Skip to content

Commit eceec32

Browse files
zhangxp1998Gerrit Code Review
zhangxp1998
authored and
Gerrit Code Review
committed
Revert "Add UID permission check to update_engine"
This reverts commit 596969b. Reason for revert: Pixel doesn't go through system_server for update_engine APIs, therefore UID is not system Change-Id: I7723e4c8b35f5f252eadb36b2a871a0b24950805
1 parent 596969b commit eceec32

5 files changed

+2
-123
lines changed

Android.bp

-1
Original file line numberDiff line numberDiff line change
@@ -516,7 +516,6 @@ cc_defaults {
516516
"aosp/hardware_android.cc",
517517
"aosp/logging_android.cc",
518518
"aosp/network_selector_android.cc",
519-
"aosp/permission.cc",
520519
"aosp/update_attempter_android.cc",
521520
"certificate_checker.cc",
522521
"download_action.cc",

aosp/binder_service_android.cc

-42
Original file line numberDiff line numberDiff line change
@@ -22,10 +22,8 @@
2222
#include <base/logging.h>
2323
#include <binderwrapper/binder_wrapper.h>
2424
#include <utils/String8.h>
25-
#include <android-base/stringprintf.h>
2625

2726
#include "update_engine/aosp/binder_service_android_common.h"
28-
#include "update_engine/aosp/permission.h"
2927

3028
using android::binder::Status;
3129
using android::os::IUpdateEngineCallback;
@@ -36,7 +34,6 @@ using update_engine::UpdateEngineStatus;
3634

3735
namespace chromeos_update_engine {
3836

39-
4037
BinderUpdateEngineAndroidService::BinderUpdateEngineAndroidService(
4138
ServiceDelegateAndroidInterface* service_delegate)
4239
: service_delegate_(service_delegate) {}
@@ -59,9 +56,6 @@ void BinderUpdateEngineAndroidService::SendPayloadApplicationComplete(
5956

6057
Status BinderUpdateEngineAndroidService::bind(
6158
const android::sp<IUpdateEngineCallback>& callback, bool* return_value) {
62-
if (const auto status = CheckCallingUid(); !status.isOk()) {
63-
return status;
64-
}
6559
// Send an status update on connection (except when no update sent so far).
6660
// Even though the status update is oneway, it still returns an erroneous
6761
// status in case of a selinux denial. We should at least check this status
@@ -91,9 +85,6 @@ Status BinderUpdateEngineAndroidService::bind(
9185

9286
Status BinderUpdateEngineAndroidService::unbind(
9387
const android::sp<IUpdateEngineCallback>& callback, bool* return_value) {
94-
if (const auto status = CheckCallingUid(); !status.isOk()) {
95-
return status;
96-
}
9788
const android::sp<IBinder>& callback_binder =
9889
IUpdateEngineCallback::asBinder(callback);
9990
auto binder_wrapper = android::BinderWrapper::Get();
@@ -108,9 +99,6 @@ Status BinderUpdateEngineAndroidService::applyPayload(
10899
int64_t payload_offset,
109100
int64_t payload_size,
110101
const vector<android::String16>& header_kv_pairs) {
111-
if (const auto status = CheckCallingUid(); !status.isOk()) {
112-
return status;
113-
}
114102
const string payload_url{android::String8{url}.c_str()};
115103
vector<string> str_headers = ToVecString(header_kv_pairs);
116104

@@ -127,9 +115,6 @@ Status BinderUpdateEngineAndroidService::applyPayloadFd(
127115
int64_t payload_offset,
128116
int64_t payload_size,
129117
const vector<android::String16>& header_kv_pairs) {
130-
if (const auto status = CheckCallingUid(); !status.isOk()) {
131-
return status;
132-
}
133118
vector<string> str_headers = ToVecString(header_kv_pairs);
134119

135120
Error error;
@@ -141,39 +126,27 @@ Status BinderUpdateEngineAndroidService::applyPayloadFd(
141126
}
142127

143128
Status BinderUpdateEngineAndroidService::suspend() {
144-
if (const auto status = CheckCallingUid(); !status.isOk()) {
145-
return status;
146-
}
147129
Error error;
148130
if (!service_delegate_->SuspendUpdate(&error))
149131
return ErrorPtrToStatus(error);
150132
return Status::ok();
151133
}
152134

153135
Status BinderUpdateEngineAndroidService::resume() {
154-
if (const auto status = CheckCallingUid(); !status.isOk()) {
155-
return status;
156-
}
157136
Error error;
158137
if (!service_delegate_->ResumeUpdate(&error))
159138
return ErrorPtrToStatus(error);
160139
return Status::ok();
161140
}
162141

163142
Status BinderUpdateEngineAndroidService::cancel() {
164-
if (const auto status = CheckCallingUid(); !status.isOk()) {
165-
return status;
166-
}
167143
Error error;
168144
if (!service_delegate_->CancelUpdate(&error))
169145
return ErrorPtrToStatus(error);
170146
return Status::ok();
171147
}
172148

173149
Status BinderUpdateEngineAndroidService::resetStatus() {
174-
if (const auto status = CheckCallingUid(); !status.isOk()) {
175-
return status;
176-
}
177150
Error error;
178151
if (!service_delegate_->ResetStatus(&error))
179152
return ErrorPtrToStatus(error);
@@ -182,9 +155,6 @@ Status BinderUpdateEngineAndroidService::resetStatus() {
182155

183156
Status BinderUpdateEngineAndroidService::setShouldSwitchSlotOnReboot(
184157
const android::String16& metadata_filename) {
185-
if (const auto status = CheckCallingUid(); !status.isOk()) {
186-
return status;
187-
}
188158
Error error;
189159
if (!service_delegate_->setShouldSwitchSlotOnReboot(
190160
android::String8(metadata_filename).c_str(), &error)) {
@@ -194,9 +164,6 @@ Status BinderUpdateEngineAndroidService::setShouldSwitchSlotOnReboot(
194164
}
195165

196166
Status BinderUpdateEngineAndroidService::resetShouldSwitchSlotOnReboot() {
197-
if (const auto status = CheckCallingUid(); !status.isOk()) {
198-
return status;
199-
}
200167
Error error;
201168
if (!service_delegate_->resetShouldSwitchSlotOnReboot(&error)) {
202169
return ErrorPtrToStatus(error);
@@ -206,9 +173,6 @@ Status BinderUpdateEngineAndroidService::resetShouldSwitchSlotOnReboot() {
206173

207174
Status BinderUpdateEngineAndroidService::verifyPayloadApplicable(
208175
const android::String16& metadata_filename, bool* return_value) {
209-
if (const auto status = CheckCallingUid(); !status.isOk()) {
210-
return status;
211-
}
212176
const std::string payload_metadata{
213177
android::String8{metadata_filename}.c_str()};
214178
LOG(INFO) << "Received a request of verifying payload metadata in "
@@ -240,9 +204,6 @@ Status BinderUpdateEngineAndroidService::allocateSpaceForPayload(
240204
const android::String16& metadata_filename,
241205
const vector<android::String16>& header_kv_pairs,
242206
int64_t* return_value) {
243-
if (const auto status = CheckCallingUid(); !status.isOk()) {
244-
return status;
245-
}
246207
const std::string payload_metadata{
247208
android::String8{metadata_filename}.c_str()};
248209
vector<string> str_headers = ToVecString(header_kv_pairs);
@@ -285,9 +246,6 @@ class CleanupSuccessfulUpdateCallback
285246

286247
Status BinderUpdateEngineAndroidService::cleanupSuccessfulUpdate(
287248
const android::sp<IUpdateEngineCallback>& callback) {
288-
if (const auto status = CheckCallingUid(); !status.isOk()) {
289-
return status;
290-
}
291249
Error error;
292250
service_delegate_->CleanupSuccessfulUpdate(
293251
std::make_unique<CleanupSuccessfulUpdateCallback>(callback), &error);

aosp/permission.cc

-39
This file was deleted.

aosp/permission.h

-40
This file was deleted.

common/daemon_state_interface.h

+2-1
Original file line numberDiff line numberDiff line change
@@ -41,7 +41,8 @@ class DaemonStateInterface {
4141

4242
protected:
4343
DaemonStateInterface() = default;
44-
DaemonStateInterface(const DaemonStateInterface&) = delete;
44+
45+
DISALLOW_COPY_AND_ASSIGN(DaemonStateInterface);
4546
};
4647

4748
} // namespace chromeos_update_engine

0 commit comments

Comments
 (0)