Gitiles
Code Review Sign In
gerrit.omnirom.org / android_frameworks_av / eb0169f4d17b63c8d564fefd8ec68c9bf6b5c49d^! / . / services / camera / libcameraservice / common / Camera2ClientBase.cpp
commiteb0169f4d17b63c8d564fefd8ec68c9bf6b5c49d[log] [tgz]
authorJayant Chowdhary <jchowdhary@google.com>Mon Jan 31 00:00:02 2022 -0800
committerJayant Chowdhary <jchowdhary@google.com>Wed Feb 09 00:51:33 2022 -0800
tree6bb067ec7bfef49807bfba24ba9918ba34ef5d85
parent35642f2f63fc50fac1105159d7effa337203a2cd [diff] [blame]
cameraserver: Modified rules for different kinds of system cameras.

Since we now have AIDL HALs as well, just depending on whether a binder
call is being made from a hwbinder thread is not enough to determine
whether a system camera / hidden secure camera should be accessible to the
client. The same goes for modifying oom scores / process state for
vendor clients. Instead we now allow privileged clients (uid <
AID_APP_START) to access system and hidden secure cameras. This will
include vendor clients as well. Oom score and process state re-mapping is now done for native
privileged clients.

Bug: 196432585

Test: Make Camera2 app privileged; make all cameras on device system only cameras
      See that other 3P apps / GCA can't access cameras; Camera2 can.

Test: CTS with cuttlefish depth camera made system camera

Test: Manually check that privileged native camera clients have their
      oom score and process state modified to let 3P apps evict them.

Test: atest Camera2PermissionTest.java

Change-Id: I1e81a554491f3d84f28d82a22bd0683a3407d46f
Signed-off-by: Jayant Chowdhary <jchowdhary@google.com>

diff --git a/services/camera/libcameraservice/common/Camera2ClientBase.cpp b/services/camera/libcameraservice/common/Camera2ClientBase.cpp
index 727c265..a29f3a6 100644
--- a/services/camera/libcameraservice/common/Camera2ClientBase.cpp
+++ b/services/camera/libcameraservice/common/Camera2ClientBase.cpp

@@ -49,6 +49,7 @@
         const sp<CameraService>& cameraService,
         const sp<TCamCallbacks>& remoteCallback,
         const String16& clientPackageName,
+        bool systemNativeClient,
         const std::optional<String16>& clientFeatureId,
         const String8& cameraId,
         int api1CameraId,
@@ -59,9 +60,9 @@
         int servicePid,
         bool overrideForPerfClass,
         bool legacyClient):
-        TClientBase(cameraService, remoteCallback, clientPackageName, clientFeatureId,
-                cameraId, api1CameraId, cameraFacing, sensorOrientation, clientPid, clientUid,
-                servicePid),
+        TClientBase(cameraService, remoteCallback, clientPackageName, systemNativeClient,
+                clientFeatureId, cameraId, api1CameraId, cameraFacing, sensorOrientation, clientPid,
+                clientUid, servicePid),
         mSharedCameraCallbacks(remoteCallback),
         mDeviceVersion(cameraService->getDeviceVersion(TClientBase::mCameraIdStr)),
         mDeviceActive(false), mApi1CameraId(api1CameraId)