Gitiles
Code Review Sign In
gerrit.omnirom.org / android_frameworks_av / b01a870ec7e32157b9827291fbc0b9828978228d^! / . / services / camera / libcameraservice / utils / AttributionAndPermissionUtils.h
commitb01a870ec7e32157b9827291fbc0b9828978228d[log] [tgz]
authorAustin Borger <borgera@google.com>Mon Jul 22 16:20:34 2024 -0700
committerAustin Borger <borgera@google.com>Wed Sep 04 19:17:23 2024 -0700
tree51dc97adf1e027c96a1b861aad046e96b540d3be
parent06cc325f733facd4a0803fd2e44462a81d1cb477 [diff] [blame]
Resolve uid / pid early during connection

This CL further clusters identity resolution in a single place in each
of connect / connectDevice / initializeShimMetadata. This will mean that
checking the validity of the provided AttributionSource can occur in
the same place as legacy caller identity resolution, and one flag check
will be needed in each caller to connectHelper.

Flag: EXEMPT Strict mechanical refactor
Bug: 190657833
Test: atest CtsCameraTestCases, Camera1 + Camera2 apps
Change-Id: I2ba8e78e7419e956151ed54d6a2a88f7946774ce

diff --git a/services/camera/libcameraservice/utils/AttributionAndPermissionUtils.h b/services/camera/libcameraservice/utils/AttributionAndPermissionUtils.h
index 4daab0f..a23fba7 100644
--- a/services/camera/libcameraservice/utils/AttributionAndPermissionUtils.h
+++ b/services/camera/libcameraservice/utils/AttributionAndPermissionUtils.h

@@ -61,6 +61,9 @@
     virtual int64_t clearCallingIdentity();
     virtual void restoreCallingIdentity(int64_t token);
 
+    virtual bool resolveClientUid(/*inout*/ int& clientUid);
+    virtual bool resolveClientPid(/*inout*/ int& clientPid);
+
     /**
      * Pre-grants the permission if the attribution source uid is for an automotive
      * privileged client. Otherwise uses system service permission checker to check
@@ -170,6 +173,14 @@
         mAttributionAndPermissionUtils->restoreCallingIdentity(token);
     }
 
+    bool resolveClientUid(/*inout*/ int& clientUid) const {
+        return mAttributionAndPermissionUtils->resolveClientUid(clientUid);
+    }
+
+    bool resolveClientPid(/*inout*/ int& clientPid) const {
+        return mAttributionAndPermissionUtils->resolveClientPid(clientPid);
+    }
+
     // The word 'System' here does not refer to callers only on the system
     // partition. They just need to have an android system uid.
     bool callerHasSystemUid() const {