From 8ec41c1ecaf3c29df14276f45e06cc95e54a4f67 Mon Sep 17 00:00:00 2001 From: Jayant Chowdhary Date: Thu, 21 Feb 2019 20:17:22 -0800 Subject: [PATCH] Allow VNDK 'users' which are not foreground to connect to camera devices. Bug: 125464062 Test: GCA (sanity) Test: Connect to a camera device using a HAL process, change the device user and connect again; connection is successful Change-Id: Ia25b961baa396fd383d089e400c6d877b9875955 Signed-off-by: Jayant Chowdhary --- services/camera/libcameraservice/CameraService.cpp | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/services/camera/libcameraservice/CameraService.cpp b/services/camera/libcameraservice/CameraService.cpp index e06897f492..e00539815e 100644 --- a/services/camera/libcameraservice/CameraService.cpp +++ b/services/camera/libcameraservice/CameraService.cpp @@ -972,8 +972,9 @@ Status CameraService::validateClientPermissionsLocked(const String8& cameraId, userid_t clientUserId = multiuser_get_user_id(clientUid); // Only allow clients who are being used by the current foreground device user, unless calling - // from our own process. - if (callingPid != getpid() && (mAllowedUsers.find(clientUserId) == mAllowedUsers.end())) { + // from our own process OR the caller is using the cameraserver's HIDL interface. + if (!hardware::IPCThreadState::self()->isServingCall() && callingPid != getpid() && + (mAllowedUsers.find(clientUserId) == mAllowedUsers.end())) { ALOGE("CameraService::connect X (PID %d) rejected (cannot connect from " "device user %d, currently allowed device users: %s)", callingPid, clientUserId, toString(mAllowedUsers).string());