Allow VNDK 'users' which are not foreground to connect to camera devices.

Bug: 125464062 Test: GCA (sanity) Test: Connect to a camera device using a HAL process, change the device user and connect again; connection is successful Change-Id: Ia25b961baa396fd383d089e400c6d877b9875955 Signed-off-by: Jayant Chowdhary <jchowdhary@google.com>
5 years ago · 8ec41c1eca
parent b8a07acca4
commit 8ec41c1eca
1 changed files with 3 additions and 2 deletions
--- a/services/camera/libcameraservice/CameraService.cpp
+++ b/services/camera/libcameraservice/CameraService.cpp
@ -972,8 +972,9 @@ Status CameraService::validateClientPermissionsLocked(const String8& cameraId,
    userid_t clientUserId = multiuser_get_user_id(clientUid);

    // Only allow clients who are being used by the current foreground device user, unless calling
-    // from our own process.
-    if (callingPid != getpid() && (mAllowedUsers.find(clientUserId) == mAllowedUsers.end())) {
+    // from our own process OR the caller is using the cameraserver's HIDL interface.
+    if (!hardware::IPCThreadState::self()->isServingCall() && callingPid != getpid() &&
+            (mAllowedUsers.find(clientUserId) == mAllowedUsers.end())) {
        ALOGE("CameraService::connect X (PID %d) rejected (cannot connect from "
                "device user %d, currently allowed device users: %s)", callingPid, clientUserId,
                toString(mAllowedUsers).string());