Camera: Limit valid caller PIDs for camera clients.
Narrow down on PID checks to avoid cases where service can access the
camera even though it shouldn't be able to, per API semantics.
Bug: 6970469
Change-Id: Ic468a31949c28ef978b6ed48a70e4601c7ced684
diff --git a/services/camera/libcameraservice/CameraClient.cpp b/services/camera/libcameraservice/CameraClient.cpp
index 7e199fa..b930c02 100644
--- a/services/camera/libcameraservice/CameraClient.cpp
+++ b/services/camera/libcameraservice/CameraClient.cpp
@@ -102,8 +102,6 @@
int callingPid = getCallingPid();
LOG1("CameraClient::~CameraClient E (pid %d, this %p)", callingPid, this);
- // set mClientPid to let disconnet() tear down the hardware
- mClientPid = callingPid;
disconnect();
LOG1("CameraClient::~CameraClient X (pid %d, this %p)", callingPid, this);
}
@@ -125,7 +123,7 @@
status_t CameraClient::checkPid() const {
int callingPid = getCallingPid();
- if (callingPid == mClientPid || callingPid == mServicePid) return NO_ERROR;
+ if (callingPid == mClientPid) return NO_ERROR;
ALOGW("attempt to use a locked camera from a different process"
" (old pid %d, new pid %d)", mClientPid, callingPid);
@@ -219,7 +217,8 @@
LOG1("disconnect E (pid %d)", callingPid);
Mutex::Autolock lock(mLock);
- if (checkPid() != NO_ERROR) {
+ // Allow both client and the media server to disconnect at all times
+ if (callingPid != mClientPid && callingPid != mServicePid) {
ALOGW("different client - don't disconnect");
return;
}