Gitiles
Code Review Sign In
review.blissroms.org / platform_hardware_interfaces / 74268e6490d6c02a9d247bf7c9a2b12a9a53960f
commit74268e6490d6c02a9d247bf7c9a2b12a9a53960f[log] [tgz]
authorEnrico Granata <egranata@google.com>Fri Mar 16 15:55:02 2018 -0700
committerEnrico Granata <egranata@google.com>Fri Mar 16 18:31:27 2018 -0700
tree511edfefd40c54178908b5685d6e44bdad1336ad
parent31857339ef1178ea1c83c3288c636ae313a12105 [diff]
VehicleHal::set() should not be able to tamper with a property's AVAILABLE status
Properties being (UN)AVAILABLE is used as a one-way communication mechanism from the hardware
to the operating system, and not viceversa.

Add safety checks in our default HAL implementation to:
  - prevent Android from marking a property as UNAVAILABLE;
  - prevent Android from writing to an UNAVAILABLE property.

The combined effect of these two check is that only AVAILABLE properties are writable,
and they can never be flipped to UNAVAILABLE outside of the HAL implementation itself.

Bug: 74805437
Test: manual
Change-Id: Ib830427d604579015fa142f0fa76f8b73a68a452
1 file changed
tree: 511edfefd40c54178908b5685d6e44bdad1336ad
  1. audio/
  2. authsecret/
  3. automotive/
  4. biometrics/
  5. bluetooth/
  6. boot/
  7. broadcastradio/
  8. camera/
  9. cas/
  10. compatibility_matrices/
  11. configstore/
  12. confirmationui/
  13. contexthub/
  14. drm/
  15. dumpstate/
  16. gatekeeper/
  17. gnss/
  18. graphics/
  19. health/
  20. ir/
  21. keymaster/
  22. light/
  23. media/
  24. memtrack/
  25. neuralnetworks/
  26. nfc/
  27. oemlock/
  28. power/
  29. radio/
  30. renderscript/
  31. secure_element/
  32. sensors/
  33. soundtrigger/
  34. tests/
  35. tetheroffload/
  36. thermal/
  37. tv/
  38. usb/
  39. vibrator/
  40. vr/
  41. weaver/
  42. wifi/
  43. .clang-format
  44. Android.bp
  45. CleanSpec.mk
  46. current.txt
  47. MODULE_LICENSE_APACHE2
  48. NOTICE
  49. OWNERS
  50. PREUPLOAD.cfg
  51. update-base-files.sh
  52. update-makefiles.sh