Use the flag for the HSUM camera access feature.
Use the flagging for this feature so that it can
be easily turned on/off.
Bug: 273539631
Test: Run CTS tests CtsCameraHeadlessSystemUserTestCases.
Change-Id: I0df44deefd4c967a05aefe926099a4a1baa6e54e
diff --git a/services/camera/libcameraservice/CameraService.cpp b/services/camera/libcameraservice/CameraService.cpp
index 61b667b..8add05e 100644
--- a/services/camera/libcameraservice/CameraService.cpp
+++ b/services/camera/libcameraservice/CameraService.cpp
@@ -47,6 +47,7 @@
#include <binder/PermissionController.h>
#include <binder/IResultReceiver.h>
#include <binderthreadstate/CallerUtils.h>
+#include <com_android_internal_camera_flags.h>
#include <cutils/atomic.h>
#include <cutils/properties.h>
#include <cutils/misc.h>
@@ -105,6 +106,7 @@
using hardware::camera2::ICameraInjectionSession;
using hardware::camera2::utils::CameraIdAndSessionConfiguration;
using hardware::camera2::utils::ConcurrentCameraIdCombination;
+namespace flags = com::android::internal::camera::flags;
// ----------------------------------------------------------------------------
// Logging support -- this is for debugging only
@@ -1648,7 +1650,6 @@
callingUid, procState);
}
-
// Automotive privileged client AID_AUTOMOTIVE_EVS using exterior system camera for use cases
// such as rear view and surround view cannot be disabled and are exempt from sensor privacy
// policy. In all other cases,if sensor privacy is enabled then prevent access to the camera.
@@ -1680,16 +1681,18 @@
clientUserId, cameraId.c_str());
}
- // If the System User tries to access the camera when the device is running in
- // headless system user mode, ensure that client has the required permission
- // CAMERA_HEADLESS_SYSTEM_USER.
- if (isHeadlessSystemUserMode() && (clientUserId == USER_SYSTEM) &&
- !hasPermissionsForCameraHeadlessSystemUser(cameraId, callingPid, callingUid)) {
- ALOGE("Permission Denial: can't use the camera pid=%d, uid=%d", clientPid, clientUid);
- return STATUS_ERROR_FMT(ERROR_PERMISSION_DENIED,
- "Caller \"%s\" (PID %d, UID %d) cannot open camera \"%s\" as Headless System User\
- without camera headless system user permission",
- clientName.c_str(), clientUid, clientPid, cameraId.c_str());
+ if (flags::camera_hsum_permission()) {
+ // If the System User tries to access the camera when the device is running in
+ // headless system user mode, ensure that client has the required permission
+ // CAMERA_HEADLESS_SYSTEM_USER.
+ if (isHeadlessSystemUserMode() && (clientUserId == USER_SYSTEM) &&
+ !hasPermissionsForCameraHeadlessSystemUser(cameraId, callingPid, callingUid)) {
+ ALOGE("Permission Denial: can't use the camera pid=%d, uid=%d", clientPid, clientUid);
+ return STATUS_ERROR_FMT(ERROR_PERMISSION_DENIED,
+ "Caller \"%s\" (PID %d, UID %d) cannot open camera \"%s\" as Headless System \
+ User without camera headless system user permission",
+ clientName.c_str(), clientUid, clientPid, cameraId.c_str());
+ }
}
return Status::ok();