HIDL libs are not necessarily part of VNDK now. Because some are
used by VNDK libs, they are still VNDK. But rest are now just
vendor-available.
.hidl_for_test files are also removed because they are used to exclude
test-purpose hidl libs from VNDK libs.
Instead, .hidl_for_system_ext files are added to tests/lazy to
distinguish them from others which are installed /system.
Bug: 143933769
Test: update-makefiles.sh && m com.android.vndk.current
Merged-In: Ia81312dda340b6b5cbdd7a3c21e1d323bda39a4a
Change-Id: Ia81312dda340b6b5cbdd7a3c21e1d323bda39a4a
(cherry picked from commit b0907a6bb8)
This change renames the IMemory raw pointer accessors to
unsecure*() to make it apparent to coders and code reviewers
that the returned buffer may potentially be shared with
untrusted processes, who may, after the fact, attempt to
read and/or modify the contents. This may lead to hard to
find security bugs and hopefully the rename makes it harder
to forget.
The change also attempts to fix all the callsites to make
everything build correctly, but in the processes, wherever the
callsite code was not obviously secure, I added a TODO requesting
the owners to either document why it's secure or to change the
code. Apologies in advance to the owners if there are some false
positives here - I don't have enough context to reason about all
the different callsites.
Test: Completely syntactic change. Made sure code still builds.
Change-Id: Icfde96b17f8c763dcf304456c224127310c1c289
Since these were combined into libhidlbase.
Bug: 135686713
Test: build only (libhwbinder/libhidltransport are empty)
Change-Id: I075670b64eebbbbd6a6ae0e84ad51bf1c6f5ba36
hidl-generated makefiles are now generated such that bpfmt(file) == file.
Bug: 67417008
Test: enable bpfmt hook
Change-Id: I1f69d292bc23a7cc293a66110cb02d597e1019ad
Rename registerServiceWithCallback to registerService
Test: Build and check that cas functions as a lazy hal as before
Change-Id: Id7aac4a4b34e5891e81dcb9ead1239a37c1a70c8
Test: Modify aosp_marlin-userdebug to use android.hardware.cas@1.0-service-lazy
and run CtsMediaTestCases
Change-Id: I4f8329b13c7a900cf4c2b14cec1017b6e40dd6c1
Change the plugin holder in both CasImpl and DescramblerImpl
to shared_ptr, and use atomic store/load for read/write.
bug: 73172817
Test:CTS MediaCasTest, VTS VtsHalCasV1_0Target, poc in bug
Change-Id: I3f1472d3b9d8d3dc74168c07325c5c319a96807d
Change the plugin holder in both CasImpl and DescramblerImpl
to shared_ptr, and use atomic store/load for read/write.
bug: 73172817
Test:CTS MediaCasTest, VTS VtsHalCasV1_0Target, poc in bug
Change-Id: I6b040680c28c38cef2fef3042f570dc64e86bb77
Hidl doesn't guarantee the server side method goes out of scope
before the client side returns. Even when client calls on the
same thread, the next method could overlap the previous call.
Next call can come in as soon as the hidl callback is called.
In case of openSession and release, there is a rare chance that
release call comes in before previous openSession is returned.
If this happens, the cas plugin object destructor is delayed to
the point when openSession goes out of scope (thus let go its
strong ref to the plugin). This violates our contract that the
plugin object and all associated sessions are released by the
time release() returns.
Manually clean up the strong ref before calling hidl callback
in openSession would fix this.
bug: 70544685
Change-Id: Id89a00591a354c8a46def3cc691dd8e28b4c971b
cas hal can't (and doesn't need to) use hidl_memory allocated by
hidl allocator. All real clients (MediaDescrambler jni, ACodec)
are using MemoryDealer-allocated ashmem only. Modify the test
to cover these cases.
bug: 67603039
test:
> make vts -j64
> vts-tradefed run vts -m VtsHalCasV1_0Target
Change-Id: Ib9563abc1a14c34781a28d15c7766c6c160d288a