Gitiles
Code Review Sign In
gerrit.omnirom.org / android_frameworks_av / 2e772b80616a879e12f61ecd36e7afe9249a10cd^! / . / services / camera / libcameraservice / api2 / CameraOfflineSessionClient.cpp
commit2e772b80616a879e12f61ecd36e7afe9249a10cd[log] [tgz]
authorAustin Borger <borgera@google.com>Fri Oct 11 16:09:57 2024 -0700
committerAustin Borger <borgera@google.com>Thu Oct 24 14:43:17 2024 -0700
tree031ed3bd7a684da9f8f78281c0d74601ab4e9efa
parentbd2a4fa53f024ebe29ae1bc5ba280fc76692e241 [diff] [blame]
Propagate clientAttribution to CameraService::BasicClient

Permission checks for camera streaming will be moved to BasicClient in
the near future. Store the client's AttributionSourceState in BasicClient.

Since the calling pid is used to identify the client after preflight permission checks,
continue storing mClientPid separately from the AttributionSourceState pid.

Bug: 369841571
Bug: 190657833
Test: CtsSecurityTestCases:CameraPermissionTest
Flag: EXEMPT mechanical refactor
Change-Id: I1aa27ae66ba897752fdbac43b2a6f9c94301ae71

diff --git a/services/camera/libcameraservice/api2/CameraOfflineSessionClient.cpp b/services/camera/libcameraservice/api2/CameraOfflineSessionClient.cpp
index 9a1fdd6..277a8cf 100644
--- a/services/camera/libcameraservice/api2/CameraOfflineSessionClient.cpp
+++ b/services/camera/libcameraservice/api2/CameraOfflineSessionClient.cpp

@@ -163,7 +163,7 @@
     }
     // Allow both client and the media server to disconnect at all times
     int callingPid = getCallingPid();
-    if (callingPid != mClientPid &&
+    if (callingPid != mCallingPid &&
             callingPid != mServicePid) {
         return res;
     }
@@ -171,7 +171,7 @@
     mDisconnected = true;
 
     sCameraService->removeByClient(this);
-    sCameraService->logDisconnectedOffline(mCameraIdStr, mClientPid, mClientPackageName);
+    sCameraService->logDisconnectedOffline(mCameraIdStr, mCallingPid, getPackageName());
 
     sp<IBinder> remote = getRemote();
     if (remote != nullptr) {
@@ -186,10 +186,10 @@
 
     finishCameraOps();
     ALOGI("%s: Disconnected client for offline camera %s for PID %d", __FUNCTION__,
-            mCameraIdStr.c_str(), mClientPid);
+            mCameraIdStr.c_str(), mCallingPid);
 
     // client shouldn't be able to call into us anymore
-    mClientPid = 0;
+    mCallingPid = 0;
 
     if (mOfflineSession.get() != nullptr) {
         auto ret = mOfflineSession->disconnect();
@@ -230,8 +230,8 @@
 status_t CameraOfflineSessionClient::startCameraOps() {
     ATRACE_CALL();
     {
-        ALOGV("%s: Start camera ops, package name = %s, client UID = %d",
-              __FUNCTION__, mClientPackageName.c_str(), mClientUid);
+        ALOGV("%s: Start camera ops, package name = %s, client UID = %d", __FUNCTION__,
+              getPackageName().c_str(), getClientUid());
     }
 
     if (mAppOpsManager != nullptr) {
@@ -239,23 +239,24 @@
         mOpsCallback = new OpsCallback(this);
         int32_t res;
         // TODO : possibly change this to OP_OFFLINE_CAMERA_SESSION
-        mAppOpsManager->startWatchingMode(AppOpsManager::OP_CAMERA,
-                toString16(mClientPackageName), mOpsCallback);
+        mAppOpsManager->startWatchingMode(AppOpsManager::OP_CAMERA, toString16(getPackageName()),
+                                          mOpsCallback);
         // TODO : possibly change this to OP_OFFLINE_CAMERA_SESSION
-        res = mAppOpsManager->startOpNoThrow(AppOpsManager::OP_CAMERA,
-                mClientUid, toString16(mClientPackageName), /*startIfModeDefault*/ false);
+        res = mAppOpsManager->startOpNoThrow(AppOpsManager::OP_CAMERA, getClientUid(),
+                                             toString16(getPackageName()),
+                                             /*startIfModeDefault*/ false);
 
         if (res == AppOpsManager::MODE_ERRORED) {
-            ALOGI("Offline Camera %s: Access for \"%s\" has been revoked",
-                    mCameraIdStr.c_str(), mClientPackageName.c_str());
+            ALOGI("Offline Camera %s: Access for \"%s\" has been revoked", mCameraIdStr.c_str(),
+                  getPackageName().c_str());
             return PERMISSION_DENIED;
         }
 
         // If the calling Uid is trusted (a native service), the AppOpsManager could
         // return MODE_IGNORED. Do not treat such case as error.
         if (!mUidIsTrusted && res == AppOpsManager::MODE_IGNORED) {
-            ALOGI("Offline Camera %s: Access for \"%s\" has been restricted",
-                    mCameraIdStr.c_str(), mClientPackageName.c_str());
+            ALOGI("Offline Camera %s: Access for \"%s\" has been restricted", mCameraIdStr.c_str(),
+                  getPackageName().c_str());
             // Return the same error as for device policy manager rejection
             return -EACCES;
         }
@@ -264,7 +265,7 @@
     mOpsActive = true;
 
     // Transition device state to OPEN
-    sCameraService->mUidPolicy->registerMonitorUid(mClientUid, /*openCamera*/true);
+    sCameraService->mUidPolicy->registerMonitorUid(getClientUid(), /*openCamera*/ true);
 
     return OK;
 }
@@ -276,9 +277,9 @@
     if (mOpsActive) {
         // Notify app ops that the camera is available again
         if (mAppOpsManager != nullptr) {
-        // TODO : possibly change this to OP_OFFLINE_CAMERA_SESSION
-            mAppOpsManager->finishOp(AppOpsManager::OP_CAMERA, mClientUid,
-                    toString16(mClientPackageName));
+            // TODO : possibly change this to OP_OFFLINE_CAMERA_SESSION
+            mAppOpsManager->finishOp(AppOpsManager::OP_CAMERA, getClientUid(),
+                                     toString16(getPackageName()));
             mOpsActive = false;
         }
     }
@@ -288,7 +289,7 @@
     }
     mOpsCallback.clear();
 
-    sCameraService->mUidPolicy->unregisterMonitorUid(mClientUid, /*closeCamera*/true);
+    sCameraService->mUidPolicy->unregisterMonitorUid(getClientUid(), /*closeCamera*/ true);
 
     return OK;
 }