:46:21 +00:00
Chong Zhang
d2eb83e668 MediaCas: use HidlMemory to avoid handle leaks
bug: 67710751
test: VTS VtsHalCasV1_0Target test
Change-Id: Ia9a3c38b755a1aeb1d16dba30217055e6f0c27e2
2018-02-15 15:45:35 -08:00
Zhuoyao Zhang
a964d83a1f Merge "Convert cas hal test to use VtsHalHidlTargetTestEnvBase" am: fadafee26a am: 16465a4b37
am: 707258b232

Change-Id: Ia1cd0ec1ed287ff20f64ea840dadcbc539981091
2018-02-09 20:42:12 +00:00
Zhuoyao Zhang
707258b232 Merge "Convert cas hal test to use VtsHalHidlTargetTestEnvBase" am: fadafee26a
am: 16465a4b37

Change-Id: I7b339163bf8a857f7d6409533f35d9c7b740b717
2018-02-09 20:34:39 +00:00
Zhuoyao Zhang
a5e6707e9c Convert cas hal test to use VtsHalHidlTargetTestEnvBase
Bug: 64203181
Test: make vts
      vts-tradefed run vts -m VtsHalCasV1_0Target

Change-Id: If8174499b0fce2404fa3f363bc3ec439092c4068
2018-02-08 21:31:01 -08:00
Steven Moreland
905ca6a633 Merge "Remove conditional vndbinder usage in CAS." am: 231626d43d
am: 897864234e

Change-Id: Ifcd1c61e5655c9667576c5fe38c6ed0fe269b6cf
2017-12-15 20:20:10 +00:00
TreeHugger Robot
58983cb2b2 Merge "cas: manually clear strong ref before callback" 2017-12-14 08:46:11 +00:00
TreeHugger Robot
6658796be0 Merge "Reland "Remove conditional vndbinder usage in CAS."" 2017-12-14 04:01:11 +00:00
Steven Moreland
11a8a0e183 Reland "Remove conditional vndbinder usage in CAS."
Fugu kernels have been updated.
Bug: 70393284
Test: fugu boots

This reverts commit e9fb979b1e.

Change-Id: I976a0df6279e6ae7d334fa22e3c2c83bb3e285b7
2017-12-13 21:35:44 +00:00
Chong Zhang
ea3f07b614 cas: manually clear strong ref before callback
Hidl doesn't guarantee the server side method goes out of scope
before the client side returns. Even when client calls on the
same thread, the next method could overlap the previous call.
Next call can come in as soon as the hidl callback is called.

In case of openSession and release, there is a rare chance that
release call comes in before previous openSession is returned.
If this happens, the cas plugin object destructor is delayed to
the point when openSession goes out of scope (thus let go its
strong ref to the plugin). This violates our contract that the
plugin object and all associated sessions are released by the
time release() returns.

Manually clean up the strong ref before calling hidl callback
in openSession would fix this.

bug: 70544685
Change-Id: Id89a00591a354c8a46def3cc691dd8e28b4c971b
2017-12-12 22:09:20 -08:00
TreeHugger Robot
8573894006 Merge "cas: add vts test to catch oob in descrambling requests" 2017-12-09 06:20:37 +00:00
Steven Moreland
e9fb979b1e Revert "Remove conditional vndbinder usage in CAS."
This reverts commit 5884a6f0f3.
Bug: 70393284

Reason for revert: Fugu doesn't have vndbinder yet.
Exempt-from-owner-approval: Device doesn't boot.

Change-Id: Ib23691c102fd8aca63a4a6755eb7fd1f9e852a4d
2017-12-08 19:34:26 +00:00
Steven Moreland
75673fc6ac Remove conditional vndbinder usage in CAS.
Platform consistency, removing overload of meaning
behind PRODUCT_FULL_TREBLE/treble variable.

Bug: 67975337
Test: boot
Change-Id: I09df37fc0306f80879424334029ab9668cee9d4f
Merged-In: I09df37fc0306f80879424334029ab9668cee9d4f
2017-12-06 16:12:41 -08:00
Steven Moreland
4e1e4081e4 Updating makefiles for hidl_interface.
Bug: 64487114
Test: manual
Merged-In: Ie13d9e014cf2b81c18c67f551b4644fb9f0ba812
Change-Id: Ie13d9e014cf2b81c18c67f551b4644fb9f0ba812
(cherry-picked from commit c2f829a1d2)
2017-12-03 10:31:49 -08:00
Steven Moreland
5884a6f0f3 Remove conditional vndbinder usage in CAS.
Platform consistency, removing overload of meaning
behind PRODUCT_FULL_TREBLE/treble variable.

Bug: 67975337
Test: boot
Change-Id: I09df37fc0306f80879424334029ab9668cee9d4f
2017-11-29 12:51:31 -08:00
Steven Moreland
e5c6548346 Remove subdirs
Removing whenever I see these in code reviews.

Test: none
Merged-In: I4322f533a837d55618ec2ed2125e8966ace9d61d
Change-Id: I4322f533a837d55618ec2ed2125e8966ace9d61d
2017-11-28 14:23:43 -08:00
Steven Moreland
8b76a6b90d Remove subdirs
Removing whenever I see these in code reviews.

Test: none
Merged-In: I4322f533a837d55618ec2ed2125e8966ace9d61d
Change-Id: I4322f533a837d55618ec2ed2125e8966ace9d61d
2017-11-28 14:22:55 -08:00
Steven Moreland
fcca4e23b7 Remove subdirs
Removing whenever I see these in code reviews.

Test: none
Merged-In: I4322f533a837d55618ec2ed2125e8966ace9d61d
Change-Id: I4322f533a837d55618ec2ed2125e8966ace9d61d
2017-11-28 14:22:43 -08:00
Chong Zhang
95cc5af781 cas: add vts test to catch oob in descrambling requests
bug: 67962232

test:
cts MediaCasTest
vts VtsHalCasV1_0Target

Change-Id: I825e8cefb0d6f8e183e96ee2ebfbe0be1572dca8
2017-11-21 10:54:40 -08:00
Steven Moreland
c2f829a1d2 Updating makefiles for hidl_interface.
Bug: 64487114
Test: manual
Merged-In: Ie13d9e014cf2b81c18c67f551b4644fb9f0ba812
Change-Id: Ie13d9e014cf2b81c18c67f551b4644fb9f0ba812
2017-11-13 11:39:07 -08:00
Steven Moreland
8db261bc99 Updating makefiles for hidl_interface.
Bug: 64487114
Test: manual
Merged-In: Ie13d9e014cf2b81c18c67f551b4644fb9f0ba812
Change-Id: Ie13d9e014cf2b81c18c67f551b4644fb9f0ba812
2017-11-13 10:00:18 -08:00
Chong Zhang
5e17666308 Merge "cas: validate shared buffer size before using" into oc-mr1-dev am: 6a8fab9781
am: 66905b8168

Change-Id: Ibeb02056beeef366e1724f8b992b438f2363c997
2017-11-10 09:08:05 +00:00
Chong Zhang
16a3cd0b07 cas: validate shared buffer size before using
bug: 67962232

test:
cts MediaCasTest
vts VtsHalCasV1_0Target

Change-Id: I20b89d5971db4c89704245bb00c281af8c943697
2017-10-31 11:53:39 -07:00