Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Android Binder clearing caller identity

Tags:

android

android-source

android-binder

Recently I read Android source codes and find that a pair of methods are always called when doing some Binder IPC call. I read the comment, but I can't clearly know the root reason. The pair of method is as follow:

final long origId = Binder.clearCallingIdentity();

//other local method.

Binder.restoreCallingIdentity(origId);

Does anyone know what's the function of that pair of method? It seems to relate to permission.

like image 427
Crystal Jake Avatar asked Apr 15 '13 00:04

Crystal Jake

2 Answers

Although the question is old, it's worth putting more details in addition to the official method description.

Apart from (or along with) IPC the key role of the Binder framework in Android is security.

Each Binder transaction runs under the identity (PID and UID) of the calling process (caller) so that the called process (callee) could inspect the calling process' permissions and decide whether the requested method can be executed.

If such a transaction needs to be (temporary) running under the callee's identity, the caller's one can be cleared and later restored with the calls to Binder.clearCallingIdentity() and Binder.restoreCallingIdentity(long) respectively. Between the calls the callee's permissions will be checked.

As an example consider the system services (AOSP location: /frameworks/base/services/java/com/android/server). Running in the system_server process, UID=1000, the services can temporarily clear the caller's identity in order to pass the permission checks.

like image 94
Onik Avatar answered Sep 21 '22 12:09

Onik

I don't think I can answer better than the description in the official APIs: http://developer.android.com/reference/android/os/Binder.html

public static final long clearCallingIdentity ()

Reset the identity of the incoming IPC on the current thread. This can be useful if, while handling an incoming call, you will be calling on interfaces of other objects that may be local to your process and need to do permission checks on the calls coming into them (so they will check the permission of your own local process, and not whatever process originally called you).

like image 28
Adrian Taylor Avatar answered Sep 19 '22 12:09

Adrian Taylor
Sign in to Comment

Related questions

E/BluetoothAdapter(883): Bluetooth binder is null
Android: Different style (textSize) for different layout sizes
ScrollView: Pass touch events to children
Android Master/Detail flow inside ViewPager
java.sql.SQLException: Unable to run insert stmt on object
How to create OBB files USING jobb tool Android
How to use Ant to auto renaming output apk file?
Stop Java thread which call JNI function
android:nextFocusForward is ignored in layout
FileObserver -> onEvent(event, path): path is NULL
Gson serialization error class com.activeandroid.DatabaseHelper declares multiple JSON fields named mContext
android eclipse button OnClick event
Layout Folder name for 7" Tablet
How to find whether if user clicked spinner in Android?
What is the proper locale code for Android for Simplified Chinese and Portugese-Brazil?
replace character inside TextWatcher in android
In ViewPager, on sliding to 3rd tab, child fragment in tab1 disappears
Android: Change button text in DatePickerDialog / TimePickerDialog
Facebook Android SDK Session openForPublish not creating a new session
How is cross platform mobile development done in practice today (year 2013)? [closed]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!