Coalesce CameraThreadState and AttributionAndPermissionUtils
The calling UID / PID are ways of attributing the camera client to
the caller, and so fall under the scope of this utility class.
Change-Id: I06af9264d1ca68eaccc4c6e4c01b9d09dd20e5ad
Bug: 190657833
Test: CtsCameraTestCases
diff --git a/services/camera/libcameraservice/Android.bp b/services/camera/libcameraservice/Android.bp
index c9e9090..b9b30f6 100644
--- a/services/camera/libcameraservice/Android.bp
+++ b/services/camera/libcameraservice/Android.bp
@@ -188,7 +188,6 @@
"aidl/DeathPipe.cpp",
"utils/AttributionAndPermissionUtils.cpp",
"utils/CameraServiceProxyWrapper.cpp",
- "utils/CameraThreadState.cpp",
"utils/CameraTraces.cpp",
"utils/AutoConditionLock.cpp",
"utils/SchedulingPolicyUtils.cpp",
diff --git a/services/camera/libcameraservice/CameraService.cpp b/services/camera/libcameraservice/CameraService.cpp
index 26208c5..e30775d 100644
--- a/services/camera/libcameraservice/CameraService.cpp
+++ b/services/camera/libcameraservice/CameraService.cpp
@@ -81,7 +81,6 @@
#include "api2/CameraDeviceClient.h"
#include "utils/CameraTraces.h"
#include "utils/TagMonitor.h"
-#include "utils/CameraThreadState.h"
#include "utils/CameraServiceProxyWrapper.h"
#include "utils/SessionConfigurationUtils.h"
@@ -174,12 +173,6 @@
}
}
-// The word 'System' here does not refer to clients only on the system
-// partition. They just need to have a android system uid.
-static bool doesClientHaveSystemUid() {
- return (CameraThreadState::getCallingUid() < AID_APP_START);
-}
-
// Enable processes with isolated AID to request the binder
void CameraService::instantiate() {
CameraService::publish(true);
@@ -757,8 +750,8 @@
ATRACE_CALL();
Mutex::Autolock l(mServiceLock);
bool hasSystemCameraPermissions =
- hasPermissionsForSystemCamera(std::string(), CameraThreadState::getCallingPid(),
- CameraThreadState::getCallingUid());
+ hasPermissionsForSystemCamera(std::string(), getCallingPid(),
+ getCallingUid());
switch (type) {
case CAMERA_TYPE_BACKWARD_COMPATIBLE:
if (hasSystemCameraPermissions) {
@@ -785,8 +778,8 @@
Status CameraService::remapCameraIds(const hardware::CameraIdRemapping& cameraIdRemapping) {
if (!checkCallingPermission(toString16(sCameraInjectExternalCameraPermission))) {
- const int pid = CameraThreadState::getCallingPid();
- const int uid = CameraThreadState::getCallingUid();
+ const int pid = getCallingPid();
+ const int uid = getCallingUid();
ALOGE("%s: Permission Denial: can't configure camera ID mapping pid=%d, uid=%d",
__FUNCTION__, pid, uid);
return STATUS_ERROR(ERROR_PERMISSION_DENIED,
@@ -817,7 +810,7 @@
}
const std::string cameraId = resolveCameraId(unresolvedCameraId,
- CameraThreadState::getCallingUid());
+ getCallingUid());
binder::Status res;
if (request == nullptr) {
@@ -873,7 +866,7 @@
}
const std::string cameraId = resolveCameraId(unresolvedCameraId,
- CameraThreadState::getCallingUid());
+ getCallingUid());
if (supported == nullptr) {
std::string msg = fmt::sprintf("Camera %s: Invalid 'support' input!",
unresolvedCameraId.c_str());
@@ -930,7 +923,7 @@
}
const std::string cameraId =
- resolveCameraId(unresolvedCameraId, CameraThreadState::getCallingUid());
+ resolveCameraId(unresolvedCameraId, getCallingUid());
if (outMetadata == nullptr) {
std::string msg =
@@ -1047,7 +1040,7 @@
mServiceLock.unlock();
// Clear calling identity for disconnect() PID checks.
- int64_t token = CameraThreadState::clearCallingIdentity();
+ int64_t token = clearCallingIdentity();
// Disconnect clients.
for (auto& clientSp : clientsToDisconnect) {
@@ -1059,7 +1052,7 @@
// Invoke destructors (which call disconnect()) now while we don't hold the mServiceLock.
clientsToDisconnect.clear();
- CameraThreadState::restoreCallingIdentity(token);
+ restoreCallingIdentity(token);
mServiceLock.lock();
{
@@ -1074,8 +1067,8 @@
const std::string& cameraId,
const CameraMetadata& sessionParams) {
if (!checkCallingPermission(toString16(sCameraInjectExternalCameraPermission))) {
- const int pid = CameraThreadState::getCallingPid();
- const int uid = CameraThreadState::getCallingUid();
+ const int pid = getCallingPid();
+ const int uid = getCallingUid();
ALOGE("%s: Permission Denial: can't inject session params pid=%d, uid=%d",
__FUNCTION__, pid, uid);
return STATUS_ERROR(ERROR_PERMISSION_DENIED,
@@ -1153,7 +1146,7 @@
Mutex::Autolock l(mServiceLock);
std::string unresolvedCameraId = cameraIdIntToStrLocked(cameraId);
std::string cameraIdStr = resolveCameraId(
- unresolvedCameraId, CameraThreadState::getCallingUid());
+ unresolvedCameraId, getCallingUid());
if (shouldRejectSystemCameraConnection(cameraIdStr)) {
return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION, "Unable to retrieve camera"
@@ -1166,7 +1159,7 @@
"Camera subsystem is not available");
}
bool hasSystemCameraPermissions = hasPermissionsForSystemCamera(std::to_string(cameraId),
- CameraThreadState::getCallingPid(), CameraThreadState::getCallingUid());
+ getCallingPid(), getCallingUid());
int cameraIdBound = mNumberOfCamerasWithoutSystemCamera;
if (hasSystemCameraPermissions) {
cameraIdBound = mNumberOfCameras;
@@ -1193,8 +1186,8 @@
std::string CameraService::cameraIdIntToStrLocked(int cameraIdInt) {
const std::vector<std::string> *deviceIds = &mNormalDeviceIdsWithoutSystemCamera;
- auto callingPid = CameraThreadState::getCallingPid();
- auto callingUid = CameraThreadState::getCallingUid();
+ auto callingPid = getCallingPid();
+ auto callingUid = getCallingUid();
bool systemCameraPermissions = hasPermissionsForSystemCamera(std::to_string(cameraIdInt),
callingPid, callingUid, /* checkCameraPermissions= */ false);
if (systemCameraPermissions || getpid() == callingPid) {
@@ -1219,7 +1212,7 @@
ATRACE_CALL();
const std::string cameraId = resolveCameraId(unresolvedCameraId,
- CameraThreadState::getCallingUid());
+ getCallingUid());
if (!cameraInfo) {
ALOGE("%s: cameraInfo is NULL", __FUNCTION__);
@@ -1264,8 +1257,8 @@
return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION, "Unable to retrieve camera kind "
"for device %s", cameraId.c_str());
}
- int callingPid = CameraThreadState::getCallingPid();
- int callingUid = CameraThreadState::getCallingUid();
+ int callingPid = getCallingPid();
+ int callingUid = getCallingUid();
std::vector<int32_t> tagsRemoved;
// If it's not calling from cameraserver, check the permission only if
// android.permission.CAMERA is required. If android.permission.SYSTEM_CAMERA was needed,
@@ -1305,7 +1298,7 @@
Mutex::Autolock l(mServiceLock);
const std::string cameraId = resolveCameraId(
- unresolvedCameraId, CameraThreadState::getCallingUid());
+ unresolvedCameraId, getCallingUid());
if (!mInitialized) {
ALOGE("%s: Camera HAL couldn't be initialized.", __FUNCTION__);
return STATUS_ERROR(ERROR_DISCONNECTED, "Camera HAL couldn't be initialized.");
@@ -1551,7 +1544,7 @@
}
Status CameraService::initializeShimMetadata(int cameraId) {
- int uid = CameraThreadState::getCallingUid();
+ int uid = getCallingUid();
std::string cameraIdStr = std::to_string(cameraId);
Status ret = Status::ok();
@@ -1583,7 +1576,7 @@
std::string unresolvedCameraId = std::to_string(cameraId);
std::string cameraIdStr = resolveCameraId(unresolvedCameraId,
- CameraThreadState::getCallingUid());
+ getCallingUid());
// Check if we already have parameters
{
@@ -1602,9 +1595,9 @@
}
}
- int64_t token = CameraThreadState::clearCallingIdentity();
+ int64_t token = clearCallingIdentity();
ret = initializeShimMetadata(cameraId);
- CameraThreadState::restoreCallingIdentity(token);
+ restoreCallingIdentity(token);
if (!ret.isOk()) {
// Error already logged by callee
return ret;
@@ -1649,7 +1642,7 @@
}
#endif // __BRILLO__
- int callingPid = CameraThreadState::getCallingPid();
+ int callingPid = getCallingPid();
if (!mInitialized) {
ALOGE("CameraService::connect X (PID %d) rejected (camera HAL module not loaded)",
@@ -1683,8 +1676,8 @@
Status CameraService::validateClientPermissionsLocked(const std::string& cameraId,
const std::string& clientName, int& clientUid, int& clientPid,
/*out*/int& originalClientPid) const {
- int callingPid = CameraThreadState::getCallingPid();
- int callingUid = CameraThreadState::getCallingUid();
+ int callingPid = getCallingPid();
+ int callingUid = getCallingUid();
// Check if we can trust clientUid
if (clientUid == USE_CALLING_UID) {
@@ -1772,7 +1765,7 @@
// For non-system clients : Only allow clients who are being used by the current foreground
// device user, unless calling from our own process.
- if (!doesClientHaveSystemUid() && callingPid != getpid() &&
+ if (!callerHasSystemUid() && callingPid != getpid() &&
(mAllowedUsers.find(clientUserId) == mAllowedUsers.end())) {
ALOGE("CameraService::connect X (PID %d) rejected (cannot connect from "
"device user %d, currently allowed device users: %s)", callingPid, clientUserId,
@@ -1802,7 +1795,7 @@
status_t CameraService::checkIfDeviceIsUsable(const std::string& cameraId) const {
auto cameraState = getCameraState(cameraId);
- int callingPid = CameraThreadState::getCallingPid();
+ int callingPid = getCallingPid();
if (cameraState == nullptr) {
ALOGE("CameraService::connect X (PID %d) rejected (invalid camera ID %s)", callingPid,
cameraId.c_str());
@@ -1900,7 +1893,7 @@
sp<IServiceManager> sm = defaultServiceManager();
sp<IBinder> binder = sm->checkService(String16(kProcessInfoServiceName));
- if (!binder && isAutomotivePrivilegedClient(CameraThreadState::getCallingUid())) {
+ if (!binder && isAutomotivePrivilegedClient(getCallingUid())) {
// If processinfo service is not available and the client is automotive privileged
// client used for safety critical uses cases such as rear-view and surround-view which
// needs to be available before android boot completes, then use the hardcoded values
@@ -2033,7 +2026,7 @@
mServiceLock.unlock();
// Clear caller identity temporarily so client disconnect PID checks work correctly
- int64_t token = CameraThreadState::clearCallingIdentity();
+ int64_t token = clearCallingIdentity();
// Destroy evicted clients
for (auto& i : evictedClients) {
@@ -2041,7 +2034,7 @@
i->getValue()->disconnect(); // Clients will remove themselves from the active client list
}
- CameraThreadState::restoreCallingIdentity(token);
+ restoreCallingIdentity(token);
for (const auto& i : evictedClients) {
ALOGV("%s: Waiting for disconnect to complete for client for device %s (PID %" PRId32 ")",
@@ -2092,7 +2085,7 @@
std::string unresolvedCameraId = cameraIdIntToStr(api1CameraId);
std::string cameraIdStr = resolveCameraId(unresolvedCameraId,
- CameraThreadState::getCallingUid());
+ getCallingUid());
sp<Client> client = nullptr;
ret = connectHelper<ICameraClient,Client>(cameraClient, cameraIdStr, api1CameraId,
@@ -2101,7 +2094,7 @@
overrideToPortrait, forceSlowJpegMode, cameraIdStr, /*out*/client);
if(!ret.isOk()) {
- logRejected(cameraIdStr, CameraThreadState::getCallingPid(), clientPackageName,
+ logRejected(cameraIdStr, getCallingPid(), clientPackageName,
toStdString(ret.toString8()));
return ret;
}
@@ -2112,8 +2105,8 @@
const auto& mActivityManager = getActivityManager();
if (mActivityManager) {
mActivityManager->logFgsApiBegin(LOG_FGS_CAMERA_API,
- CameraThreadState::getCallingUid(),
- CameraThreadState::getCallingPid());
+ getCallingUid(),
+ getCallingPid());
}
return ret;
@@ -2143,9 +2136,9 @@
// and the serving thread is a non hwbinder thread, the client must have
// android.permission.SYSTEM_CAMERA permissions to connect.
- int cPid = CameraThreadState::getCallingPid();
- int cUid = CameraThreadState::getCallingUid();
- bool systemClient = doesClientHaveSystemUid();
+ int cPid = getCallingPid();
+ int cUid = getCallingUid();
+ bool systemClient = callerHasSystemUid();
SystemCameraKind systemCameraKind = SystemCameraKind::PUBLIC;
if (getSystemCameraKind(cameraId, &systemCameraKind) != OK) {
// This isn't a known camera ID, so it's not a system camera
@@ -2190,10 +2183,10 @@
Status ret = Status::ok();
sp<CameraDeviceClient> client = nullptr;
std::string clientPackageNameAdj = clientPackageName;
- int callingPid = CameraThreadState::getCallingPid();
- int callingUid = CameraThreadState::getCallingUid();
+ int callingPid = getCallingPid();
+ int callingUid = getCallingUid();
bool systemNativeClient = false;
- if (doesClientHaveSystemUid() && (clientPackageNameAdj.size() == 0)) {
+ if (callerHasSystemUid() && (clientPackageNameAdj.size() == 0)) {
std::string systemClient = fmt::sprintf("client.pid<%d>", callingPid);
clientPackageNameAdj = systemClient;
systemNativeClient = true;
@@ -2363,7 +2356,7 @@
bool isNonSystemNdk = false;
std::string clientPackageName;
int packageUid = (clientUid == USE_CALLING_UID) ?
- CameraThreadState::getCallingUid() : clientUid;
+ getCallingUid() : clientUid;
if (clientPackageNameMaybe.size() <= 0) {
// NDK calls don't come with package names, but we need one for various cases.
// Generally, there's a 1:1 mapping between UID and package name, but shared UIDs
@@ -2379,7 +2372,7 @@
int originalClientPid = 0;
int packagePid = (clientPid == USE_CALLING_PID) ?
- CameraThreadState::getCallingPid() : clientPid;
+ getCallingPid() : clientPid;
ALOGI("CameraService::connect call (PID %d \"%s\", camera ID %s) and "
"Camera API version %d", packagePid, clientPackageName.c_str(), cameraId.c_str(),
static_cast<int>(effectiveApiLevel));
@@ -2616,11 +2609,11 @@
mServiceLock.unlock();
// Clear caller identity temporarily so client disconnect PID
// checks work correctly
- int64_t token = CameraThreadState::clearCallingIdentity();
+ int64_t token = clearCallingIdentity();
// Note AppOp to trigger the "Unblock" dialog
client->noteAppOp();
client->disconnect();
- CameraThreadState::restoreCallingIdentity(token);
+ restoreCallingIdentity(token);
// Reacquire mServiceLock
mServiceLock.lock();
@@ -2772,7 +2765,7 @@
"Torch client binder in null.");
}
- int uid = CameraThreadState::getCallingUid();
+ int uid = getCallingUid();
const std::string cameraId = resolveCameraId(unresolvedCameraId, uid);
if (shouldRejectSystemCameraConnection(cameraId)) {
return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT, "Unable to change the strength level"
@@ -2880,7 +2873,7 @@
clientBinder->linkToDeath(this);
}
- int clientPid = CameraThreadState::getCallingPid();
+ int clientPid = getCallingPid();
ALOGI("%s: Torch strength for camera id %s changed to %d for client PID %d",
__FUNCTION__, cameraId.c_str(), torchStrength, clientPid);
if (!shouldSkipTorchStrengthUpdates) {
@@ -2900,7 +2893,7 @@
"Torch client Binder is null");
}
- int uid = CameraThreadState::getCallingUid();
+ int uid = getCallingUid();
const std::string cameraId = resolveCameraId(unresolvedCameraId, uid);
if (shouldRejectSystemCameraConnection(cameraId)) {
@@ -3008,7 +3001,7 @@
}
}
- int clientPid = CameraThreadState::getCallingPid();
+ int clientPid = getCallingPid();
std::string torchState = enabled ? "on" : "off";
ALOGI("Torch for camera id %s turned %s for client PID %d", cameraId.c_str(),
torchState.c_str(), clientPid);
@@ -3028,7 +3021,7 @@
Status CameraService::notifySystemEvent(int32_t eventId,
const std::vector<int32_t>& args) {
- const int pid = CameraThreadState::getCallingPid();
+ const int pid = getCallingPid();
const int selfPid = getpid();
// Permission checks
@@ -3036,7 +3029,7 @@
// Ensure we're being called by system_server, or similar process with
// permissions to notify the camera service about system events
if (!checkCallingPermission(toString16(sCameraSendSystemEventsPermission))) {
- const int uid = CameraThreadState::getCallingUid();
+ const int uid = getCallingUid();
ALOGE("Permission Denial: cannot send updates to camera service about system"
" events from pid=%d, uid=%d", pid, uid);
return STATUS_ERROR_FMT(ERROR_PERMISSION_DENIED,
@@ -3102,7 +3095,7 @@
}
Status CameraService::notifyDeviceStateChange(int64_t newState) {
- const int pid = CameraThreadState::getCallingPid();
+ const int pid = getCallingPid();
const int selfPid = getpid();
// Permission checks
@@ -3110,7 +3103,7 @@
// Ensure we're being called by system_server, or similar process with
// permissions to notify the camera service about system events
if (!checkCallingPermission(toString16(sCameraSendSystemEventsPermission))) {
- const int uid = CameraThreadState::getCallingUid();
+ const int uid = getCallingUid();
ALOGE("Permission Denial: cannot send updates to camera service about device"
" state changes from pid=%d, uid=%d", pid, uid);
return STATUS_ERROR_FMT(ERROR_PERMISSION_DENIED,
@@ -3133,7 +3126,7 @@
Status CameraService::notifyDisplayConfigurationChange() {
ATRACE_CALL();
- const int callingPid = CameraThreadState::getCallingPid();
+ const int callingPid = getCallingPid();
const int selfPid = getpid();
// Permission checks
@@ -3141,7 +3134,7 @@
// Ensure we're being called by system_server, or similar process with
// permissions to notify the camera service about system events
if (!checkCallingPermission(toString16(sCameraSendSystemEventsPermission))) {
- const int uid = CameraThreadState::getCallingUid();
+ const int uid = getCallingUid();
ALOGE("Permission Denial: cannot send updates to camera service about orientation"
" changes from pid=%d, uid=%d", callingPid, uid);
return STATUS_ERROR_FMT(ERROR_PERMISSION_DENIED,
@@ -3230,8 +3223,8 @@
}
// Check for camera permissions
- int callingPid = CameraThreadState::getCallingPid();
- int callingUid = CameraThreadState::getCallingUid();
+ int callingPid = getCallingPid();
+ int callingUid = getCallingUid();
bool hasCameraPermission = ((callingPid == getpid()) ||
hasPermissionsForCamera(callingPid, callingUid));
if (!hasCameraPermission) {
@@ -3278,8 +3271,8 @@
return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, "Null listener given to addListener");
}
- auto clientPid = CameraThreadState::getCallingPid();
- auto clientUid = CameraThreadState::getCallingUid();
+ auto clientPid = getCallingPid();
+ auto clientUid = getCallingUid();
bool openCloseCallbackAllowed = hasPermissionsForOpenCloseListener(clientPid, clientUid);
Mutex::Autolock lock(mServiceLock);
@@ -3421,7 +3414,7 @@
ATRACE_CALL();
const std::string cameraId = resolveCameraId(
- unresolvedCameraId, CameraThreadState::getCallingUid());
+ unresolvedCameraId, getCallingUid());
ALOGV("%s: for camera ID = %s", __FUNCTION__, cameraId.c_str());
@@ -3486,7 +3479,7 @@
ATRACE_CALL();
const std::string cameraId = resolveCameraId(unresolvedCameraId,
- CameraThreadState::getCallingUid());
+ getCallingUid());
ALOGV("%s: for camera ID = %s", __FUNCTION__, cameraId.c_str());
*isSupported = mCameraProviderManager->isHiddenPhysicalCamera(cameraId);
@@ -3503,8 +3496,8 @@
ATRACE_CALL();
if (!checkCallingPermission(toString16(sCameraInjectExternalCameraPermission))) {
- const int pid = CameraThreadState::getCallingPid();
- const int uid = CameraThreadState::getCallingUid();
+ const int pid = getCallingPid();
+ const int uid = getCallingUid();
ALOGE("Permission Denial: can't inject camera pid=%d, uid=%d", pid, uid);
return STATUS_ERROR(ERROR_PERMISSION_DENIED,
"Permission Denial: no permission to inject camera");
@@ -3706,13 +3699,13 @@
mServiceLock.unlock();
// Clear caller identity temporarily so client disconnect PID checks work correctly
- int64_t token = CameraThreadState::clearCallingIdentity();
+ int64_t token = clearCallingIdentity();
for (auto& i : evicted) {
i->disconnect();
}
- CameraThreadState::restoreCallingIdentity(token);
+ restoreCallingIdentity(token);
// Reacquire mServiceLock
mServiceLock.lock();
@@ -3939,7 +3932,7 @@
servicePid, overrideToPortrait),
mCameraId(api1CameraId)
{
- int callingPid = CameraThreadState::getCallingPid();
+ int callingPid = getCallingPid();
LOG1("Client::Client E (pid %d, id %d)", callingPid, mCameraId);
mRemoteCallback = cameraClient;
@@ -4038,8 +4031,8 @@
const auto& mActivityManager = getActivityManager();
if (mActivityManager) {
mActivityManager->logFgsApiEnd(LOG_FGS_CAMERA_API,
- CameraThreadState::getCallingUid(),
- CameraThreadState::getCallingPid());
+ getCallingUid(),
+ getCallingPid());
}
return res;
@@ -4049,7 +4042,7 @@
// No dumping of clients directly over Binder,
// must go through CameraService::dump
android_errorWriteWithInfoLog(SN_EVENT_LOG_ID, "26265403",
- CameraThreadState::getCallingUid(), NULL, 0);
+ getCallingUid(), NULL, 0);
return OK;
}
@@ -4382,7 +4375,7 @@
// Reset the client PID to allow server-initiated disconnect,
// and to prevent further calls by client.
- mClientPid = CameraThreadState::getCallingPid();
+ mClientPid = getCallingPid();
CaptureResultExtras resultExtras; // a dummy result (invalid)
notifyError(hardware::camera2::ICameraDeviceCallbacks::ERROR_CAMERA_DISABLED, resultExtras);
disconnect();
@@ -5214,8 +5207,8 @@
if (checkCallingPermission(toString16(sDumpPermission)) == false) {
dprintf(fd, "Permission Denial: can't dump CameraService from pid=%d, uid=%d\n",
- CameraThreadState::getCallingPid(),
- CameraThreadState::getCallingUid());
+ getCallingPid(),
+ getCallingUid());
return NO_ERROR;
}
bool locked = tryLock(mServiceLock);
@@ -5464,7 +5457,7 @@
* binder driver
*/
// PID here is approximate and can be wrong.
- logClientDied(CameraThreadState::getCallingPid(), "Binder died unexpectedly");
+ logClientDied(getCallingPid(), "Binder died unexpectedly");
// check torch client
handleTorchClientBinderDied(who);
@@ -6480,9 +6473,9 @@
mServiceLock.unlock();
// Clear caller identity temporarily so client disconnect PID checks work correctly
- int64_t token = CameraThreadState::clearCallingIdentity();
+ int64_t token = clearCallingIdentity();
clientSp->disconnect();
- CameraThreadState::restoreCallingIdentity(token);
+ restoreCallingIdentity(token);
// Reacquire mServiceLock
mServiceLock.lock();
diff --git a/services/camera/libcameraservice/api1/Camera2Client.cpp b/services/camera/libcameraservice/api1/Camera2Client.cpp
index 19e2999..c0d9fdf 100644
--- a/services/camera/libcameraservice/api1/Camera2Client.cpp
+++ b/services/camera/libcameraservice/api1/Camera2Client.cpp
@@ -38,7 +38,6 @@
#include "api1/client2/CallbackProcessor.h"
#include "api1/client2/ZslProcessor.h"
#include "device3/RotateAndCropMapper.h"
-#include "utils/CameraThreadState.h"
#include "utils/CameraServiceProxyWrapper.h"
#define ALOG1(...) ALOGD_IF(gLogLevel >= 1, __VA_ARGS__);
@@ -446,7 +445,7 @@
binder::Status res = binder::Status::ok();
// Allow both client and the cameraserver to disconnect at all times
- int callingPid = CameraThreadState::getCallingPid();
+ int callingPid = getCallingPid();
if (callingPid != mClientPid && callingPid != mServicePid) return res;
if (mDevice == 0) return res;
@@ -515,14 +514,14 @@
ALOGV("%s: E", __FUNCTION__);
Mutex::Autolock icl(mBinderSerializationLock);
- if (mClientPid != 0 && CameraThreadState::getCallingPid() != mClientPid) {
+ if (mClientPid != 0 && getCallingPid() != mClientPid) {
ALOGE("%s: Camera %d: Connection attempt from pid %d; "
"current locked to pid %d", __FUNCTION__,
- mCameraId, CameraThreadState::getCallingPid(), mClientPid);
+ mCameraId, getCallingPid(), mClientPid);
return BAD_VALUE;
}
- mClientPid = CameraThreadState::getCallingPid();
+ mClientPid = getCallingPid();
mRemoteCallback = client;
mSharedCameraCallbacks = client;
@@ -535,16 +534,16 @@
ALOGV("%s: E", __FUNCTION__);
Mutex::Autolock icl(mBinderSerializationLock);
ALOGV("%s: Camera %d: Lock call from pid %d; current client pid %d",
- __FUNCTION__, mCameraId, CameraThreadState::getCallingPid(), mClientPid);
+ __FUNCTION__, mCameraId, getCallingPid(), mClientPid);
if (mClientPid == 0) {
- mClientPid = CameraThreadState::getCallingPid();
+ mClientPid = getCallingPid();
return OK;
}
- if (mClientPid != CameraThreadState::getCallingPid()) {
+ if (mClientPid != getCallingPid()) {
ALOGE("%s: Camera %d: Lock call from pid %d; currently locked to pid %d",
- __FUNCTION__, mCameraId, CameraThreadState::getCallingPid(), mClientPid);
+ __FUNCTION__, mCameraId, getCallingPid(), mClientPid);
return EBUSY;
}
@@ -556,9 +555,9 @@
ALOGV("%s: E", __FUNCTION__);
Mutex::Autolock icl(mBinderSerializationLock);
ALOGV("%s: Camera %d: Unlock call from pid %d; current client pid %d",
- __FUNCTION__, mCameraId, CameraThreadState::getCallingPid(), mClientPid);
+ __FUNCTION__, mCameraId, getCallingPid(), mClientPid);
- if (mClientPid == CameraThreadState::getCallingPid()) {
+ if (mClientPid == getCallingPid()) {
SharedParameters::Lock l(mParameters);
if (l.mParameters.state == Parameters::RECORD ||
l.mParameters.state == Parameters::VIDEO_SNAPSHOT) {
@@ -572,7 +571,7 @@
}
ALOGE("%s: Camera %d: Unlock call from pid %d; currently locked to pid %d",
- __FUNCTION__, mCameraId, CameraThreadState::getCallingPid(), mClientPid);
+ __FUNCTION__, mCameraId, getCallingPid(), mClientPid);
return EBUSY;
}
@@ -1646,7 +1645,7 @@
ALOGV("%s: Camera %d", __FUNCTION__, mCameraId);
Mutex::Autolock icl(mBinderSerializationLock);
// The camera service can unconditionally get the parameters at all times
- if (CameraThreadState::getCallingPid() != mServicePid && checkPid(__FUNCTION__) != OK) return String8();
+ if (getCallingPid() != mServicePid && checkPid(__FUNCTION__) != OK) return String8();
SharedParameters::ReadLock l(mParameters);
diff --git a/services/camera/libcameraservice/api2/CameraDeviceClient.cpp b/services/camera/libcameraservice/api2/CameraDeviceClient.cpp
index 59828fb..9513eeb 100644
--- a/services/camera/libcameraservice/api2/CameraDeviceClient.cpp
+++ b/services/camera/libcameraservice/api2/CameraDeviceClient.cpp
@@ -20,7 +20,6 @@
#include <com_android_internal_camera_flags.h>
#include <cutils/properties.h>
-#include <utils/CameraThreadState.h>
#include <utils/Log.h>
#include <utils/SessionConfigurationUtils.h>
#include <utils/Trace.h>
@@ -2204,7 +2203,7 @@
// TODO: move to Camera2ClientBase
bool CameraDeviceClient::enforceRequestPermissions(CameraMetadata& metadata) {
- const int pid = CameraThreadState::getCallingPid();
+ const int pid = getCallingPid();
const int selfPid = getpid();
camera_metadata_entry_t entry;
@@ -2243,7 +2242,7 @@
String16 permissionString =
toString16("android.permission.CAMERA_DISABLE_TRANSMIT_LED");
if (!checkCallingPermission(permissionString)) {
- const int uid = CameraThreadState::getCallingUid();
+ const int uid = getCallingUid();
ALOGE("Permission Denial: "
"can't disable transmit LED pid=%d, uid=%d", pid, uid);
return false;
diff --git a/services/camera/libcameraservice/api2/CameraOfflineSessionClient.cpp b/services/camera/libcameraservice/api2/CameraOfflineSessionClient.cpp
index dc9e0c1..93564ac 100644
--- a/services/camera/libcameraservice/api2/CameraOfflineSessionClient.cpp
+++ b/services/camera/libcameraservice/api2/CameraOfflineSessionClient.cpp
@@ -19,7 +19,6 @@
//#define LOG_NDEBUG 0
#include "CameraOfflineSessionClient.h"
-#include "utils/CameraThreadState.h"
#include <utils/Trace.h>
#include <camera/StringUtils.h>
@@ -163,7 +162,7 @@
return res;
}
// Allow both client and the media server to disconnect at all times
- int callingPid = CameraThreadState::getCallingPid();
+ int callingPid = getCallingPid();
if (callingPid != mClientPid &&
callingPid != mServicePid) {
return res;
diff --git a/services/camera/libcameraservice/common/Camera2ClientBase.cpp b/services/camera/libcameraservice/common/Camera2ClientBase.cpp
index 3a78937..34964d4 100644
--- a/services/camera/libcameraservice/common/Camera2ClientBase.cpp
+++ b/services/camera/libcameraservice/common/Camera2ClientBase.cpp
@@ -37,7 +37,6 @@
#include "device3/Camera3Device.h"
#include "device3/aidl/AidlCamera3Device.h"
#include "device3/hidl/HidlCamera3Device.h"
-#include "utils/CameraThreadState.h"
namespace android {
@@ -83,7 +82,7 @@
status_t Camera2ClientBase<TClientBase>::checkPid(const char* checkLocation)
const {
- int callingPid = CameraThreadState::getCallingPid();
+ int callingPid = TClientBase::getCallingPid();
if (callingPid == TClientBase::mClientPid) return NO_ERROR;
ALOGE("%s: attempt to use a locked camera from a different process"
@@ -116,12 +115,14 @@
case IPCTransport::HIDL:
mDevice =
new HidlCamera3Device(mCameraServiceProxyWrapper,
+ TClientBase::mAttributionAndPermissionUtils,
TClientBase::mCameraIdStr, mOverrideForPerfClass,
TClientBase::mOverrideToPortrait, mLegacyClient);
break;
case IPCTransport::AIDL:
mDevice =
new AidlCamera3Device(mCameraServiceProxyWrapper,
+ TClientBase::mAttributionAndPermissionUtils,
TClientBase::mCameraIdStr, mOverrideForPerfClass,
TClientBase::mOverrideToPortrait, mLegacyClient);
break;
@@ -267,7 +268,7 @@
ALOGD("Camera %s: serializationLock acquired", TClientBase::mCameraIdStr.c_str());
binder::Status res = binder::Status::ok();
// Allow both client and the media server to disconnect at all times
- int callingPid = CameraThreadState::getCallingPid();
+ int callingPid = TClientBase::getCallingPid();
if (callingPid != TClientBase::mClientPid &&
callingPid != TClientBase::mServicePid) return res;
@@ -306,18 +307,18 @@
Mutex::Autolock icl(mBinderSerializationLock);
if (TClientBase::mClientPid != 0 &&
- CameraThreadState::getCallingPid() != TClientBase::mClientPid) {
+ TClientBase::getCallingPid() != TClientBase::mClientPid) {
ALOGE("%s: Camera %s: Connection attempt from pid %d; "
"current locked to pid %d",
__FUNCTION__,
TClientBase::mCameraIdStr.c_str(),
- CameraThreadState::getCallingPid(),
+ TClientBase::getCallingPid(),
TClientBase::mClientPid);
return BAD_VALUE;
}
- TClientBase::mClientPid = CameraThreadState::getCallingPid();
+ TClientBase::mClientPid = TClientBase::getCallingPid();
TClientBase::mRemoteCallback = client;
mSharedCameraCallbacks = client;
diff --git a/services/camera/libcameraservice/device3/Camera3Device.cpp b/services/camera/libcameraservice/device3/Camera3Device.cpp
index 392959e..ecebad4 100644
--- a/services/camera/libcameraservice/device3/Camera3Device.cpp
+++ b/services/camera/libcameraservice/device3/Camera3Device.cpp
@@ -65,7 +65,6 @@
#include "device3/Camera3InputStream.h"
#include "device3/Camera3OutputStream.h"
#include "device3/Camera3SharedOutputStream.h"
-#include "utils/CameraThreadState.h"
#include "utils/CameraTraces.h"
#include "utils/SchedulingPolicyUtils.h"
#include "utils/SessionConfigurationUtils.h"
@@ -85,8 +84,10 @@
namespace android {
Camera3Device::Camera3Device(std::shared_ptr<CameraServiceProxyWrapper>& cameraServiceProxyWrapper,
+ std::shared_ptr<AttributionAndPermissionUtils> attributionAndPermissionUtils,
const std::string &id, bool overrideForPerfClass, bool overrideToPortrait,
bool legacyClient):
+ AttributionAndPermissionUtilsEncapsulator(attributionAndPermissionUtils),
mCameraServiceProxyWrapper(cameraServiceProxyWrapper),
mId(id),
mLegacyClient(legacyClient),
@@ -1433,7 +1434,7 @@
if (templateId <= 0 || templateId >= CAMERA_TEMPLATE_COUNT) {
android_errorWriteWithInfoLog(CameraService::SN_EVENT_LOG_ID, "26866110",
- CameraThreadState::getCallingUid(), nullptr, 0);
+ getCallingUid(), nullptr, 0);
return BAD_VALUE;
}
diff --git a/services/camera/libcameraservice/device3/Camera3Device.h b/services/camera/libcameraservice/device3/Camera3Device.h
index 775eefd..5b37f6c 100644
--- a/services/camera/libcameraservice/device3/Camera3Device.h
+++ b/services/camera/libcameraservice/device3/Camera3Device.h
@@ -47,6 +47,7 @@
#include "device3/Camera3OutputInterface.h"
#include "device3/Camera3OfflineSession.h"
#include "device3/Camera3StreamInterface.h"
+#include "utils/AttributionAndPermissionUtils.h"
#include "utils/TagMonitor.h"
#include "utils/IPCTransport.h"
#include "utils/LatencyHistogram.h"
@@ -79,12 +80,14 @@
public camera3::SetErrorInterface,
public camera3::InflightRequestUpdateInterface,
public camera3::RequestBufferInterface,
- public camera3::FlushBufferInterface {
+ public camera3::FlushBufferInterface,
+ public AttributionAndPermissionUtilsEncapsulator {
friend class HidlCamera3Device;
friend class AidlCamera3Device;
public:
explicit Camera3Device(std::shared_ptr<CameraServiceProxyWrapper>& cameraServiceProxyWrapper,
+ std::shared_ptr<AttributionAndPermissionUtils> attributionAndPermissionUtils,
const std::string& id, bool overrideForPerfClass, bool overrideToPortrait,
bool legacyClient = false);
diff --git a/services/camera/libcameraservice/device3/aidl/AidlCamera3Device.cpp b/services/camera/libcameraservice/device3/aidl/AidlCamera3Device.cpp
index e8ef692..7f30f5e 100644
--- a/services/camera/libcameraservice/device3/aidl/AidlCamera3Device.cpp
+++ b/services/camera/libcameraservice/device3/aidl/AidlCamera3Device.cpp
@@ -68,7 +68,6 @@
#include "device3/aidl/AidlCamera3OutputUtils.h"
#include "device3/aidl/AidlCamera3OfflineSession.h"
#include "CameraService.h"
-#include "utils/CameraThreadState.h"
#include "utils/SessionConfigurationUtils.h"
#include "utils/TraceHFR.h"
#include "utils/CameraServiceProxyWrapper.h"
@@ -173,10 +172,11 @@
AidlCamera3Device::AidlCamera3Device(
std::shared_ptr<CameraServiceProxyWrapper>& cameraServiceProxyWrapper,
+ std::shared_ptr<AttributionAndPermissionUtils> attributionAndPermissionUtils,
const std::string& id, bool overrideForPerfClass, bool overrideToPortrait,
bool legacyClient) :
- Camera3Device(cameraServiceProxyWrapper, id, overrideForPerfClass, overrideToPortrait,
- legacyClient) {
+ Camera3Device(cameraServiceProxyWrapper, attributionAndPermissionUtils, id,
+ overrideForPerfClass, overrideToPortrait, legacyClient) {
mCallbacks = ndk::SharedRefBase::make<AidlCameraDeviceCallbacks>(this);
}
diff --git a/services/camera/libcameraservice/device3/aidl/AidlCamera3Device.h b/services/camera/libcameraservice/device3/aidl/AidlCamera3Device.h
index f0a5f7e..ac29bbc 100644
--- a/services/camera/libcameraservice/device3/aidl/AidlCamera3Device.h
+++ b/services/camera/libcameraservice/device3/aidl/AidlCamera3Device.h
@@ -41,6 +41,7 @@
friend class AidlCameraDeviceCallbacks;
explicit AidlCamera3Device(
std::shared_ptr<CameraServiceProxyWrapper>& cameraServiceProxyWrapper,
+ std::shared_ptr<AttributionAndPermissionUtils> attributionAndPermissionUtils,
const std::string& id, bool overrideForPerfClass, bool overrideToPortrait,
bool legacyClient = false);
diff --git a/services/camera/libcameraservice/device3/hidl/HidlCamera3Device.h b/services/camera/libcameraservice/device3/hidl/HidlCamera3Device.h
index 350b072..f11db5d 100644
--- a/services/camera/libcameraservice/device3/hidl/HidlCamera3Device.h
+++ b/services/camera/libcameraservice/device3/hidl/HidlCamera3Device.h
@@ -33,10 +33,11 @@
explicit HidlCamera3Device(
std::shared_ptr<CameraServiceProxyWrapper>& cameraServiceProxyWrapper,
+ std::shared_ptr<AttributionAndPermissionUtils> attributionAndPermissionUtils,
const std::string& id, bool overrideForPerfClass, bool overrideToPortrait,
bool legacyClient = false) :
- Camera3Device(cameraServiceProxyWrapper, id, overrideForPerfClass, overrideToPortrait,
- legacyClient) { }
+ Camera3Device(cameraServiceProxyWrapper, attributionAndPermissionUtils, id,
+ overrideForPerfClass, overrideToPortrait, legacyClient) { }
virtual ~HidlCamera3Device() {}
diff --git a/services/camera/libcameraservice/utils/AttributionAndPermissionUtils.cpp b/services/camera/libcameraservice/utils/AttributionAndPermissionUtils.cpp
index e8301c1..93b440b 100644
--- a/services/camera/libcameraservice/utils/AttributionAndPermissionUtils.cpp
+++ b/services/camera/libcameraservice/utils/AttributionAndPermissionUtils.cpp
@@ -23,7 +23,10 @@
#include <private/android_filesystem_config.h>
#include "CameraService.h"
-#include "CameraThreadState.h"
+
+#include <binder/IPCThreadState.h>
+#include <hwbinder/IPCThreadState.h>
+#include <binderthreadstate/CallerUtils.h>
namespace android {
@@ -47,6 +50,36 @@
const std::string AttributionAndPermissionUtils::sCameraInjectExternalCameraPermission(
"android.permission.CAMERA_INJECT_EXTERNAL_CAMERA");
+int AttributionAndPermissionUtils::getCallingUid() {
+ if (getCurrentServingCall() == BinderCallType::HWBINDER) {
+ return hardware::IPCThreadState::self()->getCallingUid();
+ }
+ return IPCThreadState::self()->getCallingUid();
+}
+
+int AttributionAndPermissionUtils::getCallingPid() {
+ if (getCurrentServingCall() == BinderCallType::HWBINDER) {
+ return hardware::IPCThreadState::self()->getCallingPid();
+ }
+ return IPCThreadState::self()->getCallingPid();
+}
+
+int64_t AttributionAndPermissionUtils::clearCallingIdentity() {
+ if (getCurrentServingCall() == BinderCallType::HWBINDER) {
+ return hardware::IPCThreadState::self()->clearCallingIdentity();
+ }
+ return IPCThreadState::self()->clearCallingIdentity();
+}
+
+void AttributionAndPermissionUtils::restoreCallingIdentity(int64_t token) {
+ if (getCurrentServingCall() == BinderCallType::HWBINDER) {
+ hardware::IPCThreadState::self()->restoreCallingIdentity(token);
+ } else {
+ IPCThreadState::self()->restoreCallingIdentity(token);
+ }
+ return;
+}
+
bool AttributionAndPermissionUtils::checkAutomotivePrivilegedClient(const std::string &cameraId,
const AttributionSourceState &attributionSource) {
if (isAutomotivePrivilegedClient(attributionSource.uid)) {
@@ -150,7 +183,7 @@
}
bool AttributionAndPermissionUtils::isCallerCameraServerNotDelegating() {
- return CameraThreadState::getCallingPid() == getpid();
+ return (getCallingPid() == getpid());
}
bool AttributionAndPermissionUtils::hasPermissionsForCamera(const std::string& cameraId,
diff --git a/services/camera/libcameraservice/utils/AttributionAndPermissionUtils.h b/services/camera/libcameraservice/utils/AttributionAndPermissionUtils.h
index 830a8e8..db6457f 100644
--- a/services/camera/libcameraservice/utils/AttributionAndPermissionUtils.h
+++ b/services/camera/libcameraservice/utils/AttributionAndPermissionUtils.h
@@ -19,6 +19,7 @@
#include <android/content/AttributionSourceState.h>
#include <android/permission/PermissionChecker.h>
#include <binder/BinderService.h>
+#include <private/android_filesystem_config.h>
namespace android {
@@ -40,6 +41,12 @@
mCameraService = cameraService;
}
+ // Utilities handling Binder calling identities (previously in CameraThreadState)
+ virtual int getCallingUid();
+ virtual int getCallingPid();
+ virtual int64_t clearCallingIdentity();
+ virtual void restoreCallingIdentity(int64_t token);
+
/**
* Pre-grants the permission if the attribution source uid is for an automotive
* privileged client. Otherwise uses system service permission checker to check
@@ -129,6 +136,28 @@
return attributionSource;
}
+ int getCallingUid() const {
+ return mAttributionAndPermissionUtils->getCallingUid();
+ }
+
+ int getCallingPid() const {
+ return mAttributionAndPermissionUtils->getCallingPid();
+ }
+
+ int64_t clearCallingIdentity() const {
+ return mAttributionAndPermissionUtils->clearCallingIdentity();
+ }
+
+ void restoreCallingIdentity(int64_t token) const {
+ mAttributionAndPermissionUtils->restoreCallingIdentity(token);
+ }
+
+ // The word 'System' here does not refer to callers only on the system
+ // partition. They just need to have an android system uid.
+ bool callerHasSystemUid() const {
+ return (getCallingUid() < AID_APP_START);
+ }
+
bool hasPermissionsForCamera(int callingPid, int callingUid) const {
return hasPermissionsForCamera(std::string(), callingPid, callingUid);
}
diff --git a/services/camera/libcameraservice/utils/CameraThreadState.cpp b/services/camera/libcameraservice/utils/CameraThreadState.cpp
deleted file mode 100644
index 2352b80..0000000
--- a/services/camera/libcameraservice/utils/CameraThreadState.cpp
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * Copyright (C) 2018 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "CameraThreadState.h"
-#include <binder/IPCThreadState.h>
-#include <hwbinder/IPCThreadState.h>
-#include <binderthreadstate/CallerUtils.h>
-#include <unistd.h>
-
-namespace android {
-
-int CameraThreadState::getCallingUid() {
- if (getCurrentServingCall() == BinderCallType::HWBINDER) {
- return hardware::IPCThreadState::self()->getCallingUid();
- }
- return IPCThreadState::self()->getCallingUid();
-}
-
-int CameraThreadState::getCallingPid() {
- if (getCurrentServingCall() == BinderCallType::HWBINDER) {
- return hardware::IPCThreadState::self()->getCallingPid();
- }
- return IPCThreadState::self()->getCallingPid();
-}
-
-int64_t CameraThreadState::clearCallingIdentity() {
- if (getCurrentServingCall() == BinderCallType::HWBINDER) {
- return hardware::IPCThreadState::self()->clearCallingIdentity();
- }
- return IPCThreadState::self()->clearCallingIdentity();
-}
-
-void CameraThreadState::restoreCallingIdentity(int64_t token) {
- if (getCurrentServingCall() == BinderCallType::HWBINDER) {
- hardware::IPCThreadState::self()->restoreCallingIdentity(token);
- } else {
- IPCThreadState::self()->restoreCallingIdentity(token);
- }
- return;
-}
-
-} // android
diff --git a/services/camera/libcameraservice/utils/CameraThreadState.h b/services/camera/libcameraservice/utils/CameraThreadState.h
deleted file mode 100644
index e1a70de..0000000
--- a/services/camera/libcameraservice/utils/CameraThreadState.h
+++ /dev/null
@@ -1,31 +0,0 @@
-/*
- * Copyright (C) 2018 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <stdint.h>
-
-namespace android {
-class CameraThreadState {
-public:
- static int64_t clearCallingIdentity();
-
- static void restoreCallingIdentity(int64_t token);
-
- static int getCallingUid();
-
- static int getCallingPid();
-};
-
-} // android
diff --git a/services/camera/libcameraservice/utils/SchedulingPolicyUtils.cpp b/services/camera/libcameraservice/utils/SchedulingPolicyUtils.cpp
index 92a1030..f3afc69 100644
--- a/services/camera/libcameraservice/utils/SchedulingPolicyUtils.cpp
+++ b/services/camera/libcameraservice/utils/SchedulingPolicyUtils.cpp
@@ -20,7 +20,6 @@
#include <pthread.h>
#include <sched.h>
-#include "CameraThreadState.h"
#include <private/android_filesystem_config.h>
#include <processgroup/processgroup.h>
#include <processgroup/sched_policy.h>