gugelfrei
/
android_frameworks_av
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge "Camera: Handle the case of calling Uid being cameraserver" into rvc-dev

Browse Source
gugelfrei
TreeHugger Robot 4 years ago committed by Android (Google) Code Review
parent f8673bf03d 2c656796f4
commit ec77ef6932
3 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File

8
services/camera/libcameraservice/CameraService.cpp
Unescape View File

@ -2742,7 +2742,7 @@ CameraService::BasicClient::BasicClient(const sp<CameraService>& cameraService,
mClientPackageName(clientPackageName), mClientPackageName(clientPackageName),
mClientPid(clientPid), mClientUid(clientUid), mClientPid(clientPid), mClientUid(clientUid),
mServicePid(servicePid), mServicePid(servicePid),
mDisconnected(false), mDisconnected(false), mUidIsTrusted(false),
mAudioRestriction(hardware::camera2::ICameraDeviceUser::AUDIO_RESTRICTION_NONE), mAudioRestriction(hardware::camera2::ICameraDeviceUser::AUDIO_RESTRICTION_NONE),
mRemoteBinder(remoteCallback) mRemoteBinder(remoteCallback)
{ {
@ -2791,6 +2791,8 @@ CameraService::BasicClient::BasicClient(const sp<CameraService>& cameraService,
if (getCurrentServingCall() != BinderCallType::HWBINDER) { if (getCurrentServingCall() != BinderCallType::HWBINDER) {
mAppOpsManager = std::make_unique<AppOpsManager>(); mAppOpsManager = std::make_unique<AppOpsManager>();
} }
mUidIsTrusted = isTrustedCallingUid(mClientUid);
} }
CameraService::BasicClient::~BasicClient() { CameraService::BasicClient::~BasicClient() {
@ -2905,7 +2907,9 @@ status_t CameraService::BasicClient::startCameraOps() {
return PERMISSION_DENIED; return PERMISSION_DENIED;
} }
if (res == AppOpsManager::MODE_IGNORED) { // If the calling Uid is trusted (a native service), the AppOpsManager could
// return MODE_IGNORED. Do not treat such case as error.
if (!mUidIsTrusted && res == AppOpsManager::MODE_IGNORED) {
ALOGI("Camera %s: Access for \"%s\" has been restricted", ALOGI("Camera %s: Access for \"%s\" has been restricted",
mCameraIdStr.string(), String8(mClientPackageName).string()); mCameraIdStr.string(), String8(mClientPackageName).string());
// Return the same error as for device policy manager rejection // Return the same error as for device policy manager rejection

1
services/camera/libcameraservice/CameraService.h
Unescape View File

@ -323,6 +323,7 @@ public:
const uid_t mClientUid; const uid_t mClientUid;
const pid_t mServicePid; const pid_t mServicePid;
bool mDisconnected; bool mDisconnected;
bool mUidIsTrusted;
mutable Mutex mAudioRestrictionLock; mutable Mutex mAudioRestrictionLock;
int32_t mAudioRestriction; int32_t mAudioRestriction;

4
services/camera/libcameraservice/api2/CameraOfflineSessionClient.cpp
Unescape View File

@ -197,7 +197,9 @@ status_t CameraOfflineSessionClient::startCameraOps() {
return PERMISSION_DENIED; return PERMISSION_DENIED;
} }
if (res == AppOpsManager::MODE_IGNORED) { // If the calling Uid is trusted (a native service), the AppOpsManager could
// return MODE_IGNORED. Do not treat such case as error.
if (!mUidIsTrusted && res == AppOpsManager::MODE_IGNORED) {
ALOGI("Offline Camera %s: Access for \"%s\" has been restricted", ALOGI("Offline Camera %s: Access for \"%s\" has been restricted",
mCameraIdStr.string(), String8(mClientPackageName).string()); mCameraIdStr.string(), String8(mClientPackageName).string());
// Return the same error as for device policy manager rejection // Return the same error as for device policy manager rejection

Write Preview
Loading…
Cancel
Save